Compare commits
730 Commits
libpcap_0_
...
master
Author | SHA1 | Date |
---|---|---|
Patrick McHardy | 481ab2d4a6 | |
Guy Harris | 028204e0f9 | |
Guy Harris | d58b82da9f | |
Luis MartinGarcia | 6feaf847e5 | |
Mike Frysinger | 16f6b49c87 | |
Guy Harris | a092bafeee | |
Guy Harris | b019cc06cb | |
Guy Harris | 0920898be2 | |
Guy Harris | cbf0ba1e34 | |
Guy Harris | 77ed5cdd1f | |
Guy Harris | ade794238b | |
Gianluca Varenni | 38ef87dd39 | |
Gianluca Varenni | cc1a80e41e | |
Patrick McHardy | f6e28f8d19 | |
Guy Harris | 4d7214cbc5 | |
Guy Harris | 74b7b4259f | |
Guy Harris | b26d8d2aa8 | |
Guy Harris | 7f1c9ba7ad | |
Guy Harris | 00f5d74bb9 | |
Guy Harris | e84ae717b4 | |
Guy Harris | ce38b0cd9b | |
Guy Harris | fa4435e65c | |
Guy Harris | 749726f92c | |
Guy Harris | 951f99bbbd | |
Guy Harris | 0ba94d1cfa | |
Guy Harris | b9546dd6de | |
Guy Harris | 57935bef89 | |
Guy Harris | bc8209b71e | |
Guy Harris | 3c13ac2cc3 | |
Guy Harris | f41d444406 | |
Jon Smirl | 41bfc71e21 | |
Guy Harris | 6cb3ad9219 | |
Guy Harris | e04170f756 | |
Guy Harris | 9e7bc0881a | |
Guy Harris | cc7b2f2e42 | |
Guy Harris | aeda5c1d65 | |
Guy Harris | ccbfd9200e | |
Guy Harris | 85089fea57 | |
Guy Harris | f0a4bdf8e0 | |
Guy Harris | 9980b3601f | |
Guy Harris | 65f960da71 | |
Guy Harris | 8666f21afc | |
Guy Harris | 06a81b2e72 | |
Guy Harris | 0a77b1b15f | |
Guy Harris | 59b866591a | |
Guy Harris | c65292b04b | |
andy-1 | 073a8b37f9 | |
Guy Harris | ace1a2c86f | |
Alon Bar-Lev | e25ea10a13 | |
nvercamm | b372da4b07 | |
Alon Bar-Lev | 3a089e628c | |
Guy Harris | e45fc489f0 | |
Guy Harris | a1a7640419 | |
Guy Harris | d7cf4017fb | |
Guy Harris | 6776069ed8 | |
Guy Harris | 19cc8a5941 | |
Guy Harris | 8416cc897b | |
Guy Harris | 814e55d448 | |
Guy Harris | f379150d84 | |
Guy Harris | 9596eba4ba | |
Guy Harris | 9d6dc34d55 | |
Chris Maynard | 3ac3601bc7 | |
Guy Harris | dbf3bd4597 | |
Alon Bar-Lev | d270319b2c | |
Guy Harris | 8f6096fd01 | |
Guy Harris | 6e5e19e7f8 | |
Guy Harris | 02ef27750d | |
Xin Li | f6cbf3b4de | |
Guy Harris | c3184553df | |
test2 | b3eca60b5c | |
Michael Richardson | 5377f7340b | |
Michael Richardson | 8499864cf2 | |
Guy Harris | 8ed6cc789e | |
Guy Harris | 2d3279a02f | |
Guy Harris | 84a1f947ba | |
Guy Harris | b231bfe26c | |
Guy Harris | ab2f33c0e7 | |
Guy Harris | 6d2fcdfaa1 | |
Guy Harris | a6942e7596 | |
Guy Harris | 916b450e31 | |
Guy Harris | 3da6116350 | |
Guy Harris | 1f436f90eb | |
Guy Harris | c69ec3857b | |
Guy Harris | 88285f982b | |
Guy Harris | a52a49b582 | |
Guy Harris | c9d9609809 | |
Guy Harris | d1c86de80c | |
Guy Harris | 9934984be5 | |
Guy Harris | 06446f52c4 | |
Christian Bell | 271747b20b | |
Christian Bell | e1539bdbcb | |
Guy Harris | ecd955e0df | |
Guy Harris | f9c2f9a852 | |
Guy Harris | 1715346ad0 | |
Guy Harris | a9a939af2a | |
Guy Harris | 1eb25ea82a | |
Guy Harris | 81a96c3226 | |
Guy Harris | 2fd233b16d | |
Guy Harris | 27636b9a98 | |
Guy Harris | 6831a81489 | |
Guy Harris | fc03e2cbb6 | |
Guy Harris | ed73055294 | |
Guy Harris | b4b664817b | |
Guy Harris | 753c9432ab | |
Guy Harris | ffd6b10d87 | |
Christian Bell | df6ab8d1a6 | |
Guy Harris | 25b78e4fe3 | |
Guy Harris | 2d78729d0f | |
Guy Harris | add31c2e28 | |
Guy Harris | ded813e278 | |
Guy Harris | 9662c40522 | |
Guy Harris | cef4d17b1d | |
Guy Harris | d1a3a92fab | |
Guy Harris | 1daef06321 | |
Felix Obenhuber | 03238ec05d | |
Guy Harris | 72f5572c50 | |
Guy Harris | b0c5f4c658 | |
Felix Obenhuber | 1c1816f670 | |
Guy Harris | d32a10c10d | |
Ken Bantoft | 8b907b6cd1 | |
Guy Harris | b02e7c185e | |
Guy Harris | 117cb5eb2e | |
Guy Harris | 74b2de364f | |
Guy Harris | 8b52a90cd9 | |
Guy Harris | b8c57c9529 | |
Guy Harris | 272bbe3dfe | |
Guy Harris | 05b4572af9 | |
Darren Reed | bdc25fca79 | |
Guy Harris | 5aa0044891 | |
Guy Harris | 62b9af0706 | |
Guy Harris | 6b414c082f | |
Guy Harris | 339d28cefc | |
Guy Harris | 26384d5fc7 | |
Guy Harris | bf7491046a | |
Guy Harris | 9dd13b012f | |
Guy Harris | 0c8f81c821 | |
Guy Harris | e6b89d9420 | |
Guy Harris | 86ecdb83e0 | |
Guy Harris | e9de4b862e | |
Guy Harris | 43acbb77a8 | |
Guy Harris | 86ed15cc8b | |
Guy Harris | 8c4dcba6d2 | |
Guy Harris | e154e275c2 | |
Guy Harris | 71dac45765 | |
Guy Harris | 2fbb5a5e31 | |
Darren Lim | 420e592e02 | |
Guy Harris | bb8cce5968 | |
Guy Harris | 2212a58381 | |
Guy Harris | d2ec25429b | |
Guy Harris | ef9aa50d23 | |
Guy Harris | 806f42441a | |
Guy Harris | 4b9a27475e | |
Guy Harris | 1d47ee92c3 | |
Guy Harris | 2032d35228 | |
Guy Harris | 8b04d928b6 | |
Guy Harris | ddea9de623 | |
Guy Harris | b93bc35e51 | |
Guy Harris | 4e4c320e9f | |
Guy Harris | d316f7ebb2 | |
Guy Harris | 96fece483a | |
Guy Harris | 1628ad56b0 | |
Guy Harris | efeaba4650 | |
Guy Harris | 0101db9e7c | |
Guy Harris | e29e700736 | |
Guy Harris | a685965f2f | |
Guy Harris | edf4e2c451 | |
Guy Harris | c3c51e58e5 | |
Guy Harris | 559ebc322f | |
Guy Harris | 03bee67123 | |
Guy Harris | 2f9c8dd44a | |
Guy Harris | 6e614204bb | |
test | 04740b6647 | |
test | 7adb5eda4b | |
Guy Harris | 11934bbcf0 | |
Guy Harris | a5b84cdc4f | |
Guy Harris | 6de2dedb10 | |
Guy Harris | 34e950492a | |
Guy Harris | 7b6487a8a5 | |
test | 9c54f8726d | |
Guy Harris | f27e3da547 | |
test | 32c168dad4 | |
Guy Harris | 0e9481a12a | |
Guy Harris | 14cfcac8fa | |
Guy Harris | 6796b164fd | |
Guy Harris | 719f5a457b | |
Guy Harris | 3efa666174 | |
Guy Harris | 6f7074d4b0 | |
Guy Harris | 2723ec4198 | |
Guy Harris | 968888b3e0 | |
Guy Harris | c435bd7e92 | |
Guy Harris | 1f14841bc0 | |
Guy Harris | ffe20c46cb | |
Guy Harris | bbd8be8360 | |
Guy Harris | 8844f5bad8 | |
Guy Harris | 32e1c4bab0 | |
Guy Harris | 703acf10e7 | |
Guy Harris | b43a22e65e | |
Guy Harris | e627fb2f1a | |
Guy Harris | fda67c0c17 | |
Guy Harris | 16d78cf97c | |
Guy Harris | 345497507a | |
Guy Harris | 8bdcbaeabe | |
Guy Harris | c7eb141fff | |
Guy Harris | 50894808ec | |
Guy Harris | dcf1642930 | |
Guy Harris | fb62fdb902 | |
Guy Harris | 607b688667 | |
Guy Harris | 252c7497e5 | |
Guy Harris | 6b89856c15 | |
Guy Harris | 8356bb5310 | |
Guy Harris | 6a39db3ab2 | |
Guy Harris | 744a2b557b | |
Guy Harris | efc78d105e | |
Guy (Core OS) Harris | edfd2fdc7f | |
Guy (Core OS) Harris | 21cadd6af6 | |
Guy Harris | a3ca7e3bde | |
Guy Harris | afd21fc9e8 | |
Guy Harris | c9ef229fef | |
Guy Harris | 2ba97bd5f8 | |
Guy Harris | 6c23620756 | |
Guy Harris | 6236d9e061 | |
Guy Harris | 135792cec1 | |
Guy Harris | 4bdfcd89b8 | |
Guy Harris | c1fd939e9d | |
Guy Harris | 7cd4949d49 | |
Guy Harris | db68de2198 | |
Guy Harris | fcc6ea3b28 | |
Guy Harris | 8fb603979c | |
Guy Harris | af3676461d | |
Guy Harris | 7d878f834b | |
Guy Harris | 5f760eadd5 | |
Guy Harris | 4c8ab2f107 | |
Guy Harris | e0b238b794 | |
Guy Harris | 46e12d5db2 | |
Guy Harris | 5d86a7c3b2 | |
Guy Harris | 9a4ef64d76 | |
Guy Harris | 102c1ff460 | |
Guy Harris | 33aa345694 | |
Guy Harris | 34d7963f7e | |
Guy Harris | 95c97b9b6f | |
Guy Harris | 4da1fd6159 | |
Guy Harris | 9f59acab41 | |
Guy Harris | 6cbbcee6b6 | |
Guy Harris | 8cbe17bec2 | |
Michael Richardson | 7f3508098b | |
Michael Richardson | f4e7415118 | |
Stephen Donnelly | 0ca4ea9a38 | |
Guy Harris | 45d78ae906 | |
Guy Harris | 62d8aa2b45 | |
Guy Harris | f51454f7fc | |
Guy Harris | 2b2d78a031 | |
Guy Harris | 664e4a16bb | |
Guy Harris | d643b6a0fa | |
Guy Harris | 75734791c5 | |
Guy Harris | dc0da695d7 | |
Guy Harris | 91584dc5c5 | |
Guy Harris | a8284458d5 | |
Guy Harris | 18d5f5efc1 | |
Guy Harris | 7326e1ad48 | |
Guy Harris | 64b88abf98 | |
Guy Harris | 54ef309e92 | |
Guy Harris | f5af8a7ce4 | |
Guy Harris | 3866e83123 | |
Guy Harris | 05326b0246 | |
Guy Harris | 35a12bf7e4 | |
Guy Harris | 8cd961c944 | |
Guy Harris | 936df0fbc1 | |
Guy Harris | 5fb89099c6 | |
Guy Harris | 4380c64a7d | |
Guy Harris | 0359240b1c | |
Guy Harris | 55685bd38c | |
guy | 6e26f4a0fd | |
guy | aa03b98b38 | |
guy | adcaff491d | |
guy | a669335415 | |
guy | 5e3edce42f | |
guy | b908482137 | |
guy | 687233847f | |
guy | fb218e8ff5 | |
guy | 87d0db882e | |
guy | 8a49a4d47b | |
gianluca | c93e0966e1 | |
guy | 2377722dc6 | |
guy | 5ef924505c | |
guy | ba23aa7b42 | |
guy | 26c8745ecf | |
guy | 080c13423a | |
guy | ad46bc2135 | |
guy | 4486bda92d | |
guy | a9006f2462 | |
guy | fe8a58a56d | |
guy | 4a0b8011fa | |
guy | d6a6846b04 | |
guy | a906d222c2 | |
guy | c87d4474e2 | |
guy | 415170069a | |
guy | 7d17ac06c0 | |
guy | c89dab565e | |
guy | dfc31b2781 | |
guy | 47dad25d57 | |
guy | dc52400769 | |
guy | b33b2ef32a | |
guy | 3e0ba22954 | |
guy | d3724b0ffc | |
guy | c47a9b2c86 | |
guy | 1187832296 | |
guy | cad7b9cec9 | |
guy | 5cf5f7c1c8 | |
guy | 8fa17a5a55 | |
guy | edbdc85842 | |
guy | c2df6d77ef | |
guy | 679a612eb3 | |
guy | 89e2d4518e | |
guy | 4e7a6968b8 | |
guy | b77695d2ec | |
guy | e8fbb040ce | |
guy | a2611cdc3a | |
guy | c4286ad82b | |
guy | 08cc2c0c57 | |
guy | 3b0ceef967 | |
guy | c15ece2f8c | |
guy | 230cdec755 | |
guy | e8cb2f6a99 | |
guy | e58ca4c1ad | |
guy | 174d9b71ca | |
guy | e16bb01d4c | |
guy | 54649cfbc4 | |
guy | e08d2bcce8 | |
guy | 34fa6a98c5 | |
guy | 763adefead | |
guy | fd0e3d055e | |
guy | 36f9c50975 | |
guy | f0ff7be7fa | |
guy | d6e96dd744 | |
guy | 1b0ba00c4c | |
guy | 285c3a9fb0 | |
gianluca | 854adf5232 | |
guy | d47aed311c | |
guy | 90d8b7797c | |
guy | 144209521c | |
guy | 89ec9bf0fe | |
guy | ad68762c8e | |
guy | f4af9ed692 | |
guy | ff2ebcf09a | |
guy | 9d151025a4 | |
guy | 46a126edaf | |
guy | 9512b57a22 | |
guy | 87aace3722 | |
guy | 2b61a87b6d | |
guy | 73e8fef161 | |
guy | 0a9a829a65 | |
guy | f254ca4520 | |
guy | b1a458c84e | |
guy | 8c970e4d60 | |
guy | 7eb4516342 | |
guy | c6eedee1a5 | |
guy | e59abf81d3 | |
guy | 59b463d614 | |
guy | f34a88b3c4 | |
guy | 34624f128f | |
guy | a8e63c60ed | |
guy | ae8f708268 | |
guy | ff0b6ac4a0 | |
guy | 16b2f49992 | |
guy | dc637abc26 | |
guy | bc54719c2f | |
guy | c76180e1ae | |
guy | 6057eda6f0 | |
guy | 83206d9b13 | |
guy | 757827db5f | |
guy | d9e031714d | |
guy | f8c1a3770e | |
guy | 720a1e8328 | |
guy | e2da3dba8c | |
guy | f2054ca165 | |
guy | d592f692d0 | |
gianluca | c975220bd1 | |
guy | 1f93b0fda9 | |
gianluca | cab77babbb | |
guy | 59e8b67528 | |
guy | 86b399c3ca | |
guy | 9545f44f88 | |
guy | ddfa7ac185 | |
guy | 3fdd4aeaf4 | |
guy | 2198f5dc5b | |
guy | a4aaa6f939 | |
guy | 30b39d84b7 | |
guy | f35ab115a6 | |
guy | 2527d1ac88 | |
guy | 0fdc174e4c | |
guy | 4506350ab5 | |
guy | f873417558 | |
guy | 1fd4389877 | |
guy | 65f9878991 | |
guy | 8dc3233229 | |
guy | c6aa29a8dc | |
guy | a590c21380 | |
gianluca | 0bee352573 | |
guy | 1b7a8f1c6e | |
guy | 216c64a7ce | |
guy | 745e497e4c | |
guy | a45116b80c | |
guy | b95b96d6da | |
guy | 3df4925c28 | |
guy | 1b2dabbe8d | |
guy | 0572bae07d | |
guy | dcc19a4c63 | |
guy | a161340b6e | |
guy | 9e496cdc75 | |
guy | d857c72c2f | |
guy | f84d077e07 | |
guy | 3734017134 | |
guy | baadfaab07 | |
guy | b043aa85c0 | |
guy | 8fc17acf3c | |
guy | e3f0aadca9 | |
guy | 90ae077df5 | |
guy | 653586c5f7 | |
guy | a9b5ae35f2 | |
guy | d9b420231a | |
guy | 19d1a629c7 | |
guy | dbdc1e6c7e | |
guy | 5148b1804b | |
guy | 9e26c39a2e | |
guy | 45191202aa | |
guy | cb44cb0520 | |
guy | b322103696 | |
guy | b9ec4e5223 | |
guy | b3366dd5b4 | |
guy | 6579f06bf1 | |
guy | f8f7ec5ace | |
guy | 26504998e7 | |
guy | 171e80b8ff | |
guy | cbd65556a7 | |
guy | 0a62e79b82 | |
guy | a27e58b244 | |
guy | beba34d0f9 | |
guy | 92e587e157 | |
guy | a375e0656a | |
guy | ee4fa22844 | |
guy | 2acadd544c | |
guy | 988bc0da21 | |
guy | 43b6c2d818 | |
guy | d46f258195 | |
guy | 04b952b6d5 | |
guy | 56741e253c | |
guy | 198bb69e6d | |
guy | c0b1d4703d | |
guy | 9f8edc61fa | |
guy | b7f2a2ee77 | |
guy | c558b285f5 | |
guy | f57d847d09 | |
guy | 92c5d33d7a | |
guy | 0446821e49 | |
guy | 716cd1f4dd | |
guy | a9b98caa0d | |
guy | b2e8e34e97 | |
guy | 9070702bd0 | |
guy | bef9d3afe0 | |
guy | c370aa3788 | |
guy | a4e747119e | |
guy | e854a5360f | |
guy | cfada28fd7 | |
guy | 25ab78f4f7 | |
guy | 85f4786ac2 | |
guy | 41995a4191 | |
guy | 2fcbb1f5a2 | |
guy | 1952d35b37 | |
guy | 25ccbe6e86 | |
guy | 82fa7a2f43 | |
guy | 91326ea08c | |
guy | baa8f1a126 | |
guy | 8f6e068349 | |
gianluca | 8ab2187e50 | |
guy | 5bf51391d4 | |
guy | 740fb4355d | |
guy | 70727eb8d2 | |
gianluca | 18f99473ee | |
guy | 4148e8dfdc | |
guy | da54d62ffd | |
guy | efde9ae2b8 | |
guy | 7f5c751098 | |
guy | a0f3381871 | |
gianluca | c9c0634709 | |
guy | 309c0ad349 | |
guy | 489f459bb8 | |
guy | 24bc44b0f2 | |
guy | f93ade7fde | |
guy | 0276d343cb | |
guy | 762a5cc8a6 | |
guy | 877d5fc4eb | |
guy | 149057f024 | |
guy | 69fd6e08ab | |
guy | fc6fdb7bee | |
guy | bb9a52d915 | |
guy | 3a0937cfba | |
guy | 40377847a5 | |
guy | 9dc28aea3e | |
guy | 7c16b1e9f1 | |
guy | bdf36c1e7e | |
guy | 05e4b27b14 | |
guy | 4877082ac7 | |
guy | afbb1ce722 | |
guy | 29dc375264 | |
guy | def1775664 | |
gianluca | 0cd5315734 | |
gianluca | 132dd9a83b | |
gianluca | cb7780ffe0 | |
gianluca | 03c3f2e979 | |
gianluca | 7cbdf2a3a2 | |
gianluca | 9ba070ab93 | |
gianluca | f999210021 | |
guy | 231404ec64 | |
guy | 92aa745a42 | |
guy | 6b492f4765 | |
guy | e4238ca93c | |
guy | 59a4fbc8f7 | |
gianluca | 1cd243c972 | |
guy | fe7433245e | |
guy | 7b5c683168 | |
guy | bc365a5db9 | |
guy | 6adab105af | |
guy | b52473e046 | |
hannes | 18341fc1b5 | |
guy | 266b20f3d4 | |
guy | 4427ebae83 | |
guy | 564ec53397 | |
guy | c3ced24e7e | |
mcr | c3323f3bc5 | |
mcr | a516b44e4f | |
guy | 16a4196dcf | |
guy | 1e678955ad | |
guy | 56634b504f | |
guy | 0fd3a1a661 | |
guy | 4f278d5429 | |
gianluca | cf5ea4eeec | |
gianluca | 92e7060fb8 | |
gianluca | ec63ab312c | |
gianluca | 9c308a3a48 | |
guy | a6186fa56d | |
guy | 8b2ec43589 | |
guy | a8f23f719a | |
hannes | 666dd96733 | |
guy | b9641d7aed | |
guy | d88c8e4d8e | |
guy | 71ebfa7d04 | |
guy | 08a7beca55 | |
gianluca | 355a195db7 | |
guy | 472810539c | |
guy | 6080a4b2bf | |
guy | 42fe978417 | |
guy | 266d42352f | |
guy | 83a6a8ab27 | |
guy | deed686cc8 | |
guy | 885670183d | |
gianluca | 04203b96b6 | |
guy | d02424cd4c | |
guy | a247db420a | |
guy | 62bf880d23 | |
guy | d5e7848c1e | |
guy | b4c382fd7e | |
guy | 6db2ddb56a | |
guy | 22f1fd3407 | |
guy | 349ffb7d20 | |
guy | 660cb8b1ce | |
guy | 7589e0abc3 | |
guy | 7bf28e7fd2 | |
guy | 31d7c82a44 | |
guy | eda5020549 | |
guy | 1a2be25931 | |
guy | d959f6403d | |
guy | 8a391f392c | |
guy | 6915e7e906 | |
guy | ed2b2e24ef | |
guy | 78ca8b4d49 | |
guy | fb91ad681f | |
guy | 24f60579bc | |
guy | 455aff8ba9 | |
guy | 50ce2663e8 | |
guy | 6fa38c09d7 | |
guy | 8c2a49b75c | |
guy | 5ec4105685 | |
guy | 08f2f1703b | |
guy | 33c151f1e9 | |
guy | efab3781c8 | |
guy | de2b502289 | |
guy | a631fe8a83 | |
guy | 748adf9a88 | |
guy | ef32ac1186 | |
guy | 6cd3f4102b | |
guy | c6424266c2 | |
guy | 6cbfdcc80d | |
guy | 084bcf12ea | |
guy | 74e5b539b9 | |
guy | e364899527 | |
guy | b0b2b0de78 | |
guy | ec67f552e1 | |
hannes | dc03d28d88 | |
guy | 788c73d4bd | |
guy | f65831091d | |
guy | 53bccbd2d7 | |
guy | 09b4db222c | |
guy | c903ddd8f5 | |
guy | 753370a49f | |
guy | 750519deb0 | |
guy | c547cb1649 | |
loris | cbfba20e99 | |
gianluca | 3f0f487a1e | |
gianluca | 73aaf3785b | |
gianluca | 303bc7bd43 | |
guy | d91be5b8af | |
gianluca | 520a3ea559 | |
hannes | b7d2f597d1 | |
guy | 13a838cb48 | |
guy | 6f754c86b2 | |
guy | b64aff479f | |
guy | cbcd540a75 | |
hannes | 8815467ef5 | |
hannes | d52ccdfa66 | |
guy | 1dcd9beef5 | |
gianluca | 65518d8b3f | |
gianluca | ea6367e572 | |
hannes | b1a31d31cc | |
hannes | 525e3cbe8f | |
guy | 3adb2d4f0d | |
guy | c1fca92559 | |
gianluca | 4526fd6dee | |
gianluca | 54693a0c07 | |
gianluca | 64e1e8e43b | |
guy | 859204c1e8 | |
guy | cb71eef7ae | |
guy | 0c77a6d811 | |
hannes | 98a1d8cfbd | |
guy | 8fe5fce9e4 | |
guy | 8e06df3e4c | |
guy | 907283b793 | |
guy | f33fbd4b19 | |
guy | cee0360845 | |
guy | a1e758a03d | |
guy | 5fe3c66fc0 | |
guy | 7fb15ab846 | |
risso | a8302b7a2b | |
guy | 3410839c5d | |
guy | 0e2413c634 | |
guy | 1e5fb25e2c | |
guy | e7639013b4 | |
guy | 4b8835513e | |
guy | c166082296 | |
guy | de054a43c1 | |
hannes | 9ab067e012 | |
guy | 88389e4834 | |
guy | 8da5ed28e5 | |
guy | 9415d150b0 | |
guy | b2b10cab4e | |
guy | c6b5551a8b | |
guy | 638626c0d8 | |
guy | 4cfab3417f | |
guy | 0eadd018f7 | |
guy | c8714e05b0 | |
risso | a0f5f72985 | |
hannes | f0ca0272f5 | |
hannes | be02452be7 | |
hannes | d0bf1c55eb | |
hannes | bb20233f41 | |
guy | d8d2d19c98 | |
risso | 34023facce | |
guy | d9d1f9154e | |
hannes | e821a5221b | |
guy | 7f34968ee3 | |
guy | 75b14d240d | |
guy | 5e92dec088 | |
guy | 727beef298 | |
mcr | 746c2edea7 | |
guy | 409a1a06be | |
guy | 819e96c769 | |
guy | 959719860d | |
guy | 32234cde86 | |
guy | 45767ee2d4 | |
guy | a0a4852137 | |
risso | b1a06c1017 | |
risso | 5636631e58 | |
hannes | c8df74b581 | |
guy | da6c782f50 | |
guy | 98bddc1384 | |
guy | 3a1174ec74 | |
guy | 4d9af0710d | |
guy | e503864143 | |
guy | 9c2ab752b2 | |
hannes | 18bb7676da | |
hannes | ddf0f5f8d9 | |
risso | 520160b903 | |
risso | 3acfaf7f23 | |
hannes | 94b22ceceb | |
guy | e987a615e2 | |
guy | a27ec87482 | |
guy | 875df1a937 | |
guy | 37bd0411b4 | |
guy | 9942a5dd4a | |
guy | 8561645aa2 | |
guy | 574c8c863c | |
guy | bd90260840 | |
guy | 94f7e7a5ed | |
guy | 6804103187 | |
guy | eeadab8760 | |
guy | 4a81b9fad7 | |
guy | 9b461d662c | |
risso | 8c2c2e8bdb | |
guy | 9f021f0abe | |
guy | feedc6fe89 | |
guy | 022b629ab1 | |
guy | 4eb7b3915e | |
guy | b51227ccf4 | |
guy | 50ba231733 | |
guy | eeaf96fb94 | |
guy | 24c3633894 | |
guy | 97a8e5112d | |
guy | b423e17024 | |
guy | b791874357 | |
guy | 0002aa6d52 | |
guy | 83f2e11be6 | |
guy | 14f186752d | |
guy | ad93efab7c | |
guy | 75e966b257 | |
guy | 88917fcb87 | |
mcr | 38a0d60bcb | |
hannes | c71f20189b | |
hannes | b464d55402 | |
guy | 1ed95a858a | |
guy | 8dd4d1132c | |
guy | 9d7ed6809f |
15
.cvsignore
15
.cvsignore
|
@ -1,11 +1,26 @@
|
|||
*.so
|
||||
*.sl
|
||||
*.dylib
|
||||
config.log
|
||||
config.cache
|
||||
config.status
|
||||
config.h
|
||||
.devel
|
||||
pcap-config
|
||||
pcap-filter.manmisc
|
||||
pcap-linktype.manmisc
|
||||
pcap-savefile.manfile
|
||||
pcap.3pcap
|
||||
pcap_compile.3pcap
|
||||
pcap_datalink.3pcap
|
||||
pcap_dump_open.3pcap
|
||||
pcap_list_datalinks.3pcap
|
||||
pcap_open_dead.3pcap
|
||||
pcap_open_offline.3pcap
|
||||
stamp-h
|
||||
stamp-h.in
|
||||
Makefile
|
||||
scanner.h
|
||||
scanner.c
|
||||
grammar.c
|
||||
tokdefs.h
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
Makefile
|
||||
*~
|
||||
*.o
|
||||
bpf_filter.c
|
||||
config.h
|
||||
config.log
|
||||
config.cache
|
||||
config.status
|
||||
.devel
|
||||
filtertest
|
||||
findalldevstest
|
||||
grammar.c
|
||||
libpcap.a
|
||||
libpcap.*.dylib
|
||||
libpcap.sl
|
||||
libpcap.so.*
|
||||
libpcap-*.tar.gz
|
||||
net
|
||||
pcap-config
|
||||
pcap-filter.manmisc
|
||||
pcap-linktype.manmisc
|
||||
pcap-savefile.manfile
|
||||
pcap-tstamp.manmisc
|
||||
pcap.3pcap
|
||||
pcap_compile.3pcap
|
||||
pcap_datalink.3pcap
|
||||
pcap_dump_open.3pcap
|
||||
pcap_list_datalinks.3pcap
|
||||
pcap_list_tstamp_types.3pcap
|
||||
pcap_open_dead.3pcap
|
||||
pcap_open_offline.3pcap
|
||||
pcap_set_tstamp_type.3pcap
|
||||
scanner.c
|
||||
scanner.h
|
||||
selpolltest
|
||||
tokdefs.h
|
||||
version.c
|
||||
version.h
|
237
CHANGES
237
CHANGES
|
@ -1,11 +1,234 @@
|
|||
@(#) $Header: /tcpdump/master/libpcap/CHANGES,v 1.59 2004-03-30 14:42:50 mcr Exp $ (LBL)
|
||||
Fri. August 6, 2010. guy@alum.mit.edu.
|
||||
Summary for 1.1.2 libpcap release
|
||||
Return DLT_ values, not raw LINKTYPE_ values from
|
||||
pcap_datalink() when reading pcap-ng files
|
||||
Add support for "wlan ra" and "wlan ta", to check the RA and TA
|
||||
of WLAN frames that have them
|
||||
Don't crash if "wlan addr{1,2,3,4}" are used without 802.11
|
||||
headers
|
||||
Do filtering on USB and Bluetooth capturing
|
||||
On FreeBSD/SPARC64, use -fPIC - it's apparently necessary
|
||||
Check for valid port numbers (fit in a 16-bit unsigned field) in
|
||||
"port" filters
|
||||
Reject attempts to put savefiles into non-blocking mode
|
||||
Check for "no such device" for the "get the media types" ioctl
|
||||
in *BSD
|
||||
Improve error messages from bpf_open(), and let it do the error
|
||||
handling
|
||||
Return more specific errors from pcap_can_set_rfmon(); fix
|
||||
documentation
|
||||
Update description fetching code for FreeBSD, fix code for
|
||||
OpenBSD
|
||||
Ignore /sys/net/dev files if we get ENODEV for them, not just
|
||||
ENXIO; fixes handling of bonding devices on Linux
|
||||
Fix check for a constant 0 argument to BPF_DIV
|
||||
Use the right version of ar when cross-building
|
||||
Free any filter set on a savefile when the savefile is closed
|
||||
Include the CFLAGS setting when configure was run in the
|
||||
compiler flags
|
||||
Add support for 802.15.4 interfaces on Linux
|
||||
|
||||
Thu. April 1, 2010. guy@alum.mit.edu.
|
||||
Summary for 1.1.1 libpcap release
|
||||
Update CHANGES to reflect more of the changes in 1.1.0.
|
||||
Fix build on RHEL5.
|
||||
Fix shared library build on AIX.
|
||||
|
||||
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
|
||||
Summary for 1.1.0 libpcap release
|
||||
Add SocketCAN capture support
|
||||
Add Myricom SNF API support
|
||||
Update Endace DAG and ERF support
|
||||
Add support for shared libraries on Solaris, HP-UX, and AIX
|
||||
Build, install, and un-install shared libraries by default;
|
||||
don't build/install shared libraries on platforms we don't support
|
||||
Fix building from a directory other than the source directory
|
||||
Fix compiler warnings and builds on some platforms
|
||||
Update config.guess and config.sub
|
||||
Support monitor mode on mac80211 devices on Linux
|
||||
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
|
||||
value
|
||||
On Linux, scan /sys/class/net for devices if we have it; scan
|
||||
it, or /proc/net/dev if we don't have /sys/class/net, even if
|
||||
we have getifaddrs(), as it'll find interfaces with no
|
||||
addresses
|
||||
Add limited support for reading pcap-ng files
|
||||
Fix BPF driver-loading error handling on AIX
|
||||
Support getting the full-length interface description on FreeBSD
|
||||
In the lexical analyzer, free up any addrinfo structure we got back
|
||||
from getaddrinfo().
|
||||
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
|
||||
Hyphenate "link-layer" everywhere
|
||||
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
|
||||
In pcap_read_linux_mmap(), if there are no frames available, call
|
||||
poll() even if we're in non-blocking mode, so we pick up
|
||||
errors, and check for the errors in question.
|
||||
Note that poll() works on BPF devices is Snow Leopard
|
||||
If an ENXIO or ENETDOWN is received, it may mean the device has
|
||||
gone away. Deal with it.
|
||||
For BPF, raise the default capture buffer size to from 32k to 512k
|
||||
Support ps_ifdrop on Linux
|
||||
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
|
||||
under cygwin.
|
||||
Changes to Linux mmapped captures.
|
||||
Fix bug where create_ring would fail for particular snaplen and
|
||||
buffer size combinations
|
||||
Update pcap-config so that it handles libpcap requiring
|
||||
additional libraries
|
||||
Add workaround for threadsafeness on Windows
|
||||
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
|
||||
DLT: Add DLT_CAN_SOCKETCAN
|
||||
DLT: Add Solaris ipnet
|
||||
Don't check for DLT_IPNET if it's not defined
|
||||
Add link-layer types for Fibre Channel FC-2
|
||||
Add link-layer types for Wireless HART
|
||||
Add link-layer types for AOS
|
||||
Add link-layer types for DECT
|
||||
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
|
||||
Install headers unconditionally, and include vlan.h/bluetooth.h if
|
||||
enabled
|
||||
Autoconf fixes+cleanup
|
||||
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
|
||||
Support disabling SITA support (--without-sita)
|
||||
Return -1 on failure to create packet ring (if supported but
|
||||
creation failed)
|
||||
Fix handling of 'any' device, so that it can be opened, and no longer
|
||||
attempt to open it in Monitor mode
|
||||
Add support for snapshot length for USB Memory-Mapped Interface
|
||||
Fix configure and build on recent Linux kernels
|
||||
Fix memory-mapped Linux capture to support pcap_next() and
|
||||
pcap_next_ex()
|
||||
Fixes for Linux USB capture
|
||||
DLT: Add DLT_LINUX_EVDEV
|
||||
DLT: Add DLT_GSMTAP_UM
|
||||
DLT: Add DLT_GSMTAP_ABIS
|
||||
|
||||
Mon. October 27, 2008. ken@netfunctional.ca. Summary for 1.0.0 libpcap release
|
||||
Compile with IPv6 support by default
|
||||
Compile with large file support on by default
|
||||
Add pcap-config script, which deals with -I/-L flags for compiling
|
||||
DLT: Add IPMB
|
||||
DLT: Add LAPD
|
||||
DLT: Add AX25 (AX.25 w/KISS header)
|
||||
DLT: Add JUNIPER_ST
|
||||
802.15.4 support
|
||||
Variable length 802.11 header support
|
||||
X2E data type support
|
||||
SITA ACN Interface support - see README.sita
|
||||
Support for memory-mapped capture on Linux
|
||||
Support for zerocopy BPF on platforms that support it
|
||||
Support for setting buffer size when opening devices
|
||||
Support for setting monitor mode when opening 802.11 devices
|
||||
Better support for dealing with VLAN tagging/stripping on Linux
|
||||
Fix dynamic library support on OSX
|
||||
Return PCAP_ERROR_IFACE_NOT_UP if the interface isn't 'UP', so applications
|
||||
can print better diagnostic information
|
||||
Return PCAP_ERROR_PERM_DENIED if we don't have permission to open a device, so
|
||||
applications can tell the user they need to go play with permissions
|
||||
On Linux, ignore ENETDOWN so we can continue to capture packets if the
|
||||
interface goes down and comes back up again.
|
||||
On Linux, support new tpacket frame headers (2.6.27+)
|
||||
On Mac OS X, add scripts for changing permissions on /dev/bpf* and launchd plist
|
||||
On Solaris, support 'passive mode' on systems that support it
|
||||
Fixes to autoconf and general build environment
|
||||
Man page reorganization + cleanup
|
||||
Autogenerate VERSION numbers better
|
||||
|
||||
Mon. September 10, 2007. ken@xelerance.com. Summary for 0.9.8 libpcap release
|
||||
Change build process to put public libpcap headers into pcap subir
|
||||
DLT: Add value for IPMI IPMB packets
|
||||
DLT: Add value for u10 Networks boards
|
||||
Require <net/pfvar.h> for pf definitions - allows reading of pflog formatted
|
||||
libpcap files on an OS other than where the file was generated
|
||||
|
||||
Wed. April 25, 2007. ken@xelerance.com. Summary for 0.9.6 libpcap release
|
||||
|
||||
Put the public libpcap headers into a pcap subdirectory in both the
|
||||
source directory and the target include directory, and have include
|
||||
files at the top-level directory to include those headers, for
|
||||
backwards compatibility.
|
||||
Add Bluetooth support
|
||||
Add USB capturing support on Linux
|
||||
Add support for the binary USB sniffing interface in Linux
|
||||
Add support for new FreeBSD BIOCSDIRECTION ioctl
|
||||
Add additional filter operations for 802.11 frame types
|
||||
Add support for filtering on MTP2 frame types
|
||||
Propagate some changes from the main branch, so the x.9 branch has
|
||||
all the DLT_ and LINKTYPE_ values that the main branch does
|
||||
Reserved a DLT_ and SAVEFILE_ value for PPI (Per Packet Info)
|
||||
encapsulated packets
|
||||
Add LINKTYPE_ for IEEE 802.15.4, with address fields padded as done
|
||||
by Linux drivers
|
||||
Add LINKTYPE_ value corresponding to DLT_IEEE802_16_MAC_CPS.
|
||||
Add DLT for IEEE 802.16 (WiMAX) MAC Common Part Sublayer
|
||||
Add DLT for Bluetooth HCI UART transport layer
|
||||
When building a shared library, build with "-fPIC" on Linux to support x86_64
|
||||
Link with "$(CC) -shared" rather than "ld -shared" when building a
|
||||
".so" shared library
|
||||
Add support for autoconf 2.60
|
||||
Fixes to discard unread packets when changing filters
|
||||
Changes to handle name changes in the DAG library resulting from
|
||||
switching to libtool.
|
||||
Add support for new DAG ERF types.
|
||||
Add an explicit "-ldag" when building the shared library, so the DAG
|
||||
library dependency is explicit.
|
||||
Mac OSX fixes for dealing with "wlt" devices
|
||||
Fixes in add_or_find_if() & pcap_findalldevs() to optimize generating
|
||||
device lists
|
||||
Fixed a bug in pcap_open_live(). The return value of PacketSetHwFilter
|
||||
was not checked.
|
||||
|
||||
Tue. September 19, 2006. ken@xelerance.com. Summary for 0.9.5 libpcap release
|
||||
|
||||
Support for LAPD frames with vISDN
|
||||
Support for ERF on channelized T1/E1 cards via DAG API
|
||||
Fix capitalization that caused issues crossc compiling on Linux
|
||||
Better failure detection on PacketGetAdapterNames()
|
||||
Fixes for MPLS packet generation (link layer)
|
||||
OP_PACKET now matches the beginning of the packet, instead of
|
||||
beginning+link-layer
|
||||
Add DLT/LINKTYPE for carrying FRF.16 Multi-link Frame Relay
|
||||
Fix allocation of buffer for list of link-layer types
|
||||
Added a new DLT and LINKTYPE value for ARINC 653 Interpartition Communcation Messages
|
||||
Fixed a typo in a DLT value: it should start with DLT_ and not LINKTYPE_
|
||||
Redefined DLT_CAN20B and LINKTYPE_CAN20B as #190 (as this is the right value for CAN).
|
||||
Added definition for DLT_A429 and LINKTYPE_A429 as #184.
|
||||
Added a new DLT and LINKTYPE value for CAN v2.0B frames.
|
||||
Add support for DLT_JUNIPER_VP.
|
||||
Don't double-count received packets on Linux systems that
|
||||
support the PACKET_STATISTICS getsockopt() argument on
|
||||
PF_PACKET sockets.
|
||||
Add support for DLT_IEEE802_11 and DLT_IEEE802_11_RADIO link
|
||||
layers in Windows
|
||||
Add support to build libpcap.lib and wpcap.dll under Cygnus and
|
||||
MingW32.
|
||||
|
||||
Mon. September 5, 2005. ken@xelerance.com. Summary for 0.9.4 libpcap release
|
||||
|
||||
Support for radiotap on Linux (Mike Kershaw)
|
||||
Fixes for HP-UX
|
||||
Support for additional Juniper link-layer types
|
||||
Fixes for filters on MPLS-encapsulated packets
|
||||
"vlan" filter fixed
|
||||
"pppoed" and "pppoes" filters added; the latter modifies later
|
||||
parts of the filter expression to look at the PPP headers and
|
||||
headers in the PPP payload
|
||||
|
||||
Tue. July 5, 2005. ken@xelerance.com. Summary for 0.9.3 libpcap release
|
||||
|
||||
Fixes for compiling on nearly every platform,
|
||||
including improved 64bit support
|
||||
MSDOS Support
|
||||
Add support for sending packets
|
||||
OpenBSD pf format support
|
||||
IrDA capture (Linux only)
|
||||
|
||||
Tue. March 30, 2004. mcr@sandelman.ottawa.on.ca. Summary for 3.8.3 release
|
||||
|
||||
Fixed minor problem in gencode.c that would appear on 64-bit
|
||||
platforms.
|
||||
Version number is now sane.
|
||||
|
||||
|
||||
Mon. March 29, 2004. mcr@sandelman.ottawa.on.ca. Summary for 3.8.2 release
|
||||
|
||||
updates for autoconf 2.5
|
||||
|
@ -18,13 +241,13 @@ Wed. November 12, 2003. mcr@sandelman.ottawa.on.ca. Summary for 0.8 release
|
|||
Win32 patches from NetGroup, Politecnico di Torino (Italy)
|
||||
OpenBSD pf, DLT_PFLOG added
|
||||
Many changes to ATM support.
|
||||
lookup pcap_lookupnet()
|
||||
lookup pcap_lookupnet()
|
||||
Added DLT_ARCNET_LINUX, DLT_ENC, DLT_IEEE802_11_RADIO, DLT_SUNATM,
|
||||
DLT_IP_OVER_FC, DLT_FRELAY, others.
|
||||
Sigh. More AIX wonderfulness.
|
||||
Document updates.
|
||||
Document updates.
|
||||
Changes to API: pcap_next_ex(), pcap_breakloop(), pcap_dump_flush(),
|
||||
pcap_list_datalinks(), pcap_set_datalink(),
|
||||
pcap_list_datalinks(), pcap_set_datalink(),
|
||||
pcap_lib_version(), pcap_datalink_val_to_name(),
|
||||
pcap_datalink_name_to_val(), new error returns.
|
||||
|
||||
|
@ -45,7 +268,7 @@ Monday October 23, 2001. mcr@sandelman.ottawa.on.ca. Summary for 0.7 release
|
|||
|
||||
Added pcap_findalldevs() call to get list of interfaces in a MI way.
|
||||
|
||||
pcap_stats() has been documented as to what its counters mean on
|
||||
pcap_stats() has been documented as to what its counters mean on
|
||||
each platform.
|
||||
|
||||
Tuesday January 9, 2001. guy@alum.mit.edu. Summary for 0.6 release
|
||||
|
@ -118,7 +341,7 @@ Greg Troxel <gdt@ir.bbn.com>
|
|||
- Added a new "pcap_compile_nopcap()", which lets you compile a filter
|
||||
expression into a BPF program without having an open live capture or
|
||||
capture file.
|
||||
|
||||
|
||||
v0.4 Sat Jul 25 12:40:09 PDT 1998
|
||||
|
||||
- Fix endian problem with DLT_NULL devices. From FreeBSD via Bill
|
||||
|
|
227
CREDITS
227
CREDITS
|
@ -1,95 +1,148 @@
|
|||
This file lists people who have contributed to libpcap:
|
||||
|
||||
The current maintainers:
|
||||
Bill Fenner <fenner@research.att.com>
|
||||
Fulvio Risso <risso@polito.it>
|
||||
Guy Harris <guy@alum.mit.edu>
|
||||
Hannes Gredler <hannes@juniper.net>
|
||||
Jun-ichiro itojun Hagino <itojun@iijlab.net>
|
||||
Michael Richardson <mcr@sandelman.ottawa.on.ca>
|
||||
Bill Fenner <fenner at research dot att dot com>
|
||||
Fulvio Risso <risso at polito dot it>
|
||||
Guy Harris <guy at alum dot mit dot edu>
|
||||
Hannes Gredler <hannes at juniper dot net>
|
||||
Michael Richardson <mcr at sandelman dot ottawa dot on dot ca>
|
||||
|
||||
Additional people who have contributed patches:
|
||||
|
||||
Alan Bawden <Alan@LCS.MIT.EDU>
|
||||
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
|
||||
Albert Chin <china@thewrittenword.com>
|
||||
Andrew Brown <atatat@atatdot.net>
|
||||
Antti Kantee <pooka@netbsd.org>
|
||||
Arkadiusz Miskiewicz <misiek@pld.org.pl>
|
||||
Armando L. Caro Jr. <acaro@mail.eecis.udel.edu>
|
||||
Assar Westerlund <assar@sics.se>
|
||||
Brian Ginsbach <ginsbach@cray.com>
|
||||
Charles M. Hannum <mycroft@netbsd.org>
|
||||
Chris G. Demetriou <cgd@netbsd.org>
|
||||
Chris Lightfoot <cwrl@users.sourceforge.net>
|
||||
Chris Pepper <pepper@mail.reppep.com>
|
||||
Darren Reed <darrenr@reed.wattle.id.au>
|
||||
David Kaelbling <drk@sgi.com>
|
||||
David Young <dyoung@ojctech.com>
|
||||
Dean Gaudet <dean@arctic.org>
|
||||
Don Ebright <Don.Ebright@compuware.com>
|
||||
Dug Song <dugsong@monkey.org>
|
||||
Eric Anderson <anderse@hpl.hp.com>
|
||||
Erik de Castro Lopo <erik.de.castro.lopo@sensorynetworks.com>
|
||||
Franz Schaefer <schaefer@mond.at>
|
||||
Gianluca Varenni <varenni@netgroup-serv.polito.it>
|
||||
Gisle Vanem <giva@bgnett.no>
|
||||
Graeme Hewson <ghewson@cix.compulink.co.uk>
|
||||
Greg Stark <gsstark@mit.edu>
|
||||
Greg Troxel <gdt@ir.bbn.com>
|
||||
Guillaume Pelat <endymion_@users.sourceforge.net>
|
||||
Hyung Sik Yoon <hsyn@kr.ibm.com>
|
||||
Igor Khristophorov <igor@atdot.org>
|
||||
Jan-Philip Velders <jpv@veldersjes.net>
|
||||
Jason R. Thorpe <thorpej@netbsd.org>
|
||||
Javier Achirica <achirica@ttd.net>
|
||||
Jean Tourrilhes <jt@hpl.hp.com>
|
||||
Jefferson Ogata <jogata@nodc.noaa.gov>
|
||||
Jesper Peterson <jesper@endace.com>
|
||||
John Bankier <jbankier@rainfinity.com>
|
||||
Jon Lindgren <jonl@yubyub.net>
|
||||
Juergen Schoenwaelder <schoenw@ibr.cs.tu-bs.de>
|
||||
Kazushi Sugyo <sugyo@pb.jp.nec.com>
|
||||
Klaus Klein <kleink@netbsd.org>
|
||||
Koryn Grant <koryn@endace.com>
|
||||
Krzysztof Halasa <khc@pm.waw.pl>
|
||||
Lorenzo Cavallaro <sullivan@sikurezza.org>
|
||||
Loris Degioanni <loris@netgroup-serv.polito.it>
|
||||
Love Hörnquist-Åstrand <lha@stacken.kth.se>
|
||||
Maciej W. Rozycki <macro@ds2.pg.gda.pl>
|
||||
Marcus Felipe Pereira <marcus@task.com.br>
|
||||
Mark Pizzolato <List-tcpdump-workers@subscriptions.pizzolato.net>
|
||||
Martin Husemann <martin@netbsd.org>
|
||||
Matthew Luckie <mjl@luckie.org.nz>
|
||||
Mike Wiacek <mike@iroot.net>
|
||||
Monroe Williams <monroe@pobox.com>
|
||||
Nicolas Dade <ndade@nsd.dyndns.org>
|
||||
Octavian Cerna <tavy@ylabs.com>
|
||||
Olaf Kirch <okir@caldera.de>
|
||||
Onno van der Linden <onno@simplex.nl>
|
||||
Paul Mundt <lethal@linux-sh.org>
|
||||
Pavel Kankovsky <kan@dcit.cz>
|
||||
Peter Fales <peter@fales-lorenz.net>
|
||||
Peter Jeremy <peter.jeremy@alcatel.com.au>
|
||||
Phil Wood <cpw@lanl.gov>
|
||||
Rafal Maszkowski <rzm@icm.edu.pl>
|
||||
Rick Jones <raj@cup.hp.com>
|
||||
Scott Barron <sb125499@ohiou.edu>
|
||||
Scott Gifford <sgifford@tir.com>
|
||||
Sebastian Krahmer <krahmer@cs.uni-potsdam.de>
|
||||
Shaun Clowes <delius@progsoc.uts.edu.au>
|
||||
Solomon Peachy <pizza@shaftnet.org>
|
||||
Stefan Hudson <hudson@mbay.net>
|
||||
Takashi Yamamoto <yamt@mwd.biglobe.ne.jp>
|
||||
Tony Li <tli@procket.com>
|
||||
Torsten Landschoff <torsten@debian.org>
|
||||
Uns Lider <unslider@miranda.org>
|
||||
Uwe Girlich <Uwe.Girlich@philosys.de>
|
||||
Xianjie Zhang <xzhang@cup.hp.com>
|
||||
Yen Yen Lim
|
||||
Yoann Vandoorselaere <yoann@prelude-ids.org>
|
||||
Alan Bawden <Alan at LCS dot MIT dot EDU>
|
||||
Albert Chin <china at thewrittenword dot com>
|
||||
Alexander 'Leo' Bergolth <Leo dot Bergolth at wu-wien dot ac dot at>
|
||||
Alexey Kuznetsov <kuznet at ms2 dot inr dot ac dot ru>
|
||||
Alon Bar-Lev <alonbl at sourceforge dot net>
|
||||
Andrew Brown <atatat at atatdot dot net>
|
||||
<andy-1 at sourceforge dot net>
|
||||
Antti Kantee <pooka at netbsd dot org>
|
||||
Arien Vijn <arienvijn at sourceforge dot net>
|
||||
Arkadiusz Miskiewicz <misiek at pld dot org dot pl>
|
||||
Armando L. Caro Jr. <acaro at mail dot eecis dot udel dot edu>
|
||||
Assar Westerlund <assar at sics dot se>
|
||||
Brian Ginsbach <ginsbach at cray dot com>
|
||||
Charles M. Hannum <mycroft at netbsd dot org>
|
||||
Chris G. Demetriou <cgd at netbsd dot org>
|
||||
Chris Lightfoot <cwrl at users dot sourceforge dot net>
|
||||
Chris Maynard <Chris dot Maynard at gtech dot com>
|
||||
Chris Pepper <pepper at mail dot reppep dot com>
|
||||
Christian Bell <csbell at myri dot com>
|
||||
Christian Peron <csjp at freebsd dot org>
|
||||
Daniele Orlandi <daniele at orlandi dot com>
|
||||
Darren Reed <darrenr at sun dot com>
|
||||
David Kaelbling <drk at sgi dot com>
|
||||
David Young <dyoung at ojctech dot com>
|
||||
Dean Gaudet <dean at arctic dot org>
|
||||
Don Ebright <Don dot Ebright at compuware dot com>
|
||||
Dug Song <dugsong at monkey dot org>
|
||||
Dustin Spicuzza <dustin at virtualroadside dot com>
|
||||
Eric Anderson <anderse at hpl dot hp dot com>
|
||||
Erik de Castro Lopo <erik dot de dot castro dot lopo at sensorynetworks dot com>
|
||||
Felix Obenhuber <felix at obenhuber dot de>
|
||||
Florent Drouin <Florent dot Drouin at alcatel-lucent dot fr>
|
||||
Franz Schaefer <schaefer at mond dot at>
|
||||
Fulko Hew <fulko dot hew at gmail dot com>
|
||||
Fumiyuki Shimizu <fumifumi at abacustech dot jp>
|
||||
Gianluca Varenni <varenni at netgroup-serv dot polito dot it>
|
||||
Gilbert Hoyek <gil_hoyek at hotmail dot com>
|
||||
Gisle Vanem <gvanem at broadpark dot no>
|
||||
Graeme Hewson <ghewson at cix dot compulink dot co dot uk>
|
||||
Greg Stark <gsstark at mit dot edu>
|
||||
Greg Troxel <gdt at ir dot bbn dot com>
|
||||
Gregor Maier <gregor at net dot in dot tum dot de>
|
||||
Guillaume Pelat <endymion_ at users dot sourceforge dot net>
|
||||
Hagen Paul Pfeifer <hagen at jauu dot net>
|
||||
Hyung Sik Yoon <hsyn at kr dot ibm dot com>
|
||||
Igor Khristophorov <igor at atdot dot org>
|
||||
Jan-Philip Velders <jpv at veldersjes dot net>
|
||||
Jason R. Thorpe <thorpej at netbsd dot org>
|
||||
Javier Achirica <achirica at ttd dot net>
|
||||
Jean Tourrilhes <jt at hpl dot hp dot com>
|
||||
Jean-Louis Charton <Jean-Louis.CHARTON at oikialog dot com>
|
||||
Jefferson Ogata <jogata at nodc dot noaa dot gov>
|
||||
Jesper Peterson <jesper at endace dot com>
|
||||
Joerg Mayer <jmayer at loplof dot de>
|
||||
John Bankier <jbankier at rainfinity dot com>
|
||||
Jon Lindgren <jonl at yubyub dot net>
|
||||
Jon Smirl <jonsmirl at gmail dot com>
|
||||
Juergen Schoenwaelder <schoenw at ibr dot cs dot tu-bs dot de>
|
||||
Jung-uk Kim <jkim at FreeBSD dot org>
|
||||
Kazushi Sugyo <sugyo at pb dot jp dot nec dot com>
|
||||
Klaus Klein <kleink at netbsd dot org>
|
||||
Koryn Grant <koryn at endace dot com>
|
||||
Kris Katterjohn <katterjohn at gmail dot com>
|
||||
Krzysztof Halasa <khc at pm dot waw dot pl>
|
||||
Lorenzo Cavallaro <sullivan at sikurezza dot org>
|
||||
Loris Degioanni <loris at netgroup-serv dot polito dot it>
|
||||
Love Hörnquist-Åstrand <lha at stacken dot kth dot se>
|
||||
Luis MartinGarcia <luis dot mgarc at gmail dot com>
|
||||
Maciej W. Rozycki <macro at ds2 dot pg dot gda dot pl>
|
||||
Marcus Felipe Pereira <marcus at task dot com dot br>
|
||||
Mark C. Brown <mbrown at hp dot com>
|
||||
Mark Pizzolato <List-tcpdump-workers at subscriptions dot pizzolato dot net>
|
||||
Markus Mayer <markus_mayer at sourceforge dot net>
|
||||
Martin Husemann <martin at netbsd dot org>
|
||||
Márton Németh <nm127 at freemail dot hu>
|
||||
Matthew Luckie <mjl at luckie dot org dot nz>
|
||||
Max Laier <max at love2party dot net>
|
||||
Mike Frysinger <vapier at gmail dot com>
|
||||
Mike Kershaw <dragorn at kismetwireless dot net>
|
||||
Mike Wiacek <mike at iroot dot net>
|
||||
Monroe Williams <monroe at pobox dot com>
|
||||
<nvercamm at sourceforge dot net>
|
||||
N. Leiten <nleiten at sourceforge dot net>
|
||||
Nicolas Dade <ndade at nsd dot dyndns dot org>
|
||||
Octavian Cerna <tavy at ylabs dot com>
|
||||
Olaf Kirch <okir at caldera dot de>
|
||||
Ollie Wild <aaw at users dot sourceforge dot net>
|
||||
Onno van der Linden <onno at simplex dot nl>
|
||||
Paolo Abeni <paolo dot abeni at email dot it>
|
||||
Patrick Marie <mycroft at virgaria dot org>
|
||||
Patrick McHardy <kaber at trash not net>
|
||||
Paul Mundt <lethal at linux-sh dot org>
|
||||
Pavel Kankovsky <kan at dcit dot cz>
|
||||
Pawel Pokrywka <publicpp at gmail dot com>
|
||||
Peter Fales <peter at fales-lorenz dot net>
|
||||
Peter Jeremy <peter dot jeremy at alcatel dot com dot au>
|
||||
Peter Volkov <pva at gentoo dot org>
|
||||
Phil Wood <cpw at lanl dot gov>
|
||||
Rafal Maszkowski <rzm at icm dot edu dot pl>
|
||||
<rcb-isis at users dot sourceforge dot net>
|
||||
Richard Stearn <richard at rns-stearn dot demon dot co dot uk>
|
||||
Rick Jones <raj at cup dot hp dot com>
|
||||
Robert Edmonds <stu-42 at sourceforge dot net>
|
||||
Roberto Mariani <jelot-tcpdump at jelot dot it>
|
||||
Romain Francoise <rfrancoise at debian dot org>
|
||||
Sagun Shakya <sagun dot shakya at sun dot com>
|
||||
Scott Barron <sb125499 at ohiou dot edu>
|
||||
Scott Gifford <sgifford at tir dot com>
|
||||
Scott Mcmillan <scott.a.mcmillan at intel dot com>
|
||||
Sebastian Krahmer <krahmer at cs dot uni-potsdam dot de>
|
||||
Sebastien Roy <Sebastien dot Roy at Sun dot COM>
|
||||
Sepherosa Ziehau <sepherosa at gmail dot com>
|
||||
Shaun Clowes <delius at progsoc dot uts dot edu dot au>
|
||||
Solomon Peachy <pizza at shaftnet dot org>
|
||||
Stefan Hudson <hudson at mbay dot net>
|
||||
Stephen Donnelly <stephen at endace dot com>
|
||||
Takashi Yamamoto <yamt at mwd dot biglobe dot ne dot jp>
|
||||
Tanaka Shin-ya <zstanaka at archer dot livedoor dot com>
|
||||
Tobias Poschwatta <posch at sourceforge dot net>
|
||||
Tony Li <tli at procket dot com>
|
||||
Torsten Landschoff <torsten at debian dot org>
|
||||
Uns Lider <unslider at miranda dot org>
|
||||
Uwe Girlich <Uwe dot Girlich at philosys dot de>
|
||||
Wesley Shields <wxs at FreeBSD dot org>
|
||||
Xianjie Zhang <xzhang at cup dot hp dot com>
|
||||
Xin Li <delphij at FreeBSD dot org>
|
||||
Yen Yen Lim
|
||||
Yvan Vanhullebus <vanhu at sourceforge dot net>
|
||||
Yoann Vandoorselaere <yoann at prelude-ids dot org>
|
||||
|
||||
The original LBL crew:
|
||||
Steve McCanne
|
||||
Craig Leres
|
||||
Van Jacobson
|
||||
Steve McCanne
|
||||
Craig Leres
|
||||
Van Jacobson
|
||||
|
||||
Past maintainers:
|
||||
Jun-ichiro itojun Hagino <itojun at iijlab dot net>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{
|
||||
Description = "Change BPF permissions";
|
||||
Provides = ("Non-root permission to capture or send raw packets");
|
||||
Provides = ("ChmodBPF");
|
||||
}
|
||||
|
|
123
FILES
123
FILES
|
@ -1,123 +0,0 @@
|
|||
CHANGES
|
||||
ChmodBPF/ChmodBPF
|
||||
ChmodBPF/StartupParameters.plist
|
||||
CREDITS
|
||||
FILES
|
||||
INSTALL.txt
|
||||
LICENSE
|
||||
Makefile.in
|
||||
README
|
||||
README.aix
|
||||
README.dag
|
||||
README.hpux
|
||||
README.linux
|
||||
README.macosx
|
||||
README.tru64
|
||||
README.Win32
|
||||
SUNOS4/nit_if.o.sparc
|
||||
SUNOS4/nit_if.o.sun3
|
||||
SUNOS4/nit_if.o.sun4c.4.0.3c
|
||||
TODO
|
||||
VERSION
|
||||
acconfig.h
|
||||
aclocal.m4
|
||||
arcnet.h
|
||||
atmuni31.h
|
||||
bpf/net/bpf_filter.c
|
||||
bpf_dump.c
|
||||
bpf_image.c
|
||||
config.guess
|
||||
config.h.in
|
||||
config.sub
|
||||
configure
|
||||
configure.in
|
||||
etherent.c
|
||||
ethertype.h
|
||||
fad-getad.c
|
||||
fad-gifc.c
|
||||
fad-glifc.c
|
||||
fad-null.c
|
||||
fad-win32.c
|
||||
gencode.c
|
||||
gencode.h
|
||||
grammar.y
|
||||
inet.c
|
||||
install-sh
|
||||
lbl/os-aix4.h
|
||||
lbl/os-hpux11.h
|
||||
lbl/os-osf4.h
|
||||
lbl/os-osf5.h
|
||||
lbl/os-solaris2.h
|
||||
lbl/os-sunos4.h
|
||||
lbl/os-ultrix4.h
|
||||
llc.h
|
||||
missing/snprintf.c
|
||||
mkdep
|
||||
msdos/bin2c.c
|
||||
msdos/common.dj
|
||||
msdos/makefile
|
||||
msdos/makefile.dj
|
||||
msdos/makefile.wc
|
||||
msdos/ndis2.c
|
||||
msdos/ndis2.h
|
||||
msdos/ndis_0.asm
|
||||
msdos/pkt_rx0.asm
|
||||
msdos/pkt_rx1.s
|
||||
msdos/pktdrvr.c
|
||||
msdos/pktdrvr.h
|
||||
msdos/readme.dos
|
||||
nametoaddr.c
|
||||
nlpid.h
|
||||
optimize.c
|
||||
packaging/pcap.spec
|
||||
packaging/pcap.spec.in
|
||||
pcap-bpf.c
|
||||
pcap-bpf.h
|
||||
pcap-dag.c
|
||||
pcap-dag.h
|
||||
pcap-dlpi.c
|
||||
pcap-dos.c
|
||||
pcap-dos.h
|
||||
pcap-enet.c
|
||||
pcap-int.h
|
||||
pcap-linux.c
|
||||
pcap-namedb.h
|
||||
pcap-nit.c
|
||||
pcap-nit.h
|
||||
pcap-null.c
|
||||
pcap-pf.c
|
||||
pcap-pf.h
|
||||
pcap-stdinc.h
|
||||
pcap-snit.c
|
||||
pcap-snoop.c
|
||||
pcap-win32.c
|
||||
pcap.3
|
||||
pcap.c
|
||||
pcap.h
|
||||
pf.h
|
||||
ppp.h
|
||||
rawss7.h
|
||||
savefile.c
|
||||
scanner.l
|
||||
sll.h
|
||||
sunatmpos.h
|
||||
Win32/Include/Gnuc.h
|
||||
Win32/Include/addrinfo.h
|
||||
Win32/Include/bittypes.h
|
||||
Win32/Include/cdecl_ext.h
|
||||
Win32/Include/inetprivate.h
|
||||
Win32/Include/ip6_misc.h
|
||||
Win32/Include/sockstorage.h
|
||||
Win32/Include/arpa/nameser.h
|
||||
Win32/Include/net/if.h
|
||||
Win32/Include/net/netdb.h
|
||||
Win32/Include/net/paths.h
|
||||
Win32/Src/ffs.c
|
||||
Win32/Src/getaddrinfo.c
|
||||
Win32/Src/getnetbynm.c
|
||||
Win32/Src/getnetent.c
|
||||
Win32/Src/getopt.c
|
||||
Win32/Src/getservent.c
|
||||
Win32/Src/inet_aton.c
|
||||
Win32/Src/inet_net.c
|
||||
Win32/Src/inet_pton.c
|
73
INSTALL.txt
73
INSTALL.txt
|
@ -1,4 +1,4 @@
|
|||
@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.12 2004-12-18 08:52:08 guy Exp $ (LBL)
|
||||
@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.29 2008-06-12 20:21:51 guy Exp $ (LBL)
|
||||
|
||||
To build libpcap, run "./configure" (a shell script). The configure
|
||||
script will determine your system attributes and generate an
|
||||
|
@ -211,8 +211,7 @@ Read the README.aix file for information on installing libpcap and
|
|||
configuring your system to be able to support libpcap.
|
||||
|
||||
If you use NeXTSTEP, you will not be able to build libpcap from this
|
||||
release. We hope to support this operating system in some future
|
||||
release of libpcap.
|
||||
release.
|
||||
|
||||
If you use SINIX, you should be able to build libpcap from this
|
||||
release. It is known to compile and run on SINIX-Y/N 5.42 with the C-DS
|
||||
|
@ -229,22 +228,22 @@ Another workaround is to use flex and bison.
|
|||
|
||||
If you use SCO, you might have trouble building libpcap from this
|
||||
release. We do not have a machine running SCO and have not had reports
|
||||
of anyone successfully building on it. Since SCO apparently supports
|
||||
DLPI, it's possible the current version works. Meanwhile, SCO provides
|
||||
a tcpdump binary as part of their "Network/Security Tools" package:
|
||||
of anyone successfully building on it; the current release of libpcap
|
||||
does not compile on SCO OpenServer 5. Although SCO apparently supports
|
||||
DLPI to some extent, the DLPI in OpenServer 5 is very non-standard, and
|
||||
it appears that completely new code would need to be written to capture
|
||||
network traffic. SCO do not appear to provide tcpdump binaries for
|
||||
OpenServer 5 or OpenServer 6 as part of SCO Skunkware:
|
||||
|
||||
http://www.sco.com/technology/internet/goodies/#SECURITY
|
||||
http://www.sco.com/skunkware/
|
||||
|
||||
There is also a README that explains how to enable packet capture.
|
||||
|
||||
If you use UnixWare, you will not be able to build libpcap from this
|
||||
release. We hope to support this operating system in some future
|
||||
release of libpcap. Meanwhile, there appears to be an UnixWare port of
|
||||
libpcap 0.0 (and tcpdump 3.0) in:
|
||||
|
||||
ftp://ftp1.freebird.org/pub/mirror/freebird/internet/systools/
|
||||
|
||||
UnixWare appears to use a hacked version of DLPI.
|
||||
If you use UnixWare, you might be able to build libpcap from this
|
||||
release, or you might not. We do not have a machine running UnixWare,
|
||||
so we have not tested it; however, SCO provide packages for libpcap
|
||||
0.6.2 and tcpdump 3.7.1 in the UnixWare 7/Open UNIX 8 part of SCO
|
||||
Skunkware, and the source package for libpcap 0.6.2 is not changed from
|
||||
the libpcap 0.6.2 source release, so this release of libpcap might also
|
||||
build without changes on UnixWare 7.
|
||||
|
||||
If linking tcpdump fails with "Undefined: _alloca" when using bison on
|
||||
a Sun4, your version of bison is broken. In any case version 1.16 or
|
||||
|
@ -298,7 +297,6 @@ CHANGES - description of differences between releases
|
|||
ChmodBPF/* - Mac OS X startup item to set ownership and permissions
|
||||
on /dev/bpf*
|
||||
CREDITS - people that have helped libpcap along
|
||||
FILES - list of files exported as part of the distribution
|
||||
INSTALL.txt - this file
|
||||
LICENSE - the license under which tcpdump is distributed
|
||||
Makefile.in - compilation rules (input to the configure script)
|
||||
|
@ -308,6 +306,8 @@ README.dag - notes on using libpcap to capture on Endace DAG devices
|
|||
README.hpux - notes on using libpcap on HP-UX
|
||||
README.linux - notes on using libpcap on Linux
|
||||
README.macosx - notes on using libpcap on Mac OS X
|
||||
README.septel - notes on using libpcap to capture on Intel/Septel devices
|
||||
README.sita - notes on using libpcap to capture on SITA devices
|
||||
README.tru64 - notes on using libpcap on Digital/Tru64 UNIX
|
||||
README.Win32 - notes on using libpcap on Win32 systems (with WinPcap)
|
||||
SUNOS4 - pre-SunOS 4.1 replacement kernel nit modules
|
||||
|
@ -325,16 +325,22 @@ config.h.in - autoconf input
|
|||
config.sub - autoconf support
|
||||
configure - configure script (run this first)
|
||||
configure.in - configure script source
|
||||
dlpisubs.c - DLPI-related functions for pcap-dlpi.c and pcap-libdlpi.c
|
||||
dlpisubs.h - DLPI-related function declarations
|
||||
etherent.c - /etc/ethers support routines
|
||||
ethertype.h - Ethernet protocol types and names definitions
|
||||
fad-getad.c - pcap_findalldevs() for systems with getifaddrs()
|
||||
fad-gifc.c - pcap_findalldevs() for systems with only SIOCGIFLIST
|
||||
fad-glifc.c - pcap_findalldevs() for systems with SIOCGLIFCONF
|
||||
fad-null.c - pcap_findalldevs() for systems without capture support
|
||||
fad-sita.c - pcap_findalldevs() for systems with SITA support
|
||||
fad-win32.c - pcap_findalldevs() for WinPcap
|
||||
filtertest.c - test program for BPF compiler
|
||||
findalldevstest.c - test program for pcap_findalldevs()
|
||||
gencode.c - BPF code generation routines
|
||||
gencode.h - BPF code generation definitions
|
||||
grammar.y - filter string grammar
|
||||
ieee80211.h - 802.11 definitions
|
||||
inet.c - network routines
|
||||
install-sh - BSD style install script
|
||||
lbl/os-*.h - OS-dependent defines and prototypes
|
||||
|
@ -347,8 +353,16 @@ nlpid.h - OSI network layer protocol identifier definitions
|
|||
net - symlink to bpf/net
|
||||
optimize.c - BPF optimization routines
|
||||
packaging - packaging information for building libpcap RPMs
|
||||
pcap/bluetooth.h - public definition of DLT_BLUETOOTH_HCI_H4_WITH_PHDR header
|
||||
pcap/bpf.h - BPF definitions
|
||||
pcap/namedb.h - public libpcap name database definitions
|
||||
pcap/pcap.h - public libpcap definitions
|
||||
pcap/sll.h - public definition of DLT_LINUX_SLL header
|
||||
pcap/usb.h - public definition of DLT_USB header
|
||||
pcap-bpf.c - BSD Packet Filter support
|
||||
pcap-bpf.h - BPF definitions
|
||||
pcap-bpf.h - header for backwards compatibility
|
||||
pcap-bt-linux.c - Bluetooth capture support for Linux
|
||||
pcap-bt-linux.h - Bluetooth capture support for Linux
|
||||
pcap-dag.c - Endace DAG device capture support
|
||||
pcap-dag.h - Endace DAG device capture support
|
||||
pcap-dlpi.c - Data Link Provider Interface support
|
||||
|
@ -356,25 +370,34 @@ pcap-dos.c - MS-DOS capture support
|
|||
pcap-dos.h - headers for MS-DOS capture support
|
||||
pcap-enet.c - enet support
|
||||
pcap-int.h - internal libpcap definitions
|
||||
pcap-libdlpi.c - Data Link Provider Interface support for systems with libdlpi
|
||||
pcap-linux.c - Linux packet socket support
|
||||
pcap-namedb.h - public libpcap name database definitions
|
||||
pcap-namedb.h - header for backwards compatibility
|
||||
pcap-nit.c - SunOS Network Interface Tap support
|
||||
pcap-nit.h - SunOS Network Interface Tap definitions
|
||||
pcap-null.c - dummy monitor support (allows offline use of libpcap)
|
||||
pcap-pf.c - Ultrix and Digital/Tru64 UNIX Packet Filter support
|
||||
pcap-pf.h - Ultrix and Digital/Tru64 UNIX Packet Filter definitions
|
||||
pcap-septel.c - Intel/Septel device capture support
|
||||
pcap-septel.h - Intel/Septel device capture support
|
||||
pcap-sita.c - SITA device capture support
|
||||
pcap-sita.h - SITA device capture support
|
||||
pcap-sita.html - SITA device capture documentation
|
||||
pcap-stdinc.h - includes and #defines for compiling on Win32 systems
|
||||
pcap-snit.c - SunOS 4.x STREAMS-based Network Interface Tap support
|
||||
pcap-snoop.c - IRIX Snoop network monitoring support
|
||||
pcap-usb-linux.c - USB capture support for Linux
|
||||
pcap-usb-linux.h - USB capture support for Linux
|
||||
pcap-win32.c - WinPcap capture support
|
||||
pcap.3 - manual entry
|
||||
pcap.3pcap - manual entry for the library
|
||||
pcap.c - pcap utility routines
|
||||
pcap.h - public libpcap definitions
|
||||
pf.h - OpenBSD DLT_PFLOG definitions
|
||||
pcap.h - header for backwards compatibility
|
||||
pcap_*.3pcap - manual entries for library functions
|
||||
pcap-filter.4 - manual entry for filter syntax
|
||||
pcap-linktype.4 - manual entry for link-layer header types
|
||||
ppp.h - Point to Point Protocol definitions
|
||||
rawss7.h - information on DLT_ types for SS7
|
||||
runlex.sh - wrapper for Lex/Flex
|
||||
savefile.c - offline support
|
||||
scanner.l - filter string scanner
|
||||
sll.h - definitions for Linux cooked mode fake link-layer header
|
||||
sunatmpos.h - definitions for SunATM capturing
|
||||
Win32 - headers and routines for building on Win32 systems
|
||||
|
|
632
Makefile.in
632
Makefile.in
|
@ -17,7 +17,7 @@
|
|||
# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
#
|
||||
# @(#) $Header: /tcpdump/master/libpcap/Makefile.in,v 1.99 2003-12-15 01:35:03 guy Exp $ (LBL)
|
||||
# @(#) $Header: /tcpdump/master/libpcap/Makefile.in,v 1.142 2008-11-22 17:30:24 guy Exp $ (LBL)
|
||||
|
||||
#
|
||||
# Various configurable paths (remember to edit Makefile.in, not Makefile)
|
||||
|
@ -26,11 +26,14 @@
|
|||
# Top level hierarchy
|
||||
prefix = @prefix@
|
||||
exec_prefix = @exec_prefix@
|
||||
datarootdir = @datarootdir@
|
||||
# Pathname of directory to install the configure program
|
||||
bindir = @bindir@
|
||||
# Pathname of directory to install the include files
|
||||
includedir = @includedir@
|
||||
# Pathname of directory to install the library
|
||||
libdir = @libdir@
|
||||
# Pathname of directory to install the man page
|
||||
# Pathname of directory to install the man pages
|
||||
mandir = @mandir@
|
||||
|
||||
# VPATH
|
||||
|
@ -41,15 +44,23 @@ VPATH = @srcdir@
|
|||
# You shouldn't need to edit anything below.
|
||||
#
|
||||
|
||||
LD = /usr/bin/ld
|
||||
CC = @CC@
|
||||
AR = @AR@
|
||||
CCOPT = @V_CCOPT@
|
||||
INCLS = -I. @V_INCLS@
|
||||
DEFS = @DEFS@ @V_DEFS@
|
||||
LIBS = @V_LIBS@
|
||||
ADDLOBJS = @ADDLOBJS@
|
||||
ADDLARCHIVEOBJS = @ADDLARCHIVEOBJS@
|
||||
LIBS = @LIBS@
|
||||
CFLAGS = @CFLAGS@
|
||||
LDFLAGS = @LDFLAGS@
|
||||
DYEXT = @DYEXT@
|
||||
V_RPATH_OPT = @V_RPATH_OPT@
|
||||
PROG=libpcap
|
||||
|
||||
# Standard CFLAGS
|
||||
CFLAGS = $(CCOPT) $(INCLS) $(DEFS)
|
||||
FULL_CFLAGS = $(CCOPT) $(INCLS) $(DEFS) $(CFLAGS)
