#include <string.h>
#include <ctype.h>
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h> /* needed to define AF_ values on UNIX */
-#endif
-
-#ifdef HAVE_WINSOCK2_H
-#include <winsock2.h> /* needed to define AF_ values on Windows */
-#endif
-
-#ifdef NEED_INET_V6DEFS_H
-# include "inet_v6defs.h"
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
#endif
#include <glib.h>
#include <epan/packet.h>
-#include "capture.h"
#include "capture_opts.h"
#include "ringbuffer.h"
#include "clopts_common.h"
+#include "console_io.h"
#include "cmdarg_err.h"
+#include "capture_ifinfo.h"
#include "capture-pcap-util.h"
-#include <wiretap/file_util.h>
-
+#include <wsutil/file_util.h>
static gboolean capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe);
void
-capture_opts_init(capture_options *capture_opts, void *cfile)
+capture_opts_init(capture_options *capture_opts, void *cf)
{
- capture_opts->cf = cfile;
+ capture_opts->cf = cf;
capture_opts->cfilter = g_strdup(""); /* No capture filter string specified */
capture_opts->iface = NULL; /* Default is "pick the first interface" */
-#ifdef _WIN32
+ capture_opts->iface_descr = NULL;
+#ifdef HAVE_PCAP_REMOTE
+ capture_opts->src_type = CAPTURE_IFLOCAL;
+ capture_opts->remote_host = NULL;
+ capture_opts->remote_port = NULL;
+ capture_opts->auth_type = CAPTURE_AUTH_NULL;
+ capture_opts->auth_username = NULL;
+ capture_opts->auth_password = NULL;
+ capture_opts->datatx_udp = FALSE;
+ capture_opts->nocap_rpcap = TRUE;
+ capture_opts->nocap_local = FALSE;
+#ifdef HAVE_PCAP_SETSAMPLING
+ capture_opts->sampling_method = CAPTURE_SAMP_NONE;
+ capture_opts->sampling_param = 0;
+#endif
+#endif
+#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
capture_opts->buffer_size = 1; /* 1 MB */
#endif
capture_opts->has_snaplen = FALSE;
capture_opts->snaplen = WTAP_MAX_PACKET_SIZE; /* snapshot length - default is
infinite, in effect */
capture_opts->promisc_mode = TRUE; /* promiscuous mode is the default */
+ capture_opts->monitor_mode = FALSE;
capture_opts->linktype = -1; /* the default linktype */
capture_opts->saving_to_file = FALSE;
capture_opts->save_file = NULL;
+ capture_opts->group_read_access = FALSE;
+ capture_opts->use_pcapng = FALSE; /* the default is pcap */
capture_opts->real_time_mode = TRUE;
capture_opts->show_info = TRUE;
capture_opts->quit_after_cap = FALSE;
#endif
capture_opts->state = CAPTURE_STOPPED;
capture_opts->output_to_pipe = FALSE;
+#ifndef _WIN32
+ capture_opts->owner = getuid();
+ capture_opts->group = getgid();
+#endif
}
g_log(log_domain, log_level, "CFile : 0x%p", capture_opts->cf);
g_log(log_domain, log_level, "Filter : %s", capture_opts->cfilter);
g_log(log_domain, log_level, "Interface : %s", capture_opts->iface);
-#ifdef _WIN32
+ /* iface_descr may not been filled in and some C Libraries hate a null ptr for %s */
+ g_log(log_domain, log_level, "Interface Descr : %s",
+ capture_opts->iface_descr ? capture_opts->iface_descr : "<null>");
+#ifdef HAVE_PCAP_REMOTE
+ g_log(log_domain, log_level, "Capture source : %s",
+ capture_opts->src_type == CAPTURE_IFLOCAL ? "Local interface" :
+ capture_opts->src_type == CAPTURE_IFREMOTE ? "Remote interface" :
+ "Unknown");
+ if (capture_opts->src_type == CAPTURE_IFREMOTE) {
+ g_log(log_domain, log_level, "Remote host : %s", capture_opts->remote_host);
+ g_log(log_domain, log_level, "Remote port : %s", capture_opts->remote_port);
+ }
+ g_log(log_domain, log_level, "Authentication : %s",
+ capture_opts->auth_type == CAPTURE_AUTH_NULL ? "Null" :
+ capture_opts->auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
+ "Unknown");
+ if (capture_opts->auth_type == CAPTURE_AUTH_PWD) {
