/* util.c
* Utility routines
*
- * $Id: util.c,v 1.47 2000/10/11 07:35:00 guy Exp $
+ * $Id$
*
- * Ethereal - Network traffic analyzer
- * By Gerald Combs <gerald@zing.org>
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
* Copyright 1998 Gerald Combs
*
- *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#include <unistd.h>
#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef NEED_SNPRINTF_H
-# include "snprintf.h"
-#endif
-
-#ifndef WIN32
-#include <pwd.h>
-#endif
-
-#ifdef NEED_MKSTEMP
-#include "mkstemp.h"
-#endif
+#include <epan/address.h>
+#include <epan/addr_resolv.h>
+#include <epan/strutil.h>
#include "util.h"
-#ifdef HAVE_IO_H
-#include <io.h>
-typedef int mode_t; /* for win32 */
-#endif
-
-#ifdef HAVE_LIBPCAP
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_SYS_IOCTL_H
-#include <sys/ioctl.h>
-#endif
-
-#ifndef WIN32
-#include <net/if.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKIO_H
-# include <sys/sockio.h>
-#endif
-
-#include "globals.h"
-
-#endif
-
-/*
- * Given a pathname, return:
- *
- * the errno, if an attempt to "stat()" the file fails;
- *
- * EISDIR, if the attempt succeeded and the file turned out
- * to be a directory;
- *
- * 0, if the attempt succeeded and the file turned out not
- * to be a directory.
- */
-
-/*
- * Visual C++ on Win32 systems doesn't define these. (Old UNIX systems don't
- * define them either.)
- *
- * Visual C++ on Win32 systems doesn't define S_IFIFO, it defines _S_IFIFO.
- */
-#ifndef S_ISREG
-#define S_ISREG(mode) (((mode) & S_IFMT) == S_IFREG)
-#endif
-#ifndef S_IFIFO
-#define S_IFIFO _S_IFIFO
-#endif
-#ifndef S_ISFIFO
-#define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
-#endif
-#ifndef S_ISDIR
-#define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR)
-#endif
-
-int
-test_for_directory(const char *path)
-{
- struct stat statb;
-
- if (stat(path, &statb) < 0)
- return errno;
-
- if (S_ISDIR(statb.st_mode))
- return EISDIR;
- else
- return 0;
-}
-
-/*
- * Given a pathname, return a pointer to the last pathname separator
- * character in the pathname, or NULL if the pathname contains no
- * separators.
- */
-char *
-find_last_pathname_separator(char *path)
-{
- char *separator;
-
-#ifdef WIN32
- char c;
-
- /*
- * We have to scan for '\' or '/'.
- * Get to the end of the string.
- */
- separator = path + strlen(path); /* points to ending '\0' */
- while (separator > path) {
- c = *--separator;
- if (c == '\\' || c == '/')
- return separator; /* found it */
- }
-
- /*
- * OK, we didn't find any, so no directories - but there might
- * be a drive letter....
- */
- return strchr(path, ':');
-#else
- separator = strrchr(path, '/');
-#endif
- return separator;
-}
-
-/*
- * Given a pathname, return the last component.
- */
-char *
-get_basename(char *path)
-{
- char *filename;
-
- filename = find_last_pathname_separator(path);
- if (filename == NULL) {
- /*
- * There're no directories, drive letters, etc. in the
- * name; the pathname *is* the file name.
- */
- filename = path;
- } else {
- /*
- * Skip past the pathname or drive letter separator.
- */
- filename++;
- }
- return filename;
-}
-
-/*
- * Given a pathname, return a string containing everything but the
- * last component. NOTE: this overwrites the pathname handed into
- * it....
- */
-char *
-get_dirname(char *path)
-{
- char *separator;
-
- separator = find_last_pathname_separator(path);
- if (separator == NULL) {
- /*
- * There're no directories, drive letters, etc. in the
- * name; there is no directory path to return.
