From Xiao Xiangquan:
[obnox/wireshark/wip.git] / dumpcap.c
index 98fb5784ca10aa00bf27c3569ba381dd89dca41e..21e342c1ffb33067d5881ea7c431eefb2404bcf7 100644 (file)
--- a/dumpcap.c
+++ b/dumpcap.c
@@ -59,9 +59,7 @@
 #include <signal.h>
 #include <errno.h>
 
-#ifdef HAVE_GETOPT_H
-#include <getopt.h>
-#else
+#ifndef HAVE_GETOPT
 #include "wsutil/wsgetopt.h"
 #endif
 
@@ -81,6 +79,9 @@
 #include "version_info.h"
 
 #include "capture-pcap-util.h"
+#ifdef _WIN32
+#include "capture-wpcap.h"
+#endif /* _WIN32 */
 
 #include "pcapio.h"
 
 #include "wiretap/libpcap.h"
 
 /**#define DEBUG_DUMPCAP**/
-#define DEBUG_CHILD_DUMPCAP 1
 /**#define DEBUG_CHILD_DUMPCAP**/
 
 #ifdef _WIN32
@@ -135,10 +135,6 @@ FILE *debug_log;   /* for logging debug messages to  */
                    /*  is defined                    */
 #endif
 
-#ifdef _WIN32
-#define USE_THREADS
-#endif
-
 static GAsyncQueue *pcap_queue;
 static gint64 pcap_queue_bytes;
 static gint64 pcap_queue_packets;
@@ -242,9 +238,9 @@ typedef struct _pcap_options {
 #endif
     gboolean       cap_pipe_modified;     /* TRUE if data in the pipe uses modified pcap headers */
     gboolean       cap_pipe_byte_swapped; /* TRUE if data in the pipe is byte swapped */
-#ifdef USE_THREADS
+#if defined(_WIN32)
     char *         cap_pipe_buf;          /* Pointer to the data buffer we read into */
-#endif /* USE_THREADS */
+#endif
     int            cap_pipe_bytes_to_read;/* Used by cap_pipe_dispatch */
     int            cap_pipe_bytes_read;   /* Used by cap_pipe_dispatch */
     enum {
@@ -254,7 +250,7 @@ typedef struct _pcap_options {
         STATE_READ_DATA
     } cap_pipe_state;
     enum { PIPOK, PIPEOF, PIPERR, PIPNEXIST } cap_pipe_err;
-#ifdef USE_THREADS
+#if defined(_WIN32)
     GMutex *cap_pipe_read_mtx;
     GAsyncQueue *cap_pipe_pending_q, *cap_pipe_done_q;
 #endif
@@ -325,10 +321,10 @@ static gboolean need_timeout_workaround;
  * WaitForSingleObject. If it's less than 1000 WaitForSingleObject
  * will return immediately.
  */
-#ifndef USE_THREADS
-#define PIPE_READ_TIMEOUT   250000
-#else
+#if defined(_WIN32)
 #define PIPE_READ_TIMEOUT   100000
+#else
+#define PIPE_READ_TIMEOUT   250000
 #endif
 