|
||||
|
||||
INSTALL = @INSTALL@
|
||||
INSTALL_PROGRAM = @INSTALL_PROGRAM@
|
||||
|
@ -69,14 +80,15 @@ YACC = @V_YACC@
|
|||
# problem if you don't own the file but can write to the directory.
|
||||
.c.o:
|
||||
@rm -f $@
|
||||
$(CC) $(CFLAGS) -c $(srcdir)/$*.c
|
||||
$(CC) $(FULL_CFLAGS) -c $(srcdir)/$*.c
|
||||
|
||||
PSRC = pcap-@V_PCAP@.c
|
||||
PSRC = pcap-@V_PCAP@.c @USB_SRC@ @BT_SRC@ @CAN_SRC@ @DECT_SRC@
|
||||
FSRC = fad-@V_FINDALLDEVS@.c
|
||||
SSRC = @SSRC@
|
||||
CSRC = pcap.c inet.c gencode.c optimize.c nametoaddr.c \
|
||||
etherent.c savefile.c bpf_filter.c bpf_image.c bpf_dump.c
|
||||
GENSRC = scanner.c grammar.c version.c
|
||||
CSRC = pcap.c inet.c gencode.c optimize.c nametoaddr.c etherent.c \
|
||||
savefile.c sf-pcap.c sf-pcap-ng.c pcap-common.c \
|
||||
bpf_image.c bpf_dump.c
|
||||
GENSRC = scanner.c grammar.c bpf_filter.c version.c
|
||||
LIBOBJS = @LIBOBJS@
|
||||
|
||||
SRC = $(PSRC) $(FSRC) $(CSRC) $(SSRC) $(GENSRC)
|
||||
|
@ -84,50 +96,343 @@ SRC = $(PSRC) $(FSRC) $(CSRC) $(SSRC) $(GENSRC)
|
|||
# We would like to say "OBJ = $(SRC:.c=.o)" but Ultrix's make cannot
|
||||
# hack the extra indirection
|
||||
OBJ = $(PSRC:.c=.o) $(FSRC:.c=.o) $(CSRC:.c=.o) $(SSRC:.c=.o) $(GENSRC:.c=.o) $(LIBOBJS)
|
||||
HDR = pcap.h pcap-int.h pcap-namedb.h pcap-nit.h pcap-pf.h \
|
||||
ethertype.h gencode.h gnuc.h
|
||||
GENHDR = \
|
||||
tokdefs.h version.h
|
||||
PUBHDR = \
|
||||
pcap.h \
|
||||
pcap-bpf.h \
|
||||
pcap-namedb.h \
|
||||
pcap/bpf.h \
|
||||
pcap/bluetooth.h \
|
||||
pcap/ipnet.h \
|
||||
pcap/namedb.h \
|
||||
pcap/pcap.h \
|
||||
pcap/sll.h \
|
||||
pcap/vlan.h \
|
||||
pcap/usb.h
|
||||
|
||||
TAGHDR = \
|
||||
pcap-bpf.h
|
||||
HDR = $(PUBHDR) \
|
||||
arcnet.h \
|
||||
atmuni31.h \
|
||||
ethertype.h \
|
||||
gencode.h \
|
||||
ieee80211.h \
|
||||
llc.h \
|
||||
nlpid.h \
|
||||
pcap-common.h \
|
||||
pcap-int.h \
|
||||
pcap-stdinc.h \
|
||||
ppp.h \
|
||||
sf-pcap.h \
|
||||
sf-pcap-ng.h \
|
||||
sunatmpos.h
|
||||
|
||||
TESTS = \
|
||||
filtertest \
|
||||
findalldevstest \
|
||||
nonblocktest \
|
||||
opentest \
|
||||
selpolltest
|
||||
|
||||
TESTS_SRC = \
|
||||
tests/filtertest.c \
|
||||
tests/findalldevstest.c \
|
||||
tests/nonblocktest.c \
|
||||
tests/opentest.c \
|
||||
tests/selpolltest.c
|
||||
|
||||
GENHDR = \
|
||||
scanner.h tokdefs.h version.h
|
||||
|
||||
TAGFILES = \
|
||||
$(SRC) $(HDR) $(TAGHDR)
|
||||
$(SRC) $(HDR)
|
||||
|
||||
CLEANFILES = $(OBJ) libpcap.a $(GENSRC) $(GENHDR) lex.yy.c
|
||||
CLEANFILES = $(OBJ) libpcap.* $(TESTS) \
|
||||
$(PROG)-`cat $(srcdir)/VERSION`.tar.gz $(GENSRC) $(GENHDR) \
|
||||
lex.yy.c pcap-config
|
||||
|
||||
all: libpcap.a
|
||||
MAN1 = pcap-config.1
|
||||
|
||||
MAN3PCAP_EXPAND = \
|
||||
pcap.3pcap.in \
|
||||
pcap_compile.3pcap.in \
|
||||
pcap_datalink.3pcap.in \
|
||||
pcap_dump_open.3pcap.in \
|
||||
pcap_list_datalinks.3pcap.in \
|
||||
pcap_list_tstamp_types.3pcap.in \
|
||||
pcap_open_dead.3pcap.in \
|
||||
pcap_open_offline.3pcap.in \
|
||||
pcap_set_tstamp_type.3pcap.in
|
||||
|
||||
MAN3PCAP_NOEXPAND = \
|
||||
pcap_activate.3pcap \
|
||||
pcap_breakloop.3pcap \
|
||||
pcap_can_set_rfmon.3pcap \
|
||||
pcap_close.3pcap \
|
||||
pcap_create.3pcap \
|
||||
pcap_datalink_name_to_val.3pcap \
|
||||
pcap_datalink_val_to_name.3pcap \
|
||||
pcap_dump.3pcap \
|
||||
pcap_dump_close.3pcap \
|
||||
pcap_dump_file.3pcap \
|
||||
pcap_dump_flush.3pcap \
|
||||
pcap_dump_ftell.3pcap \
|
||||
pcap_file.3pcap \
|
||||
pcap_fileno.3pcap \
|
||||
pcap_findalldevs.3pcap \
|
||||
pcap_freecode.3pcap \
|
||||
pcap_get_selectable_fd.3pcap \
|
||||
pcap_geterr.3pcap \
|
||||
pcap_inject.3pcap \
|
||||
pcap_is_swapped.3pcap \
|
||||
pcap_lib_version.3pcap \
|
||||
pcap_lookupdev.3pcap \
|
||||
pcap_lookupnet.3pcap \
|
||||
pcap_loop.3pcap \
|
||||
pcap_major_version.3pcap \
|
||||
pcap_next_ex.3pcap \
|
||||
pcap_offline_filter.3pcap \
|
||||
pcap_open_live.3pcap \
|
||||
pcap_set_buffer_size.3pcap \
|
||||
pcap_set_datalink.3pcap \
|
||||
pcap_set_promisc.3pcap \
|
||||
pcap_set_rfmon.3pcap \
|
||||
pcap_set_snaplen.3pcap \
|
||||
pcap_set_timeout.3pcap \
|
||||
pcap_setdirection.3pcap \
|
||||
pcap_setfilter.3pcap \
|
||||
pcap_setnonblock.3pcap \
|
||||
pcap_snapshot.3pcap \
|
||||
pcap_stats.3pcap \
|
||||
pcap_statustostr.3pcap \
|
||||
pcap_strerror.3pcap \
|
||||
pcap_tstamp_type_name_to_val.3pcap \
|
||||
pcap_tstamp_type_val_to_name.3pcap
|
||||
|
||||
MAN3PCAP = $(MAN3PCAP_NOEXPAND) $(MAN3PCAP_EXPAND:.in=)
|
||||
|
||||
MANFILE = \
|
||||
pcap-savefile.manfile.in
|
||||
|
||||
MANMISC = \
|
||||
pcap-filter.manmisc.in \
|
||||
pcap-linktype.manmisc.in \
|
||||
pcap-tstamp.manmisc.in
|
||||
|
||||
EXTRA_DIST = \
|
||||
$(TESTS_SRC) \
|
||||
CHANGES \
|
||||
ChmodBPF/ChmodBPF \
|
||||
ChmodBPF/StartupParameters.plist \
|
||||
CREDITS \
|
||||
INSTALL.txt \
|
||||
LICENSE \
|
||||
Makefile.in \
|
||||
README \
|
||||
README.aix \
|
||||
README.dag \
|
||||
README.hpux \
|
||||
README.linux \
|
||||
README.macosx \
|
||||
README.septel \
|
||||
README.sita \
|
||||
README.tru64 \
|
||||
README.Win32 \
|
||||
SUNOS4/nit_if.o.sparc \
|
||||
SUNOS4/nit_if.o.sun3 \
|
||||
SUNOS4/nit_if.o.sun4c.4.0.3c \
|
||||
TODO \
|
||||
VERSION \
|
||||
aclocal.m4 \
|
||||
bpf/net/bpf_filter.c \
|
||||
chmod_bpf \
|
||||
config.guess \
|
||||
config.h.in \
|
||||
config.sub \
|
||||
configure \
|
||||
configure.in \
|
||||
dlpisubs.c \
|
||||
dlpisubs.h \
|
||||
fad-getad.c \
|
||||
fad-gifc.c \
|
||||
fad-glifc.c \
|
||||
fad-null.c \
|
||||
fad-sita.c \
|
||||
fad-win32.c \
|
||||
grammar.y \
|
||||
install-sh \
|
||||
lbl/os-aix4.h \
|
||||
lbl/os-hpux11.h \
|
||||
lbl/os-osf4.h \
|
||||
lbl/os-osf5.h \
|
||||
lbl/os-solaris2.h \
|
||||
lbl/os-sunos4.h \
|
||||
lbl/os-ultrix4.h \
|
||||
missing/snprintf.c \
|
||||
mkdep \
|
||||
msdos/bin2c.c \
|
||||
msdos/common.dj \
|
||||
msdos/makefile \
|
||||
msdos/makefile.dj \
|
||||
msdos/makefile.wc \
|
||||
msdos/ndis2.c \
|
||||
msdos/ndis2.h \
|
||||
msdos/ndis_0.asm \
|
||||
msdos/pkt_rx0.asm \
|
||||
msdos/pkt_rx1.s \
|
||||
msdos/pktdrvr.c \
|
||||
msdos/pktdrvr.h \
|
||||
msdos/readme.dos \
|
||||
org.tcpdump.chmod_bpf.plist \
|
||||
packaging/pcap.spec.in \
|
||||
pcap-bpf.c \
|
||||
pcap-bt-linux.c \
|
||||
pcap-bt-linux.h \
|
||||
pcap-can-linux.c \
|
||||
pcap-can-linux.h \
|
||||
pcap-config.in \
|
||||
pcap-dag.c \
|
||||
pcap-dag.h \
|
||||
pcap-dlpi.c \
|
||||
pcap-dos.c \
|
||||
pcap-dos.h \
|
||||
pcap-enet.c \
|
||||
pcap-int.h \
|
||||
pcap-libdlpi.c \
|
||||
pcap-linux.c \
|
||||
pcap-namedb.h \
|
||||
pcap-nit.c \
|
||||
pcap-null.c \
|
||||
pcap-pf.c \
|
||||
pcap-septel.c \
|
||||
pcap-septel.h \
|
||||
pcap-sita.h \
|
||||
pcap-sita.c \
|
||||
pcap-sita.html \
|
||||
pcap-snf.c \
|
||||
pcap-snf.h \
|
||||
pcap-snit.c \
|
||||
pcap-snoop.c \
|
||||
pcap-usb-linux.c \
|
||||
pcap-usb-linux.h \
|
||||
pcap-dect-linux.c \
|
||||
pcap-dect-linux.h \
|
||||
pcap-win32.c \
|
||||
runlex.sh \
|
||||
scanner.l \
|
||||
Win32/Include/Gnuc.h \
|
||||
Win32/Include/addrinfo.h \
|
||||
Win32/Include/bittypes.h \
|
||||
Win32/Include/cdecl_ext.h \
|
||||
Win32/Include/inetprivate.h \
|
||||
Win32/Include/ip6_misc.h \
|
||||
Win32/Include/sockstorage.h \
|
||||
Win32/Include/arpa/nameser.h \
|
||||
Win32/Include/net/if.h \
|
||||
Win32/Include/net/netdb.h \
|
||||
Win32/Include/net/paths.h \
|
||||
Win32/Prj/libpcap.dsp \
|
||||
Win32/Prj/libpcap.dsw \
|
||||
Win32/Src/ffs.c \
|
||||
Win32/Src/gai_strerror.c \
|
||||
Win32/Src/getaddrinfo.c \
|
||||
Win32/Src/getnetbynm.c \
|
||||
Win32/Src/getnetent.c \
|
||||
Win32/Src/getopt.c \
|
||||
Win32/Src/getservent.c \
|
||||
Win32/Src/inet_aton.c \
|
||||
Win32/Src/inet_net.c \
|
||||
Win32/Src/inet_pton.c
|
||||
|
||||
all: libpcap.a shared pcap-config
|
||||
|
||||
libpcap.a: $(OBJ)
|
||||
@rm -f $@
|
||||
ar rc $@ $(OBJ) $(LIBS)
|
||||
$(AR) rc $@ $(OBJ) $(ADDLARCHIVEOBJS)
|
||||
$(RANLIB) $@
|
||||
|
||||
shared: libpcap.$(DYEXT)
|
||||
|
||||
#
|
||||
# XXX - this works with GNU ld, but won't necessarily work with native
|
||||
# ld on, for example, various SVR4-flavored platforms, or Digital UNIX.
|
||||
#
|
||||
libpcap.so: $(OBJ)
|
||||
@rm -f $@
|
||||
ld -shared -o $@.`cat VERSION` $(OBJ)
|
||||
VER=`cat $(srcdir)/VERSION`; \
|
||||
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
|
||||
@V_SHLIB_CMD@ @V_SHLIB_OPT@ @V_SONAME_OPT@$@.$$MAJOR_VER $(LDFLAGS) \
|
||||
-o $@.$$VER $(OBJ) $(ADDLOBJS) $(LIBS)
|
||||
|
||||
# the following rule succeeds, but the result is untested.
|
||||
#
|
||||
# The following rule succeeds, but the result is untested.
|
||||
#
|
||||
# In Mac OS X, the libpcap dylib has the name "libpcap.A.dylib", with
|
||||
# its full path as the install_name, and with the compatibility and
|
||||
# current version both set to 1. The compatibility version is set to
|
||||
# 1 so that programs built with a newer version of the library will run
|
||||
# against older versions; multi-platform software probably will fail if
|
||||
# it uses APIs added in the newer version, but Mac OS X-specific software
|
||||
# will use weak linking and check at run time whether those APIs are
|
||||
# available.
|
||||
#
|
||||
# We also use "A" as the major version, and 1 as the compatibility version,
|
||||
# but set the current version to the value in VERSION, with any non-numeric
|
||||
# stuff stripped off (the compatibility and current version must be of the
|
||||
# form X[.Y[.Z]], with Y and Z possibly absent, and with all components
|
||||
# numeric).
|
||||
#
|
||||
libpcap.dylib: $(OBJ)
|
||||
rm -f libpcap*.dylib
|
||||
$(CC) -dynamiclib -undefined error -o libpcap.`cat VERSION`.dylib $(OBJ) \
|
||||
-install_name $(libdir)/libpcap.0.dylib -compatibility_version `cat VERSION` \
|
||||
-current_version `cat VERSION`
|
||||
VER=`cat $(srcdir)/VERSION`; \
|
||||
MAJOR_VER=A; \
|
||||
COMPAT_VER=1; \
|
||||
CURRENT_VER=`sed 's/[^0-9.].*$$//' $(srcdir)/VERSION`; \
|
||||
$(CC) -dynamiclib -undefined error $(LDFLAGS) \
|
||||
-o libpcap.$$VER.dylib $(OBJ) $(ADDLOBJS) $(LIBS) \
|
||||
-install_name $(libdir)/libpcap.$$MAJOR_VER.dylib \
|
||||
-compatibility_version $$COMPAT_VER \
|
||||
-current_version $$CURRENT_VER
|
||||
|
||||
#
|
||||
# The HP-UX linker manual says that the convention for a versioned library
|
||||
# is libXXX.{number}, not libXXX.sl.{number}. That appears to be the case
|
||||
# on at least one HP-UX 11.00 system; libXXX.sl is a symlink to
|
||||
# libXXX.{number}.
|
||||
#
|
||||
# The manual also says "library-level versioning" (think "sonames") was
|
||||
# added in HP-UX 10.0.
|
||||
#
|
||||
# XXX - this assumes we're using the HP linker, rather than the GNU
|
||||
# linker, even with GCC.
|
||||
#
|
||||
libpcap.sl: $(OBJ)
|
||||
@MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
|
||||
rm -f libpcap.$$MAJOR_VER
|
||||
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
|
||||
ld -b $(LDFLAGS) -o libpcap.$$MAJOR_VER +h libpcap.$$MAJOR_VER \
|
||||
$(OBJ) $(ADDLOBJS) $(LIBS)
|
||||
|
||||
#
|
||||
# AIX is different from everybody else. A shared library is an archive
|
||||
# library with one or more shared-object components. We still build a
|
||||
# normal static archive library on AIX, for the benefit of the traditional
|
||||
# scheme of building libpcap and tcpdump in subdirectories of the
|
||||
# same directory, with tcpdump statically linked with the libpcap
|
||||
# in question, but we also build a shared library as "libpcap.shareda"
|
||||
# and install *it*, rather than the static library, as "libpcap.a".
|
||||
#
|
||||
libpcap.shareda: $(OBJ)
|
||||
@rm -f $@ shr.o
|
||||
$(CC) @V_SHLIB_OPT@ -o shr.o $(OBJ) $(ADDLOBJS) $(LDFLAGS) $(LIBS)
|
||||
$(AR) rc $@ shr.o
|
||||
|
||||
#
|
||||
# For platforms that don't support shared libraries (or on which we
|
||||
# don't support shared libraries).
|
||||
#
|
||||
libpcap.none:
|
||||
|
||||
scanner.c: $(srcdir)/scanner.l
|
||||
@rm -f $@
|
||||
$(LEX) -t $< > $$$$.$@; mv $$$$.$@ $@
|
||||
$(srcdir)/runlex.sh $(LEX) -o$@ $<
|
||||
|
||||
scanner.o: scanner.c tokdefs.h
|
||||
$(CC) $(CFLAGS) -c scanner.c
|
||||
$(CC) $(FULL_CFLAGS) -c scanner.c
|
||||
|
||||
pcap.o: version.h
|
||||
|
||||
|
@ -140,17 +445,23 @@ grammar.c: $(srcdir)/grammar.y
|
|||
|
||||
grammar.o: grammar.c
|
||||
@rm -f $@
|
||||
$(CC) $(CFLAGS) -Dyylval=pcap_lval -c grammar.c
|
||||
$(CC) $(FULL_CFLAGS) -Dyylval=pcap_lval -c grammar.c
|
||||
|
||||
version.o: version.c
|
||||
$(CC) $(CFLAGS) -c version.c
|
||||
$(CC) $(FULL_CFLAGS) -c version.c
|
||||
|
||||
snprintf.o: $(srcdir)/missing/snprintf.c
|
||||
$(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/snprintf.c
|
||||
$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/snprintf.c
|
||||
|
||||
version.c: $(srcdir)/VERSION
|
||||
@rm -f $@
|
||||
sed -e 's/.*/char pcap_version[] = "&";/' $(srcdir)/VERSION > $@
|
||||
if grep GIT ${srcdir}/VERSION >/dev/null; then \
|
||||
read ver <${srcdir}/VERSION; \
|
||||
echo $$ver | tr -d '\012'; \
|
||||
date +_%Y_%m_%d; \
|
||||
else \
|
||||
cat ${srcdir}/VERSION; \
|
||||
fi | sed -e 's/.*/char pcap_version[] = "&";/' > $@
|
||||
|
||||
#
|
||||
# NOTE: this really is supposed to be static; importing a string
|
||||
|
@ -161,52 +472,228 @@ version.c: $(srcdir)/VERSION
|
|||
#
|
||||
version.h: $(srcdir)/VERSION
|
||||
@rm -f $@
|
||||
sed -e 's/.*/static const char pcap_version_string[] = "libpcap version &";/' $(srcdir)/VERSION > $@
|
||||
if grep GIT ${srcdir}/VERSION >/dev/null; then \
|
||||
read ver <${srcdir}/VERSION; \
|
||||
echo $$ver | tr -d '\012'; \
|
||||
date +_%Y_%m_%d; \
|
||||
else \
|
||||
cat ${srcdir}/VERSION; \
|
||||
fi | sed -e 's/.*/static const char pcap_version_string[] = "libpcap version &";/' > $@
|
||||
|
||||
bpf_filter.c: $(srcdir)/bpf/net/bpf_filter.c
|
||||
rm -f bpf_filter.c
|
||||
ln -s $(srcdir)/bpf/net/bpf_filter.c bpf_filter.c
|
||||
|
||||
bpf_filter.o: bpf_filter.c
|
||||
$(CC) $(CFLAGS) -c bpf_filter.c
|
||||
$(CC) $(FULL_CFLAGS) -c bpf_filter.c
|
||||
|
||||
install: libpcap.a
|
||||
#
|
||||
# Generate the pcap-config script.
|
||||
#
|
||||
pcap-config: $(srcdir)/pcap-config.in
|
||||
@rm -f $@ $@.tmp
|
||||
./config.status --file=$@.tmp:$<
|
||||
mv $@.tmp $@
|
||||
chmod a+x $@
|
||||
|
||||
#
|
||||
# Test programs - not built by default, and not installed.
|
||||
#
|
||||
tests: $(TESTS)
|
||||
|
||||
filtertest: tests/filtertest.c libpcap.a
|
||||
$(CC) $(FULL_CFLAGS) -I. -L. -o filtertest $(srcdir)/tests/filtertest.c libpcap.a $(LIBS)
|
||||
|
||||
findalldevstest: tests/findalldevstest.c libpcap.a
|
||||
$(CC) $(FULL_CFLAGS) -I. -L. -o findalldevstest $(srcdir)/tests/findalldevstest.c libpcap.a $(LIBS)
|
||||
|
||||
nonblocktest: tests/nonblocktest.c libpcap.a
|
||||
$(CC) $(FULL_CFLAGS) -I. -L. -o nonblocktest $(srcdir)/tests/nonblocktest.c libpcap.a $(LIBS)
|
||||
|
||||
opentest: tests/opentest.c libpcap.a
|
||||
$(CC) $(FULL_CFLAGS) -I. -L. -o opentest $(srcdir)/tests/opentest.c libpcap.a $(LIBS)
|
||||
|
||||
selpolltest: tests/selpolltest.c libpcap.a
|
||||
$(CC) $(FULL_CFLAGS) -I. -L. -o selpolltest $(srcdir)/tests/selpolltest.c libpcap.a $(LIBS)
|
||||
|
||||
install: install-shared install-archive pcap-config
|
||||
[ -d $(DESTDIR)$(libdir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
|
||||
[ -d $(DESTDIR)$(includedir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(includedir); chmod 755 $(DESTDIR)$(includedir))
|
||||
[ -d $(DESTDIR)$(includedir)/pcap ] || \
|
||||
(mkdir -p $(DESTDIR)$(includedir)/pcap; chmod 755 $(DESTDIR)$(includedir)/pcap)
|
||||
[ -d $(DESTDIR)$(mandir)/man1 ] || \
|
||||
(mkdir -p $(DESTDIR)$(mandir)/man1; chmod 755 $(DESTDIR)$(mandir)/man1)
|
||||
[ -d $(DESTDIR)$(mandir)/man3 ] || \
|
||||
(mkdir -p $(DESTDIR)$(mandir)/man3; chmod 755 $(DESTDIR)$(mandir)/man3)
|
||||
[ -d $(DESTDIR)$(mandir)/man@MAN_FILE_FORMATS@ ] || \
|
||||
(mkdir -p $(DESTDIR)$(mandir)/man@MAN_FILE_FORMATS@; chmod 755 $(DESTDIR)$(mandir)/man@MAN_FILE_FORMATS@)
|
||||
[ -d $(DESTDIR)$(mandir)/man@MAN_MISC_INFO@ ] || \
|
||||
(mkdir -p $(DESTDIR)$(mandir)/man@MAN_MISC_INFO@; chmod 755 $(DESTDIR)$(mandir)/man@MAN_MISC_INFO@)
|
||||
for i in $(PUBHDR); do \
|
||||
$(INSTALL_DATA) $(srcdir)/$$i \
|
||||
$(DESTDIR)$(includedir)/$$i; done
|
||||
[ -d $(DESTDIR)$(bindir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(bindir); chmod 755 $(DESTDIR)$(bindir))
|
||||
$(INSTALL_PROGRAM) pcap-config $(DESTDIR)$(bindir)/pcap-config
|
||||
for i in $(MAN1); do \
|
||||
$(INSTALL_DATA) $(srcdir)/$$i \
|
||||
$(DESTDIR)$(mandir)/man1/$$i; done
|
||||
for i in $(MAN3PCAP_NOEXPAND); do \
|
||||
$(INSTALL_DATA) $(srcdir)/$$i \
|
||||
$(DESTDIR)$(mandir)/man3/$$i; done
|
||||
for i in $(MAN3PCAP_EXPAND:.in=); do \
|
||||
$(INSTALL_DATA) $$i \
|
||||
$(DESTDIR)$(mandir)/man3/$$i; done
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_datalink_val_to_description.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_datalink_val_to_name.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_datalink_val_to_description.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_dump_fopen.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_dump_open.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_dump_fopen.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_freealldevs.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_findalldevs.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_freealldevs.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_perror.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_geterr.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_perror.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_sendpacket.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_inject.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_sendpacket.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_free_datalinks.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_list_datalinks.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_free_datalinks.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_free_tstamp_types.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_list_tstamp_types.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_free_tstamp_types.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_dispatch.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_loop.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_dispatch.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_minor_version.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_major_version.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_minor_version.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_next.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_next_ex.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_next.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_fopen_offline.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_open_offline.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_fopen_offline.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_getnonblock.3pcap
|
||||
ln $(DESTDIR)$(mandir)/man3/pcap_setnonblock.3pcap \
|
||||
$(DESTDIR)$(mandir)/man3/pcap_getnonblock.3pcap
|
||||
for i in $(MANFILE); do \
|
||||
$(INSTALL_DATA) `echo $$i | sed 's/.manfile.in/.manfile/'` \
|
||||
$(DESTDIR)$(mandir)/man@MAN_FILE_FORMATS@/`echo $$i | sed 's/.manfile.in/.@MAN_FILE_FORMATS@/'`; done
|
||||
for i in $(MANMISC); do \
|
||||
$(INSTALL_DATA) `echo $$i | sed 's/.manmisc.in/.manmisc/'` \
|
||||
$(DESTDIR)$(mandir)/man@MAN_MISC_INFO@/`echo $$i | sed 's/.manmisc.in/.@MAN_MISC_INFO@/'`; done
|
||||
|
||||
install-shared: install-shared-$(DYEXT)
|
||||
install-shared-so: libpcap.so
|
||||
[ -d $(DESTDIR)$(libdir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
|
||||
VER=`cat $(srcdir)/VERSION`; \
|
||||
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
|
||||
$(INSTALL_PROGRAM) libpcap.so.$$VER $(DESTDIR)$(libdir)/libpcap.so.$$VER; \
|
||||
ln -sf libpcap.so.$$VER $(DESTDIR)$(libdir)/libpcap.so.$$MAJOR_VER; \
|
||||
ln -sf libpcap.so.$$MAJOR_VER $(DESTDIR)$(libdir)/libpcap.so
|
||||
install-shared-dylib: libpcap.dylib
|
||||
[ -d $(DESTDIR)$(libdir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
|
||||
VER=`cat $(srcdir)/VERSION`; \
|
||||
MAJOR_VER=A; \
|
||||
$(INSTALL_PROGRAM) libpcap.$$VER.dylib $(DESTDIR)$(libdir)/libpcap.$$VER.dylib; \
|
||||
ln -sf libpcap.$$VER.dylib $(DESTDIR)$(libdir)/libpcap.$$MAJOR_VER.dylib; \
|
||||
ln -sf libpcap.$$MAJOR_VER.dylib $(DESTDIR)$(libdir)/libpcap.dylib
|
||||
install-shared-sl: libpcap.sl
|
||||
[ -d $(DESTDIR)$(libdir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
|
||||
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
|
||||
$(INSTALL_PROGRAM) libpcap.$$MAJOR_VER $(DESTDIR)$(libdir)
|
||||
ln -sf libpcap.$$MAJOR_VER $(DESTDIR)$(libdir)/libpcap.sl
|
||||
install-shared-shareda: libpcap.shareda
|
||||
#
|
||||
# AIX shared libraries are weird. They're archive libraries
|
||||
# with one or more shared object components.
|
||||
#
|
||||
[ -d $(DESTDIR)$(libdir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
|
||||
$(INSTALL_PROGRAM) libpcap.shareda $(DESTDIR)$(libdir)/libpcap.a
|
||||
install-shared-none:
|
||||
|
||||
install-archive: install-archive-$(DYEXT)
|
||||
install-archive-so install-archive-dylib install-archive-sl install-archive-none: libpcap.a
|
||||
#
|
||||
# Most platforms have separate suffixes for shared and
|
||||
# archive libraries, so we install both.
|
||||
#
|
||||
[ -d $(DESTDIR)$(libdir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir))
|
||||
$(INSTALL_DATA) libpcap.a $(DESTDIR)$(libdir)/libpcap.a
|
||||
$(RANLIB) $(DESTDIR)$(libdir)/libpcap.a
|
||||
[ -d $(DESTDIR)$(includedir) ] || \
|
||||
(mkdir -p $(DESTDIR)$(includedir); chmod 755 $(DESTDIR)$(includedir))
|
||||
$(INSTALL_DATA) $(srcdir)/pcap.h $(DESTDIR)$(includedir)/pcap.h
|
||||
$(INSTALL_DATA) $(srcdir)/pcap-bpf.h \
|
||||
$(DESTDIR)$(includedir)/pcap-bpf.h
|
||||
$(INSTALL_DATA) $(srcdir)/pcap-namedb.h \
|
||||
$(DESTDIR)$(includedir)/pcap-namedb.h
|
||||
[ -d $(DESTDIR)$(mandir)/man3 ] || \
|
||||
(mkdir -p $(DESTDIR)$(mandir)/man3; chmod 755 $(DESTDIR)$(mandir)/man3)
|
||||
$(INSTALL_DATA) $(srcdir)/pcap.3 \
|
||||
$(DESTDIR)$(mandir)/man3/pcap.3
|
||||
install-archive-shareda:
|
||||
#
|
||||
# AIX, however, doesn't, so we don't install the archive
|
||||
# library on AIX.
|
||||
#
|
||||
|
||||
install-shared: install-shared-$(DYEXT)
|
||||
install-shared-so: libpcap.so
|
||||
$(INSTALL_PROGRAM) libpcap.so.`cat VERSION` $(DESTDIR)$(libdir)/libpcap.so.`cat VERSION`
|
||||
install-shared-dylib: libpcap.dylib
|
||||
$(INSTALL_PROGRAM) libpcap.`cat VERSION`.dylib $(DESTDIR)$(libdir)/libpcap.`cat VERSION`.dylib
|
||||
VER=`cat VERSION`; cd $(DESTDIR)$(libdir) && ln -sf libpcap.$$VER.dylib libpcap.0.dylib; ln -sf libpcap.0.dylib libpcap.dylib
|
||||
|
||||
uninstall:
|
||||
uninstall: uninstall-shared
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.a
|
||||
rm -f $(DESTDIR)$(includedir)/pcap.h
|
||||
rm -f $(DESTDIR)$(includedir)/pcap-bpf.h
|
||||
rm -f $(DESTDIR)$(includedir)/pcap-namedb.h
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap.3
|
||||
for i in $(PUBHDR); do \
|
||||
rm -f $(DESTDIR)$(includedir)/$$i; done
|
||||
-rmdir $(DESTDIR)$(includedir)/pcap
|
||||
rm -f $(DESTDIR)/$(bindir)/pcap-config
|
||||
for i in $(MAN1); do \
|
||||
rm -f $(DESTDIR)$(mandir)/man1/$$i; done
|
||||
for i in $(MAN3PCAP); do \
|
||||
rm -f $(DESTDIR)$(mandir)/man3/$$i; done
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_datalink_val_to_description.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_dump_fopen.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_freealldevs.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_perror.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_sendpacket.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_free_datalinks.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_free_tstamp_types.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_dispatch.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_minor_version.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_next.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_fopen_offline.3pcap
|
||||
rm -f $(DESTDIR)$(mandir)/man3/pcap_getnonblock.3pcap
|
||||
for i in $(MANFILE); do \
|
||||
rm -f $(DESTDIR)$(mandir)/man@MAN_FILE_FORMATS@/`echo $$i | sed 's/.manfile.in/.@MAN_FILE_FORMATS@/'`; done
|
||||
for i in $(MANMISC); do \
|
||||
rm -f $(DESTDIR)$(mandir)/man@MAN_MISC_INFO@/`echo $$i | sed 's/.manmisc.in/.@MAN_MISC_INFO@/'`; done
|
||||
|
||||
uninstall-shared: uninstall-shared-$(DYEXT)
|
||||
uninstall-shared-so:
|
||||
VER=`cat $(srcdir)/VERSION`; \
|
||||
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.so.$$VER; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.so.$$MAJOR_VER; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.so
|
||||
uninstall-shared-dylib:
|
||||
VER=`cat $(srcdir)/VERSION`; \
|
||||
MAJOR_VER=A; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.$$VER.dylib; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.$$MAJOR_VER.dylib; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.dylib
|
||||
uninstall-shared-sl:
|
||||
MAJOR_VER=`sed 's/\([0-9][0-9]*\)\..*/\1/' $(srcdir)/VERSION`; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.$$MAJOR_VER; \
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.sl
|
||||
uninstall-shared-shareda:
|
||||
rm -f $(DESTDIR)$(libdir)/libpcap.a
|
||||
uninstall-shared-none:
|
||||
|
||||
clean:
|
||||
rm -f $(CLEANFILES) libpcap*.dylib libpcap.so*
|
||||
rm -f $(CLEANFILES)
|
||||
|
||||
distclean: clean
|
||||
rm -f Makefile config.cache config.log config.status \
|
||||
config.h gnuc.h os-proto.h bpf_filter.c stamp-h stamp-h.in
|
||||
config.h gnuc.h net os-proto.h bpf_filter.c pcap-config \
|
||||
stamp-h stamp-h.in
|
||||
rm -f $(MAN3PCAP_EXPAND:.in=) $(MANFILE:.in=) $(MANMISC:.in=)
|
||||
rm -rf autom4te.cache
|
||||
|
||||
tags: $(TAGFILES)
|
||||
|
@ -216,19 +703,14 @@ packaging/pcap.spec: packaging/pcap.spec.in VERSION
|
|||
RPMVERSION=`cat VERSION | sed s/-.*//g`; \
|
||||
sed -e s/@VERSION@/$$RPMVERSION/ -e s/@NAME@/libpcap-`cat VERSION`/ $< > $@
|
||||
|
||||
tar: Makefile packaging/pcap.spec
|
||||
@cwd=`pwd` ; dir=`basename $$cwd` ; name=libpcap-`cat VERSION` ; \
|
||||
list="" ; tar="tar chf" ; \
|
||||
for i in `cat FILES` ; do list="$$list $$name/$$i" ; done; \
|
||||
echo \
|
||||
"rm -f ../$$name; ln -s $$dir ../$$name" ; \
|
||||
rm -f ../$$name; ln -s $$dir ../$$name ; \
|
||||
echo \
|
||||
"(cd .. ; $$tar - [lots of files]) | gzip -c > /tmp/$$name.tar.gz" ; \
|
||||
(cd .. ; $$tar - $$list) | gzip -c > /tmp/$$name.tar.gz ; \
|
||||
echo \
|
||||
"rm -f ../$$name" ; \
|
||||
rm -f ../$$name
|
||||
releasetar:
|
||||
@cwd=`pwd` ; dir=`basename $$cwd` ; name=$(PROG)-`cat VERSION` ; \
|
||||
mkdir $$name; \
|
||||
tar cf - $(CSRC) $(HDR) $(MAN1) $(MAN3PCAP_EXPAND) \
|
||||
$(MAN3PCAP_NOEXPAND) $(MANFILE) $(MANMISC) $(EXTRA_DIST) | \
|
||||
(cd $$name; tar xf -); \
|
||||
tar -c -z -f $$name.tar.gz $$name; \
|
||||
rm -rf $$name
|
||||
|
||||
depend: $(GENSRC) $(GENHDR) bpf_filter.c
|
||||
./mkdep -c $(CC) $(DEFS) $(INCLS) $(SRC)
|
||||
|
|
48
README
48
README
|
@ -1,20 +1,20 @@
|
|||
@(#) $Header: /tcpdump/master/libpcap/README,v 1.30 2004-10-12 02:02:28 guy Exp $ (LBL)
|
||||
@(#) $Header: /tcpdump/master/libpcap/README,v 1.34 2008-12-14 19:44:14 guy Exp $ (LBL)
|
||||
|
||||
LIBPCAP 0.9
|
||||
Now maintained by "The Tcpdump Group"
|
||||
See www.tcpdump.org
|
||||
LIBPCAP 1.x.y
|
||||
|
||||
Please send inquiries/comments/reports to tcpdump-workers@tcpdump.org
|
||||
www.tcpdump.org
|
||||
|
||||
Anonymous CVS is available via:
|
||||
cvs -d :pserver:tcpdump@cvs.tcpdump.org:/tcpdump/master login
|
||||
(password "anoncvs")
|
||||
cvs -d :pserver:tcpdump@cvs.tcpdump.org:/tcpdump/master checkout libpcap
|
||||
Please send inquiries/comments/reports to:
|
||||
tcpdump-workers@lists.tcpdump.org
|
||||
|
||||
Version 0.9 of LIBPCAP can be retrieved with the CVS tag "libpcap_0_9rel1":
|
||||
cvs -d :pserver:tcpdump@cvs.tcpdump.org:/tcpdump/master checkout -r libpcap_0_9rel1 libpcap
|
||||
Anonymous Git is available via:
|
||||
git clone git://bpf.tcpdump.org/libpcap
|
||||
|
||||
Please send patches against the master copy to patches@tcpdump.org.
|
||||
Version 1.x.y of LIBPCAP can be retrieved with the CVS tag "libpcap_1_{x}rel{y}":
|
||||
cvs -d :pserver:tcpdump@cvs.tcpdump.org:/tcpdump/master checkout -r libpcap_1_{x}rel{y} libpcap
|
||||
|
||||
Please submit patches against the master copy to the libpcap project on
|
||||
sourceforge.net.
|
||||
|
||||
formerly from Lawrence Berkeley National Laboratory
|
||||
Network Research Group <libpcap@ee.lbl.gov>
|
||||
|
@ -30,8 +30,6 @@ require this functionality, we've created this system-independent API
|
|||
to ease in porting and to alleviate the need for several
|
||||
system-dependent packet capture modules in each application.
|
||||
|
||||
Note well: this interface is new and is likely to change.
|
||||
|
||||
For some platforms there are README.{system} files that discuss issues
|
||||
with the OS's interface for packet capture on those platforms, such as
|
||||
how to enable support for that interface in the OS, if it's not built in
|
||||
|
@ -77,16 +75,28 @@ Linux, in the 2.2 kernel and later kernels, has a "Socket Filter"
|
|||
mechanism that accepts BPF filters; see the README.linux file for
|
||||
information on configuring that option.
|
||||
|
||||
Note to Linux distributions and *BSD systems that include libpcap:
|
||||
|
||||
There's now a rule to make a shared library, which should work on Linux
|
||||
and *BSD, among other platforms.
|
||||
|
||||
It sets the soname of the library to "libpcap.so.1"; this is what it
|
||||
should be, *NOT* libpcap.so.1.x or libpcap.so.1.x.y or something such as
|
||||
that.
|
||||
|
||||
We've been maintaining binary compatibility between libpcap releases for
|
||||
quite a while; there's no reason to tie a binary linked with libpcap to
|
||||
a particular release of libpcap.
|
||||
|
||||
Problems, bugs, questions, desirable enhancements, etc. should be sent
|
||||
to the address "tcpdump-workers@tcpdump.org". Bugs, support requests,
|
||||
and feature requests may also be submitted on the SourceForge site for
|
||||
libpcap at
|
||||
to the address "tcpdump-workers@lists.tcpdump.org". Bugs, support
|
||||
requests, and feature requests may also be submitted on the SourceForge
|
||||
site for libpcap at
|
||||
|
||||
http://sourceforge.net/projects/libpcap/
|
||||
|
||||
Source code contributions, etc. should be sent to the email address
|
||||
"patches@tcpdump.org", or submitted as patches on the SourceForge site
|
||||
for libpcap.
|
||||
submitted as patches on the SourceForge site for libpcap.
|
||||
|
||||
Current versions can be found at www.tcpdump.org, or the SourceForge
|
||||
site for libpcap.
|
||||
|
|
|
@ -21,7 +21,7 @@ The WinPcap source code already contains a recent (usually the latest
|
|||
stable) version of libpcap. If you need to compile a different one,
|
||||
simply download it from www.tcpdump.org and copy the sources in the
|
||||
winpcap\wpcap\libpcap folder of the WinPcap distribution. If you want to
|
||||
compile a libpcap source retrieved from the tcpdump.org CVS, you will
|
||||
compile a libpcap source retrieved from the tcpdump.org Git, you will
|
||||
have to create the scanner and the grammar by hand (with lex and yacc)
|
||||
or with the cygnus makefile, since The Visual Studio project is not able
|
||||
to build them.
|
||||
|
|
13
README.aix
13
README.aix
|
@ -13,14 +13,17 @@ Using BPF:
|
|||
|
||||
(2) If libpcap doesn't compile on your machine when configured to use
|
||||
BPF, or if the workarounds fail to make it work correctly, you
|
||||
should send to tcpdump-workers@tcpdump.org a detailed bug report (if
|
||||
the compile fails, send us the compile error messages; if it
|
||||
compiles but fails to work correctly, send us as detailed as
|
||||
should send to tcpdump-workers@lists.tcpdump.org a detailed bug
|
||||
report (if the compile fails, send us the compile error messages;
|
||||
if it compiles but fails to work correctly, send us as detailed as
|
||||
possible a description of the symptoms, including indications of the
|
||||
network link-layer type being wrong or time stamps being wrong).
|
||||
|
||||
If you fix the problems yourself, please send to patches@tcpdump.org
|
||||
a patch, so we can incorporate them into the next release.
|
||||
If you fix the problems yourself, please submit a patch to
|
||||
|
||||
http://sourceforge.net/projects/libpcap/
|
||||
|
||||
so we can incorporate them into the next release.
|
||||
|
||||
If you don't fix the problems yourself, you can, as a workaround,
|
||||
make libpcap use DLPI instead of BPF.
|
||||
|
|
72
README.dag
72
README.dag
|
@ -37,12 +37,78 @@ cards and will not capture from the native OS packet stream.
|
|||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Libpcap when built for DAG cards against dag-2.5.1 or later releases:
|
||||
|
||||
Timeouts are supported. pcap_dispatch() will return after to_ms milliseconds
|
||||
regardless of how many packets are received. If to_ms is zero pcap_dispatch()
|
||||
will block waiting for data indefinitely.
|
||||
|
||||
pcap_dispatch() will block on and process a minimum of 64kB of data (before
|
||||
filtering) for efficiency. This can introduce high latencies on quiet
|
||||
interfaces unless a timeout value is set. The timeout expiring will override
|
||||
the 64kB minimum causing pcap_dispatch() to process any available data and
|
||||
return.
|
||||
|
||||
pcap_setnonblock is supported. When nonblock is set, pcap_dispatch() will
|
||||
check once for available data, process any data available up to count, then
|
||||
return immediately.
|
||||
|
||||
pcap_findalldevs() is supported, e.g. dag0, dag1...
|
||||
|
||||
Some DAG cards can provide more than one 'stream' of received data.
|
||||
This can be data from different physical ports, or separated by filtering
|
||||
or load balancing mechanisms. Receive streams have even numbers, e.g.
|
||||
dag0:0, dag0:2 etc. Specifying transmit streams for capture is not supported.
|
||||
|
||||
pcap_setfilter() is supported, BPF programs run in userspace.
|
||||
|
||||
pcap_setdirection() is not supported. Only received traffic is captured.
|
||||
DAG cards normally do not have IP or link layer addresses assigned as
|
||||
they are used to passively monitor links.
|
||||
|
||||
pcap_breakloop() is supported.
|
||||
|
||||
pcap_datalink() and pcap_list_datalinks() are supported. The DAG card does
|
||||
not attempt to set the correct datalink type automatically where more than
|
||||
one type is possible.
|
||||
|
||||
pcap_stats() is supported. ps_drop is the number of packets dropped due to
|
||||
RX stream buffer overflow, this count is before filters are applied (it will
|
||||
include packets that would have been dropped by the filter). The RX stream
|
||||
buffer size is user configurable outside libpcap, typically 16-512MB.
|
||||
|
||||
pcap_get_selectable_fd() is not supported, as DAG cards do not support
|
||||
poll/select methods.
|
||||
|
||||
pcap_inject() and pcap_sendpacket() are not supported.
|
||||
|
||||
Some DAG cards now support capturing to multiple virtual interfaces, called
|
||||
streams. Capture streams have even numbers. These are available via libpcap
|
||||
as separate interfaces, e.g. dag0:0, dag0:2, dag0:4 etc. dag0:0 is the same
|
||||
as dag0. These are visible via pcap_findalldevs().
|
||||
|
||||
libpcap now does NOT set the card's hardware snaplen (slen). This must now be
|
||||
set using the appropriate DAG coniguration program, e.g. dagthree, dagfour,
|
||||
dagsix, dagconfig. This is because the snaplen is currently shared between
|
||||
all of the streams. In future this may change if per-stream slen is
|
||||
implemented.
|
||||
|
||||
DAG cards by default capture entire packets including the L2
|
||||
CRC/FCS. If the card is not configured to discard the CRC/FCS, this
|
||||
can confuse applications that use libpcap if they're not prepared for
|
||||
packets to have an FCS. Libpcap now reads the environment variable
|
||||
ERF_FCS_BITS to determine how many bits of CRC/FCS to strip from the
|
||||
end of the captured frame. This defaults to 32 for use with
|
||||
Ethernet. If the card is configured to strip the CRC/FCS, then set
|
||||
ERF_FCS_BITS=0. If used with a HDLC/PoS/PPP/Frame Relay link with 16
|
||||
bit CRC/FCS, then set ERF_FCS_BITS=16.
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Please submit bug reports via <support@endace.com>.
|
||||
|
||||
Please also visit our Web pages at:
|
||||
Please also visit our Web site at:
|
||||
|
||||
http://www.endace.com/
|
||||
http://dag.cs.waikato.ac.nz/
|
||||
|
||||
For more information about Endace DAG cards contact <sales@endace.com>.
|
||||
|
||||
|
|
20
README.linux
20
README.linux
|
@ -69,6 +69,26 @@ file says:
|
|||
file linux/Documentation/networking/filter.txt for more information.
|
||||
If unsure, say N.
|
||||
|
||||
Note that, by default, libpcap will, if libnl is present, build with it;
|
||||
it uses libnl to support monitor mode on mac80211 devices. There is a
|
||||
configuration option to disable building with libnl, but, if that option
|
||||
is chosen, the monitor-mode APIs (as used by tcpdump's "-I" flag, and as
|
||||
will probably be used by other applications in the future) won't work
|
||||
properly on mac80211 devices.
|
||||
|
||||
Linux's run-time linker allows shared libraries to be linked with other
|
||||
shared libraries, which means that if an older version of a shared
|
||||
library doesn't require routines from some other shared library, and a
|
||||
later version of the shared library does require those routines, the
|
||||
later version of the shared library can be linked with that other shared
|
||||
library and, if it's otherwise binary-compatible with the older version,
|
||||
can replace that older version without breaking applications built with
|
||||
the older version, and without breaking configure scripts or the build
|
||||
procedure for applications whose configure script doesn't use the
|
||||
pcap-config script if they build with the shared library. (The build
|
||||
procedure for applications whose configure scripts use the pcap-config
|
||||
script if present will not break even if they build with the static
|
||||
library.)
|
||||
|
||||
Statistics:
|
||||
Statistics reported by pcap are platform specific. The statistics
|
||||
|
|
|
@ -17,12 +17,17 @@ devfs is based on an older (non-default) FreeBSD devfs, and that version
|
|||
of devfs cannot be configured to set the permissions and/or ownership of
|
||||
those devices.
|
||||
|
||||
Therefore, we supply a "startup item" for OS X that will change the
|
||||
ownership of the BPF devices so that the "admin" group owns them, and
|
||||
will change the permission of the BPF devices to rw-rw----, so that all
|
||||
users in the "admin" group - i.e., all users with "Allow user to
|
||||
administer this computer" turned on - have both read and write access to
|
||||
them.
|
||||
Therefore, we supply:
|
||||
|
||||
a "startup item" for older versions of Mac OS X;
|
||||
|
||||
a launchd daemon for Tiger and later versions of Mac OS X;
|
||||
|
||||
Both of them will change the ownership of the BPF devices so that the
|
||||
"admin" group owns them, and will change the permission of the BPF
|
||||
devices to rw-rw----, so that all users in the "admin" group - i.e., all
|
||||
users with "Allow user to administer this computer" turned on - have
|
||||
both read and write access to them.
|
||||
|
||||
The startup item is in the ChmodBPF directory in the source tree. A
|
||||
/Library/StartupItems directory should be created if it doesn't already
|
||||
|
@ -30,7 +35,28 @@ exist, and the ChmodBPF directory should be copied to the
|
|||
/Library/StartupItems directory (copy the entire directory, so that
|
||||
there's a /Library/StartupItems/ChmodBPF directory, containing all the
|
||||
files in the source tree's ChmodBPF directory; don't copy the individual
|
||||
items in that directory to /Library/StartupItems).
|
||||
items in that directory to /Library/StartupItems). The ChmodBPF
|
||||
directory, and all files under it, must be owned by root. Installing
|
||||
the files won't immediately cause the startup item to be executed; it
|
||||
will be executed on the next reboot. To change the permissions before
|
||||
the reboot, run
|
||||
|
||||
sudo SystemStarter start ChmodBPF
|
||||
|
||||
The launchd daemon is the chmod_bpf script, plus the
|
||||
org.tcpdump.chmod_bpf.plist launchd plist file. chmod_bpf should be
|
||||
installed in /usr/local/bin/chmod_bpf, and org.tcpdump.chmod_bpf.plist
|
||||
should be installed in /Library/LaunchDaemons. chmod_bpf, and
|
||||
org.tcpdump.chmod_bpf.plist, must be owned by root. Installing the
|
||||
script and plist file won't immediately cause the script to be executed;
|
||||
it will be executed on the next reboot. To change the permissions
|
||||
before the reboot, run
|
||||
|
||||
sudo /usr/local/bin/chmod_bpf
|
||||
|
||||
or
|
||||
|
||||
sudo launchctl load /Library/LaunchDaemons/org.tcpdump.chmod_bpf.plist
|
||||
|
||||
If you want to give a particular user permission to access the BPF
|
||||
devices, rather than giving all administrative users permission to
|
||||
|
@ -41,3 +67,8 @@ give the administrative users permission to read but not write the BPF
|
|||
devices, you can have the script change the owner to that user, the
|
||||
group to "admin", and the permissions to rw-r-----. Other possibilities
|
||||
are left as an exercise for the reader.
|
||||
|
||||
(NOTE: due to a bug in Snow Leopard, if you change the permissions not
|
||||
to grant write permission to everybody who should be allowed to capture
|
||||
traffic, non-root users who cannot open the BPF devices for writing will
|
||||
not be able to capture outgoing packets.)
|
||||
|
|
|
@ -0,0 +1,50 @@
|
|||
The following instructions apply if you have a Linux platform and want
|
||||
libpcap to support the Septel range of passive network monitoring cards
|
||||
from Intel (http://www.intel.com)
|
||||
|
||||
1) Install and build the Septel software distribution by following the
|
||||
instructions supplied with that package.
|
||||
|
||||
2) Configure libcap. To allow the 'configure' script to locate the Septel
|
||||
software distribution use the '--with-septel' option:
|
||||
|
||||
./configure --with-septel=DIR
|
||||
|
||||
where DIR is the root of the Septel software distribution, for example
|
||||
/var/src/septel.
|
||||
|
||||
By default (if you write only ./configure --with-septel) it takes
|
||||
./../septel as argument for DIR.
|
||||
|
||||
If the Septel software is correctly detected 'configure' will
|
||||
report:
|
||||
|
||||
checking whether we have Septel API... yes
|
||||
|
||||
If 'configure' reports that there is no Septel API, the directory may have been
|
||||
incorrectly specified or the Septel software was not built before configuring
|
||||
libpcap.
|
||||
|
||||
See also the libpcap INSTALL.txt file for further libpcap configuration
|
||||
options.
|
||||
|
||||
Building libpcap at this stage will include support for both the native
|
||||
packet capture stream and for capturing from Septel cards. To build
|
||||
libpcap with only Septel support specify the capture type as 'septel'
|
||||
when configuring libpcap:
|
||||
|
||||
./configure --with-septel=DIR --with-pcap=septel
|
||||
|
||||
Applications built with libpcap configured in this way will only detect Septel
|
||||
cards and will not capture from the native OS packet stream.
|
||||
|
||||
Note: As mentioned in pcap-septel.c we should first edit the system.txt
|
||||
file to change the user part example (UPE) module id to 0xdd instead of
|
||||
0x2d for technical reason. So this change in system.txt is crutial and
|
||||
things will go wrong if it's not done. System.txt along with config.txt
|
||||
are configuration files that are edited by the user before running the
|
||||
gctload program that uses these files for initialising modules and
|
||||
configuring parameters.
|
||||
|
||||
----------------------------------------------------------------------
|
||||
for more information please contact me : gil_hoyek@hotmail.com
|
|
@ -0,0 +1,64 @@
|
|||
The following instructions apply if you have a Linux platform and want
|
||||
libpcap to support the 'ACN' WAN/LAN router product from from SITA
|
||||
(http://www.sita.aero)
|
||||
|
||||
This might also work on non-Linux Unix-compatible platforms, but that
|
||||
has not been tested.
|
||||
|
||||
See also the libpcap INSTALL.txt file for further libpcap configuration
|
||||
options.
|
||||
|
||||
These additions/extensions have been made to PCAP to allow it to
|
||||
capture packets from a SITA ACN device (and potentially others).
|
||||
|
||||
To enable its support you need to ensure that the distribution has
|
||||
a correct configure.in file; that can be created if neccessay by
|
||||
using the normal autoconf procedure of:
|
||||
|
||||
aclocal
|
||||
autoconf
|
||||
autoheader
|
||||
automake
|
||||
|
||||
Then run configure with the 'sita' option:
|
||||
|
||||
./configure --with-sita
|
||||
|
||||
Applications built with libpcap configured in this way will only detect SITA
|
||||
ACN interfaces and will not capture from the native OS packet stream.
|
||||
|
||||
The SITA extension provides a remote datascope operation for capturing
|
||||
both WAN and LAN protocols. It effectively splits the operation of
|
||||
PCAP into two halves. The top layer performs the majority of the
|
||||
work, but interfaces via a TCP session to remote agents that
|
||||
provide the lower layer functionality of actual sniffing and
|
||||
filtering. More detailed information regarding the functions and
|
||||
inter-device protocol and naming conventions are described in detail
|
||||
in 'pcap-sita.html'.
|
||||
|
||||
pcap_findalldevs() reads the local system's /etc/hosts file looking
|
||||
for host names that match the format of IOP type devices. ie. aaa_I_x_y
|
||||
and then queries each associated IP address for a list of its WAN and
|
||||
LAN devices. The local system the aggregates the lists obtained from
|
||||
each IOP, sorts it, and provides it (to Wireshark et.al) as the
|
||||
list of monitorable interfaces.
|
||||
|
||||
Once a valid interface has been selected, pcap_open() is called
|
||||
which opens a TCP session (to a well known port) on the target IOP
|
||||
and tells it to start monitoring.
|
||||
|
||||
All captured packets are then forwarded across that TCP session
|
||||
back to the local 'top layer' for forwarding to the actual
|
||||
sniffing program (wireshark...)
|
||||
|
||||
Note that the DLT_SITA link-layer type includes a proprietary header
|
||||
that is documented as part of the SITA dissector of Wireshark and is
|
||||
also described in 'pcap-sita.html' for posterity sake.
|
||||
|
||||
That header provides:
|
||||
- Packet direction (in/out) (1 octet)
|
||||
- Link layer hardware signal status (1 octet)
|
||||
- Transmit/Receive error status (2 octets)
|
||||
- Encapsulated WAN protocol ID (1 octet)
|
||||
|
||||
|
9
TODO
9
TODO
|
@ -6,7 +6,7 @@ Important stuff (to be done before the next release)
|
|||
|
||||
General
|
||||
|
||||
- configure should not be in the CVS. Most open source projects have an
|
||||
- configure should not be in Git. Most open source projects have an
|
||||
autogen.sh script to run autoconf etc. after checkout. I think we
|
||||
should stick to the standard.
|
||||
|
||||
|
@ -15,13 +15,6 @@ General
|
|||
style (okay, you can guess that by looking at the code) and a guide for
|
||||
what needs to be documented.
|
||||
|
||||
Linux kernel interface
|
||||
|
||||
- Currently there is a race condition in that a socket is activated at the
|
||||
same time it is opened - before applying a filter. This has to
|
||||
be corrected so that capture starts when pcap_read is called for the
|
||||
first time.
|
||||
|
||||
Less urgent items
|
||||
-----------------
|
||||
|
||||
|
|
|
@ -90,6 +90,29 @@ extern struct hostent *getipnodebyaddr (const void *, size_t, int, int *);
|
|||
extern struct hostent *getipnodebyname (const char *, int, int, int *);
|
||||
extern int inet_pton (int, const char *, void *);
|
||||
extern const char *inet_ntop (int, const void *, char *, size_t);
|
||||
#else
|
||||
|
||||
#ifndef EAI_BADHINTS
|
||||
#define EAI_BADHINTS 12
|
||||
#endif
|
||||
|
||||
#ifndef EAI_PROTOCOL
|
||||
#define EAI_PROTOCOL 13
|
||||
#endif
|
||||
|
||||
#ifndef EAI_MAX
|
||||
#define EAI_MAX 14
|
||||
#endif
|
||||
|
||||
#ifndef NETDB_INTERNAL
|
||||
#define NETDB_INTERNAL -1 /* see errno */
|
||||
#endif
|
||||
|
||||
#ifndef AI_MASK
|
||||
/* valid flags for addrinfo */
|
||||
#define AI_MASK (AI_PASSIVE | AI_CANONNAME | AI_NUMERICHOST)
|
||||
#endif
|
||||
|
||||
#endif /* HAVE_ADDRINFO */
|
||||
|
||||
/*
|
||||
|
@ -120,3 +143,4 @@ extern const char *inet_ntop (int, const void *, char *, size_t);
|
|||
#ifndef NI_DGRAM
|
||||
#define NI_DGRAM 0x00000010
|
||||
#endif
|
||||
|
||||
|
|
|
@ -30,57 +30,60 @@
|
|||
#define _BITTYPES_H
|
||||
|
||||
#ifndef HAVE_U_INT8_T
|
||||
|
||||
#if SIZEOF_CHAR == 1
|
||||
typedef unsigned char u_int8_t;
|
||||
typedef signed char int8_t;
|
||||
#elif SIZEOF_INT == 1
|
||||
typedef unsigned int u_int8_t;
|
||||
typedef signed int int8_t;
|
||||
#else /* XXX */
|
||||
#error "there's no appropriate type for u_int8_t"
|
||||
#endif
|
||||
#define HAVE_U_INT8_T 1
|
||||
#define HAVE_INT8_T 1
|
||||
|
||||
#endif /* HAVE_U_INT8_T */
|
||||
|
||||
#ifndef HAVE_U_INT16_T
|
||||
|
||||
#if SIZEOF_SHORT == 2
|
||||
typedef unsigned short u_int16_t;
|
||||
typedef signed short int16_t;
|
||||
#elif SIZEOF_INT == 2
|
||||
typedef unsigned int u_int16_t;
|
||||
typedef signed int int16_t;
|
||||
#elif SIZEOF_CHAR == 2
|
||||
typedef unsigned char u_int16_t;
|
||||
typedef signed char int16_t;
|
||||
#else /* XXX */
|
||||
#error "there's no appropriate type for u_int16_t"
|
||||
#endif
|
||||
#define HAVE_U_INT16_T 1
|
||||
#define HAVE_INT16_T 1
|
||||
|
||||
#endif /* HAVE_U_INT16_T */
|
||||
|
||||
#ifndef HAVE_U_INT32_T
|
||||
|
||||
#if SIZEOF_INT == 4
|
||||
typedef unsigned int u_int32_t;
|
||||
typedef signed int int32_t;
|
||||
#elif SIZEOF_LONG == 4
|
||||
typedef unsigned long u_int32_t;
|
||||
typedef signed long int32_t;
|
||||
#elif SIZEOF_SHORT == 4
|
||||
typedef unsigned short u_int32_t;
|
||||
typedef signed short int32_t;
|
||||
#else /* XXX */
|
||||
#error "there's no appropriate type for u_int32_t"
|
||||
#endif
|
||||
#define HAVE_U_INT32_T 1
|
||||
#define HAVE_INT32_T 1
|
||||
|
||||
#endif /* HAVE_U_INT32_T */
|
||||
|
||||
#ifndef HAVE_U_INT64_T
|
||||
#ifdef _MSC_EXTENSIONS
|
||||
typedef unsigned _int64 u_int64_t;
|
||||
typedef _int64 int64_t;
|
||||
#else /* _MSC_EXTENSIONS */
|
||||
typedef unsigned long long u_int64_t;
|
||||
typedef long long int64_t;
|
||||
#endif /* _MSC_EXTENSIONS */
|
||||
#endif /* HAVE_U_INT64_T */
|
||||
|
||||
#ifndef PRId64
|
||||
#ifdef _MSC_EXTENSIONS
|
||||
#define PRId64 "I64d"
|
||||
#else /* _MSC_EXTENSIONS */
|
||||
#define PRId64 "lld"
|
||||
#endif /* _MSC_EXTENSIONS */
|
||||
#endif /* PRId64 */
|
||||
|
||||
#ifndef PRIo64
|
||||
#ifdef _MSC_EXTENSIONS
|
||||
#define PRIo64 "I64o"
|
||||
#else /* _MSC_EXTENSIONS */
|
||||
#define PRIo64 "llo"
|
||||
#endif /* _MSC_EXTENSIONS */
|
||||
#endif /* PRIo64 */
|
||||
|
||||
#ifndef PRIx64
|
||||
#ifdef _MSC_EXTENSIONS
|
||||
#define PRIx64 "I64x"
|
||||
#else /* _MSC_EXTENSIONS */
|
||||
#define PRIx64 "llx"
|
||||
#endif /* _MSC_EXTENSIONS */
|
||||
#endif /* PRIx64 */
|
||||
|
||||
#ifndef PRIu64
|
||||
#ifdef _MSC_EXTENSIONS
|
||||
#define PRIu64 "I64u"
|
||||
#else /* _MSC_EXTENSIONS */
|
||||
#define PRIu64 "llu"
|
||||
#endif /* _MSC_EXTENSIONS */
|
||||
#endif /* PRIu64 */
|
||||
|
||||
#endif /* _BITTYPES_H */
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/Win32/Include/ip6_misc.h,v 1.4 2004-07-06 23:45:29 risso Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/Win32/Include/ip6_misc.h,v 1.5 2006-01-22 18:02:18 gianluca Exp $ (LBL)
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -27,17 +27,17 @@
|
|||
|
||||
#include <winsock2.h>
|
||||
|
||||
#ifndef __MINGW32__
|
||||
#include <ws2tcpip.h>
|
||||
#endif /* __MINGW32__ */
|
||||
|
||||
#ifndef __MINGW32__
|
||||
#define IN_MULTICAST(a) IN_CLASSD(a)
|
||||
#endif
|
||||
|
||||
#define IN_EXPERIMENTAL(a) ((((u_int32_t) (a)) & 0xf0000000) == 0xf0000000)
|
||||
|
||||
#define IN_LOOPBACKNET 127
|
||||
|
||||
#ifdef __MINGW32__
|
||||
#if defined(__MINGW32__) && defined(DEFINE_ADDITIONAL_IPV6_STUFF)
|
||||
/* IPv6 address */
|
||||
struct in6_addr
|
||||
{
|
||||
|
@ -58,12 +58,12 @@ struct in6_addr
|
|||
#endif /* __MINGW32__ */
|
||||
|
||||
|
||||
#if (defined WIN32) || (defined __MINGW32__)
|
||||
#if (defined _MSC_VER) || (defined(__MINGW32__) && defined(DEFINE_ADDITIONAL_IPV6_STUFF))
|
||||
typedef unsigned short sa_family_t;
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef __MINGW32__
|
||||
#if defined(__MINGW32__) && defined(DEFINE_ADDITIONAL_IPV6_STUFF)
|
||||
|
||||
#define __SOCKADDR_COMMON(sa_prefix) \
|
||||
sa_family_t sa_prefix##family
|
||||
|
@ -147,7 +147,7 @@ struct sockaddr_in6
|
|||
#define IP6OPT_MUTABLE 0x20
|
||||
|
||||
|
||||
#ifdef __MINGW32__
|
||||
#if defined(__MINGW32__) && defined(DEFINE_ADDITIONAL_IPV6_STUFF)
|
||||
#ifndef EAI_ADDRFAMILY
|
||||
struct addrinfo {
|
||||
int ai_flags; /* AI_PASSIVE, AI_CANONNAME */
|
||||
|
|
|
@ -41,7 +41,7 @@ RSC=rc.exe
|
|||
# PROP Intermediate_Dir "Release"
|
||||
# PROP Target_Dir ""
|
||||
# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /YX /FD /c
|
||||
# ADD CPP /nologo /MT /W3 /GX /O2 /I "../../" /I "../../lbl/" /I "../../bpf/" /I "../include/" /I "../../../../common" /I "../../../../dag/include" /I "../../../../dag/drv/windows" /D "NDEBUG" /D "YY_NEVER_INTERACTIVE" /D yylval=pcap_lval /D "_USRDLL" /D "LIBPCAP_EXPORTS" /D "HAVE_STRERROR" /D "__STDC__" /D "INET6" /D "_WINDOWS" /D "_MBCS" /D SIZEOF_CHAR=1 /D SIZEOF_SHORT=2 /D SIZEOF_INT=4 /D "HAVE_ADDRINFO" /D "WIN32" /D _U_= /D "HAVE_SNPRINTF" /D "HAVE_VSNPRINTF" /YX /FD /c
|
||||
# ADD CPP /nologo /MT /W3 /GX /O2 /I "../../" /I "../../lbl/" /I "../../bpf/" /I "../include/" /I "../../../../common" /I "../../../../dag/include" /I "../../../../dag/drv/windows" /D "NDEBUG" /D "YY_NEVER_INTERACTIVE" /D yylval=pcap_lval /D "_USRDLL" /D "LIBPCAP_EXPORTS" /D "HAVE_STRERROR" /D "__STDC__" /D "INET6" /D "_WINDOWS" /D "_MBCS" /D "HAVE_ADDRINFO" /D "WIN32" /D _U_= /D "HAVE_SNPRINTF" /D "HAVE_VSNPRINTF" /YX /FD /c
|
||||
# ADD BASE RSC /l 0x409 /d "NDEBUG"
|
||||
# ADD RSC /l 0x409 /d "NDEBUG"
|
||||
BSC32=bscmake.exe
|
||||
|
@ -64,7 +64,7 @@ LIB32=link.exe -lib
|
|||
# PROP Intermediate_Dir "Debug"
|
||||
# PROP Target_Dir ""
|
||||
# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c
|
||||
# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "../../" /I "../../lbl/" /I "../../bpf/" /I "../include/" /I "../../../../common" /I "../../../../dag/include" /I "../../../../dag/drv/windows" /D "_DEBUG" /D "YY_NEVER_INTERACTIVE" /D yylval=pcap_lval /D "_USRDLL" /D "LIBPCAP_EXPORTS" /D "HAVE_STRERROR" /D "__STDC__" /D "INET6" /D "_WINDOWS" /D "_MBCS" /D SIZEOF_CHAR=1 /D SIZEOF_SHORT=2 /D SIZEOF_INT=4 /D "HAVE_ADDRINFO" /D "WIN32" /D _U_= /D "HAVE_SNPRINTF" /D "HAVE_VSNPRINTF" /YX /FD /GZ /c
|
||||
# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "../../" /I "../../lbl/" /I "../../bpf/" /I "../include/" /I "../../../../common" /I "../../../../dag/include" /I "../../../../dag/drv/windows" /D "_DEBUG" /D "YY_NEVER_INTERACTIVE" /D yylval=pcap_lval /D "_USRDLL" /D "LIBPCAP_EXPORTS" /D "HAVE_STRERROR" /D "__STDC__" /D "INET6" /D "_WINDOWS" /D "_MBCS" /D "HAVE_ADDRINFO" /D "WIN32" /D _U_= /D "HAVE_SNPRINTF" /D "HAVE_VSNPRINTF" /YX /FD /GZ /c
|
||||
# ADD BASE RSC /l 0x409 /d "_DEBUG"
|
||||
# ADD RSC /l 0x409 /d "_DEBUG"
|
||||
BSC32=bscmake.exe
|
||||
|
|
|
@ -0,0 +1,83 @@
|
|||
/*
|
||||
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the project nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
#include <sys/cdefs.h>
|
||||
|
||||
__FBSDID("$FreeBSD: /repoman/r/ncvs/src/lib/libc/net/gai_strerror.c,v 1.1 2005/04/06 12:45:51 ume Exp $");
|
||||
|
||||
*/
|
||||
|
||||
#ifdef WIN32
|
||||
|
||||
#include <ws2tcpip.h>
|
||||
|
||||
#else
|
||||
|
||||
#include <netdb.h>
|
||||
|
||||
#endif
|
||||
|
||||
/* Entries EAI_ADDRFAMILY (1) and EAI_NODATA (7) are obsoleted, but left */
|
||||
/* for backward compatibility with userland code prior to 2553bis-02 */
|
||||
static char *ai_errlist[] = {
|
||||
"Success", /* 0 */
|
||||
"Address family for hostname not supported", /* 1 */
|
||||
"Temporary failure in name resolution", /* EAI_AGAIN */
|
||||
"Invalid value for ai_flags", /* EAI_BADFLAGS */
|
||||
"Non-recoverable failure in name resolution", /* EAI_FAIL */
|
||||
"ai_family not supported", /* EAI_FAMILY */
|
||||
"Memory allocation failure", /* EAI_MEMORY */
|
||||
"No address associated with hostname", /* 7 */
|
||||
"hostname nor servname provided, or not known", /* EAI_NONAME */
|
||||
"servname not supported for ai_socktype", /* EAI_SERVICE */
|
||||
"ai_socktype not supported", /* EAI_SOCKTYPE */
|
||||
"System error returned in errno", /* EAI_SYSTEM */
|
||||
"Invalid value for hints", /* EAI_BADHINTS */
|
||||
"Resolved protocol is unknown" /* EAI_PROTOCOL */
|
||||
};
|
||||
|
||||
#ifndef EAI_MAX
|
||||
#define EAI_MAX (sizeof(ai_errlist)/sizeof(ai_errlist[0]))
|
||||
#endif
|
||||
|
||||
/* on MingW, gai_strerror is available.
|
||||
We need to compile gai_strerrorA only for Cygwin
|
||||
*/
|
||||
#ifndef gai_strerror
|
||||
|
||||
char *
|
||||
WSAAPI gai_strerrorA(int ecode)
|
||||
{
|
||||
if (ecode >= 0 && ecode < EAI_MAX)
|
||||
return ai_errlist[ecode];
|
||||
return "Unknown error";
|
||||
}
|
||||
|
||||
#endif /* gai_strerror */
|
|
@ -45,13 +45,19 @@
|
|||
* in ai_flags?
|
||||
*/
|
||||
|
||||
/*
|
||||
* Mingw64 has its own implementation of getaddrinfo, mingw32 no
|
||||
*/
|
||||
#ifndef __MINGW64__
|
||||
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/Win32/Src/getaddrinfo.c,v 1.2 2003-11-15 23:24:06 guy Exp $";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/Win32/Src/getaddrinfo.c,v 1.3 2008-09-15 23:37:51 guy Exp $";
|
||||
#endif
|
||||
|
||||
#include <pcap-stdinc.h>
|
||||
|
@ -85,7 +91,7 @@ static const char rcsid[] _U_ =
|
|||
#ifdef NEED_ADDRINFO_H
|
||||
#include "addrinfo.h"
|
||||
#ifdef WIN32
|
||||
#include "IP6_misc.h"
|
||||
#include "ip6_misc.h"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
@ -252,6 +258,7 @@ do { \
|
|||
#define MATCH(x, y, w) \
|
||||
((x) == (y) || ((w) && ((x) == ANY || (y) == ANY)))
|
||||
|
||||
#if defined(DEFINE_ADDITIONAL_IPV6_STUFF)
|
||||
char *
|
||||
gai_strerror(ecode)
|
||||
int ecode;
|
||||
|
@ -260,6 +267,7 @@ gai_strerror(ecode)
|
|||
ecode = EAI_MAX;
|
||||
return ai_errlist[ecode];
|
||||
}
|
||||
#endif
|
||||
|
||||
void
|
||||
freeaddrinfo(ai)
|
||||
|
@ -981,10 +989,9 @@ get_canonname(pai, ai, str)
|
|||
const char *str;
|
||||
{
|
||||
if ((pai->ai_flags & AI_CANONNAME) != 0) {
|
||||
ai->ai_canonname = (char *)malloc(strlen(str) + 1);
|
||||
ai->ai_canonname = strdup(str);
|
||||
if (ai->ai_canonname == NULL)
|
||||
return EAI_MEMORY;
|
||||
strcpy(ai->ai_canonname, str);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
@ -1117,3 +1124,6 @@ find_afd(af)
|
|||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
#endif /*__MING64__*/
|
||||
|
|
|
@ -36,11 +36,11 @@
|
|||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id: inet_pton.c,v 1.2 2003-11-15 23:24:06 guy Exp $ */
|
||||
/* $Id: inet_pton.c,v 1.3 2007-09-27 18:02:20 gianluca Exp $ */
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/Win32/Src/inet_pton.c,v 1.2 2003-11-15 23:24:06 guy Exp $";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/Win32/Src/inet_pton.c,v 1.3 2007-09-27 18:02:20 gianluca Exp $";
|
||||
#endif
|
||||
|
||||
#include <errno.h>
|
||||
|
@ -58,6 +58,8 @@ int* _errno();
|
|||
|
||||
#include <pcap-stdinc.h>
|
||||
|
||||
int inet_aton(const char *cp, struct in_addr *addr);
|
||||
|
||||
int
|
||||
inet_pton(int af, const char *src, void *dst)
|
||||
{
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
/* Long story short: aclocal.m4 depends on autoconf 2.13
|
||||
* implementation details wrt "const"; newer versions
|
||||
* have different implementation details so for now we
|
||||
* put "const" here. This may cause duplicate definitions
|
||||
* in config.h but that should be OK since they're the same.
|
||||
*/
|
||||
#undef const
|
|
@ -1,4 +1,4 @@
|
|||
dnl @(#) $Header: /tcpdump/master/libpcap/aclocal.m4,v 1.85 2005-03-27 03:27:09 guy Exp $ (LBL)
|
||||
dnl @(#) $Header: /tcpdump/master/libpcap/aclocal.m4,v 1.93 2008-11-18 07:29:48 guy Exp $ (LBL)
|
||||
dnl
|
||||
dnl Copyright (c) 1995, 1996, 1997, 1998
|
||||
dnl The Regents of the University of California. All rights reserved.
|
||||
|
@ -22,6 +22,54 @@ dnl
|
|||
dnl LBL autoconf macros
|
||||
dnl
|
||||
|
||||
dnl
|
||||
dnl Do whatever AC_LBL_C_INIT work is necessary before using AC_PROG_CC.
|
||||
dnl
|
||||
dnl It appears that newer versions of autoconf (2.64 and later) will,
|
||||
dnl if you use AC_TRY_COMPILE in a macro, stick AC_PROG_CC at the
|
||||
dnl beginning of the macro, even if the macro itself calls AC_PROG_CC.
|
||||
dnl See the "Prerequisite Macros" and "Expanded Before Required" sections
|
||||
dnl in the Autoconf documentation.
|
||||
dnl
|
||||
dnl This causes a steaming heap of fail in our case, as we were, in
|
||||
dnl AC_LBL_C_INIT, doing the tests we now do in AC_LBL_C_INIT_BEFORE_CC,
|
||||
dnl calling AC_PROG_CC, and then doing the tests we now do in
|
||||
dnl AC_LBL_C_INIT. Now, we run AC_LBL_C_INIT_BEFORE_CC, AC_PROG_CC,
|
||||
dnl and AC_LBL_C_INIT at the top level.