- */
- return NULL;
- }
-
- /*
- * Get rid of the last pathname separator and the final file
- * name following it.
- */
- *separator = '\0';
-
- /*
- * "path" now contains the pathname of the directory containing
- * the file/directory to which it referred.
- */
- return path;
-}
-
/*
* Collect command-line arguments as a string consisting of the arguments,
* separated by spaces.
*/
char *
-get_args_as_string(int argc, char **argv, int optind)
+get_args_as_string(int argc, char **argv, int optindex)
{
int len;
int i;
* Find out how long the string will be.
*/
len = 0;
- for (i = optind; i < argc; i++) {
- len += strlen(argv[i]);
+ for (i = optindex; i < argc; i++) {
+ len += (int) strlen(argv[i]);
len++; /* space, or '\0' if this is the last argument */
}
/*
* Allocate the buffer for the string.
*/
- argstring = g_malloc(len);
+ argstring = (char *)g_malloc(len);
/*
* Now construct the string.
*/
- strcpy(argstring, "");
- i = optind;
+ argstring[0] = '\0';
+ i = optindex;
for (;;) {
- strcat(argstring, argv[i]);
+ g_strlcat(argstring, argv[i], len);
i++;
if (i == argc)
break;
- strcat(argstring, " ");
+ g_strlcat(argstring, " ", len);
}
return argstring;
}
-static char *
-setup_tmpdir(char *dir)
-{
- int len = strlen(dir);
- char *newdir;
-
- /* Append slash if necessary */
- if (dir[len - 1] == '/') {
- newdir = dir;
- }
- else {
- newdir = g_malloc(len + 2);
- strcpy(newdir, dir);
- strcat(newdir, "/");
- }
- return newdir;
-}
-
-static int
-try_tempfile(char *namebuf, int namebuflen, const char *dir, const char *pfx)
-{
- static const char suffix[] = "XXXXXXXXXX";
- int namelen = strlen(dir) + strlen(pfx) + sizeof suffix;
- mode_t old_umask;
- int tmp_fd;
-
- if (namebuflen < namelen) {
- /* Stick in a truncated name, so that if this error is
- reported with the file name, you at least get
- something. */
- snprintf(namebuf, namebuflen, "%s%s%s", dir, pfx, suffix);
- errno = ENAMETOOLONG;
- return -1;
- }
- strcpy(namebuf, dir);
- strcat(namebuf, pfx);
- strcat(namebuf, suffix);
-
- /* The Single UNIX Specification doesn't say that "mkstemp()"
- creates the temporary file with mode rw-------, so we
- won't assume that all UNIXes will do so; instead, we set
- the umask to 0077 to take away all group and other
- permissions, attempt to create the file, and then put
- the umask back. */
- old_umask = umask(0077);
- tmp_fd = mkstemp(namebuf);
- umask(old_umask);
- return tmp_fd;
-}
-
-static char *tmpdir = NULL;
-#ifdef WIN32
-static char *temp = NULL;
-#endif
-static char *E_tmpdir;
-
-#ifndef P_tmpdir
-#define P_tmpdir "/var/tmp"
-#endif
-
-int
-create_tempfile(char *namebuf, int namebuflen, const char *pfx)
-{
- char *dir;
- int fd;
- static gboolean initialized;
-
- if (!initialized) {
- if ((dir = getenv("TMPDIR")) != NULL)
- tmpdir = setup_tmpdir(dir);
-#ifdef WIN32
- if ((dir = getenv("TEMP")) != NULL)
- temp = setup_tmpdir(dir);
-#endif
-
- E_tmpdir = setup_tmpdir(P_tmpdir);
- initialized = TRUE;
- }
-
- if (tmpdir != NULL) {
- fd = try_tempfile(namebuf, namebuflen, tmpdir, pfx);
- if (fd != -1)
- return fd;
- }
-
-#ifdef WIN32
- if (temp != NULL) {
- fd = try_tempfile(namebuf, namebuflen, temp, pfx);
- if (fd != -1)
- return fd;
- }
-#endif
-
- fd = try_tempfile(namebuf, namebuflen, E_tmpdir, pfx);
- if (fd != -1)
- return fd;
-
- return try_tempfile(namebuf, namebuflen, "/tmp", pfx);
-}
-
-/* ASCII/EBCDIC conversion tables from
- * http://www.room42.com/store/computer_center/code_tables.shtml
- */
-static guint8 ASCII_translate_EBCDIC [ 256 ] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
- 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