 #define WRITER_THREAD_TIMEOUT 100000 /* usecs */
@@ -368,7 +364,7 @@ print_usage(gboolean print_ver)
         output = stdout;
         fprintf(output,
                 "Dumpcap " VERSION "%s\n"
-                "Capture network packets and dump them into a libpcap file.\n"
+                "Capture network packets and dump them into a pcapng file.\n"
                 "See http://www.wireshark.org for more information.\n",
                 wireshark_svnversion);
     } else {
@@ -393,11 +389,11 @@ print_usage(gboolean print_ver)
 #ifdef HAVE_BPF_IMAGE
     fprintf(output, "  -d                       print generated BPF code for capture filter\n");
 #endif
-    fprintf(output, "  -S                       print statistics for each interface once every second\n");
+    fprintf(output, "  -S                       print statistics for each interface once per second\n");
     fprintf(output, "  -M                       for -D, -L, and -S, produce machine-readable output\n");
     fprintf(output, "\n");
 #ifdef HAVE_PCAP_REMOTE
-    fprintf(output, "\nRPCAP options:\n");
+    fprintf(output, "RPCAP options:\n");
     fprintf(output, "  -r                       don't ignore own RPCAP traffic in capture\n");
     fprintf(output, "  -u                       use UDP for RPCAP data transfer\n");
     fprintf(output, "  -A <user>:<password>     use RPCAP password authentication\n");
@@ -419,16 +415,17 @@ print_usage(gboolean print_ver)
     fprintf(output, "  -b <ringbuffer opt.> ... duration:NUM - switch to next file after NUM secs\n");
     fprintf(output, "                           filesize:NUM - switch to next file after NUM KB\n");
     fprintf(output, "                              files:NUM - ringbuffer: replace after NUM files\n");
-    fprintf(output, "  -n                       use pcapng format instead of pcap\n");
-    /*fprintf(output, "\n");*/
+    fprintf(output, "  -n                       use pcapng format instead of pcap (default)\n");
+    fprintf(output, "  -P                       use libpcap format instead of pcapng\n");
+    fprintf(output, "\n");
     fprintf(output, "Miscellaneous:\n");
     fprintf(output, "  -t                       use a separate thread per interface\n");
     fprintf(output, "  -q                       don't report packet capture counts\n");
     fprintf(output, "  -v                       print version information and exit\n");
     fprintf(output, "  -h                       display this help and exit\n");
     fprintf(output, "\n");
-    fprintf(output, "Example: dumpcap -i eth0 -a duration:60 -w output.pcap\n");
-    fprintf(output, "\"Capture network packets from interface eth0 until 60s passed into output.pcap\"\n");
+    fprintf(output, "Example: dumpcap -i eth0 -a duration:60 -w output.pcapng\n");
+    fprintf(output, "\"Capture network packets from interface eth0 until 60s passed into output.pcapng\"\n");
     fprintf(output, "\n");
     fprintf(output, "Use Ctrl-C to stop capturing at any time.\n");
 }
@@ -637,30 +634,9 @@ open_capture_device(interface_options *interface_opts,
         g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
               "pcap_open_live() calling using name %s, snaplen %d, promisc_mode %d.",
               interface_opts->name, interface_opts->snaplen, interface_opts->promisc_mode);
-#ifdef _MSC_VER
-        __try {
-            pcap_h = pcap_open_live(interface_opts->name, interface_opts->snaplen,
-                                    interface_opts->promisc_mode, CAP_READ_TIMEOUT,
-                                    *open_err_str);
-        } __except(TRUE) {
-            if (GetExceptionCode() == STATUS_ACCESS_VIOLATION) {
-                EXCEPTION_POINTERS *ex = GetExceptionInformation();
-
-                g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_ERROR, "Exception from pcap_open_live(): %s AV @ %p IP: %p\n", 
-                        (ex->ExceptionInformation[0] ? "WRITE" : "READ"),
-                        (void *) ex->ExceptionInformation[1],
-                        (void *) ex->ExceptionAddress);
-
-                g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "open_err_str: %p, %p", open_err_str, *open_err_str);
-            } else
-                g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_ERROR, "Exception from pcap_open_live(): 0x%x (0x%x)\n", GetExceptionCode(), ERROR_PROC_NOT_FOUND);
-            pcap_h = NULL;
-        }
-#else
         pcap_h = pcap_open_live(interface_opts->name, interface_opts->snaplen,
                                 interface_opts->promisc_mode, CAP_READ_TIMEOUT,
                                 *open_err_str);
-#endif
         g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
               "pcap_open_live() returned %p.", (void *)pcap_h);
 #endif
@@ -704,21 +680,40 @@ get_capture_device_open_failure_messages(const char *open_err_str,
         libpcap_warn = "";
     g_snprintf(errmsg, (gulong) errmsg_len,
                "The capture session could not be initiated (%s).", open_err_str);
-#ifndef _WIN32
+#ifdef _WIN32
+    if (!has_wpcap) {
+      g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len,
+                 "\n"
+                 "In order to capture packets, WinPcap must be installed; see\n"
+                 "\n"
+                 "        http://www.winpcap.org/\n"
+                 "\n"
+                 "or the mirror at\n"
+                 "\n"
+                 "        http://www.mirrors.wiretapped.net/security/packet-capture/winpcap/\n"
+                 "\n"
+                 "or the mirror at\n"
+                 "\n"
+                 "        http://winpcap.cs.pu.edu.tw/\n"
+                 "\n"
+                 "for a downloadable version of WinPcap and for instructions on how to install\n"
+                 "WinPcap.");
+    } else {
+      g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len,
+                 "\n"
+                 "Please check that \"%s\" is the proper interface.\n"
+                 "\n"
+                 "\n"
+                 "Help can be found at:\n"
+                 "\n"
+                 "       http://wiki.wireshark.org/WinPcap\n"
+                 "       http://wiki.wireshark.org/CaptureSetup\n",
+                 iface);
+    }
+#else
     g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len,
                "Please check to make sure you have sufficient permissions, and that you have "
                "the proper interface or pipe specified.%s", libpcap_warn);
-#else
-    g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len,
-               "\n"
-               "Please check that \"%s\" is the proper interface.\n"
-               "\n"
-               "\n"
-               "Help can be found at:\n"
-               "\n"
-               "       http://wiki.wireshark.org/WinPcap\n"
-               "       http://wiki.wireshark.org/CaptureSetup\n",
-               iface);
 #endif /* _WIN32 */
 }
 