+ g_log(log_domain, log_level, "Auth username : %s", capture_opts->auth_password);
+ g_log(log_domain, log_level, "Auth password : <hidden>");
+ }
+ g_log(log_domain, log_level, "UDP data transfer : %u", capture_opts->datatx_udp);
+ g_log(log_domain, log_level, "No capture RPCAP : %u", capture_opts->nocap_rpcap);
+ g_log(log_domain, log_level, "No capture local : %u", capture_opts->nocap_local);
+#endif
+#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
g_log(log_domain, log_level, "BufferSize : %u (MB)", capture_opts->buffer_size);
#endif
g_log(log_domain, log_level, "SnapLen (%u): %u", capture_opts->has_snaplen, capture_opts->snaplen);
g_log(log_domain, log_level, "LinkType : %d", capture_opts->linktype);
g_log(log_domain, log_level, "SavingToFile : %u", capture_opts->saving_to_file);
g_log(log_domain, log_level, "SaveFile : %s", (capture_opts->save_file) ? capture_opts->save_file : "");
+ g_log(log_domain, log_level, "GroupReadAccess : %u", capture_opts->group_read_access);
+ g_log(log_domain, log_level, "Fileformat : %s", (capture_opts->use_pcapng) ? "PCAPNG" : "PCAP");
g_log(log_domain, log_level, "RealTimeMode : %u", capture_opts->real_time_mode);
g_log(log_domain, log_level, "ShowInfo : %u", capture_opts->show_info);
g_log(log_domain, log_level, "QuitAfterCap : %u", capture_opts->quit_after_cap);
if (strcmp(arg,"files") == 0) {
capture_opts->has_ring_num_files = TRUE;
- capture_opts->ring_num_files = get_natural_int(p, "number of ring buffer files");
+ capture_opts->ring_num_files = get_positive_int(p, "number of ring buffer files");
} else if (strcmp(arg,"filesize") == 0) {
capture_opts->has_autostop_filesize = TRUE;
capture_opts->autostop_filesize = get_positive_int(p, "ring buffer filesize");
return TRUE;
}
+#ifdef HAVE_PCAP_SETSAMPLING
+/*
+ * Given a string of the form "<sampling type>:<value>", as might appear
+ * as an argument to a "-m" option, parse it and set the arguments in
+ * question. Return an indication of whether it succeeded or failed
+ * in some fashion.
+ */
+static gboolean
+get_sampling_arguments(capture_options *capture_opts, const char *arg)
+{
+ gchar *p = NULL, *colonp;
+
+ colonp = strchr(arg, ':');
+ if (colonp == NULL)
+ return FALSE;
+
+ p = colonp;
+ *p++ = '\0';
+
+ while (isspace((guchar)*p))
+ p++;
+ if (*p == '\0') {
+ *colonp = ':';
+ return FALSE;
+ }
+
+ if (strcmp(arg, "count") == 0) {
+ capture_opts->sampling_method = CAPTURE_SAMP_BY_COUNT;
+ capture_opts->sampling_param = get_positive_int(p, "sampling count");
+ } else if (strcmp(arg, "timer") == 0) {
+ capture_opts->sampling_method = CAPTURE_SAMP_BY_TIMER;
+ capture_opts->sampling_param = get_positive_int(p, "sampling timer");
+ }
+ *colonp = ':';
+ return TRUE;
+}
+#endif
+
+#ifdef HAVE_PCAP_REMOTE
+/*
+ * Given a string of the form "<username>:<password>", as might appear
+ * as an argument to a "-A" option, parse it and set the arguments in
+ * question. Return an indication of whether it succeeded or failed
+ * in some fashion.
+ */
+static gboolean
+get_auth_arguments(capture_options *capture_opts, const char *arg)
+{
+ gchar *p = NULL, *colonp;
+
+ colonp = strchr(arg, ':');
+ if (colonp == NULL)
+ return FALSE;
+
+ p = colonp;
+ *p++ = '\0';
+
+ while (isspace((guchar)*p))
+ p++;
+
+ capture_opts->auth_type = CAPTURE_AUTH_PWD;
+ capture_opts->auth_username = g_strdup(arg);
+ capture_opts->auth_password = g_strdup(p);
+ *colonp = ':';
+ return TRUE;
+}
+#endif
static int
-capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg)
+capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
{
long adapter_index;
char *p;
* names that begin with digits. It can be useful on Windows, where
* more than one interface can have the same name.
