static capture_options global_capture_opts;
static gboolean quiet = FALSE;
static gboolean use_threads = FALSE;
+static guint64 start_time;
static void capture_loop_write_packet_cb(u_char *pcap_opts_p, const struct pcap_pkthdr *phdr,
const u_char *pd);
#define MSG_MAX_LENGTH 4096
+/* Copied from pcapio.c libpcap_write_interface_statistics_block()*/
+static guint64
+create_timestamp(void) {
+ guint64 timestamp;
+#ifdef _WIN32
+ FILETIME now;
+#else
+ struct timeval now;
+#endif
+
+#ifdef _WIN32
+ /*
+ * Current time, represented as 100-nanosecond intervals since
+ * January 1, 1601, 00:00:00 UTC.
+ *
+ * I think DWORD might be signed, so cast both parts of "now"
+ * to guint32 so that the sign bit doesn't get treated specially.
+ */
+ GetSystemTimeAsFileTime(&now);
+ timestamp = (((guint64)(guint32)now.dwHighDateTime) << 32) +
+ (guint32)now.dwLowDateTime;
+
+ /*
+ * Convert to same thing but as 1-microsecond, i.e. 1000-nanosecond,
+ * intervals.
+ */
+ timestamp /= 10;
+
+ /*
+ * Subtract difference, in microseconds, between January 1, 1601
+ * 00:00:00 UTC and January 1, 1970, 00:00:00 UTC.
+ */
+ timestamp -= G_GINT64_CONSTANT(11644473600000000U);
+#else
+ /*
+ * Current time, represented as seconds and microseconds since
+ * January 1, 1970, 00:00:00 UTC.
+ */
+ gettimeofday(&now, NULL);
+
+ /*
+ * Convert to delta in microseconds.
+ */
+ timestamp = (guint64)(now.tv_sec) * 1000000 +
+ (guint64)(now.tv_usec);
+#endif
+ return timestamp;
+}
+
static void
print_usage(gboolean print_ver)
{
if (ld->pdh) {
if (capture_opts->use_pcapng) {
char appname[100];
+ GString *os_info_str;
+
+ os_info_str = g_string_new("");
+ get_os_version_info(os_info_str);
g_snprintf(appname, sizeof(appname), "Dumpcap " VERSION "%s", wireshark_svnversion);
- successful = libpcap_write_session_header_block(ld->pdh, appname, &ld->bytes_written, &err);
+ successful = libpcap_write_session_header_block(ld->pdh,
+ NULL, /* Comment*/
+ NULL, /* HW*/
+ os_info_str->str, /* OS*/
+ appname,
+ -1, /* section_length */
+ &ld->bytes_written,
+ &err);
+
for (i = 0; successful && (i < capture_opts->ifaces->len); i++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
pcap_opts = g_array_index(ld->pcaps, pcap_options *, i);
} else {
pcap_opts->snaplen = pcap_snapshot(pcap_opts->pcap_h);
}
- successful = libpcap_write_interface_description_block(ld->pdh,
- interface_opts.name,
- interface_opts.cfilter?interface_opts.cfilter:"",
+ successful = libpcap_write_interface_description_block(global_ld.pdh,
+ NULL, /* OPT_COMMENT 1 */
+ interface_opts.name, /* IDB_NAME 2 */
+ NULL, /* IDB_DESCRIPTION 3 */
+ interface_opts.cfilter?interface_opts.cfilter:"", /* IDB_FILTER 11 */
+ os_info_str->str, /* IDB_OS 12 */
pcap_opts->linktype,
pcap_opts->snaplen,
- &ld->bytes_written,
- &err);
+ &(global_ld.bytes_written),
+ 0, /* IDB_IF_SPEED 8 */
+ 0, /* IDB_TSRESOL 9 */
+ &global_ld.err);
}
+
+ g_string_free(os_info_str, TRUE);
+
} else {
pcap_opts = g_array_index(ld->pcaps, pcap_options *, 0);
if (pcap_opts->from_cap_pipe) {
unsigned int i;
pcap_options *pcap_opts;
+ guint64 end_time = create_timestamp();
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_close_output");
for (i = 0; i < global_ld.pcaps->len; i++) {
pcap_opts = g_array_index(global_ld.pcaps, pcap_options *, i);
if (!pcap_opts->from_cap_pipe) {
- libpcap_write_interface_statistics_block(ld->pdh, i, pcap_opts->pcap_h, &ld->bytes_written, err_close);
+ libpcap_write_interface_statistics_block(ld->pdh,
+ i,
+ pcap_opts->pcap_h,
+ &ld->bytes_written,
+ "Counters provided by libpcap",
+ start_time,
+ end_time,
+ err_close);
}
}
}
global_ld.bytes_written = 0;
if (capture_opts->use_pcapng) {
char appname[100];
+ GString *os_info_str;
+
+ os_info_str = g_string_new("");
+ get_os_version_info(os_info_str);
g_snprintf(appname, sizeof(appname), "Dumpcap " VERSION "%s", wireshark_svnversion);
- successful = libpcap_write_session_header_block(global_ld.pdh, appname, &(global_ld.bytes_written), &global_ld.err);
+ successful = libpcap_write_session_header_block(global_ld.pdh,
+ NULL, /* Comment */
+ NULL, /* HW */
+ os_info_str->str, /* OS */
+ appname,
+ -1, /* section_length */
+ &(global_ld.bytes_written),
+ &global_ld.err);
+
for (i = 0; successful && (i < capture_opts->ifaces->len); i++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
pcap_opts = g_array_index(global_ld.pcaps, pcap_options *, i);
successful = libpcap_write_interface_description_block(global_ld.pdh,
- interface_opts.name,
- interface_opts.cfilter?interface_opts.cfilter:"",
+ NULL, /* OPT_COMMENT 1 */
+ interface_opts.name, /* IDB_NAME 2 */
+ NULL, /* IDB_DESCRIPTION 3 */
+ interface_opts.cfilter?interface_opts.cfilter:"", /* IDB_FILTER 11 */
+ os_info_str->str, /* IDB_OS 12 */
pcap_opts->linktype,
pcap_opts->snaplen,
&(global_ld.bytes_written),
+ 0, /* IDB_IF_SPEED 8 */
+ 0, /* IDB_TSRESOL 9 */
&global_ld.err);
}
+
+ g_string_free(os_info_str, TRUE);
+
} else {
pcap_opts = g_array_index(global_ld.pcaps, pcap_options *, 0);
successful = libpcap_write_file_header(global_ld.pdh, pcap_opts->linktype, pcap_opts->snaplen,
#else
gettimeofday(&upd_time, NULL);
#endif
-
+ start_time = create_timestamp();
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_INFO, "Capture loop running!");
/* WOW, everything is prepared! */