@@ -1307,6 +1302,7 @@ print_statistics_loop(gboolean machine_readable)
     if (if_list == NULL) {
         switch (err) {
         case CANT_GET_INTERFACE_LIST:
+        case DONT_HAVE_PCAP:
             cmdarg_err("%s", err_str);
             g_free(err_str);
             break;
@@ -1573,7 +1569,7 @@ cap_pipe_adjust_header(gboolean byte_swapped, struct pcap_hdr *hdr, struct pcapr
     }
 }
 
-#ifdef USE_THREADS
+#if defined(_WIN32)
 /*
  * Thread function that reads from a pipe and pushes the data
  * to the main application thread.
@@ -1659,8 +1655,9 @@ static void *cap_pipe_read(void *arg)
     }
     return NULL;
 }
-#endif /* USE_THREADS */
+#endif
 
+#if !defined(_WIN32) || defined(MUST_DO_SELECT)
 /* Provide select() functionality for a single file descriptor
  * on UNIX/POSIX. Windows uses cap_pipe_read via a thread.
  *
@@ -1680,6 +1677,7 @@ cap_pipe_select(int pipe_fd)
 
     return select(pipe_fd+1, &rfds, NULL, NULL, &timeout);
 }
+#endif
 
 
 /* Mimic pcap_open_live() for pipe captures
@@ -1706,7 +1704,7 @@ cap_pipe_open_live(char *pipename,
     wchar_t *err_str;
 #endif
 #endif
-#ifndef USE_THREADS
+#ifndef _WIN32
     int          sel_ret;
     unsigned int bytes_read;
 #endif
@@ -1875,7 +1873,7 @@ cap_pipe_open_live(char *pipename,
 
     pcap_opts->from_cap_pipe = TRUE;
 
-#ifndef USE_THREADS
+#ifndef _WIN32
     /* read the pcap header */
     bytes_read = 0;
     while (bytes_read < sizeof magic) {
@@ -1897,7 +1895,7 @@ cap_pipe_open_live(char *pipename,
             bytes_read += b;
         }
     }
-#else /* USE_THREADS */
+#else
     g_thread_create(&cap_pipe_read, pcap_opts, FALSE, NULL);
 
     pcap_opts->cap_pipe_buf = (char *) &magic;
@@ -1915,7 +1913,7 @@ cap_pipe_open_live(char *pipename,
         goto error;
     }
 