*/
- adapter_index = strtol(optarg, &p, 10);
+ adapter_index = strtol(optarg_str_p, &p, 10);
if (p != NULL && *p == '\0') {
if (adapter_index < 0) {
cmdarg_err("The specified adapter index is a negative number");
cmdarg_err("There is no interface with that adapter index");
return 1;
}
- if_list = get_interface_list(&err, &err_str);
+ if_list = capture_interface_list(&err, &err_str);
if (if_list == NULL) {
switch (err) {
}
return 2;
}
- if_info = g_list_nth_data(if_list, adapter_index - 1);
+ if_info = (if_info_t *)g_list_nth_data(if_list, adapter_index - 1);
if (if_info == NULL) {
cmdarg_err("There is no interface with that adapter index");
return 1;
}
capture_opts->iface = g_strdup(if_info->name);
+ /* We don't set iface_descr here because doing so requires
+ * capture_ui_utils.c which requires epan/prefs.c which is
+ * probably a bit too much dependency for here...
+ */
free_interface_list(if_list);
} else {
- capture_opts->iface = g_strdup(optarg);
+ capture_opts->iface = g_strdup(optarg_str_p);
}
return 0;
}
int
-capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg, gboolean *start_capture)
+capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p, gboolean *start_capture)
{
int status;
switch(opt) {
case 'a': /* autostop criteria */
- if (set_autostop_criterion(capture_opts, optarg) == FALSE) {
- cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg);
+ if (set_autostop_criterion(capture_opts, optarg_str_p) == FALSE) {
+ cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
return 1;
}
break;
+#ifdef HAVE_PCAP_REMOTE
+ case 'A':
+ if (get_auth_arguments(capture_opts, optarg_str_p) == FALSE) {
+ cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
+ return 1;
+ }
+ break;
+#endif
case 'b': /* Ringbuffer option */
capture_opts->multi_files_on = TRUE;
- if (get_ring_arguments(capture_opts, optarg) == FALSE) {
- cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg);
+ if (get_ring_arguments(capture_opts, optarg_str_p) == FALSE) {
+ cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
return 1;
}
break;
-#ifdef _WIN32
+#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
case 'B': /* Buffer size */
- capture_opts->buffer_size = get_positive_int(optarg, "buffer size");
+ capture_opts->buffer_size = get_positive_int(optarg_str_p, "buffer size");
break;
#endif
case 'c': /* Capture n packets */
capture_opts->has_autostop_packets = TRUE;
- capture_opts->autostop_packets = get_positive_int(optarg, "packet count");
+ capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
break;
case 'f': /* capture filter */
if (capture_opts->has_cfilter) {
}
capture_opts->has_cfilter = TRUE;
g_free(capture_opts->cfilter);
- capture_opts->cfilter = g_strdup(optarg);
+ capture_opts->cfilter = g_strdup(optarg_str_p);
break;
case 'H': /* Hide capture info dialog box */
capture_opts->show_info = FALSE;
break;
case 'i': /* Use interface x */
- status = capture_opts_add_iface_opt(capture_opts, optarg);
+ status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
if(status != 0) {
return status;
}
break;
+#ifdef HAVE_PCAP_CREATE
+ case 'I': /* Capture in monitor mode */
+ capture_opts->monitor_mode = TRUE;
+ break;
+#endif
case 'k': /* Start capture immediately */
*start_capture = TRUE;
break;
/*case 'l':*/ /* Automatic scrolling in live capture mode */
+#ifdef HAVE_PCAP_SETSAMPLING
+ case 'm':
+ if (get_sampling_arguments(capture_opts, optarg_str_p) == FALSE) {
+ cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
+ return 1;
+ }
+ break;
+#endif
+ case 'n': /* Use pcapng format */
+ capture_opts->use_pcapng = TRUE;
+ break;
case 'p': /* Don't capture in promiscuous mode */
capture_opts->promisc_mode = FALSE;
break;
capture_opts->quit_after_cap = TRUE;
*start_capture = TRUE; /*** -Q implies -k !! ***/
break;
+#ifdef HAVE_PCAP_REMOTE
+ case 'r':
+ capture_opts->nocap_rpcap = FALSE;
+ break;
+#endif
case 's': /* Set the snapshot (capture) length */
capture_opts->has_snaplen = TRUE;
- capture_opts->snaplen = get_positive_int(optarg, "snapshot length");
+ capture_opts->snaplen = get_natural_int(optarg_str_p, "snapshot length");
+ /*
+ * Make a snapshot length of 0 equivalent to the maximum packet
+ * length, mirroring what tcpdump does.