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_C_INIT_BEFORE_CC,
|
||||
[AC_PREREQ(2.50)
|
||||
AC_BEFORE([$0], [AC_LBL_C_INIT])
|
||||
AC_BEFORE([$0], [AC_PROG_CC])
|
||||
AC_BEFORE([$0], [AC_LBL_FIXINCLUDES])
|
||||
AC_BEFORE([$0], [AC_LBL_DEVEL])
|
||||
AC_ARG_WITH(gcc, [ --without-gcc don't use gcc])
|
||||
$1="-O"
|
||||
$2=""
|
||||
if test "${srcdir}" != "." ; then
|
||||
$2="-I\$(srcdir)"
|
||||
fi
|
||||
if test "${CFLAGS+set}" = set; then
|
||||
LBL_CFLAGS="$CFLAGS"
|
||||
fi
|
||||
if test -z "$CC" ; then
|
||||
case "$host_os" in
|
||||
|
||||
bsdi*)
|
||||
AC_CHECK_PROG(SHLICC2, shlicc2, yes, no)
|
||||
if test $SHLICC2 = yes ; then
|
||||
CC=shlicc2
|
||||
export CC
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
if test -z "$CC" -a "$with_gcc" = no ; then
|
||||
CC=cc
|
||||
export CC
|
||||
fi
|
||||
])
|
||||
|
||||
dnl
|
||||
dnl Determine which compiler we're using (cc or gcc)
|
||||
dnl If using gcc, determine the version number
|
||||
|
@ -43,36 +91,10 @@ dnl ac_cv_lbl_gcc_vers
|
|||
dnl LBL_CFLAGS
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_C_INIT,
|
||||
[AC_PREREQ(2.12)
|
||||
AC_BEFORE([$0], [AC_PROG_CC])
|
||||
[AC_PREREQ(2.50)
|
||||
AC_BEFORE([$0], [AC_LBL_FIXINCLUDES])
|
||||
AC_BEFORE([$0], [AC_LBL_DEVEL])
|
||||
AC_ARG_WITH(gcc, [ --without-gcc don't use gcc])
|
||||
$1="-O"
|
||||
$2=""
|
||||
if test "${srcdir}" != "." ; then
|
||||
$2="-I\$(srcdir)"
|
||||
fi
|
||||
if test "${CFLAGS+set}" = set; then
|
||||
LBL_CFLAGS="$CFLAGS"
|
||||
fi
|
||||
if test -z "$CC" ; then
|
||||
case "$target_os" in
|
||||
|
||||
bsdi*)
|
||||
AC_CHECK_PROG(SHLICC2, shlicc2, yes, no)
|
||||
if test $SHLICC2 = yes ; then
|
||||
CC=shlicc2
|
||||
export CC
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
if test -z "$CC" -a "$with_gcc" = no ; then
|
||||
CC=cc
|
||||
export CC
|
||||
fi
|
||||
AC_PROG_CC
|
||||
AC_BEFORE([$0], [AC_LBL_SHLIBS_INIT])
|
||||
if test "$GCC" = yes ; then
|
||||
if test "$SHLICC2" = yes ; then
|
||||
ac_cv_lbl_gcc_vers=2
|
||||
|
@ -100,7 +122,7 @@ AC_DEFUN(AC_LBL_C_INIT,
|
|||
ac_cv_lbl_cc_ansi_prototypes=no))
|
||||
AC_MSG_RESULT($ac_cv_lbl_cc_ansi_prototypes)
|
||||
if test $ac_cv_lbl_cc_ansi_prototypes = no ; then
|
||||
case "$target_os" in
|
||||
case "$host_os" in
|
||||
|
||||
hpux*)
|
||||
AC_MSG_CHECKING(for HP-UX ansi compiler ($CC -Aa -D_HPUX_SOURCE))
|
||||
|
@ -117,10 +139,28 @@ AC_DEFUN(AC_LBL_C_INIT,
|
|||
AC_MSG_ERROR(see the INSTALL doc for more info)
|
||||
fi
|
||||
CFLAGS="$savedcflags"
|
||||
V_CCOPT="-Aa $V_CCOPT"
|
||||
$1="-Aa $$1"
|
||||
AC_DEFINE(_HPUX_SOURCE,1,[needed on HP-UX])
|
||||
;;
|
||||
|
||||
osf*)
|
||||
AC_MSG_CHECKING(for ansi mode in DEC compiler ($CC -std1))
|
||||
savedcflags="$CFLAGS"
|
||||
CFLAGS="-std1"
|
||||
AC_CACHE_VAL(ac_cv_lbl_cc_osf1_cc_std1,
|
||||
AC_TRY_COMPILE(
|
||||
[#include <sys/types.h>],
|
||||
[int frob(int, char *)],
|
||||
ac_cv_lbl_cc_osf1_cc_std1=yes,
|
||||
ac_cv_lbl_cc_osf1_cc_std1=no))
|
||||
AC_MSG_RESULT($ac_cv_lbl_cc_osf1_cc_std1)
|
||||
if test $ac_cv_lbl_cc_osf1_cc_std1 = no ; then
|
||||
AC_MSG_ERROR(see the INSTALL doc for more info)
|
||||
fi
|
||||
CFLAGS="$savedcflags"
|
||||
$1="-std1 $$1"
|
||||
;;
|
||||
|
||||
*)
|
||||
AC_MSG_ERROR(see the INSTALL doc for more info)
|
||||
;;
|
||||
|
@ -129,14 +169,18 @@ AC_DEFUN(AC_LBL_C_INIT,
|
|||
$2="$$2 -I/usr/local/include"
|
||||
LDFLAGS="$LDFLAGS -L/usr/local/lib"
|
||||
|
||||
case "$target_os" in
|
||||
case "$host_os" in
|
||||
|
||||
irix*)
|
||||
V_CCOPT="$V_CCOPT -xansi -signed -g3"
|
||||
$1="$$1 -xansi -signed -g3"
|
||||
;;
|
||||
|
||||
osf*)
|
||||
V_CCOPT="$V_CCOPT -std1 -g3"
|
||||
#
|
||||
# Presumed to be DEC OSF/1, Digital UNIX, or
|
||||
# Tru64 UNIX.
|
||||
#
|
||||
$1="$$1 -g3"
|
||||
;;
|
||||
|
||||
ultrix*)
|
||||
|
@ -150,13 +194,178 @@ AC_DEFUN(AC_LBL_C_INIT,
|
|||
ac_cv_lbl_cc_const_proto=no))
|
||||
AC_MSG_RESULT($ac_cv_lbl_cc_const_proto)
|
||||
if test $ac_cv_lbl_cc_const_proto = no ; then
|
||||
AC_DEFINE(const,)
|
||||
AC_DEFINE(const,[],
|
||||
[to handle Ultrix compilers that don't support const in prototypes])
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
])
|
||||
|
||||
dnl
|
||||
dnl Determine what options are needed to build a shared library
|
||||
dnl
|
||||
dnl usage:
|
||||
dnl
|
||||
dnl AC_LBL_SHLIBS_INIT
|
||||
dnl
|
||||
dnl results:
|
||||
dnl
|
||||
dnl V_CCOPT (modified to build position-independent code)
|
||||
dnl V_SHLIB_CMD
|
||||
dnl V_SHLIB_OPT
|
||||
dnl V_SONAME_OPT
|
||||
dnl V_RPATH_OPT
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_SHLIBS_INIT,
|
||||
[AC_PREREQ(2.50)
|
||||
if test "$GCC" = yes ; then
|
||||
#
|
||||
# On platforms where we build a shared library:
|
||||
#
|
||||
# add options to generate position-independent code,
|
||||
# if necessary (it's the default in AIX and Darwin/OS X);
|
||||
#
|
||||
# define option to set the soname of the shared library,
|
||||
# if the OS supports that;
|
||||
#
|
||||
# add options to specify, at link time, a directory to
|
||||
# add to the run-time search path, if that's necessary.
|
||||
#
|
||||
V_SHLIB_CMD="\$(CC)"
|
||||
V_SHLIB_OPT="-shared"
|
||||
case "$host_os" in
|
||||
|
||||
aix*)
|
||||
;;
|
||||
|
||||
freebsd*|netbsd*|openbsd*|dragonfly*|linux*|osf*)
|
||||
#
|
||||
# Platforms where the linker is the GNU linker
|
||||
# or accepts command-line arguments like
|
||||
# those the GNU linker accepts.
|
||||
#
|
||||
# Some instruction sets require -fPIC on some
|
||||
# operating systems. Check for them. If you
|
||||
# have a combination that requires it, add it
|
||||
# here.
|
||||
#
|
||||
PIC_OPT=-fpic
|
||||
case "$host_cpu" in
|
||||
|
||||
sparc64*)
|
||||
case "$host_os" in
|
||||
|
||||
freebsd*)
|
||||
PIC_OPT=-fPIC
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
esac
|
||||
V_CCOPT="$V_CCOPT $PIC_OPT"
|
||||
V_SONAME_OPT="-Wl,-soname,"
|
||||
V_RPATH_OPT="-Wl,-rpath,"
|
||||
;;
|
||||
|
||||
hpux*)
|
||||
V_CCOPT="$V_CCOPT -fpic"
|
||||
#
|
||||
# XXX - this assumes GCC is using the HP linker,
|
||||
# rather than the GNU linker, and that the "+h"
|
||||
# option is used on all HP-UX platforms, both .sl
|
||||
# and .so.
|
||||
#
|
||||
V_SONAME_OPT="-Wl,+h,"
|
||||
#
|
||||
# By default, directories specifed with -L
|
||||
# are added to the run-time search path, so
|
||||
# we don't add them in pcap-config.
|
||||
#
|
||||
;;
|
||||
|
||||
solaris*)
|
||||
V_CCOPT="$V_CCOPT -fpic"
|
||||
#
|
||||
# XXX - this assumes GCC is using the Sun linker,
|
||||
# rather than the GNU linker.
|
||||
#
|
||||
V_SONAME_OPT="-Wl,-h,"
|
||||
V_RPATH_OPT="-Wl,-R,"
|
||||
;;
|
||||
esac
|
||||
else
|
||||
#
|
||||
# Set the appropriate compiler flags and, on platforms
|
||||
# where we build a shared library:
|
||||
#
|
||||
# add options to generate position-independent code,
|
||||
# if necessary (it's the default in Darwin/OS X);
|
||||
#
|
||||
# if we generate ".so" shared libraries, define the
|
||||
# appropriate options for building the shared library;
|
||||
#
|
||||
# add options to specify, at link time, a directory to
|
||||
# add to the run-time search path, if that's necessary.
|
||||
#
|
||||
# Note: spaces after V_SONAME_OPT are significant; on
|
||||
# some platforms the soname is passed with a GCC-like
|
||||
# "-Wl,-soname,{soname}" option, with the soname part
|
||||
# of the option, while on other platforms the C compiler
|
||||
# driver takes it as a regular option with the soname
|
||||
# following the option. The same applies to V_RPATH_OPT.
|
||||
#
|
||||
case "$host_os" in
|
||||
|
||||
aix*)
|
||||
V_SHLIB_CMD="\$(CC)"
|
||||
V_SHLIB_OPT="-G -bnoentry -bexpall"
|
||||
;;
|
||||
|
||||
freebsd*|netbsd*|openbsd*|dragonfly*|linux*)
|
||||
#
|
||||
# "cc" is GCC.
|
||||
#
|
||||
V_CCOPT="$V_CCOPT -fpic"
|
||||
V_SHLIB_CMD="\$(CC)"
|
||||
V_SHLIB_OPT="-shared"
|
||||
V_SONAME_OPT="-Wl,-soname,"
|
||||
V_RPATH_OPT="-Wl,-rpath,"
|
||||
;;
|
||||
|
||||
hpux*)
|
||||
V_CCOPT="$V_CCOPT +z"
|
||||
V_SHLIB_CMD="\$(LD)"
|
||||
V_SHLIB_OPT="-b"
|
||||
V_SONAME_OPT="+h "
|
||||
#
|
||||
# By default, directories specifed with -L
|
||||
# are added to the run-time search path, so
|
||||
# we don't add them in pcap-config.
|
||||
#
|
||||
;;
|
||||
|
||||
osf*)
|
||||
#
|
||||
# Presumed to be DEC OSF/1, Digital UNIX, or
|
||||
# Tru64 UNIX.
|
||||
#
|
||||
V_SHLIB_CMD="\$(CC)"
|
||||
V_SHLIB_OPT="-shared"
|
||||
V_SONAME_OPT="-soname "
|
||||
V_RPATH_OPT="-rpath "
|
||||
;;
|
||||
|
||||
solaris*)
|
||||
V_CCOPT="$V_CCOPT -Kpic"
|
||||
V_SHLIB_CMD="\$(CC)"
|
||||
V_SHLIB_OPT="-G"
|
||||
V_SONAME_OPT="-h "
|
||||
V_RPATH_OPT="-R"
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
])
|
||||
|
||||
#
|
||||
# Try compiling a sample of the type of code that appears in
|
||||
# gencode.c with "inline", "__inline__", and "__inline".
|
||||
|
@ -208,114 +417,6 @@ AC_DEFUN(AC_LBL_C_INLINE,
|
|||
fi
|
||||
AC_DEFINE_UNQUOTED(inline, $ac_cv_lbl_inline, [Define as token for inline if inlining supported])])
|
||||
|
||||
dnl
|
||||
dnl Use pfopen.c if available and pfopen() not in standard libraries
|
||||
dnl Require libpcap
|
||||
dnl Look for libpcap in ..
|
||||
dnl Use the installed libpcap if there is no local version
|
||||
dnl
|
||||
dnl usage:
|
||||
dnl
|
||||
dnl AC_LBL_LIBPCAP(pcapdep, incls)
|
||||
dnl
|
||||
dnl results:
|
||||
dnl
|
||||
dnl $1 (pcapdep set)
|
||||
dnl $2 (incls appended)
|
||||
dnl LIBS
|
||||
dnl LBL_LIBS
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_LIBPCAP,
|
||||
[AC_REQUIRE([AC_LBL_LIBRARY_NET])
|
||||
dnl
|
||||
dnl save a copy before locating libpcap.a
|
||||
dnl
|
||||
LBL_LIBS="$LIBS"
|
||||
pfopen=/usr/examples/packetfilter/pfopen.c
|
||||
if test -f $pfopen ; then
|
||||
AC_CHECK_FUNCS(pfopen)
|
||||
if test $ac_cv_func_pfopen = "no" ; then
|
||||
AC_MSG_RESULT(Using $pfopen)
|
||||
LIBS="$LIBS $pfopen"
|
||||
fi
|
||||
fi
|
||||
AC_MSG_CHECKING(for local pcap library)
|
||||
libpcap=FAIL
|
||||
lastdir=FAIL
|
||||
places=`ls .. | sed -e 's,/$,,' -e 's,^,../,' | \
|
||||
egrep '/libpcap-[[0-9]]*\.[[0-9]]*(\.[[0-9]]*)?([[ab]][[0-9]]*)?$'`
|
||||
for dir in $places ../libpcap libpcap ; do
|
||||
basedir=`echo $dir | sed -e 's/[[ab]][[0-9]]*$//'`
|
||||
if test $lastdir = $basedir ; then
|
||||
dnl skip alphas when an actual release is present
|
||||
continue;
|
||||
fi
|
||||
lastdir=$dir
|
||||
if test -r $dir/pcap.c ; then
|
||||
libpcap=$dir/libpcap.a
|
||||
d=$dir
|
||||
dnl continue and select the last one that exists
|
||||
fi
|
||||
done
|
||||
if test $libpcap = FAIL ; then
|
||||
AC_MSG_RESULT(not found)
|
||||
AC_CHECK_LIB(pcap, main, libpcap="-lpcap")
|
||||
if test $libpcap = FAIL ; then
|
||||
AC_MSG_ERROR(see the INSTALL doc for more info)
|
||||
fi
|
||||
else
|
||||
$1=$libpcap
|
||||
$2="-I$d $$2"
|
||||
AC_MSG_RESULT($libpcap)
|
||||
fi
|
||||
LIBS="$libpcap $LIBS"
|
||||
case "$target_os" in
|
||||
|
||||
aix*)
|
||||
pseexe="/lib/pse.exp"
|
||||
AC_MSG_CHECKING(for $pseexe)
|
||||
if test -f $pseexe ; then
|
||||
AC_MSG_RESULT(yes)
|
||||
LIBS="$LIBS -I:$pseexe"
|
||||
fi
|
||||
;;
|
||||
esac])
|
||||
|
||||
dnl
|
||||
dnl Define RETSIGTYPE and RETSIGVAL
|
||||
dnl
|
||||
dnl usage:
|
||||
dnl
|
||||
dnl AC_LBL_TYPE_SIGNAL
|
||||
dnl
|
||||
dnl results:
|
||||
dnl
|
||||
dnl RETSIGTYPE (defined)
|
||||
dnl RETSIGVAL (defined)
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_TYPE_SIGNAL,
|
||||
[AC_BEFORE([$0], [AC_LBL_LIBPCAP])
|
||||
AC_TYPE_SIGNAL
|
||||
if test "$ac_cv_type_signal" = void ; then
|
||||
AC_DEFINE(RETSIGVAL,[],[return value of signal handlers])
|
||||
else
|
||||
AC_DEFINE(RETSIGVAL,(0),[return value of signal handlers])
|
||||
fi
|
||||
case "$target_os" in
|
||||
|
||||
irix*)
|
||||
AC_DEFINE(_BSD_SIGNALS,1,[get BSD semantics on Irix])
|
||||
;;
|
||||
|
||||
*)
|
||||
dnl prefer sigset() to sigaction()
|
||||
AC_CHECK_FUNCS(sigset)
|
||||
if test $ac_cv_func_sigset = no ; then
|
||||
AC_CHECK_FUNCS(sigaction)
|
||||
fi
|
||||
;;
|
||||
esac])
|
||||
|
||||
dnl
|
||||
dnl If using gcc, make sure we have ANSI ioctl definitions
|
||||
dnl
|
||||
|
@ -452,7 +553,7 @@ dnl
|
|||
dnl HAVE_SOCKADDR_SA_LEN (defined)
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_SOCKADDR_SA_LEN,
|
||||
[AC_MSG_CHECKING(if sockaddr struct has sa_len member)
|
||||
[AC_MSG_CHECKING(if sockaddr struct has the sa_len member)
|
||||
AC_CACHE_VAL(ac_cv_lbl_sockaddr_has_sa_len,
|
||||
AC_TRY_COMPILE([
|
||||
# include <sys/types.h>
|
||||
|
@ -462,7 +563,7 @@ AC_DEFUN(AC_LBL_SOCKADDR_SA_LEN,
|
|||
ac_cv_lbl_sockaddr_has_sa_len=no))
|
||||
AC_MSG_RESULT($ac_cv_lbl_sockaddr_has_sa_len)
|
||||
if test $ac_cv_lbl_sockaddr_has_sa_len = yes ; then
|
||||
AC_DEFINE(HAVE_SOCKADDR_SA_LEN,1,[if struct sockaddr has sa_len])
|
||||
AC_DEFINE(HAVE_SOCKADDR_SA_LEN,1,[if struct sockaddr has the sa_len member])
|
||||
fi])
|
||||
|
||||
dnl
|
||||
|
@ -545,40 +646,10 @@ AC_DEFUN(AC_LBL_HAVE_RUN_PATH,
|
|||
else
|
||||
ac_cv_lbl_have_run_path=no
|
||||
fi
|
||||
rm -f conftest*])
|
||||
rm -f -r conftest*])
|
||||
AC_MSG_RESULT($ac_cv_lbl_have_run_path)
|
||||
])
|
||||
|
||||
dnl
|
||||
dnl Due to the stupid way it's implemented, AC_CHECK_TYPE is nearly useless.
|
||||
dnl
|
||||
dnl usage:
|
||||
dnl
|
||||
dnl AC_LBL_CHECK_TYPE
|
||||
dnl
|
||||
dnl results:
|
||||
dnl
|
||||
dnl int32_t (defined)
|
||||
dnl u_int32_t (defined)
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_CHECK_TYPE,
|
||||
[AC_MSG_CHECKING(for $1 using $CC)
|
||||
AC_CACHE_VAL(ac_cv_lbl_have_$1,
|
||||
AC_TRY_COMPILE([
|
||||
# include "confdefs.h"
|
||||
# include <sys/types.h>
|
||||
# if STDC_HEADERS
|
||||
# include <stdlib.h>
|
||||
# include <stddef.h>
|
||||
# endif],
|
||||
[$1 i],
|
||||
ac_cv_lbl_have_$1=yes,
|
||||
ac_cv_lbl_have_$1=no))
|
||||
AC_MSG_RESULT($ac_cv_lbl_have_$1)
|
||||
if test $ac_cv_lbl_have_$1 = no ; then
|
||||
AC_DEFINE($1, $2, [if we have $1])
|
||||
fi])
|
||||
|
||||
dnl
|
||||
dnl Checks to see if unaligned memory accesses fail
|
||||
dnl
|
||||
|
@ -627,7 +698,7 @@ AC_DEFUN(AC_LBL_UNALIGNED_ACCESS,
|
|||
# know it does work, and have the script just fail on other
|
||||
# cpu types and update it when such a failure occurs.
|
||||
#
|
||||
alpha*|arm*|hp*|mips*|sh*|sparc*|ia64|nv1)
|
||||
alpha*|arm*|bfin*|hp*|mips*|sh*|sparc*|ia64|nv1)
|
||||
ac_cv_lbl_unaligned_fail=yes
|
||||
;;
|
||||
|
||||
|
@ -671,7 +742,7 @@ EOF
|
|||
ac_cv_lbl_unaligned_fail=no
|
||||
fi
|
||||
fi
|
||||
rm -f conftest* core core.conftest
|
||||
rm -f -r conftest* core core.conftest
|
||||
;;
|
||||
esac])
|
||||
AC_MSG_RESULT($ac_cv_lbl_unaligned_fail)
|
||||
|
@ -682,7 +753,7 @@ EOF
|
|||
dnl
|
||||
dnl If using gcc and the file .devel exists:
|
||||
dnl Compile with -g (if supported) and -Wall
|
||||
dnl If using gcc 2, do extra prototype checking
|
||||
dnl If using gcc 2 or later, do extra prototype checking
|
||||
dnl If an os prototype include exists, symlink os-proto.h to it
|
||||
dnl
|
||||
dnl usage:
|
||||
|
@ -712,7 +783,7 @@ AC_DEFUN(AC_LBL_DEVEL,
|
|||
fi
|
||||
fi
|
||||
else
|
||||
case "$target_os" in
|
||||
case "$host_os" in
|
||||
|
||||
irix6*)
|
||||
V_CCOPT="$V_CCOPT -n32"
|
||||
|
@ -722,11 +793,12 @@ AC_DEFUN(AC_LBL_DEVEL,
|
|||
;;
|
||||
esac
|
||||
fi
|
||||
os=`echo $target_os | sed -e 's/\([[0-9]][[0-9]]*\)[[^0-9]].*$/\1/'`
|
||||
os=`echo $host_os | sed -e 's/\([[0-9]][[0-9]]*\)[[^0-9]].*$/\1/'`
|
||||
name="lbl/os-$os.h"
|
||||
if test -f $name ; then
|
||||
ln -s $name os-proto.h
|
||||
AC_DEFINE(HAVE_OS_PROTO_H,1,[if there's an os_proto.h])
|
||||
AC_DEFINE(HAVE_OS_PROTO_H, 1,
|
||||
[if there's an os_proto.h for this platform, to use additional prototypes])
|
||||
else
|
||||
AC_MSG_WARN(can't find $name)
|
||||
fi
|
||||
|
@ -746,13 +818,19 @@ dnl results:
|
|||
dnl
|
||||
dnl LIBS
|
||||
dnl
|
||||
dnl XXX - "AC_LBL_LIBRARY_NET" was redone to use "AC_SEARCH_LIBS"
|
||||
dnl rather than "AC_LBL_CHECK_LIB", so this isn't used any more.
|
||||
dnl We keep it around for reference purposes in case it's ever
|
||||
dnl useful in the future.
|
||||
dnl
|
||||
|
||||
define(AC_LBL_CHECK_LIB,
|
||||
[AC_MSG_CHECKING([for $2 in -l$1])
|
||||
dnl Use a cache variable name containing both the library and function name,
|
||||
dnl because the test really is for library $1 defining function $2, not
|
||||
dnl just for library $1. Separate tests with the same $1 and different $2's
|
||||
dnl may have different results.
|
||||
dnl Use a cache variable name containing the library, function
|
||||
dnl name, and extra libraries to link with, because the test really is
|
||||
dnl for library $1 defining function $2, when linked with potinal
|
||||
dnl library $5, not just for library $1. Separate tests with the same
|
||||
dnl $1 and different $2's or $5's may have different results.
|
||||
ac_lib_var=`echo $1['_']$2['_']$5 | sed 'y%./+- %__p__%'`
|
||||
AC_CACHE_VAL(ac_cv_lbl_lib_$ac_lib_var,
|
||||
[ac_save_LIBS="$LIBS"
|
||||
|
@ -851,10 +929,10 @@ dnl
|
|||
AC_DEFUN(AC_C___ATTRIBUTE__, [
|
||||
AC_MSG_CHECKING(for __attribute__)
|
||||
AC_CACHE_VAL(ac_cv___attribute__, [
|
||||
AC_TRY_COMPILE([
|
||||
AC_COMPILE_IFELSE(
|
||||
AC_LANG_SOURCE([[
|
||||
#include <stdlib.h>
|
||||
],
|
||||
[
|
||||
|
||||
static void foo(void) __attribute__ ((noreturn));
|
||||
|
||||
static void
|
||||
|
@ -862,7 +940,13 @@ foo(void)
|
|||
{
|
||||
exit(1);
|
||||
}
|
||||
],
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
foo();
|
||||
}
|
||||
]]),
|
||||
ac_cv___attribute__=yes,
|
||||
ac_cv___attribute__=no)])
|
||||
if test "$ac_cv___attribute__" = "yes"; then
|
||||
|
@ -892,3 +976,61 @@ AC_DEFUN(AC_LBL_TPACKET_STATS,
|
|||
if test $ac_cv_lbl_tpacket_stats = yes; then
|
||||
AC_DEFINE(HAVE_TPACKET_STATS,1,[if if_packet.h has tpacket_stats defined])
|
||||
fi])
|
||||
|
||||
dnl
|
||||
dnl Checks to see if the tpacket_auxdata struct has a tp_vlan_tci member.
|
||||
dnl
|
||||
dnl usage:
|
||||
dnl
|
||||
dnl AC_LBL_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI
|
||||
dnl
|
||||
dnl results:
|
||||
dnl
|
||||
dnl HAVE_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI (defined)
|
||||
dnl
|
||||
dnl NOTE: any compile failure means we conclude that it doesn't have
|
||||
dnl that member, so if we don't have tpacket_auxdata, we conclude it
|
||||
dnl doesn't have that member (which is OK, as either we won't be using
|
||||
dnl code that would use that member, or we wouldn't compile in any case).
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI,
|
||||
[AC_MSG_CHECKING(if tpacket_auxdata struct has tp_vlan_tci member)
|
||||
AC_CACHE_VAL(ac_cv_lbl_dl_hp_ppa_info_t_has_dl_module_id_1,
|
||||
AC_TRY_COMPILE([
|
||||
# include <linux/if_packet.h>],
|
||||
[u_int i = sizeof(((struct tpacket_auxdata *)0)->tp_vlan_tci)],
|
||||
ac_cv_lbl_linux_tpacket_auxdata_tp_vlan_tci=yes,
|
||||
ac_cv_lbl_linux_tpacket_auxdata_tp_vlan_tci=no))
|
||||
AC_MSG_RESULT($ac_cv_lbl_linux_tpacket_auxdata_tp_vlan_tci)
|
||||
if test $ac_cv_lbl_linux_tpacket_auxdata_tp_vlan_tci = yes ; then
|
||||
HAVE_LINUX_TPACKET_AUXDATA=tp_vlan_tci
|
||||
AC_SUBST(HAVE_LINUX_TPACKET_AUXDATA)
|
||||
AC_DEFINE(HAVE_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI,1,[if tp_vlan_tci exists])
|
||||
fi])
|
||||
|
||||
dnl
|
||||
dnl Checks to see if Solaris has the dl_passive_req_t struct defined
|
||||
dnl in <sys/dlpi.h>.
|
||||
dnl
|
||||
dnl usage:
|
||||
dnl
|
||||
dnl AC_LBL_DL_PASSIVE_REQ_T
|
||||
dnl
|
||||
dnl results:
|
||||
dnl
|
||||
dnl HAVE_DLPI_PASSIVE (defined)
|
||||
dnl
|
||||
AC_DEFUN(AC_LBL_DL_PASSIVE_REQ_T,
|
||||
[AC_MSG_CHECKING(if dl_passive_req_t struct exists)
|
||||
AC_CACHE_VAL(ac_cv_lbl_has_dl_passive_req_t,
|
||||
AC_TRY_COMPILE([
|
||||
# include <sys/types.h>
|
||||
# include <sys/dlpi.h>],
|
||||
[u_int i = sizeof(dl_passive_req_t)],
|
||||
ac_cv_lbl_has_dl_passive_req_t=yes,
|
||||
ac_cv_lbl_has_dl_passive_req_t=no))
|
||||
AC_MSG_RESULT($ac_cv_lbl_has_dl_passive_req_t)
|
||||
if test $ac_cv_lbl_has_dl_passive_req_t = yes ; then
|
||||
AC_DEFINE(HAVE_DLPI_PASSIVE,1,[if passive_req_t primitive
|
||||
exists])
|
||||
fi])
|
||||
|
|
14
atmuni31.h
14
atmuni31.h
|
@ -29,18 +29,18 @@
|
|||
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/atmuni31.h,v 1.1 2002-07-11 09:06:32 guy Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/atmuni31.h,v 1.3 2007-10-22 19:28:58 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
/* Based on UNI3.1 standard by ATM Forum */
|
||||
|
||||
/* ATM traffic types based on VPI=0 and (the following VCI */
|
||||
#define PPC 0x05 /* Point-to-point signal msg */
|
||||
#define BCC 0x02 /* Broadcast signal msg */
|
||||
#define OAMF4SC 0x03 /* Segment OAM F4 flow cell */
|
||||
#define OAMF4EC 0x04 /* End-to-end OAM F4 flow cell */
|
||||
#define METAC 0x01 /* Meta signal msg */
|
||||
#define ILMIC 0x10 /* ILMI msg */
|
||||
#define VCI_PPC 0x05 /* Point-to-point signal msg */
|
||||
#define VCI_BCC 0x02 /* Broadcast signal msg */
|
||||
#define VCI_OAMF4SC 0x03 /* Segment OAM F4 flow cell */
|
||||
#define VCI_OAMF4EC 0x04 /* End-to-end OAM F4 flow cell */
|
||||
#define VCI_METAC 0x01 /* Meta signal msg */
|
||||
#define VCI_ILMIC 0x10 /* ILMI msg */
|
||||
|
||||
/* Q.2931 signalling messages */
|
||||
#define CALL_PROCEED 0x02 /* call proceeding */
|
||||
|
|
|
@ -40,7 +40,7 @@
|
|||
|
||||
#if !(defined(lint) || defined(KERNEL) || defined(_KERNEL))
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/bpf/net/bpf_filter.c,v 1.44 2003-11-15 23:24:07 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/bpf/net/bpf_filter.c,v 1.46 2008-01-02 04:16:46 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -53,6 +53,15 @@ static const char rcsid[] _U_ =
|
|||
|
||||
#else /* WIN32 */
|
||||
|
||||
#if HAVE_INTTYPES_H
|
||||
#include <inttypes.h>
|
||||
#elif HAVE_STDINT_H
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
#ifdef HAVE_SYS_BITYPES_H
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/time.h>
|
||||
|
@ -65,13 +74,13 @@ static const char rcsid[] _U_ =
|
|||
# define m_next b_cont
|
||||
# define MLEN(m) ((m)->b_wptr - (m)->b_rptr)
|
||||
# define mtod(m,t) ((t)(m)->b_rptr)
|
||||
#else
|
||||
#else /* defined(__hpux) || SOLARIS */
|
||||
# define MLEN(m) ((m)->m_len)
|
||||
#endif
|
||||
#endif /* defined(__hpux) || SOLARIS */
|
||||
|
||||
#endif /* WIN32 */
|
||||
|
||||
#include <pcap-bpf.h>
|
||||
#include <pcap/bpf.h>
|
||||
|
||||
#if !defined(KERNEL) && !defined(_KERNEL)
|
||||
#include <stdlib.h>
|
||||
|
@ -200,8 +209,8 @@ m_xhalf(m, k, err)
|
|||
*/
|
||||
u_int
|
||||
bpf_filter(pc, p, wirelen, buflen)
|
||||
register struct bpf_insn *pc;
|
||||
register u_char *p;
|
||||
register const struct bpf_insn *pc;
|
||||
register const u_char *p;
|
||||
u_int wirelen;
|
||||
register u_int buflen;
|
||||
{
|
||||
|
@ -512,54 +521,155 @@ bpf_filter(pc, p, wirelen, buflen)
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Return true if the 'fcode' is a valid filter program.
|
||||
* The constraints are that each jump be forward and to a valid
|
||||
* code. The code must terminate with either an accept or reject.
|
||||
* 'valid' is an array for use by the routine (it must be at least
|
||||
* 'len' bytes long).
|
||||
* code, that memory accesses are within valid ranges (to the
|
||||
* extent that this can be checked statically; loads of packet
|
||||
* data have to be, and are, also checked at run time), and that
|
||||
* the code terminates with either an accept or reject.
|
||||
*
|
||||
* The kernel needs to be able to verify an application's filter code.
|
||||
* Otherwise, a bogus program could easily crash the system.
|
||||
*/
|
||||
int
|
||||
bpf_validate(f, len)
|
||||
struct bpf_insn *f;
|
||||
const struct bpf_insn *f;
|
||||
int len;
|
||||
{
|
||||
register int i;
|
||||
register struct bpf_insn *p;
|
||||
u_int i, from;
|
||||
const struct bpf_insn *p;
|
||||
|
||||
if (len < 1)
|
||||
return 0;
|
||||
/*
|
||||
* There's no maximum program length in userland.
|
||||
*/
|
||||
#if defined(KERNEL) || defined(_KERNEL)
|
||||
if (len > BPF_MAXINSNS)
|
||||
return 0;
|
||||
#endif
|
||||
|
||||
for (i = 0; i < len; ++i) {
|
||||
/*
|
||||
* Check that that jumps are forward, and within
|
||||
* the code block.
|
||||
*/
|
||||
p = &f[i];
|
||||
if (BPF_CLASS(p->code) == BPF_JMP) {
|
||||
register int from = i + 1;
|
||||
|
||||
if (BPF_OP(p->code) == BPF_JA) {
|
||||
if (from + p->k >= (unsigned)len)
|
||||
return 0;
|
||||
}
|
||||
else if (from + p->jt >= len || from + p->jf >= len)
|
||||
return 0;
|
||||
}
|
||||
switch (BPF_CLASS(p->code)) {
|
||||
/*
|
||||
* Check that memory operations use valid addresses.
|
||||
*/
|
||||
if ((BPF_CLASS(p->code) == BPF_ST ||
|
||||
(BPF_CLASS(p->code) == BPF_LD &&
|
||||
(p->code & 0xe0) == BPF_MEM)) &&
|
||||
(p->k >= BPF_MEMWORDS || p->k < 0))
|
||||
return 0;
|
||||
/*
|
||||
* Check for constant division by 0.
|
||||
*/
|
||||
if (p->code == (BPF_ALU|BPF_DIV|BPF_K) && p->k == 0)
|
||||
case BPF_LD:
|
||||
case BPF_LDX:
|
||||
switch (BPF_MODE(p->code)) {
|
||||
case BPF_IMM:
|
||||
break;
|
||||
case BPF_ABS:
|
||||
case BPF_IND:
|
||||
case BPF_MSH:
|
||||
/*
|
||||
* There's no maximum packet data size
|
||||
* in userland. The runtime packet length
|
||||
* check suffices.
|
||||
*/
|
||||
#if defined(KERNEL) || defined(_KERNEL)
|
||||
/*
|
||||
* More strict check with actual packet length
|
||||
* is done runtime.
|
||||
*/
|
||||
if (p->k >= bpf_maxbufsize)
|
||||
return 0;
|
||||
#endif
|
||||
break;
|
||||
case BPF_MEM:
|
||||
if (p->k >= BPF_MEMWORDS)
|
||||
return 0;
|
||||
break;
|
||||
case BPF_LEN:
|
||||
break;
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
case BPF_ST:
|
||||
case BPF_STX:
|
||||
if (p->k >= BPF_MEMWORDS)
|
||||
return 0;
|
||||
break;
|
||||
case BPF_ALU:
|
||||
switch (BPF_OP(p->code)) {
|
||||
case BPF_ADD:
|
||||
case BPF_SUB:
|
||||
case BPF_MUL:
|
||||
case BPF_OR:
|
||||
case BPF_AND:
|
||||
case BPF_LSH:
|
||||
case BPF_RSH:
|
||||
case BPF_NEG:
|
||||
break;
|
||||
case BPF_DIV:
|
||||
/*
|
||||
* Check for constant division by 0.
|
||||
*/
|
||||
if (BPF_SRC(p->code) == BPF_K && p->k == 0)
|
||||
return 0;
|
||||
break;
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
case BPF_JMP:
|
||||
/*
|
||||
* Check that jumps are within the code block,
|
||||
* and that unconditional branches don't go
|
||||
* backwards as a result of an overflow.
|
||||
* Unconditional branches have a 32-bit offset,
|
||||
* so they could overflow; we check to make
|
||||
* sure they don't. Conditional branches have
|
||||
* an 8-bit offset, and the from address is <=
|
||||
* BPF_MAXINSNS, and we assume that BPF_MAXINSNS
|
||||
* is sufficiently small that adding 255 to it
|
||||
* won't overflow.
|
||||
*
|
||||
* We know that len is <= BPF_MAXINSNS, and we
|
||||
* assume that BPF_MAXINSNS is < the maximum size
|
||||
* of a u_int, so that i + 1 doesn't overflow.
|
||||
*
|
||||
* For userland, we don't know that the from
|
||||
* or len are <= BPF_MAXINSNS, but we know that
|
||||
* from <= len, and, except on a 64-bit system,
|
||||
* it's unlikely that len, if it truly reflects
|
||||
* the size of the program we've been handed,
|
||||
* will be anywhere near the maximum size of
|
||||
* a u_int. We also don't check for backward
|
||||
* branches, as we currently support them in
|
||||
* userland for the protochain operation.
|
||||
*/
|
||||
from = i + 1;
|
||||
switch (BPF_OP(p->code)) {
|
||||
case BPF_JA:
|
||||
#if defined(KERNEL) || defined(_KERNEL)
|
||||
if (from + p->k < from || from + p->k >= len)
|
||||
#else
|
||||
if (from + p->k >= len)
|
||||
#endif
|
||||
return 0;
|
||||
break;
|
||||
case BPF_JEQ:
|
||||
case BPF_JGT:
|
||||
case BPF_JGE:
|
||||
case BPF_JSET:
|
||||
if (from + p->jt >= len || from + p->jf >= len)
|
||||
return 0;
|
||||
break;
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
break;
|
||||
case BPF_RET:
|
||||
break;
|
||||
case BPF_MISC:
|
||||
break;
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return BPF_CLASS(f[len - 1].code) == BPF_RET;
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/bpf_dump.c,v 1.14 2003-11-15 23:23:57 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/bpf_dump.c,v 1.15 2008-01-02 04:16:46 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -31,9 +31,9 @@ static const char rcsid[] _U_ =
|
|||
#include <stdio.h>
|
||||
|
||||
void
|
||||
bpf_dump(struct bpf_program *p, int option)
|
||||
bpf_dump(const struct bpf_program *p, int option)
|
||||
{
|
||||
struct bpf_insn *insn;
|
||||
const struct bpf_insn *insn;
|
||||
int i;
|
||||
int n = p->bf_len;
|
||||
|
||||
|
|
20
bpf_image.c
20
bpf_image.c
|
@ -21,13 +21,27 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/bpf_image.c,v 1.26 2003-11-15 23:23:57 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/bpf_image.c,v 1.28 2008-01-02 04:16:46 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#include <pcap-stdinc.h>
|
||||
#else /* WIN32 */
|
||||
#if HAVE_INTTYPES_H
|
||||
#include <inttypes.h>
|
||||
#elif HAVE_STDINT_H
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
#ifdef HAVE_SYS_BITYPES_H
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
#include <sys/types.h>
|
||||
#endif /* WIN32 */
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
||||
|
@ -39,11 +53,11 @@ static const char rcsid[] _U_ =
|
|||
|
||||
char *
|
||||
bpf_image(p, n)
|
||||
struct bpf_insn *p;
|
||||
const struct bpf_insn *p;
|
||||
int n;
|
||||
{
|
||||
int v;
|
||||
char *fmt, *op;
|
||||
const char *fmt, *op;
|
||||
static char image[256];
|
||||
char operand[64];
|
||||
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
#! /bin/sh
|
||||
|
||||
#
|
||||
# Unfortunately, Mac OS X's devfs is based on the old FreeBSD
|
||||
# one, not the current one, so there's no way to configure it
|
||||
# to create BPF devices with particular owners or groups.
|
||||
# This startup item will make it owned by the admin group,
|
||||
# with permissions rw-rw----, so that anybody in the admin
|
||||
# group can use programs that capture or send raw packets.
|
||||
#
|
||||
# Change this as appropriate for your site, e.g. to make
|
||||
# it owned by a particular user without changing the permissions,
|
||||
# so only that user and the super-user can capture or send raw
|
||||
# packets, or give it the permissions rw-r-----, so that
|
||||
# only the super-user can send raw packets but anybody in the
|
||||
# admin group can capture packets.
|
||||
#
|
||||
chgrp admin /dev/bpf*
|
||||
chmod g+rw /dev/bpf*
|
File diff suppressed because it is too large
Load Diff
140
config.h.in
140
config.h.in
|
@ -1,18 +1,23 @@
|
|||
/* config.h.in. Generated from configure.in by autoheader. */
|
||||
/* Long story short: aclocal.m4 depends on autoconf 2.13
|
||||
* implementation details wrt "const"; newer versions
|
||||
* have different implementation details so for now we
|
||||
* put "const" here. This may cause duplicate definitions
|
||||
* in config.h but that should be OK since they're the same.
|
||||
*/
|
||||
#undef const
|
||||
|
||||
/* Enable optimizer debugging */
|
||||
#undef BDEBUG
|
||||
|
||||
/* define if you have a cloning BPF device */
|
||||
#undef HAVE_CLONING_BPF
|
||||
|
||||
/* define if you have the DAG API */
|
||||
#undef HAVE_DAG_API
|
||||
|
||||
/* define if you have dag_get_erf_types() */
|
||||
#undef HAVE_DAG_GET_ERF_TYPES
|
||||
|
||||
/* define if you have dag_get_stream_erf_types() */
|
||||
#undef HAVE_DAG_GET_STREAM_ERF_TYPES
|
||||
|
||||
/* define if you have streams capable DAG API */
|
||||
#undef HAVE_DAG_STREAMS_API
|
||||
|
||||
/* Define to 1 if you have the declaration of `ether_hostton', and to 0 if you
|
||||
don't. */
|
||||
#undef HAVE_DECL_ETHER_HOSTTON
|
||||
|
@ -20,9 +25,15 @@
|
|||
/* define if you have a /dev/dlpi */
|
||||
#undef HAVE_DEV_DLPI
|
||||
|
||||
/* if passive_req_t primitive exists */
|
||||
#undef HAVE_DLPI_PASSIVE
|
||||
|
||||
/* Define to 1 if you have the `ether_hostton' function. */
|
||||
#undef HAVE_ETHER_HOSTTON
|
||||
|
||||
/* Define to 1 if fseeko (and presumably ftello) exists and is declared. */
|
||||
#undef HAVE_FSEEKO
|
||||
|
||||
/* on HP-UX 10.20 or later */
|
||||
#undef HAVE_HPUX10_20_OR_LATER
|
||||
|
||||
|
@ -35,9 +46,33 @@
|
|||
/* Define to 1 if you have the <inttypes.h> header file. */
|
||||
#undef HAVE_INTTYPES_H
|
||||
|
||||
/* if libdlpi exists */
|
||||
#undef HAVE_LIBDLPI
|
||||
|
||||
/* if libnl exists */
|
||||
#undef HAVE_LIBNL
|
||||
|
||||
/* if libnl exists and is version 2.x */
|
||||
#undef HAVE_LIBNL_2_x
|
||||
|
||||
/* Define to 1 if you have the <limits.h> header file. */
|
||||
#undef HAVE_LIMITS_H
|
||||
|
||||
/* Define to 1 if you have the <linux/compiler.h> header file. */
|
||||
#undef HAVE_LINUX_COMPILER_H
|
||||
|
||||
/* Define to 1 if you have the <linux/net_tstamp.h> header file. */
|
||||
#undef HAVE_LINUX_NET_TSTAMP_H
|
||||
|
||||
/* if tp_vlan_tci exists */
|
||||
#undef HAVE_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI
|
||||
|
||||
/* Define to 1 if you have the <linux/usbdevice_fs.h> header file. */
|
||||
#undef HAVE_LINUX_USBDEVICE_FS_H
|
||||
|
||||
/* Define to 1 if you have the <linux/wireless.h> header file. */
|
||||
#undef HAVE_LINUX_WIRELESS_H
|
||||
|
||||
/* Define to 1 if you have the <memory.h> header file. */
|
||||
#undef HAVE_MEMORY_H
|
||||
|
||||
|
@ -47,21 +82,39 @@
|
|||
/* Define to 1 if you have the <netinet/if_ether.h> header file. */
|
||||
#undef HAVE_NETINET_IF_ETHER_H
|
||||
|
||||
/* if there's an os_proto.h */
|
||||
/* Define to 1 if you have the <net/if_media.h> header file. */
|
||||
#undef HAVE_NET_IF_MEDIA_H
|
||||
|
||||
/* Define to 1 if you have the <net/pfvar.h> header file. */
|
||||
#undef HAVE_NET_PFVAR_H
|
||||
|
||||
/* if there's an os_proto.h for this platform, to use additional prototypes */
|
||||
#undef HAVE_OS_PROTO_H
|
||||
|
||||
/* define if you have a /proc/net/dev */
|
||||
#undef HAVE_PROC_NET_DEV
|
||||
/* Define to 1 if you have the <paths.h> header file. */
|
||||
#undef HAVE_PATHS_H
|
||||
|
||||
/* define if net/pfvar.h defines PF_NAT through PF_NORDR */
|
||||
#undef HAVE_PF_NAT_THROUGH_PF_NORDR
|
||||
|
||||
/* define if you have a Septel API */
|
||||
#undef HAVE_SEPTEL_API
|
||||
|
||||
/* define if you have Myricom SNF API */
|
||||
#undef HAVE_SNF_API
|
||||
|
||||
/* Define to 1 if you have the `snprintf' function. */
|
||||
#undef HAVE_SNPRINTF
|
||||
|
||||
/* if struct sockaddr has sa_len */
|
||||
/* if struct sockaddr has the sa_len member */
|
||||
#undef HAVE_SOCKADDR_SA_LEN
|
||||
|
||||
/* if struct sockaddr_storage exists */
|
||||
#undef HAVE_SOCKADDR_STORAGE
|
||||
|
||||
/* define if socklen_t is defined */
|
||||
#undef HAVE_SOCKLEN_T
|
||||
|
||||
/* On solaris */
|
||||
#undef HAVE_SOLARIS
|
||||
|
||||
|
@ -83,6 +136,15 @@
|
|||
/* Define to 1 if you have the `strlcpy' function. */
|
||||
#undef HAVE_STRLCPY
|
||||
|
||||
/* Define to 1 if the system has the type `struct BPF_TIMEVAL'. */
|
||||
#undef HAVE_STRUCT_BPF_TIMEVAL
|
||||
|
||||
/* Define to 1 if the system has the type `struct ether_addr'. */
|
||||
#undef HAVE_STRUCT_ETHER_ADDR
|
||||
|
||||
/* Define to 1 if you have the <sys/bitypes.h> header file. */
|
||||
#undef HAVE_SYS_BITYPES_H
|
||||
|
||||
/* Define to 1 if you have the <sys/bufmod.h> header file. */
|
||||
#undef HAVE_SYS_BUFMOD_H
|
||||
|
||||
|
@ -107,12 +169,18 @@
|
|||
/* Define to 1 if you have the <unistd.h> header file. */
|
||||
#undef HAVE_UNISTD_H
|
||||
|
||||
/* if struct usbdevfs_ctrltransfer has bRequestType */
|
||||
#undef HAVE_USBDEVFS_CTRLTRANSFER_BREQUESTTYPE
|
||||
|
||||
/* define if version.h is generated in the build procedure */
|
||||
#undef HAVE_VERSION_H
|
||||
|
||||
/* Define to 1 if you have the `vsnprintf' function. */
|
||||
#undef HAVE_VSNPRINTF
|
||||
|
||||
/* define if the system supports zerocopy BPF */
|
||||
#undef HAVE_ZEROCOPY_BPF
|
||||
|
||||
/* define if your compiler has __attribute__ */
|
||||
#undef HAVE___ATTRIBUTE__
|
||||
|
||||
|
@ -122,6 +190,9 @@
|
|||
/* if unaligned access fails */
|
||||
#undef LBL_ALIGN
|
||||
|
||||
/* path for device for USB sniffing */
|
||||
#undef LINUX_USB_MON_DEV
|
||||
|
||||
/* Define to 1 if netinet/ether.h declares `ether_hostton' */
|
||||
#undef NETINET_ETHER_H_DECLARES_ETHER_HOSTTON
|
||||
|
||||
|
@ -149,29 +220,70 @@
|
|||
/* /dev/dlpi directory */
|
||||
#undef PCAP_DEV_PREFIX
|
||||
|
||||
/* target host supports Bluetooth sniffing */
|
||||
#undef PCAP_SUPPORT_BT
|
||||
|
||||
/* target host supports CAN sniffing */
|
||||
#undef PCAP_SUPPORT_CAN
|
||||
|
||||
/* target host supports USB sniffing */
|
||||
#undef PCAP_SUPPORT_USB
|
||||
|
||||
#undef PCAP_SUPPORT_DECT
|
||||
|
||||
/* include ACN support */
|
||||
#undef SITA
|
||||
|
||||
/* Define to 1 if you have the ANSI C header files. */
|
||||
#undef STDC_HEADERS
|
||||
|
||||
/* Enable parser debugging */
|
||||
#undef YYDEBUG
|
||||
|
||||
/* Number of bits in a file offset, on hosts where this is settable. */
|
||||
#undef _FILE_OFFSET_BITS
|
||||
|
||||
/* needed on HP-UX */
|
||||
#undef _HPUX_SOURCE
|
||||
|
||||
/* Define to 1 to make fseeko visible on some hosts (e.g. glibc 2.2). */
|
||||
#undef _LARGEFILE_SOURCE
|
||||
|
||||
/* Define for large files, on AIX-style hosts. */
|
||||
#undef _LARGE_FILES
|
||||
|
||||
/* define on AIX to get certain functions */
|
||||
#undef _SUN
|
||||
|
||||
/* to handle Ultrix compilers that don't support const in prototypes */
|
||||
#undef const
|
||||
|
||||
/* Define as token for inline if inlining supported */
|
||||
#undef inline
|
||||
|
||||
/* Define to `short' if int16_t not defined. */
|
||||
#undef int16_t
|
||||
|
||||
/* Define to `int' if int32_t not defined. */
|
||||
#undef int32_t
|
||||
|
||||
/* Define to `long long' if int64_t not defined. */
|
||||
#undef int64_t
|
||||
|
||||
/* Define to `signed char' if int8_t not defined. */
|
||||
#undef int8_t
|
||||
|
||||
/* on sinix */
|
||||
#undef sinix
|
||||
|
||||
/* if we have u_int16_t */
|
||||
/* Define to `unsigned short' if u_int16_t not defined. */
|
||||
#undef u_int16_t
|
||||
|
||||
/* if we have u_int32_t */
|
||||
/* Define to `unsigned int' if u_int32_t not defined. */
|
||||
#undef u_int32_t
|
||||
|
||||
/* if we have u_int8_t */
|
||||
/* Define to `unsigned long long' if u_int64_t not defined. */
|
||||
#undef u_int64_t
|
||||
|
||||
/* Define to `unsigned char' if u_int8_t not defined. */
|
||||
#undef u_int8_t
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
#! /bin/sh
|
||||
# Configuration validation subroutine script.
|
||||
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
|
||||
# 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
|
||||
# Free Software Foundation, Inc.
|
||||
|
||||
timestamp='2003-11-03'
|
||||
timestamp='2009-12-31'
|
||||
|
||||
# This file is (in principle) common to ALL GNU software.
|
||||
# The presence of a machine in this file suggests that SOME GNU software
|
||||
|
@ -21,22 +22,26 @@ timestamp='2003-11-03'
|
|||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place - Suite 330,
|
||||
# Boston, MA 02111-1307, USA.
|
||||
|
||||
# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
|
||||
# 02110-1301, USA.
|
||||
#
|
||||
# As a special exception to the GNU General Public License, if you
|
||||
# distribute this file as part of a program that contains a
|
||||
# configuration script generated by Autoconf, you may include it under
|
||||
# the same distribution terms that you use for the rest of that program.
|
||||
|
||||
|
||||
# Please send patches to <config-patches@gnu.org>. Submit a context
|
||||
# diff and a properly formatted ChangeLog entry.
|
||||
# diff and a properly formatted GNU ChangeLog entry.
|
||||
#
|
||||
# Configuration subroutine to validate and canonicalize a configuration type.
|
||||
# Supply the specified configuration type as an argument.
|
||||
# If it is invalid, we print an error message on stderr and exit with code 1.
|
||||
# Otherwise, we print the canonical config type on stdout and succeed.
|
||||
|
||||
# You can get the latest version of this script from:
|
||||
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
|
||||
|
||||
# This file is supposed to be the same for all GNU packages
|
||||
# and recognize all the CPU types, system types and aliases
|
||||
# that are meaningful with *any* GNU software.
|
||||
|
@ -70,8 +75,9 @@ Report bugs and patches to <config-patches@gnu.org>."
|
|||
version="\
|
||||
GNU config.sub ($timestamp)
|
||||
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
|
||||
Free Software Foundation, Inc.
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
|
||||
Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
|
||||
|
@ -83,11 +89,11 @@ Try \`$me --help' for more information."
|
|||
while test $# -gt 0 ; do
|
||||
case $1 in
|
||||
--time-stamp | --time* | -t )
|
||||
echo "$timestamp" ; exit 0 ;;
|
||||
echo "$timestamp" ; exit ;;
|
||||
--version | -v )
|
||||
echo "$version" ; exit 0 ;;
|
||||
echo "$version" ; exit ;;
|
||||
--help | --h* | -h )
|
||||
echo "$usage"; exit 0 ;;
|
||||
echo "$usage"; exit ;;
|
||||
-- ) # Stop option processing
|
||||
shift; break ;;
|
||||
- ) # Use stdin as input.
|
||||
|
@ -99,7 +105,7 @@ while test $# -gt 0 ; do
|
|||
*local*)
|
||||
# First pass through any local machine types.
|
||||
echo $1
|
||||
exit 0;;
|
||||
exit ;;
|
||||
|
||||
* )
|
||||
break ;;
|
||||
|
@ -118,8 +124,10 @@ esac
|
|||
# Here we must recognize all the valid KERNEL-OS combinations.
|
||||
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
|
||||
case $maybe_os in
|
||||
nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \
|
||||
kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*)
|
||||
nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
|
||||
uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
|
||||
kopensolaris*-gnu* | \
|
||||
storm-chaos* | os2-emx* | rtmk-nova*)
|
||||
os=-$maybe_os
|
||||
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
|
||||
;;
|
||||
|
@ -145,10 +153,13 @@ case $os in
|
|||
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
|
||||
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
|
||||
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
|
||||
-apple | -axis)
|
||||
-apple | -axis | -knuth | -cray | -microblaze)
|
||||
os=
|
||||
basic_machine=$1
|
||||
;;
|
||||
-bluegene*)
|
||||
os=-cnk
|
||||
;;
|
||||
-sim | -cisco | -oki | -wec | -winbond)
|
||||
os=
|
||||
basic_machine=$1
|
||||
|
@ -170,6 +181,10 @@ case $os in
|
|||
-hiux*)
|
||||
os=-hiuxwe2
|
||||
;;
|
||||
-sco6)
|
||||
os=-sco5v6
|
||||
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
|
||||
;;
|
||||
-sco5)
|
||||
os=-sco3.2v5
|
||||
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
|
||||
|
@ -186,6 +201,10 @@ case $os in
|
|||
# Don't forget version if it is 3.2v4 or newer.
|
||||
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
|
||||
;;
|
||||
-sco5v6*)
|
||||
# Don't forget version if it is 3.2v4 or newer.
|
||||
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
|
||||
;;
|
||||
-sco*)
|
||||
os=-sco3.2v2
|
||||
basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
|
||||
|
@ -230,22 +249,28 @@ case $basic_machine in
|
|||
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
|
||||
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
|
||||
| am33_2.0 \
|
||||
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
|
||||
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
|
||||
| bfin \
|
||||
| c4x | clipper \
|
||||
| d10v | d30v | dlx | dsp16xx \
|
||||
| fr30 | frv \
|
||||
| fido | fr30 | frv \
|
||||
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
|
||||
| i370 | i860 | i960 | ia64 \
|
||||
| ip2k | iq2000 \
|
||||
| m32r | m68000 | m68k | m88k | mcore \
|
||||
| lm32 \
|
||||
| m32c | m32r | m32rle | m68000 | m68k | m88k \
|
||||
| maxq | mb | microblaze | mcore | mep | metag \
|
||||
| mips | mipsbe | mipseb | mipsel | mipsle \
|
||||
| mips16 \
|
||||
| mips64 | mips64el \
|
||||
| mips64vr | mips64vrel \
|
||||
| mips64octeon | mips64octeonel \
|
||||
| mips64orion | mips64orionel \
|
||||
| mips64r5900 | mips64r5900el \
|
||||
| mips64vr | mips64vrel \
|
||||
| mips64vr4100 | mips64vr4100el \
|
||||
| mips64vr4300 | mips64vr4300el \
|
||||
| mips64vr5000 | mips64vr5000el \
|
||||
| mips64vr5900 | mips64vr5900el \
|
||||
| mipsisa32 | mipsisa32el \
|
||||
| mipsisa32r2 | mipsisa32r2el \
|
||||
| mipsisa64 | mipsisa64el \
|
||||
|
@ -254,30 +279,40 @@ case $basic_machine in
|
|||
| mipsisa64sr71k | mipsisa64sr71kel \
|
||||
| mipstx39 | mipstx39el \
|
||||
| mn10200 | mn10300 \
|
||||
| moxie \
|
||||
| mt \
|
||||
| msp430 \
|
||||
| nios | nios2 \
|
||||
| ns16k | ns32k \
|
||||
| openrisc | or32 \
|
||||
| or32 \
|
||||
| pdp10 | pdp11 | pj | pjl \
|
||||
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
|
||||
| pyramid \
|
||||
| sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
|
||||
| rx \
|
||||
| score \
|
||||
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
|
||||
| sh64 | sh64le \
|
||||
| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \
|
||||
| strongarm \
|
||||
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
|
||||
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
|
||||
| spu | strongarm \
|
||||
| tahoe | thumb | tic4x | tic80 | tron \
|
||||
| ubicom32 \
|
||||
| v850 | v850e \
|
||||
| we32k \
|
||||
| x86 | xscale | xstormy16 | xtensa \
|
||||
| z8k)
|
||||
| x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
|
||||
| z8k | z80)
|
||||
basic_machine=$basic_machine-unknown
|
||||
;;
|
||||
m6811 | m68hc11 | m6812 | m68hc12)
|
||||
m6811 | m68hc11 | m6812 | m68hc12 | picochip)
|
||||
# Motorola 68HC11/12.
|
||||
basic_machine=$basic_machine-unknown
|
||||
os=-none
|
||||
;;
|
||||
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
|
||||
;;
|
||||
ms1)
|
||||
basic_machine=mt-unknown
|
||||
;;
|
||||
|
||||
# We use `pc' rather than `unknown'
|
||||
# because (1) that's what they normally are, and
|
||||
|
@ -297,28 +332,32 @@ case $basic_machine in
|
|||
| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
|
||||
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
|
||||
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
|
||||
| avr-* \
|
||||
| bs2000-* \
|
||||
| avr-* | avr32-* \
|
||||
| bfin-* | bs2000-* \
|
||||
| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
|
||||
| clipper-* | cydra-* \
|
||||
| clipper-* | craynv-* | cydra-* \
|
||||
| d10v-* | d30v-* | dlx-* \
|
||||
| elxsi-* \
|
||||
| f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
|
||||
| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
|
||||
| h8300-* | h8500-* \
|
||||
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
|
||||
| i*86-* | i860-* | i960-* | ia64-* \
|
||||
| ip2k-* | iq2000-* \
|
||||
| m32r-* \
|
||||
| lm32-* \
|
||||
| m32c-* | m32r-* | m32rle-* \
|
||||
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
|
||||
| m88110-* | m88k-* | mcore-* \
|
||||
| m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \
|
||||
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
|
||||
| mips16-* \
|
||||
| mips64-* | mips64el-* \
|
||||
| mips64vr-* | mips64vrel-* \
|
||||
| mips64octeon-* | mips64octeonel-* \
|
||||
| mips64orion-* | mips64orionel-* \
|
||||
| mips64r5900-* | mips64r5900el-* \
|
||||
| mips64vr-* | mips64vrel-* \
|
||||
| mips64vr4100-* | mips64vr4100el-* \
|
||||
| mips64vr4300-* | mips64vr4300el-* \
|
||||
| mips64vr5000-* | mips64vr5000el-* \
|
||||
| mips64vr5900-* | mips64vr5900el-* \
|
||||
| mipsisa32-* | mipsisa32el-* \
|
||||
| mipsisa32r2-* | mipsisa32r2el-* \
|
||||
| mipsisa64-* | mipsisa64el-* \
|
||||
|
@ -326,26 +365,35 @@ case $basic_machine in
|
|||
| mipsisa64sb1-* | mipsisa64sb1el-* \
|
||||
| mipsisa64sr71k-* | mipsisa64sr71kel-* \
|
||||
| mipstx39-* | mipstx39el-* \
|
||||
| mmix-* \
|
||||
| mt-* \
|
||||
| msp430-* \
|
||||
| none-* | np1-* | nv1-* | ns16k-* | ns32k-* \
|
||||
| nios-* | nios2-* \
|
||||
| none-* | np1-* | ns16k-* | ns32k-* \
|
||||
| orion-* \
|
||||
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
|
||||
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
|
||||
| pyramid-* \
|
||||
| romp-* | rs6000-* \
|
||||
| sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \
|
||||
| romp-* | rs6000-* | rx-* \
|
||||
| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
|
||||
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
|
||||
| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
|
||||
| sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
|
||||
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
|
||||
| sparclite-* \
|
||||
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
|
||||
| tahoe-* | thumb-* \
|
||||
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
|
||||
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \
|
||||
| tron-* \
|
||||
| ubicom32-* \
|
||||
| v850-* | v850e-* | vax-* \
|
||||
| we32k-* \
|
||||
| x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
|
||||
| xtensa-* \
|
||||
| x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
|
||||
| xstormy16-* | xtensa*-* \
|
||||
| ymp-* \
|
||||
| z8k-*)
|
||||
| z8k-* | z80-*)
|
||||
;;
|
||||
# Recognize the basic CPU types without company name, with glob match.
|
||||
xtensa*)
|
||||
basic_machine=$basic_machine-unknown
|
||||
;;
|
||||
# Recognize the various machine names and aliases which stand
|
||||
# for a CPU type and a company and sometimes even an OS.
|
||||
|
@ -363,6 +411,9 @@ case $basic_machine in
|
|||
basic_machine=a29k-amd
|
||||
os=-udi
|
||||
;;
|
||||
abacus)
|
||||
basic_machine=abacus-unknown
|
||||
;;
|
||||
adobe68k)
|
||||
basic_machine=m68010-adobe
|
||||
os=-scout
|
||||
|
@ -380,6 +431,9 @@ case $basic_machine in
|
|||
amd64)
|
||||
basic_machine=x86_64-pc
|
||||
;;
|
||||
amd64-*)
|
||||
basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
;;
|
||||
amdahl)
|
||||
basic_machine=580-amdahl
|
||||
os=-sysv
|
||||
|
@ -403,6 +457,10 @@ case $basic_machine in
|
|||
basic_machine=m68k-apollo
|
||||
os=-bsd
|
||||
;;
|
||||
aros)
|
||||
basic_machine=i386-pc
|
||||
os=-aros
|
||||
;;
|
||||
aux)
|
||||
basic_machine=m68k-apple
|
||||
os=-aux
|
||||
|
@ -411,10 +469,26 @@ case $basic_machine in
|
|||
basic_machine=ns32k-sequent
|
||||
os=-dynix
|
||||
;;
|
||||
blackfin)
|
||||
basic_machine=bfin-unknown
|
||||
os=-linux
|
||||
;;
|
||||
blackfin-*)
|
||||
basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
os=-linux
|
||||
;;
|
||||
bluegene*)
|
||||
basic_machine=powerpc-ibm
|
||||
os=-cnk
|
||||
;;
|
||||
c90)
|
||||
basic_machine=c90-cray
|
||||
os=-unicos
|
||||
;;
|
||||
cegcc)
|
||||
basic_machine=arm-unknown
|
||||
os=-cegcc
|
||||
;;
|
||||
convex-c1)
|
||||
basic_machine=c1-convex
|
||||
os=-bsd
|
||||
|
@ -439,12 +513,27 @@ case $basic_machine in
|
|||
basic_machine=j90-cray
|
||||
os=-unicos
|
||||
;;
|
||||
craynv)
|
||||
basic_machine=craynv-cray
|
||||
os=-unicosmp
|
||||
;;
|
||||
cr16)
|
||||
basic_machine=cr16-unknown
|
||||
os=-elf
|
||||
;;
|
||||
crds | unos)
|
||||
basic_machine=m68k-crds
|
||||
;;
|
||||
crisv32 | crisv32-* | etraxfs*)
|
||||
basic_machine=crisv32-axis
|
||||
;;
|
||||
cris | cris-* | etrax*)
|
||||
basic_machine=cris-axis
|
||||
;;
|
||||
crx)
|
||||
basic_machine=crx-unknown
|
||||
os=-elf
|
||||
;;
|
||||
da30 | da30-*)
|
||||
basic_machine=m68k-da30
|
||||
;;
|
||||
|
@ -467,6 +556,14 @@ case $basic_machine in
|
|||
basic_machine=m88k-motorola
|
||||
os=-sysv3
|
||||
;;
|
||||
dicos)
|
||||
basic_machine=i686-pc
|
||||
os=-dicos
|
||||
;;
|
||||
djgpp)
|
||||
basic_machine=i586-pc
|
||||
os=-msdosdjgpp
|
||||
;;
|
||||
dpx20 | dpx20-*)
|
||||
basic_machine=rs6000-bull
|
||||
os=-bosx
|
||||
|
@ -617,6 +714,14 @@ case $basic_machine in
|
|||
basic_machine=m68k-isi
|
||||
os=-sysv
|
||||
;;
|
||||
m68knommu)
|
||||
basic_machine=m68k-unknown
|
||||
os=-linux
|
||||
;;
|
||||
m68knommu-*)
|
||||
basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
os=-linux
|
||||
;;
|
||||
m88k-omron*)
|
||||
basic_machine=m88k-omron
|
||||
;;
|
||||
|
@ -628,10 +733,17 @@ case $basic_machine in
|
|||
basic_machine=ns32k-utek
|
||||
os=-sysv
|
||||
;;
|
||||
microblaze)
|
||||
basic_machine=microblaze-xilinx
|
||||
;;
|
||||
mingw32)
|
||||
basic_machine=i386-pc
|
||||
os=-mingw32
|
||||
;;
|
||||
mingw32ce)
|
||||
basic_machine=arm-unknown
|
||||
os=-mingw32ce
|
||||
;;
|
||||
miniframe)
|
||||
basic_machine=m68000-convergent
|
||||
;;
|
||||
|
@ -645,10 +757,6 @@ case $basic_machine in
|
|||
mips3*)
|
||||
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
|
||||
;;
|
||||
mmix*)
|
||||
basic_machine=mmix-knuth
|
||||
os=-mmixware
|
||||
;;
|
||||
monitor)
|
||||
basic_machine=m68k-rom68k
|
||||
os=-coff
|
||||
|
@ -661,6 +769,9 @@ case $basic_machine in
|
|||
basic_machine=i386-pc
|
||||
os=-msdos
|
||||
;;
|
||||
ms1-*)
|
||||
basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
|
||||
;;
|
||||
mvs)
|
||||
basic_machine=i370-ibm
|
||||
os=-mvs
|
||||
|
@ -729,10 +840,6 @@ case $basic_machine in
|
|||
np1)
|
||||
basic_machine=np1-gould
|
||||
;;
|
||||
nv1)
|
||||
basic_machine=nv1-cray
|
||||
os=-unicosmp
|
||||
;;
|
||||
nsr-tandem)
|
||||
basic_machine=nsr-tandem
|
||||
;;
|
||||
|
@ -740,9 +847,8 @@ case $basic_machine in
|
|||
basic_machine=hppa1.1-oki
|
||||
os=-proelf
|
||||
;;
|
||||
or32 | or32-*)
|
||||
openrisc | openrisc-*)
|
||||
basic_machine=or32-unknown
|
||||
os=-coff
|
||||
;;
|
||||
os400)
|
||||
basic_machine=powerpc-ibm
|
||||
|
@ -764,6 +870,14 @@ case $basic_machine in
|
|||
basic_machine=i860-intel
|
||||
os=-osf
|
||||
;;
|
||||
parisc)
|
||||
basic_machine=hppa-unknown
|
||||
os=-linux
|
||||
;;
|
||||
parisc-*)
|
||||
basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
os=-linux
|
||||
;;
|
||||
pbd)
|
||||
basic_machine=sparc-tti
|
||||
;;
|
||||
|
@ -773,6 +887,12 @@ case $basic_machine in
|
|||
pc532 | pc532-*)
|
||||
basic_machine=ns32k-pc532
|
||||
;;
|
||||
pc98)
|
||||
basic_machine=i386-pc
|
||||
;;
|
||||
pc98-*)
|
||||
basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
;;
|
||||
pentium | p5 | k5 | k6 | nexgen | viac3)
|
||||
basic_machine=i586-pc
|
||||
;;
|
||||
|
@ -829,6 +949,10 @@ case $basic_machine in
|
|||
basic_machine=i586-unknown
|
||||
os=-pw32
|
||||
;;
|
||||
rdos)
|
||||
basic_machine=i386-pc
|
||||
os=-rdos
|
||||
;;
|
||||
rom68k)
|
||||
basic_machine=m68k-rom68k
|
||||
os=-coff
|
||||
|
@ -855,6 +979,10 @@ case $basic_machine in
|
|||
sb1el)
|
||||
basic_machine=mipsisa64sb1el-unknown
|
||||
;;
|
||||
sde)
|
||||
basic_machine=mipsisa32-sde
|
||||
os=-elf
|
||||
;;
|
||||
sei)
|
||||
basic_machine=mips-sei
|
||||
os=-seiux
|
||||
|
@ -866,6 +994,9 @@ case $basic_machine in
|
|||
basic_machine=sh-hitachi
|
||||
os=-hms
|
||||
;;
|
||||
sh5el)
|
||||
basic_machine=sh5le-unknown
|
||||
;;
|
||||
sh64)
|
||||
basic_machine=sh64-unknown
|
||||
;;
|
||||
|
@ -955,6 +1086,10 @@ case $basic_machine in
|
|||
basic_machine=tic6x-unknown
|
||||
os=-coff
|
||||
;;
|
||||
tile*)
|
||||
basic_machine=tile-unknown
|
||||
os=-linux-gnu
|
||||
;;
|
||||
tx39)
|
||||
basic_machine=mipstx39-unknown
|
||||
;;
|
||||
|
@ -1015,6 +1150,10 @@ case $basic_machine in
|
|||
basic_machine=hppa1.1-winbond
|
||||
os=-proelf
|
||||
;;
|
||||
xbox)
|
||||
basic_machine=i686-pc
|
||||
os=-mingw32
|
||||
;;
|
||||
xps | xps100)
|
||||
basic_machine=xps100-honeywell
|
||||
;;
|
||||
|
@ -1026,6 +1165,10 @@ case $basic_machine in
|
|||
basic_machine=z8k-unknown
|
||||
os=-sim
|
||||
;;
|
||||
z80-*-coff)
|
||||
basic_machine=z80-unknown
|
||||
os=-sim
|
||||
;;
|
||||
none)
|
||||
basic_machine=none-none
|
||||
os=-none
|
||||
|
@ -1045,6 +1188,9 @@ case $basic_machine in
|
|||
romp)
|
||||
basic_machine=romp-ibm
|
||||
;;
|
||||
mmix)
|
||||
basic_machine=mmix-knuth
|
||||
;;
|
||||
rs6000)
|
||||
basic_machine=rs6000-ibm
|
||||
;;
|
||||
|
@ -1061,13 +1207,10 @@ case $basic_machine in
|
|||
we32k)
|
||||
basic_machine=we32k-att
|
||||
;;
|
||||
sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele)
|
||||
sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele)
|
||||
basic_machine=sh-unknown
|
||||
;;
|
||||
sh64)
|
||||
basic_machine=sh64-unknown
|
||||
;;
|
||||
sparc | sparcv9 | sparcv9b)
|
||||
sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
|
||||
basic_machine=sparc-sun
|
||||
;;
|
||||
cydra)
|
||||
|
@ -1114,6 +1257,9 @@ case $os in
|
|||
# First match some system type aliases
|
||||
# that might get confused with valid system types.
|
||||
# -solaris* is a basic system type, with this one exception.
|
||||
-auroraux)
|
||||
os=-auroraux
|
||||
;;
|
||||
-solaris1 | -solaris1.*)
|
||||
os=`echo $os | sed -e 's|solaris1|sunos4|'`
|
||||
;;
|
||||
|
@ -1134,25 +1280,30 @@ case $os in
|
|||
# Each alternative MUST END IN A *, to match a version number.
|
||||
# -sysv* is not here because it comes later, after sysvr4.
|
||||
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
|
||||
| -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
|
||||
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
|
||||
| -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
|
||||
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
|
||||
| -sym* | -kopensolaris* \
|
||||
| -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
|
||||
| -aos* \
|
||||
| -aos* | -aros* \
|
||||
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
|
||||
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
|
||||
| -hiux* | -386bsd* | -knetbsd* | -netbsd* | -openbsd* | -kfreebsd* | -freebsd* | -riscix* \
|
||||
| -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
|
||||
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
|
||||
| -openbsd* | -solidbsd* \
|
||||
| -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
|
||||
| -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
|
||||
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
|
||||
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
|
||||
| -chorusos* | -chorusrdb* \
|
||||
| -chorusos* | -chorusrdb* | -cegcc* \
|
||||
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
|
||||
| -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \
|
||||
| -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
|
||||
| -uxpv* | -beos* | -mpeix* | -udk* \
|
||||
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
|
||||
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
|
||||
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
|
||||
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
|
||||
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
|
||||
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly*)
|
||||
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
|
||||
| -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)
|
||||
# Remember, each alternative MUST END IN *, to match a version number.
|
||||
;;
|
||||
-qnx*)
|
||||
|
@ -1170,7 +1321,7 @@ case $os in
|
|||
os=`echo $os | sed -e 's|nto|nto-qnx|'`
|
||||
;;
|
||||
-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
|
||||
| -windows* | -osx | -abug | -netware* | -os9* | -beos* \
|
||||
| -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
|
||||
| -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
|
||||
;;
|
||||
-mac*)
|
||||
|
@ -1215,6 +1366,9 @@ case $os in
|
|||
-atheos*)
|
||||
os=-atheos
|
||||
;;
|
||||
-syllable*)
|
||||
os=-syllable
|
||||
;;
|
||||
-386bsd)
|
||||
os=-bsd
|
||||
;;
|
||||
|
@ -1276,6 +1430,14 @@ case $os in
|
|||
-kaos*)
|
||||
os=-kaos
|
||||
;;
|
||||
-zvmoe)
|
||||
os=-zvmoe
|
||||
;;
|
||||
-dicos*)
|
||||
os=-dicos
|
||||
;;
|
||||
-nacl*)
|
||||
;;
|
||||
-none)
|
||||
;;
|
||||
*)
|
||||
|
@ -1298,6 +1460,12 @@ else
|
|||
# system, and we'll never get to this point.
|
||||
|
||||
case $basic_machine in
|
||||
score-*)
|
||||
os=-elf
|
||||
;;
|
||||
spu-*)
|
||||
os=-elf
|
||||
;;
|
||||
*-acorn)
|
||||
os=-riscix1.2
|
||||
;;
|
||||
|
@ -1307,9 +1475,9 @@ case $basic_machine in
|
|||
arm*-semi)
|
||||
os=-aout
|
||||
;;
|
||||
c4x-* | tic4x-*)
|
||||
os=-coff
|
||||
;;
|
||||
c4x-* | tic4x-*)
|
||||
os=-coff
|
||||
;;
|
||||
# This must come before the *-dec entry.
|
||||
pdp10-*)
|
||||
os=-tops20
|
||||
|
@ -1335,6 +1503,9 @@ case $basic_machine in
|
|||
m68*-cisco)
|
||||
os=-aout
|
||||
;;
|
||||
mep-*)
|
||||
os=-elf
|
||||
;;
|
||||
mips*-cisco)
|
||||
os=-elf
|
||||
;;
|
||||
|
@ -1353,9 +1524,15 @@ case $basic_machine in
|
|||
*-be)
|
||||
os=-beos
|
||||
;;
|
||||
*-haiku)
|
||||
os=-haiku
|
||||
;;
|
||||
*-ibm)
|
||||
os=-aix
|
||||
;;
|
||||
*-knuth)
|
||||
os=-mmixware
|
||||
;;
|
||||
*-wec)
|
||||
os=-proelf
|
||||
;;
|
||||
|
@ -1458,7 +1635,7 @@ case $basic_machine in
|
|||
-sunos*)
|
||||
vendor=sun
|
||||
;;
|
||||
-aix*)
|
||||
-cnk*|-aix*)
|
||||
vendor=ibm
|
||||
;;
|
||||
-beos*)
|
||||
|
@ -1521,7 +1698,7 @@ case $basic_machine in
|
|||
esac
|
||||
|
||||
echo $basic_machine$os
|
||||
exit 0
|
||||
exit
|
||||
|
||||
# Local variables:
|
||||
# eval: (add-hook 'write-file-hooks 'time-stamp)
|
||||
|
|
1163
configure.in
1163
configure.in
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,358 @@
|
|||
/*
|
||||
* This code is derived from code formerly in pcap-dlpi.c, originally
|
||||
* contributed by Atanu Ghosh (atanu@cs.ucl.ac.uk), University College
|
||||
* London, and subsequently modified by Guy Harris (guy@alum.mit.edu),
|
||||
* Mark Pizzolato <List-tcpdump-workers@subscriptions.pizzolato.net>,
|
||||
* Mark C. Brown (mbrown@hp.com), and Sagun Shakya <Sagun.Shakya@Sun.COM>.
|
||||
*/
|
||||
|
||||
/*
|
||||
* This file contains dlpi/libdlpi related common functions used
|
||||
* by pcap-[dlpi,libdlpi].c.
|
||||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/dlpisubs.c,v 1.3 2008-12-02 16:40:19 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifndef DL_IPATM
|
||||
#define DL_IPATM 0x12 /* ATM Classical IP interface */
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
/*
|
||||
* Size of a bufmod chunk to pass upstream; that appears to be the
|
||||
* biggest value to which you can set it, and setting it to that value
|
||||
* (which is bigger than what appears to be the Solaris default of 8192)
|
||||
* reduces the number of packet drops.
|
||||
*/
|
||||
#define CHUNKSIZE 65536
|
||||
|
||||
/*
|
||||
* Size of the buffer to allocate for packet data we read; it must be
|
||||
* large enough to hold a chunk.
|
||||
*/
|
||||
#define PKTBUFSIZE CHUNKSIZE
|
||||
|
||||
#else /* HAVE_SYS_BUFMOD_H */
|
||||
|
||||
/*
|
||||
* Size of the buffer to allocate for packet data we read; this is
|
||||
* what the value used to be - there's no particular reason why it
|
||||
* should be tied to MAXDLBUF, but we'll leave it as this for now.
|
||||
*/
|
||||
#define MAXDLBUF 8192
|
||||
#define PKTBUFSIZE (MAXDLBUF * sizeof(bpf_u_int32))
|
||||
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/time.h>
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
#include <sys/bufmod.h>
|
||||
#endif
|
||||
#include <sys/dlpi.h>
|
||||
#include <sys/stream.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <memory.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stropts.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "pcap-int.h"
|
||||
#include "dlpisubs.h"
|
||||
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
static void pcap_stream_err(const char *, int, char *);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Get the packet statistics.
|
||||
*/
|
||||
int
|
||||
pcap_stats_dlpi(pcap_t *p, struct pcap_stat *ps)
|
||||
{
|
||||
|
||||
/*
|
||||
* "ps_recv" counts packets handed to the filter, not packets
|
||||
* that passed the filter. As filtering is done in userland,
|
||||
* this would not include packets dropped because we ran out
|
||||
* of buffer space; in order to make this more like other
|
||||
* platforms (Linux 2.4 and later, BSDs with BPF), where the
|
||||
* "packets received" count includes packets received but dropped
|
||||
* due to running out of buffer space, and to keep from confusing
|
||||
* applications that, for example, compute packet drop percentages,
|
||||
* we also make it count packets dropped by "bufmod" (otherwise we
|
||||
* might run the risk of the packet drop count being bigger than
|
||||
* the received-packet count).
|
||||
*
|
||||
* "ps_drop" counts packets dropped by "bufmod" because of
|
||||
* flow control requirements or resource exhaustion; it doesn't
|
||||
* count packets dropped by the interface driver, or packets
|
||||
* dropped upstream. As filtering is done in userland, it counts
|
||||
* packets regardless of whether they would've passed the filter.
|
||||
*
|
||||
* These statistics don't include packets not yet read from
|
||||
* the kernel by libpcap, but they may include packets not
|
||||
* yet read from libpcap by the application.
|
||||
*/
|
||||
*ps = p->md.stat;
|
||||
|
||||
/*
|
||||
* Add in the drop count, as per the above comment.
|
||||
*/
|
||||
ps->ps_recv += ps->ps_drop;
|
||||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Loop through the packets and call the callback for each packet.
|
||||
* Return the number of packets read.
|
||||
*/
|
||||
int
|
||||
pcap_process_pkts(pcap_t *p, pcap_handler callback, u_char *user,
|
||||
int count, u_char *bufp, int len)
|
||||
{
|
||||
int n, caplen, origlen;
|
||||
u_char *ep, *pk;
|
||||
struct pcap_pkthdr pkthdr;
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
struct sb_hdr *sbp;
|
||||
#ifdef LBL_ALIGN
|
||||
struct sb_hdr sbhdr;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Loop through packets */
|
||||
ep = bufp + len;
|
||||
n = 0;
|
||||
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
while (bufp < ep) {
|
||||
/*
|
||||
* Has "pcap_breakloop()" been called?
|
||||
* If so, return immediately - if we haven't read any
|
||||
* packets, clear the flag and return -2 to indicate
|
||||
* that we were told to break out of the loop, otherwise
|
||||
* leave the flag set, so that the *next* call will break
|
||||
* out of the loop without having read any packets, and
|
||||
* return the number of packets we've processed so far.
|
||||
*/
|
||||
if (p->break_loop) {
|
||||
if (n == 0) {
|
||||
p->break_loop = 0;
|
||||
return (-2);
|
||||
} else {
|
||||
p->bp = bufp;
|
||||
p->cc = ep - bufp;
|
||||
return (n);
|
||||
}
|
||||
}
|
||||
#ifdef LBL_ALIGN
|
||||
if ((long)bufp & 3) {
|
||||
sbp = &sbhdr;
|
||||
memcpy(sbp, bufp, sizeof(*sbp));
|
||||
} else
|
||||
#endif
|
||||
sbp = (struct sb_hdr *)bufp;
|
||||
p->md.stat.ps_drop = sbp->sbh_drops;
|
||||
pk = bufp + sizeof(*sbp);
|
||||
bufp += sbp->sbh_totlen;
|
||||
origlen = sbp->sbh_origlen;
|
||||
caplen = sbp->sbh_msglen;
|
||||
#else
|
||||
origlen = len;
|
||||
caplen = min(p->snapshot, len);
|
||||
pk = bufp;
|
||||
bufp += caplen;
|
||||
#endif
|
||||
++p->md.stat.ps_recv;
|
||||
if (bpf_filter(p->fcode.bf_insns, pk, origlen, caplen)) {
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
pkthdr.ts.tv_sec = sbp->sbh_timestamp.tv_sec;
|
||||
pkthdr.ts.tv_usec = sbp->sbh_timestamp.tv_usec;
|
||||
#else
|
||||
(void) gettimeofday(&pkthdr.ts, NULL);
|
||||
#endif
|
||||
pkthdr.len = origlen;
|
||||
pkthdr.caplen = caplen;
|
||||
/* Insure caplen does not exceed snapshot */
|
||||
if (pkthdr.caplen > p->snapshot)
|
||||
pkthdr.caplen = p->snapshot;
|
||||
(*callback)(user, &pkthdr, pk);
|
||||
if (++n >= count && count >= 0) {
|
||||
p->cc = ep - bufp;
|
||||
p->bp = bufp;
|
||||
return (n);
|
||||
}
|
||||
}
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
}
|
||||
#endif
|
||||
p->cc = 0;
|
||||
return (n);
|
||||
}
|
||||
|
||||
/*
|
||||
* Process the mac type. Returns -1 if no matching mac type found, otherwise 0.
|
||||
*/
|
||||
int
|
||||
pcap_process_mactype(pcap_t *p, u_int mactype)
|
||||
{
|
||||
int retv = 0;
|
||||
|
||||
switch (mactype) {
|
||||
|
||||
case DL_CSMACD:
|
||||
case DL_ETHER:
|
||||
p->linktype = DLT_EN10MB;
|
||||
p->offset = 2;
|
||||
/*
|
||||
* This is (presumably) a real Ethernet capture; give it a
|
||||
* link-layer-type list with DLT_EN10MB and DLT_DOCSIS, so
|
||||
* that an application can let you choose it, in case you're
|
||||
* capturing DOCSIS traffic that a Cisco Cable Modem
|
||||
* Termination System is putting out onto an Ethernet (it
|
||||
* doesn't put an Ethernet header onto the wire, it puts raw
|
||||
* DOCSIS frames out on the wire inside the low-level
|
||||
* Ethernet framing).
|
||||
*/
|
||||
p->dlt_list = (u_int *)malloc(sizeof(u_int) * 2);
|
||||
/*
|
||||
* If that fails, just leave the list empty.
|
||||
*/
|
||||
if (p->dlt_list != NULL) {
|
||||
p->dlt_list[0] = DLT_EN10MB;
|
||||
p->dlt_list[1] = DLT_DOCSIS;
|
||||
p->dlt_count = 2;
|
||||
}
|
||||
break;
|
||||
|
||||
case DL_FDDI:
|
||||
p->linktype = DLT_FDDI;
|
||||
p->offset = 3;
|
||||
break;
|
||||
|
||||
case DL_TPR:
|
||||
/* XXX - what about DL_TPB? Is that Token Bus? */
|
||||
p->linktype = DLT_IEEE802;
|
||||
p->offset = 2;
|
||||
break;
|
||||
|
||||
#ifdef HAVE_SOLARIS
|
||||
case DL_IPATM:
|
||||
p->linktype = DLT_SUNATM;
|
||||
p->offset = 0; /* works for LANE and LLC encapsulation */
|
||||
break;
|
||||
#endif
|
||||
|
||||
default:
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "unknown mactype %u",
|
||||
mactype);
|
||||
retv = -1;
|
||||
}
|
||||
|
||||
return (retv);
|
||||
}
|
||||
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
/*
|
||||
* Push and configure the buffer module. Returns -1 for error, otherwise 0.