-#endif /* USE_THREADS */
+#endif
 
     switch (magic) {
     case PCAP_MAGIC:
@@ -1950,7 +1948,7 @@ cap_pipe_open_live(char *pipename,
         goto error;
     }
 
-#ifndef USE_THREADS
+#ifndef _WIN32
     /* Read the rest of the header */
     bytes_read = 0;
     while (bytes_read < sizeof(struct pcap_hdr)) {
@@ -1973,7 +1971,7 @@ cap_pipe_open_live(char *pipename,
             bytes_read += b;
         }
     }
-#else /* USE_THREADS */
+#else
     pcap_opts->cap_pipe_buf = (char *) hdr;
     pcap_opts->cap_pipe_bytes_read = 0;
     pcap_opts->cap_pipe_bytes_to_read = sizeof(struct pcap_hdr);
@@ -1987,7 +1985,7 @@ cap_pipe_open_live(char *pipename,
                        g_strerror(errno));
         goto error;
     }
-#endif /* USE_THREADS */
+#endif
 
     if (pcap_opts->cap_pipe_byte_swapped) {
         /* Byte-swap the header fields about which we care. */
@@ -2030,7 +2028,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
     struct pcap_pkthdr phdr;
     enum { PD_REC_HDR_READ, PD_DATA_READ, PD_PIPE_EOF, PD_PIPE_ERR,
            PD_ERR } result;
-#ifdef USE_THREADS
+#ifdef _WIN32
     GTimeVal wait_time;
     gpointer q_status;
 #else
@@ -2047,7 +2045,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
     switch (pcap_opts->cap_pipe_state) {
 
     case STATE_EXPECT_REC_HDR:
-#ifdef USE_THREADS
+#ifdef _WIN32
         if (g_mutex_trylock(pcap_opts->cap_pipe_read_mtx)) {
 #endif
 
@@ -2056,7 +2054,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
                 sizeof(struct pcaprec_modified_hdr) : sizeof(struct pcaprec_hdr);
             pcap_opts->cap_pipe_bytes_read = 0;
 
-#ifdef USE_THREADS
+#ifdef _WIN32
             pcap_opts->cap_pipe_buf = (char *) &pcap_opts->cap_pipe_rechdr;
             g_async_queue_push(pcap_opts->cap_pipe_pending_q, pcap_opts->cap_pipe_buf);
             g_mutex_unlock(pcap_opts->cap_pipe_read_mtx);
@@ -2065,7 +2063,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
         /* Fall through */
 
     case STATE_READ_REC_HDR:
-#ifndef USE_THREADS
+#ifndef _WIN32
         b = read(pcap_opts->cap_pipe_fd, ((char *)&pcap_opts->cap_pipe_rechdr)+pcap_opts->cap_pipe_bytes_read,
                  pcap_opts->cap_pipe_bytes_to_read - pcap_opts->cap_pipe_bytes_read);
         if (b <= 0) {
@@ -2076,7 +2074,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
             break;
         }
         pcap_opts->cap_pipe_bytes_read += b;
-#else /* USE_THREADS */
+#else
         g_get_current_time(&wait_time);
         g_time_val_add(&wait_time, PIPE_READ_TIMEOUT);
         q_status = g_async_queue_timed_pop(pcap_opts->cap_pipe_done_q, &wait_time);
@@ -2090,14 +2088,14 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
         if (!q_status) {
             return 0;
         }
-#endif /* USE_THREADS */
+#endif
         if ((pcap_opts->cap_pipe_bytes_read) < pcap_opts->cap_pipe_bytes_to_read)
             return 0;
         result = PD_REC_HDR_READ;
         break;
 
     case STATE_EXPECT_DATA:
-#ifdef USE_THREADS
+#ifdef _WIN32
         if (g_mutex_trylock(pcap_opts->cap_pipe_read_mtx)) {
 #endif
 