- 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
- 0x40, 0x5A, 0x7F, 0x7B, 0x5B, 0x6C, 0x50, 0x7D, 0x4D,
- 0x5D, 0x5C, 0x4E, 0x6B, 0x60, 0x4B, 0x61,
- 0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8,
- 0xF9, 0x7A, 0x5E, 0x4C, 0x7E, 0x6E, 0x6F,
- 0x7C, 0xC1, 0xC2, 0xC3, 0xC4, 0xC5, 0xC6, 0xC7, 0xC8,
- 0xC9, 0xD1, 0xD2, 0xD3, 0xD4, 0xD5, 0xD6,
- 0xD7, 0xD8, 0xD9, 0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7,
- 0xE8, 0xE9, 0xAD, 0xE0, 0xBD, 0x5F, 0x6D,
- 0x7D, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88,
- 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96,
- 0x97, 0x98, 0x99, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6, 0xA7,
- 0xA8, 0xA9, 0xC0, 0x6A, 0xD0, 0xA1, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B,
- 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B, 0x4B
-};
-
-void
-ASCII_to_EBCDIC(guint8 *buf, guint bytes)
-{
- guint i;
- guint8 *bufptr;
-
- bufptr = buf;
-
- for (i = 0; i < bytes; i++, bufptr++) {
- *bufptr = ASCII_translate_EBCDIC[*bufptr];
- }
-}
-
-guint8
-ASCII_to_EBCDIC1(guint8 c)
-{
- return ASCII_translate_EBCDIC[c];
-}
-
-static guint8 EBCDIC_translate_ASCII [ 256 ] = {
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
- 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
- 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
- 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F,
- 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
- 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F,
- 0x2E, 0x2E, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
- 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x2E, 0x3F,
- 0x20, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x2E, 0x2E, 0x2E, 0x3C, 0x28, 0x2B, 0x7C,
- 0x26, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x2E, 0x21, 0x24, 0x2A, 0x29, 0x3B, 0x5E,
- 0x2D, 0x2F, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x2E, 0x7C, 0x2C, 0x25, 0x5F, 0x3E, 0x3F,
- 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x2E, 0x3A, 0x23, 0x40, 0x27, 0x3D, 0x22,
- 0x2E, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68,
- 0x69, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x2E, 0x6A, 0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71,
- 0x72, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x2E, 0x7E, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79,
- 0x7A, 0x2E, 0x2E, 0x2E, 0x5B, 0x2E, 0x2E,
- 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x2E, 0x2E, 0x2E, 0x2E, 0x5D, 0x2E, 0x2E,
- 0x7B, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48,
- 0x49, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x7D, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F, 0x50, 0x51,
- 0x52, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x5C, 0x2E, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59,
- 0x5A, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E,
- 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
- 0x39, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E, 0x2E
-};
-
-void
-EBCDIC_to_ASCII(guint8 *buf, guint bytes)
-{
- guint i;
- guint8 *bufptr;
-
- bufptr = buf;
-
- for (i = 0; i < bytes; i++, bufptr++) {
- *bufptr = EBCDIC_translate_ASCII[*bufptr];
- }
-}
-
-guint8
-EBCDIC_to_ASCII1(guint8 c)
-{
- return EBCDIC_translate_ASCII[c];
-}
-
-#ifdef HAVE_LIBPCAP
-
-/*
- * If the ability to capture packets is added to Wiretap, these
- * routines should be moved to the Wiretap source (with
- * "get_interface_list()" and "free_interface_list()" renamed to
- * "wtap_get_interface_list()" and "wtap_free_interface_list()",
- * and modified to use Wiretap routines to attempt to open the
- * interface.