|
||||
*/
|
||||
int
|
||||
pcap_conf_bufmod(pcap_t *p, int snaplen, int timeout)
|
||||
{
|
||||
int retv = 0;
|
||||
|
||||
bpf_u_int32 ss, chunksize;
|
||||
|
||||
/* Non-standard call to get the data nicely buffered. */
|
||||
if (ioctl(p->fd, I_PUSH, "bufmod") != 0) {
|
||||
pcap_stream_err("I_PUSH bufmod", errno, p->errbuf);
|
||||
retv = -1;
|
||||
}
|
||||
|
||||
ss = snaplen;
|
||||
if (ss > 0 &&
|
||||
strioctl(p->fd, SBIOCSSNAP, sizeof(ss), (char *)&ss) != 0) {
|
||||
pcap_stream_err("SBIOCSSNAP", errno, p->errbuf);
|
||||
retv = -1;
|
||||
}
|
||||
|
||||
/* Set up the bufmod timeout. */
|
||||
if (timeout != 0) {
|
||||
struct timeval to;
|
||||
|
||||
to.tv_sec = timeout / 1000;
|
||||
to.tv_usec = (timeout * 1000) % 1000000;
|
||||
if (strioctl(p->fd, SBIOCSTIME, sizeof(to), (char *)&to) != 0) {
|
||||
pcap_stream_err("SBIOCSTIME", errno, p->errbuf);
|
||||
retv = -1;
|
||||
}
|
||||
}
|
||||
|
||||
/* Set the chunk length. */
|
||||
chunksize = CHUNKSIZE;
|
||||
if (strioctl(p->fd, SBIOCSCHUNK, sizeof(chunksize), (char *)&chunksize)
|
||||
!= 0) {
|
||||
pcap_stream_err("SBIOCSCHUNKP", errno, p->errbuf);
|
||||
retv = -1;
|
||||
}
|
||||
|
||||
return (retv);
|
||||
}
|
||||
#endif /* HAVE_SYS_BUFMOD_H */
|
||||
|
||||
/*
|
||||
* Allocate data buffer. Returns -1 if memory allocation fails, else 0.
|
||||
*/
|
||||
int
|
||||
pcap_alloc_databuf(pcap_t *p)
|
||||
{
|
||||
p->bufsize = PKTBUFSIZE;
|
||||
p->buffer = (u_char *)malloc(p->bufsize + p->offset);
|
||||
if (p->buffer == NULL) {
|
||||
strlcpy(p->errbuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Issue a STREAMS I_STR ioctl. Returns -1 on error, otherwise
|
||||
* length of returned data on success.
|
||||
*/
|
||||
int
|
||||
strioctl(int fd, int cmd, int len, char *dp)
|
||||
{
|
||||
struct strioctl str;
|
||||
int retv;
|
||||
|
||||
str.ic_cmd = cmd;
|
||||
str.ic_timout = -1;
|
||||
str.ic_len = len;
|
||||
str.ic_dp = dp;
|
||||
if ((retv = ioctl(fd, I_STR, &str)) < 0)
|
||||
return (retv);
|
||||
|
||||
return (str.ic_len);
|
||||
}
|
||||
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
/*
|
||||
* Write stream error message to errbuf.
|
||||
*/
|
||||
static void
|
||||
pcap_stream_err(const char *func, int err, char *errbuf)
|
||||
{
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", func, pcap_strerror(err));
|
||||
}
|
||||
#endif
|
|
@ -0,0 +1,28 @@
|
|||
/*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/dlpisubs.h,v 1.2 2008-04-04 19:37:45 guy Exp $
|
||||
*/
|
||||
|
||||
#ifndef dlpisubs_h
|
||||
#define dlpisubs_h
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Functions used by dlpisubs.c.
|
||||
*/
|
||||
int pcap_stats_dlpi(pcap_t *, struct pcap_stat *);
|
||||
int pcap_process_pkts(pcap_t *, pcap_handler, u_char *, int, u_char *, int);
|
||||
int pcap_process_mactype(pcap_t *, u_int);
|
||||
#ifdef HAVE_SYS_BUFMOD_H
|
||||
int pcap_conf_bufmod(pcap_t *, int, int);
|
||||
#endif
|
||||
int pcap_alloc_databuf(pcap_t *);
|
||||
int strioctl(int, int, int, char *);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
16
etherent.c
16
etherent.c
|
@ -21,14 +21,26 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/etherent.c,v 1.22 2003-11-15 23:23:57 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/etherent.c,v 1.23 2006-10-04 18:09:22 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#include <pcap-stdinc.h>
|
||||
#else /* WIN32 */
|
||||
#if HAVE_INTTYPES_H
|
||||
#include <inttypes.h>
|
||||
#elif HAVE_STDINT_H
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
#ifdef HAVE_SYS_BITYPES_H
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
#include <sys/types.h>
|
||||
#endif /* WIN32 */
|
||||
|
||||
#include <ctype.h>
|
||||
#include <memory.h>
|
||||
|
@ -37,7 +49,7 @@ static const char rcsid[] _U_ =
|
|||
|
||||
#include "pcap-int.h"
|
||||
|
||||
#include <pcap-namedb.h>
|
||||
#include <pcap/namedb.h>
|
||||
|
||||
#ifdef HAVE_OS_PROTO_H
|
||||
#include "os-proto.h"
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/ethertype.h,v 1.13 2004-06-16 08:20:28 hannes Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/ethertype.h,v 1.14 2005-09-05 09:06:58 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -108,6 +108,12 @@
|
|||
#ifndef ETHERTYPE_MPLS_MULTI
|
||||
#define ETHERTYPE_MPLS_MULTI 0x8848
|
||||
#endif
|
||||
#ifndef ETHERTYPE_PPPOED
|
||||
#define ETHERTYPE_PPPOED 0x8863
|
||||
#endif
|
||||
#ifndef ETHERTYPE_PPPOES
|
||||
#define ETHERTYPE_PPPOES 0x8864
|
||||
#endif
|
||||
#ifndef ETHERTYPE_LOOPBACK
|
||||
#define ETHERTYPE_LOOPBACK 0x9000
|
||||
#endif
|
||||
|
|
11
fad-getad.c
11
fad-getad.c
|
@ -34,7 +34,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-getad.c,v 1.11 2005-04-08 02:01:19 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-getad.c,v 1.12 2007-09-14 00:44:55 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -61,7 +61,14 @@ static const char rcsid[] _U_ =
|
|||
#endif
|
||||
|
||||
#ifdef AF_PACKET
|
||||
# include <linux/if_packet.h>
|
||||
# ifdef __Lynx__
|
||||
/* LynxOS */
|
||||
# include <netpacket/if_packet.h>
|
||||
# else
|
||||
/* Linux */
|
||||
# include <linux/types.h>
|
||||
# include <linux/if_packet.h>
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
|
168
fad-gifc.c
168
fad-gifc.c
|
@ -34,7 +34,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-gifc.c,v 1.10 2005-04-08 02:15:49 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-gifc.c,v 1.12 2008-08-06 07:34:09 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -42,7 +42,6 @@ static const char rcsid[] _U_ =
|
|||
#endif
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/file.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/socket.h>
|
||||
#ifdef HAVE_SYS_SOCKIO_H
|
||||
|
@ -102,135 +101,26 @@ struct rtentry; /* declarations in <net/if.h> */
|
|||
#endif /* HAVE_SOCKADDR_SA_LEN */
|
||||
#endif /* SA_LEN */
|
||||
|
||||
#ifdef HAVE_PROC_NET_DEV
|
||||
/*
|
||||
* Get from "/proc/net/dev" all interfaces listed there; if they're
|
||||
* already in the list of interfaces we have, that won't add another
|
||||
* instance, but if they're not, that'll add them.
|
||||
* This is also fun.
|
||||
*
|
||||
* We don't bother getting any addresses for them; it appears you can't
|
||||
* use SIOCGIFADDR on Linux to get IPv6 addresses for interfaces, and,
|
||||
* although some other types of addresses can be fetched with SIOCGIFADDR,
|
||||
* we don't bother with them for now.
|
||||
* There is no ioctl that returns the amount of space required for all
|
||||
* the data that SIOCGIFCONF could return, and if a buffer is supplied
|
||||
* that's not large enough for all the data SIOCGIFCONF could return,
|
||||
* on at least some platforms it just returns the data that'd fit with
|
||||
* no indication that there wasn't enough room for all the data, much
|
||||
* less an indication of how much more room is required.
|
||||
*
|
||||
* We also don't fail if we couldn't open "/proc/net/dev"; we just leave
|
||||
* the list of interfaces as is.
|
||||
* The only way to ensure that we got all the data is to pass a buffer
|
||||
* large enough that the amount of space in the buffer *not* filled in
|
||||
* is greater than the largest possible entry.
|
||||
*
|
||||
* We assume that's "sizeof(ifreq.ifr_name)" plus 255, under the assumption
|
||||
* that no address is more than 255 bytes (on systems where the "sa_len"
|
||||
* field in a "struct sockaddr" is 1 byte, e.g. newer BSDs, that's the
|
||||
* case, and addresses are unlikely to be bigger than that in any case).
|
||||
*/
|
||||
static int
|
||||
scan_proc_net_dev(pcap_if_t **devlistp, int fd, char *errbuf)
|
||||
{
|
||||
FILE *proc_net_f;
|
||||
char linebuf[512];
|
||||
int linenum;
|
||||
unsigned char *p;
|
||||
char name[512]; /* XXX - pick a size */
|
||||
char *q, *saveq;
|
||||
struct ifreq ifrflags;
|
||||
int ret = 0;
|
||||
|
||||
proc_net_f = fopen("/proc/net/dev", "r");
|
||||
if (proc_net_f == NULL)
|
||||
return (0);
|
||||
|
||||
for (linenum = 1;
|
||||
fgets(linebuf, sizeof linebuf, proc_net_f) != NULL; linenum++) {
|
||||
/*
|
||||
* Skip the first two lines - they're headers.
|
||||
*/
|
||||
if (linenum <= 2)
|
||||
continue;
|
||||
|
||||
p = &linebuf[0];
|
||||
|
||||
/*
|
||||
* Skip leading white space.
|
||||
*/
|
||||
while (*p != '\0' && isspace(*p))
|
||||
p++;
|
||||
if (*p == '\0' || *p == '\n')
|
||||
continue; /* blank line */
|
||||
|
||||
/*
|
||||
* Get the interface name.
|
||||
*/
|
||||
q = &name[0];
|
||||
while (*p != '\0' && !isspace(*p)) {
|
||||
if (*p == ':') {
|
||||
/*
|
||||
* This could be the separator between a
|
||||
* name and an alias number, or it could be
|
||||
* the separator between a name with no
|
||||
* alias number and the next field.
|
||||
*
|
||||
* If there's a colon after digits, it
|
||||
* separates the name and the alias number,
|
||||
* otherwise it separates the name and the
|
||||
* next field.
|
||||
*/
|
||||
saveq = q;
|
||||
while (isdigit(*p))
|
||||
*q++ = *p++;
|
||||
if (*p != ':') {
|
||||
/*
|
||||
* That was the next field,
|
||||
* not the alias number.
|
||||
*/
|
||||
q = saveq;
|
||||
}
|
||||
break;
|
||||
} else
|
||||
*q++ = *p++;
|
||||
}
|
||||
*q = '\0';
|
||||
|
||||
/*
|
||||
* Get the flags for this interface, and skip it if
|
||||
* it's not up.
|
||||
*/
|
||||
strncpy(ifrflags.ifr_name, name, sizeof(ifrflags.ifr_name));
|
||||
if (ioctl(fd, SIOCGIFFLAGS, (char *)&ifrflags) < 0) {
|
||||
if (errno == ENXIO)
|
||||
continue;
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"SIOCGIFFLAGS: %.*s: %s",
|
||||
(int)sizeof(ifrflags.ifr_name),
|
||||
ifrflags.ifr_name,
|
||||
pcap_strerror(errno));
|
||||
ret = -1;
|
||||
break;
|
||||
}
|
||||
if (!(ifrflags.ifr_flags & IFF_UP))
|
||||
continue;
|
||||
|
||||
/*
|
||||
* Add an entry for this interface, with no addresses.
|
||||
*/
|
||||
if (pcap_add_if(devlistp, name, ifrflags.ifr_flags, NULL,
|
||||
errbuf) == -1) {
|
||||
/*
|
||||
* Failure.
|
||||
*/
|
||||
ret = -1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (ret != -1) {
|
||||
/*
|
||||
* Well, we didn't fail for any other reason; did we
|
||||
* fail due to an error reading the file?
|
||||
*/
|
||||
if (ferror(proc_net_f)) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Error reading /proc/net/dev: %s",
|
||||
pcap_strerror(errno));
|
||||
ret = -1;
|
||||
}
|
||||
}
|
||||
|
||||
(void)fclose(proc_net_f);
|
||||
return (ret);
|
||||
}
|
||||
#endif /* HAVE_PROC_NET_DEV */
|
||||
#define MAX_SA_LEN 255
|
||||
|
||||
/*
|
||||
* Get a list of all interfaces that are up and that we can open.
|
||||
|
@ -275,9 +165,10 @@ pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
|
|||
|
||||
/*
|
||||
* Start with an 8K buffer, and keep growing the buffer until
|
||||
* we get the entire interface list or fail to get it for some
|
||||
* reason other than EINVAL (which is presumed here to mean
|
||||
* "buffer is too small").
|
||||
* we have more than "sizeof(ifrp->ifr_name) + MAX_SA_LEN"
|
||||
* bytes left over in the buffer or we fail to get the
|
||||
* interface list for some reason other than EINVAL (which is
|
||||
* presumed here to mean "buffer is too small").
|
||||
*/
|
||||
buf_size = 8192;
|
||||
for (;;) {
|
||||
|
@ -300,7 +191,8 @@ pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
|
|||
free(buf);
|
||||
return (-1);
|
||||
}
|
||||
if (ifc.ifc_len < buf_size)
|
||||
if (ifc.ifc_len < buf_size &&
|
||||
(buf_size - ifc.ifc_len) > sizeof(ifrp->ifr_name) + MAX_SA_LEN)
|
||||
break;
|
||||
free(buf);
|
||||
buf_size *= 2;
|
||||
|
@ -515,20 +407,6 @@ pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
|
|||
}
|
||||
}
|
||||
free(buf);
|
||||
|
||||
#ifdef HAVE_PROC_NET_DEV
|
||||
if (ret != -1) {
|
||||
/*
|
||||
* We haven't had any errors yet; now read "/proc/net/dev",
|
||||
* and add to the list of interfaces all interfaces listed
|
||||
* there that we don't already have, because, on Linux,
|
||||
* SIOCGIFCONF reports only interfaces with IPv4 addresses,
|
||||
* so you need to read "/proc/net/dev" to get the names of
|
||||
* the rest of the interfaces.
|
||||
*/
|
||||
ret = scan_proc_net_dev(&devlist, fd, errbuf);
|
||||
}
|
||||
#endif
|
||||
(void)close(fd);
|
||||
|
||||
if (ret != -1) {
|
||||
|
|
|
@ -34,7 +34,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-glifc.c,v 1.5 2005-01-29 10:34:04 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-glifc.c,v 1.7 2008-01-30 09:35:48 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -75,9 +75,9 @@ struct rtentry; /* declarations in <net/if.h> */
|
|||
* The list, as returned through "alldevsp", may be null if no interfaces
|
||||
* were up and could be opened.
|
||||
*
|
||||
* This is the implementation used on platforms that have SIOCLGIFCONF
|
||||
* This is the implementation used on platforms that have SIOCGLIFCONF
|
||||
* but don't have "getifaddrs()". (Solaris 8 and later; we use
|
||||
* SIOCLGIFCONF rather than SIOCGIFCONF in order to get IPv6 addresses.)
|
||||
* SIOCGLIFCONF rather than SIOCGIFCONF in order to get IPv6 addresses.)
|
||||
*/
|
||||
int
|
||||
pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
|
||||
|
@ -326,7 +326,7 @@ pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
|
|||
* be treated like the entry for the real interface;
|
||||
* we do that by stripping off the ":" and the number.
|
||||
*/
|
||||
p = strchr(ifrp->ifr_name, ':');
|
||||
p = strchr(ifrp->lifr_name, ':');
|
||||
if (p != NULL) {
|
||||
/*
|
||||
* We have a ":"; is it followed by a number?
|
||||
|
|
|
@ -0,0 +1,61 @@
|
|||
/*
|
||||
* fad-sita.c: Packet capture interface additions for SITA ACN devices
|
||||
*
|
||||
* Copyright (c) 2007 Fulko Hew, SITA INC Canada, Inc <fulko.hew@sita.aero>
|
||||
*
|
||||
* License: BSD
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
* 3. The names of the authors may not be used to endorse or promote
|
||||
* products derived from this software without specific prior
|
||||
* written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*/
|
||||
|
||||
/* $Id: fad-sita.c */
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
#include "pcap-int.h"
|
||||
|
||||
#include "pcap-sita.h"
|
||||
|
||||
extern pcap_if_t *acn_if_list; /* pcap's list of available interfaces */
|
||||
|
||||
int pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf) {
|
||||
|
||||
//printf("pcap_findalldevs()\n"); // fulko
|
||||
|
||||
*alldevsp = 0; /* initialize the returned variables before we do anything */
|
||||
strcpy(errbuf, "");
|
||||
if (acn_parse_hosts_file(errbuf)) /* scan the hosts file for potential IOPs */
|
||||
{
|
||||
//printf("pcap_findalldevs() returning BAD after parsehosts\n"); // fulko
|
||||
return -1;
|
||||
}
|
||||
//printf("pcap_findalldevs() got hostlist now finding devs\n"); // fulko
|
||||
if (acn_findalldevs(errbuf)) /* then ask the IOPs for their monitorable devices */
|
||||
{
|
||||
//printf("pcap_findalldevs() returning BAD after findalldevs\n"); // fulko
|
||||
return -1;
|
||||
}
|
||||
*alldevsp = acn_if_list;
|
||||
acn_if_list = 0; /* then forget our list head, because someone will call pcap_freealldevs() to empty the malloc'ed stuff */
|
||||
//printf("pcap_findalldevs() returning ZERO OK\n"); // fulko
|
||||
return 0;
|
||||
}
|
37
fad-win32.c
37
fad-win32.c
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2002 - 2003
|
||||
* NetGroup, Politecnico di Torino (Italy)
|
||||
* Copyright (c) 2002 - 2005 NetGroup, Politecnico di Torino (Italy)
|
||||
* Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
|
@ -12,9 +12,10 @@
|
|||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. Neither the name of the Politecnico di Torino nor the names of its
|
||||
* contributors may be used to endorse or promote products derived from
|
||||
* this software without specific prior written permission.
|
||||
* 3. Neither the name of the Politecnico di Torino, CACE Technologies
|
||||
* nor the names of its contributors may be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
|
@ -32,7 +33,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-win32.c,v 1.11 2005-01-29 00:52:22 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/fad-win32.c,v 1.15 2007-09-25 20:34:36 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -41,7 +42,7 @@ static const char rcsid[] _U_ =
|
|||
|
||||
#include <pcap.h>
|
||||
#include <pcap-int.h>
|
||||
#include <packet32.h>
|
||||
#include <Packet32.h>
|
||||
|
||||
#include <errno.h>
|
||||
|
||||
|
@ -224,7 +225,18 @@ pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
|
|||
ULONG NameLength;
|
||||
char *name;
|
||||
|
||||
PacketGetAdapterNames(NULL, &NameLength);
|
||||
if (!PacketGetAdapterNames(NULL, &NameLength))
|
||||
{
|
||||
DWORD last_error = GetLastError();
|
||||
|
||||
if (last_error != ERROR_INSUFFICIENT_BUFFER)
|
||||
{
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"PacketGetAdapterNames: %s",
|
||||
pcap_win32strerror());
|
||||
return (-1);
|
||||
}
|
||||
}
|
||||
|
||||
if (NameLength > 0)
|
||||
AdaptersName = (char*) malloc(NameLength);
|
||||
|
@ -289,6 +301,15 @@ pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
|
|||
name += strlen(name) + 1;
|
||||
desc += strlen(desc) + 1;
|
||||
}
|
||||
|
||||
if (ret != -1) {
|
||||
/*
|
||||
* We haven't had any errors yet; do any platform-specific
|
||||
* operations to add devices.
|
||||
*/
|
||||
if (pcap_platform_finddevs(&devlist, errbuf) < 0)
|
||||
ret = -1;
|
||||
}
|
||||
|
||||
if (ret == -1) {
|
||||
/*
|
||||
|
|
45
gencode.h
45
gencode.h
|
@ -18,7 +18,7 @@
|
|||
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.60 2004-06-16 08:20:30 hannes Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.71 2007-11-18 02:03:52 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
/*
|
||||
|
@ -55,6 +55,10 @@
|
|||
* POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifndef HAVE___ATTRIBUTE__
|
||||
#define __attribute__(x)
|
||||
#endif /* HAVE___ATTRIBUTE__ */
|
||||
|
||||
/* Address qualifiers. */
|
||||
|
||||
#define Q_HOST 1
|
||||
|
@ -63,6 +67,7 @@
|
|||
#define Q_GATEWAY 4
|
||||
#define Q_PROTO 5
|
||||
#define Q_PROTOCHAIN 6
|
||||
#define Q_PORTRANGE 7
|
||||
|
||||
/* Protocol qualifiers. */
|
||||
|
||||
|
@ -119,12 +124,20 @@
|
|||
#define Q_ISIS_PSNP 38
|
||||
#define Q_ISIS_LSP 39
|
||||
|
||||
#define Q_RADIO 40
|
||||
|
||||
/* Directional qualifiers. */
|
||||
|
||||
#define Q_SRC 1
|
||||
#define Q_DST 2
|
||||
#define Q_OR 3
|
||||
#define Q_AND 4
|
||||
#define Q_ADDR1 5
|
||||
#define Q_ADDR2 6
|
||||
#define Q_ADDR3 7
|
||||
#define Q_ADDR4 8
|
||||
#define Q_RA 9
|
||||
#define Q_TA 10
|
||||
|
||||
#define Q_DEFAULT 0
|
||||
#define Q_UNDEF 255
|
||||
|
@ -166,6 +179,18 @@
|
|||
end-to-end circuits, ILMI circuits or
|
||||
connection signalling circuit. */
|
||||
|
||||
/* MTP2 types */
|
||||
#define M_FISU 22 /* FISU */
|
||||
#define M_LSSU 23 /* LSSU */
|
||||
#define M_MSU 24 /* MSU */
|
||||
|
||||
/* MTP3 field types */
|
||||
#define M_SIO 1
|
||||
#define M_OPC 2
|
||||
#define M_DPC 3
|
||||
#define M_SLS 4
|
||||
|
||||
|
||||
struct slist;
|
||||
|
||||
struct stmt {
|
||||
|
@ -275,10 +300,16 @@ struct block *gen_inbound(int);
|
|||
struct block *gen_vlan(int);
|
||||
struct block *gen_mpls(int);
|
||||
|
||||
struct block *gen_atmfield_code(int atmfield, bpf_u_int32 jvalue, bpf_u_int32 jtype, int reverse);
|
||||
struct block *gen_pppoed(void);
|
||||
struct block *gen_pppoes(void);
|
||||
|
||||
struct block *gen_atmfield_code(int atmfield, bpf_int32 jvalue, bpf_u_int32 jtype, int reverse);
|
||||
struct block *gen_atmtype_abbrev(int type);
|
||||
struct block *gen_atmmulti_abbrev(int type);
|
||||
|
||||
struct block *gen_mtp2type_abbrev(int type);
|
||||
struct block *gen_mtp3field_code(int mtp3field, bpf_u_int32 jvalue, bpf_u_int32 jtype, int reverse);
|
||||
|
||||
struct block *gen_pf_ifname(const char *);
|
||||
struct block *gen_pf_rnr(int);
|
||||
struct block *gen_pf_srnr(int);
|
||||
|
@ -287,19 +318,19 @@ struct block *gen_pf_reason(int);
|
|||
struct block *gen_pf_action(int);
|
||||
struct block *gen_pf_dir(int);
|
||||
|
||||
struct block *gen_p80211_type(int, int);
|
||||
struct block *gen_p80211_fcdir(int);
|
||||
|
||||
void bpf_optimize(struct block **);
|
||||
void bpf_error(const char *, ...)
|
||||
#if HAVE___ATTRIBUTE__
|
||||
__attribute__((noreturn, format (printf, 1, 2)))
|
||||
#endif
|
||||
;
|
||||
__attribute__((noreturn, format (printf, 1, 2)));
|
||||
|
||||
void finish_parse(struct block *);
|
||||
char *sdup(const char *);
|
||||
|
||||
struct bpf_insn *icode_to_fcode(struct block *, int *);
|
||||
int pcap_parse(void);
|
||||
void lex_init(char *);
|
||||
void lex_init(const char *);
|
||||
void lex_cleanup(void);
|
||||
void sappend(struct slist *, struct slist *);
|
||||
|
||||
|
|
324
grammar.y
324
grammar.y
|
@ -22,7 +22,7 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.86 2004-12-18 08:49:23 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.101 2007-11-18 02:03:52 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -45,6 +45,7 @@ struct rtentry;
|
|||
#endif
|
||||
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#endif /* WIN32 */
|
||||
|
||||
#include <stdio.h>
|
||||
|
@ -52,8 +53,13 @@ struct rtentry;
|
|||
#include "pcap-int.h"
|
||||
|
||||
#include "gencode.h"
|
||||
#include "pf.h"
|
||||
#include <pcap-namedb.h>
|
||||
#ifdef HAVE_NET_PFVAR_H
|
||||
#include <net/if.h>
|
||||
#include <net/pfvar.h>
|
||||
#include <net/if_pflog.h>
|
||||
#endif
|
||||
#include "ieee80211.h"
|
||||
#include <pcap/namedb.h>
|
||||
|
||||
#ifdef HAVE_OS_PROTO_H
|
||||
#include "os-proto.h"
|
||||
|
@ -63,12 +69,98 @@ struct rtentry;
|
|||
(q).dir = (d),\
|
||||
(q).addr = (a)
|
||||
|
||||
struct tok {
|
||||
int v; /* value */
|
||||
const char *s; /* string */
|
||||
};
|
||||
|
||||
static const struct tok ieee80211_types[] = {
|
||||
{ IEEE80211_FC0_TYPE_DATA, "data" },
|
||||
{ IEEE80211_FC0_TYPE_MGT, "mgt" },
|
||||
{ IEEE80211_FC0_TYPE_MGT, "management" },
|
||||
{ IEEE80211_FC0_TYPE_CTL, "ctl" },
|
||||
{ IEEE80211_FC0_TYPE_CTL, "control" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
static const struct tok ieee80211_mgt_subtypes[] = {
|
||||
{ IEEE80211_FC0_SUBTYPE_ASSOC_REQ, "assocreq" },
|
||||
{ IEEE80211_FC0_SUBTYPE_ASSOC_REQ, "assoc-req" },
|
||||
{ IEEE80211_FC0_SUBTYPE_ASSOC_RESP, "assocresp" },
|
||||
{ IEEE80211_FC0_SUBTYPE_ASSOC_RESP, "assoc-resp" },
|
||||
{ IEEE80211_FC0_SUBTYPE_REASSOC_REQ, "reassocreq" },
|
||||
{ IEEE80211_FC0_SUBTYPE_REASSOC_REQ, "reassoc-req" },
|
||||
{ IEEE80211_FC0_SUBTYPE_REASSOC_RESP, "reassocresp" },
|
||||
{ IEEE80211_FC0_SUBTYPE_REASSOC_RESP, "reassoc-resp" },
|
||||
{ IEEE80211_FC0_SUBTYPE_PROBE_REQ, "probereq" },
|
||||
{ IEEE80211_FC0_SUBTYPE_PROBE_REQ, "probe-req" },
|
||||
{ IEEE80211_FC0_SUBTYPE_PROBE_RESP, "proberesp" },
|
||||
{ IEEE80211_FC0_SUBTYPE_PROBE_RESP, "probe-resp" },
|
||||
{ IEEE80211_FC0_SUBTYPE_BEACON, "beacon" },
|
||||
{ IEEE80211_FC0_SUBTYPE_ATIM, "atim" },
|
||||
{ IEEE80211_FC0_SUBTYPE_DISASSOC, "disassoc" },
|
||||
{ IEEE80211_FC0_SUBTYPE_DISASSOC, "disassociation" },
|
||||
{ IEEE80211_FC0_SUBTYPE_AUTH, "auth" },
|
||||
{ IEEE80211_FC0_SUBTYPE_AUTH, "authentication" },
|
||||
{ IEEE80211_FC0_SUBTYPE_DEAUTH, "deauth" },
|
||||
{ IEEE80211_FC0_SUBTYPE_DEAUTH, "deauthentication" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
static const struct tok ieee80211_ctl_subtypes[] = {
|
||||
{ IEEE80211_FC0_SUBTYPE_PS_POLL, "ps-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_RTS, "rts" },
|
||||
{ IEEE80211_FC0_SUBTYPE_CTS, "cts" },
|
||||
{ IEEE80211_FC0_SUBTYPE_ACK, "ack" },
|
||||
{ IEEE80211_FC0_SUBTYPE_CF_END, "cf-end" },
|
||||
{ IEEE80211_FC0_SUBTYPE_CF_END_ACK, "cf-end-ack" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
static const struct tok ieee80211_data_subtypes[] = {
|
||||
{ IEEE80211_FC0_SUBTYPE_DATA, "data" },
|
||||
{ IEEE80211_FC0_SUBTYPE_CF_ACK, "data-cf-ack" },
|
||||
{ IEEE80211_FC0_SUBTYPE_CF_POLL, "data-cf-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_CF_ACPL, "data-cf-ack-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_NODATA, "null" },
|
||||
{ IEEE80211_FC0_SUBTYPE_NODATA_CF_ACK, "cf-ack" },
|
||||
{ IEEE80211_FC0_SUBTYPE_NODATA_CF_POLL, "cf-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_NODATA_CF_ACPL, "cf-ack-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_QOS|IEEE80211_FC0_SUBTYPE_DATA, "qos-data" },
|
||||
{ IEEE80211_FC0_SUBTYPE_QOS|IEEE80211_FC0_SUBTYPE_CF_ACK, "qos-data-cf-ack" },
|
||||
{ IEEE80211_FC0_SUBTYPE_QOS|IEEE80211_FC0_SUBTYPE_CF_POLL, "qos-data-cf-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_QOS|IEEE80211_FC0_SUBTYPE_CF_ACPL, "qos-data-cf-ack-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_QOS|IEEE80211_FC0_SUBTYPE_NODATA, "qos" },
|
||||
{ IEEE80211_FC0_SUBTYPE_QOS|IEEE80211_FC0_SUBTYPE_NODATA_CF_POLL, "qos-cf-poll" },
|
||||
{ IEEE80211_FC0_SUBTYPE_QOS|IEEE80211_FC0_SUBTYPE_NODATA_CF_ACPL, "qos-cf-ack-poll" },
|
||||
{ 0, NULL }
|
||||
};
|
||||
struct type2tok {
|
||||
int type;
|
||||
const struct tok *tok;
|
||||
};
|
||||
static const struct type2tok ieee80211_type_subtypes[] = {
|
||||
{ IEEE80211_FC0_TYPE_MGT, ieee80211_mgt_subtypes },
|
||||
{ IEEE80211_FC0_TYPE_CTL, ieee80211_ctl_subtypes },
|
||||
{ IEEE80211_FC0_TYPE_DATA, ieee80211_data_subtypes },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
static int
|
||||
str2tok(const char *str, const struct tok *toks)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; toks[i].s != NULL; i++) {
|
||||
if (pcap_strcasecmp(toks[i].s, str) == 0)
|
||||
return (toks[i].v);
|
||||
}
|
||||
return (-1);
|
||||
}
|
||||
|
||||
int n_errors = 0;
|
||||
|
||||
static struct qual qerr = { Q_UNDEF, Q_UNDEF, Q_UNDEF, Q_UNDEF };
|
||||
|
||||
static void
|
||||
yyerror(char *msg)
|
||||
yyerror(const char *msg)
|
||||
{
|
||||
++n_errors;
|
||||
bpf_error("%s", msg);
|
||||
|
@ -85,6 +177,66 @@ pcap_parse()
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_NET_PFVAR_H
|
||||
static int
|
||||
pfreason_to_num(const char *reason)
|
||||
{
|
||||
const char *reasons[] = PFRES_NAMES;
|
||||
int i;
|
||||
|
||||
for (i = 0; reasons[i]; i++) {
|
||||
if (pcap_strcasecmp(reason, reasons[i]) == 0)
|
||||
return (i);
|
||||
}
|
||||
bpf_error("unknown PF reason");
|
||||
/*NOTREACHED*/
|
||||
}
|
||||
|
||||
static int
|
||||
pfaction_to_num(const char *action)
|
||||
{
|
||||
if (pcap_strcasecmp(action, "pass") == 0 ||
|
||||
pcap_strcasecmp(action, "accept") == 0)
|
||||
return (PF_PASS);
|
||||
else if (pcap_strcasecmp(action, "drop") == 0 ||
|
||||
pcap_strcasecmp(action, "block") == 0)
|
||||
return (PF_DROP);
|
||||
#if HAVE_PF_NAT_THROUGH_PF_NORDR
|
||||
else if (pcap_strcasecmp(action, "rdr") == 0)
|
||||
return (PF_RDR);
|
||||
else if (pcap_strcasecmp(action, "nat") == 0)
|
||||
return (PF_NAT);
|
||||
else if (pcap_strcasecmp(action, "binat") == 0)
|
||||
return (PF_BINAT);
|
||||
else if (pcap_strcasecmp(action, "nordr") == 0)
|
||||
return (PF_NORDR);
|
||||
#endif
|
||||
else {
|
||||
bpf_error("unknown PF action");
|
||||
/*NOTREACHED*/
|
||||
}
|
||||
}
|
||||
#else /* !HAVE_NET_PFVAR_H */
|
||||
static int
|
||||
pfreason_to_num(const char *reason)
|
||||
{
|
||||
bpf_error("libpcap was compiled on a machine without pf support");
|
||||
/*NOTREACHED*/
|
||||
|
||||
/* this is to make the VC compiler happy */
|
||||
return -1;
|
||||
}
|
||||
|
||||
static int
|
||||
pfaction_to_num(const char *action)
|
||||
{
|
||||
bpf_error("libpcap was compiled on a machine without pf support");
|
||||
/*NOTREACHED*/
|
||||
|
||||
/* this is to make the VC compiler happy */
|
||||
return -1;
|
||||
}
|
||||
#endif /* HAVE_NET_PFVAR_H */
|
||||
%}
|
||||
|
||||
%union {
|
||||
|
@ -97,6 +249,7 @@ pcap_parse()
|
|||
struct {
|
||||
struct qual q;
|
||||
int atmfieldtype;
|
||||
int mtp3fieldtype;
|
||||
struct block *b;
|
||||
} blk;
|
||||
struct block *rblk;
|
||||
|
@ -108,18 +261,23 @@ pcap_parse()
|
|||
%type <a> arth narth
|
||||
%type <i> byteop pname pnum relop irelop
|
||||
%type <blk> and or paren not null prog
|
||||
%type <rblk> other pfvar
|
||||
%type <rblk> other pfvar p80211
|
||||
%type <i> atmtype atmmultitype
|
||||
%type <blk> atmfield
|
||||
%type <blk> atmfieldvalue atmvalue atmlistvalue
|
||||
%type <i> mtp2type
|
||||
%type <blk> mtp3field
|
||||
%type <blk> mtp3fieldvalue mtp3value mtp3listvalue
|
||||
|
||||
|
||||
%token DST SRC HOST GATEWAY
|
||||
%token NET NETMASK PORT LESS GREATER PROTO PROTOCHAIN CBYTE
|
||||
%token NET NETMASK PORT PORTRANGE LESS GREATER PROTO PROTOCHAIN CBYTE
|
||||
%token ARP RARP IP SCTP TCP UDP ICMP IGMP IGRP PIM VRRP
|
||||
%token ATALK AARP DECNET LAT SCA MOPRC MOPDL
|
||||
%token TK_BROADCAST TK_MULTICAST
|
||||
%token NUM INBOUND OUTBOUND
|
||||
%token PF_IFNAME PF_RSET PF_RNR PF_SRNR PF_REASON PF_ACTION
|
||||
%token TYPE SUBTYPE DIR ADDR1 ADDR2 ADDR3 ADDR4 RA TA
|
||||
%token LINK
|
||||
%token GEQ LEQ NEQ
|
||||
%token ID EID HID HID6 AID
|
||||
|
@ -127,6 +285,7 @@ pcap_parse()
|
|||
%token LEN
|
||||
%token IPV6 ICMPV6 AH ESP
|
||||
%token VLAN MPLS
|
||||
%token PPPOED PPPOES
|
||||
%token ISO ESIS CLNP ISIS L1 L2 IIH LSP SNP CSNP PSNP
|
||||
%token STP
|
||||
%token IPX
|
||||
|
@ -134,12 +293,15 @@ pcap_parse()
|
|||
%token LANE LLC METAC BCC SC ILMIC OAMF4EC OAMF4SC
|
||||
%token OAM OAMF4 CONNECTMSG METACONNECT
|
||||
%token VPI VCI
|
||||
%token RADIO
|
||||
%token FISU LSSU MSU
|
||||
%token SIO OPC DPC SLS
|
||||
|
||||
%type <s> ID
|
||||
%type <e> EID
|
||||
%type <e> AID
|
||||
%type <s> HID HID6
|
||||
%type <i> NUM action reason
|
||||
%type <i> NUM action reason type subtype type_subtype dir
|
||||
|
||||
%left OR AND
|
||||
%nonassoc '!'
|
||||
|
@ -181,6 +343,14 @@ nid: ID { $$.b = gen_scode($1, $$.q = $<blk>0.q); }
|
|||
| HID {
|
||||
/* Decide how to parse HID based on proto */
|
||||
$$.q = $<blk>0.q;
|
||||
if ($$.q.addr == Q_PORT)
|
||||
bpf_error("'port' modifier applied to ip host");
|
||||
else if ($$.q.addr == Q_PORTRANGE)
|
||||
bpf_error("'portrange' modifier applied to ip host");
|
||||
else if ($$.q.addr == Q_PROTO)
|
||||
bpf_error("'proto' modifier applied to ip host");
|
||||
else if ($$.q.addr == Q_PROTOCHAIN)
|
||||
bpf_error("'protochain' modifier applied to ip host");
|
||||
$$.b = gen_ncode($1, 0, $$.q);
|
||||
}
|
||||
| HID6 '/' NUM {
|
||||
|
@ -254,6 +424,8 @@ rterm: head id { $$ = $2; }
|
|||
| atmtype { $$.b = gen_atmtype_abbrev($1); $$.q = qerr; }
|
||||
| atmmultitype { $$.b = gen_atmmulti_abbrev($1); $$.q = qerr; }
|
||||
| atmfield atmvalue { $$.b = $2.b; $$.q = qerr; }
|
||||
| mtp2type { $$.b = gen_mtp2type_abbrev($1); $$.q = qerr; }
|
||||
| mtp3field mtp3value { $$.b = $2.b; $$.q = qerr; }
|
||||
;
|
||||
/* protocol level qualifiers */
|
||||
pqual: pname
|
||||
|
@ -266,11 +438,18 @@ dqual: SRC { $$ = Q_SRC; }
|
|||
| DST OR SRC { $$ = Q_OR; }
|
||||
| SRC AND DST { $$ = Q_AND; }
|
||||
| DST AND SRC { $$ = Q_AND; }
|
||||
| ADDR1 { $$ = Q_ADDR1; }
|
||||
| ADDR2 { $$ = Q_ADDR2; }
|
||||
| ADDR3 { $$ = Q_ADDR3; }
|
||||
| ADDR4 { $$ = Q_ADDR4; }
|
||||
| RA { $$ = Q_RA; }
|
||||
| TA { $$ = Q_TA; }
|
||||
;
|
||||
/* address type qualifiers */
|
||||
aqual: HOST { $$ = Q_HOST; }
|
||||
| NET { $$ = Q_NET; }
|
||||
| PORT { $$ = Q_PORT; }
|
||||
| PORTRANGE { $$ = Q_PORTRANGE; }
|
||||
;
|
||||
/* non-directional address type qualifiers */
|
||||
ndaqual: GATEWAY { $$ = Q_GATEWAY; }
|
||||
|
@ -312,6 +491,7 @@ pname: LINK { $$ = Q_LINK; }
|
|||
| STP { $$ = Q_STP; }
|
||||
| IPX { $$ = Q_IPX; }
|
||||
| NETBEUI { $$ = Q_NETBEUI; }
|
||||
| RADIO { $$ = Q_RADIO; }
|
||||
;
|
||||
other: pqual TK_BROADCAST { $$ = gen_broadcast($1); }
|
||||
| pqual TK_MULTICAST { $$ = gen_multicast($1); }
|
||||
|
@ -324,7 +504,10 @@ other: pqual TK_BROADCAST { $$ = gen_broadcast($1); }
|
|||
| VLAN { $$ = gen_vlan(-1); }
|
||||
| MPLS pnum { $$ = gen_mpls($2); }
|
||||
| MPLS { $$ = gen_mpls(-1); }
|
||||
| PPPOED { $$ = gen_pppoed(); }
|
||||
| PPPOES { $$ = gen_pppoes(); }
|
||||
| pfvar { $$ = $1; }
|
||||
| pqual p80211 { $$ = $2; }
|
||||
;
|
||||
|
||||
pfvar: PF_IFNAME ID { $$ = gen_pf_ifname($2); }
|
||||
|
@ -335,31 +518,86 @@ pfvar: PF_IFNAME ID { $$ = gen_pf_ifname($2); }
|
|||
| PF_ACTION action { $$ = gen_pf_action($2); }
|
||||
;
|
||||
|
||||
reason: NUM { $$ = $1; }
|
||||
| ID { const char *reasons[] = PFRES_NAMES;
|
||||
int i;
|
||||
for (i = 0; reasons[i]; i++) {
|
||||
if (pcap_strcasecmp($1, reasons[i]) == 0) {
|
||||
$$ = i;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (reasons[i] == NULL)
|
||||
bpf_error("unknown PF reason");
|
||||
p80211: TYPE type SUBTYPE subtype
|
||||
{ $$ = gen_p80211_type($2 | $4,
|
||||
IEEE80211_FC0_TYPE_MASK |
|
||||
IEEE80211_FC0_SUBTYPE_MASK);
|
||||
}
|
||||
| TYPE type { $$ = gen_p80211_type($2,
|
||||
IEEE80211_FC0_TYPE_MASK);
|
||||
}
|
||||
| SUBTYPE type_subtype { $$ = gen_p80211_type($2,
|
||||
IEEE80211_FC0_TYPE_MASK |
|
||||
IEEE80211_FC0_SUBTYPE_MASK);
|
||||
}
|
||||
| DIR dir { $$ = gen_p80211_fcdir($2); }
|
||||
;
|
||||
|
||||
type: NUM
|
||||
| ID { $$ = str2tok($1, ieee80211_types);
|
||||
if ($$ == -1)
|
||||
bpf_error("unknown 802.11 type name");
|
||||
}
|
||||
;
|
||||
|
||||
action: ID { if (pcap_strcasecmp($1, "pass") == 0 ||
|
||||
pcap_strcasecmp($1, "accept") == 0)
|
||||
$$ = PF_PASS;
|
||||
else if (pcap_strcasecmp($1, "drop") == 0 ||
|
||||
pcap_strcasecmp($1, "block") == 0)
|
||||
$$ = PF_DROP;
|
||||
else
|
||||
bpf_error("unknown PF action");
|
||||
subtype: NUM
|
||||
| ID { const struct tok *types = NULL;
|
||||
int i;
|
||||
for (i = 0;; i++) {
|
||||
if (ieee80211_type_subtypes[i].tok == NULL) {
|
||||
/* Ran out of types */
|
||||
bpf_error("unknown 802.11 type");
|
||||
break;
|
||||
}
|
||||
if ($<i>-1 == ieee80211_type_subtypes[i].type) {
|
||||
types = ieee80211_type_subtypes[i].tok;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
$$ = str2tok($1, types);
|
||||
if ($$ == -1)
|
||||
bpf_error("unknown 802.11 subtype name");
|
||||
}
|
||||
;
|
||||
|
||||
type_subtype: ID { int i;
|
||||
for (i = 0;; i++) {
|
||||
if (ieee80211_type_subtypes[i].tok == NULL) {
|
||||
/* Ran out of types */
|
||||
bpf_error("unknown 802.11 type name");
|
||||
break;
|
||||
}
|
||||
$$ = str2tok($1, ieee80211_type_subtypes[i].tok);
|
||||
if ($$ != -1) {
|
||||
$$ |= ieee80211_type_subtypes[i].type;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
;
|
||||
|
||||
dir: NUM
|
||||
| ID { if (pcap_strcasecmp($1, "nods") == 0)
|
||||
$$ = IEEE80211_FC1_DIR_NODS;
|
||||
else if (pcap_strcasecmp($1, "tods") == 0)
|
||||
$$ = IEEE80211_FC1_DIR_TODS;
|
||||
else if (pcap_strcasecmp($1, "fromds") == 0)
|
||||
$$ = IEEE80211_FC1_DIR_FROMDS;
|
||||
else if (pcap_strcasecmp($1, "dstods") == 0)
|
||||
$$ = IEEE80211_FC1_DIR_DSTODS;
|
||||
else
|
||||
bpf_error("unknown 802.11 direction");
|
||||
}
|
||||
;
|
||||
|
||||
reason: NUM { $$ = $1; }
|
||||
| ID { $$ = pfreason_to_num($1); }
|
||||
;
|
||||
|
||||
action: ID { $$ = pfaction_to_num($1); }
|
||||
;
|
||||
|
||||
relop: '>' { $$ = BPF_JGT; }
|
||||
| GEQ { $$ = BPF_JGE; }
|
||||
| '=' { $$ = BPF_JEQ; }
|
||||
|
@ -413,18 +651,46 @@ atmfield: VPI { $$.atmfieldtype = A_VPI; }
|
|||
| VCI { $$.atmfieldtype = A_VCI; }
|
||||
;
|
||||
atmvalue: atmfieldvalue
|
||||
| relop NUM { $$.b = gen_atmfield_code($<blk>0.atmfieldtype, (u_int)$2, (u_int)$1, 0); }
|
||||
| irelop NUM { $$.b = gen_atmfield_code($<blk>0.atmfieldtype, (u_int)$2, (u_int)$1, 1); }
|
||||
| relop NUM { $$.b = gen_atmfield_code($<blk>0.atmfieldtype, (bpf_int32)$2, (bpf_u_int32)$1, 0); }
|
||||
| irelop NUM { $$.b = gen_atmfield_code($<blk>0.atmfieldtype, (bpf_int32)$2, (bpf_u_int32)$1, 1); }
|
||||
| paren atmlistvalue ')' { $$.b = $2.b; $$.q = qerr; }
|
||||
;
|
||||
atmfieldvalue: NUM {
|
||||
$$.atmfieldtype = $<blk>0.atmfieldtype;
|
||||
if ($$.atmfieldtype == A_VPI ||
|
||||
$$.atmfieldtype == A_VCI)
|
||||
$$.b = gen_atmfield_code($$.atmfieldtype, (u_int) $1, BPF_JEQ, 0);
|
||||
$$.b = gen_atmfield_code($$.atmfieldtype, (bpf_int32) $1, BPF_JEQ, 0);
|
||||
}
|
||||
;
|
||||
atmlistvalue: atmfieldvalue
|
||||
| atmlistvalue or atmfieldvalue { gen_or($1.b, $3.b); $$ = $3; }
|
||||
;
|
||||
/* MTP2 types quantifier */
|
||||
mtp2type: FISU { $$ = M_FISU; }
|
||||
| LSSU { $$ = M_LSSU; }
|
||||
| MSU { $$ = M_MSU; }
|
||||
;
|
||||
/* MTP3 field types quantifier */
|
||||
mtp3field: SIO { $$.mtp3fieldtype = M_SIO; }
|
||||
| OPC { $$.mtp3fieldtype = M_OPC; }
|
||||
| DPC { $$.mtp3fieldtype = M_DPC; }
|
||||
| SLS { $$.mtp3fieldtype = M_SLS; }
|
||||
;
|
||||
mtp3value: mtp3fieldvalue
|
||||
| relop NUM { $$.b = gen_mtp3field_code($<blk>0.mtp3fieldtype, (u_int)$2, (u_int)$1, 0); }
|
||||
| irelop NUM { $$.b = gen_mtp3field_code($<blk>0.mtp3fieldtype, (u_int)$2, (u_int)$1, 1); }
|
||||
| paren mtp3listvalue ')' { $$.b = $2.b; $$.q = qerr; }
|
||||
;
|
||||
mtp3fieldvalue: NUM {
|
||||
$$.mtp3fieldtype = $<blk>0.mtp3fieldtype;
|
||||
if ($$.mtp3fieldtype == M_SIO ||
|
||||
$$.mtp3fieldtype == M_OPC ||
|
||||
$$.mtp3fieldtype == M_DPC ||
|
||||
$$.mtp3fieldtype == M_SLS )
|
||||
$$.b = gen_mtp3field_code($$.mtp3fieldtype, (u_int) $1, BPF_JEQ, 0);
|
||||
}
|
||||
;
|
||||
mtp3listvalue: mtp3fieldvalue
|
||||
| mtp3listvalue or mtp3fieldvalue { gen_or($1.b, $3.b); $$ = $3; }
|
||||
;
|
||||
%%
|
||||
|
|
|
@ -0,0 +1,146 @@
|
|||
/*-
|
||||
* Copyright (c) 2001 Atsushi Onoe
|
||||
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote products
|
||||
* derived from this software without specific prior written permission.
|
||||
*
|
||||
* Alternatively, this software may be distributed under the terms of the
|
||||
* GNU General Public License ("GPL") version 2 as published by the Free
|
||||
* Software Foundation.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
||||
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
||||
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||||
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $FreeBSD: src/sys/net80211/ieee80211.h,v 1.10 2005/07/22 16:55:27 sam Exp $
|
||||
*/
|
||||
#ifndef _NET80211_IEEE80211_H_
|
||||
#define _NET80211_IEEE80211_H_
|
||||
|
||||
/*
|
||||
* 802.11 protocol definitions.
|
||||
*/
|
||||
|
||||
#define IEEE80211_FC0_VERSION_MASK 0x03
|
||||
#define IEEE80211_FC0_VERSION_SHIFT 0
|
||||
#define IEEE80211_FC0_VERSION_0 0x00
|
||||
#define IEEE80211_FC0_TYPE_MASK 0x0c
|
||||
#define IEEE80211_FC0_TYPE_SHIFT 2
|
||||
#define IEEE80211_FC0_TYPE_MGT 0x00
|
||||
#define IEEE80211_FC0_TYPE_CTL 0x04
|
||||
#define IEEE80211_FC0_TYPE_DATA 0x08
|
||||
|
||||
#define IEEE80211_FC0_SUBTYPE_MASK 0xf0
|
||||
#define IEEE80211_FC0_SUBTYPE_SHIFT 4
|
||||
/* for TYPE_MGT */
|
||||
#define IEEE80211_FC0_SUBTYPE_ASSOC_REQ 0x00
|
||||
#define IEEE80211_FC0_SUBTYPE_ASSOC_RESP 0x10
|
||||
#define IEEE80211_FC0_SUBTYPE_REASSOC_REQ 0x20
|
||||
#define IEEE80211_FC0_SUBTYPE_REASSOC_RESP 0x30
|
||||
#define IEEE80211_FC0_SUBTYPE_PROBE_REQ 0x40
|
||||
#define IEEE80211_FC0_SUBTYPE_PROBE_RESP 0x50
|
||||
#define IEEE80211_FC0_SUBTYPE_BEACON 0x80
|
||||
#define IEEE80211_FC0_SUBTYPE_ATIM 0x90
|
||||
#define IEEE80211_FC0_SUBTYPE_DISASSOC 0xa0
|
||||
#define IEEE80211_FC0_SUBTYPE_AUTH 0xb0
|
||||
#define IEEE80211_FC0_SUBTYPE_DEAUTH 0xc0
|
||||
/* for TYPE_CTL */
|
||||
#define IEEE80211_FC0_SUBTYPE_PS_POLL 0xa0
|
||||
#define IEEE80211_FC0_SUBTYPE_RTS 0xb0
|
||||
#define IEEE80211_FC0_SUBTYPE_CTS 0xc0
|
||||
#define IEEE80211_FC0_SUBTYPE_ACK 0xd0
|
||||
#define IEEE80211_FC0_SUBTYPE_CF_END 0xe0
|
||||
#define IEEE80211_FC0_SUBTYPE_CF_END_ACK 0xf0
|
||||
/* for TYPE_DATA (bit combination) */
|
||||
#define IEEE80211_FC0_SUBTYPE_DATA 0x00
|
||||
#define IEEE80211_FC0_SUBTYPE_CF_ACK 0x10
|
||||
#define IEEE80211_FC0_SUBTYPE_CF_POLL 0x20
|
||||
#define IEEE80211_FC0_SUBTYPE_CF_ACPL 0x30
|
||||
#define IEEE80211_FC0_SUBTYPE_NODATA 0x40
|
||||
#define IEEE80211_FC0_SUBTYPE_NODATA_CF_ACK 0x50
|
||||
#define IEEE80211_FC0_SUBTYPE_NODATA_CF_POLL 0x60
|
||||
#define IEEE80211_FC0_SUBTYPE_NODATA_CF_ACPL 0x70
|
||||
#define IEEE80211_FC0_SUBTYPE_QOS 0x80
|
||||
#define IEEE80211_FC0_SUBTYPE_QOS_NULL 0xc0
|
||||
|
||||
#define IEEE80211_FC1_DIR_MASK 0x03
|
||||
#define IEEE80211_FC1_DIR_NODS 0x00 /* STA->STA */
|
||||
#define IEEE80211_FC1_DIR_TODS 0x01 /* STA->AP */
|
||||
#define IEEE80211_FC1_DIR_FROMDS 0x02 /* AP ->STA */
|
||||
#define IEEE80211_FC1_DIR_DSTODS 0x03 /* AP ->AP */
|
||||
|
||||
#define IEEE80211_FC1_MORE_FRAG 0x04
|
||||
#define IEEE80211_FC1_RETRY 0x08
|
||||
#define IEEE80211_FC1_PWR_MGT 0x10
|
||||
#define IEEE80211_FC1_MORE_DATA 0x20
|
||||
#define IEEE80211_FC1_WEP 0x40
|
||||
#define IEEE80211_FC1_ORDER 0x80
|
||||
|
||||
#define IEEE80211_SEQ_FRAG_MASK 0x000f
|
||||
#define IEEE80211_SEQ_FRAG_SHIFT 0
|
||||
#define IEEE80211_SEQ_SEQ_MASK 0xfff0
|
||||
#define IEEE80211_SEQ_SEQ_SHIFT 4
|
||||
|
||||
#define IEEE80211_NWID_LEN 32
|
||||
|
||||
#define IEEE80211_QOS_TXOP 0x00ff
|
||||
/* bit 8 is reserved */
|
||||
#define IEEE80211_QOS_ACKPOLICY 0x60
|
||||
#define IEEE80211_QOS_ACKPOLICY_S 5
|
||||
#define IEEE80211_QOS_ESOP 0x10
|
||||
#define IEEE80211_QOS_ESOP_S 4
|
||||
#define IEEE80211_QOS_TID 0x0f
|
||||
|
||||
#define IEEE80211_MGT_SUBTYPE_NAMES { \
|
||||
"assoc-req", "assoc-resp", \
|
||||
"reassoc-req", "reassoc-resp", \
|
||||
"probe-req", "probe-resp", \
|
||||
"reserved#6", "reserved#7", \
|
||||
"beacon", "atim", \
|
||||
"disassoc", "auth", \
|
||||
"deauth", "reserved#13", \
|
||||
"reserved#14", "reserved#15" \
|
||||
}
|
||||
|
||||
#define IEEE80211_CTL_SUBTYPE_NAMES { \
|
||||
"reserved#0", "reserved#1", \
|
||||
"reserved#2", "reserved#3", \
|
||||
"reserved#3", "reserved#5", \
|
||||
"reserved#6", "reserved#7", \
|
||||
"reserved#8", "reserved#9", \
|
||||
"ps-poll", "rts", \
|
||||
"cts", "ack", \
|
||||
"cf-end", "cf-end-ack" \
|
||||
}
|
||||
|
||||
#define IEEE80211_DATA_SUBTYPE_NAMES { \
|
||||
"data", "data-cf-ack", \
|
||||
"data-cf-poll", "data-cf-ack-poll", \
|
||||
"null", "cf-ack", \
|
||||
"cf-poll", "cf-ack-poll", \
|
||||
"qos-data", "qos-data-cf-ack", \
|
||||
"qos-data-cf-poll", "qos-data-cf-ack-poll", \
|
||||
"qos", "reserved#13", \
|
||||
"qos-cf-poll", "qos-cf-ack-poll" \
|
||||
}
|
||||
|
||||
#define IEEE80211_TYPE_NAMES { "mgt", "ctl", "data", "reserved#4" }
|
||||
|
||||
#endif /* _NET80211_IEEE80211_H_ */
|
280
inet.c
280
inet.c
|
@ -34,7 +34,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/inet.c,v 1.66 2005-02-10 19:38:06 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/inet.c,v 1.79 2008-04-20 18:19:02 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -134,28 +134,6 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
|
|||
pcap_if_t *curdev, *prevdev, *nextdev;
|
||||
int this_instance;
|
||||
|
||||
/*
|
||||
* Can we open this interface for live capture?
|
||||
*
|
||||
* We do this check so that interfaces that ae supplied
|
||||
* by the interface enumeration mechanism we're using
|
||||
* but that don't support packet capture aren't included
|
||||
* in the list. An example of this is loopback interfaces
|
||||
* on Solaris; we don't just omit loopback interfaces
|
||||
* becaue you *can* capture on loopback interfaces on some
|
||||
* OSes.
|
||||
*/
|
||||
p = pcap_open_live(name, 68, 0, 0, errbuf);
|
||||
if (p == NULL) {
|
||||
/*
|
||||
* No. Don't bother including it.
|
||||
* Don't treat this as an error, though.
|
||||
*/
|
||||
*curdev_ret = NULL;
|
||||
return (0);
|
||||
}
|
||||
pcap_close(p);
|
||||
|
||||
/*
|
||||
* Is there already an entry in the list for this interface?
|
||||
*/
|
||||
|
@ -163,9 +141,74 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
|
|||
if (strcmp(name, curdev->name) == 0)
|
||||
break; /* yes, we found it */
|
||||
}
|
||||
|
||||
if (curdev == NULL) {
|
||||
/*
|
||||
* No, we didn't find it.
|
||||
*
|
||||
* Can we open this interface for live capture?
|
||||
*
|
||||
* We do this check so that interfaces that are
|
||||
* supplied by the interface enumeration mechanism
|
||||
* we're using but that don't support packet capture
|
||||
* aren't included in the list. Loopback interfaces
|
||||
* on Solaris are an example of this; we don't just
|
||||
* omit loopback interfaces on all platforms because
|
||||
* you *can* capture on loopback interfaces on some
|
||||
* OSes.
|
||||
*
|
||||
* On OS X, we don't do this check if the device
|
||||
* name begins with "wlt"; at least some versions
|
||||
* of OS X offer monitor mode capturing by having
|
||||
* a separate "monitor mode" device for each wireless
|
||||
* adapter, rather than by implementing the ioctls
|
||||
* that {Free,Net,Open,DragonFly}BSD provide.
|
||||
* Opening that device puts the adapter into monitor
|
||||
* mode, which, at least for some adapters, causes
|
||||
* them to deassociate from the network with which
|
||||
* they're associated.
|
||||
*
|
||||
* Instead, we try to open the corresponding "en"
|
||||
* device (so that we don't end up with, for users
|
||||
* without sufficient privilege to open capture
|
||||
* devices, a list of adapters that only includes
|
||||
* the wlt devices).
|
||||
*/
|
||||
#ifdef __APPLE__
|
||||
if (strncmp(name, "wlt", 3) == 0) {
|
||||
char *en_name;
|
||||
size_t en_name_len;
|
||||
|
||||
/*
|
||||
* Try to allocate a buffer for the "en"
|
||||
* device's name.
|
||||
*/
|
||||
en_name_len = strlen(name) - 1;
|
||||
en_name = malloc(en_name_len + 1);
|
||||
if (en_name == NULL) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
strcpy(en_name, "en");
|
||||
strcat(en_name, name + 3);
|
||||
p = pcap_open_live(en_name, 68, 0, 0, errbuf);
|
||||
free(en_name);
|
||||
} else
|
||||
#endif /* __APPLE */
|
||||
p = pcap_open_live(name, 68, 0, 0, errbuf);
|
||||
if (p == NULL) {
|
||||
/*
|
||||
* No. Don't bother including it.
|
||||
* Don't treat this as an error, though.
|
||||
*/
|
||||
*curdev_ret = NULL;
|
||||
return (0);
|
||||
}
|
||||
pcap_close(p);
|
||||
|
||||
/*
|
||||
* Yes, we can open it.
|
||||
* Allocate a new entry.
|
||||
*/
|
||||
curdev = malloc(sizeof(pcap_if_t));
|
||||
|
@ -179,14 +222,25 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
|
|||
* Fill in the entry.
|
||||
*/
|
||||
curdev->next = NULL;
|
||||
curdev->name = malloc(strlen(name) + 1);
|
||||
strcpy(curdev->name, name);
|
||||
curdev->name = strdup(name);
|
||||
if (curdev->name == NULL) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
free(curdev);
|
||||
return (-1);
|
||||
}
|
||||
if (description != NULL) {
|
||||
/*
|
||||
* We have a description for this interface.
|
||||
*/
|
||||
curdev->description = malloc(strlen(description) + 1);
|
||||
strcpy(curdev->description, description);
|
||||
curdev->description = strdup(description);
|
||||
if (curdev->description == NULL) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
free(curdev->name);
|
||||
free(curdev);
|
||||
return (-1);
|
||||
}
|
||||
} else {
|
||||
/*
|
||||
* We don't.
|
||||
|
@ -302,6 +356,52 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
|
|||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
* XXX - on FreeBSDs that support it, should it get the sysctl named
|
||||
* "dev.{adapter family name}.{adapter unit}.%desc" to get a description
|
||||
* of the adapter? Note that "dev.an.0.%desc" is "Aironet PC4500/PC4800"
|
||||
* with my Cisco 350 card, so the name isn't entirely descriptive. The
|
||||
* "dev.an.0.%pnpinfo" has a better description, although one might argue
|
||||
* that the problem is really a driver bug - if it can find out that it's
|
||||
* a Cisco 340 or 350, rather than an old Aironet card, it should use
|
||||
* that in the description.
|
||||
*
|
||||
* Do NetBSD, DragonflyBSD, or OpenBSD support this as well? FreeBSD
|
||||
* and OpenBSD let you get a description, but it's not generated by the OS,
|
||||
* it's set with another ioctl that ifconfig supports; we use that to get
|
||||
* a description in FreeBSD and OpenBSD, but if there is no such
|
||||
* description available, it still might be nice to get some description
|
||||
* string based on the device type or something such as that.
|
||||
*
|
||||
* In OS X, the System Configuration framework can apparently return
|
||||
* names in 10.4 and later.
|
||||
*
|
||||
* It also appears that freedesktop.org's HAL offers an "info.product"
|
||||
* string, but the HAL specification says it "should not be used in any
|
||||
* UI" and "subsystem/capability specific properties" should be used
|
||||
* instead and, in any case, I think HAL is being deprecated in
|
||||
* favor of other stuff such as DeviceKit. DeviceKit doesn't appear
|
||||
* to have any obvious product information for devices, but maybe
|
||||
* I haven't looked hard enough.
|
||||
*
|
||||
* Using the System Configuration framework, or HAL, or DeviceKit, or
|
||||
* whatever, would require that libpcap applications be linked with
|
||||
* the frameworks/libraries in question. That shouldn't be a problem
|
||||
* for programs linking with the shared version of libpcap (unless
|
||||
* you're running on AIX - which I think is the only UN*X that doesn't
|
||||
* support linking a shared library with other libraries on which it
|
||||
* depends, and having an executable linked only with the first shared
|
||||
* library automatically pick up the other libraries when started -
|
||||
* and using HAL or whatever). Programs linked with the static
|
||||
* version of libpcap would have to use pcap-config with the --static
|
||||
* flag in order to get the right linker flags in order to pick up
|
||||
* the additional libraries/frameworks; those programs need that anyway
|
||||
* for libpcap 1.1 and beyond on Linux, as, by default, it requires
|
||||
* -lnl.
|
||||
*
|
||||
* Do any other UN*Xes, or desktop environments support getting a
|
||||
* description?
|
||||
*/
|
||||
int
|
||||
add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
|
||||
struct sockaddr *addr, size_t addr_size,
|
||||
|
@ -311,14 +411,91 @@ add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
|
|||
char *errbuf)
|
||||
{
|
||||
pcap_if_t *curdev;
|
||||
char *description = NULL;
|
||||
pcap_addr_t *curaddr, *prevaddr, *nextaddr;
|
||||
#ifdef SIOCGIFDESCR
|
||||
int s;
|
||||
struct ifreq ifrdesc;
|
||||
#ifndef IFDESCRSIZE
|
||||
size_t descrlen = 64;
|
||||
#else
|
||||
size_t descrlen = IFDESCRSIZE;
|
||||
#endif /* IFDESCRSIZE */
|
||||
#endif /* SIOCGIFDESCR */
|
||||
|
||||
if (add_or_find_if(&curdev, alldevs, name, flags, NULL, errbuf) == -1) {
|
||||
#ifdef SIOCGIFDESCR
|
||||
/*
|
||||
* Get the description for the interface.
|
||||
*/
|
||||
memset(&ifrdesc, 0, sizeof ifrdesc);
|
||||
strlcpy(ifrdesc.ifr_name, name, sizeof ifrdesc.ifr_name);
|
||||
s = socket(AF_INET, SOCK_DGRAM, 0);
|
||||
if (s >= 0) {
|
||||
#ifdef __FreeBSD__
|
||||
/*
|
||||
* On FreeBSD, if the buffer isn't big enough for the
|
||||
* description, the ioctl succeeds, but the description
|
||||
* isn't copied, ifr_buffer.length is set to the description
|
||||
* length, and ifr_buffer.buffer is set to NULL.
|
||||
*/
|
||||
for (;;) {
|
||||
free(description);
|
||||
if ((description = malloc(descrlen)) != NULL) {
|
||||
ifrdesc.ifr_buffer.buffer = description;
|
||||
ifrdesc.ifr_buffer.length = descrlen;
|
||||
if (ioctl(s, SIOCGIFDESCR, &ifrdesc) == 0) {
|
||||
if (ifrdesc.ifr_buffer.buffer ==
|
||||
description)
|
||||
break;
|
||||
else
|
||||
descrlen = ifrdesc.ifr_buffer.length;
|
||||
} else {
|
||||
/*
|
||||
* Failed to get interface description.
|
||||
*/
|
||||
free(description);
|
||||
description = NULL;
|
||||
break;
|
||||
}
|
||||
} else
|
||||
break;
|
||||
}
|
||||
#else /* __FreeBSD__ */
|
||||
/*
|
||||
* The only other OS that currently supports
|
||||
* SIOCGIFDESCR is OpenBSD, and it has no way
|
||||
* to get the description length - it's clamped
|
||||
* to a maximum of IFDESCRSIZE.
|
||||
*/
|
||||
if ((description = malloc(descrlen)) != NULL) {
|
||||
ifrdesc.ifr_data = (caddr_t)description;
|
||||
if (ioctl(s, SIOCGIFDESCR, &ifrdesc) != 0) {
|
||||
/*
|
||||
* Failed to get interface description.
|
||||
*/
|
||||
free(description);
|
||||
description = NULL;
|
||||
}
|
||||
} else
|
||||
break;
|
||||
#endif /* __FreeBSD__ */
|
||||
close(s);
|
||||
if (description != NULL && strlen(description) == 0) {
|
||||
free(description);
|
||||
description = NULL;
|
||||
}
|
||||
}
|
||||
#endif /* SIOCGIFDESCR */
|
||||
|
||||
if (add_or_find_if(&curdev, alldevs, name, flags, description,
|
||||
errbuf) == -1) {
|
||||
free(description);
|
||||
/*
|
||||
* Error - give up.
|
||||
*/
|
||||
return (-1);
|
||||
}
|
||||
free(description);
|
||||
if (curdev == NULL) {
|
||||
/*
|
||||
* Device wasn't added because it can't be opened.
|
||||
|
@ -357,6 +534,8 @@ add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
|
|||
if (curaddr->netmask == NULL) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
if (curaddr->addr != NULL)
|
||||
free(curaddr->addr);
|
||||
free(curaddr);
|
||||
return (-1);
|
||||
}
|
||||
|
@ -368,6 +547,10 @@ add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
|
|||
if (curaddr->broadaddr == NULL) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
if (curaddr->netmask != NULL)
|
||||
free(curaddr->netmask);
|
||||
if (curaddr->addr != NULL)
|
||||
free(curaddr->addr);
|
||||
free(curaddr);
|
||||
return (-1);
|
||||
}
|
||||
|
@ -379,6 +562,12 @@ add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
|
|||
if (curaddr->dstaddr == NULL) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
if (curaddr->broadaddr != NULL)
|
||||
free(curaddr->broadaddr);
|
||||
if (curaddr->netmask != NULL)
|
||||
free(curaddr->netmask);
|
||||
if (curaddr->addr != NULL)
|
||||
free(curaddr->addr);
|
||||
free(curaddr);
|
||||
return (-1);
|
||||
}
|
||||
|
@ -527,7 +716,7 @@ pcap_lookupnet(device, netp, maskp, errbuf)
|
|||
register char *errbuf;
|
||||
{
|
||||
register int fd;
|
||||
register struct sockaddr_in *sin;
|
||||
register struct sockaddr_in *sin4;
|
||||
struct ifreq ifr;
|
||||
|
||||
/*
|
||||
|
@ -538,6 +727,21 @@ pcap_lookupnet(device, netp, maskp, errbuf)
|
|||
if (!device || strcmp(device, "any") == 0
|
||||
#ifdef HAVE_DAG_API
|
||||
|| strstr(device, "dag") != NULL
|
||||
#endif
|
||||
#ifdef HAVE_SEPTEL_API
|
||||
|| strstr(device, "septel") != NULL
|
||||
#endif
|
||||
#ifdef PCAP_SUPPORT_BT
|
||||
|| strstr(device, "bluetooth") != NULL
|
||||
#endif
|
||||
#ifdef PCAP_SUPPORT_USB
|
||||
|| strstr(device, "usbmon") != NULL
|
||||
#endif
|
||||
#ifdef HAVE_SNF_API
|
||||
|| strstr(device, "snf") != NULL
|
||||
#endif
|
||||
#ifdef PCAP_SUPPORT_DECT
|
||||
|| strstr(device, "dect") != NULL
|
||||
#endif
|
||||
) {
|
||||
*netp = *maskp = 0;
|
||||
|
@ -568,8 +772,14 @@ pcap_lookupnet(device, netp, maskp, errbuf)
|
|||
(void)close(fd);
|
||||
return (-1);
|
||||
}
|
||||
sin = (struct sockaddr_in *)&ifr.ifr_addr;
|
||||
*netp = sin->sin_addr.s_addr;
|
||||
sin4 = (struct sockaddr_in *)&ifr.ifr_addr;
|
||||
*netp = sin4->sin_addr.s_addr;
|
||||
memset(&ifr, 0, sizeof(ifr));
|
||||
#ifdef linux
|
||||
/* XXX Work around Linux kernel bug */
|
||||
ifr.ifr_addr.sa_family = AF_INET;
|
||||
#endif
|
||||
(void)strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
|
||||
if (ioctl(fd, SIOCGIFNETMASK, (char *)&ifr) < 0) {
|
||||
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"SIOCGIFNETMASK: %s: %s", device, pcap_strerror(errno));
|
||||
|
@ -577,7 +787,7 @@ pcap_lookupnet(device, netp, maskp, errbuf)
|
|||
return (-1);
|
||||
}
|
||||
(void)close(fd);
|
||||
*maskp = sin->sin_addr.s_addr;
|
||||
*maskp = sin4->sin_addr.s_addr;
|
||||
if (*maskp == 0) {
|
||||
if (IN_CLASSA(*netp))
|
||||
*maskp = IN_CLASSA_NET;
|
||||
|
@ -671,8 +881,10 @@ pcap_lookupdev(errbuf)
|
|||
*/
|
||||
while(NAdapts--)
|
||||
{
|
||||
strcpy((char*)tUstr, tAstr);
|
||||
(char*)tUstr += strlen(tAstr) + 1;;
|
||||
char* tmp = (char*)tUstr;
|
||||
strcpy(tmp, tAstr);
|
||||
tmp += strlen(tAstr) + 1;
|
||||
tUstr = (WCHAR*)tmp;
|
||||
tAstr += strlen(tAstr) + 1;
|
||||
}
|
||||
|
||||
|
|
2
mkdep
2
mkdep
|
@ -13,7 +13,7 @@
|
|||
# @(#)mkdep.sh 5.11 (Berkeley) 5/5/88
|
||||
#
|
||||
|
||||
PATH=/bin:/usr/bin:/usr/ucb:/usr/local:/usr/local/bin
|
||||
PATH=/bin:/usr/bin:/usr/ucb:/usr/local:/usr/local/bin:/usr/sfw/bin
|
||||
export PATH
|
||||
|
||||
MAKE=Makefile # default makefile name is "Makefile"
|
||||
|
|
|
@ -21,7 +21,6 @@
|
|||
#include <string.h>
|
||||
#include <dos.h>
|
||||
|
||||
#include "gnuc.h"
|
||||
#include "pcap-dos.h"
|
||||
#include "pcap-int.h"
|
||||
#include "msdos/pktdrvr.h"
|
||||
|
@ -61,7 +60,7 @@
|
|||
|
||||
|
||||
#if (DOSX & (DJGPP|DOS4GW))
|
||||
#include <sys/packon.h>
|
||||
#include <sys/pack_on.h>
|
||||
|
||||
struct DPMI_regs {
|
||||
DWORD r_di;
|
||||
|
@ -91,7 +90,7 @@
|
|||
WORD _fanIndex;
|
||||
BYTE _PktReceiver[15]; /* starts on a paragraph (16byte) */
|
||||
} PktRealStub;
|
||||
#include <sys/packoff.h>
|
||||
#include <sys/pack_off.h>
|
||||
|
||||
static BYTE real_stub_array [] = {
|
||||
#include "pkt_stub.inc" /* generated opcode array */
|
||||
|
|
86
nametoaddr.c
86
nametoaddr.c
|
@ -24,13 +24,18 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/nametoaddr.c,v 1.77 2005-03-27 22:26:25 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/nametoaddr.c,v 1.83 2008-02-06 10:21:30 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef DECNETLIB
|
||||
#include <sys/types.h>
|
||||
#include <netdnet/dnetdb.h>
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#include <pcap-stdinc.h>
|
||||
|
||||
|
@ -44,13 +49,6 @@ static const char rcsid[] _U_ =
|
|||
#include <netinet/in.h>
|
||||
#endif /* WIN32 */
|
||||
|
||||
/*
|
||||
* XXX - why was this included even on UNIX?
|
||||
*/
|
||||
#ifdef __MINGW32__
|
||||
#include "IP6_misc.h"
|
||||
#endif
|
||||
|
||||
#ifndef WIN32
|
||||
#ifdef HAVE_ETHER_HOSTTON
|
||||
/*
|
||||
|
@ -74,13 +72,13 @@ struct rtentry; /* declarations in <net/if.h> */
|
|||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <stdlib.h>
|
||||
#include <memory.h>
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#include "pcap-int.h"
|
||||
|
||||
#include "gencode.h"
|
||||
#include <pcap-namedb.h>
|
||||
#include <pcap/namedb.h>
|
||||
|
||||
#ifdef HAVE_OS_PROTO_H
|
||||
#include "os-proto.h"
|
||||
|
@ -216,6 +214,51 @@ pcap_nametoport(const char *name, int *port, int *proto)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Convert a string in the form PPP-PPP, where correspond to ports, to
|
||||
* a starting and ending port in a port range.
|
||||
* Return 0 on failure.
|
||||
*/
|
||||
int
|
||||
pcap_nametoportrange(const char *name, int *port1, int *port2, int *proto)
|
||||
{
|
||||
u_int p1, p2;
|
||||
char *off, *cpy;
|
||||
int save_proto;
|
||||
|
||||
if (sscanf(name, "%d-%d", &p1, &p2) != 2) {
|
||||
if ((cpy = strdup(name)) == NULL)
|
||||
return 0;
|
||||
|
||||
if ((off = strchr(cpy, '-')) == NULL) {
|
||||
free(cpy);
|
||||
return 0;
|
||||
}
|
||||
|
||||
*off = '\0';
|
||||
|
||||
if (pcap_nametoport(cpy, port1, proto) == 0) {
|
||||
free(cpy);
|
||||
return 0;
|
||||
}
|
||||
save_proto = *proto;
|
||||
|
||||
if (pcap_nametoport(off + 1, port2, proto) == 0) {
|
||||
free(cpy);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (*proto != save_proto)
|
||||
*proto = PROTO_UNDEF;
|
||||
} else {
|
||||
*port1 = p1;
|
||||
*port2 = p2;
|
||||
*proto = PROTO_UNDEF;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
pcap_nametoproto(const char *str)
|
||||
{
|
||||
|
@ -231,7 +274,7 @@ pcap_nametoproto(const char *str)
|
|||
#include "ethertype.h"
|
||||
|
||||
struct eproto {
|
||||
char *s;
|
||||
const char *s;
|
||||
u_short p;
|
||||
};
|
||||
|
||||
|
@ -343,7 +386,7 @@ __pcap_atodn(const char *s, bpf_u_int32 *addr)
|
|||
|
||||
u_int node, area;
|
||||
|
||||
if (sscanf((char *)s, "%d.%d", &area, &node) != 2)
|
||||
if (sscanf(s, "%d.%d", &area, &node) != 2)
|
||||
bpf_error("malformed decnet address '%s'", s);
|
||||
|
||||
*addr = (area << AREASHIFT) & AREAMASK;
|
||||
|
@ -353,7 +396,15 @@ __pcap_atodn(const char *s, bpf_u_int32 *addr)
|
|||
}
|
||||
|
||||
/*
|
||||
* Convert 's' which has the form "xx:xx:xx:xx:xx:xx" into a new
|
||||
* Convert 's', which can have the one of the forms:
|
||||
*
|
||||
* "xx:xx:xx:xx:xx:xx"
|
||||
* "xx.xx.xx.xx.xx.xx"
|
||||
* "xx-xx-xx-xx-xx-xx"
|
||||
* "xxxx.xxxx.xxxx"
|
||||
* "xxxxxxxxxxxx"
|
||||
*
|
||||
* (or various mixes of ':', '.', and '-') into a new
|
||||
* ethernet address. Assumes 's' is well formed.
|
||||
*/
|
||||
u_char *
|
||||
|
@ -365,7 +416,7 @@ pcap_ether_aton(const char *s)
|
|||
e = ep = (u_char *)malloc(6);
|
||||
|
||||
while (*s) {
|
||||
if (*s == ':')
|
||||
if (*s == ':' || *s == '.' || *s == '-')
|
||||
s += 1;
|
||||
d = xdtoi(*s++);
|
||||
if (isxdigit((unsigned char)*s)) {
|
||||
|
@ -413,6 +464,11 @@ pcap_ether_hostton(const char *name)
|
|||
#else
|
||||
|
||||
#if !defined(HAVE_DECL_ETHER_HOSTTON) || !HAVE_DECL_ETHER_HOSTTON
|
||||
#ifndef HAVE_STRUCT_ETHER_ADDR
|
||||
struct ether_addr {
|
||||
unsigned char ether_addr_octet[6];
|
||||
};
|
||||
#endif
|
||||
extern int ether_hostton(const char *, struct ether_addr *);
|
||||
#endif
|
||||
|
||||
|
@ -424,7 +480,7 @@ pcap_ether_hostton(const char *name)
|
|||
u_char a[6];
|
||||
|
||||
ap = NULL;
|
||||
if (ether_hostton((char *)name, (struct ether_addr *)a) == 0) {
|
||||
if (ether_hostton(name, (struct ether_addr *)a) == 0) {
|
||||
ap = (u_char *)malloc(6);
|
||||
if (ap != NULL)
|
||||
memcpy((char *)ap, (char *)a, 6);
|
||||
|
|
78
optimize.c
78
optimize.c
|
@ -22,13 +22,27 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/optimize.c,v 1.85 2005-04-04 08:42:18 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/optimize.c,v 1.91 2008-01-02 04:16:46 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#include <pcap-stdinc.h>
|
||||
#else /* WIN32 */
|
||||
#if HAVE_INTTYPES_H
|
||||
#include <inttypes.h>
|
||||
#elif HAVE_STDINT_H
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
#ifdef HAVE_SYS_BITYPES_H
|
||||
#include <sys/bitypes.h>
|
||||
#endif
|
||||
#include <sys/types.h>
|
||||
#endif /* WIN32 */
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <memory.h>
|
||||
|
@ -53,6 +67,10 @@ extern int _w32_ffs (int mask);
|
|||
#define ffs _w32_ffs
|
||||
#endif
|
||||
|
||||
#if defined(WIN32) && defined (_MSC_VER)
|
||||
int ffs(int mask);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Represents a deleted instruction.