@@ -2105,7 +2103,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
             pcap_opts->cap_pipe_bytes_to_read = pcap_opts->cap_pipe_rechdr.hdr.incl_len;
             pcap_opts->cap_pipe_bytes_read = 0;
 
-#ifdef USE_THREADS
+#ifdef _WIN32
             pcap_opts->cap_pipe_buf = (char *) data;
             g_async_queue_push(pcap_opts->cap_pipe_pending_q, pcap_opts->cap_pipe_buf);
             g_mutex_unlock(pcap_opts->cap_pipe_read_mtx);
@@ -2114,7 +2112,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
         /* Fall through */
 
     case STATE_READ_DATA:
-#ifndef USE_THREADS
+#ifndef _WIN32
         b = read(pcap_opts->cap_pipe_fd, data+pcap_opts->cap_pipe_bytes_read,
                  pcap_opts->cap_pipe_bytes_to_read - pcap_opts->cap_pipe_bytes_read);
         if (b <= 0) {
@@ -2125,7 +2123,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
             break;
         }
         pcap_opts->cap_pipe_bytes_read += b;
-#else /* USE_THREADS */
+#else
         g_get_current_time(&wait_time);
         g_time_val_add(&wait_time, PIPE_READ_TIMEOUT);
         q_status = g_async_queue_timed_pop(pcap_opts->cap_pipe_done_q, &wait_time);
@@ -2139,7 +2137,7 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
         if (!q_status) {
             return 0;
         }
-#endif /* USE_THREADS */
+#endif
         if ((pcap_opts->cap_pipe_bytes_read) < pcap_opts->cap_pipe_bytes_to_read)
             return 0;
         result = PD_DATA_READ;
@@ -2165,8 +2163,12 @@ cap_pipe_dispatch(loop_data *ld, pcap_options *pcap_opts, guchar *data, char *er
                        ld->packet_count+1, pcap_opts->cap_pipe_rechdr.hdr.incl_len);
             break;
         }
-        pcap_opts->cap_pipe_state = STATE_EXPECT_DATA;
-        return 0;
+
+        if (pcap_opts->cap_pipe_rechdr.hdr.incl_len) {
+            pcap_opts->cap_pipe_state = STATE_EXPECT_DATA;
+            return 0;
+        }
+        /* no data to read? fall through */
 
     case PD_DATA_READ:
         /* Fill in a "struct pcap_pkthdr", and process the packet. */
@@ -2279,7 +2281,7 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld,
     if ((use_threads == FALSE) &&
         (capture_opts->ifaces->len > 1)) {
         g_snprintf(errmsg, (gulong) errmsg_len,
-                   "Using threads is required for capturing on mulitple interfaces! Use the -t option.");
+                   "Using threads is required for capturing on mulitple interfaces!");
         return FALSE;
     }
 