- */
-
-struct search_user_data {
- char *name;
- int found;
-};
-
-static void
-search_for_if_cb(gpointer data, gpointer user_data);
-
-static void
-free_if_cb(gpointer data, gpointer user_data);
-
-#ifndef WIN32
-GList *
-get_interface_list(int *err, char *err_str)
-{
- GList *il = NULL;
- gint nonloopback_pos = 0;
- struct ifreq *ifr, *last;
- struct ifconf ifc;
- struct ifreq ifrflags;
- int sock = socket(AF_INET, SOCK_DGRAM, 0);
- struct search_user_data user_data;
- pcap_t *pch;
- int len, lastlen;
- char *buf;
-
- if (sock < 0) {
- sprintf(err_str, "Error opening socket: %s",
- strerror(errno));
- return NULL;
- }
-
- /*
- * This code came from: W. Richard Stevens: "UNIX Network Programming",
- * Networking APIs: Sockets and XTI, Vol 1, page 434.
- */
- lastlen = 0;
- len = 100 * sizeof(struct ifreq);
- for ( ; ; ) {
- buf = g_malloc(len);
- ifc.ifc_len = len;
- ifc.ifc_buf = buf;
- memset (buf, 0, len);
- if (ioctl(sock, SIOCGIFCONF, &ifc) < 0) {
- if (errno != EINVAL || lastlen != 0) {
- sprintf(err_str,
- "SIOCGIFCONF ioctl error getting list of interfaces: %s",
- strerror(errno));
- goto fail;
- }
- } else {
- if (ifc.ifc_len < sizeof(struct ifreq)) {
- sprintf(err_str,
- "SIOCGIFCONF ioctl gave too small return buffer");
- goto fail;
- }
- if (ifc.ifc_len == lastlen)
- break; /* success, len has not changed */
- lastlen = ifc.ifc_len;
- }
- len += 10 * sizeof(struct ifreq); /* increment */
- g_free(buf);
- }
- ifr = (struct ifreq *) ifc.ifc_req;
- last = (struct ifreq *) ((char *) ifr + ifc.ifc_len);
- while (ifr < last) {
- /*
- * Skip addresses that begin with "dummy", or that include
- * a ":" (the latter are Solaris virtuals).
- */
- if (strncmp(ifr->ifr_name, "dummy", 5) == 0 ||
- strchr(ifr->ifr_name, ':') != NULL)
- goto next;
-
- /*
- * If we already have this interface name on the list,
- * don't add it (SIOCGIFCONF returns, at least on
- * BSD-flavored systems, one entry per interface *address*;
- * if an interface has multiple addresses, we get multiple
- * entries for it).
- */
- user_data.name = ifr->ifr_name;
- user_data.found = FALSE;
- g_list_foreach(il, search_for_if_cb, &user_data);
- if (user_data.found)
- goto next;
-
- /*
- * Get the interface flags.
- */
- memset(&ifrflags, 0, sizeof ifrflags);
- strncpy(ifrflags.ifr_name, ifr->ifr_name,
- sizeof ifrflags.ifr_name);
- if (ioctl(sock, SIOCGIFFLAGS, (char *)&ifrflags) < 0) {
- if (errno == ENXIO)
- goto next;
- sprintf(err_str, "SIOCGIFFLAGS error getting flags for interface %s: %s",
- ifr->ifr_name, strerror(errno));
- goto fail;
- }
-
- /*
- * Skip interfaces that aren't up.
- */
- if (!(ifrflags.ifr_flags & IFF_UP))
- goto next;
-
- /*
- * Skip interfaces that we can't open with "libpcap".
- * Open with the minimum packet size - it appears that the
- * IRIX SIOCSNOOPLEN "ioctl" may fail if the capture length
- * supplied is too large, rather than just truncating it.