|
||||
*/
|
||||
|
@ -624,7 +642,7 @@ fold_op(s, v0, v1)
|
|||
struct stmt *s;
|
||||
int v0, v1;
|
||||
{
|
||||
bpf_int32 a, b;
|
||||
bpf_u_int32 a, b;
|
||||
|
||||
a = vmap[v0].const_val;
|
||||
b = vmap[v1].const_val;
|
||||
|
@ -905,6 +923,17 @@ opt_peep(b)
|
|||
if (b->s.k == 0xffffffff)
|
||||
JF(b) = JT(b);
|
||||
}
|
||||
/*
|
||||
* If we're comparing against the index register, and the index
|
||||
* register is a known constant, we can just compare against that
|
||||
* constant.
|
||||
*/
|
||||
val = b->val[X_ATOM];
|
||||
if (vmap[val].is_const && BPF_SRC(b->s.code) == BPF_X) {
|
||||
bpf_int32 v = vmap[val].const_val;
|
||||
b->s.code &= ~BPF_X;
|
||||
b->s.k = v;
|
||||
}
|
||||
/*
|
||||
* If the accumulator is a known constant, we can compute the
|
||||
* comparison result.
|
||||
|
@ -1823,9 +1852,9 @@ intern_blocks(root)
|
|||
{
|
||||
struct block *p;
|
||||
int i, j;
|
||||
int done;
|
||||
int done1; /* don't shadow global */
|
||||
top:
|
||||
done = 1;
|
||||
done1 = 1;
|
||||
for (i = 0; i < n_blocks; ++i)
|
||||
blocks[i]->link = 0;
|
||||
|
||||
|
@ -1849,15 +1878,15 @@ intern_blocks(root)
|
|||
if (JT(p) == 0)
|
||||
continue;
|
||||
if (JT(p)->link) {
|
||||
done = 0;
|
||||
done1 = 0;
|
||||
JT(p) = JT(p)->link;
|
||||
}
|
||||
if (JF(p)->link) {
|
||||
done = 0;
|
||||
done1 = 0;
|
||||
JF(p) = JF(p)->link;
|
||||
}
|
||||
}
|
||||
if (!done)
|
||||
if (!done1)
|
||||
goto top;
|
||||
}
|
||||
|
||||
|
@ -1972,7 +2001,7 @@ opt_init(root)
|
|||
*/
|
||||
unMarkAll();
|
||||
n = count_blocks(root);
|
||||
blocks = (struct block **)malloc(n * sizeof(*blocks));
|
||||
blocks = (struct block **)calloc(n, sizeof(*blocks));
|
||||
if (blocks == NULL)
|
||||
bpf_error("malloc");
|
||||
unMarkAll();
|
||||
|
@ -1980,14 +2009,14 @@ opt_init(root)
|
|||
number_blks_r(root);
|
||||
|
||||
n_edges = 2 * n_blocks;
|
||||
edges = (struct edge **)malloc(n_edges * sizeof(*edges));
|
||||
edges = (struct edge **)calloc(n_edges, sizeof(*edges));
|
||||
if (edges == NULL)
|
||||
bpf_error("malloc");
|
||||
|
||||
/*
|
||||
* The number of levels is bounded by the number of nodes.
|
||||
*/
|
||||
levels = (struct block **)malloc(n_blocks * sizeof(*levels));
|
||||
levels = (struct block **)calloc(n_blocks, sizeof(*levels));
|
||||
if (levels == NULL)
|
||||
bpf_error("malloc");
|
||||
|
||||
|
@ -2034,8 +2063,8 @@ opt_init(root)
|
|||
* we'll need.
|
||||
*/
|
||||
maxval = 3 * max_stmts;
|
||||
vmap = (struct vmapinfo *)malloc(maxval * sizeof(*vmap));
|
||||
vnode_base = (struct valnode *)malloc(maxval * sizeof(*vnode_base));
|
||||
vmap = (struct vmapinfo *)calloc(maxval, sizeof(*vmap));
|
||||
vnode_base = (struct valnode *)calloc(maxval, sizeof(*vnode_base));
|
||||
if (vmap == NULL || vnode_base == NULL)
|
||||
bpf_error("malloc");
|
||||
}
|
||||
|
@ -2124,7 +2153,7 @@ convert_code_r(p)
|
|||
{
|
||||
int i;
|
||||
int jt, jf;
|
||||
char *ljerr = "%s for block-local relative jump: off=%d";
|
||||
const char *ljerr = "%s for block-local relative jump: off=%d";
|
||||
|
||||
#if 0
|
||||
printf("code=%x off=%d %x %x\n", src->s.code,
|
||||
|
@ -2216,6 +2245,20 @@ filled:
|
|||
/*
|
||||
* Convert flowgraph intermediate representation to the
|
||||
* BPF array representation. Set *lenp to the number of instructions.
|
||||
*
|
||||
* This routine does *NOT* leak the memory pointed to by fp. It *must
|
||||
* not* do free(fp) before returning fp; doing so would make no sense,
|
||||
* as the BPF array pointed to by the return value of icode_to_fcode()
|
||||
* must be valid - it's being returned for use in a bpf_program structure.
|
||||
*
|
||||
* If it appears that icode_to_fcode() is leaking, the problem is that
|
||||
* the program using pcap_compile() is failing to free the memory in
|
||||
* the BPF program when it's done - the leak is in the program, not in
|
||||
* the routine that happens to be allocating the memory. (By analogy, if
|
||||
* a program calls fopen() without ever calling fclose() on the FILE *,
|
||||
* it will leak the FILE structure; the leak is not in fopen(), it's in
|
||||
* the program.) Change the program to use pcap_freecode() when it's
|
||||
* done with the filter program. See the pcap man page.
|
||||
*/
|
||||
struct bpf_insn *
|
||||
icode_to_fcode(root, lenp)
|
||||
|
@ -2262,6 +2305,15 @@ install_bpf_program(pcap_t *p, struct bpf_program *fp)
|
|||
{
|
||||
size_t prog_size;
|
||||
|
||||
/*
|
||||
* Validate the program.
|
||||
*/
|
||||
if (!bpf_validate(fp->bf_insns, fp->bf_len)) {
|
||||
snprintf(p->errbuf, sizeof(p->errbuf),
|
||||
"BPF program is not valid");
|
||||
return (-1);
|
||||
}
|
||||
|
||||
/*
|
||||
* Free up any already installed program.
|
||||
*/
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||
<plist version="1.0">
|
||||
<dict>
|
||||
<key>Label</key>
|
||||
<string>org.tcpdump.chmod_bpf</string>
|
||||
<key>RunAtLoad</key>
|
||||
<true/>
|
||||
<key>Program</key>
|
||||
<string>/usr/local/bin/chmod_bpf</string>
|
||||
<key>ProgramArguments</key>
|
||||
<array>
|
||||
<string>/usr/local/bin/chmod_bpf</string>
|
||||
</array>
|
||||
</dict>
|
||||
</plist>
|
|
@ -1,65 +0,0 @@
|
|||
%define prefix /usr
|
||||
%define version 0.9
|
||||
|
||||
Summary: packet capture library
|
||||
Name: libpcap
|
||||
Version: %version
|
||||
Release: 1
|
||||
Group: Development/Libraries
|
||||
Copyright: BSD
|
||||
Source: libpcap-0.9-PRE-CVS.tar.gz
|
||||
BuildRoot: /tmp/%{name}-buildroot
|
||||
URL: http://www.tcpdump.org
|
||||
|
||||
%description
|
||||
Packet-capture library LIBPCAP 0.9
|
||||
Now maintained by "The Tcpdump Group"
|
||||
See http://www.tcpdump.org
|
||||
Please send inquiries/comments/reports to tcpdump-workers@tcpdump.org
|
||||
|
||||
%prep
|
||||
%setup
|
||||
|
||||
%post
|
||||
ldconfig
|
||||
|
||||
%build
|
||||
CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%prefix
|
||||
make
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/{lib,include}
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/share/man
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/include/net
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/man/man3
|
||||
make install DESTDIR=$RPM_BUILD_ROOT mandir=/usr/share/man
|
||||
cd $RPM_BUILD_ROOT/usr/lib
|
||||
V1=`echo 0.9 | sed 's/\\.[^\.]*$//g'`
|
||||
V2=`echo 0.9 | sed 's/\\.[^\.]*\.[^\.]*$//g'`
|
||||
ln -sf libpcap.so.0.9 libpcap.so.$V1
|
||||
if test "$V2" -ne "$V1"; then
|
||||
ln -sf libpcap.so.$V1 libpcap.so.$V2
|
||||
ln -sf libpcap.so.$V2 libpcap.so
|
||||
else
|
||||
ln -sf libpcap.so.$V1 libpcap.so
|
||||
fi
|
||||
|
||||
#install -m 755 -o root libpcap.a $RPM_BUILD_ROOT/usr/lib
|
||||
#install -m 644 -o root pcap.3 $RPM_BUILD_ROOT/usr/man/man3
|
||||
#install -m 644 -o root pcap.h $RPM_BUILD_ROOT/usr/include
|
||||
#install -m 644 -o root pcap-bpf.h $RPM_BUILD_ROOT/usr/include/net
|
||||
#install -m 644 -o root pcap-namedb.h $RPM_BUILD_ROOT/usr/include
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc LICENSE CHANGES INSTALL.txt README.linux TODO VERSION CREDITS packaging/pcap.spec
|
||||
/usr/lib/libpcap.a
|
||||
/usr/share/man/man3/*
|
||||
/usr/include/pcap.h
|
||||
/usr/include/pcap-bpf.h
|
||||
/usr/include/pcap-namedb.h
|
||||
/usr/lib/libpcap.so*
|
|
@ -15,7 +15,7 @@ URL: http://www.tcpdump.org
|
|||
Packet-capture library LIBPCAP @VERSION@
|
||||
Now maintained by "The Tcpdump Group"
|
||||
See http://www.tcpdump.org
|
||||
Please send inquiries/comments/reports to tcpdump-workers@tcpdump.org
|
||||
Please send inquiries/comments/reports to tcpdump-workers@lists.tcpdump.org
|
||||
|
||||
%prep
|
||||
%setup
|
||||
|
@ -29,10 +29,6 @@ make
|
|||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/{lib,include}
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/share/man
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/include/net
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/man/man3
|
||||
make install DESTDIR=$RPM_BUILD_ROOT mandir=/usr/share/man
|
||||
cd $RPM_BUILD_ROOT/usr/lib
|
||||
V1=`echo @VERSION@ | sed 's/\\.[^\.]*$//g'`
|
||||
|
@ -45,12 +41,6 @@ else
|
|||
ln -sf libpcap.so.$V1 libpcap.so
|
||||
fi
|
||||
|
||||
#install -m 755 -o root libpcap.a $RPM_BUILD_ROOT/usr/lib
|
||||
#install -m 644 -o root pcap.3 $RPM_BUILD_ROOT/usr/man/man3
|
||||
#install -m 644 -o root pcap.h $RPM_BUILD_ROOT/usr/include
|
||||
#install -m 644 -o root pcap-bpf.h $RPM_BUILD_ROOT/usr/include/net
|
||||
#install -m 644 -o root pcap-namedb.h $RPM_BUILD_ROOT/usr/include
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
@ -59,7 +49,10 @@ rm -rf $RPM_BUILD_ROOT
|
|||
%doc LICENSE CHANGES INSTALL.txt README.linux TODO VERSION CREDITS packaging/pcap.spec
|
||||
/usr/lib/libpcap.a
|
||||
/usr/share/man/man3/*
|
||||
/usr/share/man/man5/*
|
||||
/usr/share/man/man7/*
|
||||
/usr/include/pcap.h
|
||||
/usr/include/pcap/*.h
|
||||
/usr/include/pcap-bpf.h
|
||||
/usr/include/pcap-namedb.h
|
||||
/usr/lib/libpcap.so*
|
||||
|
|
2158
pcap-bpf.c
2158
pcap-bpf.c
File diff suppressed because it is too large
Load Diff
647
pcap-bpf.h
647
pcap-bpf.h
|
@ -35,644 +35,13 @@
|
|||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#)bpf.h 7.1 (Berkeley) 5/7/91
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.50 2007-04-01 21:43:55 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
/*
|
||||
* For backwards compatibility.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.35 2005-04-07 20:42:45 guy Exp $ (LBL)
|
||||
* Note to OS vendors: do NOT get rid of this file! Some applications
|
||||
* might expect to be able to include <pcap-bpf.h>.
|
||||
*/
|
||||
|
||||
/*
|
||||
* This is libpcap's cut-down version of bpf.h; it includes only
|
||||
* the stuff needed for the code generator and the userland BPF
|
||||
* interpreter, and the libpcap APIs for setting filters, etc..
|
||||
*
|
||||
* "pcap-bpf.c" will include the native OS version, as it deals with
|
||||
* the OS's BPF implementation.
|
||||
*
|
||||
* XXX - should this all just be moved to "pcap.h"?
|
||||
*/
|
||||
|
||||
#ifndef BPF_MAJOR_VERSION
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* BSD style release date */
|
||||
#define BPF_RELEASE 199606
|
||||
|
||||
#ifdef MSDOS /* must be 32-bit */
|
||||
typedef long bpf_int32;
|
||||
typedef unsigned long bpf_u_int32;
|
||||
#else
|
||||
typedef int bpf_int32;
|
||||
typedef u_int bpf_u_int32;
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Alignment macros. BPF_WORDALIGN rounds up to the next
|
||||
* even multiple of BPF_ALIGNMENT.
|
||||
*/
|
||||
#ifndef __NetBSD__
|
||||
#define BPF_ALIGNMENT sizeof(bpf_int32)
|
||||
#else
|
||||
#define BPF_ALIGNMENT sizeof(long)
|
||||
#endif
|
||||
#define BPF_WORDALIGN(x) (((x)+(BPF_ALIGNMENT-1))&~(BPF_ALIGNMENT-1))
|
||||
|
||||
#define BPF_MAXINSNS 512
|
||||
#define BPF_MAXBUFSIZE 0x8000
|
||||
#define BPF_MINBUFSIZE 32
|
||||
|
||||
/*
|
||||
* Structure for "pcap_compile()", "pcap_setfilter()", etc..
|
||||
*/
|
||||
struct bpf_program {
|
||||
u_int bf_len;
|
||||
struct bpf_insn *bf_insns;
|
||||
};
|
||||
|
||||
/*
|
||||
* Struct return by BIOCVERSION. This represents the version number of
|
||||
* the filter language described by the instruction encodings below.
|
||||
* bpf understands a program iff kernel_major == filter_major &&
|
||||
* kernel_minor >= filter_minor, that is, if the value returned by the
|
||||
* running kernel has the same major number and a minor number equal
|
||||
* equal to or less than the filter being downloaded. Otherwise, the
|
||||
* results are undefined, meaning an error may be returned or packets
|
||||
* may be accepted haphazardly.
|
||||
* It has nothing to do with the source code version.
|
||||
*/
|
||||
struct bpf_version {
|
||||
u_short bv_major;
|
||||
u_short bv_minor;
|
||||
};
|
||||
/* Current version number of filter architecture. */
|
||||
#define BPF_MAJOR_VERSION 1
|
||||
#define BPF_MINOR_VERSION 1
|
||||
|
||||
/*
|
||||
* Data-link level type codes.
|
||||
*
|
||||
* Do *NOT* add new values to this list without asking
|
||||
* "tcpdump-workers@tcpdump.org" for a value. Otherwise, you run the
|
||||
* risk of using a value that's already being used for some other purpose,
|
||||
* and of having tools that read libpcap-format captures not being able
|
||||
* to handle captures with your new DLT_ value, with no hope that they
|
||||
* will ever be changed to do so (as that would destroy their ability
|
||||
* to read captures using that value for that other purpose).
|
||||
*/
|
||||
|
||||
/*
|
||||
* These are the types that are the same on all platforms, and that
|
||||
* have been defined by <net/bpf.h> for ages.
|
||||
*/
|
||||
#define DLT_NULL 0 /* BSD loopback encapsulation */
|
||||
#define DLT_EN10MB 1 /* Ethernet (10Mb) */
|
||||
#define DLT_EN3MB 2 /* Experimental Ethernet (3Mb) */
|
||||
#define DLT_AX25 3 /* Amateur Radio AX.25 */
|
||||
#define DLT_PRONET 4 /* Proteon ProNET Token Ring */
|
||||
#define DLT_CHAOS 5 /* Chaos */
|
||||
#define DLT_IEEE802 6 /* IEEE 802 Networks */
|
||||
#define DLT_ARCNET 7 /* ARCNET, with BSD-style header */
|
||||
#define DLT_SLIP 8 /* Serial Line IP */
|
||||
#define DLT_PPP 9 /* Point-to-point Protocol */
|
||||
#define DLT_FDDI 10 /* FDDI */
|
||||
|
||||
/*
|
||||
* These are types that are different on some platforms, and that
|
||||
* have been defined by <net/bpf.h> for ages. We use #ifdefs to
|
||||
* detect the BSDs that define them differently from the traditional
|
||||
* libpcap <net/bpf.h>
|
||||
*
|
||||
* XXX - DLT_ATM_RFC1483 is 13 in BSD/OS, and DLT_RAW is 14 in BSD/OS,
|
||||
* but I don't know what the right #define is for BSD/OS.
|
||||
*/
|
||||
#define DLT_ATM_RFC1483 11 /* LLC/SNAP encapsulated atm */
|
||||
|
||||
#ifdef __OpenBSD__
|
||||
#define DLT_RAW 14 /* raw IP */
|
||||
#else
|
||||
#define DLT_RAW 12 /* raw IP */
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Given that the only OS that currently generates BSD/OS SLIP or PPP
|
||||
* is, well, BSD/OS, arguably everybody should have chosen its values
|
||||
* for DLT_SLIP_BSDOS and DLT_PPP_BSDOS, which are 15 and 16, but they
|
||||
* didn't. So it goes.
|
||||
*/
|
||||
#if defined(__NetBSD__) || defined(__FreeBSD__)
|
||||
#ifndef DLT_SLIP_BSDOS
|
||||
#define DLT_SLIP_BSDOS 13 /* BSD/OS Serial Line IP */
|
||||
#define DLT_PPP_BSDOS 14 /* BSD/OS Point-to-point Protocol */
|
||||
#endif
|
||||
#else
|
||||
#define DLT_SLIP_BSDOS 15 /* BSD/OS Serial Line IP */
|
||||
#define DLT_PPP_BSDOS 16 /* BSD/OS Point-to-point Protocol */
|
||||
#endif
|
||||
|
||||
/*
|
||||
* 17 is used for DLT_OLD_PFLOG in OpenBSD;
|
||||
* OBSOLETE: DLT_PFLOG is 117 in OpenBSD now as well. See below.
|
||||
* 18 is used for DLT_PFSYNC in OpenBSD; don't use it for anything else.
|
||||
*/
|
||||
|
||||
#define DLT_ATM_CLIP 19 /* Linux Classical-IP over ATM */
|
||||
|
||||
/*
|
||||
* Apparently Redback uses this for its SmartEdge 400/800. I hope
|
||||
* nobody else decided to use it, too.
|
||||
*/
|
||||
#define DLT_REDBACK_SMARTEDGE 32
|
||||
|
||||
/*
|
||||
* These values are defined by NetBSD; other platforms should refrain from
|
||||
* using them for other purposes, so that NetBSD savefiles with link
|
||||
* types of 50 or 51 can be read as this type on all platforms.
|
||||
*/
|
||||
#define DLT_PPP_SERIAL 50 /* PPP over serial with HDLC encapsulation */
|
||||
#define DLT_PPP_ETHER 51 /* PPP over Ethernet */
|
||||
|
||||
/*
|
||||
* The Axent Raptor firewall - now the Symantec Enterprise Firewall - uses
|
||||
* a link-layer type of 99 for the tcpdump it supplies. The link-layer
|
||||
* header has 6 bytes of unknown data, something that appears to be an
|
||||
* Ethernet type, and 36 bytes that appear to be 0 in at least one capture
|
||||
* I've seen.
|
||||
*/
|
||||
#define DLT_SYMANTEC_FIREWALL 99
|
||||
|
||||
/*
|
||||
* Values between 100 and 103 are used in capture file headers as
|
||||
* link-layer types corresponding to DLT_ types that differ
|
||||
* between platforms; don't use those values for new DLT_ new types.
|
||||
*/
|
||||
|
||||
/*
|
||||
* This value was defined by libpcap 0.5; platforms that have defined
|
||||
* it with a different value should define it here with that value -
|
||||
* a link type of 104 in a save file will be mapped to DLT_C_HDLC,
|
||||
* whatever value that happens to be, so programs will correctly
|
||||
* handle files with that link type regardless of the value of
|
||||
* DLT_C_HDLC.
|
||||
*
|
||||
* The name DLT_C_HDLC was used by BSD/OS; we use that name for source
|
||||
* compatibility with programs written for BSD/OS.
|
||||
*
|
||||
* libpcap 0.5 defined it as DLT_CHDLC; we define DLT_CHDLC as well,
|
||||
* for source compatibility with programs written for libpcap 0.5.
|
||||
*/
|
||||
#define DLT_C_HDLC 104 /* Cisco HDLC */
|
||||
#define DLT_CHDLC DLT_C_HDLC
|
||||
|
||||
#define DLT_IEEE802_11 105 /* IEEE 802.11 wireless */
|
||||
|
||||
/*
|
||||
* 106 is reserved for Linux Classical IP over ATM; it's like DLT_RAW,
|
||||
* except when it isn't. (I.e., sometimes it's just raw IP, and
|
||||
* sometimes it isn't.) We currently handle it as DLT_LINUX_SLL,
|
||||
* so that we don't have to worry about the link-layer header.)
|
||||
*/
|
||||
|
||||
/*
|
||||
* Frame Relay; BSD/OS has a DLT_FR with a value of 11, but that collides
|
||||
* with other values.
|
||||
* DLT_FR and DLT_FRELAY packets start with the Q.922 Frame Relay header
|
||||
* (DLCI, etc.).
|
||||
*/
|
||||
#define DLT_FRELAY 107
|
||||
|
||||
/*
|
||||
* OpenBSD DLT_LOOP, for loopback devices; it's like DLT_NULL, except
|
||||
* that the AF_ type in the link-layer header is in network byte order.
|
||||
*
|
||||
* OpenBSD defines it as 12, but that collides with DLT_RAW, so we
|
||||
* define it as 108 here. If OpenBSD picks up this file, it should
|
||||
* define DLT_LOOP as 12 in its version, as per the comment above -
|
||||
* and should not use 108 as a DLT_ value.
|
||||
*/
|
||||
#define DLT_LOOP 108
|
||||
|
||||
/*
|
||||
* Encapsulated packets for IPsec; DLT_ENC is 13 in OpenBSD, but that's
|
||||
* DLT_SLIP_BSDOS in NetBSD, so we don't use 13 for it in OSes other
|
||||
* than OpenBSD.
|
||||
*/
|
||||
#ifdef __OpenBSD__
|
||||
#define DLT_ENC 13
|
||||
#else
|
||||
#define DLT_ENC 109
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Values between 110 and 112 are reserved for use in capture file headers
|
||||
* as link-layer types corresponding to DLT_ types that might differ
|
||||
* between platforms; don't use those values for new DLT_ types
|
||||
* other than the corresponding DLT_ types.
|
||||
*/
|
||||
|
||||
/*
|
||||
* This is for Linux cooked sockets.
|
||||
*/
|
||||
#define DLT_LINUX_SLL 113
|
||||
|
||||
/*
|
||||
* Apple LocalTalk hardware.
|
||||
*/
|
||||
#define DLT_LTALK 114
|
||||
|
||||
/*
|
||||
* Acorn Econet.
|
||||
*/
|
||||
#define DLT_ECONET 115
|
||||
|
||||
/*
|
||||
* Reserved for use with OpenBSD ipfilter.
|
||||
*/
|
||||
#define DLT_IPFILTER 116
|
||||
|
||||
/*
|
||||
* OpenBSD DLT_PFLOG; DLT_PFLOG is 17 in OpenBSD, but that's DLT_LANE8023
|
||||
* in SuSE 6.3, so we can't use 17 for it in capture-file headers.
|
||||
*
|
||||
* XXX: is there a conflict with DLT_PFSYNC 18 as well?
|
||||
*/
|
||||
#ifdef __OpenBSD__
|
||||
#define DLT_OLD_PFLOG 17
|
||||
#define DLT_PFSYNC 18
|
||||
#endif
|
||||
#define DLT_PFLOG 117
|
||||
|
||||
/*
|
||||
* Registered for Cisco-internal use.
|
||||
*/
|
||||
#define DLT_CISCO_IOS 118
|
||||
|
||||
/*
|
||||
* For 802.11 cards using the Prism II chips, with a link-layer
|
||||
* header including Prism monitor mode information plus an 802.11
|
||||
* header.
|
||||
*/
|
||||
#define DLT_PRISM_HEADER 119
|
||||
|
||||
/*
|
||||
* Reserved for Aironet 802.11 cards, with an Aironet link-layer header
|
||||
* (see Doug Ambrisko's FreeBSD patches).
|
||||
*/
|
||||
#define DLT_AIRONET_HEADER 120
|
||||
|
||||
/*
|
||||
* Reserved for Siemens HiPath HDLC.
|
||||
*/
|
||||
#define DLT_HHDLC 121
|
||||
|
||||
/*
|
||||
* This is for RFC 2625 IP-over-Fibre Channel.
|
||||
*
|
||||
* This is not for use with raw Fibre Channel, where the link-layer
|
||||
* header starts with a Fibre Channel frame header; it's for IP-over-FC,
|
||||
* where the link-layer header starts with an RFC 2625 Network_Header
|
||||
* field.
|
||||
*/
|
||||
#define DLT_IP_OVER_FC 122
|
||||
|
||||
/*
|
||||
* This is for Full Frontal ATM on Solaris with SunATM, with a
|
||||
* pseudo-header followed by an AALn PDU.
|
||||
*
|
||||
* There may be other forms of Full Frontal ATM on other OSes,
|
||||
* with different pseudo-headers.
|
||||
*
|
||||
* If ATM software returns a pseudo-header with VPI/VCI information
|
||||
* (and, ideally, packet type information, e.g. signalling, ILMI,
|
||||
* LANE, LLC-multiplexed traffic, etc.), it should not use
|
||||
* DLT_ATM_RFC1483, but should get a new DLT_ value, so tcpdump
|
||||
* and the like don't have to infer the presence or absence of a
|
||||
* pseudo-header and the form of the pseudo-header.
|
||||
*/
|
||||
#define DLT_SUNATM 123 /* Solaris+SunATM */
|
||||
|
||||
/*
|
||||
* Reserved as per request from Kent Dahlgren <kent@praesum.com>
|
||||
* for private use.
|
||||
*/
|
||||
#define DLT_RIO 124 /* RapidIO */
|
||||
#define DLT_PCI_EXP 125 /* PCI Express */
|
||||
#define DLT_AURORA 126 /* Xilinx Aurora link layer */
|
||||
|
||||
/*
|
||||
* Header for 802.11 plus a number of bits of link-layer information
|
||||
* including radio information, used by some recent BSD drivers as
|
||||
* well as the madwifi Atheros driver for Linux.
|
||||
*/
|
||||
#define DLT_IEEE802_11_RADIO 127 /* 802.11 plus radiotap radio header */
|
||||
|
||||
/*
|
||||
* Reserved for the TZSP encapsulation, as per request from
|
||||
* Chris Waters <chris.waters@networkchemistry.com>
|
||||
* TZSP is a generic encapsulation for any other link type,
|
||||
* which includes a means to include meta-information
|
||||
* with the packet, e.g. signal strength and channel
|
||||
* for 802.11 packets.
|
||||
*/
|
||||
#define DLT_TZSP 128 /* Tazmen Sniffer Protocol */
|
||||
|
||||
/*
|
||||
* BSD's ARCNET headers have the source host, destination host,
|
||||
* and type at the beginning of the packet; that's what's handed
|
||||
* up to userland via BPF.
|
||||
*
|
||||
* Linux's ARCNET headers, however, have a 2-byte offset field
|
||||
* between the host IDs and the type; that's what's handed up
|
||||
* to userland via PF_PACKET sockets.
|
||||
*
|
||||
* We therefore have to have separate DLT_ values for them.
|
||||
*/
|
||||
#define DLT_ARCNET_LINUX 129 /* ARCNET */
|
||||
|
||||
/*
|
||||
* Juniper-private data link types, as per request from
|
||||
* Hannes Gredler <hannes@juniper.net>. The DLT_s are used
|
||||
* for passing on chassis-internal metainformation such as
|
||||
* QOS profiles, etc..
|
||||
*/
|
||||
#define DLT_JUNIPER_MLPPP 130
|
||||
#define DLT_JUNIPER_MLFR 131
|
||||
#define DLT_JUNIPER_ES 132
|
||||
#define DLT_JUNIPER_GGSN 133
|
||||
#define DLT_JUNIPER_MFR 134
|
||||
#define DLT_JUNIPER_ATM2 135
|
||||
#define DLT_JUNIPER_SERVICES 136
|
||||
#define DLT_JUNIPER_ATM1 137
|
||||
|
||||
/*
|
||||
* Apple IP-over-IEEE 1394, as per a request from Dieter Siegmund
|
||||
* <dieter@apple.com>. The header that's presented is an Ethernet-like
|
||||
* header:
|
||||
*
|
||||
* #define FIREWIRE_EUI64_LEN 8
|
||||
* struct firewire_header {
|
||||
* u_char firewire_dhost[FIREWIRE_EUI64_LEN];
|
||||
* u_char firewire_shost[FIREWIRE_EUI64_LEN];
|
||||
* u_short firewire_type;
|
||||
* };
|
||||
*
|
||||
* with "firewire_type" being an Ethernet type value, rather than,
|
||||
* for example, raw GASP frames being handed up.
|
||||
*/
|
||||
#define DLT_APPLE_IP_OVER_IEEE1394 138
|
||||
|
||||
/*
|
||||
* 139 through 142 are reserved for SS7.
|
||||
*/
|
||||
|
||||
/*
|
||||
* DOCSIS MAC frames.
|
||||
*/
|
||||
#define DLT_DOCSIS 143
|
||||
|
||||
/*
|
||||
* Linux-IrDA packets. Protocol defined at http://www.irda.org.
|
||||
* Those packets include IrLAP headers and above (IrLMP...), but
|
||||
* don't include Phy framing (SOF/EOF/CRC & byte stuffing), because Phy
|
||||
* framing can be handled by the hardware and depend on the bitrate.
|
||||
* This is exactly the format you would get capturing on a Linux-IrDA
|
||||
* interface (irdaX), but not on a raw serial port.
|
||||
* Note the capture is done in "Linux-cooked" mode, so each packet include
|
||||
* a fake packet header (struct sll_header). This is because IrDA packet
|
||||
* decoding is dependant on the direction of the packet (incomming or
|
||||
* outgoing).
|
||||
* When/if other platform implement IrDA capture, we may revisit the
|
||||
* issue and define a real DLT_IRDA...
|
||||
* Jean II
|
||||
*/
|
||||
#define DLT_LINUX_IRDA 144
|
||||
|
||||
/*
|
||||
* Reserved for IBM SP switch and IBM Next Federation switch.
|
||||
*/
|
||||
#define DLT_IBM_SP 145
|
||||
#define DLT_IBM_SN 146
|
||||
|
||||
/*
|
||||
* Reserved for private use. If you have some link-layer header type
|
||||
* that you want to use within your organization, with the capture files
|
||||
* using that link-layer header type not ever be sent outside your
|
||||
* organization, you can use these values.
|
||||
*
|
||||
* No libpcap release will use these for any purpose, nor will any
|
||||
* tcpdump release use them, either.
|
||||
*
|
||||
* Do *NOT* use these in capture files that you expect anybody not using
|
||||
* your private versions of capture-file-reading tools to read; in
|
||||
* particular, do *NOT* use them in products, otherwise you may find that
|
||||
* people won't be able to use tcpdump, or snort, or Ethereal, or... to
|
||||
* read capture files from your firewall/intrusion detection/traffic
|
||||
* monitoring/etc. appliance, or whatever product uses that DLT_ value,
|
||||
* and you may also find that the developers of those applications will
|
||||
* not accept patches to let them read those files.
|
||||
*
|
||||
* Also, do not use them if somebody might send you a capture using them
|
||||
* for *their* private type and tools using them for *your* private type
|
||||
* would have to read them.
|
||||
*
|
||||
* Instead, ask "tcpdump-workers@tcpdump.org" for a new DLT_ value,
|
||||
* as per the comment above, and use the type you're given.
|
||||
*/
|
||||
#define DLT_USER0 147
|
||||
#define DLT_USER1 148
|
||||
#define DLT_USER2 149
|
||||
#define DLT_USER3 150
|
||||
#define DLT_USER4 151
|
||||
#define DLT_USER5 152
|
||||
#define DLT_USER6 153
|
||||
#define DLT_USER7 154
|
||||
#define DLT_USER8 155
|
||||
#define DLT_USER9 156
|
||||
#define DLT_USER10 157
|
||||
#define DLT_USER11 158
|
||||
#define DLT_USER12 159
|
||||
#define DLT_USER13 160
|
||||
#define DLT_USER14 161
|
||||
#define DLT_USER15 162
|
||||
|
||||
/*
|
||||
* For future use with 802.11 captures - defined by AbsoluteValue
|
||||
* Systems to store a number of bits of link-layer information
|
||||
* including radio information:
|
||||
*
|
||||
* http://www.shaftnet.org/~pizza/software/capturefrm.txt
|
||||
*
|
||||
* but it might be used by some non-AVS drivers now or in the
|
||||
* future.
|
||||
*/
|
||||
#define DLT_IEEE802_11_RADIO_AVS 163 /* 802.11 plus AVS radio header */
|
||||
|
||||
/*
|
||||
* Juniper-private data link type, as per request from
|
||||
* Hannes Gredler <hannes@juniper.net>. The DLT_s are used
|
||||
* for passing on chassis-internal metainformation such as
|
||||
* QOS profiles, etc..
|
||||
*/
|
||||
#define DLT_JUNIPER_MONITOR 164
|
||||
|
||||
/*
|
||||
* Reserved for BACnet MS/TP.
|
||||
*/
|
||||
#define DLT_BACNET_MS_TP 165
|
||||
|
||||
/*
|
||||
* Another PPP variant as per request from Karsten Keil <kkeil@suse.de>.
|
||||
*
|
||||
* This is used in some OSes to allow a kernel socket filter to distinguish
|
||||
* between incoming and outgoing packets, on a socket intended to
|
||||
* supply pppd with outgoing packets so it can do dial-on-demand and
|
||||
* hangup-on-lack-of-demand; incoming packets are filtered out so they
|
||||
* don't cause pppd to hold the connection up (you don't want random
|
||||
* input packets such as port scans, packets from old lost connections,
|
||||
* etc. to force the connection to stay up).
|
||||
*
|
||||
* The first byte of the PPP header (0xff03) is modified to accomodate
|
||||
* the direction - 0x00 = IN, 0x01 = OUT.
|
||||
*/
|
||||
#define DLT_PPP_PPPD 166
|
||||
|
||||
/*
|
||||
* Names for backwards compatibility with older versions of some PPP
|
||||
* software; new software should use DLT_PPP_PPPD.
|
||||
*/
|
||||
#define DLT_PPP_WITH_DIRECTION DLT_PPP_PPPD
|
||||
#define DLT_LINUX_PPP_WITHDIRECTION DLT_PPP_PPPD
|
||||
|
||||
/*
|
||||
* Juniper-private data link type, as per request from
|
||||
* Hannes Gredler <hannes@juniper.net>. The DLT_s are used
|
||||
* for passing on chassis-internal metainformation such as
|
||||
* QOS profiles, cookies, etc..
|
||||
*/
|
||||
#define DLT_JUNIPER_PPPOE 167
|
||||
#define DLT_JUNIPER_PPPOE_ATM 168
|
||||
|
||||
#define DLT_GPRS_LLC 169 /* GPRS LLC */
|
||||
#define DLT_GPF_T 170 /* GPF-T (ITU-T G.7041/Y.1303) */
|
||||
#define DLT_GPF_F 171 /* GPF-F (ITU-T G.7041/Y.1303) */
|
||||
|
||||
/*
|
||||
* Requested by Oolan Zimmer <oz@gcom.com> for use in Gcom's T1/E1 line
|
||||
* monitoring equipment.
|
||||
*/
|
||||
#define DLT_GCOM_T1E1 172
|
||||
#define DLT_GCOM_SERIAL 173
|
||||
|
||||
/*
|
||||
* Juniper-private data link type, as per request from
|
||||
* Hannes Gredler <hannes@juniper.net>. The DLT_ is used
|
||||
* for internal communication to Physical Interface Cards (PIC)
|
||||
*/
|
||||
#define DLT_JUNIPER_PIC_PEER 174
|
||||
|
||||
/*
|
||||
* Link types requested by Gregor Maier <gregor@endace.com> of Endace
|
||||
* Measurement Systems. They add an ERF header (see
|
||||
* http://www.endace.com/support/EndaceRecordFormat.pdf) in front of
|
||||
* the link-layer header.
|
||||
*/
|
||||
#define DLT_ERF_ETH 175 /* Ethernet */
|
||||
#define DLT_ERF_POS 176 /* Packet-over-SONET */
|
||||
|
||||
/*
|
||||
* Requested by Daniele Orlandi <daniele@orlandi.com> for raw LAPD
|
||||
* for vISDN (http://www.orlandi.com/visdn/).
|
||||
*/
|
||||
#define DLT_LAPD 177
|
||||
|
||||
/*
|
||||
* The instruction encodings.
|
||||
*/
|
||||
/* instruction classes */
|
||||
#define BPF_CLASS(code) ((code) & 0x07)
|
||||
#define BPF_LD 0x00
|
||||
#define BPF_LDX 0x01
|
||||
#define BPF_ST 0x02
|
||||
#define BPF_STX 0x03
|
||||
#define BPF_ALU 0x04
|
||||
#define BPF_JMP 0x05
|
||||
#define BPF_RET 0x06
|
||||
#define BPF_MISC 0x07
|
||||
|
||||
/* ld/ldx fields */
|
||||
#define BPF_SIZE(code) ((code) & 0x18)
|
||||
#define BPF_W 0x00
|
||||
#define BPF_H 0x08
|
||||
#define BPF_B 0x10
|
||||
#define BPF_MODE(code) ((code) & 0xe0)
|
||||
#define BPF_IMM 0x00
|
||||
#define BPF_ABS 0x20
|
||||
#define BPF_IND 0x40
|
||||
#define BPF_MEM 0x60
|
||||
#define BPF_LEN 0x80
|
||||
#define BPF_MSH 0xa0
|
||||
|
||||
/* alu/jmp fields */
|
||||
#define BPF_OP(code) ((code) & 0xf0)
|
||||
#define BPF_ADD 0x00
|
||||
#define BPF_SUB 0x10
|
||||
#define BPF_MUL 0x20
|
||||
#define BPF_DIV 0x30
|
||||
#define BPF_OR 0x40
|
||||
#define BPF_AND 0x50
|
||||
#define BPF_LSH 0x60
|
||||
#define BPF_RSH 0x70
|
||||
#define BPF_NEG 0x80
|
||||
#define BPF_JA 0x00
|
||||
#define BPF_JEQ 0x10
|
||||
#define BPF_JGT 0x20
|
||||
#define BPF_JGE 0x30
|
||||
#define BPF_JSET 0x40
|
||||
#define BPF_SRC(code) ((code) & 0x08)
|
||||
#define BPF_K 0x00
|
||||
#define BPF_X 0x08
|
||||
|
||||
/* ret - BPF_K and BPF_X also apply */
|
||||
#define BPF_RVAL(code) ((code) & 0x18)
|
||||
#define BPF_A 0x10
|
||||
|
||||
/* misc */
|
||||
#define BPF_MISCOP(code) ((code) & 0xf8)
|
||||
#define BPF_TAX 0x00
|
||||
#define BPF_TXA 0x80
|
||||
|
||||
/*
|
||||
* The instruction data structure.
|
||||
*/
|
||||
struct bpf_insn {
|
||||
u_short code;
|
||||
u_char jt;
|
||||
u_char jf;
|
||||
bpf_int32 k;
|
||||
};
|
||||
|
||||
/*
|
||||
* Macros for insn array initializers.
|
||||
*/
|
||||
#define BPF_STMT(code, k) { (u_short)(code), 0, 0, k }
|
||||
#define BPF_JUMP(code, k, jt, jf) { (u_short)(code), jt, jf, k }
|
||||
|
||||
#if __STDC__ || defined(__cplusplus)
|
||||
extern int bpf_validate(struct bpf_insn *, int);
|
||||
extern u_int bpf_filter(struct bpf_insn *, u_char *, u_int, u_int);
|
||||
#else
|
||||
extern int bpf_validate();
|
||||
extern u_int bpf_filter();
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Number of scratch memory words (for BPF_LD|BPF_MEM and BPF_ST).
|
||||
*/
|
||||
#define BPF_MEMWORDS 16
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
#include <pcap/bpf.h>
|
||||
|
|
|
@ -0,0 +1,370 @@
|
|||
/*
|
||||
* Copyright (c) 2006 Paolo Abeni (Italy)
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* Bluetooth sniffing API implementation for Linux platform
|
||||
* By Paolo Abeni <paolo.abeni@email.it>
|
||||
*
|
||||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-bt-linux.c,v 1.15 2008-07-01 07:05:54 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "pcap-int.h"
|
||||
#include "pcap-bt-linux.h"
|
||||
#include "pcap/bluetooth.h"
|
||||
|
||||
#ifdef NEED_STRERROR_H
|
||||
#include "strerror.h"
|
||||
#endif
|
||||
|
||||
#include <errno.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <string.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/socket.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#include <bluetooth/bluetooth.h>
|
||||
#include <bluetooth/hci.h>
|
||||
|
||||
#define BT_IFACE "bluetooth"
|
||||
#define BT_CTRL_SIZE 128
|
||||
|
||||
/* forward declaration */
|
||||
static int bt_activate(pcap_t *);
|
||||
static int bt_read_linux(pcap_t *, int , pcap_handler , u_char *);
|
||||
static int bt_inject_linux(pcap_t *, const void *, size_t);
|
||||
static int bt_setdirection_linux(pcap_t *, pcap_direction_t);
|
||||
static int bt_stats_linux(pcap_t *, struct pcap_stat *);
|
||||
|
||||
int
|
||||
bt_platform_finddevs(pcap_if_t **alldevsp, char *err_str)
|
||||
{
|
||||
pcap_if_t *found_dev = *alldevsp;
|
||||
struct hci_dev_list_req *dev_list;
|
||||
struct hci_dev_req *dev_req;
|
||||
int i, sock;
|
||||
int ret = 0;
|
||||
|
||||
sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
|
||||
if (sock < 0)
|
||||
{
|
||||
/* if bluetooth is not supported this this is not fatal*/
|
||||
if (errno == EAFNOSUPPORT)
|
||||
return 0;
|
||||
snprintf(err_str, PCAP_ERRBUF_SIZE, "Can't open raw Bluetooth socket %d:%s",
|
||||
errno, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
dev_list = malloc(HCI_MAX_DEV * sizeof(*dev_req) + sizeof(*dev_list));
|
||||
if (!dev_list)
|
||||
{
|
||||
snprintf(err_str, PCAP_ERRBUF_SIZE, "Can't allocate %zu bytes for Bluetooth device list",
|
||||
HCI_MAX_DEV * sizeof(*dev_req) + sizeof(*dev_list));
|
||||
ret = -1;
|
||||
goto done;
|
||||
}
|
||||
|
||||
dev_list->dev_num = HCI_MAX_DEV;
|
||||
|
||||
if (ioctl(sock, HCIGETDEVLIST, (void *) dev_list) < 0)
|
||||
{
|
||||
snprintf(err_str, PCAP_ERRBUF_SIZE, "Can't get Bluetooth device list via ioctl %d:%s",
|
||||
errno, strerror(errno));
|
||||
ret = -1;
|
||||
goto free;
|
||||
}
|
||||
|
||||
dev_req = dev_list->dev_req;
|
||||
for (i = 0; i < dev_list->dev_num; i++, dev_req++) {
|
||||
char dev_name[20], dev_descr[30];
|
||||
|
||||
snprintf(dev_name, 20, BT_IFACE"%d", dev_req->dev_id);
|
||||
snprintf(dev_descr, 30, "Bluetooth adapter number %d", i);
|
||||
|
||||
if (pcap_add_if(&found_dev, dev_name, 0,
|
||||
dev_descr, err_str) < 0)
|
||||
{
|
||||
ret = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
free:
|
||||
free(dev_list);
|
||||
|
||||
done:
|
||||
close(sock);
|
||||
return ret;
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
bt_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = bt_activate;
|
||||
return (p);
|
||||
}
|
||||
|
||||
static int
|
||||
bt_activate(pcap_t* handle)
|
||||
{
|
||||
struct sockaddr_hci addr;
|
||||
int opt;
|
||||
int dev_id;
|
||||
struct hci_filter flt;
|
||||
int err = PCAP_ERROR;
|
||||
|
||||
/* get bt interface id */
|
||||
if (sscanf(handle->opt.source, BT_IFACE"%d", &dev_id) != 1)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't get Bluetooth device index from %s",
|
||||
handle->opt.source);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
/* Initialize some components of the pcap structure. */
|
||||
handle->bufsize = handle->snapshot+BT_CTRL_SIZE+sizeof(pcap_bluetooth_h4_header);
|
||||
handle->offset = BT_CTRL_SIZE;
|
||||
handle->linktype = DLT_BLUETOOTH_HCI_H4_WITH_PHDR;
|
||||
|
||||
handle->read_op = bt_read_linux;
|
||||
handle->inject_op = bt_inject_linux;
|
||||
handle->setfilter_op = install_bpf_program; /* no kernel filtering */
|
||||
handle->setdirection_op = bt_setdirection_linux;
|
||||
handle->set_datalink_op = NULL; /* can't change data link type */
|
||||
handle->getnonblock_op = pcap_getnonblock_fd;
|
||||
handle->setnonblock_op = pcap_setnonblock_fd;
|
||||
handle->stats_op = bt_stats_linux;
|
||||
handle->md.ifindex = dev_id;
|
||||
|
||||
/* Create HCI socket */
|
||||
handle->fd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
|
||||
if (handle->fd < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't create raw socket %d:%s",
|
||||
errno, strerror(errno));
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
handle->buffer = malloc(handle->bufsize);
|
||||
if (!handle->buffer) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't allocate dump buffer: %s",
|
||||
pcap_strerror(errno));
|
||||
goto close_fail;
|
||||
}
|
||||
|
||||
opt = 1;
|
||||
if (setsockopt(handle->fd, SOL_HCI, HCI_DATA_DIR, &opt, sizeof(opt)) < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't enable data direction info %d:%s",
|
||||
errno, strerror(errno));
|
||||
goto close_fail;
|
||||
}
|
||||
|
||||
opt = 1;
|
||||
if (setsockopt(handle->fd, SOL_HCI, HCI_TIME_STAMP, &opt, sizeof(opt)) < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't enable time stamp %d:%s",
|
||||
errno, strerror(errno));
|
||||
goto close_fail;
|
||||
}
|
||||
|
||||
/* Setup filter, do not call hci function to avoid dependence on
|
||||
* external libs */
|
||||
memset(&flt, 0, sizeof(flt));
|
||||
memset((void *) &flt.type_mask, 0xff, sizeof(flt.type_mask));
|
||||
memset((void *) &flt.event_mask, 0xff, sizeof(flt.event_mask));
|
||||
if (setsockopt(handle->fd, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't set filter %d:%s",
|
||||
errno, strerror(errno));
|
||||
goto close_fail;
|
||||
}
|
||||
|
||||
|
||||
/* Bind socket to the HCI device */
|
||||
addr.hci_family = AF_BLUETOOTH;
|
||||
addr.hci_dev = handle->md.ifindex;
|
||||
if (bind(handle->fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't attach to device %d %d:%s",
|
||||
handle->md.ifindex, errno, strerror(errno));
|
||||
goto close_fail;
|
||||
}
|
||||
|
||||
if (handle->opt.rfmon) {
|
||||
/*
|
||||
* Monitor mode doesn't apply to Bluetooth devices.
|
||||
*/
|
||||
err = PCAP_ERROR_RFMON_NOTSUP;
|
||||
goto close_fail;
|
||||
}
|
||||
|
||||
if (handle->opt.buffer_size == 0) {
|
||||
/*
|
||||
* Set the socket buffer size to the specified value.
|
||||
*/
|
||||
if (setsockopt(handle->fd, SOL_SOCKET, SO_RCVBUF,
|
||||
&handle->opt.buffer_size,
|
||||
sizeof(handle->opt.buffer_size)) == -1) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"SO_RCVBUF: %s", pcap_strerror(errno));
|
||||
goto close_fail;
|
||||
}
|
||||
}
|
||||
|
||||
handle->selectable_fd = handle->fd;
|
||||
return 0;
|
||||
|
||||
close_fail:
|
||||
pcap_cleanup_live_common(handle);
|
||||
return err;
|
||||
}
|
||||
|
||||
static int
|
||||
bt_read_linux(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user)
|
||||
{
|
||||
struct cmsghdr *cmsg;
|
||||
struct msghdr msg;
|
||||
struct iovec iv;
|
||||
struct pcap_pkthdr pkth;
|
||||
pcap_bluetooth_h4_header* bthdr;
|
||||
|
||||
bthdr = (pcap_bluetooth_h4_header*) &handle->buffer[handle->offset];
|
||||
iv.iov_base = &handle->buffer[handle->offset+sizeof(pcap_bluetooth_h4_header)];
|
||||
iv.iov_len = handle->snapshot;
|
||||
|
||||
memset(&msg, 0, sizeof(msg));
|
||||
msg.msg_iov = &iv;
|
||||
msg.msg_iovlen = 1;
|
||||
msg.msg_control = handle->buffer;
|
||||
msg.msg_controllen = handle->offset;
|
||||
|
||||
/* ignore interrupt system call error */
|
||||
do {
|
||||
pkth.caplen = recvmsg(handle->fd, &msg, 0);
|
||||
if (handle->break_loop)
|
||||
{
|
||||
handle->break_loop = 0;
|
||||
return -2;
|
||||
}
|
||||
} while ((pkth.caplen == -1) && (errno == EINTR));
|
||||
|
||||
|
||||
if (pkth.caplen < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't receive packet %d:%s",
|
||||
errno, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* get direction and timestamp*/
|
||||
cmsg = CMSG_FIRSTHDR(&msg);
|
||||
int in=0;
|
||||
while (cmsg) {
|
||||
switch (cmsg->cmsg_type) {
|
||||
case HCI_CMSG_DIR:
|
||||
memcpy(&in, CMSG_DATA(cmsg), sizeof in);
|
||||
break;
|
||||
case HCI_CMSG_TSTAMP:
|
||||
memcpy(&pkth.ts, CMSG_DATA(cmsg),
|
||||
sizeof pkth.ts);
|
||||
break;
|
||||
}
|
||||
cmsg = CMSG_NXTHDR(&msg, cmsg);
|
||||
}
|
||||
if ((in && (handle->direction == PCAP_D_OUT)) ||
|
||||
((!in) && (handle->direction == PCAP_D_IN)))
|
||||
return 0;
|
||||
|
||||
bthdr->direction = htonl(in != 0);
|
||||
pkth.caplen+=sizeof(pcap_bluetooth_h4_header);
|
||||
pkth.len = pkth.caplen;
|
||||
if (handle->fcode.bf_insns == NULL ||
|
||||
bpf_filter(handle->fcode.bf_insns, &handle->buffer[handle->offset],
|
||||
pkth.len, pkth.caplen)) {
|
||||
callback(user, &pkth, &handle->buffer[handle->offset]);
|
||||
return 1;
|
||||
}
|
||||
return 0; /* didn't pass filter */
|
||||
}
|
||||
|
||||
static int
|
||||
bt_inject_linux(pcap_t *handle, const void *buf, size_t size)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "inject not supported on "
|
||||
"bluetooth devices");
|
||||
return (-1);
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
bt_stats_linux(pcap_t *handle, struct pcap_stat *stats)
|
||||
{
|
||||
int ret;
|
||||
struct hci_dev_info dev_info;
|
||||
struct hci_dev_stats * s = &dev_info.stat;
|
||||
dev_info.dev_id = handle->md.ifindex;
|
||||
|
||||
/* ingnore eintr */
|
||||
do {
|
||||
ret = ioctl(handle->fd, HCIGETDEVINFO, (void *)&dev_info);
|
||||
} while ((ret == -1) && (errno == EINTR));
|
||||
|
||||
if (ret < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "can get stats"
|
||||
" via ioctl %d:%s", errno, strerror(errno));
|
||||
return (-1);
|
||||
|
||||
}
|
||||
|
||||
/* we receive both rx and tx frames, so comulate all stats */
|
||||
stats->ps_recv = s->evt_rx + s->acl_rx + s->sco_rx + s->cmd_tx +
|
||||
s->acl_tx +s->sco_tx;
|
||||
stats->ps_drop = s->err_rx + s->err_tx;
|
||||
stats->ps_ifdrop = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
bt_setdirection_linux(pcap_t *p, pcap_direction_t d)
|
||||
{
|
||||
p->direction = d;
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,40 @@
|
|||
/*
|
||||
* Copyright (c) 2006 Paolo Abeni (Italy)
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* Bluetooth sniffing API implementation for Linux platform
|
||||
* By Paolo Abeni <paolo.abeni@email.it>
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-bt-linux.h,v 1.5 2008-04-04 19:37:45 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
/*
|
||||
* Prototypes for Bluetooth-related functions
|
||||
*/
|
||||
int bt_platform_finddevs(pcap_if_t **alldevsp, char *err_str);
|
||||
pcap_t *bt_create(const char *device, char *ebuf);
|
|
@ -0,0 +1,264 @@
|
|||
/*
|
||||
* Copyright (c) 2009 Felix Obenhuber
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* SocketCan sniffing API implementation for Linux platform
|
||||
* By Felix Obenhuber <felix@obenhuber.de>
|
||||
*
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "pcap-int.h"
|
||||
#include "pcap-can-linux.h"
|
||||
|
||||
#ifdef NEED_STRERROR_H
|
||||
#include "strerror.h"
|
||||
#endif
|
||||
|
||||
#include <errno.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <string.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/socket.h>
|
||||
#include <net/if.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#include <linux/can.h>
|
||||
#include <linux/can/raw.h>
|
||||
|
||||
/* not yet defined anywhere */
|
||||
#ifndef PF_CAN
|
||||
#define PF_CAN 29
|
||||
#endif
|
||||
#ifndef AF_CAN
|
||||
#define AF_CAN PF_CAN
|
||||
#endif
|
||||
|
||||
/* forward declaration */
|
||||
static int can_activate(pcap_t *);
|
||||
static int can_read_linux(pcap_t *, int , pcap_handler , u_char *);
|
||||
static int can_inject_linux(pcap_t *, const void *, size_t);
|
||||
static int can_setfilter_linux(pcap_t *, struct bpf_program *);
|
||||
static int can_setdirection_linux(pcap_t *, pcap_direction_t);
|
||||
static int can_stats_linux(pcap_t *, struct pcap_stat *);
|
||||
|
||||
pcap_t *
|
||||
can_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t* p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = can_activate;
|
||||
return (p);
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
can_activate(pcap_t* handle)
|
||||
{
|
||||
struct sockaddr_can addr;
|
||||
struct ifreq ifr;
|
||||
|
||||
/* Initialize some components of the pcap structure. */
|
||||
handle->bufsize = 24;
|
||||
handle->offset = 8;
|
||||
handle->linktype = DLT_CAN_SOCKETCAN;
|
||||
handle->read_op = can_read_linux;
|
||||
handle->inject_op = can_inject_linux;
|
||||
handle->setfilter_op = can_setfilter_linux;
|
||||
handle->setdirection_op = can_setdirection_linux;
|
||||
handle->set_datalink_op = NULL;
|
||||
handle->getnonblock_op = pcap_getnonblock_fd;
|
||||
handle->setnonblock_op = pcap_setnonblock_fd;
|
||||
handle->stats_op = can_stats_linux;
|
||||
|
||||
/* Create socket */
|
||||
handle->fd = socket(PF_CAN, SOCK_RAW, CAN_RAW);
|
||||
if (handle->fd < 0)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't create raw socket %d:%s",
|
||||
errno, strerror(errno));
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
/* get interface index */
|
||||
memset(&ifr, 0, sizeof(ifr));
|
||||
strncpy(ifr.ifr_name, handle->opt.source, sizeof(ifr.ifr_name));
|
||||
if (ioctl(handle->fd, SIOCGIFINDEX, &ifr) < 0)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Unable to get interface index: %s",
|
||||
pcap_strerror(errno));
|
||||
pcap_cleanup_live_common(handle);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
handle->md.ifindex = ifr.ifr_ifindex;
|
||||
|
||||
/* allocate butter */
|
||||
handle->buffer = malloc(handle->bufsize);
|
||||
if (!handle->buffer)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't allocate dump buffer: %s",
|
||||
pcap_strerror(errno));
|
||||
pcap_cleanup_live_common(handle);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
/* Bind to the socket */
|
||||
addr.can_family = AF_CAN;
|
||||
addr.can_ifindex = handle->md.ifindex;
|
||||
if( bind( handle->fd, (struct sockaddr*)&addr, sizeof(addr) ) < 0 )
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't attach to device %d %d:%s",
|
||||
handle->md.ifindex, errno, strerror(errno));
|
||||
pcap_cleanup_live_common(handle);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
if (handle->opt.rfmon)
|
||||
{
|
||||
/* Monitor mode doesn't apply to CAN devices. */
|
||||
pcap_cleanup_live_common(handle);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
handle->selectable_fd = handle->fd;
|
||||
return 0;
|
||||
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
can_read_linux(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user)
|
||||
{
|
||||
struct msghdr msg;
|
||||
struct pcap_pkthdr pkth;
|
||||
struct iovec iv;
|
||||
struct can_frame* cf;
|
||||
|
||||
iv.iov_base = &handle->buffer[handle->offset];
|
||||
iv.iov_len = handle->snapshot;
|
||||
|
||||
memset(&msg, 0, sizeof(msg));
|
||||
msg.msg_iov = &iv;
|
||||
msg.msg_iovlen = 1;
|
||||
msg.msg_control = handle->buffer;
|
||||
msg.msg_controllen = handle->offset;
|
||||
|
||||
do
|
||||
{
|
||||
pkth.caplen = recvmsg(handle->fd, &msg, 0);
|
||||
if (handle->break_loop)
|
||||
{
|
||||
handle->break_loop = 0;
|
||||
return -2;
|
||||
}
|
||||
} while ((pkth.caplen == -1) && (errno == EINTR));
|
||||
|
||||
if (pkth.caplen < 0)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't receive packet %d:%s",
|
||||
errno, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* adjust capture len according to frame len */
|
||||
cf = (struct can_frame*)&handle->buffer[8];
|
||||
pkth.caplen -= 8 - cf->can_dlc;
|
||||
pkth.len = pkth.caplen;
|
||||
|
||||
cf->can_id = htonl( cf->can_id );
|
||||
|
||||
if( -1 == gettimeofday(&pkth.ts, NULL) )
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't get time of day %d:%s",
|
||||
errno, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
callback(user, &pkth, &handle->buffer[8]);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
can_inject_linux(pcap_t *handle, const void *buf, size_t size)
|
||||
{
|
||||
/* not yet implemented */
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "inject not supported on "
|
||||
"can devices");
|
||||
return (-1);
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
can_stats_linux(pcap_t *handle, struct pcap_stat *stats)
|
||||
{
|
||||
/* not yet implemented */
|
||||
stats->ps_recv = 0; /* number of packets received */
|
||||
stats->ps_drop = 0; /* number of packets dropped */
|
||||
stats->ps_ifdrop = 0; /* drops by interface -- only supported on some platforms */
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
can_setfilter_linux(pcap_t *p, struct bpf_program *fp)
|
||||
{
|
||||
/* not yet implemented */
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
can_setdirection_linux(pcap_t *p, pcap_direction_t d)
|
||||
{
|
||||
/* no support for PCAP_D_OUT */
|
||||
if (d == PCAP_D_OUT)
|
||||
{
|
||||
snprintf(p->errbuf, sizeof(p->errbuf),
|
||||
"Setting direction to PCAP_D_OUT is not supported on can");
|
||||
return -1;
|
||||
}
|
||||
|
||||
p->direction = d;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* eof */
|
|
@ -0,0 +1,35 @@
|
|||
/*
|
||||
* Copyright (c) 2009 Felix Obenhuber
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
* Prototypes for SocketCAN related functions
|
||||
*/
|
||||
pcap_t* can_create(const char *device, char *ebuf);
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,25 @@
|
|||
|
||||
/*
|
||||
* We use the "receiver-makes-right" approach to byte order,
|
||||
* because time is at a premium when we are writing the file.
|
||||
* In other words, the pcap_file_header and pcap_pkthdr,
|
||||
* records are written in host byte order.
|
||||
* Note that the bytes of packet data are written out in the order in
|
||||
* which they were received, so multi-byte fields in packets are not
|
||||
* written in host byte order, they're written in whatever order the
|
||||
* sending machine put them in.
|
||||
*
|
||||
* ntoh[ls] aren't sufficient because we might need to swap on a big-endian
|
||||
* machine (if the file was written in little-end order).
|
||||
*/
|
||||
#define SWAPLONG(y) \
|
||||
((((y)&0xff)<<24) | (((y)&0xff00)<<8) | (((y)&0xff0000)>>8) | (((y)>>24)&0xff))
|
||||
#define SWAPSHORT(y) \
|
||||
( (((y)&0xff)<<8) | ((u_short)((y)&0xff00)>>8) )
|
||||
|
||||
extern int dlt_to_linktype(int dlt);
|
||||
|
||||
extern int linktype_to_dlt(int linktype);
|
||||
|
||||
extern void swap_linux_usb_header(const struct pcap_pkthdr *hdr, u_char *buf,
|
||||
int header_len_64_bytes);
|
|
@ -0,0 +1,74 @@
|
|||
.\" @(#) $Header: /tcpdump/master/libpcap/pcap-config.1,v 1.1 2008-09-23 18:04:01 guy Exp $ (LBL)
|
||||
.\"
|
||||
.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that: (1) source code distributions
|
||||
.\" retain the above copyright notice and this paragraph in its entirety, (2)
|
||||
.\" distributions including binary code include the above copyright notice and
|
||||
.\" this paragraph in its entirety in the documentation or other materials
|
||||
.\" provided with the distribution, and (3) all advertising materials mentioning
|
||||
.\" features or use of this software display the following acknowledgement:
|
||||
.\" ``This product includes software developed by the University of California,
|
||||
.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
|
||||
.\" the University nor the names of its contributors may be used to endorse
|
||||
.\" or promote products derived from this software without specific prior
|
||||
.\" written permission.
|
||||
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
|
||||
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
.\"
|
||||
.TH PCAP-CONFIG 1 "26 March 2009"
|
||||
.SH NAME
|
||||
pcap-config \- write libpcap compiler and linker flags to standard output
|
||||
.SH SYNOPSIS
|
||||
.na
|
||||
.B pcap-config
|
||||
[
|
||||
.B \-\-static
|
||||
]
|
||||
[
|
||||
.B \-\-cflags | \-\-libs | \-\-additional-libs
|
||||
]
|
||||
.ad
|
||||
.SH DESCRIPTION
|
||||
.LP
|
||||
When run with the
|
||||
.B \-\-cflags
|
||||
option,
|
||||
.I pcap-config
|
||||
writes to the standard output the
|
||||
.B \-I
|
||||
compiler flags required to include libpcap's header files.
|
||||
When run with the
|
||||
.B \-\-libs
|
||||
option,
|
||||
.I pcap-config
|
||||
writes to the standard output the
|
||||
.B \-L
|
||||
and
|
||||
.B \-l
|
||||
linker flags required to link with libpcap, including
|
||||
.B \-l
|
||||
flags for libraries required by libpcap.
|
||||
When run with the
|
||||
.B \-\-additional-libs
|
||||
option,
|
||||
.I pcap-config
|
||||
writes to the standard output the
|
||||
.B \-L
|
||||
and
|
||||
.B \-l
|
||||
flags for libraries required by libpcap, but not the
|
||||
.B \-lpcap
|
||||
flag to link with libpcap itself.
|
||||
.LP
|
||||
By default, it writes flags appropriate for compiling with a
|
||||
dynamically-linked version of libpcap; the
|
||||
.B \-\-static
|
||||
flag causes it to write flags appropriate for compiling with a
|
||||
statically-linked version of libpcap.
|
||||
.SH "SEE ALSO"
|
||||
pcap(3PCAP)
|
|
@ -0,0 +1,89 @@
|
|||
#! /bin/sh
|
||||
|
||||
#
|
||||
# Script to give the appropriate compiler flags and linker flags
|
||||
# to use when building code that uses libpcap.
|
||||
#
|
||||
prefix="@prefix@"
|
||||
exec_prefix="@exec_prefix@"
|
||||
includedir="@includedir@"
|
||||
libdir="@libdir@"
|
||||
V_RPATH_OPT="@V_RPATH_OPT@"
|
||||
LIBS="@LIBS@"
|
||||
|
||||
static=0
|
||||
show_cflags=0
|
||||
show_libs=0
|
||||
while [ "$#" != 0 ]
|
||||
do
|
||||
case "$1" in
|
||||
|
||||
--static)
|
||||
static=1
|
||||
;;
|
||||
|
||||
--cflags)
|
||||
show_cflags=1
|
||||
;;
|
||||
|
||||
--libs)
|
||||
show_libs=1
|
||||
;;
|
||||
|
||||
--additional-libs)
|
||||
show_additional_libs=1
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
if [ "$V_RPATH_OPT" != "" ]
|
||||
then
|
||||
#
|
||||
# If libdir isn't /usr/lib, add it to the run-time linker path.
|
||||
#
|
||||
if [ "$libdir" != "/usr/lib" ]
|
||||
then
|
||||
RPATH=$V_RPATH_OPT$libdir
|
||||
fi
|
||||
fi
|
||||
if [ "$static" = 1 ]
|
||||
then
|
||||
#
|
||||
# Include LIBS so that the flags include libraries containing
|
||||
# routines that libpcap uses.
|
||||
#
|
||||
if [ "$show_cflags" = 1 -a "$show_libs" = 1 ]
|
||||
then
|
||||
echo "-I$includedir -L$libdir -lpcap $LIBS"
|
||||
elif [ "$show_cflags" = 1 -a "$show_additional_libs" = 1 ]
|
||||
then
|
||||
echo "-I$includedir -L$libdir $LIBS"
|
||||
elif [ "$show_cflags" = 1 ]
|
||||
then
|
||||
echo "-I$includedir"
|
||||
elif [ "$show_libs" = 1 ]
|
||||
then
|
||||
echo "-L$libdir -lpcap $LIBS"
|
||||
elif [ "$show_additional_libs" = 1 ]
|
||||
then
|
||||
echo "$LIBS"
|
||||
fi
|
||||
else
|
||||
#
|
||||
# Omit LIBS - libpcap is assumed to be linked with those
|
||||
# libraries, so there's no need to do so explicitly.
|
||||
#
|
||||
if [ "$show_cflags" = 1 -a "$show_libs" = 1 ]
|
||||
then
|
||||
echo "-I$includedir -L$libdir $RPATH -lpcap"
|
||||
elif [ "$show_cflags" = 1 -a "$show_additional_libs" = 1 ]
|
||||
then
|
||||
echo "-I$includedir"
|
||||
elif [ "$show_cflags" = 1 ]
|
||||
then
|
||||
echo "-I$includedir"
|
||||
elif [ "$show_libs" = 1 ]
|
||||
then
|
||||
echo "-L$libdir $RPATH -lpcap"
|
||||
fi
|
||||
fi
|
1098
pcap-dag.c
1098
pcap-dag.c
File diff suppressed because it is too large
Load Diff
98
pcap-dag.h
98
pcap-dag.h
|
@ -7,8 +7,102 @@
|
|||
*
|
||||
* Author: Richard Littin, Sean Irvine ({richard,sean}@reeltwo.com)
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-dag.h,v 1.3 2003-07-25 05:32:03 guy Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-dag.h,v 1.7 2008-04-04 19:37:45 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
pcap_t *dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebuf);
|
||||
pcap_t *dag_create(const char *, char *);
|
||||
int dag_platform_finddevs(pcap_if_t **devlistp, char *errbuf);
|
||||
|
||||
#ifndef TYPE_AAL5
|
||||
#define TYPE_AAL5 4
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_MC_HDLC
|
||||
#define TYPE_MC_HDLC 5
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_MC_RAW
|
||||
#define TYPE_MC_RAW 6
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_MC_ATM
|
||||
#define TYPE_MC_ATM 7
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_MC_RAW_CHANNEL
|
||||
#define TYPE_MC_RAW_CHANNEL 8
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_MC_AAL5
|
||||
#define TYPE_MC_AAL5 9
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_COLOR_HDLC_POS
|
||||
#define TYPE_COLOR_HDLC_POS 10
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_COLOR_ETH
|
||||
#define TYPE_COLOR_ETH 11
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_MC_AAL2
|
||||
#define TYPE_MC_AAL2 12
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_IP_COUNTER
|
||||
#define TYPE_IP_COUNTER 13
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_TCP_FLOW_COUNTER
|
||||
#define TYPE_TCP_FLOW_COUNTER 14
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_DSM_COLOR_HDLC_POS
|
||||
#define TYPE_DSM_COLOR_HDLC_POS 15
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_DSM_COLOR_ETH
|
||||
#define TYPE_DSM_COLOR_ETH 16
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_COLOR_MC_HDLC_POS
|
||||
#define TYPE_COLOR_MC_HDLC_POS 17
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_AAL2
|
||||
#define TYPE_AAL2 18
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_COLOR_HASH_POS
|
||||
#define TYPE_COLOR_HASH_POS 19
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_COLOR_HASH_ETH
|
||||
#define TYPE_COLOR_HASH_ETH 20
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_INFINIBAND
|
||||
#define TYPE_INFINIBAND 21
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_IPV4
|
||||
#define TYPE_IPV4 22
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_IPV6
|
||||
#define TYPE_IPV6 23
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_RAW_LINK
|
||||
#define TYPE_RAW_LINK 24
|
||||
#endif
|
||||
|
||||
#ifndef TYPE_INFINIBAND_LINK
|
||||
#define TYPE_INFINIBAND_LINK 25
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
#ifndef TYPE_PAD
|
||||
#define TYPE_PAD 48
|
||||
#endif
|
||||
|
|
|
@ -0,0 +1,256 @@
|
|||
/*
|
||||
* Copyright (C) 2009 Patrick McHardy <kaber@trash.net>
|
||||
*
|
||||
* Licensed under the same license as libpcap itself.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "pcap-int.h"
|
||||
#include "pcap-dect-linux.h"
|
||||
|
||||
#ifdef NEED_STRERROR_H
|
||||
#include "strerror.h"
|
||||
#endif
|
||||
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdbool.h>
|
||||
#include <stdint.h>
|
||||
#include <unistd.h>
|
||||
#include <string.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
|
||||
#include <linux/types.h>
|
||||
#include <linux/dect.h>
|
||||
#include <linux/netlink.h>
|
||||
#include <netlink/cache.h>
|
||||
#include <netlink/dect/cell.h>
|
||||
|
||||
#define PF_DECT 38
|
||||
#define AF_DECT PF_DECT
|
||||
#define SOL_DECT 279
|
||||
|
||||
struct cb_args {
|
||||
pcap_if_t **alldevsp;
|
||||
char *err_str;
|
||||
bool err;
|
||||
};
|
||||
|
||||
static void add_cell_cb(struct nl_object *obj, void *arg)
|
||||
{
|
||||
struct cb_args *args = arg;
|
||||
char dev_name[32];
|
||||
|
||||
if (args->err)
|
||||
return;
|
||||
|
||||
snprintf(dev_name, sizeof(dev_name), "dect-%s",
|
||||
nl_dect_cell_get_name((struct nl_dect_cell *)obj));
|
||||
|
||||
if (pcap_add_if(args->alldevsp, dev_name, 0, NULL, args->err_str) < 0)
|
||||
args->err = true;
|
||||
}
|
||||
|
||||
int dect_platform_finddevs(pcap_if_t **alldevsp, char *err_str)
|
||||
{
|
||||
struct nl_sock *sock;
|
||||
struct nl_cache *cell_cache;
|
||||
struct cb_args args = {
|
||||
.alldevsp = alldevsp,
|
||||
.err_str = err_str,
|
||||
};
|
||||
|
||||
sock = nl_socket_alloc();
|
||||
if (sock == NULL) {
|
||||
snprintf(err_str, PCAP_ERRBUF_SIZE, "socket: %s",
|
||||
pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
if (nl_connect(sock, NETLINK_DECT) < 0) {
|
||||
snprintf(err_str, PCAP_ERRBUF_SIZE, "connect: %s",
|
||||
pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
if (nl_dect_cell_alloc_cache(sock, &cell_cache) < 0) {
|
||||
snprintf(err_str, PCAP_ERRBUF_SIZE, "cache: %s",
|
||||
pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
nl_cache_foreach(cell_cache, add_cell_cb, &args);
|
||||
nl_socket_free(sock);
|
||||
|
||||
return args.err ? -1 : 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* compatible header to what wireshark is expecting from the CoA
|
||||
* character device for now.
|
||||
*/
|
||||
struct dect_dummy_hdr {
|
||||
uint8_t etheraddrs[2 * 6];
|
||||
uint16_t ethertype;
|
||||
|
||||
uint8_t trxmode;
|
||||
uint8_t channel;
|
||||
uint16_t slot;
|
||||
uint8_t frame;
|
||||
uint8_t rssi;
|
||||
uint8_t preamble[3];
|
||||
uint16_t packettype;
|
||||
} __attribute__((packed));
|
||||
|
||||
static int dect_read_linux(pcap_t *handle, int max_packets,
|
||||
pcap_handler callback, u_char *user)
|
||||
{
|
||||
struct pcap_pkthdr hdr;
|
||||
struct dect_dummy_hdr *dhdr;
|
||||
struct iovec iov;
|
||||
struct msghdr msg;
|
||||
struct dect_raw_auxdata *aux;
|
||||
struct cmsghdr *cmsg;
|
||||
union {
|
||||
struct cmsghdr cmsg;
|
||||
char buf[CMSG_SPACE(sizeof(*aux))];
|
||||
} cmsg_buf;
|
||||
ssize_t len;
|
||||
|
||||
/* refuse anything below dummy header size for simplicity */
|
||||
if (handle->bufsize < sizeof(*dhdr))
|
||||
return -1;
|
||||
|
||||
dhdr = (struct dect_dummy_hdr *)handle->buffer;
|
||||
memset(dhdr, 0, sizeof(*dhdr));
|
||||
dhdr->ethertype = 0x2323;
|
||||
dhdr->trxmode = 0;
|
||||
dhdr->channel = 0;
|
||||
|
||||
msg.msg_name = NULL;
|
||||
msg.msg_namelen = 0;
|
||||
msg.msg_iov = &iov;
|
||||
msg.msg_iovlen = 1;
|
||||
msg.msg_control = &cmsg_buf;
|
||||
msg.msg_controllen = sizeof(cmsg_buf);
|
||||
msg.msg_flags = 0;
|
||||
|
||||
iov.iov_len = handle->bufsize - sizeof(*dhdr);
|
||||
iov.iov_base = handle->buffer + sizeof(*dhdr);
|
||||
|
||||
do {
|
||||
if (handle->break_loop) {
|
||||
handle->break_loop = 0;
|
||||
return -2;
|
||||
}
|
||||
|
||||
len = recvmsg(handle->fd, &msg, 0);
|
||||
} while (len == -1 && (errno == EINTR || errno == ENETDOWN));
|
||||
|
||||
if (len == -1) {
|
||||
if (errno == EAGAIN)
|
||||
return 0;
|
||||
else {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"recvfrom: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
for (cmsg = CMSG_FIRSTHDR(&msg); cmsg != NULL;
|
||||
cmsg = CMSG_NXTHDR(&msg, cmsg)) {
|
||||
if (cmsg->cmsg_level != SOL_DECT ||
|
||||
cmsg->cmsg_type != DECT_RAW_AUXDATA ||
|
||||
cmsg->cmsg_len < CMSG_LEN(sizeof(*aux)))
|
||||
continue;
|
||||
|
||||
aux = (struct dect_raw_auxdata *)CMSG_DATA(cmsg);
|
||||
dhdr->slot = htons(aux->slot);
|
||||
dhdr->rssi = aux->rssi;
|
||||
dhdr->frame = aux->frame;
|
||||
if (aux->slot < 12)
|
||||
dhdr->packettype = htons(0xe98a);
|
||||
else
|
||||
dhdr->packettype = htons(0x1675);
|
||||
}
|
||||
|
||||
gettimeofday(&hdr.ts, NULL);
|
||||
hdr.caplen = len + sizeof(*dhdr);
|
||||
hdr.len = len + sizeof(*dhdr);
|
||||
callback(user, &hdr, handle->buffer);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int dect_setfilter_linux(pcap_t *handle, struct bpf_program *fp)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dect_setdirection_linux(pcap_t *handle, pcap_direction_t d)
|
||||
{
|
||||
handle->direction = d;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int dect_activate(pcap_t *handle)
|
||||
{
|
||||
struct sockaddr_dect da;
|
||||
|
||||
handle->bufsize = handle->snapshot;
|
||||
handle->offset = 0;
|
||||
#if 0
|
||||
handle->linktype = DLT_DECT_LINUX;
|
||||
#else
|
||||
handle->linktype = DLT_EN10MB;
|
||||
#endif
|
||||
|
||||
handle->inject_op = NULL;
|
||||
handle->setfilter_op = dect_setfilter_linux;
|
||||
handle->setdirection_op = dect_setdirection_linux;
|
||||
handle->set_datalink_op = NULL;
|
||||
handle->getnonblock_op = pcap_getnonblock_fd;
|
||||
handle->setnonblock_op = pcap_setnonblock_fd;
|
||||
handle->read_op = dect_read_linux;
|
||||
|
||||
handle->fd = socket(PF_DECT, SOCK_RAW, 0);
|
||||
if (handle->fd < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't open PF_DECT socket: %s",
|
||||
pcap_strerror(errno));
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
memset(&da, 0, sizeof(da));
|
||||
da.dect_family = AF_DECT;
|
||||
if (bind(handle->fd, (struct sockaddr *)&da, sizeof(da)) < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't bind PF_DECT socket: %s",
|
||||
pcap_strerror(errno));
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
handle->selectable_fd = handle->fd;
|
||||
handle->buffer = malloc(handle->bufsize);
|
||||
if (!handle->buffer) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't allocate packet buffer: %s",
|
||||
pcap_strerror(errno));
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
pcap_t *dect_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return NULL;
|
||||
|
||||
p->activate_op = dect_activate;
|
||||
return p;
|
||||
}
|
|
@ -0,0 +1,2 @@
|
|||
int dect_platform_finddevs(pcap_if_t **alldevsp, char *err_str);
|
||||
pcap_t *dect_create(const char *device, char *ebuf);
|
822
pcap-dlpi.c
822
pcap-dlpi.c
File diff suppressed because it is too large
Load Diff
90
pcap-dos.c
90
pcap-dos.c
|
@ -1,11 +1,11 @@
|
|||
/*
|
||||
* This file is part of DOS-libpcap
|
||||
* Ported to DOS/DOSX by G. Vanem <giva@bgnett.no>
|
||||
* Ported to DOS/DOSX by G. Vanem <gvanem@broadpark.no>
|
||||
*
|
||||
* pcap-dos.c: Interface to PKTDRVR, NDIS2 and 32-bit pmode
|
||||
* network drivers.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-dos.c,v 1.1 2004-12-18 08:52:10 guy Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-dos.c,v 1.7 2008-04-22 17:16:30 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
|
@ -97,9 +97,10 @@ static volatile BOOL exc_occured = 0;
|
|||
|
||||
static struct device *handle_to_device [20];
|
||||
|
||||
static int pcap_activate_dos (pcap_t *p);
|
||||
static int pcap_read_dos (pcap_t *p, int cnt, pcap_handler callback,
|
||||
u_char *data);
|
||||
static void pcap_close_dos (pcap_t *p);
|
||||
static void pcap_cleanup_dos (pcap_t *p);
|
||||
static int pcap_stats_dos (pcap_t *p, struct pcap_stat *ps);
|
||||
static int pcap_sendpacket_dos (pcap_t *p, const void *buf, size_t len);
|
||||
static int pcap_setfilter_dos (pcap_t *p, struct bpf_program *fp);
|
||||
|
@ -142,58 +143,64 @@ static struct device *get_device (int fd)
|
|||
return handle_to_device [fd-1];
|
||||
}
|
||||
|
||||
pcap_t *pcap_create (const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = pcap_activate_dos;
|
||||
return (p);
|
||||
}
|
||||
|
||||
/*
|
||||
* Open MAC-driver with name 'device_name' for live capture of
|
||||
* network packets.