@@ -2312,15 +2314,20 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld,
 #endif
         pcap_opts->cap_pipe_modified = FALSE;
         pcap_opts->cap_pipe_byte_swapped = FALSE;
-#ifdef USE_THREADS
+#ifdef _WIN32
         pcap_opts->cap_pipe_buf = NULL;
-#endif /* USE_THREADS */
+#endif
         pcap_opts->cap_pipe_bytes_to_read = 0;
         pcap_opts->cap_pipe_bytes_read = 0;
         pcap_opts->cap_pipe_state = 0;
         pcap_opts->cap_pipe_err = PIPOK;
-#ifdef USE_THREADS
+#ifdef _WIN32
+#if GLIB_CHECK_VERSION(2,31,0)
+        pcap_opts->cap_pipe_read_mtx = g_malloc(sizeof(GMutex));
+        g_mutex_init(pcap_opts->cap_pipe_read_mtx);
+#else
         pcap_opts->cap_pipe_read_mtx = g_mutex_new();
+#endif
         pcap_opts->cap_pipe_pending_q = g_async_queue_new();
         pcap_opts->cap_pipe_done_q = g_async_queue_new();
 #endif
@@ -2572,7 +2579,6 @@ capture_loop_init_output(capture_options *capture_opts, loop_data *ld, char *err
                                                                        &err);
             }
         } else {
-            interface_opts = g_array_index(capture_opts->ifaces, interface_options, 0);
             pcap_opts = g_array_index(ld->pcaps, pcap_options *, 0);
             if (pcap_opts->from_cap_pipe) {
                 pcap_opts->snaplen = pcap_opts->cap_pipe_hdr.snaplen;
@@ -2656,7 +2662,7 @@ capture_loop_dispatch(loop_data *ld,
     int       inpkts;
     gint      packet_count_before;
     guchar    pcap_data[WTAP_MAX_PACKET_SIZE];
-#ifndef USE_THREADS
+#ifndef _WIN32
     int       sel_ret;
 #endif
 
@@ -2666,7 +2672,7 @@ capture_loop_dispatch(loop_data *ld,
 #ifdef LOG_CAPTURE_VERBOSE
         g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_dispatch: from capture pipe");
 #endif
-#ifndef USE_THREADS
+#ifndef _WIN32
         sel_ret = cap_pipe_select(pcap_opts->cap_pipe_fd);
         if (sel_ret <= 0) {
             if (sel_ret < 0 && errno != EINTR) {
@@ -2679,12 +2685,12 @@ capture_loop_dispatch(loop_data *ld,
             /*
              * "select()" says we can read from the pipe without blocking
              */
-#endif /* USE_THREADS */
+#endif
             inpkts = cap_pipe_dispatch(ld, pcap_opts, pcap_data, errmsg, errmsg_len);
             if (inpkts < 0) {
                 ld->go = FALSE;
             }
-#ifndef USE_THREADS
+#ifndef _WIN32
         }
 #endif
     }
@@ -2910,15 +2916,17 @@ capture_loop_open_output(capture_options *capture_opts, int *save_file_fd,
         if (global_capture_opts.ifaces->len > 1) {
             prefix = g_strdup_printf("wireshark_%d_interfaces", global_capture_opts.ifaces->len);
         } else {
+            gchar *basename;
 #ifdef _WIN32
             GString *iface;
-
             iface = isolate_uuid(g_array_index(global_capture_opts.ifaces, interface_options, 0).name);
-            prefix = g_strconcat("wireshark_", g_basename(iface->str), NULL);
+            basename = g_path_get_basename(iface->str);
             g_string_free(iface, TRUE);
 #else
-            prefix = g_strconcat("wireshark_", g_basename(g_array_index(global_capture_opts.ifaces, interface_options, 0).name), NULL);
+            basename = g_path_get_basename(g_array_index(global_capture_opts.ifaces, interface_options, 0).name);
 #endif
+            prefix = g_strconcat("wireshark_", basename, NULL);
+            g_free(basename);
         }
         *save_file_fd = create_tempfile(&tmpname, prefix);
         g_free(prefix);
@@ -3001,7 +3009,6 @@ do_file_switch_or_stop(capture_options *capture_opts,
                                                                            &global_ld.err);
                 }
             } else {
-                interface_opts = g_array_index(capture_opts->ifaces, interface_options, 0);
                 pcap_opts = g_array_index(global_ld.pcaps, pcap_options *, 0);
                 successful = libpcap_write_file_header(global_ld.pdh, pcap_opts->linktype, pcap_opts->snaplen,
                                                        &global_ld.bytes_written, &global_ld.err);
@@ -3061,7 +3068,7 @@ static gboolean
 capture_loop_start(capture_options *capture_opts, gboolean *stats_known, struct pcap_stat *stats)
 {
 #ifdef WIN32
-    time_t upd_time, cur_time;
+    DWORD upd_time, cur_time;   /* GetTickCount() returns a "DWORD" (which is 'unsigned long') */
 #else
     struct timeval upd_time, cur_time;
 #endif
@@ -3080,7 +3087,6 @@ capture_loop_start(capture_options *capture_opts, gboolean *stats_known, struct
     interface_options interface_opts;
     guint i, error_index = 0;
 