- */
- pch = pcap_open_live(ifr->ifr_name, MIN_PACKET_SIZE, 0, 0,
- err_str);
- if (pch == NULL)
- goto next;
- pcap_close(pch);
-
- /*
- * If it's a loopback interface, add it at the end of the
- * list, otherwise add it after the last non-loopback
- * interface, so all loopback interfaces go at the end - we
- * don't want a loopback interface to be the default capture
- * device unless there are no non-loopback devices.
- */
- if ((ifrflags.ifr_flags & IFF_LOOPBACK) ||
- strncmp(ifr->ifr_name, "lo", 2) == 0)
- il = g_list_insert(il, g_strdup(ifr->ifr_name), -1);
- else {
- il = g_list_insert(il, g_strdup(ifr->ifr_name),
- nonloopback_pos);
- /*
- * Insert the next non-loopback interface after this
- * one.
- */
- nonloopback_pos++;
- }
-
- next:
-#ifdef HAVE_SA_LEN
- ifr = (struct ifreq *) ((char *) ifr + ifr->ifr_addr.sa_len + IFNAMSIZ);
-#else
- ifr = (struct ifreq *) ((char *) ifr + sizeof(struct ifreq));
-#endif
- }
-
- g_free(ifc.ifc_buf);
- close(sock);
-
- if (il == NULL) {
- /*
- * No interfaces found.
- */
- *err = NO_INTERFACES_FOUND;
- }
- return il;
-
-fail:
- if (il != NULL) {
- g_list_foreach(il, free_if_cb, NULL);
- g_list_free(il);
- }
- g_free(ifc.ifc_buf);
- close(sock);
- *err = CANT_GET_INTERFACE_LIST;
- return NULL;
-}
-
-static void
-search_for_if_cb(gpointer data, gpointer user_data)
-{
- struct search_user_data *search_user_data = user_data;
-
- if (strcmp((char *)data, search_user_data->name) == 0)
- search_user_data->found = TRUE;
-}
-#else
-GList *
-get_interface_list(int *err, char *err_str) {
- GList *il = NULL;
- wchar_t *names;
- char *win95names;
- char newname[255];
- int i, j, done;
-
- names = (wchar_t *)pcap_lookupdev(err_str);
- i = done = 0;
-
- if (names) {
- if (names[0]<256) {
- /* If names[0] is less than 256 it means the first byte is 0
- This implies that we are using unicode characters */
- do
- {
- j = 0;
- while (names[i] != 0)
- newname[j++] = names[i++];
- i++;
- if (names[i] == 0)
- done = 1;
- newname[j++] = 0;
- il = g_list_append(il, g_strdup(newname));
- } while (!done);
- }
- else {
- /* Otherwise we are in Windows 95/98 and using ascii(8 bit)
- characters */
- do
- {
- win95names=names;
- j = 0;
- while (win95names[i] != 0)
- newname[j++] = win95names[i++];
- i++;
- if (win95names[i] == 0)
- done = 1;
- newname[j++] = 0;
- il = g_list_append(il, g_strdup(newname));
- } while (!done);
- }
- }
- return(il);
-}
-#endif
-
-static void
-free_if_cb(gpointer data, gpointer user_data)
-{
- g_free(data);
-}
-
-void
-free_interface_list(GList *if_list)
-{
- while (if_list != NULL) {
- g_free(if_list->data);
- if_list = g_list_remove_link(if_list, if_list);
- }
-}
-
-#endif /* HAVE_LIBPCAP */
-
-
/* Compute the difference between two seconds/microseconds time stamps. */
void
compute_timestamp_diff(gint *diffsec, gint *diffusec,
}
}
}
+
+/* Remove any %<interface_name> from an IP address. */
+char *sanitize_filter_ip(char *hostname) {
+ gchar *end;
+ gchar *ret;
+
+ ret = g_strdup(hostname);
+ if (!ret)
+ return NULL;
+
+ end = strchr(ret, '%');
+ if (end)
+ *end = '\0';
+ return ret;
+}
+
+/* Try to figure out if we're remotely connected, e.g. via ssh or