+ */
+ if (capture_opts->snaplen == 0)
+ capture_opts->snaplen = WTAP_MAX_PACKET_SIZE;
break;
case 'S': /* "Real-Time" mode: used for following file ala tail -f */
capture_opts->real_time_mode = TRUE;
break;
+#ifdef HAVE_PCAP_REMOTE
+ case 'u':
+ capture_opts->datatx_udp = TRUE;
+ break;
+#endif
case 'w': /* Write to capture file x */
capture_opts->saving_to_file = TRUE;
g_free(capture_opts->save_file);
-#if defined _WIN32 && (GLIB_MAJOR_VERSION > 2 || (GLIB_MAJOR_VERSION == 2 && GLIB_MINOR_VERSION >= 6))
+#if defined _WIN32 && GLIB_CHECK_VERSION(2,6,0)
/* since GLib 2.6, we need to convert filenames to utf8 for Win32 */
- capture_opts->save_file = g_locale_to_utf8(optarg, -1, NULL, NULL, NULL);
+ capture_opts->save_file = g_locale_to_utf8(optarg_str_p, -1, NULL, NULL, NULL);
#else
- capture_opts->save_file = g_strdup(optarg);
+ capture_opts->save_file = g_strdup(optarg_str_p);
#endif
status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
return status;
+ case 'g': /* enable group read access on the capture file(s) */
+ capture_opts->group_read_access = TRUE;
break;
case 'y': /* Set the pcap data link type */
-#ifdef HAVE_PCAP_DATALINK_NAME_TO_VAL
- capture_opts->linktype = linktype_name_to_val(optarg);
+ capture_opts->linktype = linktype_name_to_val(optarg_str_p);
if (capture_opts->linktype == -1) {
cmdarg_err("The specified data link type \"%s\" isn't valid",
- optarg);
+ optarg_str_p);
return 1;
}
-#else /* HAVE_PCAP_DATALINK_NAME_TO_VAL */
- /* we can't get the type name, just treat it as a number */
- capture_opts->linktype = get_natural_int(optarg, "data link type");
-#endif /* HAVE_PCAP_DATALINK_NAME_TO_VAL */
break;
default:
/* the caller is responsible to send us only the right opt's */
return 0;
}
-
-int capture_opts_list_link_layer_types(capture_options *capture_opts)
+void
+capture_opts_print_if_capabilities(if_capabilities_t *caps,
+ gboolean monitor_mode)
{
- gchar *err_str;
- GList *lt_list, *lt_entry;
+ GList *lt_entry;
data_link_info_t *data_link_info;
- /* Get the list of link-layer types for the capture device. */
- lt_list = get_pcap_linktype_list(capture_opts->iface, &err_str);
- if (lt_list == NULL) {
- if (err_str != NULL) {
- cmdarg_err("The list of data link types for the capture device \"%s\" could not be obtained (%s)."
- "Please check to make sure you have sufficient permissions, and that\n"
- "you have the proper interface or pipe specified.\n", capture_opts->iface, err_str);
- g_free(err_str);
- } else
- cmdarg_err("The capture device \"%s\" has no data link types.", capture_opts->iface);
- return 2;
- }
- cmdarg_err_cont("Data link types (use option -y to set):");
- for (lt_entry = lt_list; lt_entry != NULL;
+ if (caps->can_set_rfmon)
+ fprintf_stderr("Data link types when %sin monitor mode (use option -y to set):\n",
+ monitor_mode ? "" : "not ");
+ else
+ fprintf_stderr("Data link types (use option -y to set):\n");
+ for (lt_entry = caps->data_link_types; lt_entry != NULL;
lt_entry = g_list_next(lt_entry)) {
- data_link_info = lt_entry->data;
- cmdarg_err_cont(" %s", data_link_info->name);
- if (data_link_info->description != NULL)
- cmdarg_err_cont(" (%s)", data_link_info->description);
- else
- cmdarg_err_cont(" (not supported)");
- putchar('\n');
+ data_link_info = (data_link_info_t *)lt_entry->data;
+ fprintf_stderr(" %s", data_link_info->name);
+ if (data_link_info->description != NULL)
+ fprintf_stderr(" (%s)", data_link_info->description);
+ else
+ fprintf_stderr(" (not supported)");
+ fprintf_stderr("\n");
}
- free_pcap_linktype_list(lt_list);
-
- return 0;
}
-/* Return an ASCII-formatted list of interfaces. */
-#define ADDRSTRLEN 46 /* Covers IPv4 & IPv6 */
-int
-capture_opts_list_interfaces(gboolean verbose)
+/* Print an ASCII-formatted list of interfaces. */
+void
+capture_opts_print_interfaces(GList *if_list)
{
- GList *if_list;
+ int i;
GList *if_entry;
if_info_t *if_info;
- int err;
- gchar *err_str;
- int i;
- GSList *ip_addr;
- if_addr_t *if_addr;
- char addr_str[ADDRSTRLEN];
-
- if_list = get_interface_list(&err, &err_str);
- if (if_list == NULL) {
- switch (err) {
- case CANT_GET_INTERFACE_LIST:
- cmdarg_err("%s", err_str);
- g_free(err_str);
- break;
-
- case NO_INTERFACES_FOUND:
- cmdarg_err("There are no interfaces on which a capture can be done");
- break;
- }
- return err;
- }
i = 1; /* Interface id number */
for (if_entry = g_list_first(if_list); if_entry != NULL;
- if_entry = g_list_next(if_entry)) {
- if_info = if_entry->data;
+ if_entry = g_list_next(if_entry)) {
+ if_info = (if_info_t *)if_entry->data;
printf("%d. %s", i++, if_info->name);
- if (!verbose) {
- /* Add the description if it exists */
- if (if_info->description != NULL)
- printf(" (%s)", if_info->description);
- } else {
- /*
- * Add the contents of the if_entry struct in a parseable format.