-    interface_opts = capture_opts->default_options;
     *errmsg           = '\0';
     *secondary_errmsg = '\0';
 
@@ -3209,7 +3215,12 @@ capture_loop_start(capture_options *capture_opts, gboolean *stats_known, struct
         pcap_queue_packets = 0;
         for (i = 0; i < global_ld.pcaps->len; i++) {
             pcap_opts = g_array_index(global_ld.pcaps, pcap_options *, i);
+#if GLIB_CHECK_VERSION(2,31,0)
+            /* XXX - Add an interface name here? */
+            pcap_opts->tid = g_thread_new("Capture read", pcap_read_handler, pcap_opts);
+#else
             pcap_opts->tid = g_thread_create(pcap_read_handler, pcap_opts, TRUE, NULL);
+#endif
         }
     }
     while (global_ld.go) {
@@ -3285,8 +3296,8 @@ capture_loop_start(capture_options *capture_opts, gboolean *stats_known, struct
 #define DUMPCAP_UPD_TIME 500
 
 #ifdef WIN32
-        cur_time = GetTickCount();
-        if ( (cur_time - upd_time) > DUMPCAP_UPD_TIME) {
+        cur_time = GetTickCount();  /* Note: wraps to 0 if sys runs for 49.7 days */
+        if ((cur_time - upd_time) > DUMPCAP_UPD_TIME) { /* wrap just causes an extra update */
 #else
         gettimeofday(&cur_time, NULL);
         if ((cur_time.tv_sec * 1000000 + cur_time.tv_usec) >
@@ -3594,7 +3605,7 @@ static void
 capture_loop_write_packet_cb(u_char *pcap_opts_p, const struct pcap_pkthdr *phdr,
                              const u_char *pd)
 {
-    pcap_options *pcap_opts = (pcap_options *) pcap_opts_p;
+    pcap_options *pcap_opts = (pcap_options *) (void *) pcap_opts_p;
     int err;
 
     /* We may be called multiple times from pcap_dispatch(); if we've set
@@ -3636,7 +3647,7 @@ static void
 capture_loop_queue_packet_cb(u_char *pcap_opts_p, const struct pcap_pkthdr *phdr,
                              const u_char *pd)
 {
-    pcap_options *pcap_opts = (pcap_options *) pcap_opts_p;
+    pcap_options *pcap_opts = (pcap_options *) (void *) pcap_opts_p;
     pcap_queue_element *queue_element;
     gboolean limit_reached;
 
@@ -3721,6 +3732,7 @@ main(int argc, char *argv[])
 #if defined(__APPLE__) && defined(__LP64__)
     struct utsname       osinfo;
 #endif
+    GString             *str;
 
 #ifdef _WIN32
     arg_list_utf_16to8(argc, argv);
@@ -3868,9 +3880,11 @@ main(int argc, char *argv[])
     /* Initialize the pcaps list */
     global_ld.pcaps = g_array_new(FALSE, FALSE, sizeof(pcap_options *));
 