+ Terminal Server, and create a capture filter that matches aspects of the
+ connection. We match the following environment variables:
+
+ SSH_CONNECTION (ssh): <remote IP> <remote port> <local IP> <local port>
+ SSH_CLIENT (ssh): <remote IP> <remote port> <local port>
+ REMOTEHOST (tcsh, others?): <remote name>
+ DISPLAY (x11): [remote name]:<display num>
+ SESSIONNAME (terminal server): <remote name>
+ */
+
+const gchar *get_conn_cfilter(void) {
+ static GString *filter_str = NULL;
+ gchar *env, **tokens;
+ char *lastp, *lastc, *p;
+ char *pprotocol = NULL;
+ char *phostname = NULL;
+ size_t hostlen;
+ char *remip, *locip;
+
+ if (filter_str == NULL) {
+ filter_str = g_string_new("");
+ }
+ if ((env = getenv("SSH_CONNECTION")) != NULL) {
+ tokens = g_strsplit(env, " ", 4);
+ if (tokens[3]) {
+ remip = sanitize_filter_ip(tokens[0]);
+ locip = sanitize_filter_ip(tokens[2]);
+ g_string_printf(filter_str, "not (tcp port %s and %s host %s "
+ "and tcp port %s and %s host %s)", tokens[1], host_ip_af(remip), remip,
+ tokens[3], host_ip_af(locip), locip);
+ g_free(remip);
+ g_free(locip);
+ return filter_str->str;
+ }
+ } else if ((env = getenv("SSH_CLIENT")) != NULL) {
+ tokens = g_strsplit(env, " ", 3);
+ remip = sanitize_filter_ip(tokens[2]);
+ g_string_printf(filter_str, "not (tcp port %s and %s host %s "
+ "and tcp port %s)", tokens[1], host_ip_af(remip), tokens[0], remip);
+ g_free(remip);
+ return filter_str->str;
+ } else if ((env = getenv("REMOTEHOST")) != NULL) {
+ /* FreeBSD 7.0 sets REMOTEHOST to an empty string */
+ if (g_ascii_strcasecmp(env, "localhost") == 0 ||
+ strcmp(env, "127.0.0.1") == 0 ||
+ strcmp(env, "") == 0) {
+ return "";
+ }
+ remip = sanitize_filter_ip(env);
+ g_string_printf(filter_str, "not %s host %s", host_ip_af(remip), remip);
+ g_free(remip);
+ return filter_str->str;
+ } else if ((env = getenv("DISPLAY")) != NULL) {
+ /*
+ * This mirrors what _X11TransConnectDisplay() does.
+ * Note that, on some systems, the hostname can
+ * begin with "/", which means that it's a pathname
+ * of a UNIX domain socket to connect to.
+ *
+ * The comments mirror those in _X11TransConnectDisplay(),
+ * too. :-)
+ *
+ * Display names may be of the following format:
+ *
+ * [protoco./] [hostname] : [:] displaynumber [.screennumber]
+ *
+ * A string with exactly two colons separating hostname
+ * from the display indicates a DECnet style name. Colons
+ * in the hostname may occur if an IPv6 numeric address
+ * is used as the hostname. An IPv6 numeric address may
+ * also end in a double colon, so three colons in a row
+ * indicates an IPv6 address ending in :: followed by
+ * :display. To make it easier for people to read, an
+ * IPv6 numeric address hostname may be surrounded by []
+ * in a similar fashion to the IPv6 numeric address URL
+ * syntax defined by IETF RFC 2732.
+ *
+ * If no hostname and no protocol is specified, the string
+ * is interpreted as the most efficient local connection
+ * to a server on the same machine. This is usually:
+ *
+ * o shared memory
+ * o local stream
+ * o UNIX domain socket
+ * o TCP to local host.