- * Each if_entry element is tab-separated. Addresses are comma-
- * separated.
- */
- /* XXX - Make sure our description doesn't contain a tab */
- if (if_info->description != NULL)
- printf("\t%s\t", if_info->description);
- else
- printf("\t\t");
-
- for(ip_addr = g_slist_nth(if_info->ip_addr, 0); ip_addr != NULL;
- ip_addr = g_slist_next(ip_addr)) {
- if (ip_addr != g_slist_nth(if_info->ip_addr, 0))
- printf(",");
-
- if_addr = ip_addr->data;
- switch(if_addr->type) {
- case AT_IPv4:
- if (inet_ntop(AF_INET, &if_addr->ip_addr.ip4_addr, addr_str,
- ADDRSTRLEN)) {
- printf(addr_str);
- } else {
- printf("<unknown IPv4>");
- }
- break;
- case AT_IPv6:
- if (inet_ntop(AF_INET6, &if_addr->ip_addr.ip6_addr,
- addr_str, ADDRSTRLEN)) {
- printf(addr_str);
- } else {
- printf("<unknown IPv6>");
- }
- break;
- default:
- printf("<type unknown %u>", if_addr->type);
- }
- }
-
- if (if_info->loopback)
- printf("\tloopback");
- else
- printf("\tnetwork");
-
- }
- printf("\n");
+ /* Print the description if it exists */
+ if (if_info->description != NULL)
+ printf(" (%s)", if_info->description);
+ printf("\n");
}
- free_interface_list(if_list);
-
- return 0;
}
void capture_opts_trim_ring_num_files(capture_options *capture_opts)
{
/* Check the value range of the ring_num_files parameter */
- if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES)
+ if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES) {
+ cmdarg_err("Too many ring buffer files (%u). Reducing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MAX_NUM_FILES);
capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
+ } else if (capture_opts->ring_num_files > RINGBUFFER_WARN_NUM_FILES) {
+ cmdarg_err("%u is a lot of ring buffer files.\n", capture_opts->ring_num_files);
+ }
#if RINGBUFFER_MIN_NUM_FILES > 0
else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES)
+ cmdarg_err("Too few ring buffer files (%u). Increasing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MIN_NUM_FILES);
capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
#endif
}
if (capture_device != NULL) {
/* Yes - use it. */
capture_opts->iface = g_strdup(capture_device);
+ /* We don't set iface_descr here because doing so requires
+ * capture_ui_utils.c which requires epan/prefs.c which is
+ * probably a bit too much dependency for here...
+ */
} else {
/* No - pick the first one from the list of interfaces. */
- if_list = get_interface_list(&err, &err_str);
+ if_list = capture_interface_list(&err, &err_str);
if (if_list == NULL) {
switch (err) {
}
return FALSE;
}
- if_info = if_list->data; /* first interface */
+ if_info = (if_info_t *)if_list->data; /* first interface */
capture_opts->iface = g_strdup(if_info->name);
+ /* We don't set iface_descr here because doing so requires
+ * capture_ui_utils.c which requires epan/prefs.c which is
+ * probably a bit too much dependency for here...
+ */
free_interface_list(if_list);
}
}
{
struct stat statb;
- if (eth_stat(path, &statb) < 0)
+ if (ws_stat(path, &statb) < 0)
return errno;
if (S_ISFIFO(statb.st_mode))
*is_pipe = TRUE;
break;
- default: /* couldn't stat it */
- cmdarg_err("Error testing whether capture file is a pipe: %s",
- strerror(errno));
- return 2;
+ default: /* couldn't stat it */
+ break; /* ignore: later attempt to open */
+ /* will generate a nice msg */
}
}
}