|
||||
*/
|
||||
pcap_t *pcap_open_live (const char *device_name, int snaplen, int promisc,
|
||||
int timeout_ms, char *errbuf)
|
||||
static int pcap_activate_dos (pcap_t *pcap)
|
||||
{
|
||||
struct pcap *pcap;
|
||||
|
||||
if (snaplen < ETH_MIN)
|
||||
snaplen = ETH_MIN;
|
||||
|
||||
if (snaplen > ETH_MAX) /* silently accept and truncate large MTUs */
|
||||
snaplen = ETH_MAX;
|
||||
|
||||
pcap = calloc (sizeof(*pcap), 1);
|
||||
if (!pcap)
|
||||
{
|
||||
strcpy (errbuf, "Not enough memory (pcap)");
|
||||
return (NULL);
|
||||
if (pcap->opt.rfmon) {
|
||||
/*
|
||||
* No monitor mode on DOS.
|
||||
*/
|
||||
return (PCAP_ERROR_RFMON_NOTSUP);
|
||||
}
|
||||
|
||||
pcap->snapshot = max (ETH_MIN+8, snaplen);
|
||||
if (pcap->snapshot < ETH_MIN+8)
|
||||
pcap->snapshot = ETH_MIN+8;
|
||||
|
||||
if (pcap->snapshot > ETH_MAX) /* silently accept and truncate large MTUs */
|
||||
pcap->snapshot = ETH_MAX;
|
||||
|
||||
pcap->linktype = DLT_EN10MB; /* !! */
|
||||
pcap->inter_packet_wait = timeout_ms;
|
||||
pcap->close_op = pcap_close_dos;
|
||||
pcap->cleanup_op = pcap_cleanup_dos;
|
||||
pcap->read_op = pcap_read_dos;
|
||||
pcap->stats_op = pcap_stats_dos;
|
||||
pcap->inject_op = pcap_sendpacket_dos;
|
||||
pcap->setfilter_op = pcap_setfilter_dos;
|
||||
pcap->setdirection_op = NULL; /* Not implemented.*/
|
||||
pcap->fd = ++ref_count;
|
||||
|
||||
if (pcap->fd == 1) /* first time we're called */
|
||||
{
|
||||
if (!init_watt32(pcap, device_name, errbuf) ||
|
||||
!first_init(device_name, errbuf, promisc))
|
||||
if (!init_watt32(pcap, pcap->opt.source, pcap->errbuf) ||
|
||||
!first_init(pcap->opt.source, pcap->errbuf, pcap->opt.promisc))
|
||||
{
|
||||
free (pcap);
|
||||
return (NULL);
|
||||
return (PCAP_ERROR);
|
||||
}
|
||||
atexit (close_driver);
|
||||
}
|
||||
else if (stricmp(active_dev->name,device_name))
|
||||
else if (stricmp(active_dev->name,pcap->opt.source))
|
||||
{
|
||||
snprintf (errbuf, PCAP_ERRBUF_SIZE,
|
||||
snprintf (pcap->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Cannot use different devices simultaneously "
|
||||
"(`%s' vs. `%s')", active_dev->name, device_name);
|
||||
free (pcap);
|
||||
pcap = NULL;
|
||||
"(`%s' vs. `%s')", active_dev->name, pcap->opt.source);
|
||||
return (PCAP_ERROR);
|
||||
}
|
||||
handle_to_device [pcap->fd-1] = active_dev;
|
||||
return (pcap);
|
||||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -204,15 +211,14 @@ static int
|
|||
pcap_read_one (pcap_t *p, pcap_handler callback, u_char *data)
|
||||
{
|
||||
struct pcap_pkthdr pcap;
|
||||
struct bpf_insn *fcode = p->fcode.bf_insns;
|
||||
struct timeval now, expiry;
|
||||
BYTE *rx_buf;
|
||||
int rx_len = 0;
|
||||
|
||||
if (p->inter_packet_wait > 0)
|
||||
if (p->md.timeout > 0)
|
||||
{
|
||||
gettimeofday2 (&now, NULL);
|
||||
expiry.tv_usec = now.tv_usec + 1000UL * p->inter_packet_wait;
|
||||
expiry.tv_usec = now.tv_usec + 1000UL * p->md.timeout;
|
||||
expiry.tv_sec = now.tv_sec;
|
||||
while (expiry.tv_usec >= 1000000L)
|
||||
{
|
||||
|
@ -257,7 +263,7 @@ pcap_read_one (pcap_t *p, pcap_handler callback, u_char *data)
|
|||
pcap.len = rx_len;
|
||||
|
||||
if (callback &&
|
||||
(!fcode || bpf_filter(fcode, rx_buf, pcap.len, pcap.caplen)))
|
||||
(!p->fcode.bf_insns || bpf_filter(p->fcode.bf_insns, rx_buf, pcap.len, pcap.caplen)))
|
||||
{
|
||||
filter_count++;
|
||||
|
||||
|
@ -284,7 +290,7 @@ pcap_read_one (pcap_t *p, pcap_handler callback, u_char *data)
|
|||
/* If not to wait for a packet or pcap_close() called from
|
||||
* e.g. SIGINT handler, exit loop now.
|
||||
*/
|
||||
if (p->inter_packet_wait <= 0 || (volatile int)p->fd <= 0)
|
||||
if (p->md.timeout <= 0 || (volatile int)p->fd <= 0)
|
||||
break;
|
||||
|
||||
gettimeofday2 (&now, NULL);
|
||||
|
@ -420,7 +426,7 @@ u_long pcap_filter_packets (void)
|
|||
/*
|
||||
* Close pcap device. Not called for offline captures.
|
||||
*/
|
||||
static void pcap_close_dos (pcap_t *p)
|
||||
static void pcap_cleanup_dos (pcap_t *p)
|
||||
{
|
||||
if (p && !exc_occured)
|
||||
{
|
||||
|
@ -476,7 +482,7 @@ int pcap_lookupnet (const char *device, bpf_u_int32 *localnet,
|
|||
{
|
||||
if (!_watt_is_init)
|
||||
{
|
||||
strcpy (errbuf, "pcap_open_offline() or pcap_open_live() must be "
|
||||
strcpy (errbuf, "pcap_open_offline() or pcap_activate() must be "
|
||||
"called first");
|
||||
return (-1);
|
||||
}
|
||||
|
@ -587,7 +593,7 @@ void pcap_set_wait (pcap_t *p, void (*yield)(void), int wait)
|
|||
if (p)
|
||||
{
|
||||
p->wait_proc = yield;
|
||||
p->inter_packet_wait = wait;
|
||||
p->md.timeout = wait;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -733,13 +739,13 @@ static void exc_handler (int sig)
|
|||
fprintf (stderr, "Catching signal %d.\n", sig);
|
||||
}
|
||||
exc_occured = 1;
|
||||
pcap_close_dos (NULL);
|
||||
pcap_cleanup_dos (NULL);
|
||||
}
|
||||
#endif /* __DJGPP__ */
|
||||
|
||||
|
||||
/*
|
||||
* Open the pcap device for the first client calling pcap_open_live()
|
||||
* Open the pcap device for the first client calling pcap_activate()
|
||||
*/
|
||||
static int first_init (const char *name, char *ebuf, int promisc)
|
||||
{
|
||||
|
@ -990,7 +996,7 @@ int EISA_bus = 0; /* Where is natural place for this? */
|
|||
* Application config hooks to set various driver parameters.
|
||||
*/
|
||||
|
||||
static struct config_table debug_tab[] = {
|
||||
static const struct config_table debug_tab[] = {
|
||||
{ "PKT.DEBUG", ARG_ATOI, &pcap_pkt_debug },
|
||||
{ "PKT.VECTOR", ARG_ATOX_W, NULL },
|
||||
{ "NDIS.DEBUG", ARG_ATOI, NULL },
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-enet.c,v 1.8 2003-11-15 23:24:02 guy Exp $";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-enet.c,v 1.9 2006-10-04 18:09:22 guy Exp $";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -22,7 +22,7 @@ static const char rcsid[] _U_ =
|
|||
#include <sys/socket.h>
|
||||
|
||||
#include <net/if.h>
|
||||
#include <pcap-bpf.h>
|
||||
#include <pcap/bpf.h>
|
||||
#include <net/enet.h>
|
||||
|
||||
#include <netinet/in.h>
|
||||
|
|
|
@ -0,0 +1,962 @@
|
|||
.\" @(#) $Header: /tcpdump/master/libpcap/pcap-filter.manmisc.in,v 1.1 2008-10-21 07:33:01 guy Exp $ (LBL)
|
||||
.\"
|
||||
.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that: (1) source code distributions
|
||||
.\" retain the above copyright notice and this paragraph in its entirety, (2)
|
||||
.\" distributions including binary code include the above copyright notice and
|
||||
.\" this paragraph in its entirety in the documentation or other materials
|
||||
.\" provided with the distribution, and (3) all advertising materials mentioning
|
||||
.\" features or use of this software display the following acknowledgement:
|
||||
.\" ``This product includes software developed by the University of California,
|
||||
.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
|
||||
.\" the University nor the names of its contributors may be used to endorse
|
||||
.\" or promote products derived from this software without specific prior
|
||||
.\" written permission.
|
||||
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
|
||||
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
.\"
|
||||
.TH PCAP-FILTER @MAN_MISC_INFO@ "6 January 2008"
|
||||
.SH NAME
|
||||
pcap-filter \- packet filter syntax
|
||||
.br
|
||||
.ad
|
||||
.SH DESCRIPTION
|
||||
.LP
|
||||
.B pcap_compile()
|
||||
is used to compile a string into a filter program.
|
||||
The resulting filter program can then be applied to
|
||||
some stream of packets to determine which packets will be supplied to
|
||||
.BR pcap_loop() ,
|
||||
.BR pcap_dispatch() ,
|
||||
.BR pcap_next() ,
|
||||
or
|
||||
.BR pcap_next_ex() .
|
||||
.LP
|
||||
The \fIfilter expression\fP consists of one or more
|
||||
.IR primitives .
|
||||
Primitives usually consist of an
|
||||
.I id
|
||||
(name or number) preceded by one or more qualifiers.
|
||||
There are three
|
||||
different kinds of qualifier:
|
||||
.IP \fItype\fP
|
||||
qualifiers say what kind of thing the id name or number refers to.
|
||||
Possible types are
|
||||
.BR host ,
|
||||
.B net ,
|
||||
.B port
|
||||
and
|
||||
.BR portrange .
|
||||
E.g., `host foo', `net 128.3', `port 20', `portrange 6000-6008'.
|
||||
If there is no type
|
||||
qualifier,
|
||||
.B host
|
||||
is assumed.
|
||||
.IP \fIdir\fP
|
||||
qualifiers specify a particular transfer direction to and/or from
|
||||
.IR id .
|
||||
Possible directions are
|
||||
.BR src ,
|
||||
.BR dst ,
|
||||
.BR "src or dst" ,
|
||||
.BR "src and dst" ,
|
||||
.BR ra ,
|
||||
.BR ta ,
|
||||
.BR addr1 ,
|
||||
.BR addr2 ,
|
||||
.BR addr3 ,
|
||||
and
|
||||
.BR addr4 .
|
||||
E.g., `src foo', `dst net 128.3', `src or dst port ftp-data'.
|
||||
If
|
||||
there is no dir qualifier,
|
||||
.B "src or dst"
|
||||
is assumed.
|
||||
The
|
||||
.BR ra ,
|
||||
.BR ta ,
|
||||
.BR addr1 ,
|
||||
.BR addr2 ,
|
||||
.BR addr3 ,
|
||||
and
|
||||
.B addr4
|
||||
qualifiers are only valid for IEEE 802.11 Wireless LAN link layers.
|
||||
For some link layers, such as SLIP and the ``cooked'' Linux capture mode
|
||||
used for the ``any'' device and for some other device types, the
|
||||
.B inbound
|
||||
and
|
||||
.B outbound
|
||||
qualifiers can be used to specify a desired direction.
|
||||
.IP \fIproto\fP
|
||||
qualifiers restrict the match to a particular protocol.
|
||||
Possible
|
||||
protos are:
|
||||
.BR ether ,
|
||||
.BR fddi ,
|
||||
.BR tr ,
|
||||
.BR wlan ,
|
||||
.BR ip ,
|
||||
.BR ip6 ,
|
||||
.BR arp ,
|
||||
.BR rarp ,
|
||||
.BR decnet ,
|
||||
.B tcp
|
||||
and
|
||||
.BR udp .
|
||||
E.g., `ether src foo', `arp net 128.3', `tcp port 21', `udp portrange
|
||||
7000-7009', `wlan addr2 0:2:3:4:5:6'.
|
||||
If there is
|
||||
no proto qualifier, all protocols consistent with the type are
|
||||
assumed.
|
||||
E.g., `src foo' means `(ip or arp or rarp) src foo'
|
||||
(except the latter is not legal syntax), `net bar' means `(ip or
|
||||
arp or rarp) net bar' and `port 53' means `(tcp or udp) port 53'.
|
||||
.LP
|
||||
[`fddi' is actually an alias for `ether'; the parser treats them
|
||||
identically as meaning ``the data link level used on the specified
|
||||
network interface.'' FDDI headers contain Ethernet-like source
|
||||
and destination addresses, and often contain Ethernet-like packet
|
||||
types, so you can filter on these FDDI fields just as with the
|
||||
analogous Ethernet fields.
|
||||
FDDI headers also contain other fields,
|
||||
but you cannot name them explicitly in a filter expression.
|
||||
.LP
|
||||
Similarly, `tr' and `wlan' are aliases for `ether'; the previous
|
||||
paragraph's statements about FDDI headers also apply to Token Ring
|
||||
and 802.11 wireless LAN headers. For 802.11 headers, the destination
|
||||
address is the DA field and the source address is the SA field; the
|
||||
BSSID, RA, and TA fields aren't tested.]
|
||||
.LP
|
||||
In addition to the above, there are some special `primitive' keywords
|
||||
that don't follow the pattern:
|
||||
.BR gateway ,
|
||||
.BR broadcast ,
|
||||
.BR less ,
|
||||
.B greater
|
||||
and arithmetic expressions.
|
||||
All of these are described below.
|
||||
.LP
|
||||
More complex filter expressions are built up by using the words
|
||||
.BR and ,
|
||||
.B or
|
||||
and
|
||||
.B not
|
||||
to combine primitives.
|
||||
E.g., `host foo and not port ftp and not port ftp-data'.
|
||||
To save typing, identical qualifier lists can be omitted.
|
||||
E.g.,
|
||||
`tcp dst port ftp or ftp-data or domain' is exactly the same as
|
||||
`tcp dst port ftp or tcp dst port ftp-data or tcp dst port domain'.
|
||||
.LP
|
||||
Allowable primitives are:
|
||||
.IP "\fBdst host \fIhost\fR"
|
||||
True if the IPv4/v6 destination field of the packet is \fIhost\fP,
|
||||
which may be either an address or a name.
|
||||
.IP "\fBsrc host \fIhost\fR"
|
||||
True if the IPv4/v6 source field of the packet is \fIhost\fP.
|
||||
.IP "\fBhost \fIhost\fP
|
||||
True if either the IPv4/v6 source or destination of the packet is \fIhost\fP.
|
||||
.IP
|
||||
Any of the above host expressions can be prepended with the keywords,
|
||||
\fBip\fP, \fBarp\fP, \fBrarp\fP, or \fBip6\fP as in:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBip host \fIhost\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
which is equivalent to:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBether proto \fI\\ip\fB and host \fIhost\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
If \fIhost\fR is a name with multiple IP addresses, each address will
|
||||
be checked for a match.
|
||||
.IP "\fBether dst \fIehost\fP
|
||||
True if the Ethernet destination address is \fIehost\fP.
|
||||
\fIEhost\fP
|
||||
may be either a name from /etc/ethers or a number (see
|
||||
.IR ethers (3N)
|
||||
for numeric format).
|
||||
.IP "\fBether src \fIehost\fP
|
||||
True if the Ethernet source address is \fIehost\fP.
|
||||
.IP "\fBether host \fIehost\fP
|
||||
True if either the Ethernet source or destination address is \fIehost\fP.
|
||||
.IP "\fBgateway\fP \fIhost\fP
|
||||
True if the packet used \fIhost\fP as a gateway.
|
||||
I.e., the Ethernet
|
||||
source or destination address was \fIhost\fP but neither the IP source
|
||||
nor the IP destination was \fIhost\fP.
|
||||
\fIHost\fP must be a name and
|
||||
must be found both by the machine's host-name-to-IP-address resolution
|
||||
mechanisms (host name file, DNS, NIS, etc.) and by the machine's
|
||||
host-name-to-Ethernet-address resolution mechanism (/etc/ethers, etc.).
|
||||
(An equivalent expression is
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBether host \fIehost \fBand not host \fIhost\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
which can be used with either names or numbers for \fIhost / ehost\fP.)
|
||||
This syntax does not work in IPv6-enabled configuration at this moment.
|
||||
.IP "\fBdst net \fInet\fR"
|
||||
True if the IPv4/v6 destination address of the packet has a network
|
||||
number of \fInet\fP.
|
||||
\fINet\fP may be either a name from the networks database
|
||||
(/etc/networks, etc.) or a network number.
|
||||
An IPv4 network number can be written as a dotted quad (e.g., 192.168.1.0),
|
||||
dotted triple (e.g., 192.168.1), dotted pair (e.g, 172.16), or single
|
||||
number (e.g., 10); the netmask is 255.255.255.255 for a dotted quad
|
||||
(which means that it's really a host match), 255.255.255.0 for a dotted
|
||||
triple, 255.255.0.0 for a dotted pair, or 255.0.0.0 for a single number.
|
||||
An IPv6 network number must be written out fully; the netmask is
|
||||
ff:ff:ff:ff:ff:ff:ff:ff, so IPv6 "network" matches are really always
|
||||
host matches, and a network match requires a netmask length.
|
||||
.IP "\fBsrc net \fInet\fR"
|
||||
True if the IPv4/v6 source address of the packet has a network
|
||||
number of \fInet\fP.
|
||||
.IP "\fBnet \fInet\fR"
|
||||
True if either the IPv4/v6 source or destination address of the packet has a network
|
||||
number of \fInet\fP.
|
||||
.IP "\fBnet \fInet\fR \fBmask \fInetmask\fR"
|
||||
True if the IPv4 address matches \fInet\fR with the specific \fInetmask\fR.
|
||||
May be qualified with \fBsrc\fR or \fBdst\fR.
|
||||
Note that this syntax is not valid for IPv6 \fInet\fR.
|
||||
.IP "\fBnet \fInet\fR/\fIlen\fR"
|
||||
True if the IPv4/v6 address matches \fInet\fR with a netmask \fIlen\fR
|
||||
bits wide.
|
||||
May be qualified with \fBsrc\fR or \fBdst\fR.
|
||||
.IP "\fBdst port \fIport\fR"
|
||||
True if the packet is ip/tcp, ip/udp, ip6/tcp or ip6/udp and has a
|
||||
destination port value of \fIport\fP.
|
||||
The \fIport\fP can be a number or a name used in /etc/services (see
|
||||
.IR tcp (4P)
|
||||
and
|
||||
.IR udp (4P)).
|
||||
If a name is used, both the port
|
||||
number and protocol are checked.
|
||||
If a number or ambiguous name is used,
|
||||
only the port number is checked (e.g., \fBdst port 513\fR will print both
|
||||
tcp/login traffic and udp/who traffic, and \fBport domain\fR will print
|
||||
both tcp/domain and udp/domain traffic).
|
||||
.IP "\fBsrc port \fIport\fR"
|
||||
True if the packet has a source port value of \fIport\fP.
|
||||
.IP "\fBport \fIport\fR"
|
||||
True if either the source or destination port of the packet is \fIport\fP.
|
||||
.IP "\fBdst portrange \fIport1\fB-\fIport2\fR"
|
||||
True if the packet is ip/tcp, ip/udp, ip6/tcp or ip6/udp and has a
|
||||
destination port value between \fIport1\fP and \fIport2\fP.
|
||||
.I port1
|
||||
and
|
||||
.I port2
|
||||
are interpreted in the same fashion as the
|
||||
.I port
|
||||
parameter for
|
||||
.BR port .
|
||||
.IP "\fBsrc portrange \fIport1\fB-\fIport2\fR"
|
||||
True if the packet has a source port value between \fIport1\fP and
|
||||
\fIport2\fP.
|
||||
.IP "\fBportrange \fIport1\fB-\fIport2\fR"
|
||||
True if either the source or destination port of the packet is between
|
||||
\fIport1\fP and \fIport2\fP.
|
||||
.IP
|
||||
Any of the above port or port range expressions can be prepended with
|
||||
the keywords, \fBtcp\fP or \fBudp\fP, as in:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBtcp src port \fIport\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
which matches only tcp packets whose source port is \fIport\fP.
|
||||
.IP "\fBless \fIlength\fR"
|
||||
True if the packet has a length less than or equal to \fIlength\fP.
|
||||
This is equivalent to:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBlen <= \fIlength\fP.
|
||||
.fi
|
||||
.in -.5i
|
||||
.IP "\fBgreater \fIlength\fR"
|
||||
True if the packet has a length greater than or equal to \fIlength\fP.
|
||||
This is equivalent to:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBlen >= \fIlength\fP.
|
||||
.fi
|
||||
.in -.5i
|
||||
.IP "\fBip proto \fIprotocol\fR"
|
||||
True if the packet is an IPv4 packet (see
|
||||
.IR ip (4P))
|
||||
of protocol type \fIprotocol\fP.
|
||||
\fIProtocol\fP can be a number or one of the names
|
||||
\fBicmp\fP, \fBicmp6\fP, \fBigmp\fP, \fBigrp\fP, \fBpim\fP, \fBah\fP,
|
||||
\fBesp\fP, \fBvrrp\fP, \fBudp\fP, or \fBtcp\fP.
|
||||
Note that the identifiers \fBtcp\fP, \fBudp\fP, and \fBicmp\fP are also
|
||||
keywords and must be escaped via backslash (\\), which is \\\\ in the C-shell.
|
||||
Note that this primitive does not chase the protocol header chain.
|
||||
.IP "\fBip6 proto \fIprotocol\fR"
|
||||
True if the packet is an IPv6 packet of protocol type \fIprotocol\fP.
|
||||
Note that this primitive does not chase the protocol header chain.
|
||||
.IP "\fBip6 protochain \fIprotocol\fR"
|
||||
True if the packet is IPv6 packet,
|
||||
and contains protocol header with type \fIprotocol\fR
|
||||
in its protocol header chain.
|
||||
For example,
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBip6 protochain 6\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
matches any IPv6 packet with TCP protocol header in the protocol header chain.
|
||||
The packet may contain, for example,
|
||||
authentication header, routing header, or hop-by-hop option header,
|
||||
between IPv6 header and TCP header.
|
||||
The BPF code emitted by this primitive is complex and
|
||||
cannot be optimized by the BPF optimizer code, so this can be somewhat
|
||||
slow.
|
||||
.IP "\fBip protochain \fIprotocol\fR"
|
||||
Equivalent to \fBip6 protochain \fIprotocol\fR, but this is for IPv4.
|
||||
.IP "\fBether broadcast\fR"
|
||||
True if the packet is an Ethernet broadcast packet.
|
||||
The \fIether\fP
|
||||
keyword is optional.
|
||||
.IP "\fBip broadcast\fR"
|
||||
True if the packet is an IPv4 broadcast packet.
|
||||
It checks for both the all-zeroes and all-ones broadcast conventions,
|
||||
and looks up the subnet mask on the interface on which the capture is
|
||||
being done.
|
||||
.IP
|
||||
If the subnet mask of the interface on which the capture is being done
|
||||
is not available, either because the interface on which capture is being
|
||||
done has no netmask or because the capture is being done on the Linux
|
||||
"any" interface, which can capture on more than one interface, this
|
||||
check will not work correctly.
|
||||
.IP "\fBether multicast\fR"
|
||||
True if the packet is an Ethernet multicast packet.
|
||||
The \fBether\fP
|
||||
keyword is optional.
|
||||
This is shorthand for `\fBether[0] & 1 != 0\fP'.
|
||||
.IP "\fBip multicast\fR"
|
||||
True if the packet is an IPv4 multicast packet.
|
||||
.IP "\fBip6 multicast\fR"
|
||||
True if the packet is an IPv6 multicast packet.
|
||||
.IP "\fBether proto \fIprotocol\fR"
|
||||
True if the packet is of ether type \fIprotocol\fR.
|
||||
\fIProtocol\fP can be a number or one of the names
|
||||
\fBip\fP, \fBip6\fP, \fBarp\fP, \fBrarp\fP, \fBatalk\fP, \fBaarp\fP,
|
||||
\fBdecnet\fP, \fBsca\fP, \fBlat\fP, \fBmopdl\fP, \fBmoprc\fP,
|
||||
\fBiso\fP, \fBstp\fP, \fBipx\fP, or \fBnetbeui\fP.
|
||||
Note these identifiers are also keywords
|
||||
and must be escaped via backslash (\\).
|
||||
.IP
|
||||
[In the case of FDDI (e.g., `\fBfddi protocol arp\fR'), Token Ring
|
||||
(e.g., `\fBtr protocol arp\fR'), and IEEE 802.11 wireless LANS (e.g.,
|
||||
`\fBwlan protocol arp\fR'), for most of those protocols, the
|
||||
protocol identification comes from the 802.2 Logical Link Control (LLC)
|
||||
header, which is usually layered on top of the FDDI, Token Ring, or
|
||||
802.11 header.
|
||||
.IP
|
||||
When filtering for most protocol identifiers on FDDI, Token Ring, or
|
||||
802.11, the filter checks only the protocol ID field of an LLC header
|
||||
in so-called SNAP format with an Organizational Unit Identifier (OUI) of
|
||||
0x000000, for encapsulated Ethernet; it doesn't check whether the packet
|
||||
is in SNAP format with an OUI of 0x000000.
|
||||
The exceptions are:
|
||||
.RS
|
||||
.TP
|
||||
\fBiso\fP
|
||||
the filter checks the DSAP (Destination Service Access Point) and
|
||||
SSAP (Source Service Access Point) fields of the LLC header;
|
||||
.TP
|
||||
\fBstp\fP and \fBnetbeui\fP
|
||||
the filter checks the DSAP of the LLC header;
|
||||
.TP
|
||||
\fBatalk\fP
|
||||
the filter checks for a SNAP-format packet with an OUI of 0x080007
|
||||
and the AppleTalk etype.
|
||||
.RE
|
||||
.IP
|
||||
In the case of Ethernet, the filter checks the Ethernet type field
|
||||
for most of those protocols. The exceptions are:
|
||||
.RS
|
||||
.TP
|
||||
\fBiso\fP, \fBstp\fP, and \fBnetbeui\fP
|
||||
the filter checks for an 802.3 frame and then checks the LLC header as
|
||||
it does for FDDI, Token Ring, and 802.11;
|
||||
.TP
|
||||
\fBatalk\fP
|
||||
the filter checks both for the AppleTalk etype in an Ethernet frame and
|
||||
for a SNAP-format packet as it does for FDDI, Token Ring, and 802.11;
|
||||
.TP
|
||||
\fBaarp\fP
|
||||
the filter checks for the AppleTalk ARP etype in either an Ethernet
|
||||
frame or an 802.2 SNAP frame with an OUI of 0x000000;
|
||||
.TP
|
||||
\fBipx\fP
|
||||
the filter checks for the IPX etype in an Ethernet frame, the IPX
|
||||
DSAP in the LLC header, the 802.3-with-no-LLC-header encapsulation of
|
||||
IPX, and the IPX etype in a SNAP frame.
|
||||
.RE
|
||||
.IP "\fBdecnet src \fIhost\fR"
|
||||
True if the DECNET source address is
|
||||
.IR host ,
|
||||
which may be an address of the form ``10.123'', or a DECNET host
|
||||
name.
|
||||
[DECNET host name support is only available on ULTRIX systems
|
||||
that are configured to run DECNET.]
|
||||
.IP "\fBdecnet dst \fIhost\fR"
|
||||
True if the DECNET destination address is
|
||||
.IR host .
|
||||
.IP "\fBdecnet host \fIhost\fR"
|
||||
True if either the DECNET source or destination address is
|
||||
.IR host .
|
||||
.IP "\fBifname \fIinterface\fR"
|
||||
True if the packet was logged as coming from the specified interface (applies
|
||||
only to packets logged by OpenBSD's or FreeBSD's
|
||||
.BR pf (4)).
|
||||
.IP "\fBon \fIinterface\fR"
|
||||
Synonymous with the
|
||||
.B ifname
|
||||
modifier.
|
||||
.IP "\fBrnr \fInum\fR"
|
||||
True if the packet was logged as matching the specified PF rule number
|
||||
(applies only to packets logged by OpenBSD's or FreeBSD's
|
||||
.BR pf (4)).
|
||||
.IP "\fBrulenum \fInum\fR"
|
||||
Synonymous with the
|
||||
.B rnr
|
||||
modifier.
|
||||
.IP "\fBreason \fIcode\fR"
|
||||
True if the packet was logged with the specified PF reason code. The known
|
||||
codes are:
|
||||
.BR match ,
|
||||
.BR bad-offset ,
|
||||
.BR fragment ,
|
||||
.BR short ,
|
||||
.BR normalize ,
|
||||
and
|
||||
.B memory
|
||||
(applies only to packets logged by OpenBSD's or FreeBSD's
|
||||
.BR pf (4)).
|
||||
.IP "\fBrset \fIname\fR"
|
||||
True if the packet was logged as matching the specified PF ruleset
|
||||
name of an anchored ruleset (applies only to packets logged by OpenBSD's
|
||||
or FreeBSD's
|
||||
.BR pf (4)).
|
||||
.IP "\fBruleset \fIname\fR"
|
||||
Synonomous with the
|
||||
.B rset
|
||||
modifier.
|
||||
.IP "\fBsrnr \fInum\fR"
|
||||
True if the packet was logged as matching the specified PF rule number
|
||||
of an anchored ruleset (applies only to packets logged by OpenBSD's or
|
||||
FreeBSD's
|
||||
.BR pf (4)).
|
||||
.IP "\fBsubrulenum \fInum\fR"
|
||||
Synonomous with the
|
||||
.B srnr
|
||||
modifier.
|
||||
.IP "\fBaction \fIact\fR"
|
||||
True if PF took the specified action when the packet was logged. Known actions
|
||||
are:
|
||||
.B pass
|
||||
and
|
||||
.B block
|
||||
and, with later versions of
|
||||
.BR pf (4)),
|
||||
.BR nat ,
|
||||
.BR rdr ,
|
||||
.B binat
|
||||
and
|
||||
.B scrub
|
||||
(applies only to packets logged by OpenBSD's or FreeBSD's
|
||||
.BR pf (4)).
|
||||
.IP "\fBwlan ra \fIehost\fR"
|
||||
True if the IEEE 802.11 RA is
|
||||
.IR ehost .
|
||||
The RA field is used in all frames except for management frames.
|
||||
.IP "\fBwlan ta \fIehost\fR"
|
||||
True if the IEEE 802.11 TA is
|
||||
.IR ehost .
|
||||
The TA field is used in all frames except for management frames and
|
||||
CTS (Clear To Send) and ACK (Acknowledgment) control frames.
|
||||
.IP "\fBwlan addr1 \fIehost\fR"
|
||||
True if the first IEEE 802.11 address is
|
||||
.IR ehost .
|
||||
.IP "\fBwlan addr2 \fIehost\fR"
|
||||
True if the second IEEE 802.11 address, if present, is
|
||||
.IR ehost .
|
||||
The second address field is used in all frames except for CTS (Clear To
|
||||
Send) and ACK (Acknowledgment) control frames.
|
||||
.IP "\fBwlan addr3 \fIehost\fR"
|
||||
True if the third IEEE 802.11 address, if present, is
|
||||
.IR ehost .
|
||||
The third address field is used in management and data frames, but not
|
||||
in control frames.
|
||||
.IP "\fBwlan addr4 \fIehost\fR"
|
||||
True if the fourth IEEE 802.11 address, if present, is
|
||||
.IR ehost .
|
||||
The fourth address field is only used for
|
||||
WDS (Wireless Distribution System) frames.
|
||||
.IP "\fBip\fR, \fBip6\fR, \fBarp\fR, \fBrarp\fR, \fBatalk\fR, \fBaarp\fR, \fBdecnet\fR, \fBiso\fR, \fBstp\fR, \fBipx\fR, \fBnetbeui\fP"
|
||||
Abbreviations for:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBether proto \fIp\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
where \fIp\fR is one of the above protocols.
|
||||
.IP "\fBlat\fR, \fBmoprc\fR, \fBmopdl\fR"
|
||||
Abbreviations for:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBether proto \fIp\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
where \fIp\fR is one of the above protocols.
|
||||
Note that not all applications using
|
||||
.BR pcap (3)
|
||||
currently know how to parse these protocols.
|
||||
.IP "\fBtype \fIwlan_type\fR"
|
||||
True if the IEEE 802.11 frame type matches the specified \fIwlan_type\fR.
|
||||
Valid \fIwlan_type\fRs are:
|
||||
\fBmgt\fP,
|
||||
\fBctl\fP
|
||||
and \fBdata\fP.
|
||||
.IP "\fBtype \fIwlan_type \fBsubtype \fIwlan_subtype\fR"
|
||||
True if the IEEE 802.11 frame type matches the specified \fIwlan_type\fR
|
||||
and frame subtype matches the specified \fIwlan_subtype\fR.
|
||||
.IP
|
||||
If the specified \fIwlan_type\fR is \fBmgt\fP,
|
||||
then valid \fIwlan_subtype\fRs are:
|
||||
\fBassoc-req\fP,
|
||||
\fBassoc-resp\fP,
|
||||
\fBreassoc-req\fP,
|
||||
\fBreassoc-resp\fP,
|
||||
\fBprobe-req\fP,
|
||||
\fBprobe-resp\fP,
|
||||
\fBbeacon\fP,
|
||||
\fBatim\fP,
|
||||
\fBdisassoc\fP,
|
||||
\fBauth\fP and
|
||||
\fBdeauth\fP.
|
||||
.IP
|
||||
If the specified \fIwlan_type\fR is \fBctl\fP,
|
||||
then valid \fIwlan_subtype\fRs are:
|
||||
\fBps-poll\fP,
|
||||
\fBrts\fP,
|
||||
\fBcts\fP,
|
||||
\fBack\fP,
|
||||
\fBcf-end\fP and
|
||||
\fBcf-end-ack\fP.
|
||||
.IP
|
||||
If the specified \fIwlan_type\fR is \fBdata\fP,
|
||||
then valid \fIwlan_subtype\fRs are:
|
||||
\fBdata\fP,
|
||||
\fBdata-cf-ack\fP,
|
||||
\fBdata-cf-poll\fP,
|
||||
\fBdata-cf-ack-poll\fP,
|
||||
\fBnull\fP,
|
||||
\fBcf-ack\fP,
|
||||
\fBcf-poll\fP,
|
||||
\fBcf-ack-poll\fP,
|
||||
\fBqos-data\fP,
|
||||
\fBqos-data-cf-ack\fP,
|
||||
\fBqos-data-cf-poll\fP,
|
||||
\fBqos-data-cf-ack-poll\fP,
|
||||
\fBqos\fP,
|
||||
\fBqos-cf-poll\fP and
|
||||
\fBqos-cf-ack-poll\fP.
|
||||
.IP "\fBsubtype \fIwlan_subtype\fR"
|
||||
True if the IEEE 802.11 frame subtype matches the specified \fIwlan_subtype\fR
|
||||
and frame has the type to which the specified \fIwlan_subtype\fR belongs.
|
||||
.IP "\fBdir \fIdir\fR"
|
||||
True if the IEEE 802.11 frame direction matches the specified
|
||||
.IR dir .
|
||||
Valid directions are:
|
||||
.BR nods ,
|
||||
.BR tods ,
|
||||
.BR fromds ,
|
||||
.BR dstods ,
|
||||
or a numeric value.
|
||||
.IP "\fBvlan \fI[vlan_id]\fR"
|
||||
True if the packet is an IEEE 802.1Q VLAN packet.
|
||||
If \fI[vlan_id]\fR is specified, only true if the packet has the specified
|
||||
\fIvlan_id\fR.
|
||||
Note that the first \fBvlan\fR keyword encountered in \fIexpression\fR
|
||||
changes the decoding offsets for the remainder of \fIexpression\fR on
|
||||
the assumption that the packet is a VLAN packet. The \fBvlan
|
||||
\fI[vlan_id]\fR expression may be used more than once, to filter on VLAN
|
||||
hierarchies. Each use of that expression increments the filter offsets
|
||||
by 4.
|
||||
.IP
|
||||
For example:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBvlan 100 && vlan 200\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
filters on VLAN 200 encapsulated within VLAN 100, and
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBvlan && vlan 300 && ip\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
filters IPv4 protocols encapsulated in VLAN 300 encapsulated within any
|
||||
higher order VLAN.
|
||||
.IP "\fBmpls \fI[label_num]\fR"
|
||||
True if the packet is an MPLS packet.
|
||||
If \fI[label_num]\fR is specified, only true is the packet has the specified
|
||||
\fIlabel_num\fR.
|
||||
Note that the first \fBmpls\fR keyword encountered in \fIexpression\fR
|
||||
changes the decoding offsets for the remainder of \fIexpression\fR on
|
||||
the assumption that the packet is a MPLS-encapsulated IP packet. The
|
||||
\fBmpls \fI[label_num]\fR expression may be used more than once, to
|
||||
filter on MPLS hierarchies. Each use of that expression increments the
|
||||
filter offsets by 4.
|
||||
.IP
|
||||
For example:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBmpls 100000 && mpls 1024\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
filters packets with an outer label of 100000 and an inner label of
|
||||
1024, and
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBmpls && mpls 1024 && host 192.9.200.1\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
filters packets to or from 192.9.200.1 with an inner label of 1024 and
|
||||
any outer label.
|
||||
.IP \fBpppoed\fP
|
||||
True if the packet is a PPP-over-Ethernet Discovery packet (Ethernet
|
||||
type 0x8863).
|
||||
.IP \fBpppoes\fP
|
||||
True if the packet is a PPP-over-Ethernet Session packet (Ethernet
|
||||
type 0x8864).
|
||||
Note that the first \fBpppoes\fR keyword encountered in \fIexpression\fR
|
||||
changes the decoding offsets for the remainder of \fIexpression\fR on
|
||||
the assumption that the packet is a PPPoE session packet.
|
||||
.IP
|
||||
For example:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBpppoes && ip\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
filters IPv4 protocols encapsulated in PPPoE.
|
||||
.IP "\fBtcp\fR, \fBudp\fR, \fBicmp\fR"
|
||||
Abbreviations for:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBip proto \fIp\fR\fB or ip6 proto \fIp\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
where \fIp\fR is one of the above protocols.
|
||||
.IP "\fBiso proto \fIprotocol\fR"
|
||||
True if the packet is an OSI packet of protocol type \fIprotocol\fP.
|
||||
\fIProtocol\fP can be a number or one of the names
|
||||
\fBclnp\fP, \fBesis\fP, or \fBisis\fP.
|
||||
.IP "\fBclnp\fR, \fBesis\fR, \fBisis\fR"
|
||||
Abbreviations for:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBiso proto \fIp\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
where \fIp\fR is one of the above protocols.
|
||||
.IP "\fBl1\fR, \fBl2\fR, \fBiih\fR, \fBlsp\fR, \fBsnp\fR, \fBcsnp\fR, \fBpsnp\fR"
|
||||
Abbreviations for IS-IS PDU types.
|
||||
.IP "\fBvpi\fP \fIn\fR
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, with a
|
||||
virtual path identifier of
|
||||
.IR n .
|
||||
.IP "\fBvci\fP \fIn\fR
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, with a
|
||||
virtual channel identifier of
|
||||
.IR n .
|
||||
.IP \fBlane\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
an ATM LANE packet.
|
||||
Note that the first \fBlane\fR keyword encountered in \fIexpression\fR
|
||||
changes the tests done in the remainder of \fIexpression\fR
|
||||
on the assumption that the packet is either a LANE emulated Ethernet
|
||||
packet or a LANE LE Control packet. If \fBlane\fR isn't specified, the
|
||||
tests are done under the assumption that the packet is an
|
||||
LLC-encapsulated packet.
|
||||
.IP \fBllc\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
an LLC-encapsulated packet.
|
||||
.IP \fBoamf4s\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
a segment OAM F4 flow cell (VPI=0 & VCI=3).
|
||||
.IP \fBoamf4e\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
an end-to-end OAM F4 flow cell (VPI=0 & VCI=4).
|
||||
.IP \fBoamf4\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
a segment or end-to-end OAM F4 flow cell (VPI=0 & (VCI=3 | VCI=4)).
|
||||
.IP \fBoam\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
a segment or end-to-end OAM F4 flow cell (VPI=0 & (VCI=3 | VCI=4)).
|
||||
.IP \fBmetac\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
on a meta signaling circuit (VPI=0 & VCI=1).
|
||||
.IP \fBbcc\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
on a broadcast signaling circuit (VPI=0 & VCI=2).
|
||||
.IP \fBsc\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
on a signaling circuit (VPI=0 & VCI=5).
|
||||
.IP \fBilmic\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
on an ILMI circuit (VPI=0 & VCI=16).
|
||||
.IP \fBconnectmsg\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
on a signaling circuit and is a Q.2931 Setup, Call Proceeding, Connect,
|
||||
Connect Ack, Release, or Release Done message.
|
||||
.IP \fBmetaconnect\fP
|
||||
True if the packet is an ATM packet, for SunATM on Solaris, and is
|
||||
on a meta signaling circuit and is a Q.2931 Setup, Call Proceeding, Connect,
|
||||
Release, or Release Done message.
|
||||
.IP "\fIexpr relop expr\fR"
|
||||
True if the relation holds, where \fIrelop\fR is one of >, <, >=, <=, =,
|
||||
!=, and \fIexpr\fR is an arithmetic expression composed of integer
|
||||
constants (expressed in standard C syntax), the normal binary operators
|
||||
[+, -, *, /, &, |, <<, >>], a length operator, and special packet data
|
||||
accessors. Note that all comparisons are unsigned, so that, for example,
|
||||
0x80000000 and 0xffffffff are > 0.
|
||||
To access
|
||||
data inside the packet, use the following syntax:
|
||||
.in +.5i
|
||||
.nf
|
||||
\fIproto\fB [ \fIexpr\fB : \fIsize\fB ]\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
\fIProto\fR is one of \fBether, fddi, tr, wlan, ppp, slip, link,
|
||||
ip, arp, rarp, tcp, udp, icmp, ip6\fR or \fBradio\fR, and
|
||||
indicates the protocol layer for the index operation.
|
||||
(\fBether, fddi, wlan, tr, ppp, slip\fR and \fBlink\fR all refer to the
|
||||
link layer. \fBradio\fR refers to the "radio header" added to some
|
||||
802.11 captures.)
|
||||
Note that \fItcp, udp\fR and other upper-layer protocol types only
|
||||
apply to IPv4, not IPv6 (this will be fixed in the future).
|
||||
The byte offset, relative to the indicated protocol layer, is
|
||||
given by \fIexpr\fR.
|
||||
\fISize\fR is optional and indicates the number of bytes in the
|
||||
field of interest; it can be either one, two, or four, and defaults to one.
|
||||
The length operator, indicated by the keyword \fBlen\fP, gives the
|
||||
length of the packet.
|
||||
|
||||
For example, `\fBether[0] & 1 != 0\fP' catches all multicast traffic.
|
||||
The expression `\fBip[0] & 0xf != 5\fP'
|
||||
catches all IPv4 packets with options.
|
||||
The expression
|
||||
`\fBip[6:2] & 0x1fff = 0\fP'
|
||||
catches only unfragmented IPv4 datagrams and frag zero of fragmented
|
||||
IPv4 datagrams.
|
||||
This check is implicitly applied to the \fBtcp\fP and \fBudp\fP
|
||||
index operations.
|
||||
For instance, \fBtcp[0]\fP always means the first
|
||||
byte of the TCP \fIheader\fP, and never means the first byte of an
|
||||
intervening fragment.
|
||||
|
||||
Some offsets and field values may be expressed as names rather than
|
||||
as numeric values.
|
||||
The following protocol header field offsets are
|
||||
available: \fBicmptype\fP (ICMP type field), \fBicmpcode\fP (ICMP
|
||||
code field), and \fBtcpflags\fP (TCP flags field).
|
||||
|
||||
The following ICMP type field values are available: \fBicmp-echoreply\fP,
|
||||
\fBicmp-unreach\fP, \fBicmp-sourcequench\fP, \fBicmp-redirect\fP,
|
||||
\fBicmp-echo\fP, \fBicmp-routeradvert\fP, \fBicmp-routersolicit\fP,
|
||||
\fBicmp-timxceed\fP, \fBicmp-paramprob\fP, \fBicmp-tstamp\fP,
|
||||
\fBicmp-tstampreply\fP, \fBicmp-ireq\fP, \fBicmp-ireqreply\fP,
|
||||
\fBicmp-maskreq\fP, \fBicmp-maskreply\fP.
|
||||
|
||||
The following TCP flags field values are available: \fBtcp-fin\fP,
|
||||
\fBtcp-syn\fP, \fBtcp-rst\fP, \fBtcp-push\fP,
|
||||
\fBtcp-ack\fP, \fBtcp-urg\fP.
|
||||
.LP
|
||||
Primitives may be combined using:
|
||||
.IP
|
||||
A parenthesized group of primitives and operators
|
||||
(parentheses are special to the Shell and must be escaped).
|
||||
.IP
|
||||
Negation (`\fB!\fP' or `\fBnot\fP').
|
||||
.IP
|
||||
Concatenation (`\fB&&\fP' or `\fBand\fP').
|
||||
.IP
|
||||
Alternation (`\fB||\fP' or `\fBor\fP').
|
||||
.LP
|
||||
Negation has highest precedence.
|
||||
Alternation and concatenation have equal precedence and associate
|
||||
left to right.
|
||||
Note that explicit \fBand\fR tokens, not juxtaposition,
|
||||
are now required for concatenation.
|
||||
.LP
|
||||
If an identifier is given without a keyword, the most recent keyword
|
||||
is assumed.
|
||||
For example,
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBnot host vs and ace\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
is short for
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBnot host vs and host ace\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
which should not be confused with
|
||||
.in +.5i
|
||||
.nf
|
||||
\fBnot ( host vs or ace )\fR
|
||||
.fi
|
||||
.in -.5i
|
||||
.SH EXAMPLES
|
||||
.LP
|
||||
To select all packets arriving at or departing from \fIsundown\fP:
|
||||
.RS
|
||||
.nf
|
||||
\fBhost sundown\fP
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select traffic between \fIhelios\fR and either \fIhot\fR or \fIace\fR:
|
||||
.RS
|
||||
.nf
|
||||
\fBhost helios and \\( hot or ace \\)\fP
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select all IP packets between \fIace\fR and any host except \fIhelios\fR:
|
||||
.RS
|
||||
.nf
|
||||
\fBip host ace and not helios\fP
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select all traffic between local hosts and hosts at Berkeley:
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
net ucb-ether
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select all ftp traffic through internet gateway \fIsnup\fP:
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
gateway snup and (port ftp or ftp-data)
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select traffic neither sourced from nor destined for local hosts
|
||||
(if you gateway to one other net, this stuff should never make it
|
||||
onto your local net).
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
ip and not net \fIlocalnet\fP
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select the start and end packets (the SYN and FIN packets) of each
|
||||
TCP conversation that involves a non-local host.
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 and not src and dst net \fIlocalnet\fP
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select all IPv4 HTTP packets to and from port 80, i.e. print only
|
||||
packets that contain data, not, for example, SYN and FIN packets and
|
||||
ACK-only packets. (IPv6 is left as an exercise for the reader.)
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select IP packets longer than 576 bytes sent through gateway \fIsnup\fP:
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
gateway snup and ip[2:2] > 576
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select IP broadcast or multicast packets that were
|
||||
.I not
|
||||
sent via Ethernet broadcast or multicast:
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
ether[0] & 1 = 0 and ip[16] >= 224
|
||||
.fi
|
||||
.RE
|
||||
.LP
|
||||
To select all ICMP packets that are not echo requests/replies (i.e., not
|
||||
ping packets):
|
||||
.RS
|
||||
.nf
|
||||
.B
|
||||
icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply
|
||||
.fi
|
||||
.RE
|
||||
.SH "SEE ALSO"
|
||||
pcap(3PCAP)
|
||||
.SH AUTHORS
|
||||
The original authors are:
|
||||
.LP
|
||||
Van Jacobson,
|
||||
Craig Leres and
|
||||
Steven McCanne, all of the
|
||||
Lawrence Berkeley National Laboratory, University of California, Berkeley, CA.
|
||||
.LP
|
||||
It is currently being maintained by tcpdump.org.
|
||||
.LP
|
||||
The current version of libpcap is available via http:
|
||||
.LP
|
||||
.RS
|
||||
.I http://www.tcpdump.org/
|
||||
.RE
|
||||
.LP
|
||||
The original distribution is available via anonymous ftp:
|
||||
.LP
|
||||
.RS
|
||||
.I ftp://ftp.ee.lbl.gov/tcpdump.tar.Z
|
||||
.RE
|
||||
.SH BUGS
|
||||
Please send problems, bugs, questions, desirable enhancements, etc. to:
|
||||
.LP
|
||||
.RS
|
||||
tcpdump-workers@lists.tcpdump.org
|
||||
.RE
|
||||
.LP
|
||||
Filter expressions on fields other than those in Token Ring headers will
|
||||
not correctly handle source-routed Token Ring packets.
|
||||
.LP
|
||||
Filter expressions on fields other than those in 802.11 headers will not
|
||||
correctly handle 802.11 data packets with both To DS and From DS set.
|
||||
.LP
|
||||
.BR "ip6 proto"
|
||||
should chase header chain, but at this moment it does not.
|
||||
.BR "ip6 protochain"
|
||||
is supplied for this behavior.
|
||||
.LP
|
||||
Arithmetic expression against transport layer headers, like \fBtcp[0]\fP,
|
||||
does not work against IPv6 packets.
|
||||
It only looks at IPv4 packets.
|
257
pcap-int.h
257
pcap-int.h
|
@ -30,20 +30,25 @@
|
|||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-int.h,v 1.70 2005-04-07 02:47:34 guy Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-int.h,v 1.94 2008-09-16 00:20:23 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
#ifndef pcap_int_h
|
||||
#define pcap_int_h
|
||||
#define pcap_int_h
|
||||
|
||||
#include <pcap/pcap.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#include <pcap.h>
|
||||
#ifdef HAVE_LIBDLPI
|
||||
#include <libdlpi.h>
|
||||
#endif
|
||||
|
||||
#ifdef WIN32
|
||||
#include <packet32.h>
|
||||
#include <Packet32.h>
|
||||
extern CRITICAL_SECTION g_PcapCompileCriticalSection;
|
||||
#endif /* WIN32 */
|
||||
|
||||
#ifdef MSDOS
|
||||
|
@ -51,6 +56,42 @@ extern "C" {
|
|||
#include <io.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SNF_API
|
||||
#include <snf.h>
|
||||
#endif
|
||||
|
||||
#if (defined(_MSC_VER) && (_MSC_VER <= 1200)) /* we are compiling with Visual Studio 6, that doesn't support the LL suffix*/
|
||||
|
||||
/*
|
||||
* Swap byte ordering of unsigned long long timestamp on a big endian
|
||||
* machine.
|
||||
*/
|
||||
#define SWAPLL(ull) ((ull & 0xff00000000000000) >> 56) | \
|
||||
((ull & 0x00ff000000000000) >> 40) | \
|
||||
((ull & 0x0000ff0000000000) >> 24) | \
|
||||
((ull & 0x000000ff00000000) >> 8) | \
|
||||
((ull & 0x00000000ff000000) << 8) | \
|
||||
((ull & 0x0000000000ff0000) << 24) | \
|
||||
((ull & 0x000000000000ff00) << 40) | \
|
||||
((ull & 0x00000000000000ff) << 56)
|
||||
|
||||
#else /* A recent Visual studio compiler or not VC */
|
||||
|
||||
/*
|
||||
* Swap byte ordering of unsigned long long timestamp on a big endian
|
||||
* machine.
|
||||
*/
|
||||
#define SWAPLL(ull) ((ull & 0xff00000000000000LL) >> 56) | \
|
||||
((ull & 0x00ff000000000000LL) >> 40) | \
|
||||
((ull & 0x0000ff0000000000LL) >> 24) | \
|
||||
((ull & 0x000000ff00000000LL) >> 8) | \
|
||||
((ull & 0x00000000ff000000LL) << 8) | \
|
||||
((ull & 0x0000000000ff0000LL) << 24) | \
|
||||
((ull & 0x000000000000ff00LL) << 40) | \
|
||||
((ull & 0x00000000000000ffLL) << 56)
|
||||
|
||||
#endif /* _MSC_VER */
|
||||
|
||||
/*
|
||||
* Savefile
|
||||
*/
|
||||
|
@ -60,16 +101,26 @@ typedef enum {
|
|||
MAYBE_SWAPPED
|
||||
} swapped_type_t;
|
||||
|
||||
/*
|
||||
* Used when reading a savefile.
|
||||
*/
|
||||
struct pcap_sf {
|
||||
FILE *rfile;
|
||||
int (*next_packet_op)(pcap_t *, struct pcap_pkthdr *, u_char **);
|
||||
int swapped;
|
||||
int hdrsize;
|
||||
size_t hdrsize;
|
||||
swapped_type_t lengths_swapped;
|
||||
int version_major;
|
||||
int version_minor;
|
||||
u_char *base;
|
||||
bpf_u_int32 ifcount; /* number of interfaces seen in this capture */
|
||||
u_int tsresol; /* time stamp resolution */
|
||||
u_int tsscale; /* scaling factor for resolution -> microseconds */
|
||||
u_int64_t tsoffset; /* time stamp offset */
|
||||
};
|
||||
|
||||
/*
|
||||
* Used when doing a live capture.
|
||||
*/
|
||||
struct pcap_md {
|
||||
struct pcap_stat stat;
|
||||
/*XXX*/
|
||||
|
@ -80,48 +131,138 @@ struct pcap_md {
|
|||
long TotMissed; /* missed by i/f during this run */
|
||||
long OrigMissed; /* missed by i/f before this run */
|
||||
char *device; /* device name */
|
||||
int timeout; /* timeout for buffering */
|
||||
int must_do_on_close; /* stuff we must do when we close */
|
||||
struct pcap *next; /* list of open pcaps that need stuff cleared on close */
|
||||
#ifdef linux
|
||||
int sock_packet; /* using Linux 2.0 compatible interface */
|
||||
int timeout; /* timeout specified to pcap_open_live */
|
||||
int clear_promisc; /* must clear promiscuous mode when we close */
|
||||
int cooked; /* using SOCK_DGRAM rather than SOCK_RAW */
|
||||
int ifindex; /* interface index of device we're bound to */
|
||||
int lo_ifindex; /* interface index of the loopback device */
|
||||
struct pcap *next; /* list of open promiscuous sock_packet pcaps */
|
||||
#endif
|
||||
u_int packets_read; /* count of packets read with recvfrom() */
|
||||
bpf_u_int32 oldmode; /* mode to restore when turning monitor mode off */
|
||||
char *mondevice; /* mac80211 monitor device we created */
|
||||
u_char *mmapbuf; /* memory-mapped region pointer */
|
||||
size_t mmapbuflen; /* size of region */
|
||||
u_int tp_version; /* version of tpacket_hdr for mmaped ring */
|
||||
u_int tp_hdrlen; /* hdrlen of tpacket_hdr for mmaped ring */
|
||||
u_char *oneshot_buffer; /* buffer for copy of packet */
|
||||
long proc_dropped; /* packets reported dropped by /proc/net/dev */
|
||||
#endif /* linux */
|
||||
|
||||
#ifdef HAVE_DAG_API
|
||||
#ifdef HAVE_DAG_STREAMS_API
|
||||
u_char *dag_mem_bottom; /* DAG card current memory bottom pointer */
|
||||
u_char *dag_mem_top; /* DAG card current memory top pointer */
|
||||
#else /* HAVE_DAG_STREAMS_API */
|
||||
void *dag_mem_base; /* DAG card memory base address */
|
||||
u_int dag_mem_bottom; /* DAG card current memory bottom pointer */
|
||||
u_int dag_mem_top; /* DAG card current memory top pointer */
|
||||
u_int dag_mem_bottom; /* DAG card current memory bottom offset */
|
||||
u_int dag_mem_top; /* DAG card current memory top offset */
|
||||
#endif /* HAVE_DAG_STREAMS_API */
|
||||
int dag_fcs_bits; /* Number of checksum bits from link layer */
|
||||
int dag_offset_flags; /* Flags to pass to dag_offset(). */
|
||||
#endif
|
||||
int dag_stream; /* DAG stream number */
|
||||
int dag_timeout; /* timeout specified to pcap_open_live.
|
||||
* Same as in linux above, introduce
|
||||
* generally? */
|
||||
#endif /* HAVE_DAG_API */
|
||||
#ifdef HAVE_SNF_API
|
||||
snf_handle_t snf_handle; /* opaque device handle */
|
||||
snf_ring_t snf_ring; /* opaque device ring handle */
|
||||
int snf_timeout;
|
||||
int snf_boardnum;
|
||||
#endif /*HAVE_SNF_API*/
|
||||
|
||||
#ifdef HAVE_ZEROCOPY_BPF
|
||||
/*
|
||||
* Zero-copy read buffer -- for zero-copy BPF. 'buffer' above will
|
||||
* alternative between these two actual mmap'd buffers as required.
|
||||
* As there is a header on the front size of the mmap'd buffer, only
|
||||
* some of the buffer is exposed to libpcap as a whole via bufsize;
|
||||
* zbufsize is the true size. zbuffer tracks the current zbuf
|
||||
* assocated with buffer so that it can be used to decide which the
|
||||
* next buffer to read will be.
|
||||
*/
|
||||
u_char *zbuf1, *zbuf2, *zbuffer;
|
||||
u_int zbufsize;
|
||||
u_int zerocopy;
|
||||
u_int interrupted;
|
||||
struct timespec firstsel;
|
||||
/*
|
||||
* If there's currently a buffer being actively processed, then it is
|
||||
* referenced here; 'buffer' is also pointed at it, but offset by the
|
||||
* size of the header.
|
||||
*/
|
||||
struct bpf_zbuf_header *bzh;
|
||||
#endif /* HAVE_ZEROCOPY_BPF */
|
||||
};
|
||||
|
||||
/*
|
||||
* Stuff to do when we close.
|
||||
*/
|
||||
#define MUST_CLEAR_PROMISC 0x00000001 /* clear promiscuous mode */
|
||||
#define MUST_CLEAR_RFMON 0x00000002 /* clear rfmon (monitor) mode */
|
||||
#define MUST_DELETE_MONIF 0x00000004 /* delete monitor-mode interface */
|
||||
|
||||
struct pcap_opt {
|
||||
int buffer_size;
|
||||
char *source;
|
||||
int promisc;
|
||||
int rfmon;
|
||||
int tstamp_type;
|
||||
};
|
||||
|
||||
/*
|
||||
* Ultrix, DEC OSF/1^H^H^H^H^H^H^H^H^HDigital UNIX^H^H^H^H^H^H^H^H^H^H^H^H
|
||||
* Tru64 UNIX, and NetBSD pad to make everything line up on a nice boundary.
|
||||
* Tru64 UNIX, and some versions of NetBSD pad FDDI packets to make everything
|
||||
* line up on a nice boundary.
|
||||
*/
|
||||
#ifdef __NetBSD__
|
||||
#include <sys/param.h> /* needed to declare __NetBSD_Version__ */
|
||||
#endif
|
||||
|
||||
#if defined(ultrix) || defined(__osf__) || (defined(__NetBSD__) && __NetBSD_Version__ > 106000000)
|
||||
#define PCAP_FDDIPAD 3
|
||||
#endif
|
||||
|
||||
typedef int (*activate_op_t)(pcap_t *);
|
||||
typedef int (*can_set_rfmon_op_t)(pcap_t *);
|
||||
typedef int (*read_op_t)(pcap_t *, int cnt, pcap_handler, u_char *);
|
||||
typedef int (*inject_op_t)(pcap_t *, const void *, size_t);
|
||||
typedef int (*setfilter_op_t)(pcap_t *, struct bpf_program *);
|
||||
typedef int (*setdirection_op_t)(pcap_t *, pcap_direction_t);
|
||||
typedef int (*set_datalink_op_t)(pcap_t *, int);
|
||||
typedef int (*getnonblock_op_t)(pcap_t *, char *);
|
||||
typedef int (*setnonblock_op_t)(pcap_t *, int, char *);
|
||||
typedef int (*stats_op_t)(pcap_t *, struct pcap_stat *);
|
||||
#ifdef WIN32
|
||||
typedef int (*setbuff_op_t)(pcap_t *, int);
|
||||
typedef int (*setmode_op_t)(pcap_t *, int);
|
||||
typedef int (*setmintocopy_op_t)(pcap_t *, int);
|
||||
#endif
|
||||
typedef void (*cleanup_op_t)(pcap_t *);
|
||||
|
||||
struct pcap {
|
||||
#ifdef WIN32
|
||||
ADAPTER *adapter;
|
||||
LPPACKET Packet;
|
||||
int timeout;
|
||||
int nonblock;
|
||||
#else
|
||||
int fd;
|
||||
int selectable_fd;
|
||||
int send_fd;
|
||||
#endif /* WIN32 */
|
||||
|
||||
#ifdef HAVE_LIBDLPI
|
||||
dlpi_handle_t dlpi_hd;
|
||||
#endif
|
||||
int snapshot;
|
||||
int linktype;
|
||||
int linktype; /* Network linktype */
|
||||
int linktype_ext; /* Extended information stored in the linktype field of a file */
|
||||
int tzoff; /* timezone offset */
|
||||
int offset; /* offset for proper alignment */
|
||||
int activated; /* true if the capture is really started */
|
||||
int oldstyle; /* if we're opening with pcap_open_live() */
|
||||
|
||||
int break_loop; /* flag set to force break from packet-reading loop */
|
||||
|
||||
|
@ -130,12 +271,12 @@ struct pcap {
|
|||
#endif
|
||||
|
||||
#ifdef MSDOS
|
||||
int inter_packet_wait; /* offline: wait between packets */
|
||||
void (*wait_proc)(void); /* call proc while waiting */
|
||||
#endif
|
||||
|
||||
struct pcap_sf sf;
|
||||
struct pcap_md md;
|
||||
struct pcap_opt opt;
|
||||
|
||||
/*
|
||||
* Read buffer.
|
||||
|
@ -150,17 +291,38 @@ struct pcap {
|
|||
*/
|
||||
u_char *pkt;
|
||||
|
||||
/* We're accepting only packets in this direction/these directions. */
|
||||
pcap_direction_t direction;
|
||||
|
||||
/*
|
||||
* Methods.
|
||||
*/
|
||||
int (*read_op)(pcap_t *, int cnt, pcap_handler, u_char *);
|
||||
int (*inject_op)(pcap_t *, const void *, size_t);
|
||||
int (*setfilter_op)(pcap_t *, struct bpf_program *);
|
||||
int (*set_datalink_op)(pcap_t *, int);
|
||||
int (*getnonblock_op)(pcap_t *, char *);
|
||||
int (*setnonblock_op)(pcap_t *, int, char *);
|
||||
int (*stats_op)(pcap_t *, struct pcap_stat *);
|
||||
void (*close_op)(pcap_t *);
|
||||
activate_op_t activate_op;
|
||||
can_set_rfmon_op_t can_set_rfmon_op;
|
||||
read_op_t read_op;
|
||||
inject_op_t inject_op;
|
||||
setfilter_op_t setfilter_op;
|
||||
setdirection_op_t setdirection_op;
|
||||
set_datalink_op_t set_datalink_op;
|
||||
getnonblock_op_t getnonblock_op;
|
||||
setnonblock_op_t setnonblock_op;
|
||||
stats_op_t stats_op;
|
||||
|
||||
/*
|
||||
* Routine to use as callback for pcap_next()/pcap_next_ex().
|
||||
*/
|
||||
pcap_handler oneshot_callback;
|
||||
|
||||
#ifdef WIN32
|
||||
/*
|
||||
* These are, at least currently, specific to the Win32 NPF
|
||||
* driver.
|
||||
*/
|
||||
setbuff_op_t setbuff_op;
|
||||
setmode_op_t setmode_op;
|
||||
setmintocopy_op_t setmintocopy_op;
|
||||
#endif
|
||||
cleanup_op_t cleanup_op;
|
||||
|
||||
/*
|
||||
* Placeholder for filter code if bpf not in kernel.
|
||||
|
@ -170,14 +332,20 @@ struct pcap {
|
|||
char errbuf[PCAP_ERRBUF_SIZE + 1];
|
||||
int dlt_count;
|
||||
u_int *dlt_list;
|
||||
int tstamp_type_count;
|
||||
u_int *tstamp_type_list;
|
||||
|
||||
struct pcap_pkthdr pcap_header; /* This is needed for the pcap_next_ex() to work */
|
||||
};
|
||||
|
||||
/*
|
||||
* This is a timeval as stored in disk in a dumpfile.
|
||||
* This is a timeval as stored in a savefile.
|
||||
* It has to use the same types everywhere, independent of the actual
|
||||
* `struct timeval'
|
||||
* `struct timeval'; `struct timeval' has 32-bit tv_sec values on some
|
||||
* platforms and 64-bit tv_sec values on other platforms, and writing
|
||||
* out native `struct timeval' values would mean files could only be
|
||||
* read on systems with the same tv_sec size as the system on which
|
||||
* the file was written.
|
||||
*/
|
||||
|
||||
struct pcap_timeval {
|
||||
|
@ -186,7 +354,7 @@ struct pcap_timeval {
|
|||
};
|
||||
|
||||
/*
|
||||
* How a `pcap_pkthdr' is actually stored in the dumpfile.
|
||||
* This is a `pcap_pkthdr' as actually stored in a savefile.
|
||||
*
|
||||
* Do not change the format of this structure, in any way (this includes
|
||||
* changes that only affect the length of fields in this structure),
|
||||
|
@ -195,8 +363,8 @@ struct pcap_timeval {
|
|||
*
|
||||
* introduce a new structure for the new format;
|
||||
*
|
||||
* send mail to "tcpdump-workers@tcpdump.org", requesting a new
|
||||
* magic number for your new capture file format, and, when
|
||||
* send mail to "tcpdump-workers@lists.tcpdump.org", requesting
|
||||
* a new magic number for your new capture file format, and, when
|
||||
* you get the new magic number, put it in "savefile.c";
|
||||
*
|
||||
* use that magic number for save files with the changed record
|
||||
|
@ -206,9 +374,12 @@ struct pcap_timeval {
|
|||
* the old record header as well as files with the new record header
|
||||
* (using the magic number to determine the header format).
|
||||
*
|
||||
* Then supply the changes to "patches@tcpdump.org", so that future
|
||||
* versions of libpcap and programs that use it (such as tcpdump) will
|
||||
* be able to read your new capture file format.
|
||||
* Then supply the changes as a patch at
|
||||
*
|
||||
* http://sourceforge.net/projects/libpcap/
|
||||
*
|
||||
* so that future versions of libpcap and programs that use it (such as
|
||||
* tcpdump) will be able to read your new capture file format.
|
||||
*/
|
||||
|
||||
struct pcap_sf_pkthdr {
|
||||
|
@ -218,7 +389,7 @@ struct pcap_sf_pkthdr {
|
|||
};
|
||||
|
||||
/*
|
||||
* How a `pcap_pkthdr' is actually stored in dumpfiles written
|
||||
* How a `pcap_pkthdr' is actually stored in savefiles written
|
||||
* by some patched versions of libpcap (e.g. the ones in Red
|
||||
* Hat Linux 6.1 and 6.2).
|
||||
*
|
||||
|
@ -236,6 +407,16 @@ struct pcap_sf_patched_pkthdr {
|
|||
unsigned char pkt_type;
|
||||
};
|
||||
|
||||
/*
|
||||
* User data structure for the one-shot callback used for pcap_next()
|
||||
* and pcap_next_ex().
|
||||
*/
|
||||
struct oneshot_userdata {
|
||||
struct pcap_pkthdr *hdr;
|
||||
const u_char **pkt;
|
||||
pcap_t *pd;
|
||||
};
|
||||
|
||||
int yylex(void);
|
||||
|
||||
#ifndef min
|
||||
|
@ -273,7 +454,13 @@ int pcap_getnonblock_fd(pcap_t *, char *);
|
|||
int pcap_setnonblock_fd(pcap_t *p, int, char *);
|
||||
#endif
|
||||
|
||||
void pcap_close_common(pcap_t *);
|
||||
pcap_t *pcap_create_common(const char *, char *);
|
||||
int pcap_do_addexit(pcap_t *);
|
||||
void pcap_add_to_pcaps_to_close(pcap_t *);
|
||||
void pcap_remove_from_pcaps_to_close(pcap_t *);
|
||||
void pcap_cleanup_live_common(pcap_t *);
|
||||
int pcap_not_initialized(pcap_t *);
|
||||
int pcap_check_activated(pcap_t *);
|
||||
|
||||
/*
|
||||
* Internal interfaces for "pcap_findalldevs()".
|
||||
|
|
|
@ -0,0 +1,404 @@
|
|||
/*
|
||||
* Copyright (c) 1993, 1994, 1995, 1996, 1997
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that: (1) source code distributions
|
||||
* retain the above copyright notice and this paragraph in its entirety, (2)
|
||||
* distributions including binary code include the above copyright notice and
|
||||
* this paragraph in its entirety in the documentation or other materials
|
||||
* provided with the distribution, and (3) all advertising materials mentioning
|
||||
* features or use of this software display the following acknowledgement:
|
||||
* ``This product includes software developed by the University of California,
|
||||
* Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
|
||||
* the University nor the names of its contributors may be used to endorse
|
||||
* or promote products derived from this software without specific prior
|
||||
* written permission.