+ */
+
+ p = env;
+
+ /*
+ * Step 0, find the protocol. This is delimited by
+ * the optional slash ('/').
+ */
+ for (lastp = p; *p != '\0' && *p != ':' && *p != '/'; p++)
+ ;
+ if (*p == '\0')
+ return ""; /* must have a colon */
+
+ if (p != lastp && *p != ':') { /* protocol given? */
+ /* Yes */
+ pprotocol = p;
+
+ /* Is it TCP? */
+ if (p - lastp != 3 || g_ascii_strncasecmp(lastp, "tcp", 3) != 0)
+ return ""; /* not TCP */
+ p++; /* skip the '/' */
+ } else
+ p = env; /* reset the pointer in
+ case no protocol was given */
+
+ /*
+ * Step 1, find the hostname. This is delimited either by
+ * one colon, or two colons in the case of DECnet (DECnet
+ * Phase V allows a single colon in the hostname). (See
+ * note above regarding IPv6 numeric addresses with
+ * triple colons or [] brackets.)
+ */
+ lastp = p;
+ lastc = NULL;
+ for (; *p != '\0'; p++)
+ if (*p == ':')
+ lastc = p;
+
+ if (lastc == NULL)
+ return ""; /* must have a colon */
+
+ if ((lastp != lastc) && (*(lastc - 1) == ':')
+ && (((lastc - 1) == lastp) || (*(lastc - 2) != ':'))) {
+ /* DECnet display specified */
+ return "";
+ } else
+ hostlen = lastc - lastp;
+
+ if (hostlen == 0)
+ return ""; /* no hostname supplied */
+
+ phostname = (char *)g_malloc(hostlen + 1);
+ memcpy(phostname, lastp, hostlen);
+ phostname[hostlen] = '\0';
+
+ if (pprotocol == NULL) {
+ /*
+ * No protocol was explicitly specified, so it
+ * could be a local connection over a transport
+ * that we won't see.
+ *
+ * Does the host name refer to the local host?
+ * If so, the connection would probably be a
+ * local connection.
+ *
+ * XXX - compare against our host name?
+ * _X11TransConnectDisplay() does.
+ */
+ if (g_ascii_strcasecmp(phostname, "localhost") == 0 ||
+ strcmp(phostname, "127.0.0.1") == 0) {
+ g_free(phostname);
+ return "";
+ }
+
+ /*
+ * A host name of "unix" (case-sensitive) also
+ * causes a local connection.
+ */
+ if (strcmp(phostname, "unix") == 0) {
+ g_free(phostname);
+ return "";
+ }
+
+ /*
+ * Does the host name begin with "/"? If so,
+ * it's presumed to be the pathname of a
+ * UNIX domain socket.
+ */
+ if (phostname[0] == '/') {
+ g_free(phostname);
+ return "";
+ }
+ }
+
+ g_string_printf(filter_str, "not %s host %s",
+ host_ip_af(phostname), phostname);
+ g_free(phostname);
+ return filter_str->str;
+ } else if ((env = getenv("SESSIONNAME")) != NULL) {
+ /* Apparently the KB article at
+ * http://technet2.microsoft.com/WindowsServer/en/library/6caf87bf-3d70-4801-9485-87e9ec3df0171033.mspx?mfr=true
+ * is incorrect. There are _plenty_ of cases where CLIENTNAME
+ * and SESSIONNAME are set outside of a Terminal Terver session.
+ * It looks like Terminal Server sets SESSIONNAME to RDP-TCP#<number>
+ * for "real" sessions.
+ *
+ * XXX - There's a better way to do this described at
+ * http://www.microsoft.com/technet/archive/termsrv/maintain/featusability/tsrvapi.mspx?mfr=true
+ */
+ if (g_ascii_strncasecmp(env, "rdp", 3) == 0) {
+ g_string_printf(filter_str, "not tcp port 3389");
+ return filter_str->str;
+ }
+ }
+ return "";
+}