+#if !GLIB_CHECK_VERSION(2,31,0)
     /* Initialize the thread system */
-    if (!g_thread_supported())
-        g_thread_init(NULL);
+    g_thread_init(NULL);
+#endif
+
 #ifdef _WIN32
     /* Load wpcap if possible. Do this before collecting the run-time version information */
     load_wpcap();
@@ -4087,7 +4101,6 @@ main(int argc, char *argv[])
         case 'q':        /* Quiet */
             quiet = TRUE;
             break;
-
         case 't':
             use_threads = TRUE;
             break;
@@ -4115,6 +4128,7 @@ main(int argc, char *argv[])
             break;
         default:
             cmdarg_err("Invalid Option: %s", argv[optind-1]);
+            /* FALLTHROUGH */
         case '?':        /* Bad flag - print usage message */
             arg_error = TRUE;
             break;
@@ -4195,6 +4209,7 @@ main(int argc, char *argv[])
         if (if_list == NULL) {
             switch (err) {
             case CANT_GET_INTERFACE_LIST:
+            case DONT_HAVE_PCAP:
                 cmdarg_err("%s", err_str);
                 g_free(err_str);
                 exit_main(2);
@@ -4243,11 +4258,41 @@ main(int argc, char *argv[])
 
     /* Let the user know what interfaces were chosen. */
     /* get_interface_descriptive_name() is not available! */
-    for (j = 0; j < global_capture_opts.ifaces->len; j++) {
-        interface_options interface_opts;
+    if (capture_child) {
+        for (j = 0; j < global_capture_opts.ifaces->len; j++) {
+            interface_options interface_opts;
 
-        interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, j);
-        g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Interface: %s", interface_opts.name);
+            interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, j);
+            g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Interface: %s\n",
+                  interface_opts.name);
+        }
+    } else {
+        str = g_string_new("");
+#ifdef _WIN32
+        if (global_capture_opts.ifaces->len < 2) {
+#else
+        if (global_capture_opts.ifaces->len < 4) {
+#endif
+            for (j = 0; j < global_capture_opts.ifaces->len; j++) {
+                interface_options interface_opts;
+
+                interface_opts = g_array_index(global_capture_opts.ifaces, interface_options, j);
+                if (j > 0) {
+                    if (global_capture_opts.ifaces->len > 2) {
+                        g_string_append_printf(str, ",");
+                    }
+                    g_string_append_printf(str, " ");
+                    if (j == global_capture_opts.ifaces->len - 1) {
+                        g_string_append_printf(str, "and ");
+                    }
+                }
+                g_string_append_printf(str, "%s", interface_opts.name);
+            }
+        } else {
+            g_string_append_printf(str, "%u interfaces", global_capture_opts.ifaces->len);
+        }
+        fprintf(stderr, "Capturing on %s\n", str->str);
+        g_string_free(str, TRUE);
     }
 
     if (list_link_layer_types) {
@@ -4470,11 +4515,11 @@ report_cfilter_error(capture_options *capture_opts, guint i, const char *errmsg)
              * the error message below.
              */
             interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
-            fprintf(stderr,
-              "Invalid capture filter \"%s\" for interface %s!\n"
+            cmdarg_err(
+              "Invalid capture filter: \"%s\" for interface %s!\n"
               "\n"
               "That string isn't a valid capture filter (%s).\n"
-              "See the User's Guide for a description of the capture filter syntax.\n",
+              "See the User's Guide for a description of the capture filter syntax.",
               interface_opts.cfilter, interface_opts.name, errmsg);
         }
     }
@@ -4490,9 +4535,9 @@ report_capture_error(const char *error_msg, const char *secondary_error_msg)
             "Secondary Error: %s", secondary_error_msg);
         sync_pipe_errmsg_to_parent(2, error_msg, secondary_error_msg);
     } else {
-        fprintf(stderr, "%s\n", error_msg);
+        cmdarg_err("%s", error_msg);
         if (secondary_error_msg[0] != '\0')
-          fprintf(stderr, "%s\n", secondary_error_msg);
+          cmdarg_err_cont("%s", secondary_error_msg);
     }
 }
 
@@ -4577,6 +4622,6 @@ signal_pipe_check_running(void)
  * indent-tabs-mode: nil
  * End:
  *
- * vi: set shiftwidth=4 tabstop=8 expandtab
+ * vi: set shiftwidth=4 tabstop=8 expandtab:
  * :indentSize=4:tabSize=8:noTabs=true:
  */