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
|
||||
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* This code contributed by Sagun Shakya (sagun.shakya@sun.com)
|
||||
*/
|
||||
/*
|
||||
* Packet capture routines for DLPI using libdlpi under SunOS 5.11.
|
||||
*/
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-libdlpi.c,v 1.6 2008-04-14 20:40:58 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/bufmod.h>
|
||||
#include <sys/stream.h>
|
||||
#include <libdlpi.h>
|
||||
#include <errno.h>
|
||||
#include <memory.h>
|
||||
#include <stropts.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "pcap-int.h"
|
||||
#include "dlpisubs.h"
|
||||
|
||||
/* Forwards. */
|
||||
static int dlpromiscon(pcap_t *, bpf_u_int32);
|
||||
static int pcap_read_libdlpi(pcap_t *, int, pcap_handler, u_char *);
|
||||
static int pcap_inject_libdlpi(pcap_t *, const void *, size_t);
|
||||
static void pcap_close_libdlpi(pcap_t *);
|
||||
static void pcap_libdlpi_err(const char *, const char *, int, char *);
|
||||
static void pcap_cleanup_libdlpi(pcap_t *);
|
||||
|
||||
/*
|
||||
* list_interfaces() will list all the network links that are
|
||||
* available on a system.
|
||||
*/
|
||||
static boolean_t list_interfaces(const char *, void *);
|
||||
|
||||
typedef struct linknamelist {
|
||||
char linkname[DLPI_LINKNAME_MAX];
|
||||
struct linknamelist *lnl_next;
|
||||
} linknamelist_t;
|
||||
|
||||
typedef struct linkwalk {
|
||||
linknamelist_t *lw_list;
|
||||
int lw_err;
|
||||
} linkwalk_t;
|
||||
|
||||
/*
|
||||
* The caller of this function should free the memory allocated
|
||||
* for each linknamelist_t "entry" allocated.
|
||||
*/
|
||||
static boolean_t
|
||||
list_interfaces(const char *linkname, void *arg)
|
||||
{
|
||||
linkwalk_t *lwp = arg;
|
||||
linknamelist_t *entry;
|
||||
|
||||
if ((entry = calloc(1, sizeof(linknamelist_t))) == NULL) {
|
||||
lwp->lw_err = ENOMEM;
|
||||
return (B_TRUE);
|
||||
}
|
||||
(void) strlcpy(entry->linkname, linkname, DLPI_LINKNAME_MAX);
|
||||
|
||||
if (lwp->lw_list == NULL) {
|
||||
lwp->lw_list = entry;
|
||||
} else {
|
||||
entry->lnl_next = lwp->lw_list;
|
||||
lwp->lw_list = entry;
|
||||
}
|
||||
|
||||
return (B_FALSE);
|
||||
}
|
||||
|
||||
static int
|
||||
pcap_activate_libdlpi(pcap_t *p)
|
||||
{
|
||||
int retv;
|
||||
dlpi_handle_t dh;
|
||||
dlpi_info_t dlinfo;
|
||||
int err = PCAP_ERROR;
|
||||
|
||||
/*
|
||||
* Enable Solaris raw and passive DLPI extensions;
|
||||
* dlpi_open() will not fail if the underlying link does not support
|
||||
* passive mode. See dlpi(7P) for details.
|
||||
*/
|
||||
retv = dlpi_open(p->opt.source, &dh, DLPI_RAW|DLPI_PASSIVE);
|
||||
if (retv != DLPI_SUCCESS) {
|
||||
if (retv == DLPI_ELINKNAMEINVAL || retv == DLPI_ENOLINK)
|
||||
err = PCAP_ERROR_NO_SUCH_DEVICE;
|
||||
else if (retv == DL_SYSERR &&
|
||||
(errno == EPERM || errno == EACCES))
|
||||
err = PCAP_ERROR_PERM_DENIED;
|
||||
pcap_libdlpi_err(p->opt.source, "dlpi_open", retv,
|
||||
p->errbuf);
|
||||
return (err);
|
||||
}
|
||||
p->dlpi_hd = dh;
|
||||
|
||||
if (p->opt.rfmon) {
|
||||
/*
|
||||
* This device exists, but we don't support monitor mode
|
||||
* any platforms that support DLPI.
|
||||
*/
|
||||
err = PCAP_ERROR_RFMON_NOTSUP;
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* Bind with DLPI_ANY_SAP. */
|
||||
if ((retv = dlpi_bind(p->dlpi_hd, DLPI_ANY_SAP, 0)) != DLPI_SUCCESS) {
|
||||
pcap_libdlpi_err(p->opt.source, "dlpi_bind", retv, p->errbuf);
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* Enable promiscuous mode. */
|
||||
if (p->opt.promisc) {
|
||||
err = dlpromiscon(p, DL_PROMISC_PHYS);
|
||||
if (err < 0) {
|
||||
/*
|
||||
* "You don't have permission to capture on
|
||||
* this device" and "you don't have permission
|
||||
* to capture in promiscuous mode on this
|
||||
* device" are different; let the user know,
|
||||
* so if they can't get permission to
|
||||
* capture in promiscuous mode, they can at
|
||||
* least try to capture in non-promiscuous
|
||||
* mode.
|
||||
*
|
||||
* XXX - you might have to capture in
|
||||
* promiscuous mode to see outgoing packets.
|
||||
*/
|
||||
if (err == PCAP_ERROR_PERM_DENIED)
|
||||
err = PCAP_ERROR_PROMISC_PERM_DENIED;
|
||||
goto bad;
|
||||
}
|
||||
} else {
|
||||
/* Try to enable multicast. */
|
||||
err = dlpromiscon(p, DL_PROMISC_MULTI);
|
||||
if (err < 0)
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* Try to enable SAP promiscuity. */
|
||||
err = dlpromiscon(p, DL_PROMISC_SAP);
|
||||
if (err < 0) {
|
||||
/*
|
||||
* Not fatal, since the DL_PROMISC_PHYS mode worked.
|
||||
* Report it as a warning, however.
|
||||
*/
|
||||
if (p->opt.promisc)
|
||||
err = PCAP_WARNING;
|
||||
else
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* Determine link type. */
|
||||
if ((retv = dlpi_info(p->dlpi_hd, &dlinfo, 0)) != DLPI_SUCCESS) {
|
||||
pcap_libdlpi_err(p->opt.source, "dlpi_info", retv, p->errbuf);
|
||||
goto bad;
|
||||
}
|
||||
|
||||
if (pcap_process_mactype(p, dlinfo.di_mactype) != 0)
|
||||
goto bad;
|
||||
|
||||
p->fd = dlpi_fd(p->dlpi_hd);
|
||||
|
||||
/* Push and configure bufmod. */
|
||||
if (pcap_conf_bufmod(p, p->snapshot, p->md.timeout) != 0)
|
||||
goto bad;
|
||||
|
||||
/*
|
||||
* Flush the read side.
|
||||
*/
|
||||
if (ioctl(p->fd, I_FLUSH, FLUSHR) != 0) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "FLUSHR: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* Allocate data buffer. */
|
||||
if (pcap_alloc_databuf(p) != 0)
|
||||
goto bad;
|
||||
|
||||
/*
|
||||
* "p->fd" is a FD for a STREAMS device, so "select()" and
|
||||
* "poll()" should work on it.
|
||||
*/
|
||||
p->selectable_fd = p->fd;
|
||||
|
||||
p->read_op = pcap_read_libdlpi;
|
||||
p->inject_op = pcap_inject_libdlpi;
|
||||
p->setfilter_op = install_bpf_program; /* No kernel filtering */
|
||||
p->setdirection_op = NULL; /* Not implemented */
|
||||
p->set_datalink_op = NULL; /* Can't change data link type */
|
||||
p->getnonblock_op = pcap_getnonblock_fd;
|
||||
p->setnonblock_op = pcap_setnonblock_fd;
|
||||
p->stats_op = pcap_stats_dlpi;
|
||||
p->cleanup_op = pcap_cleanup_libdlpi;
|
||||
|
||||
return (0);
|
||||
bad:
|
||||
pcap_cleanup_libdlpi(p);
|
||||
return (err);
|
||||
}
|
||||
|
||||
#define STRINGIFY(n) #n
|
||||
|
||||
static int
|
||||
dlpromiscon(pcap_t *p, bpf_u_int32 level)
|
||||
{
|
||||
int err;
|
||||
|
||||
retv = dlpi_promiscon(p->hd, level);
|
||||
if (retv != DLPI_SUCCESS) {
|
||||
if (retv == DL_SYSERR &&
|
||||
(errno == EPERM || errno == EACCES))
|
||||
err = PCAP_ERROR_PERM_DENIED;
|
||||
else
|
||||
err = PCAP_ERROR;
|
||||
pcap_libdlpi_err(p->opt.source, "dlpi_promiscon" STRINGIFY(level),
|
||||
retv, p->errbuf);
|
||||
return (err);
|
||||
}
|
||||
return (0);
|
||||
}
|
||||
|
||||
/*
|
||||
* In Solaris, the "standard" mechanism" i.e SIOCGLIFCONF will only find
|
||||
* network links that are plumbed and are up. dlpi_walk(3DLPI) will find
|
||||
* additional network links present in the system.
|
||||
*/
|
||||
int
|
||||
pcap_platform_finddevs(pcap_if_t **alldevsp, char *errbuf)
|
||||
{
|
||||
int retv = 0;
|
||||
|
||||
linknamelist_t *entry, *next;
|
||||
linkwalk_t lw = {NULL, 0};
|
||||
int save_errno;
|
||||
|
||||
/* dlpi_walk() for loopback will be added here. */
|
||||
|
||||
dlpi_walk(list_interfaces, &lw, 0);
|
||||
|
||||
if (lw.lw_err != 0) {
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE,
|
||||
"dlpi_walk: %s", pcap_strerror(lw.lw_err));
|
||||
retv = -1;
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* Add linkname if it does not exist on the list. */
|
||||
for (entry = lw.lw_list; entry != NULL; entry = entry->lnl_next) {
|
||||
if (pcap_add_if(alldevsp, entry->linkname, 0, NULL, errbuf) < 0)
|
||||
retv = -1;
|
||||
}
|
||||
done:
|
||||
save_errno = errno;
|
||||
for (entry = lw.lw_list; entry != NULL; entry = next) {
|
||||
next = entry->lnl_next;
|
||||
free(entry);
|
||||
}
|
||||
errno = save_errno;
|
||||
|
||||
return (retv);
|
||||
}
|
||||
|
||||
/*
|
||||
* Read data received on DLPI handle. Returns -2 if told to terminate, else
|
||||
* returns the number of packets read.
|
||||
*/
|
||||
static int
|
||||
pcap_read_libdlpi(pcap_t *p, int count, pcap_handler callback, u_char *user)
|
||||
{
|
||||
int len;
|
||||
u_char *bufp;
|
||||
size_t msglen;
|
||||
int retv;
|
||||
|
||||
len = p->cc;
|
||||
if (len != 0) {
|
||||
bufp = p->bp;
|
||||
goto process_pkts;
|
||||
}
|
||||
do {
|
||||
/* Has "pcap_breakloop()" been called? */
|
||||
if (p->break_loop) {
|
||||
/*
|
||||
* Yes - clear the flag that indicates that it has,
|
||||
* and return -2 to indicate that we were told to
|
||||
* break out of the loop.
|
||||
*/
|
||||
p->break_loop = 0;
|
||||
return (-2);
|
||||
}
|
||||
|
||||
msglen = p->bufsize;
|
||||
bufp = p->buffer + p->offset;
|
||||
|
||||
retv = dlpi_recv(p->dlpi_hd, NULL, NULL, bufp,
|
||||
&msglen, -1, NULL);
|
||||
if (retv != DLPI_SUCCESS) {
|
||||
/*
|
||||
* This is most likely a call to terminate out of the
|
||||
* loop. So, do not return an error message, instead
|
||||
* check if "pcap_breakloop()" has been called above.
|
||||
*/
|
||||
if (retv == DL_SYSERR && errno == EINTR) {
|
||||
len = 0;
|
||||
continue;
|
||||
}
|
||||
pcap_libdlpi_err(dlpi_linkname(p->dlpi_hd),
|
||||
"dlpi_recv", retv, p->errbuf);
|
||||
return (-1);
|
||||
}
|
||||
len = msglen;
|
||||
} while (len == 0);
|
||||
|
||||
process_pkts:
|
||||
return (pcap_process_pkts(p, callback, user, count, bufp, len));
|
||||
}
|
||||
|
||||
static int
|
||||
pcap_inject_libdlpi(pcap_t *p, const void *buf, size_t size)
|
||||
{
|
||||
int retv;
|
||||
|
||||
retv = dlpi_send(p->dlpi_hd, NULL, 0, buf, size, NULL);
|
||||
if (retv != DLPI_SUCCESS) {
|
||||
pcap_libdlpi_err(dlpi_linkname(p->dlpi_hd), "dlpi_send", retv,
|
||||
p->errbuf);
|
||||
return (-1);
|
||||
}
|
||||
/*
|
||||
* dlpi_send(3DLPI) does not provide a way to return the number of
|
||||
* bytes sent on the wire. Based on the fact that DLPI_SUCCESS was
|
||||
* returned we are assuming 'size' bytes were sent.
|
||||
*/
|
||||
return (size);
|
||||
}
|
||||
|
||||
/*
|
||||
* Close dlpi handle.
|
||||
*/
|
||||
static void
|
||||
pcap_cleanup_libdlpi(pcap_t *p)
|
||||
{
|
||||
if (p->dlpi_hd != NULL) {
|
||||
dlpi_close(p->dlpi_hd);
|
||||
p->dlpi_hd = NULL;
|
||||
p->fd = -1;
|
||||
}
|
||||
pcap_cleanup_live_common(p);
|
||||
}
|
||||
|
||||
/*
|
||||
* Write error message to buffer.
|
||||
*/
|
||||
static void
|
||||
pcap_libdlpi_err(const char *linkname, const char *func, int err, char *errbuf)
|
||||
{
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "libpcap: %s failed on %s: %s",
|
||||
func, linkname, dlpi_strerror(err));
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
pcap_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = pcap_activate_libdlpi;
|
||||
return (p);
|
||||
}
|
|
@ -0,0 +1,284 @@
|
|||
.\" @(#) $Header: /tcpdump/master/libpcap/pcap-linktype.manmisc.in,v 1.3 2008-10-27 22:52:30 guy Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that: (1) source code distributions
|
||||
.\" retain the above copyright notice and this paragraph in its entirety, (2)
|
||||
.\" distributions including binary code include the above copyright notice and
|
||||
.\" this paragraph in its entirety in the documentation or other materials
|
||||
.\" provided with the distribution, and (3) all advertising materials mentioning
|
||||
.\" features or use of this software display the following acknowledgement:
|
||||
.\" ``This product includes software developed by the University of California,
|
||||
.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
|
||||
.\" the University nor the names of its contributors may be used to endorse
|
||||
.\" or promote products derived from this software without specific prior
|
||||
.\" written permission.
|
||||
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
|
||||
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
.\"
|
||||
.TH PCAP-LINKTYPE @MAN_MISC_INFO@ "23 October 2008"
|
||||
.SH NAME
|
||||
pcap-linktype \- link-layer header types supported by libpcap
|
||||
.SH DESCRIPTION
|
||||
For a live capture or ``savefile'', libpcap supplies, as the return
|
||||
value of the
|
||||
.BR pcap_datalink (3PCAP)
|
||||
routine, a value that indicates the type of link-layer header at the
|
||||
beginning of the packets it provides. This is not necessarily the type
|
||||
of link-layer header that the packets being captured have on the network
|
||||
from which they're being captured; for example, packets from an IEEE
|
||||
802.11 network might be provided by libpcap with Ethernet headers that
|
||||
the network adapter or the network adapter driver generates from the
|
||||
802.11 headers. The names for those values begin with
|
||||
.BR DLT_ ,
|
||||
so they are sometimes called "DLT_ values".
|
||||
.PP
|
||||
The values stored in the link-layer header type field in the savefile
|
||||
header are, in most but not all cases, the same as the values returned
|
||||
by
|
||||
.BR pcap_datalink() .
|
||||
The names for those values begin with
|
||||
.BR LINKTYPE_ .
|
||||
.PP
|
||||
The link-layer header types supported by libpcap are listed here. The
|
||||
value corresponding to
|
||||
.B LINKTYPE_
|
||||
names are given; the value corresponding to
|
||||
.B DLT_
|
||||
values are, in some cases, platform dependent, and are not given;
|
||||
applications should check for particular
|
||||
.B DLT_
|
||||
values by name.
|
||||
.RS 5
|
||||
.TP 5
|
||||
.BR DLT_NULL "; " LINKTYPE_NULL = 0
|
||||
BSD loopback encapsulation; the link-layer header is a 4-byte field, in
|
||||
.I host
|
||||
byte order, containing a PF_ value from
|
||||
.B socket.h
|
||||
for the network-layer protocol of the packet.
|
||||
.IP
|
||||
Note that ``host byte order'' is the byte order of the machine on which
|
||||
the packets are captured, and the PF_ values are for the OS of the
|
||||
machine on which the packets are captured; if a live capture is being
|
||||
done, ``host byte order'' is the byte order of the machine capturing the
|
||||
packets, and the PF_ values are those of the OS of the machine capturing
|
||||
the packets, but if a ``savefile'' is being read, the byte order and PF_
|
||||
values are
|
||||
.I not
|
||||
necessarily those of the machine reading the capture file.
|
||||
.TP 5
|
||||
.BR DLT_EN10MB "; " LINKTYPE_ETHERNET = 1
|
||||
Ethernet (10Mb, 100Mb, 1000Mb, and up); the
|
||||
.B 10MB
|
||||
in the
|
||||
.B DLT_
|
||||
name is historical.
|
||||
.TP 5
|
||||
.BR DLT_IEEE802 "; " LINKTYPE_TOKEN_RING = 6
|
||||
IEEE 802.5 Token Ring; the
|
||||
.B IEEE802
|
||||
in the
|
||||
.B DLT_
|
||||
name is historical.
|
||||
.TP 5
|
||||
.BR DLT_ARCNET "; " LINKTYPE_ARCNET = 7
|
||||
ARCNET
|
||||
.TP 5
|
||||
.BR DLT_SLIP "; " LINKTYPE_SLIP = 8
|
||||
SLIP; the link-layer header contains, in order:
|
||||
.RS 10
|
||||
.LP
|
||||
a 1-byte flag, which is 0 for packets received by the machine and 1 for
|
||||
packets sent by the machine;
|
||||
.LP
|
||||
a 1-byte field, the upper 4 bits of which indicate the type of packet,
|
||||
as per RFC 1144:
|
||||
.RS 5
|
||||
.TP 5
|
||||
0x40
|
||||
an unmodified IP datagram (TYPE_IP);
|
||||
.TP 5
|
||||
0x70
|
||||
an uncompressed-TCP IP datagram (UNCOMPRESSED_TCP), with that byte being
|
||||
the first byte of the raw IP header on the wire, containing the
|
||||
connection number in the protocol field;
|
||||
.TP 5
|
||||
0x80
|
||||
a compressed-TCP IP datagram (COMPRESSED_TCP), with that byte being the
|
||||
first byte of the compressed TCP/IP datagram header;
|
||||
.RE
|
||||
.LP
|
||||
for UNCOMPRESSED_TCP, the rest of the modified IP header, and for
|
||||
COMPRESSED_TCP, the compressed TCP/IP datagram header;
|
||||
.RE
|
||||
.RS 5
|
||||
.LP
|
||||
for a total of 16 bytes; the uncompressed IP datagram follows the header.
|
||||
.RE
|
||||
.TP 5
|
||||
.BR DLT_PPP "; " LINKTYPE_PPP = 9
|
||||
PPP; if the first 2 bytes are 0xff and 0x03, it's PPP in HDLC-like
|
||||
framing, with the PPP header following those two bytes, otherwise it's
|
||||
PPP without framing, and the packet begins with the PPP header.
|
||||
.TP 5
|
||||
.BR DLT_FDDI "; " LINKTYPE_FDDI = 10
|
||||
FDDI
|
||||
.TP 5
|
||||
.BR DLT_ATM_RFC1483 "; " LINKTYPE_ATM_RFC1483 = 100
|
||||
RFC 1483 LLC/SNAP-encapsulated ATM; the packet begins with an IEEE 802.2
|
||||
LLC header.
|
||||
.TP 5
|
||||
.BR DLT_RAW "; " LINKTYPE_RAW = 101
|
||||
raw IP; the packet begins with an IP header.
|
||||
.TP 5
|
||||
.BR DLT_PPP_SERIAL "; " LINKTYPE_PPP_HDLC = 50
|
||||
PPP in HDLC-like framing, as per RFC 1662, or Cisco PPP with HDLC
|
||||
framing, as per section 4.3.1 of RFC 1547; the first byte will be 0xFF
|
||||
for PPP in HDLC-like framing, and will be 0x0F or 0x8F for Cisco PPP
|
||||
with HDLC framing.
|
||||
.TP 5
|
||||
.BR DLT_PPP_ETHER "; " LINKTYPE_PPP_ETHER = 51
|
||||
PPPoE; the packet begins with a PPPoE header, as per RFC 2516.
|
||||
.TP 5
|
||||
.BR DLT_C_HDLC "; " LINKTYPE_C_HDLC = 104
|
||||
Cisco PPP with HDLC framing, as per section 4.3.1 of RFC 1547.
|
||||
.TP 5
|
||||
.BR DLT_IEEE802_11 "; " LINKTYPE_IEEE802_11 = 105
|
||||
IEEE 802.11 wireless LAN
|
||||
.TP 5
|
||||
.BR DLT_FRELAY "; " LINKTYPE_FRELAY = 107
|
||||
Frame Relay
|
||||
.TP 5
|
||||
.BR DLT_LOOP "; " LINKTYPE_LOOP = 108
|
||||
OpenBSD loopback encapsulation; the link-layer header is a 4-byte field, in
|
||||
.I network
|
||||
byte order, containing a PF_ value from OpenBSD's
|
||||
.B socket.h
|
||||
for the network-layer protocol of the packet.
|
||||
.IP
|
||||
Note that, if a ``savefile'' is being read, those PF_ values are
|
||||
.I not
|
||||
necessarily those of the machine reading the capture file.
|
||||
.TP 5
|
||||
.BR DLT_LINUX_SLL "; " LINKTYPE_LINUX_SLL = 113
|
||||
Linux "cooked" capture encapsulation; the link-layer header contains, in
|
||||
order:
|
||||
.RS 10
|
||||
.LP
|
||||
a 2-byte "packet type", in network byte order, which is one of:
|
||||
.RS 5
|
||||
.TP 5
|
||||
0
|
||||
packet was sent to us by somebody else
|
||||
.TP 5
|
||||
1
|
||||
packet was broadcast by somebody else
|
||||
.TP 5
|
||||
2
|
||||
packet was multicast, but not broadcast, by somebody else
|
||||
.TP 5
|
||||
3
|
||||
packet was sent by somebody else to somebody else
|
||||
.TP 5
|
||||
4
|
||||
packet was sent by us
|
||||
.RE
|
||||
.LP
|
||||
a 2-byte field, in network byte order, containing a Linux ARPHRD_ value
|
||||
for the link-layer device type;
|
||||
.LP
|
||||
a 2-byte field, in network byte order, containing the length of the
|
||||
link-layer address of the sender of the packet (which could be 0);
|
||||
.LP
|
||||
an 8-byte field containing that number of bytes of the link-layer
|
||||
address of the sender (if there are more than 8 bytes, only the first
|
||||
8 are present, and if there are fewer than 8 bytes, there are padding
|
||||
bytes after the address to pad the field to 8 bytes);
|
||||
.LP
|
||||
a 2-byte field containing an Ethernet protocol type, in network byte
|
||||
order, or containing 1 for Novell 802.3 frames without an 802.2 LLC
|
||||
header or 4 for frames beginning with an 802.2 LLC header.
|
||||
.RE
|
||||
.TP 5
|
||||
.BR DLT_LTALK "; " LINKTYPE_LTALK = 104
|
||||
Apple LocalTalk; the packet begins with an AppleTalk LLAP header.
|
||||
.TP 5
|
||||
.BR DLT_PFLOG "; " LINKTYPE_PFLOG = 117
|
||||
OpenBSD pflog; the link-layer header contains a
|
||||
.B "struct pfloghdr"
|
||||
structure, as defined by the host on which the file was saved. (This
|
||||
differs from operating system to operating system and release to
|
||||
release; there is nothing in the file to indicate what the layout of
|
||||
that structure is.)
|
||||
.TP 5
|
||||
.BR DLT_PRISM_HEADER "; " LINKTYPE_PRISM_HEADER = 119
|
||||
Prism monitor mode information followed by an 802.11 header.
|
||||
.TP 5
|
||||
.BR DLT_IP_OVER_FC "; " LINKTYPE_IP_OVER_FC = 122
|
||||
RFC 2625 IP-over-Fibre Channel, with the link-layer header being the
|
||||
Network_Header as described in that RFC.
|
||||
.TP 5
|
||||
.BR DLT_SUNATM "; " LINKTYPE_SUNATM = 123
|
||||
SunATM devices; the link-layer header contains, in order:
|
||||
.RS 10
|
||||
.LP
|
||||
a 1-byte flag field, containing a direction flag in the uppermost bit,
|
||||
which is set for packets transmitted by the machine and clear for
|
||||
packets received by the machine, and a 4-byte traffic type in the
|
||||
low-order 4 bits, which is one of:
|
||||
.RS 5
|
||||
.TP 5
|
||||
0
|
||||
raw traffic
|
||||
.TP 5
|
||||
1
|
||||
LANE traffic
|
||||
.TP 5
|
||||
2
|
||||
LLC-encapsulated traffic
|
||||
.TP 5
|
||||
3
|
||||
MARS traffic
|
||||
.TP 5
|
||||
4
|
||||
IFMP traffic
|
||||
.TP 5
|
||||
5
|
||||
ILMI traffic
|
||||
.TP 5
|
||||
6
|
||||
Q.2931 traffic
|
||||
.RE
|
||||
.LP
|
||||
a 1-byte VPI value;
|
||||
.LP
|
||||
a 2-byte VCI field, in network byte order.
|
||||
.RE
|
||||
.TP 5
|
||||
.BR DLT_IEEE802_11_RADIO "; " LINKTYPE_IEEE802_11_RADIO = 127
|
||||
link-layer information followed by an 802.11 header - see
|
||||
http://www.shaftnet.org/~pizza/software/capturefrm.txt for a description
|
||||
of the link-layer information.
|
||||
.TP 5
|
||||
.BR DLT_ARCNET_LINUX "; " LINKTYPE_ARCNET_LINUX = 129
|
||||
ARCNET, with no exception frames, reassembled packets rather than raw
|
||||
frames, and an extra 16-bit offset field between the destination host
|
||||
and type bytes.
|
||||
.TP 5
|
||||
.BR DLT_LINUX_IRDA "; " LINKTYPE_LINUX_IRDA = 144
|
||||
Linux-IrDA packets, with a
|
||||
.B DLT_LINUX_SLL
|
||||
header followed by the IrLAP header.
|
||||
.TP 5
|
||||
.BR DLT_LINUX_LAPD "; " LINKTYPE_LINUX_LAPD = 177
|
||||
LAPD (Q.921) frames, with a
|
||||
.B DLT_LINUX_SLL
|
||||
header captured via vISDN.
|
||||
.RE
|
||||
.SH SEE ALSO
|
||||
pcap_datalink(3PCAP)
|
4368
pcap-linux.c
4368
pcap-linux.c
File diff suppressed because it is too large
Load Diff
|
@ -30,59 +30,13 @@
|
|||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-namedb.h,v 1.10 2005-03-17 07:02:32 guy Exp $ (LBL)
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-namedb.h,v 1.13 2006-10-04 18:13:32 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
#ifndef lib_pcap_namedb_h
|
||||
#define lib_pcap_namedb_h
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
* As returned by the pcap_next_etherent()
|
||||
* XXX this stuff doesn't belong in this interface, but this
|
||||
* library already must do name to address translation, so
|
||||
* on systems that don't have support for /etc/ethers, we
|
||||
* export these hooks since they'll
|
||||
* For backwards compatibility.
|
||||
*
|
||||
* Note to OS vendors: do NOT get rid of this file! Some applications
|
||||
* might expect to be able to include <pcap-namedb.h>.
|
||||
*/
|
||||
struct pcap_etherent {
|
||||
u_char addr[6];
|
||||
char name[122];
|
||||
};
|
||||
#ifndef PCAP_ETHERS_FILE
|
||||
#define PCAP_ETHERS_FILE "/etc/ethers"
|
||||
#endif
|
||||
struct pcap_etherent *pcap_next_etherent(FILE *);
|
||||
u_char *pcap_ether_hostton(const char*);
|
||||
u_char *pcap_ether_aton(const char *);
|
||||
|
||||
bpf_u_int32 **pcap_nametoaddr(const char *);
|
||||
#ifdef INET6
|
||||
struct addrinfo *pcap_nametoaddrinfo(const char *);
|
||||
#endif
|
||||
bpf_u_int32 pcap_nametonetaddr(const char *);
|
||||
|
||||
int pcap_nametoport(const char *, int *, int *);
|
||||
int pcap_nametoproto(const char *);
|
||||
int pcap_nametoeproto(const char *);
|
||||
int pcap_nametollc(const char *);
|
||||
/*
|
||||
* If a protocol is unknown, PROTO_UNDEF is returned.
|
||||
* Also, pcap_nametoport() returns the protocol along with the port number.
|
||||
* If there are ambiguous entried in /etc/services (i.e. domain
|
||||
* can be either tcp or udp) PROTO_UNDEF is returned.
|
||||
*/
|
||||
#define PROTO_UNDEF -1
|
||||
|
||||
/* XXX move these to pcap-int.h? */
|
||||
int __pcap_atodn(const char *, bpf_u_int32 *);
|
||||
int __pcap_atoin(const char *, bpf_u_int32 *);
|
||||
u_short __pcap_nametodnaddr(const char *);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
#include <pcap/namedb.h>
|
||||
|
|
80
pcap-nit.c
80
pcap-nit.c
|
@ -20,7 +20,7 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-nit.c,v 1.57 2004-10-19 07:06:13 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-nit.c,v 1.62 2008-04-14 20:40:58 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -99,7 +99,6 @@ static int
|
|||
pcap_read_nit(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
|
||||
{
|
||||
register int cc, n;
|
||||
register struct bpf_insn *fcode = p->fcode.bf_insns;
|
||||
register u_char *bp, *cp, *ep;
|
||||
register struct nit_hdr *nh;
|
||||
register int caplen;
|
||||
|
@ -175,13 +174,13 @@ pcap_read_nit(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
|
|||
caplen = nh->nh_wirelen;
|
||||
if (caplen > p->snapshot)
|
||||
caplen = p->snapshot;
|
||||
if (bpf_filter(fcode, cp, nh->nh_wirelen, caplen)) {
|
||||
if (bpf_filter(p->fcode.bf_insns, cp, nh->nh_wirelen, caplen)) {
|
||||
struct pcap_pkthdr h;
|
||||
h.ts = nh->nh_timestamp;
|
||||
h.len = nh->nh_wirelen;
|
||||
h.caplen = caplen;
|
||||
(*callback)(user, &h, cp);
|
||||
if (++n >= cnt && cnt >= 0) {
|
||||
if (++n >= cnt && cnt > 0) {
|
||||
p->cc = ep - bp;
|
||||
p->bp = bp;
|
||||
return (n);
|
||||
|
@ -238,51 +237,43 @@ nit_setflags(int fd, int promisc, int to_ms, char *ebuf)
|
|||
return (0);
|
||||
}
|
||||
|
||||
static void
|
||||
pcap_close_nit(pcap_t *p)
|
||||
{
|
||||
pcap_close_common(p);
|
||||
if (p->device != NULL)
|
||||
free(p->device);
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
||||
char *ebuf)
|
||||
static int
|
||||
pcap_activate_nit(pcap_t *p)
|
||||
{
|
||||
int fd;
|
||||
struct sockaddr_nit snit;
|
||||
register pcap_t *p;
|
||||
|
||||
p = (pcap_t *)malloc(sizeof(*p));
|
||||
if (p == NULL) {
|
||||
strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
return (NULL);
|
||||
if (p->opt.rfmon) {
|
||||
/*
|
||||
* No monitor mode on SunOS 3.x or earlier (no
|
||||
* Wi-Fi *devices* for the hardware that supported
|
||||
* them!).
|
||||
*/
|
||||
return (PCAP_ERROR_RFMON_NOTSUP);
|
||||
}
|
||||
|
||||
if (snaplen < 96)
|
||||
if (p->snapshot < 96)
|
||||
/*
|
||||
* NIT requires a snapshot length of at least 96.
|
||||
*/
|
||||
snaplen = 96;
|
||||
p->snapshot = 96;
|
||||
|
||||
memset(p, 0, sizeof(*p));
|
||||
p->fd = fd = socket(AF_NIT, SOCK_RAW, NITPROTO_RAW);
|
||||
if (fd < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE,
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"socket: %s", pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
snit.snit_family = AF_NIT;
|
||||
(void)strncpy(snit.snit_ifname, device, NITIFSIZ);
|
||||
(void)strncpy(snit.snit_ifname, p->opt.source, NITIFSIZ);
|
||||
|
||||
if (bind(fd, (struct sockaddr *)&snit, sizeof(snit))) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE,
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"bind: %s: %s", snit.snit_ifname, pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
p->snapshot = snaplen;
|
||||
nit_setflags(p->fd, promisc, to_ms, ebuf);
|
||||
nit_setflags(p->fd, p->opt.promisc, p->md.timeout, p->errbuf);
|
||||
|
||||
/*
|
||||
* NIT supports only ethernets.
|
||||
|
@ -292,17 +283,7 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
p->bufsize = BUFSPACE;
|
||||
p->buffer = (u_char *)malloc(p->bufsize);
|
||||
if (p->buffer == NULL) {
|
||||
strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/*
|
||||
* We need the device name in order to send packets.
|
||||
*/
|
||||
p->device = strdup(device);
|
||||
if (p->device == NULL) {
|
||||
strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
free(p->buffer);
|
||||
strlcpy(p->errbuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
goto bad;
|
||||
}
|
||||
|
||||
|
@ -334,18 +315,29 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
p->read_op = pcap_read_nit;
|
||||
p->inject_op = pcap_inject_nit;
|
||||
p->setfilter_op = install_bpf_program; /* no kernel filtering */
|
||||
p->setdirection_op = NULL; /* Not implemented. */
|
||||
p->set_datalink_op = NULL; /* can't change data link type */
|
||||
p->getnonblock_op = pcap_getnonblock_fd;
|
||||
p->setnonblock_op = pcap_setnonblock_fd;
|
||||
p->stats_op = pcap_stats_nit;
|
||||
p->close_op = pcap_close_nit;
|
||||
|
||||
return (p);
|
||||
return (0);
|
||||
bad:
|
||||
if (fd >= 0)
|
||||
close(fd);
|
||||
free(p);
|
||||
return (NULL);
|
||||
pcap_cleanup_live_common(p);
|
||||
return (PCAP_ERROR);
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
pcap_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = pcap_activate_nit;
|
||||
return (p);
|
||||
}
|
||||
|
||||
int
|
||||
|
|
19
pcap-nit.h
19
pcap-nit.h
|
@ -1,19 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 1990, 1994
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms are permitted
|
||||
* provided that the above copyright notice and this paragraph are
|
||||
* duplicated in all such forms and that any documentation,
|
||||
* advertising materials, and other materials related to such
|
||||
* distribution and use acknowledge that the software was developed
|
||||
* by the University of California, Lawrence Berkeley Laboratory,
|
||||
* Berkeley, CA. The name of the University may not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* specific prior written permission.
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/Attic/pcap-nit.h,v 1.2 1999-10-07 23:46:40 mcr Exp $ (LBL)
|
||||
*/
|
|
@ -20,7 +20,7 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-null.c,v 1.21 2003-11-15 23:24:03 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-null.c,v 1.22 2008-04-04 19:37:45 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -40,8 +40,7 @@ static const char rcsid[] _U_ =
|
|||
static char nosup[] = "live packet capture not supported on this system";
|
||||
|
||||
pcap_t *
|
||||
pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
||||
char *ebuf)
|
||||
pcap_create(const char *device, char *ebuf)
|
||||
{
|
||||
(void)strlcpy(ebuf, nosup, PCAP_ERRBUF_SIZE);
|
||||
return (NULL);
|
||||
|
|
101
pcap-pf.c
101
pcap-pf.c
|
@ -24,7 +24,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-pf.c,v 1.91 2005-02-26 21:58:06 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-pf.c,v 1.97 2008-04-14 20:40:58 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -62,7 +62,7 @@ struct rtentry;
|
|||
#include <unistd.h>
|
||||
|
||||
/*
|
||||
* Make "pcap.h" not include "pcap-bpf.h"; we are going to include the
|
||||
* Make "pcap.h" not include "pcap/bpf.h"; we are going to include the
|
||||
* native OS version, as we need various BPF ioctls from it.
|
||||
*/
|
||||
#define PCAP_DONT_INCLUDE_PCAP_BPF_H
|
||||
|
@ -88,7 +88,6 @@ static int
|
|||
pcap_read_pf(pcap_t *pc, int cnt, pcap_handler callback, u_char *user)
|
||||
{
|
||||
register u_char *p, *bp;
|
||||
struct bpf_insn *fcode;
|
||||
register int cc, n, buflen, inc;
|
||||
register struct enstamp *sp;
|
||||
#ifdef LBL_ALIGN
|
||||
|
@ -98,7 +97,6 @@ pcap_read_pf(pcap_t *pc, int cnt, pcap_handler callback, u_char *user)
|
|||
register int pad;
|
||||
#endif
|
||||
|
||||
fcode = pc->md.use_bpf ? NULL : pc->fcode.bf_insns;
|
||||
again:
|
||||
cc = pc->cc;
|
||||
if (cc == 0) {
|
||||
|
@ -129,7 +127,7 @@ pcap_read_pf(pcap_t *pc, int cnt, pcap_handler callback, u_char *user)
|
|||
*/
|
||||
n = 0;
|
||||
#ifdef PCAP_FDDIPAD
|
||||
pad = p->fddipad;
|
||||
pad = pc->fddipad;
|
||||
#endif
|
||||
while (cc > 0) {
|
||||
/*
|
||||
|
@ -187,18 +185,19 @@ pcap_read_pf(pcap_t *pc, int cnt, pcap_handler callback, u_char *user)
|
|||
|
||||
/*
|
||||
* Short-circuit evaluation: if using BPF filter
|
||||
* in kernel, no need to do it now.
|
||||
* in kernel, no need to do it now - we already know
|
||||
* the packet passed the filter.
|
||||
*
|
||||
#ifdef PCAP_FDDIPAD
|
||||
* Note: the filter code was generated assuming
|
||||
* that p->fddipad was the amount of padding
|
||||
* that pc->fddipad was the amount of padding
|
||||
* before the header, as that's what's required
|
||||
* in the kernel, so we run the filter before
|
||||
* skipping that padding.
|
||||
#endif
|
||||
*/
|
||||
if (fcode == NULL ||
|
||||
bpf_filter(fcode, p, sp->ens_count, buflen)) {
|
||||
if (pc->md.use_bpf ||
|
||||
bpf_filter(pc->fcode.bf_insns, p, sp->ens_count, buflen)) {
|
||||
struct pcap_pkthdr h;
|
||||
pc->md.TotAccepted++;
|
||||
h.ts = sp->ens_tstamp;
|
||||
|
@ -285,30 +284,21 @@ pcap_stats_pf(pcap_t *p, struct pcap_stat *ps)
|
|||
}
|
||||
|
||||
/*
|
||||
* We include the OS's <net/bpf.h>, not our "pcap-bpf.h", so we probably
|
||||
* We include the OS's <net/bpf.h>, not our "pcap/bpf.h", so we probably
|
||||
* don't get DLT_DOCSIS defined.
|
||||
*/
|
||||
#ifndef DLT_DOCSIS
|
||||
#define DLT_DOCSIS 143
|
||||
#endif
|
||||
|
||||
pcap_t *
|
||||
pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
||||
char *ebuf)
|
||||
static int
|
||||
pcap_activate_pf(pcap_t *p)
|
||||
{
|
||||
pcap_t *p;
|
||||
short enmode;
|
||||
int backlog = -1; /* request the most */
|
||||
struct enfilter Filter;
|
||||
struct endevp devparams;
|
||||
|
||||
p = (pcap_t *)malloc(sizeof(*p));
|
||||
if (p == NULL) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE,
|
||||
"pcap_open_live: %s", pcap_strerror(errno));
|
||||
return (0);
|
||||
}
|
||||
memset(p, 0, sizeof(*p));
|
||||
/*
|
||||
* Initially try a read/write open (to allow the inject
|
||||
* method to work). If that fails due to permission
|
||||
|
@ -328,21 +318,21 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
* "const char *" as its first argument. That appears to be
|
||||
* the case, at least on Digital UNIX 4.0.
|
||||
*/
|
||||
p->fd = pfopen(device, O_RDWR);
|
||||
p->fd = pfopen(p->opt.source, O_RDWR);
|
||||
if (p->fd == -1 && errno == EACCES)
|
||||
p->fd = pfopen(device, O_RDONLY);
|
||||
p->fd = pfopen(p->opt.source, O_RDONLY);
|
||||
if (p->fd < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "pf open: %s: %s\n\
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "pf open: %s: %s\n\
|
||||
your system may not be properly configured; see the packetfilter(4) man page\n",
|
||||
device, pcap_strerror(errno));
|
||||
p->opt.source, pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
p->md.OrigMissed = -1;
|
||||
enmode = ENTSTAMP|ENBATCH|ENNONEXCL;
|
||||
if (promisc)
|
||||
if (p->opt.promisc)
|
||||
enmode |= ENPROMISC;
|
||||
if (ioctl(p->fd, EIOCMBIS, (caddr_t)&enmode) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "EIOCMBIS: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "EIOCMBIS: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
@ -353,13 +343,13 @@ your system may not be properly configured; see the packetfilter(4) man page\n",
|
|||
#endif
|
||||
/* set the backlog */
|
||||
if (ioctl(p->fd, EIOCSETW, (caddr_t)&backlog) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "EIOCSETW: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "EIOCSETW: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
/* discover interface type */
|
||||
if (ioctl(p->fd, EIOCDEVP, (caddr_t)&devparams) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "EIOCDEVP: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "EIOCDEVP: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
@ -441,42 +431,41 @@ your system may not be properly configured; see the packetfilter(4) man page\n",
|
|||
* framing", there's not much we can do, as that
|
||||
* doesn't specify a particular type of header.
|
||||
*/
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "unknown data-link type %u",
|
||||
devparams.end_dev_type);
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"unknown data-link type %u", devparams.end_dev_type);
|
||||
goto bad;
|
||||
}
|
||||
/* set truncation */
|
||||
#ifdef PCAP_FDDIPAD
|
||||
if (p->linktype == DLT_FDDI) {
|
||||
p->fddipad = PCAP_FDDIPAD:
|
||||
p->fddipad = PCAP_FDDIPAD;
|
||||
|
||||
/* packetfilter includes the padding in the snapshot */
|
||||
snaplen += PCAP_FDDIPAD;
|
||||
p->snapshot += PCAP_FDDIPAD;
|
||||
} else
|
||||
p->fddipad = 0;
|
||||
#endif
|
||||
if (ioctl(p->fd, EIOCTRUNCATE, (caddr_t)&snaplen) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "EIOCTRUNCATE: %s",
|
||||
if (ioctl(p->fd, EIOCTRUNCATE, (caddr_t)&p->snapshot) < 0) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "EIOCTRUNCATE: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
p->snapshot = snaplen;
|
||||
/* accept all packets */
|
||||
memset(&Filter, 0, sizeof(Filter));
|
||||
Filter.enf_Priority = 37; /* anything > 2 */
|
||||
Filter.enf_FilterLen = 0; /* means "always true" */
|
||||
if (ioctl(p->fd, EIOCSETF, (caddr_t)&Filter) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "EIOCSETF: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "EIOCSETF: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
||||
if (to_ms != 0) {
|
||||
if (p->md.timeout != 0) {
|
||||
struct timeval timeout;
|
||||
timeout.tv_sec = to_ms / 1000;
|
||||
timeout.tv_usec = (to_ms * 1000) % 1000000;
|
||||
timeout.tv_sec = p->md.timeout / 1000;
|
||||
timeout.tv_usec = (p->md.timeout * 1000) % 1000000;
|
||||
if (ioctl(p->fd, EIOCSRTIMEOUT, (caddr_t)&timeout) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "EIOCSRTIMEOUT: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "EIOCSRTIMEOUT: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
@ -485,7 +474,7 @@ your system may not be properly configured; see the packetfilter(4) man page\n",
|
|||
p->bufsize = BUFSPACE;
|
||||
p->buffer = (u_char*)malloc(p->bufsize + p->offset);
|
||||
if (p->buffer == NULL) {
|
||||
strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
strlcpy(p->errbuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
goto bad;
|
||||
}
|
||||
|
||||
|
@ -497,23 +486,29 @@ your system may not be properly configured; see the packetfilter(4) man page\n",
|
|||
p->read_op = pcap_read_pf;
|
||||
p->inject_op = pcap_inject_pf;
|
||||
p->setfilter_op = pcap_setfilter_pf;
|
||||
p->setdirection_op = NULL; /* Not implemented. */
|
||||
p->set_datalink_op = NULL; /* can't change data link type */
|
||||
p->getnonblock_op = pcap_getnonblock_fd;
|
||||
p->setnonblock_op = pcap_setnonblock_fd;
|
||||
p->stats_op = pcap_stats_pf;
|
||||
p->close_op = pcap_close_common;
|
||||
|
||||
return (p);
|
||||
return (0);
|
||||
bad:
|
||||
if (p->fd >= 0)
|
||||
close(p->fd);
|
||||
/*
|
||||
* Get rid of any link-layer type list we allocated.
|
||||
*/
|
||||
if (p->dlt_list != NULL)
|
||||
free(p->dlt_list);
|
||||
free(p);
|
||||
return (NULL);
|
||||
pcap_cleanup_live_common(p);
|
||||
return (PCAP_ERROR);
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
pcap_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = pcap_activate_pf;
|
||||
return (p);
|
||||
}
|
||||
|
||||
int
|
||||
|
|
19
pcap-pf.h
19
pcap-pf.h
|
@ -1,19 +0,0 @@
|
|||
/*
|
||||
* Copyright (c) 1990, 1994
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms are permitted
|
||||
* provided that the above copyright notice and this paragraph are
|
||||
* duplicated in all such forms and that any documentation,
|
||||
* advertising materials, and other materials related to such
|
||||
* distribution and use acknowledge that the software was developed
|
||||
* by the University of California, Lawrence Berkeley Laboratory,
|
||||
* Berkeley, CA. The name of the University may not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* specific prior written permission.
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/Attic/pcap-pf.h,v 1.2 1999-10-07 23:46:40 mcr Exp $ (LBL)
|
||||
*/
|
|
@ -0,0 +1,127 @@
|
|||
'\" t
|
||||
.\" @(#) $Header: /tcpdump/master/libpcap/pcap-savefile.manfile.in,v 1.2 2008-10-24 07:33:50 guy Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1994, 1996, 1997
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that: (1) source code distributions
|
||||
.\" retain the above copyright notice and this paragraph in its entirety, (2)
|
||||
.\" distributions including binary code include the above copyright notice and
|
||||
.\" this paragraph in its entirety in the documentation or other materials
|
||||
.\" provided with the distribution, and (3) all advertising materials mentioning
|
||||
.\" features or use of this software display the following acknowledgement:
|
||||
.\" ``This product includes software developed by the University of California,
|
||||
.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
|
||||
.\" the University nor the names of its contributors may be used to endorse
|
||||
.\" or promote products derived from this software without specific prior
|
||||
.\" written permission.
|
||||
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
|
||||
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
.\"
|
||||
.TH PCAP-SAVEFILE @MAN_FILE_FORMATS@ "21 October 2008"
|
||||
.SH NAME
|
||||
pcap-savefile \- libpcap savefile format
|
||||
.SH DESCRIPTION
|
||||
NOTE: applications and libraries should, if possible, use libpcap to
|
||||
read savefiles, rather than having their own code to read savefiles.
|
||||
If, in the future, a new file format is supported by libpcap,
|
||||
applications and libraries using libpcap to read savefiles will be able
|
||||
to read the new format of savefiles, but applications and libraries
|
||||
using their own code to read savefiles will have to be changed to
|
||||
support the new file format.
|
||||
.PP
|
||||
``Savefiles'' read and written by libpcap and applications using libpcap
|
||||
start with a per-file header. The format of the per-file header is:
|
||||
.RS
|
||||
.TS
|
||||
box;
|
||||
c s
|
||||
c | c
|
||||
c s.
|
||||
Magic number
|
||||
_
|
||||
Major version Minor version
|
||||
_
|
||||
Time zone offset
|
||||
_
|
||||
Time stamp accuracy
|
||||
_
|
||||
Snapshot length
|
||||
_
|
||||
Link-layer header type
|
||||
.TE
|
||||
.RE
|
||||
.PP
|
||||
All fields in the per-file header are in the byte order of the host
|
||||
writing the file. The first field in the per-file header is a 4-byte
|
||||
magic number, with the value 0xa1b2c3d4. The magic number, when read by
|
||||
a host with the same byte order as the host that wrote the file, will
|
||||
have the value 0xa1b2c3d4, and, when read by a host with the opposite
|
||||
byte order as the host that wrote the file, will have the value
|
||||
0xd4c3b2a1. That allows software reading the file to determine whether
|
||||
the byte order of the host that wrote the file is the same as the byte
|
||||
order of the host on which the file is being read, and thus whether the
|
||||
values in the per-file and per-packet headers need to be byte-swapped.
|
||||
.PP
|
||||
Following this are:
|
||||
.IP
|
||||
A 2-byte file format major version number; the current version number is
|
||||
2.
|
||||
.IP
|
||||
A 2-byte file format minor version number; the current version number is
|
||||
4.
|
||||
.IP
|
||||
A 4-byte time zone offset; this is always 0.
|
||||
.IP
|
||||
A 4-byte number giving the accuracy of time stamps in the file; this is
|
||||
always 0.
|
||||
.IP
|
||||
A 4-byte number giving the "snapshot length" of the capture; packets
|
||||
longer than the snapshot length are truncated to the snapshot length, so
|
||||
that, if the snapshot length is
|
||||
.IR N ,
|
||||
only the first
|
||||
.I N
|
||||
bytes of a packet longer than
|
||||
.I N
|
||||
bytes will be saved in the capture.
|
||||
.IP
|
||||
a 4-byte number giving the link-layer header type for packets in the
|
||||
capture; see
|
||||
.BR pcap-linktype (@MAN_MISC_INFO@)
|
||||
for the
|
||||
.B LINKTYPE_
|
||||
values that can appear in this field.
|
||||
.PP
|
||||
Following the per-file header are zero or more packets; each packet
|
||||
begins with a per-packet header, which is immediately followed by the
|
||||
raw packet data. The format of the per-packet header is:
|
||||
.RS
|
||||
.TS
|
||||
box;
|
||||
c.
|
||||
Time stamp, seconds value
|
||||
_
|
||||
Time stamp, microseconds value
|
||||
_
|
||||
Length of captured packet data
|
||||
_
|
||||
Un-truncated length of the packet data
|
||||
.TE
|
||||
.RE
|
||||
.PP
|
||||
All fields in the per-packet header are in the byte order of the host
|
||||
writing the file. The per-packet header begins with a time stamp giving
|
||||
the approximate time the packet was captured; the time stamp consists of
|
||||
a 4-byte value, giving the time in seconds since January 1, 1970,
|
||||
00:00:00 UTC, followed by a 4-byte value, giving the time in
|
||||
microseconds since that second. Following that are a 4-byte value
|
||||
giving the number of bytes of captured data that follow the per-packet
|
||||
header and a 4-byte value giving the number of bytes that would have
|
||||
been present had the packet not been truncated by the snapshot length.
|
||||
The two lengths will be equal if the number of bytes of packet data are
|
||||
less than or equal to the snapshot length.
|
||||
.SH SEE ALSO
|
||||
pcap(3PCAP), pcap-linktype(@MAN_MISC_INFO@)
|
|
@ -0,0 +1,290 @@
|
|||
/*
|
||||
* pcap-septel.c: Packet capture interface for Intel/Septel card.
|
||||
*
|
||||
* The functionality of this code attempts to mimic that of pcap-linux as much
|
||||
* as possible. This code is compiled in several different ways depending on
|
||||
* whether SEPTEL_ONLY and HAVE_SEPTEL_API are defined. If HAVE_SEPTEL_API is
|
||||
* not defined it should not get compiled in, otherwise if SEPTEL_ONLY is
|
||||
* defined then the 'septel_' function calls are renamed to 'pcap_'
|
||||
* equivalents. If SEPTEL_ONLY is not defined then nothing is altered - the
|
||||
* septel_ functions will be called as required from their
|
||||
* pcap-linux/equivalents.
|
||||
*
|
||||
* Authors: Gilbert HOYEK (gil_hoyek@hotmail.com), Elias M. KHOURY
|
||||
* (+961 3 485243)
|
||||
*/
|
||||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-septel.c,v 1.4 2008-04-14 20:40:58 guy Exp $";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <sys/param.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "pcap-int.h"
|
||||
|
||||
#include <ctype.h>
|
||||
#include <netinet/in.h>
|
||||
#include <sys/mman.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#ifdef HAVE_SEPTEL_API
|
||||
#include <msg.h>
|
||||
#include <ss7_inc.h>
|
||||
#include <sysgct.h>
|
||||
#include <pack.h>
|
||||
#include <system.h>
|
||||
#endif /* HAVE_SEPTEL_API */
|
||||
|
||||
#ifdef SEPTEL_ONLY
|
||||
/* This code is required when compiling for a Septel device only. */
|
||||
#include "pcap-septel.h"
|
||||
|
||||
/* Replace septel function names with pcap equivalent. */
|
||||
#define septel_create pcap_create
|
||||
#define septel_platform_finddevs pcap_platform_finddevs
|
||||
#endif /* SEPTEL_ONLY */
|
||||
|
||||
static int septel_setfilter(pcap_t *p, struct bpf_program *fp);
|
||||
static int septel_stats(pcap_t *p, struct pcap_stat *ps);
|
||||
static int septel_setnonblock(pcap_t *p, int nonblock, char *errbuf);
|
||||
|
||||
/*
|
||||
* Read at most max_packets from the capture queue and call the callback
|
||||
* for each of them. Returns the number of packets handled, -1 if an
|
||||
* error occured, or -2 if we were told to break out of the loop.
|
||||
*/
|
||||
static int septel_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user) {
|
||||
|
||||
HDR *h;
|
||||
MSG *m;
|
||||
int processed = 0 ;
|
||||
int t = 0 ;
|
||||
|
||||
/* identifier for the message queue of the module(upe) from which we are capturing
|
||||
* packets.These IDs are defined in system.txt . By default it is set to 0x2d
|
||||
* so change it to 0xdd for technical reason and therefore the module id for upe becomes:
|
||||
* LOCAL 0xdd * upe - Example user part task */
|
||||
unsigned int id = 0xdd;
|
||||
|
||||
/* process the packets */
|
||||
do {
|
||||
|
||||
unsigned short packet_len = 0;
|
||||
int caplen = 0;
|
||||
int counter = 0;
|
||||
struct pcap_pkthdr pcap_header;
|
||||
u_char *dp ;
|
||||
|
||||
/*
|
||||
* Has "pcap_breakloop()" been called?
|
||||
*/
|
||||
loop:
|
||||
if (p->break_loop) {
|
||||
/*
|
||||
* Yes - clear the flag that indicates that
|
||||
* it has, and return -2 to indicate that
|
||||
* we were told to break out of the loop.
|
||||
*/
|
||||
p->break_loop = 0;
|
||||
return -2;
|
||||
}
|
||||
|
||||
/*repeat until a packet is read
|
||||
*a NULL message means :
|
||||
* when no packet is in queue or all packets in queue already read */
|
||||
do {
|
||||
/* receive packet in non-blocking mode
|
||||
* GCT_grab is defined in the septel library software */
|
||||
h = GCT_grab(id);
|
||||
|
||||
m = (MSG*)h;
|
||||
/* a couter is added here to avoid an infinite loop
|
||||
* that will cause our capture program GUI to freeze while waiting
|
||||
* for a packet*/
|
||||
counter++ ;
|
||||
|
||||
}
|
||||
while ((m == NULL)&& (counter< 100)) ;
|
||||
|
||||
if (m != NULL) {
|
||||
|
||||
t = h->type ;
|
||||
|
||||
/* catch only messages with type = 0xcf00 or 0x8f01 corrsponding to ss7 messages*/
|
||||
/* XXX = why not use API_MSG_TX_REQ for 0xcf00 and API_MSG_RX_IND
|
||||
* for 0x8f01? */
|
||||
if ((t != 0xcf00) && (t != 0x8f01)) {
|
||||
relm(h);
|
||||
goto loop ;
|
||||
}
|
||||
|
||||
/* XXX - is API_MSG_RX_IND for an MTP2 or MTP3 message? */
|
||||
dp = get_param(m);/* get pointer to MSG parameter area (m->param) */
|
||||
packet_len = m->len;
|
||||
caplen = p->snapshot ;
|
||||
|
||||
|
||||
if (caplen > packet_len) {
|
||||
|
||||
caplen = packet_len;
|
||||
}
|
||||
/* Run the packet filter if there is one. */
|
||||
if ((p->fcode.bf_insns == NULL) || bpf_filter(p->fcode.bf_insns, dp, packet_len, caplen)) {
|
||||
|
||||
|
||||
/* get a time stamp , consisting of :
|
||||
*
|
||||
* pcap_header.ts.tv_sec:
|
||||
* ----------------------
|
||||
* a UNIX format time-in-seconds when he packet was captured,
|
||||
* i.e. the number of seconds since Epoch time (January 1,1970, 00:00:00 GMT)
|
||||
*
|
||||
* pcap_header.ts.tv_usec :
|
||||
* ------------------------
|
||||
* the number of microseconds since that second
|
||||
* when the packet was captured
|
||||
*/
|
||||
|
||||
(void)gettimeofday(&pcap_header.ts, NULL);
|
||||
|
||||
/* Fill in our own header data */
|
||||
pcap_header.caplen = caplen;
|
||||
pcap_header.len = packet_len;
|
||||
|
||||
/* Count the packet. */
|
||||
p->md.stat.ps_recv++;
|
||||
|
||||
/* Call the user supplied callback function */
|
||||
callback(user, &pcap_header, dp);
|
||||
|
||||
processed++ ;
|
||||
|
||||
}
|
||||
/* after being processed the packet must be
|
||||
*released in order to receive another one */
|
||||
relm(h);
|
||||
}else
|
||||
processed++;
|
||||
|
||||
}
|
||||
while (processed < cnt) ;
|
||||
|
||||
return processed ;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
septel_inject(pcap_t *handle, const void *buf _U_, size_t size _U_)
|
||||
{
|
||||
strlcpy(handle->errbuf, "Sending packets isn't supported on Septel cards",
|
||||
PCAP_ERRBUF_SIZE);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
/*
|
||||
* Activate a handle for a live capture from the given Septel device. Always pass a NULL device
|
||||
* The promisc flag is ignored because Septel cards have built-in tracing.
|
||||
* The timeout is also ignored as it is not supported in hardware.
|
||||
*
|
||||
* See also pcap(3).
|
||||
*/
|
||||
static pcap_t *septel_activate(pcap_t* handle) {
|
||||
/* Initialize some components of the pcap structure. */
|
||||
handle->linktype = DLT_MTP2;
|
||||
|
||||
handle->bufsize = 0;
|
||||
|
||||
/*
|
||||
* "select()" and "poll()" don't work on Septel queues
|
||||
*/
|
||||
handle->selectable_fd = -1;
|
||||
|
||||
handle->read_op = septel_read;
|
||||
handle->inject_op = septel_inject;
|
||||
handle->setfilter_op = septel_setfilter;
|
||||
handle->set_datalink_op = NULL; /* can't change data link type */
|
||||
handle->getnonblock_op = pcap_getnonblock_fd;
|
||||
handle->setnonblock_op = septel_setnonblock;
|
||||
handle->stats_op = septel_stats;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
pcap_t *septel_create(const char *device, char *ebuf) {
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return NULL;
|
||||
|
||||
p->activate_op = septel_activate;
|
||||
return p;
|
||||
}
|
||||
|
||||
static int septel_stats(pcap_t *p, struct pcap_stat *ps) {
|
||||
/*p->md.stat.ps_recv = 0;*/
|
||||
/*p->md.stat.ps_drop = 0;*/
|
||||
|
||||
*ps = p->md.stat;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
septel_platform_finddevs(pcap_if_t **devlistp, char *errbuf)
|
||||
{
|
||||
unsigned char *p;
|
||||
const char description[512]= "Intel/Septel device";
|
||||
char name[512]="septel" ;
|
||||
int ret = 0;
|
||||
pcap_add_if(devlistp,name,0,description,errbuf);
|
||||
|
||||
return (ret);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Installs the given bpf filter program in the given pcap structure. There is
|
||||
* no attempt to store the filter in kernel memory as that is not supported
|
||||
* with Septel cards.
|
||||
*/
|
||||
static int septel_setfilter(pcap_t *p, struct bpf_program *fp) {
|
||||
if (!p)
|
||||
return -1;
|
||||
if (!fp) {
|
||||
strncpy(p->errbuf, "setfilter: No filter specified",
|
||||
sizeof(p->errbuf));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Make our private copy of the filter */
|
||||
|
||||
if (install_bpf_program(p, fp) < 0) {
|
||||
snprintf(p->errbuf, sizeof(p->errbuf),
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
p->md.use_bpf = 0;
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
septel_setnonblock(pcap_t *p, int nonblock, char *errbuf)
|
||||
{
|
||||
return (0);
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
/*
|
||||
* pcap-septel.c: Packet capture interface for Intel Septel card
|
||||
*
|
||||
* The functionality of this code attempts to mimic that of pcap-linux as much
|
||||
* as possible. This code is only needed when compiling in the Intel/Septel
|
||||
* card code at the same time as another type of device.
|
||||
*
|
||||
* Authors: Gilbert HOYEK (gil_hoyek@hotmail.com), Elias M. KHOURY
|
||||
* (+961 3 485343);
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-septel.h,v 1.2 2008-04-04 19:37:45 guy Exp $
|
||||
*/
|
||||
|
||||
pcap_t *septel_create(const char *device, char *ebuf);
|
||||
|
|
@ -0,0 +1,980 @@
|
|||
/*
|
||||
* pcap-sita.c: Packet capture interface additions for SITA ACN devices
|
||||
*
|
||||
* Copyright (c) 2007 Fulko Hew, SITA INC Canada, Inc <fulko.hew@sita.aero>
|
||||
*
|
||||
* License: BSD
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
* 3. The names of the authors may not be used to endorse or promote
|
||||
* products derived from this software without specific prior
|
||||
* written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*/
|
||||
|
||||
/* $Id: pcap-sita.c */
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <errno.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/socket.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
#include "pcap-int.h"
|
||||
|
||||
#include "pcap-sita.h"
|
||||
|
||||
/* non-configureable manifests follow */
|
||||
|
||||
#define IOP_SNIFFER_PORT 49152 /* TCP port on the IOP used for 'distributed pcap' usage */
|
||||
#define MAX_LINE_SIZE 255 /* max size of a buffer/line in /etc/hosts we allow */
|
||||
#define MAX_CHASSIS 8 /* number of chassis in an ACN site */
|
||||
#define MAX_GEOSLOT 8 /* max number of access units in an ACN site */
|
||||
|
||||
#define FIND 0
|
||||
#define LIVE 1
|
||||
|
||||
typedef struct iface {
|
||||
struct iface *next; /* a pointer to the next interface */
|
||||
char *name; /* this interface's name on Wireshark */
|
||||
char *IOPname; /* this interface's name on an IOP */
|
||||
uint32_t iftype; /* the type of interface (DLT values) */
|
||||
} iface_t;
|
||||
|
||||
typedef struct unit {
|
||||
char *ip; /* this unit's IP address (as extracted from /etc/hosts) */
|
||||
int fd; /* the connection to this unit (if it exists) */
|
||||
int find_fd; /* a big kludge to avoid my programming limitations since I could have this unit open for findalldevs purposes */
|
||||
int first_time; /* 0 = just opened via acn_open_live(), ie. the first time, NZ = nth time */
|
||||
struct sockaddr_in *serv_addr; /* the address control block for comms to this unit */
|
||||
int chassis;
|
||||
int geoslot;
|
||||
iface_t *iface; /* a pointer to a linked list of interface structures */
|
||||
char *imsg; /* a pointer to an inbound message */
|
||||
int len; /* the current size of the inbound message */
|
||||
} unit_t;
|
||||
|
||||
static char *errorString;
|
||||
static unit_t units[MAX_CHASSIS+1][MAX_GEOSLOT+1]; /* we use indexes of 1 through 8, but we reserve/waste index 0 */
|
||||
static fd_set readfds; /* a place to store the file descriptors for the connections to the IOPs */
|
||||
static fd_set working_set;
|
||||
static int max_fs;
|
||||
static char static_buf[32];
|
||||
|
||||
pcap_if_t *acn_if_list; /* pcap's list of available interfaces */
|
||||
|
||||
static void dump_interface_list(void) {
|
||||
pcap_if_t *iff;
|
||||
pcap_addr_t *addr;
|
||||
int longest_name_len = 0;
|
||||
char *n, *d, *f;
|
||||
int if_number = 0;
|
||||
|
||||
iff = acn_if_list;
|
||||
while (iff) {
|
||||
if (iff->name && (strlen(iff->name) > longest_name_len)) longest_name_len = strlen(iff->name);
|
||||
iff = iff->next;
|
||||
}
|
||||
iff = acn_if_list;
|
||||
printf("Interface List:\n");
|
||||
while (iff) {
|
||||
n = (iff->name) ? iff->name : "";
|
||||
d = (iff->description) ? iff->description : "";
|
||||
f = (iff->flags == PCAP_IF_LOOPBACK) ? "L" : "";
|
||||
printf("%3d: %*s %s '%s'\n", if_number++, longest_name_len, n, f, d);
|
||||
addr = iff->addresses;
|
||||
while (addr) {
|
||||
printf("%*s ", (5 + longest_name_len), ""); /* add some indentation */
|
||||
printf("%15s ", (addr->addr) ? inet_ntoa(((struct sockaddr_in *)addr->addr)->sin_addr) : "");
|
||||
printf("%15s ", (addr->netmask) ? inet_ntoa(((struct sockaddr_in *)addr->netmask)->sin_addr) : "");
|
||||
printf("%15s ", (addr->broadaddr) ? inet_ntoa(((struct sockaddr_in *)addr->broadaddr)->sin_addr) : "");
|
||||
printf("%15s ", (addr->dstaddr) ? inet_ntoa(((struct sockaddr_in *)addr->dstaddr)->sin_addr) : "");
|
||||
printf("\n");
|
||||
addr = addr->next;
|
||||
}
|
||||
iff = iff->next;
|
||||
}
|
||||
}
|
||||
|
||||
static void dump(unsigned char *ptr, int i, int indent) {
|
||||
fprintf(stderr, "%*s", indent, " ");
|
||||
for (; i > 0; i--) {
|
||||
fprintf(stderr, "%2.2x ", *ptr++);
|
||||
}
|
||||
fprintf(stderr, "\n");
|
||||
}
|
||||
|
||||
static void dump_interface_list_p(void) {
|
||||
pcap_if_t *iff;
|
||||
pcap_addr_t *addr;
|
||||
int if_number = 0;
|
||||
|
||||
iff = acn_if_list;
|
||||
printf("Interface Pointer @ %p is %p:\n", &acn_if_list, iff);
|
||||
while (iff) {
|
||||
printf("%3d: %p %p next: %p\n", if_number++, iff->name, iff->description, iff->next);
|
||||
dump((unsigned char *)iff, sizeof(pcap_if_t), 5);
|
||||
addr = iff->addresses;
|
||||
while (addr) {
|
||||
printf(" %p %p %p %p, next: %p\n", addr->addr, addr->netmask, addr->broadaddr, addr->dstaddr, addr->next);
|
||||
dump((unsigned char *)addr, sizeof(pcap_addr_t), 10);
|
||||
addr = addr->next;
|
||||
}
|
||||
iff = iff->next;
|
||||
}
|
||||
}
|
||||
|
||||
static void dump_unit_table(void) {
|
||||
int chassis, geoslot;
|
||||
iface_t *p;
|
||||
|
||||
printf("%c:%c %s %s\n", 'C', 'S', "fd", "IP Address");
|
||||
for (chassis = 0; chassis <= MAX_CHASSIS; chassis++) {
|
||||
for (geoslot = 0; geoslot <= MAX_GEOSLOT; geoslot++) {
|
||||
if (units[chassis][geoslot].ip != NULL)
|
||||
printf("%d:%d %2d %s\n", chassis, geoslot, units[chassis][geoslot].fd, units[chassis][geoslot].ip);
|
||||
p = units[chassis][geoslot].iface;
|
||||
while (p) {
|
||||
char *n = (p->name) ? p->name : "";
|
||||
char *i = (p->IOPname) ? p->IOPname : "";
|
||||
p = p->next;
|
||||
printf(" %12s -> %12s\n", i, n);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static int find_unit_by_fd(int fd, int *chassis, int *geoslot, unit_t **unit_ptr) {
|
||||
int c, s;
|
||||
|
||||
for (c = 0; c <= MAX_CHASSIS; c++) {
|
||||
for (s = 0; s <= MAX_GEOSLOT; s++) {
|
||||
if (units[c][s].fd == fd || units[c][s].find_fd == fd) {
|
||||
if (chassis) *chassis = c;
|
||||
if (geoslot) *geoslot = s;
|
||||
if (unit_ptr) *unit_ptr = &units[c][s];
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int read_client_nbytes(int fd, int count, unsigned char *buf) {
|
||||
unit_t *u;
|
||||
int chassis, geoslot;
|
||||
int len;
|
||||
|
||||
find_unit_by_fd(fd, &chassis, &geoslot, &u);
|
||||
while (count) {
|
||||
if ((len = recv(fd, buf, count, 0)) <= 0) return -1; /* read in whatever data was sent to us */
|
||||
count -= len;
|
||||
buf += len;
|
||||
} /* till we have everything we are looking for */
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void empty_unit_iface(unit_t *u) {
|
||||
iface_t *p, *cur;
|
||||
|
||||
cur = u->iface;
|
||||
while (cur) { /* loop over all the interface entries */
|
||||
if (cur->name) free(cur->name); /* throwing away the contents if they exist */
|
||||
if (cur->IOPname) free(cur->IOPname);
|
||||
p = cur->next;
|
||||
free(cur); /* then throw away the structure itself */
|
||||
cur = p;
|
||||
}
|
||||
u->iface = 0; /* and finally remember that there are no remaining structure */
|
||||
}
|
||||
|
||||
static void empty_unit(int chassis, int geoslot) {
|
||||
unit_t *u = &units[chassis][geoslot];
|
||||
|
||||
empty_unit_iface(u);
|
||||
if (u->imsg) { /* then if an inbound message buffer exists */
|
||||
u->imsg = (char *)realloc(u->imsg, 1); /* and re-allocate the old large buffer into a new small one */
|
||||
}
|
||||
}
|
||||
|
||||
static void empty_unit_table(void) {
|
||||
int chassis, geoslot;
|
||||
|
||||
for (chassis = 0; chassis <= MAX_CHASSIS; chassis++) {
|
||||
for (geoslot = 0; geoslot <= MAX_GEOSLOT; geoslot++) {
|
||||
if (units[chassis][geoslot].ip != NULL) {
|
||||
free(units[chassis][geoslot].ip); /* get rid of the malloc'ed space that holds the IP address */
|
||||
units[chassis][geoslot].ip = 0; /* then set the pointer to NULL */
|
||||
}
|
||||
empty_unit(chassis, geoslot);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static char *find_nth_interface_name(int n) {
|
||||
int chassis, geoslot;
|
||||
iface_t *p;
|
||||
char *last_name = 0;
|
||||
|
||||
if (n < 0) n = 0; /* ensure we are working with a valid number */
|
||||
for (chassis = 0; chassis <= MAX_CHASSIS; chassis++) { /* scan the table... */
|
||||
for (geoslot = 0; geoslot <= MAX_GEOSLOT; geoslot++) {
|
||||
if (units[chassis][geoslot].ip != NULL) {
|
||||
p = units[chassis][geoslot].iface;
|
||||
while (p) { /* and all interfaces... */
|
||||
if (p->IOPname) last_name = p->name; /* remembering the last name found */
|
||||
if (n-- == 0) return last_name; /* and if we hit the instance requested */
|
||||
p = p->next;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
/* if we couldn't fine the selected entry */
|
||||
if (last_name) return last_name; /* ... but we did have at least one entry... return the last entry found */
|
||||
return ""; /* ... but if there wasn't any entry... return an empty string instead */
|
||||
}
|
||||
|
||||
int acn_parse_hosts_file(char *errbuf) { /* returns: -1 = error, 0 = OK */
|
||||
FILE *fp;
|
||||
char buf[MAX_LINE_SIZE];
|
||||
char *ptr, *ptr2;
|
||||
int pos;
|
||||
int chassis, geoslot;
|
||||
unit_t *u;
|
||||
|
||||
empty_unit_table();
|
||||
if ((fp = fopen("/etc/hosts", "r")) == NULL) { /* try to open the hosts file and if it fails */
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "Cannot open '/etc/hosts' for reading."); /* return the nohostsfile error response */
|
||||
return -1;
|
||||
}
|
||||
while (fgets(buf, MAX_LINE_SIZE-1, fp)) { /* while looping over the file */
|
||||
|
||||
pos = strcspn(buf, "#\n\r"); /* find the first comment character or EOL */
|
||||
*(buf + pos) = '\0'; /* and clobber it and anything that follows it */
|
||||
|
||||
pos = strspn(buf, " \t"); /* then find the first non-white space */
|
||||
if (pos == strlen(buf)) /* if there is nothing but white space on the line */
|
||||
continue; /* ignore that empty line */
|
||||
ptr = buf + pos; /* and skip over any of that leading whitespace */
|
||||
|
||||
if ((ptr2 = strstr(ptr, "_I_")) == NULL) /* skip any lines that don't have names that look like they belong to IOPs */
|
||||
continue;
|
||||
if (*(ptr2 + 4) != '_') /* and skip other lines that have names that don't look like ACN components */
|
||||
continue;
|
||||
*(ptr + strcspn(ptr, " \t")) = '\0'; /* null terminate the IP address so its a standalone string */
|
||||
|
||||
chassis = *(ptr2 + 3) - '0'; /* extract the chassis number */
|
||||
geoslot = *(ptr2 + 5) - '0'; /* and geo-slot number */
|
||||
if (chassis < 1 || chassis > MAX_CHASSIS ||
|
||||
geoslot < 1 || geoslot > MAX_GEOSLOT) { /* if the chassis and/or slot numbers appear to be bad... */
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "Invalid ACN name in '/etc/hosts'."); /* warn the user */
|
||||
continue; /* and ignore the entry */
|
||||
}
|
||||
if ((ptr2 = (char *)malloc(strlen(ptr) + 1)) == NULL) {
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
continue;
|
||||
}
|
||||
strcpy(ptr2, ptr); /* copy the IP address into our malloc'ed memory */
|
||||
u = &units[chassis][geoslot];
|
||||
u->ip = ptr2; /* and remember the whole shebang */
|
||||
u->chassis = chassis;
|
||||
u->geoslot = geoslot;
|
||||
}
|
||||
fclose(fp);
|
||||
if (*errbuf) return -1;
|
||||
else return 0;
|
||||
}
|
||||
|
||||
static int open_with_IOP(unit_t *u, int flag) {
|
||||
int sockfd;
|
||||
char *ip;
|
||||
|
||||
if (u->serv_addr == NULL) {
|
||||
u->serv_addr = malloc(sizeof(struct sockaddr_in));
|
||||
}
|
||||
ip = u->ip;
|
||||
bzero((char *)u->serv_addr, sizeof(struct sockaddr_in));
|
||||
u->serv_addr->sin_family = AF_INET;
|
||||
u->serv_addr->sin_addr.s_addr = inet_addr(ip);
|
||||
u->serv_addr->sin_port = htons(IOP_SNIFFER_PORT);
|
||||
|
||||
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
|
||||
fprintf(stderr, "pcap can't open a socket for connecting to IOP at %s\n", ip);
|
||||
return 0;
|
||||
}
|
||||
if (connect(sockfd, (struct sockaddr *)u->serv_addr, sizeof(struct sockaddr_in)) < 0) {
|
||||
fprintf(stderr, "pcap can't connect to IOP at %s\n", ip);
|
||||
return 0;
|
||||
}
|
||||
if (flag == LIVE) u->fd = sockfd;
|
||||
else u->find_fd = sockfd;
|
||||
u->first_time = 0;
|
||||
return sockfd; /* return the non-zero file descriptor as a 'success' indicator */
|
||||
}
|
||||
|
||||
static void close_with_IOP(int chassis, int geoslot, int flag) {
|
||||
int *id;
|
||||
|
||||
if (flag == LIVE) id = &units[chassis][geoslot].fd;
|
||||
else id = &units[chassis][geoslot].find_fd;
|
||||
|
||||
if (*id) { /* this was the last time, so... if we are connected... */
|
||||
close(*id); /* disconnect us */
|
||||
*id = 0; /* and forget that the descriptor exists because we are not open */
|
||||
}
|
||||
}
|
||||
|
||||
static void pcap_cleanup_acn(pcap_t *handle) {
|
||||
int chassis, geoslot;
|
||||
unit_t *u;
|
||||
|
||||
if (find_unit_by_fd(handle->fd, &chassis, &geoslot, &u) == 0)
|
||||
return;
|
||||
close_with_IOP(chassis, geoslot, LIVE);
|
||||
if (u)
|
||||
u->first_time = 0;
|
||||
pcap_cleanup_live_common(handle);
|
||||
}
|
||||
|
||||
static void send_to_fd(int fd, int len, unsigned char *str) {
|
||||
int nwritten;
|
||||
int chassis, geoslot;
|
||||
|
||||
while (len > 0) {
|
||||
if ((nwritten = write(fd, str, len)) <= 0) {
|
||||
find_unit_by_fd(fd, &chassis, &geoslot, NULL);
|
||||
if (units[chassis][geoslot].fd == fd) close_with_IOP(chassis, geoslot, LIVE);
|
||||
else if (units[chassis][geoslot].find_fd == fd) close_with_IOP(chassis, geoslot, FIND);
|
||||
empty_unit(chassis, geoslot);
|
||||
return;
|
||||
}
|
||||
len -= nwritten;
|
||||
str += nwritten;
|
||||
}
|
||||
}
|
||||
|
||||
static void acn_freealldevs(void) {
|
||||
|
||||
pcap_if_t *iff, *next_iff;
|
||||
pcap_addr_t *addr, *next_addr;
|
||||
|
||||
for (iff = acn_if_list; iff != NULL; iff = next_iff) {
|
||||
next_iff = iff->next;
|
||||
for (addr = iff->addresses; addr != NULL; addr = next_addr) {
|
||||
next_addr = addr->next;
|
||||
if (addr->addr) free(addr->addr);
|
||||
if (addr->netmask) free(addr->netmask);
|
||||
if (addr->broadaddr) free(addr->broadaddr);
|
||||
if (addr->dstaddr) free(addr->dstaddr);
|
||||
free(addr);
|
||||
}
|
||||
if (iff->name) free(iff->name);
|
||||
if (iff->description) free(iff->description);
|
||||
free(iff);
|
||||
}
|
||||
}
|
||||
|
||||
static char *nonUnified_port_num(unit_t *u, int IOPportnum) {
|
||||
|
||||
sprintf(static_buf, "%d_%d", u->chassis, u->geoslot);
|
||||
return static_buf;
|
||||
}
|
||||
|
||||
static char *unified_port_num(unit_t *u, int IOPportnum) {
|
||||
int portnum;
|
||||
|
||||
portnum = ((u->chassis - 1) * 64) + ((u->geoslot - 1) * 8) + IOPportnum + 1;
|
||||
sprintf(static_buf, "%d", portnum);
|
||||
return static_buf;
|
||||
}
|
||||
|
||||
static char *translate_IOP_to_pcap_name(unit_t *u, char *IOPname, bpf_u_int32 iftype) {
|
||||
iface_t *iface_ptr, *iface;
|
||||
char *name;
|
||||
char buf[32];
|
||||
char *proto;
|
||||
char *port;
|
||||
int IOPportnum = 0;
|
||||
|
||||
iface = malloc(sizeof(iface_t)); /* get memory for a structure */
|
||||
bzero((char *)iface, sizeof(iface_t));
|
||||
|
||||
iface->iftype = iftype; /* remember the interface type of this interface */
|
||||
|
||||
name = malloc(strlen(IOPname) + 1); /* get memory for the IOP's name */
|
||||
strcpy(name, IOPname); /* and copy it in */
|
||||
iface->IOPname = name; /* and stick it into the structure */
|
||||
|
||||
if (strncmp(IOPname, "lo", 2) == 0) {
|
||||
IOPportnum = atoi(&IOPname[2]);
|
||||
switch (iftype) {
|
||||
case DLT_EN10MB: proto = "lo"; port = nonUnified_port_num(u, IOPportnum); break;
|
||||
default: proto = "???"; port = unified_port_num(u, IOPportnum); break;
|
||||
}
|
||||
} else if (strncmp(IOPname, "eth", 3) == 0) {
|
||||
IOPportnum = atoi(&IOPname[3]);
|
||||
switch (iftype) {
|
||||
case DLT_EN10MB: proto = "eth"; port = nonUnified_port_num(u, IOPportnum); break;
|
||||
default: proto = "???"; port = unified_port_num(u, IOPportnum); break;
|
||||
}
|
||||
} else if (strncmp(IOPname, "wan", 3) == 0) {
|
||||
IOPportnum = atoi(&IOPname[3]);
|
||||
switch (iftype) {
|
||||
case DLT_SITA: proto = "wan"; port = unified_port_num(u, IOPportnum); break;
|
||||
default: proto = "???"; port = unified_port_num(u, IOPportnum); break;
|
||||
}
|
||||
}
|
||||
|
||||
sprintf(buf, "%s_%s", proto, port); /* compose the user's name for that IOP port name */
|
||||
name = malloc(strlen(buf) + 1); /* get memory for that name */
|
||||
strcpy(name, buf); /* and copy it in */
|
||||
iface->name = name; /* and stick it into the structure */
|
||||
|
||||
if (u->iface == 0) { /* if this is the first name */
|
||||
u->iface = iface; /* stick this entry at the head of the list */
|
||||
} else {
|
||||
iface_ptr = u->iface;
|
||||
while (iface_ptr->next) { /* othewise scan the list */
|
||||
iface_ptr = iface_ptr->next; /* till we're at the last entry */
|
||||
}
|
||||
iface_ptr->next = iface; /* then tack this entry on the end of the list */
|
||||
}
|
||||
return iface->name;
|
||||
}
|
||||
|
||||
static int if_sort(char *s1, char *s2) {
|
||||
char *s1_p2, *s2_p2;
|
||||
char str1[MAX_LINE_SIZE], str2[MAX_LINE_SIZE];
|
||||
int s1_p1_len, s2_p1_len;
|
||||
int retval;
|
||||
|
||||
if ((s1_p2 = strchr(s1, '_'))) { /* if an underscore is found... */
|
||||
s1_p1_len = s1_p2 - s1; /* the prefix length is the difference in pointers */
|
||||
s1_p2++; /* the suffix actually starts _after_ the underscore */
|
||||
} else { /* otherwise... */
|
||||
s1_p1_len = strlen(s1); /* the prefix length is the length of the string itself */
|
||||
s1_p2 = 0; /* and there is no suffix */
|
||||
}
|
||||
if ((s2_p2 = strchr(s2, '_'))) { /* now do the same for the second string */
|
||||
s2_p1_len = s2_p2 - s2;
|
||||
s2_p2++;
|
||||
} else {
|
||||
s2_p1_len = strlen(s2);
|
||||
s2_p2 = 0;
|
||||
}
|
||||
strncpy(str1, s1, (s1_p1_len > sizeof(str1)) ? s1_p1_len : sizeof(str1)); *(str1 + s1_p1_len) = 0;
|
||||
strncpy(str2, s2, (s2_p1_len > sizeof(str2)) ? s2_p1_len : sizeof(str2)); *(str2 + s2_p1_len) = 0;
|
||||
retval = strcmp(str1, str2);
|
||||
if (retval != 0) return retval; /* if they are not identical, then we can quit now and return the indication */
|
||||
return strcmp(s1_p2, s2_p2); /* otherwise we return the result of comparing the 2nd half of the string */
|
||||
}
|
||||
|
||||
static void sort_if_table(void) {
|
||||
pcap_if_t *p1, *p2, *prev, *temp;
|
||||
int has_swapped;
|
||||
|
||||
if (!acn_if_list) return; /* nothing to do if the list is empty */
|
||||
|
||||
while (1) {
|
||||
p1 = acn_if_list; /* start at the head of the list */
|
||||
prev = 0;
|
||||
has_swapped = 0;
|
||||
while ((p2 = p1->next)) {
|
||||
if (if_sort(p1->name, p2->name) > 0) {
|
||||
if (prev) { /* we are swapping things that are _not_ at the head of the list */
|
||||
temp = p2->next;
|
||||
prev->next = p2;
|
||||
p2->next = p1;
|
||||
p1->next = temp;
|
||||
} else { /* special treatment if we are swapping with the head of the list */
|
||||
temp = p2->next;
|
||||
acn_if_list= p2;
|
||||
p2->next = p1;
|
||||
p1->next = temp;
|
||||
}
|
||||
p1 = p2;
|
||||
prev = p1;
|
||||
has_swapped = 1;
|
||||
}
|
||||
prev = p1;
|
||||
p1 = p1->next;
|
||||
}
|
||||
if (has_swapped == 0)
|
||||
return;
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
static int process_client_data (char *errbuf) { /* returns: -1 = error, 0 = OK */
|
||||
int chassis, geoslot;
|
||||
unit_t *u;
|
||||
pcap_if_t *iff, *prev_iff;
|
||||
pcap_addr_t *addr, *prev_addr;
|
||||
char *ptr;
|
||||
int address_count;
|
||||
struct sockaddr_in *s;
|
||||
char *newname;
|
||||
bpf_u_int32 interfaceType;
|
||||
unsigned char flags;
|
||||
|
||||
prev_iff = 0;
|
||||
for (chassis = 0; chassis <= MAX_CHASSIS; chassis++) {
|
||||
for (geoslot = 0; geoslot <= MAX_GEOSLOT; geoslot++) { /* now loop over all the devices */
|
||||
u = &units[chassis][geoslot];
|
||||
empty_unit_iface(u);
|
||||
ptr = u->imsg; /* point to the start of the msg for this IOP */
|
||||
while (ptr < (u->imsg + u->len)) {
|
||||
if ((iff = malloc(sizeof(pcap_if_t))) == NULL) {
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
bzero((char *)iff, sizeof(pcap_if_t));
|
||||
if (acn_if_list == 0) acn_if_list = iff; /* remember the head of the list */
|
||||
if (prev_iff) prev_iff->next = iff; /* insert a forward link */
|
||||
|
||||
if (*ptr) { /* if there is a count for the name */
|
||||
if ((iff->name = malloc(*ptr + 1)) == NULL) { /* get that amount of space */
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
memcpy(iff->name, (ptr + 1), *ptr); /* copy the name into the malloc'ed space */
|
||||
*(iff->name + *ptr) = 0; /* and null terminate the string */
|
||||
ptr += *ptr; /* now move the pointer forwards by the length of the count plus the length of the string */
|
||||
}
|
||||
ptr++;
|
||||
|
||||
if (*ptr) { /* if there is a count for the description */
|
||||
if ((iff->description = malloc(*ptr + 1)) == NULL) { /* get that amount of space */
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
memcpy(iff->description, (ptr + 1), *ptr); /* copy the name into the malloc'ed space */
|
||||
*(iff->description + *ptr) = 0; /* and null terminate the string */
|
||||
ptr += *ptr; /* now move the pointer forwards by the length of the count plus the length of the string */
|
||||
}
|
||||
ptr++;
|
||||
|
||||
interfaceType = ntohl(*(bpf_u_int32 *)ptr);
|
||||
ptr += 4; /* skip over the interface type */
|
||||
|
||||
flags = *ptr++;
|
||||
if (flags) iff->flags = PCAP_IF_LOOPBACK; /* if this is a loopback style interface, lets mark it as such */
|
||||
|
||||
address_count = *ptr++;
|
||||
|
||||
prev_addr = 0;
|
||||
while (address_count--) {
|
||||
if ((addr = malloc(sizeof(pcap_addr_t))) == NULL) {
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
bzero((char *)addr, sizeof(pcap_addr_t));
|
||||
if (iff->addresses == 0) iff->addresses = addr;
|
||||
if (prev_addr) prev_addr->next = addr; /* insert a forward link */
|
||||
if (*ptr) { /* if there is a count for the address */
|
||||
if ((s = malloc(sizeof(struct sockaddr_in))) == NULL) { /* get that amount of space */
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
bzero((char *)s, sizeof(struct sockaddr_in));
|
||||
addr->addr = (struct sockaddr *)s;
|
||||
s->sin_family = AF_INET;
|
||||
s->sin_addr.s_addr = *(bpf_u_int32 *)(ptr + 1); /* copy the address in */
|
||||
ptr += *ptr; /* now move the pointer forwards according to the specified length of the address */
|
||||
}
|
||||
ptr++; /* then forwards one more for the 'length of the address' field */
|
||||
if (*ptr) { /* process any netmask */
|
||||
if ((s = malloc(sizeof(struct sockaddr_in))) == NULL) {
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
bzero((char *)s, sizeof(struct sockaddr_in));
|
||||
addr->netmask = (struct sockaddr *)s;
|
||||
s->sin_family = AF_INET;
|
||||
s->sin_addr.s_addr = *(bpf_u_int32*)(ptr + 1);
|
||||
ptr += *ptr;
|
||||
}
|
||||
ptr++;
|
||||
if (*ptr) { /* process any broadcast address */
|
||||
if ((s = malloc(sizeof(struct sockaddr_in))) == NULL) {
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
bzero((char *)s, sizeof(struct sockaddr_in));
|
||||
addr->broadaddr = (struct sockaddr *)s;
|
||||
s->sin_family = AF_INET;
|
||||
s->sin_addr.s_addr = *(bpf_u_int32*)(ptr + 1);
|
||||
ptr += *ptr;
|
||||
}
|
||||
ptr++;
|
||||
if (*ptr) { /* process any destination address */
|
||||
if ((s = malloc(sizeof(struct sockaddr_in))) == NULL) {
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
bzero((char *)s, sizeof(struct sockaddr_in));
|
||||
addr->dstaddr = (struct sockaddr *)s;
|
||||
s->sin_family = AF_INET;
|
||||
s->sin_addr.s_addr = *(bpf_u_int32*)(ptr + 1);
|
||||
ptr += *ptr;
|
||||
}
|
||||
ptr++;
|
||||
prev_addr = addr;
|
||||
}
|
||||
prev_iff = iff;
|
||||
|
||||
newname = translate_IOP_to_pcap_name(u, iff->name, interfaceType); /* add a translation entry and get a point to the mangled name */
|
||||
if ((iff->name = realloc(iff->name, strlen(newname) + 1)) == NULL) { /* we now re-write the name stored in the interface list */
|
||||
snprintf(errbuf, PCAP_ERRBUF_SIZE, "realloc: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
strcpy(iff->name, newname); /* to this new name */
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int read_client_data (int fd) {
|
||||
unsigned char buf[256];
|
||||
int chassis, geoslot;
|
||||
unit_t *u;
|
||||
int len;
|
||||
|
||||
find_unit_by_fd(fd, &chassis, &geoslot, &u);
|
||||
|
||||
if ((len = recv(fd, buf, sizeof(buf), 0)) <= 0) return 0; /* read in whatever data was sent to us */
|
||||
|
||||
if ((u->imsg = realloc(u->imsg, (u->len + len))) == NULL) /* extend the buffer for the new data */
|
||||
return 0;
|
||||
memcpy((u->imsg + u->len), buf, len); /* append the new data */
|
||||
u->len += len;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void wait_for_all_answers(void) {
|
||||
int retval;
|
||||
struct timeval tv;
|
||||
int fd;
|
||||
int chassis, geoslot;
|
||||
|
||||
tv.tv_sec = 2;
|
||||
tv.tv_usec = 0;
|
||||
|
||||
while (1) {
|
||||
int flag = 0;
|
||||
for (fd = 0; fd <= max_fs; fd++) { /* scan the list of descriptors we may be listening to */
|
||||
if (FD_ISSET(fd, &readfds)) flag = 1; /* and see if there are any still set */
|
||||
}
|
||||
if (flag == 0) return; /* we are done, when they are all gone */
|
||||
|
||||
memcpy(&working_set, &readfds, sizeof(readfds)); /* otherwise, we still have to listen for more stuff, till we timeout */
|
||||
retval = select(max_fs + 1, &working_set, NULL, NULL, &tv);
|
||||
if (retval == -1) { /* an error occured !!!!! */
|
||||
return;
|
||||
} else if (retval == 0) { /* timeout occured, so process what we've got sofar and return */
|
||||
printf("timeout\n");
|
||||
return;
|
||||
} else {
|
||||
for (fd = 0; fd <= max_fs; fd++) { /* scan the list of things to do, and do them */
|
||||
if (FD_ISSET(fd, &working_set)) {
|
||||
if (read_client_data(fd) == 0) { /* if the socket has closed */
|
||||
FD_CLR(fd, &readfds); /* and descriptors we listen to for errors */
|
||||
find_unit_by_fd(fd, &chassis, &geoslot, NULL);
|
||||
close_with_IOP(chassis, geoslot, FIND); /* and close out connection to him */
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
static char *get_error_response(int fd, char *errbuf) { /* return a pointer on error, NULL on no error */
|
||||
char byte;
|
||||
int len = 0;
|
||||
|
||||
while (1) {
|
||||
recv(fd, &byte, 1, 0); /* read another byte in */
|
||||
if (errbuf && (len++ < PCAP_ERRBUF_SIZE)) { /* and if there is still room in the buffer */
|
||||
*errbuf++ = byte; /* stick it in */
|
||||
*errbuf = '\0'; /* ensure the string is null terminated just in case we might exceed the buffer's size */
|
||||
}
|
||||
if (byte == '\0') {
|
||||
if (len > 1) { return errbuf; }
|
||||
else { return NULL; }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
int acn_findalldevs(char *errbuf) { /* returns: -1 = error, 0 = OK */
|
||||
int chassis, geoslot;
|
||||
unit_t *u;
|
||||
|
||||
FD_ZERO(&readfds);
|
||||
max_fs = 0;
|
||||
for (chassis = 0; chassis <= MAX_CHASSIS; chassis++) {
|
||||
for (geoslot = 0; geoslot <= MAX_GEOSLOT; geoslot++) {
|
||||
u = &units[chassis][geoslot];
|
||||
if (u->ip && (open_with_IOP(u, FIND))) { /* connect to the remote IOP */
|
||||
send_to_fd(u->find_fd, 1, (unsigned char *)"\0");
|
||||
if (get_error_response(u->find_fd, errbuf))
|
||||
close_with_IOP(chassis, geoslot, FIND);
|
||||
else {
|
||||
if (u->find_fd > max_fs)
|
||||
max_fs = u->find_fd; /* remember the highest number currently in use */
|
||||
FD_SET(u->find_fd, &readfds); /* we are going to want to read this guy's response to */
|
||||
u->len = 0;
|
||||
send_to_fd(u->find_fd, 1, (unsigned char *)"Q"); /* this interface query request */
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
wait_for_all_answers();
|
||||
if (process_client_data(errbuf))
|
||||
return -1;
|
||||
sort_if_table();
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int pcap_stats_acn(pcap_t *handle, struct pcap_stat *ps) {
|
||||
unsigned char buf[12];
|
||||
|
||||
send_to_fd(handle->fd, 1, (unsigned char *)"S"); /* send the get_stats command to the IOP */
|
||||
|
||||
if (read_client_nbytes(handle->fd, sizeof(buf), buf) == -1) return -1; /* try reading the required bytes */
|
||||
|
||||
ps->ps_recv = ntohl(*(uint32_t *)&buf[0]); /* break the buffer into its three 32 bit components */
|
||||
ps->ps_drop = ntohl(*(uint32_t *)&buf[4]);
|
||||
ps->ps_ifdrop = ntohl(*(uint32_t *)&buf[8]);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int acn_open_live(const char *name, char *errbuf, int *linktype) { /* returns 0 on error, else returns the file descriptor */
|
||||
int chassis, geoslot;
|
||||
unit_t *u;
|
||||
iface_t *p;
|
||||
pcap_if_t *alldevsp;
|
||||
|
||||
pcap_findalldevs(&alldevsp, errbuf);
|
||||
for (chassis = 0; chassis <= MAX_CHASSIS; chassis++) { /* scan the table... */
|
||||
for (geoslot = 0; geoslot <= MAX_GEOSLOT; geoslot++) {
|
||||
u = &units[chassis][geoslot];
|
||||
if (u->ip != NULL) {
|
||||
p = u->iface;
|
||||
while (p) { /* and all interfaces... */
|
||||
if (p->IOPname && p->name && (strcmp(p->name, name) == 0)) { /* and if we found the interface we want... */
|
||||
*linktype = p->iftype;
|
||||
open_with_IOP(u, LIVE); /* start a connection with that IOP */
|
||||
send_to_fd(u->fd, strlen(p->IOPname)+1, (unsigned char *)p->IOPname); /* send the IOP's interface name, and a terminating null */
|
||||
if (get_error_response(u->fd, errbuf)) {
|
||||
return -1;
|
||||
}
|
||||
return u->fd; /* and return that open descriptor */
|
||||
}
|
||||
p = p->next;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return -1; /* if the interface wasn't found, return an error */
|
||||
}
|
||||
|
||||
static void acn_start_monitor(int fd, int snaplen, int timeout, int promiscuous, int direction) {
|
||||
unsigned char buf[8];
|
||||
unit_t *u;
|
||||
|
||||
//printf("acn_start_monitor()\n"); // fulko
|
||||
find_unit_by_fd(fd, NULL, NULL, &u);
|
||||
if (u->first_time == 0) {
|
||||
buf[0] = 'M';
|
||||
*(uint32_t *)&buf[1] = htonl(snaplen);
|
||||
buf[5] = timeout;
|
||||
buf[6] = promiscuous;
|
||||
buf[7] = direction;
|
||||
//printf("acn_start_monitor() first time\n"); // fulko
|
||||
send_to_fd(fd, 8, buf); /* send the start monitor command with its parameters to the IOP */
|
||||
u->first_time = 1;
|
||||
}
|
||||
//printf("acn_start_monitor() complete\n"); // fulko
|
||||
}
|
||||
|
||||
static int pcap_inject_acn(pcap_t *p, const void *buf _U_, size_t size _U_) {
|
||||
strlcpy(p->errbuf, "Sending packets isn't supported on ACN adapters",
|
||||
PCAP_ERRBUF_SIZE);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
static int pcap_setfilter_acn(pcap_t *handle, struct bpf_program *bpf) {
|
||||
int fd = handle->fd;
|
||||
int count;
|
||||
struct bpf_insn *p;
|
||||
uint16_t shortInt;
|
||||
uint32_t longInt;
|
||||
|
||||
send_to_fd(fd, 1, (unsigned char *)"F"); /* BPF filter follows command */
|
||||
count = bpf->bf_len;
|
||||
longInt = htonl(count);
|
||||
send_to_fd(fd, 4, (unsigned char *)&longInt); /* send the instruction sequence count */
|
||||
p = bpf->bf_insns;
|
||||
while (count--) { /* followed by the list of instructions */
|
||||
shortInt = htons(p->code);
|
||||
longInt = htonl(p->k);
|
||||
send_to_fd(fd, 2, (unsigned char *)&shortInt);
|
||||
send_to_fd(fd, 1, (unsigned char *)&p->jt);
|
||||
send_to_fd(fd, 1, (unsigned char *)&p->jf);
|
||||
send_to_fd(fd, 4, (unsigned char *)&longInt);
|
||||
p++;
|
||||
}
|
||||
if (get_error_response(fd, NULL))
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int pcap_setdirection_acn(pcap_t *handle, pcap_direction_t d) {
|
||||
snprintf(handle->errbuf, sizeof(handle->errbuf),
|
||||
"Setting direction is not supported on ACN adapters");
|
||||
return -1;
|
||||
}
|
||||
|
||||
static int acn_read_n_bytes_with_timeout(pcap_t *handle, int count) {
|
||||
struct timeval tv;
|
||||
int retval, fd;
|
||||
fd_set r_fds;
|
||||
fd_set w_fds;
|
||||
u_char *bp;
|
||||
int len = 0;
|
||||
int offset = 0;
|
||||
|
||||
tv.tv_sec = 5;
|
||||
tv.tv_usec = 0;
|
||||
|
||||
fd = handle->fd;
|
||||
FD_ZERO(&r_fds);
|
||||
FD_SET(fd, &r_fds);
|
||||
memcpy(&w_fds, &r_fds, sizeof(r_fds));
|
||||
bp = handle->bp;
|
||||
while (count) {
|
||||
retval = select(fd + 1, &w_fds, NULL, NULL, &tv);
|
||||
if (retval == -1) { /* an error occured !!!!! */
|
||||
// fprintf(stderr, "error during packet data read\n");
|
||||
return -1; /* but we need to return a good indication to prevent unneccessary popups */
|
||||
} else if (retval == 0) { /* timeout occured, so process what we've got sofar and return */
|
||||
// fprintf(stderr, "timeout during packet data read\n");
|
||||
return -1;
|
||||
} else {
|
||||
if ((len = recv(fd, (bp + offset), count, 0)) <= 0) {
|
||||
// fprintf(stderr, "premature exit during packet data rx\n");
|
||||
return -1;
|
||||
}
|
||||
count -= len;
|
||||
offset += len;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int pcap_read_acn(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user) {
|
||||
#define HEADER_SIZE (4 * 4)
|
||||
unsigned char packet_header[HEADER_SIZE];
|
||||
struct pcap_pkthdr pcap_header;
|
||||
|
||||
//printf("pcap_read_acn()\n"); // fulko
|
||||
acn_start_monitor(handle->fd, handle->snapshot, handle->md.timeout, handle->md.clear_promisc, handle->direction); /* maybe tell him to start monitoring */
|
||||
//printf("pcap_read_acn() after start monitor\n"); // fulko
|
||||
|
||||
handle->bp = packet_header;
|
||||
if (acn_read_n_bytes_with_timeout(handle, HEADER_SIZE) == -1) return 0; /* try to read a packet header in so we can get the sizeof the packet data */
|
||||
|
||||
pcap_header.ts.tv_sec = ntohl(*(uint32_t *)&packet_header[0]); /* tv_sec */
|
||||
pcap_header.ts.tv_usec = ntohl(*(uint32_t *)&packet_header[4]); /* tv_usec */
|
||||
pcap_header.caplen = ntohl(*(uint32_t *)&packet_header[8]); /* caplen */
|
||||
pcap_header.len = ntohl(*(uint32_t *)&packet_header[12]); /* len */
|
||||
|
||||
handle->bp = handle->buffer + handle->offset; /* start off the receive pointer at the right spot */
|
||||
if (acn_read_n_bytes_with_timeout(handle, pcap_header.caplen) == -1) return 0; /* then try to read in the rest of the data */
|
||||
|
||||
callback(user, &pcap_header, handle->bp); /* call the user supplied callback function */
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int pcap_activate_sita(pcap_t *handle) {
|
||||
int fd;
|
||||
|
||||
if (handle->opt.rfmon) {
|
||||
/*
|
||||
* No monitor mode on SITA devices (they're not Wi-Fi
|
||||
* devices).
|
||||
*/
|
||||
return PCAP_ERROR_RFMON_NOTSUP;
|
||||
}
|
||||
|
||||
/* Initialize some components of the pcap structure. */
|
||||
|
||||
handle->inject_op = pcap_inject_acn;
|
||||
handle->setfilter_op = pcap_setfilter_acn;
|
||||
handle->setdirection_op = pcap_setdirection_acn;
|
||||
handle->set_datalink_op = NULL; /* can't change data link type */
|
||||
handle->getnonblock_op = pcap_getnonblock_fd;
|
||||
handle->setnonblock_op = pcap_setnonblock_fd;
|
||||
handle->cleanup_op = pcap_cleanup_acn;
|
||||
handle->read_op = pcap_read_acn;
|
||||
handle->stats_op = pcap_stats_acn;
|
||||
|
||||
fd = acn_open_live(handle->opt.source, handle->errbuf,
|
||||
&handle->linktype);
|
||||
if (fd == -1)
|
||||
return PCAP_ERROR;
|
||||
handle->md.clear_promisc = handle->md.promisc;
|
||||
handle->fd = fd;
|
||||
handle->bufsize = handle->snapshot;
|
||||
|
||||
/* Allocate the buffer */
|
||||
|
||||
handle->buffer = malloc(handle->bufsize + handle->offset);
|
||||
if (!handle->buffer) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
pcap_cleanup_acn(handle);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
/*
|
||||
* "handle->fd" is a socket, so "select()" and "poll()"
|
||||
* should work on it.
|
||||
*/
|
||||
handle->selectable_fd = handle->fd;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
pcap_t *pcap_create(const char *device, char *ebuf) {
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = pcap_activate_sita;
|
||||
return (p);
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
/*
|
||||
* pcap-sita.h: Packet capture interface for SITA WAN devices
|
||||
*
|
||||
* Authors: Fulko Hew (fulko.hew@sita.aero) (+1 905 6815570);
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-sita.h
|
||||
*/
|
||||
|
||||
extern int acn_parse_hosts_file(char *errbuf);
|
||||
extern int acn_findalldevs(char *errbuf);
|
|
@ -0,0 +1,943 @@
|
|||
<HTML><HEAD>
|
||||
<STYLE type="text/css">
|
||||
<!--
|
||||
A { text-decoration:none }
|
||||
-->
|
||||
</STYLE>
|
||||
</HEAD>
|
||||
<BODY>
|
||||
|
||||
<TABLE WIDTH=100%><TR>
|
||||
<TD ALIGN=LEFT VALIGN=TOP>
|
||||
<FONT SIZE=+0 FACE="COURIER"><B>A "Distributed Pcap" for<BR>Remote Monitoring LANs & WANs</B><BR>
|
||||
(Design Notes for the SITA ACN device)</FONT>
|
||||
</TD>
|
||||
<TD ALIGN=RIGHT VALIGN=TOP>
|
||||
Fulko Hew<BR>SITA INC Canada, Inc.<BR>Revised: October 2, 2007
|
||||
</TD>
|
||||
</TR></TABLE>
|
||||
|
||||
|
||||
<H3>SUMMARY</H3>
|
||||
<UL>
|
||||
<STRONG>Note:</STRONG> This document is part of the libpcap Git and was derived from 'pcap.3' (circa Aug/07).
|
||||
<P>
|
||||
The ACN provides a customized/distributed version of this library that alows SMPs to
|
||||
interact with the various IOPs within the site providing a standard mechanism
|
||||
to capture LAN and WAN message traffic.
|
||||
<P>
|
||||
<CENTER>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3 WIDTH=75%>
|
||||
<TR>
|
||||
<TH VALIGN=TOP>SMP</TH>
|
||||
<TD VALIGN=TOP>The Supervisory Management Processor where Wireshark (or equivalent)
|
||||
runs in conjuction with a libpcap front-end.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TH VALIGN=TOP>IOP</TH>
|
||||
<TD VALIGN=TOP>I/O Processors where the monitored ports exist in conjunction
|
||||
with a custom device driver/libpcap back-end.</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</CENTER>
|
||||
<P>
|
||||
Each IOP will be capable of supporting multiple connections from an SMP
|
||||
enabling monitoring of more than one interface at a time, each through
|
||||
its own seperate connection. The IOP is responsible to ensure and report
|
||||
an error if any attempt is made to monitor the same interface more than once.
|
||||
<P>
|
||||
There are three applications that will be supported by the ACN version of libpcap.
|
||||
They each use a slightly different mode for looping/capturing and termination
|
||||
as summarized in the following table:
|
||||
<P>
|
||||
<CENTER>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR><TH>Application</TH> <TH>Capture</TH> <TH>Termination</TH></TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>wireshark</TH>
|
||||
<TD VALIGN=TOP>pcap_dispatch(all packets in one buffer of capture only)</TD>
|
||||
<TD VALIGN=TOP>pcap_breakloop()</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>tshark</TH>
|
||||
<TD VALIGN=TOP>pcap_dispatch(one buffer of capture only)</TD>
|
||||
<TD VALIGN=TOP>Since a CTRL-C was used to terminate the application, pcap_breakloop() is never called.</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>tcpdump</TH>
|
||||
<TD VALIGN=TOP>pcap_loop(all packets in the next buffer, and loop forever)</TD>
|
||||
<TD VALIGN=TOP>pcap_breakloop()</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</CENTER>
|
||||
<P>
|
||||
<B>Note: </B>In all cases, the termination of capturing is always (apparently) followed by
|
||||
pcap_close(). Pcap_breakloop() is only used to stop/suspend looping/processing,
|
||||
and upon close interpretation of the function definitions, it is possible to resume
|
||||
capturing following a pcap_breakloop() without any re-initialization.
|
||||
<P>
|
||||
<H4>ACN Limitations</H4>
|
||||
<OL>
|
||||
<LI>Monitoring of backup IOPs is not currently supported.
|
||||
<LI>Ethernet interfaces cannot be monitored in promiscuous mode.
|
||||
</OL>
|
||||
|
||||
</UL>
|
||||
|
||||
<H3>ROUTINES</H3>
|
||||
<UL>
|
||||
The following list of functions is the sub-set of Pcap functions that have been
|
||||
altered/enhanced to support the ACN remote monitoring facility. The remainder of the Pcap
|
||||
functions continue to perform their duties un-altered. Libpcap only supports this
|
||||
mode of operation if it has been configured/compiled for SITA/ACN support.
|
||||
<P>
|
||||
<UL><FONT FACE=COURIER>
|
||||
pcap_findalldevs<BR>
|
||||
pcap_freealldevs<BR>
|
||||
pcap_open_live<BR>
|
||||
pcap_close<BR>
|
||||
pcap_setfilter<BR>
|
||||
pcap_dispatch<BR>
|
||||
pcap_loop<BR>
|
||||
pcap_next<BR>
|
||||
pcap_next_ex<BR>
|
||||
pcap_stats<BR>
|
||||
</FONT></UL>
|
||||
|
||||
These subroutines have been modified for the ACN specific distributed and remote monitoring
|
||||
ability perform the following basic functions. More detail is provided in the
|
||||
"SMP/IOP Inter-Process Communication Protocol" section.
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_open_live()</B></TD>
|
||||
<TD VALIGN=TOP>Used to obtain a packet capture descriptor to look at packets on the network.</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
The SMP will open a connection to the selected IOP on its 'sniffer' port
|
||||
to ensure it is available. It sends a null terminated string identifying
|
||||
the interface to be monitored.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>
|
||||
After any required processing is complete, the IOP will return a
|
||||
null terminated string containing an error message if one occured.
|
||||
If no error occured, a empty string is still returned.
|
||||
Errors are:
|
||||
<UL>
|
||||
<LI>"Interface (xxx) does not exist."
|
||||
<LI>"Interface (xxx) not configured."
|
||||
<LI>"Interface (xxx) already being monitored."
|
||||
</UL>
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_findalldevs()</B></TD>
|
||||
<TD VALIGN=TOP>It constructs a list of network devices that can be opened with pcap_open_live().</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
It obtains a list of IOPs currently available (via /etc/hosts).
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
The SMP will sequentially open a connection to each IOP on its 'sniffer' port to ensure
|
||||
the IOP is available.
|
||||
It sends a null terminated empty interface ID followed by the query request command.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>The IOP returns an error response and its list of devices.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
The SMP closes the TCP connection with each IOP.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
The SMP adds the received information to its internal structure.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_freealldevs()</B></TD>
|
||||
<TD VALIGN=TOP>Used to free a list allocated by pcap_findalldevs().</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
The SMP frees the structure it built as a result of the previous
|
||||
invocation of pcap_findalldevs().
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_dispatch()</B></TD>
|
||||
<TD VALIGN=TOP>Used to collect and process packets.</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
On the first invocation of pcap_dispatch(), pcap_loop(), or pcap_next(), or pcap_next_ex() following a pcap_open_live(),
|
||||
the SMP will pass down the monitor start command and various parameters the IOP should use.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>
|
||||
The IOP now sends a stream of captured data.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
The SMP will read the reverse channel of the connection between the SMP and the
|
||||
IOP that provides the captured data (via 'p->read_op' which is 'pcap_read_linux()'
|
||||
until the select() call returns a 'no more data' indication.
|
||||
It will the process (at most) the next 'cnt' packets and invoke the specified
|
||||
callback function for each packet processed.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP</TH>
|
||||
<TD>
|
||||
The IOP continues to listen for additional commands as well as capturing and forwarding data to the SMP.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_loop()</B></TD>
|
||||
<TD VALIGN=TOP>
|
||||
Is similar to pcap_dispatch() except it keeps reading packets until
|
||||
the requested number of packets are processed or an error occurs.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
On the first invocation of pcap_dispatch(), pcap_loop(), or pcap_next(), or pcap_next_ex() following a pcap_open_live(),
|
||||
the SMP will pass down the monitor start command and various parameters the IOP should use.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>
|
||||
The IOP now sends a stream of captured data.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
The SMP continuously reads the next packet from the reverse channel of the connection
|
||||
between the SMP and the IOP that provides the captured data (via 'p->read_op'
|
||||
which is 'pcap_read_linux()' until 'cnt' packets have been received.
|
||||
The specified callback function will be invoked for each packet received.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP</TH>
|
||||
<TD>
|
||||
The IOP continues to listen for additional commands as well as capturing and forwarding data to the SMP.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_next()</B></TD>
|
||||
<TD VALIGN=TOP>
|
||||
It reads the next packet (by calling pcap_dispatch() with a count of 1)
|
||||
and returns a pointer to the data in that packet.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
On the first invocation of pcap_dispatch(), pcap_loop(), or pcap_next(), or pcap_next_ex() following a pcap_open_live(),
|
||||
the SMP will pass down the monitor start command and various parameters the IOP should use.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>
|
||||
The IOP now sends a stream of captured data.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
The SMP reads only the next packet from the reverse channel of the connection
|
||||
between the SMP and the IOP that provides the captured data (via calling pcap_dispatch()
|
||||
with a count of 1) and returns a pointer to that data by invoking an internal callback.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP</TH>
|
||||
<TD>
|
||||
The IOP continues to listen for additional commands as well as capturing and forwarding data to the SMP.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_next_ex()</B></TD>
|
||||
<TD VALIGN=TOP>Reads the next packet and returns a success/failure indication.</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
On the first invocation of pcap_dispatch(), pcap_loop(), or pcap_next(), or pcap_next_ex() following a pcap_open_live(),
|
||||
the SMP will pass down the monitor start command and various parameters the IOP should use.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>
|
||||
The IOP now sends a stream of captured data.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
The SMP reads only the next packet from the reverse channel of the connection
|
||||
between the SMP and the IOP that provides the captured data (via calling pcap_dispatch()
|
||||
with a count of 1) and returns seperate pointers to both the
|
||||
packet header and packet data by invoking an internal callback.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP</TH>
|
||||
<TD>
|
||||
The IOP continues to listen for additional commands as well as capturing and forwarding data to the SMP.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_setfilter()</B></TD>
|
||||
<TD VALIGN=TOP>Used to specify a filter program.</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
The SMP sends a 'set filter' command followed by the BPF commands.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>
|
||||
The IOP returns a null terminated error string if it failed to accept the filter.
|
||||
If no error occured, then a NULL terminated empty string is returned instead.
|
||||
Errors are:
|
||||
<UL>
|
||||
<LI>"Invalid BPF."
|
||||
<LI>"Insufficient resources for BPF."
|
||||
</UL>
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_stats()</B></TD>
|
||||
<TD VALIGN=TOP>Fills in a pcap_stat struct with packet statistics.</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
The SMP sends a message to the IOP requesting its statistics.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP -> SMP</TH>
|
||||
<TD>
|
||||
The IOP returns the statistics.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP</TH>
|
||||
<TD>
|
||||
The SMP fills in the structure provided with the information retrieved from the IOP.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2><B>pcap_close()</B></TD>
|
||||
<TD VALIGN=TOP>Closes the file and deallocates resources.</TD>
|
||||
</TR>
|
||||
<TR><TD><TABLE BORDER=0 CELLSPACING=0 CELLPADDING=3 WIDTH=100%>
|
||||
<TR><TH VALIGN=TOP NOWRAP>SMP -> IOP</TH>
|
||||
<TD>
|
||||
The SMP closes the file descriptor, and if the descriptor is that of
|
||||
the comminucation session with an IOP, it too is terminated.
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH VALIGN=TOP NOWRAP>IOP</TH>
|
||||
<TD>
|
||||
If the IOP detects that its communication session with an SMP
|
||||
has closed, it will terminate any monitoring in progress,
|
||||
release any resources and close its end of the session.
|
||||
It will not maintain persistance of any information or prior mode of operation.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE></TD></TR>
|
||||
</TABLE>
|
||||
</UL>
|
||||
|
||||
<P>
|
||||
<H3>SMP/IOP Inter-Process Communication Protocol</H3>
|
||||
|
||||
<UL>
|
||||
<LI><P>Communications between an SMP and an IOP consists of a TCP session
|
||||
between an ephemeral port on the SMP and the well known port of 49152
|
||||
(which is the first available port in the 'dynamic and/or private port'
|
||||
range) on an IOP.
|
||||
<LI><P>Following a TCP open operation the IOP receives a null terminated
|
||||
'interface ID' string to determine the type of operation that follows:
|
||||
<LI><P>Every command received by an IOP implies a 'stop trace/stop forwarding' operation must
|
||||
occur before executing the received command.
|
||||
<LI><P>A session is closed when the SMP closes the TCP session with the IOP.
|
||||
Obviously monitoring and forwarding is also stopped at that time.
|
||||
|
||||
<B>Note: </B>All multi-octet entities are sent in network neutral order.
|
||||
<P>
|
||||
|
||||
<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=5>
|
||||
<TR><TH COLSPAN=3><HR WIDTH=100%></TH></TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=6>pcap_findalldevs()</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>Open socket (to each IOP), and sends:
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>Interface ID</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>A NULL to indicate an an empty 'interface ID'.</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>IOP -> SMP</TD>
|
||||
<TD VALIGN=TOP>Send its (possibly empty) NULL terminated error response string.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>Sends the 'interface query request':
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>Interface ID</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>A 'Q' (indicating 'interface query request').</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>IOP -> SMP</TD>
|
||||
<TD VALIGN=TOP>The IOP returns a list of sequences of information as
|
||||
defined by the return parameter of this function call (as shown in the following table).
|
||||
Elements are specified by providing an unsigned byte preceeding the actual data that contains length information.
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Notes:</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD ROWSPAN=7> </TD>
|
||||
<TD VALIGN=TOP ALIGN=RIGHT>length</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The number of octets in the name field that follows.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Name</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1-255</TD>
|
||||
<TD VALIGN=TOP>The name of the interface. The format of the name is an alphabetic string (indicating
|
||||
the type of interface) followed by an optional numeric string (indicating the interface's
|
||||
sequence number).
|
||||
Sequence numbers (if needed) will begin at zero and progress monotonically upwards.
|
||||
(i.e. 'eth0', 'lo', 'wan0', etc.)
|
||||
<P>
|
||||
For an IOP, the alphabetic string will be one of: 'eth', 'wan', and 'lo'
|
||||
for Ethernet, WAN ports and the IP loopback device respectively.
|
||||
An IOP currently supports: 'eth0', 'eth1', 'lo', 'wan0' ... 'wan7'.
|
||||
<P>
|
||||
<B>Note:</B> IOPs and ACNs will not currently support the concept of 'any' interface.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=RIGHT>length</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The number of octets in the interface description field that follows.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Interface Description</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>0-255</TD>
|
||||
<TD VALIGN=TOP>A description of the interface or it may be an empty string. (i.e. 'ALC')</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Interface Type</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>4</TD>
|
||||
<TD VALIGN=TOP>The type of interface as defined in the description for pcap_datalink() (in network neutral order).</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Loopback Flag</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>1 = if the interface is a loopback interface, zero = otherwise.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=RIGHT>count</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP># of address entries that follow.
|
||||
Each entry is a series of bytes in network neutral order.
|
||||
See the parameter definition above for more details.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD ALIGN=CENTER ROWSPAN=8 WIDTH=1%>Repeated 'count' number of times.</TD>
|
||||
<TD VALIGN=TOP ALIGN=RIGHT>length</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The number of octets in the address field that follows.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Address</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1-255</TD>
|
||||
<TD VALIGN=TOP>The address of this interface (in network neutral order).</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=RIGHT>length</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The number of octets in the netmask field that follows.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Network Mask</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>0-255</TD>
|
||||
<TD VALIGN=TOP>The network mask used on this interface (if applicable) (in network neutral order).</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=RIGHT>length</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The number of octets in the broadcast address field that follows.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Broadcast Address</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>0-255</TD>
|
||||
<TD VALIGN=TOP>The broadcast address of this interface (if applicable) (in network neutral order).</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=RIGHT>length</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The number of octets in the destination address field that follows.</TD>
|
||||
</TR>
|
||||
<TR><TD VALIGN=TOP ALIGN=LEFT>Destination Address</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>0-255</TD>
|
||||
<TD VALIGN=TOP>The destination address of this interface (if applicable) (in network neutral order).</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>Close the socket.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>IOP -> SMP</TD>
|
||||
<TD VALIGN=TOP>Close the socket.</TD>
|
||||
</TR>
|
||||
<TR><TH COLSPAN=3><HR WIDTH=100%></TH></TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2>pcap_open_live()</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>Open socket, and sends:
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>Interface ID</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>'n'</TD>
|
||||
<TD VALIGN=TOP>'n' octets containing a NULL terminated interface name string.</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>IOP -> SMP</TD>
|
||||
<TD VALIGN=TOP>Send its NULL terminated error response string.</TD>
|
||||
</TR>
|
||||
<TR><TH COLSPAN=3><HR WIDTH=100%></TH></TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP NOWRAP ROWSPAN=2>pcap_dispatch()<BR>pcap_loop()<BR>pcap_next()<BR>pcap_next_ex()</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>On the first invocation following a pcap_open_live() or pcap_breakloop() additional information is sent:
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>command</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>'M' (indicating 'monitor start')</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>snaplen</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>4</TD>
|
||||
<TD VALIGN=TOP>snaplen</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>timeout</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>timeout value (in milliseconds)</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>promiscuous</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>A flag indicating that the interface being monitored show operate
|
||||
in promiscuous mode. [off(0) / on(NZ)]</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>direction</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>A flag indicating the direction of traffic that should be captuted [both(0) / in(1) / out(2)]</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>IOP -> SMP</TD>
|
||||
<TD VALIGN=TOP>Sends captured packets.</TD>
|
||||
</TR>
|
||||
<TR><TH COLSPAN=3><HR WIDTH=100%></TH></TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2>pcap_setfilter()</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>At any time, the SMP can issue a set filter command which contains
|
||||
an indicator, a count of the number of statements in the filter,
|
||||
followed by the sequence of filter commands represented as a sequence
|
||||
of C-style structures.
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>command</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>'F' (indicating 'filter')</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>count</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>4</TD>
|
||||
<TD VALIGN=TOP>The number of command in the Berkeley Packet Filter that follow.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>BPF program</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>'n'</TD>
|
||||
<TD VALIGN=TOP>8 bytes of each command (repeated 'n' times).<BR>
|
||||
Each command consists of that C-style structure which contains:
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>opcode</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>2</TD>
|
||||
<TD VALIGN=TOP>The command's opcode.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>'jt'</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The 'jump if true' program counter offset.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>'jf'</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>The 'jump if false' program counter offset.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>'k'</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>4</TD>
|
||||
<TD VALIGN=TOP>The 'other' data field.</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
<P>
|
||||
Refer to the bpf(4) man page for more details.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>IOP -> SMP</TD>
|
||||
<TD VALIGN=TOP>In return the IOP will send its (possibly empty) NULL terminated error response string.</TD>
|
||||
</TR>
|
||||
<TR><TH COLSPAN=3><HR WIDTH=100%></TH></TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=2>pcap_stats()</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>At any time, the SMP can issue a 'retrieve statistics' command which contains:<BR>
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>command</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>1</TD>
|
||||
<TD VALIGN=TOP>'S' (indicating 'request statistics')</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>IOP -> SMP</TD>
|
||||
<TD VALIGN=TOP>In return the IOP will send:
|
||||
<P>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Name/<BR>Purpose</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER NOWRAP>Size<BR>(in bytes)</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Description</TH>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>ps_recv</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>4</TD>
|
||||
<TD VALIGN=TOP>The number of packets that passed the filter.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>ps_drop</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>4</TD>
|
||||
<TD VALIGN=TOP>The number of packets that were dropped because the input queue was full,
|
||||
regardless of whether they passed the filter.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>ps_ifdrop</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER>4</TD>
|
||||
<TD VALIGN=TOP>The number of packets dropped by the network inteface
|
||||
(regardless of whether they would have passed the input filter).</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</TD>
|
||||
</TR>
|
||||
<TR><TH COLSPAN=3><HR WIDTH=100%></TH></TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP ROWSPAN=1>pcap_close()</TD>
|
||||
<TD VALIGN=TOP ALIGN=CENTER NOWRAP>SMP -> IOP</TD>
|
||||
<TD VALIGN=TOP>At any time, the SMP can close the TCP session with the IOP.</TD>
|
||||
</TR>
|
||||
<TR><TH COLSPAN=3><HR WIDTH=100%></TH></TR>
|
||||
</TABLE>
|
||||
</UL>
|
||||
|
||||
<H3>Interface ID Naming Convention</H3>
|
||||
<UL>
|
||||
Each interface within an IOP will be referred to uniquely. Since an currently contains
|
||||
8 monitorable WAN ports and a monitorable Ethernet port, the naming convention is:
|
||||
<P>
|
||||
<CENTER>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR><TH>Interface #</TH> <TH>Type</TH> <TH>Name</TH></TR>
|
||||
<TR><TD ALIGN=CENTER>1</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan0</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>2</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan1</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>3</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan2</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>4</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan3</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>5</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan4</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>6</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan5</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>7</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan6</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>8</TD> <TD ALIGN=CENTER>WAN</TD> <TD ALIGN=CENTER>wan7</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>9</TD> <TD ALIGN=CENTER>Ethernet</TD> <TD ALIGN=CENTER>eth0</TD></TR>
|
||||
<TR><TD ALIGN=CENTER>10</TD> <TD ALIGN=CENTER>Ethernet</TD> <TD ALIGN=CENTER>eth1</TD></TR>
|
||||
</TABLE>
|
||||
</CENTER>
|
||||
</UL>
|
||||
|
||||
<H3>Packet Trace Data Format</H3>
|
||||
<UL>
|
||||
The format of the trace data that is sent to the SMP follows a portion of the libpcap file format
|
||||
and is summarized here. This format specifies the generic requirements needed to
|
||||
be able to decode packets, but does not cover ACN specifics such as custom MAC addressing
|
||||
and WAN protocol support.
|
||||
<P>
|
||||
|
||||
Although a libpcap file begins with a global header followed by zero or
|
||||
more records for each captured packet, trace data sent to the SMP does NOT begin with a global header.
|
||||
A trace sequence looks like this:
|
||||
<P>
|
||||
<TABLE>
|
||||
<TR>
|
||||
<TD STYLE="background-color: #c0FFc0"> [Packet Header] </TD>
|
||||
<TD STYLE="background-color: #c0FFc0"> [Packet Data] </TD>
|
||||
<TD STYLE="background-color: #c0c0FF"> [Packet Header] </TD>
|
||||
<TD STYLE="background-color: #c0c0FF"> [Packet Data] </TD>
|
||||
<TD STYLE="background-color: #e0c0c0"> [Packet Header] </TD>
|
||||
<TD STYLE="background-color: #e0c0c0"> [Packet Data] </TD>
|
||||
<TD>...</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
|
||||
<H4>Packet Header</H4>
|
||||
<UL>
|
||||
Each captured packet starts with a header that contains the following values
|
||||
(in network neutral order):
|
||||
|
||||
<FONT SIZE=-1>
|
||||
<PRE>
|
||||
uint32 tv_sec; /* timestamp seconds */
|
||||
uint32 tv_usec; /* timestamp microseconds */
|
||||
uint32 caplen; /* number of octets in the following packet */
|
||||
uint32 len; /* original length of packet on the wire */
|
||||
</PRE>
|
||||
</FONT>
|
||||
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>tv_sec</TD>
|
||||
<TD>The date and time when this packet was captured.
|
||||
This value is in seconds since January 1, 1970 00:00:00 GMT;
|
||||
this is also known as a UN*X time_t. You can use the ANSI C
|
||||
<em>time()</em> function from <em>time.h</em> to get this value,
|
||||
but you might use a more optimized way to get this timestamp value.
|
||||
If this timestamp isn't based on GMT (UTC), use <em>thiszone</em>
|
||||
from the global header for adjustments.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>tv_usec</TD>
|
||||
<TD>The microseconds when this packet was captured, as an offset to <em>ts_sec</em>.
|
||||
<B>Beware: </B>this value must never reach 1 second (1,000,000),
|
||||
in this case <em>ts_sec</em> must be increased instead!</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>caplen</TD>
|
||||
<TD>The number of bytes actually provided in the capture record.
|
||||
This value should never become larger than <em>len</em> or the
|
||||
<em>snaplen</em> value specified during the capture.</TD>
|
||||
</TR>
|
||||
<TR>
|
||||
<TD VALIGN=TOP>len</TD>
|
||||
<TD>The length of the packet "on the wire" when it was captured.
|
||||
If <em>caplen</em> and <em>len</em> differ, the actually
|
||||
saved packet size was limited by the value of <em>snaplen</em> specified
|
||||
during one of the capture directives such as pcap_dispatch().</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</UL>
|
||||
|
||||
<H4>Packet Data</H4>
|
||||
<UL>
|
||||
The actual packet data will immediately follow the packet header as a sequence of <em>caplen</em> octets.
|
||||
Depending on the DLT encoding number assigned to the interface, the packet data will contain an additional
|
||||
custom header used to convey WAN port related information.
|
||||
</UL>
|
||||
|
||||
<H4>ACN Custom Packet Header</H4>
|
||||
<UL>
|
||||
PCAP, Wireshark and Tcpdump enhancements have been added to the ACN to support
|
||||
monitoring of its ports, however each of these facilities were focused on capturing
|
||||
and displaying traffic from LAN interfaces. The SITA extentions to these facilities
|
||||
are used to also provide the ability to capture, filter, and display information from
|
||||
an ACN's WAN ports.
|
||||
<P>
|
||||
Although each packet follows the standard libpcap format, since there are
|
||||
two types of interfaces that can be monitored, the format of the data
|
||||
packet varies slightly.
|
||||
<P>
|
||||
<UL TYPE=DISC>
|
||||
<LI>For Ethernet (like) devices, the packet format is unchanged from the standard Pcap format.
|
||||
<LI>For WAN devices, the packet contains a 5 byte header that preceeds the actual captured data
|
||||
described by the following table:
|
||||
</UL>
|
||||
<P>
|
||||
<CENTER>
|
||||
<TABLE BORDER=1 CELLSPACING=0 CELLPADDING=3>
|
||||
<TR> <TH>Octet</TH>
|
||||
<TH>Name</TH>
|
||||
<TH>Mask/Value</TH>
|
||||
<TH COLSPAN=2>Definition</TH> </TR>
|
||||
|
||||
<TR> <TH VALIGN=TOP ALIGN=CENTER ROWSPAN=3>0</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER ROWSPAN=3>Control / Status</TH>
|
||||
|
||||
<TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxxx0</FONT></TD>
|
||||
<TD>Transmitted by capture device</TD>
|
||||
<TD ROWSPAN=2 ALIGN=CENTER>(see 'Errors' octets)</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxxx1</FONT></TD>
|
||||
<TD>Received by capture device</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">1xxxxxxx</FONT></TD>
|
||||
<TD COLSPAN=2>No buffer was available during capture of previous packet.</TD> </TR>
|
||||
|
||||
<TR> <TH VALIGN=TOP ALIGN=CENTER ROWSPAN=8>1</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER ROWSPAN=8>Signals</TH>
|
||||
|
||||
<TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxxx1</FONT></TD> <TD COLSPAN=2>DSR asserted</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxx1x</FONT></TD> <TD COLSPAN=2>DTR asserted</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxx1xx</FONT></TD> <TD COLSPAN=2>CTS asserted</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxx1xxx</FONT></TD> <TD COLSPAN=2>RTS asserted</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxx1xxxx</FONT></TD> <TD COLSPAN=2>DCD asserted</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xx1xxxxx</FONT></TD> <TD COLSPAN=2>Undefined</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">x1xxxxxx</FONT></TD> <TD COLSPAN=2>Undefined</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">1xxxxxxx</FONT></TD> <TD COLSPAN=2>Undefined</TD> </TR>
|
||||
|
||||
<TR> <TH VALIGN=TOP ALIGN=CENTER ROWSPAN=9>2</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER ROWSPAN=9>Errors<BR>(octet 1)</TH>
|
||||
|
||||
<TH> </TH> <TH>Tx</TH> <TH>Rx</TH> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxxx1</FONT></TD> <TD>Underrun</TD> <TD>Framing</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxx1x</FONT></TD> <TD>CTS Lost</TD> <TD>Parity</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxx1xx</FONT></TD> <TD>UART Error</TD> <TD>Collision</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxx1xxx</FONT></TD> <TD>Re-Tx Limit Reached</TD> <TD>Long Frame</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxx1xxxx</FONT></TD> <TD>Undefined</TD> <TD>Short Frame</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xx1xxxxx</FONT></TD> <TD>Undefined</TD> <TD>Undefined</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">x1xxxxxx</FONT></TD> <TD>Undefined</TD> <TD>Undefined</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">1xxxxxxx</FONT></TD> <TD>Undefined</TD> <TD>Undefined</TD> </TR>
|
||||
|
||||
<TR> <TH VALIGN=TOP ALIGN=CENTER ROWSPAN=9>3</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER ROWSPAN=9>Errors<BR>(octet 2)</TH>
|
||||
|
||||
<TH> </TH> <TH>Tx</TH> <TH>Rx</TH> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxxx1</FONT></TD> <TD>Undefined</TD> <TD>Non-Octet Aligned</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxxx1x</FONT></TD> <TD>Undefined</TD> <TD>Abort Received</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxxx1xx</FONT></TD> <TD>Undefined</TD> <TD>CD Lost</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxxx1xxx</FONT></TD> <TD>Undefined</TD> <TD>Digital PLL Error</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xxx1xxxx</FONT></TD> <TD>Undefined</TD> <TD>Overrun</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">xx1xxxxx</FONT></TD> <TD>Undefined</TD> <TD>Frame Length Violation</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">x1xxxxxx</FONT></TD> <TD>Undefined</TD> <TD>CRC Error</TD> </TR>
|
||||
<TR> <TD VALIGN=TOP ALIGN=CENTER><FONT FACE="COURIER">1xxxxxxx</FONT></TD> <TD>Undefined</TD> <TD>Break Received</TD> </TR>
|
||||
|
||||
<TR> <TH VALIGN=TOP ALIGN=CENTER ROWSPAN=12>4</TH>
|
||||
<TH VALIGN=TOP ALIGN=CENTER>Protocol</TH>
|
||||
|
||||
<TD COLSPAN=3>
|
||||
<CENTER>
|
||||
<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x01</TD> <TD>-</TD> <TD>LAPB (BOP) <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x02</TD> <TD>-</TD> <TD>Ethernet <SUP>1</SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x03</TD> <TD>-</TD> <TD>Async (Interrupt IO) <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x04</TD> <TD>-</TD> <TD>Async (Block IO) <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x05</TD> <TD>-</TD> <TD>IPARS <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x06</TD> <TD>-</TD> <TD>UTS <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x07</TD> <TD>-</TD> <TD>PPP (HDLC) <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x08</TD> <TD>-</TD> <TD>SDLC <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x09</TD> <TD>-</TD> <TD>Token Ring <SUP>1</SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x10</TD> <TD>-</TD> <TD>I2C <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x11</TD> <TD>-</TD> <TD>DPM Link <SUP> </SUP> </TD> </TR>
|
||||
<TR VALIGN=BOTTOM><TD ALIGN=CENTER>0x12</TD> <TD>-</TD> <TD>Frame Relay (BOP) <SUP> </SUP> </TD> </TR>
|
||||
</TABLE>
|
||||
</CENTER>
|
||||
<P>
|
||||
<STRONG>Note 1:</STRONG>
|
||||
Ethernet and Token Ring frames will never be sent as DLT_SITA (with the 5 octet header),
|
||||
but will be sent as their corresponding DLT types instead.
|
||||
</TD>
|
||||
</TR>
|
||||
</TABLE>
|
||||
</CENTER>
|
||||
</UL>
|
||||
<P>
|
||||
</UL>
|
||||
</UL>
|
|
@ -0,0 +1,306 @@
|
|||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include <sys/param.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include <ctype.h>
|
||||
#include <netinet/in.h>
|
||||
#include <sys/mman.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/types.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "snf.h"
|
||||
#include "pcap-int.h"
|
||||
|
||||
#ifdef SNF_ONLY
|
||||
#define snf_create pcap_create
|
||||
#define snf_platform_finddevs pcap_platform_finddevs
|
||||
#endif
|
||||
|
||||
static int
|
||||
snf_set_datalink(pcap_t *p, int dlt)
|
||||
{
|
||||
p->linktype = dlt;
|
||||
return (0);
|
||||
}
|
||||
|
||||
static int
|
||||
snf_pcap_stats(pcap_t *p, struct pcap_stat *ps)
|
||||
{
|
||||
struct snf_ring_stats stats;
|
||||
int rc;
|
||||
|
||||
if ((rc = snf_ring_getstats(p->md.snf_ring, &stats))) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "snf_get_stats: %s",
|
||||
pcap_strerror(rc));
|
||||
return -1;
|
||||
}
|
||||
ps->ps_recv = stats.ring_pkt_recv + stats.ring_pkt_overflow;
|
||||
ps->ps_drop = stats.ring_pkt_overflow;
|
||||
ps->ps_ifdrop = stats.nic_pkt_overflow + stats.nic_pkt_bad;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void
|
||||
snf_platform_cleanup(pcap_t *p)
|
||||
{
|
||||
if (p == NULL)
|
||||
return;
|
||||
|
||||
snf_ring_close(p->md.snf_ring);
|
||||
snf_close(p->md.snf_handle);
|
||||
pcap_cleanup_live_common(p);
|
||||
}
|
||||
|
||||
static int
|
||||
snf_getnonblock(pcap_t *p, char *errbuf)
|
||||
{
|
||||
return (p->md.snf_timeout == 0);
|
||||
}
|
||||
|
||||
static int
|
||||
snf_setnonblock(pcap_t *p, int nonblock, char *errbuf)
|
||||
{
|
||||
if (nonblock)
|
||||
p->md.snf_timeout = 0;
|
||||
else {
|
||||
if (p->md.timeout <= 0)
|
||||
p->md.snf_timeout = -1; /* forever */
|
||||
else
|
||||
p->md.snf_timeout = p->md.timeout;
|
||||
}
|
||||
return (0);
|
||||
}
|
||||
|
||||
#define _NSEC_PER_SEC 1000000000
|
||||
|
||||
static inline
|
||||
struct timeval
|
||||
snf_timestamp_to_timeval(const int64_t ts_nanosec)
|
||||
{
|
||||
struct timeval tv;
|
||||
int32_t rem;
|
||||
if (ts_nanosec == 0)
|
||||
return (struct timeval) { 0, 0 };
|
||||
tv.tv_sec = ts_nanosec / _NSEC_PER_SEC;
|
||||
tv.tv_usec = (ts_nanosec % _NSEC_PER_SEC) / 1000;
|
||||
return tv;
|
||||
}
|
||||
|
||||
static int
|
||||
snf_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
|
||||
{
|
||||
struct pcap_pkthdr hdr;
|
||||
int i, flags, err, caplen, n;
|
||||
struct snf_recv_req req;
|
||||
|
||||
if (!p || cnt == 0)
|
||||
return -1;
|
||||
|
||||
n = 0;
|
||||
while (n < cnt || cnt < 0) {
|
||||
/*
|
||||
* Has "pcap_breakloop()" been called?
|
||||
*/
|
||||
if (p->break_loop) {
|
||||
if (n == 0) {
|
||||
p->break_loop = 0;
|
||||
return (-2);
|
||||
} else {
|
||||
return (n);
|
||||
}
|
||||
}
|
||||
|
||||
err = snf_ring_recv(p->md.snf_ring, p->md.snf_timeout, &req);
|
||||
|
||||
if (err) {
|
||||
if (err == EBUSY || err == EAGAIN)
|
||||
return (0);
|
||||
if (err == EINTR)
|
||||
continue;
|
||||
if (err != 0) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "snf_read: %s",
|
||||
pcap_strerror(err));
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
caplen = req.length;
|
||||
if (caplen > p->snapshot)
|
||||
caplen = p->snapshot;
|
||||
|
||||
if ((p->fcode.bf_insns == NULL) ||
|
||||
bpf_filter(p->fcode.bf_insns, req.pkt_addr, req.length, caplen)) {
|
||||
hdr.ts = snf_timestamp_to_timeval(req.timestamp);
|
||||
hdr.caplen = caplen;
|
||||
hdr.len = req.length;
|
||||
callback(user, &hdr, req.pkt_addr);
|
||||
}
|
||||
n++;
|
||||
}
|
||||
return (n);
|
||||
}
|
||||
|
||||
static int
|
||||
snf_setfilter(pcap_t *p, struct bpf_program *fp)
|
||||
{
|
||||
if (!p)
|
||||
return -1;
|
||||
if (!fp) {
|
||||
strncpy(p->errbuf, "setfilter: No filter specified",
|
||||
sizeof(p->errbuf));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Make our private copy of the filter */
|
||||
|
||||
if (install_bpf_program(p, fp) < 0)
|
||||
return -1;
|
||||
|
||||
p->md.use_bpf = 0;
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
static int
|
||||
snf_inject(pcap_t *p, const void *buf _U_, size_t size _U_)
|
||||
{
|
||||
strlcpy(p->errbuf, "Sending packets isn't supported with snf",
|
||||
PCAP_ERRBUF_SIZE);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
static int
|
||||
snf_activate(pcap_t* p)
|
||||
{
|
||||
char *device = p->opt.source;
|
||||
const char *nr = NULL;
|
||||
int err;
|
||||
int flags = 0;
|
||||
|
||||
if (device == NULL) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"device is NULL: %s", pcap_strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* In Libpcap, we set pshared by default if NUM_RINGS is set to > 1.
|
||||
* Since libpcap isn't thread-safe */
|
||||
if ((nr = getenv("SNF_NUM_RINGS")) && *nr && atoi(nr) > 1)
|
||||
flags |= SNF_F_PSHARED;
|
||||
else
|
||||
nr = NULL;
|
||||
|
||||
err = snf_open(p->md.snf_boardnum,
|
||||
0, /* let SNF API parse SNF_NUM_RINGS, if set */
|
||||
NULL, /* default RSS, or use SNF_RSS_FLAGS env */
|
||||
0, /* default to SNF_DATARING_SIZE from env */
|
||||
flags, /* may want pshared */
|
||||
&p->md.snf_handle);
|
||||
if (err != 0) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"snf_open failed: %s", pcap_strerror(err));
|
||||
return -1;
|
||||
}
|
||||
|
||||
err = snf_ring_open(p->md.snf_handle, &p->md.snf_ring);
|
||||
if (err != 0) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"snf_ring_open failed: %s", pcap_strerror(err));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (p->md.timeout <= 0)
|
||||
p->md.snf_timeout = -1;
|
||||
else
|
||||
p->md.snf_timeout = p->md.timeout;
|
||||
|
||||
err = snf_start(p->md.snf_handle);
|
||||
if (err != 0) {
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"snf_start failed: %s", pcap_strerror(err));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
* "select()" and "poll()" don't work on snf descriptors.
|
||||
*/
|
||||
p->selectable_fd = -1;
|
||||
p->linktype = DLT_EN10MB;
|
||||
p->read_op = snf_read;
|
||||
p->inject_op = snf_inject;
|
||||
p->setfilter_op = snf_setfilter;
|
||||
p->setdirection_op = NULL; /* Not implemented.*/
|
||||
p->set_datalink_op = snf_set_datalink;
|
||||
p->getnonblock_op = snf_getnonblock;
|
||||
p->setnonblock_op = snf_setnonblock;
|
||||
p->stats_op = snf_pcap_stats;
|
||||
p->cleanup_op = snf_platform_cleanup;
|
||||
p->md.stat.ps_recv = 0;
|
||||
p->md.stat.ps_drop = 0;
|
||||
p->md.stat.ps_ifdrop = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
snf_platform_finddevs(pcap_if_t **devlistp, char *errbuf)
|
||||
{
|
||||
/*
|
||||
* There are no platform-specific devices since each device
|
||||
* exists as a regular Ethernet device.
|
||||
*/
|
||||
return 0;
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
snf_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
int boardnum = -1;
|
||||
struct snf_ifaddrs *ifaddrs, *ifa;
|
||||
size_t devlen;
|
||||
|
||||
if (snf_init(SNF_VERSION_API))
|
||||
return NULL;
|
||||
|
||||
/*
|
||||
* Match a given interface name to our list of interface names, from
|
||||
* which we can obtain the intended board number
|
||||
*/
|
||||
if (snf_getifaddrs(&ifaddrs) || ifaddrs == NULL)
|
||||
return NULL;
|
||||
devlen = strlen(device) + 1;
|
||||
ifa = ifaddrs;
|
||||
while (ifa) {
|
||||
if (!strncmp(device, ifa->snf_ifa_name, devlen)) {
|
||||
boardnum = ifa->snf_ifa_boardnum;
|
||||
break;
|
||||
}
|
||||
ifa = ifa->snf_ifa_next;
|
||||
}
|
||||
snf_freeifaddrs(ifaddrs);
|
||||
|
||||
if (ifa == NULL) {
|
||||
/*
|
||||
* If we can't find the device by name, support the name "snfX"
|
||||
* and "snf10gX" where X is the board number.
|
||||
*/
|
||||
if (sscanf(device, "snf10g%d", &boardnum) != 1 &&
|
||||
sscanf(device, "snf%d", &boardnum) != 1)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return NULL;
|
||||
|
||||
p->activate_op = snf_activate;
|
||||
p->md.snf_boardnum = boardnum;
|
||||
return p;
|
||||
}
|
|
@ -0,0 +1,2 @@
|
|||
pcap_t *snf_create(const char *, char *);
|
||||
int snf_platform_finddevs(pcap_if_t **devlistp, char *errbuf);
|
74
pcap-snit.c
74
pcap-snit.c
|
@ -25,7 +25,7 @@
|
|||
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-snit.c,v 1.72 2004-10-19 07:06:13 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-snit.c,v 1.77 2008-04-14 20:40:58 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -113,7 +113,6 @@ static int
|
|||
pcap_read_snit(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
|
||||
{
|
||||
register int cc, n;
|
||||
register struct bpf_insn *fcode = p->fcode.bf_insns;
|
||||
register u_char *bp, *cp, *ep;
|
||||
register struct nit_bufhdr *hdrp;
|
||||
register struct nit_iftime *ntp;
|
||||
|
@ -187,13 +186,13 @@ pcap_read_snit(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
|
|||
if (caplen > p->snapshot)
|
||||
caplen = p->snapshot;
|
||||
|
||||
if (bpf_filter(fcode, cp, nlp->nh_pktlen, caplen)) {
|
||||
if (bpf_filter(p->fcode.bf_insns, cp, nlp->nh_pktlen, caplen)) {
|
||||
struct pcap_pkthdr h;
|
||||
h.ts = ntp->nh_timestamp;
|
||||
h.len = nlp->nh_pktlen;
|
||||
h.caplen = caplen;
|
||||
(*callback)(user, &h, cp);
|
||||
if (++n >= cnt && cnt >= 0) {
|
||||
if (++n >= cnt && cnt > 0) {
|
||||
p->cc = ep - bp;
|
||||
p->bp = bp;
|
||||
return (n);
|
||||
|
@ -261,30 +260,29 @@ nit_setflags(int fd, int promisc, int to_ms, char *ebuf)
|
|||
return (0);
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
||||
char *ebuf)
|
||||
static int
|
||||
pcap_activate_snit(pcap_t *p)
|
||||
{
|
||||
struct strioctl si; /* struct for ioctl() */
|
||||
struct ifreq ifr; /* interface request struct */
|
||||
int chunksize = CHUNKSIZE;
|
||||
int fd;
|
||||
static char dev[] = "/dev/nit";
|
||||
register pcap_t *p;
|
||||
|
||||
p = (pcap_t *)malloc(sizeof(*p));
|
||||
if (p == NULL) {
|
||||
strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
return (NULL);
|
||||
if (p->opt.rfmon) {
|
||||
/*
|
||||
* No monitor mode on SunOS 4.x (no Wi-Fi devices on
|
||||
* hardware supported by SunOS 4.x).
|
||||
*/
|
||||
return (PCAP_ERROR_RFMON_NOTSUP);
|
||||
}
|
||||
|
||||
if (snaplen < 96)
|
||||
if (p->snapshot < 96)
|
||||
/*
|
||||
* NIT requires a snapshot length of at least 96.
|
||||
*/
|
||||
snaplen = 96;
|
||||
p->snapshot = 96;
|
||||
|
||||
memset(p, 0, sizeof(*p));
|
||||
/*
|
||||
* Initially try a read/write open (to allow the inject
|
||||
* method to work). If that fails due to permission
|
||||
|
@ -303,19 +301,19 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
if (fd < 0 && errno == EACCES)
|
||||
p->fd = fd = open(dev, O_RDONLY);
|
||||
if (fd < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "%s: %s", dev,
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "%s: %s", dev,
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* arrange to get discrete messages from the STREAM and use NIT_BUF */
|
||||
if (ioctl(fd, I_SRDOPT, (char *)RMSGD) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "I_SRDOPT: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "I_SRDOPT: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
if (ioctl(fd, I_PUSH, "nbuf") < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "push nbuf: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "push nbuf: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
@ -325,34 +323,33 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
si.ic_len = sizeof(chunksize);
|
||||
si.ic_dp = (char *)&chunksize;
|
||||
if (ioctl(fd, I_STR, (char *)&si) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "NIOCSCHUNK: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "NIOCSCHUNK: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* request the interface */
|
||||
strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
|
||||
strncpy(ifr.ifr_name, p->opt.source, sizeof(ifr.ifr_name));
|
||||
ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = '\0';
|
||||
si.ic_cmd = NIOCBIND;
|
||||
si.ic_len = sizeof(ifr);
|
||||
si.ic_dp = (char *)𝔦
|
||||
if (ioctl(fd, I_STR, (char *)&si) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "NIOCBIND: %s: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "NIOCBIND: %s: %s",
|
||||
ifr.ifr_name, pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
||||
/* set the snapshot length */
|
||||
si.ic_cmd = NIOCSSNAP;
|
||||
si.ic_len = sizeof(snaplen);
|
||||
si.ic_dp = (char *)&snaplen;
|
||||
si.ic_len = sizeof(p->snapshot);
|
||||
si.ic_dp = (char *)&p->snapshot;
|
||||
if (ioctl(fd, I_STR, (char *)&si) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "NIOCSSNAP: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "NIOCSSNAP: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
p->snapshot = snaplen;
|
||||
if (nit_setflags(p->fd, promisc, to_ms, ebuf) < 0)
|
||||
if (nit_setflags(p->fd, p->opt.promisc, p->md.timeout, p->errbuf) < 0)
|
||||
goto bad;
|
||||
|
||||
(void)ioctl(fd, I_FLUSH, (char *)FLUSHR);
|
||||
|
@ -364,7 +361,7 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
p->bufsize = BUFSPACE;
|
||||
p->buffer = (u_char *)malloc(p->bufsize);
|
||||
if (p->buffer == NULL) {
|
||||
strlcpy(ebuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
strlcpy(p->errbuf, pcap_strerror(errno), PCAP_ERRBUF_SIZE);
|
||||
goto bad;
|
||||
}
|
||||
|
||||
|
@ -397,18 +394,29 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
p->read_op = pcap_read_snit;
|
||||
p->inject_op = pcap_inject_snit;
|
||||
p->setfilter_op = install_bpf_program; /* no kernel filtering */
|
||||
p->setdirection_op = NULL; /* Not implemented. */
|
||||
p->set_datalink_op = NULL; /* can't change data link type */
|
||||
p->getnonblock_op = pcap_getnonblock_fd;
|
||||
p->setnonblock_op = pcap_setnonblock_fd;
|
||||
p->stats_op = pcap_stats_snit;
|
||||
p->close_op = pcap_close_common;
|
||||
|
||||
return (p);
|
||||
return (0);
|
||||
bad:
|
||||
if (fd >= 0)
|
||||
close(fd);
|
||||
free(p);
|
||||
return (NULL);
|
||||
pcap_cleanup_live_common(p);
|
||||
return (PCAP_ERROR);
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
pcap_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = pcap_activate_snit;
|
||||
return (p);
|
||||
}
|
||||
|
||||
int
|
||||
|
|
123
pcap-snoop.c
123
pcap-snoop.c
|
@ -20,7 +20,7 @@
|
|||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-snoop.c,v 1.54 2004-10-19 07:06:14 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-snoop.c,v 1.59 2008-12-02 16:25:14 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
|
@ -194,9 +194,8 @@ pcap_stats_snoop(pcap_t *p, struct pcap_stat *ps)
|
|||
}
|
||||
|
||||
/* XXX can't disable promiscuous */
|
||||
pcap_t *
|
||||
pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
||||
char *ebuf)
|
||||
static int
|
||||
pcap_activate_snoop(pcap_t *p)
|
||||
{
|
||||
int fd;
|
||||
struct sockaddr_raw sr;
|
||||
|
@ -204,55 +203,50 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
u_int v;
|
||||
int ll_hdrlen;
|
||||
int snooplen;
|
||||
pcap_t *p;
|
||||
struct ifreq ifr;
|
||||
|
||||
p = (pcap_t *)malloc(sizeof(*p));
|
||||
if (p == NULL) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s",
|
||||
pcap_strerror(errno));
|
||||
return (NULL);
|
||||
}
|
||||
memset(p, 0, sizeof(*p));
|
||||
fd = socket(PF_RAW, SOCK_RAW, RAWPROTO_SNOOP);
|
||||
if (fd < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "snoop socket: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "snoop socket: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
p->fd = fd;
|
||||
memset(&sr, 0, sizeof(sr));
|
||||
sr.sr_family = AF_RAW;
|
||||
(void)strncpy(sr.sr_ifname, device, sizeof(sr.sr_ifname));
|
||||
(void)strncpy(sr.sr_ifname, p->opt.source, sizeof(sr.sr_ifname));
|
||||
if (bind(fd, (struct sockaddr *)&sr, sizeof(sr))) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "snoop bind: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "snoop bind: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
memset(&sf, 0, sizeof(sf));
|
||||
if (ioctl(fd, SIOCADDSNOOP, &sf) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "SIOCADDSNOOP: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "SIOCADDSNOOP: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
v = 64 * 1024;
|
||||
if (p->opt.buffer_size != 0)
|
||||
v = p->opt.buffer_size;
|
||||
else
|
||||
v = 64 * 1024; /* default to 64K buffer size */
|
||||
(void)setsockopt(fd, SOL_SOCKET, SO_RCVBUF, (char *)&v, sizeof(v));
|
||||
/*
|
||||
* XXX hack - map device name to link layer type
|
||||
*/
|
||||
if (strncmp("et", device, 2) == 0 || /* Challenge 10 Mbit */
|
||||
strncmp("ec", device, 2) == 0 || /* Indigo/Indy 10 Mbit,
|
||||
O2 10/100 */
|
||||
strncmp("ef", device, 2) == 0 || /* O200/2000 10/100 Mbit */
|
||||
strncmp("eg", device, 2) == 0 || /* Octane/O2xxx/O3xxx Gigabit */
|
||||
strncmp("gfe", device, 3) == 0 || /* GIO 100 Mbit */
|
||||
strncmp("fxp", device, 3) == 0 || /* Challenge VME Enet */
|
||||
strncmp("ep", device, 2) == 0 || /* Challenge 8x10 Mbit EPLEX */
|
||||
strncmp("vfe", device, 3) == 0 || /* Challenge VME 100Mbit */
|
||||
strncmp("fa", device, 2) == 0 ||
|
||||
strncmp("qaa", device, 3) == 0 ||
|
||||
strncmp("cip", device, 3) == 0 ||
|
||||
strncmp("el", device, 2) == 0) {
|
||||
if (strncmp("et", p->opt.source, 2) == 0 || /* Challenge 10 Mbit */
|
||||
strncmp("ec", p->opt.source, 2) == 0 || /* Indigo/Indy 10 Mbit,
|
||||
O2 10/100 */
|
||||
strncmp("ef", p->opt.source, 2) == 0 || /* O200/2000 10/100 Mbit */
|
||||
strncmp("eg", p->opt.source, 2) == 0 || /* Octane/O2xxx/O3xxx Gigabit */
|
||||
strncmp("gfe", p->opt.source, 3) == 0 || /* GIO 100 Mbit */
|
||||
strncmp("fxp", p->opt.source, 3) == 0 || /* Challenge VME Enet */
|
||||
strncmp("ep", p->opt.source, 2) == 0 || /* Challenge 8x10 Mbit EPLEX */
|
||||
strncmp("vfe", p->opt.source, 3) == 0 || /* Challenge VME 100Mbit */
|
||||
strncmp("fa", p->opt.source, 2) == 0 ||
|
||||
strncmp("qaa", p->opt.source, 3) == 0 ||
|
||||
strncmp("cip", p->opt.source, 3) == 0 ||
|
||||
strncmp("el", p->opt.source, 2) == 0) {
|
||||
p->linktype = DLT_EN10MB;
|
||||
p->offset = RAW_HDRPAD(sizeof(struct ether_header));
|
||||
ll_hdrlen = sizeof(struct ether_header);
|
||||
|
@ -285,29 +279,38 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
p->dlt_list[1] = DLT_DOCSIS;
|
||||
p->dlt_count = 2;
|
||||
}
|
||||
} else if (strncmp("ipg", device, 3) == 0 ||
|
||||
strncmp("rns", device, 3) == 0 || /* O2/200/2000 FDDI */
|
||||
strncmp("xpi", device, 3) == 0) {
|
||||
} else if (strncmp("ipg", p->opt.source, 3) == 0 ||
|
||||
strncmp("rns", p->opt.source, 3) == 0 || /* O2/200/2000 FDDI */
|
||||
strncmp("xpi", p->opt.source, 3) == 0) {
|
||||
p->linktype = DLT_FDDI;
|
||||
p->offset = 3; /* XXX yeah? */
|
||||
ll_hdrlen = 13;
|
||||
} else if (strncmp("ppp", device, 3) == 0) {
|
||||
} else if (strncmp("ppp", p->opt.source, 3) == 0) {
|
||||
p->linktype = DLT_RAW;
|
||||
ll_hdrlen = 0; /* DLT_RAW meaning "no PPP header, just the IP packet"? */
|
||||
} else if (strncmp("qfa", device, 3) == 0) {
|
||||
} else if (strncmp("qfa", p->opt.source, 3) == 0) {
|
||||
p->linktype = DLT_IP_OVER_FC;
|
||||
ll_hdrlen = 24;
|
||||
} else if (strncmp("pl", device, 2) == 0) {
|
||||
} else if (strncmp("pl", p->opt.source, 2) == 0) {
|
||||
p->linktype = DLT_RAW;
|
||||
ll_hdrlen = 0; /* Cray UNICOS/mp pseudo link */
|
||||
} else if (strncmp("lo", device, 2) == 0) {
|
||||
} else if (strncmp("lo", p->opt.source, 2) == 0) {
|
||||
p->linktype = DLT_NULL;
|
||||
ll_hdrlen = 4;
|
||||
} else {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE,
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"snoop: unknown physical layer type");
|
||||
goto bad;
|
||||
}
|
||||
|
||||
if (p->opt.rfmon) {
|
||||
/*
|
||||
* No monitor mode on Irix (no Wi-Fi devices on
|
||||
* hardware supported by Irix).
|
||||
*/
|
||||
return (PCAP_ERROR_RFMON_NOTSUP);
|
||||
}
|
||||
|
||||
#ifdef SIOCGIFMTU
|
||||
/*
|
||||
* XXX - IRIX appears to give you an error if you try to set the
|
||||
|
@ -315,9 +318,9 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
* the MTU first and, if that succeeds, trim the snap length
|
||||
* to be no greater than the MTU.
|
||||
*/
|
||||
(void)strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
|
||||
(void)strncpy(ifr.ifr_name, p->opt.source, sizeof(ifr.ifr_name));
|
||||
if (ioctl(fd, SIOCGIFMTU, (char *)&ifr) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "SIOCGIFMTU: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "SIOCGIFMTU: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
@ -338,8 +341,8 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
#ifndef ifr_mtu
|
||||
#define ifr_mtu ifr_metric
|
||||
#endif
|
||||
if (snaplen > ifr.ifr_mtu + ll_hdrlen)
|
||||
snaplen = ifr.ifr_mtu + ll_hdrlen;
|
||||
if (p->snapshot > ifr.ifr_mtu + ll_hdrlen)
|
||||
p->snapshot = ifr.ifr_mtu + ll_hdrlen;
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
@ -347,18 +350,17 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
* payload bytes to capture - it doesn't count link-layer
|
||||
* header bytes.
|
||||
*/
|
||||
snooplen = snaplen - ll_hdrlen;
|
||||
snooplen = p->snapshot - ll_hdrlen;
|
||||
if (snooplen < 0)
|
||||
snooplen = 0;
|
||||
if (ioctl(fd, SIOCSNOOPLEN, &snooplen) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "SIOCSNOOPLEN: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "SIOCSNOOPLEN: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
p->snapshot = snaplen;
|
||||
v = 1;
|
||||
if (ioctl(fd, SIOCSNOOPING, &v) < 0) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "SIOCSNOOPING: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "SIOCSNOOPING: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
@ -366,7 +368,7 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
p->bufsize = 4096; /* XXX */
|
||||
p->buffer = (u_char *)malloc(p->bufsize);
|
||||
if (p->buffer == NULL) {
|
||||
snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s",
|
||||
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "malloc: %s",
|
||||
pcap_strerror(errno));
|
||||
goto bad;
|
||||
}
|
||||
|
@ -379,22 +381,29 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
|
|||
p->read_op = pcap_read_snoop;
|
||||
p->inject_op = pcap_inject_snoop;
|
||||
p->setfilter_op = install_bpf_program; /* no kernel filtering */
|
||||
p->setdirection_op = NULL; /* Not implemented. */
|
||||
p->set_datalink_op = NULL; /* can't change data link type */
|
||||
p->getnonblock_op = pcap_getnonblock_fd;
|
||||
p->setnonblock_op = pcap_setnonblock_fd;
|
||||
p->stats_op = pcap_stats_snoop;
|
||||
p->close_op = pcap_close_common;
|
||||
|
||||
return (p);
|
||||
return (0);
|
||||
bad:
|
||||
(void)close(fd);
|
||||
/*
|
||||
* Get rid of any link-layer type list we allocated.
|
||||
*/
|
||||
if (p->dlt_list != NULL)
|
||||
free(p->dlt_list);
|
||||
free(p);
|
||||
return (NULL);
|
||||
pcap_cleanup_live_common(p);
|
||||
return (PCAP_ERROR);
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
pcap_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = pcap_activate_snoop;
|
||||
return (p);
|
||||
}
|
||||
|
||||
int
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/*
|
||||
* Copyright (c) 2002 - 2003
|
||||
* NetGroup, Politecnico di Torino (Italy)
|
||||
* Copyright (c) 2002 - 2005 NetGroup, Politecnico di Torino (Italy)
|
||||
* Copyright (c) 2005 - 2009 CACE Technologies, Inc. Davis (California)
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
|
@ -28,11 +28,10 @@
|
|||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-stdinc.h,v 1.10.2.1 2008-10-06 15:38:39 gianluca Exp $ (LBL)
|
||||
*/
|
||||
|
||||
#define SIZEOF_CHAR 1
|
||||
#define SIZEOF_SHORT 2
|
||||
#define SIZEOF_INT 4
|
||||
#ifndef pcap_stdinc_h
|
||||
#define pcap_stdinc_h
|
||||
|
||||
/*
|
||||
* Avoids a compiler warning in case this was already defined
|
||||
|
@ -56,6 +55,35 @@
|
|||
|
||||
#define caddr_t char*
|
||||
|
||||
#if _MSC_VER < 1500
|
||||
#define snprintf _snprintf
|
||||
#define vsnprintf _vsnprintf
|
||||
#define strdup _strdup
|
||||
#endif
|
||||
|
||||
#define inline __inline
|
||||
|
||||
#ifdef __MINGW32__
|
||||
#include <stdint.h>
|
||||
#else /*__MINGW32__*/
|
||||
/* MSVC compiler */
|
||||
#ifndef _UINTPTR_T_DEFINED
|
||||
#ifdef _WIN64
|
||||
typedef unsigned __int64 uintptr_t;
|
||||
#else
|
||||
typedef _W64 unsigned int uintptr_t;
|
||||
#endif
|
||||
#define _UINTPTR_T_DEFINED
|
||||
#endif
|
||||
|
||||
#ifndef _INTPTR_T_DEFINED
|
||||
#ifdef _WIN64
|
||||
typedef __int64 intptr_t;
|
||||
#else
|
||||
typedef _W64 int intptr_t;
|
||||
#endif
|
||||
#define _INTPTR_T_DEFINED
|
||||
#endif
|
||||
|
||||
#endif /*__MINGW32__*/
|
||||
#endif /* pcap_stdinc_h */
|
||||
|
|
|
@ -0,0 +1,132 @@
|
|||
.\"
|
||||
.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that: (1) source code distributions
|
||||
.\" retain the above copyright notice and this paragraph in its entirety, (2)
|
||||
.\" distributions including binary code include the above copyright notice and
|
||||
.\" this paragraph in its entirety in the documentation or other materials
|
||||
.\" provided with the distribution, and (3) all advertising materials mentioning
|
||||
.\" features or use of this software display the following acknowledgement:
|
||||
.\" ``This product includes software developed by the University of California,
|
||||
.\" Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
|
||||
.\" the University nor the names of its contributors may be used to endorse
|
||||
.\" or promote products derived from this software without specific prior
|
||||
.\" written permission.
|
||||
.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
|
||||
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
.\"
|
||||
.TH PCAP-TSTAMP @MAN_MISC_INFO@ "22 August 2010"
|
||||
.SH NAME
|
||||
pcap-tstamp \- packet time stamps in libpcap
|
||||
.SH DESCRIPTION
|
||||
When capturing traffic, each packet is given a time stamp representing,
|
||||
for incoming packets, the arrival time of the packet and, for outgoing
|
||||
packets, the transmission time of the packet. This time is an
|
||||
approximation of the arrival or transmission time. If it is supplied by
|
||||
the operating system running on the host on which the capture is being
|
||||
done, there are several reasons why it might not precisely represent the
|
||||
arrival or transmission time:
|
||||
.IP
|
||||
if the time stamp is applied to the packet when the networking stack
|
||||
receives the packet, the networking stack might not see the packet until
|
||||
an interrupt is delivered for the packet or a timer event causes the
|
||||
networking device driver to poll for packets, and the time stamp might
|
||||
not be applied until the packet has had some processing done by other
|
||||
code in the networking stack, so there might be a significant delay
|
||||
between the time when the last bit of the packet is received by the
|
||||
capture device and when the networking stack time-stamps the packet;
|
||||
.IP
|
||||
the timer used to generate the time stamps might have low resolution,
|
||||
for example, it might be a timer updated once per host operating system
|
||||
timer tick, with the host operating system timer ticking once every few
|
||||
milliseconds;
|
||||
.IP
|
||||
a high-resolution timer might use a counter that runs at a rate
|
||||
dependent on the processor clock speed, and that clock speed might be
|
||||
adjusted upwards or downwards over time and the timer might not be able
|
||||
to compensate for all those adjustments;
|
||||
.IP
|
||||
the host operating system's clock might be adjusted over time to match a
|
||||
time standard to which the host is being synchronized, which might be
|
||||
done by temporarily slowing down or speeding up the clock or by making a
|
||||
single adjustment;
|
||||
.IP
|
||||
different CPU cores on a multi-core or multi-processor system might be
|
||||
running at different speeds, or might not have time counters all
|
||||
synchronized, so packets time-stamped by different cores might not have
|
||||
consistent time stamps.
|
||||
.LP
|
||||
In addition, packets time-stamped by different cores might be
|
||||
time-stamped in one order and added to the queue of packets for libpcap
|
||||
to read in another order, so time stamps might not be monotonically
|
||||
increasing.
|
||||
.LP
|
||||
Some capture devices on some platforms can provide time stamps for
|
||||
packets; those time stamps are usually high-resolution time stamps, and
|
||||
are usually applied to the packet when the first or last bit of the
|
||||
packet arrives, and are thus more accurate than time stamps provided by
|
||||
the host operating system. Those time stamps might not, however, be
|
||||
synchronized with the host operating system's clock, so that, for
|
||||
example, the time stamp of a packet might not correspond to the time
|
||||
stamp of an event on the host triggered by the arrival of that packet.
|
||||
.LP
|
||||
Depending on the capture device and the software on the host, libpcap
|
||||
might allow different types of time stamp to be used. The
|
||||
.BR pcap_list_tstamp_types (3PCAP)
|
||||
routine provides, for a packet capture handle created by
|
||||
.BR pcap_create (3PCAP)
|
||||
but not yet activated by
|
||||
.BR pcap_activate (3PCAP),
|
||||
a list of time stamp types supported by the capture device for that
|
||||
handle.
|
||||
The list might be empty, in which case no choice of time stamp type is
|
||||
offered for that capture device. If the list is not empty, the
|
||||
.BR pcap_set_tstamp_type (3PCAP)
|
||||
routine can be used after a
|
||||
.B pcap_create()
|
||||
call and before a
|
||||
.B pcap_activate()
|
||||
call to specify the type of time stamp to be used on the device.
|
||||
The time stamp types are listed here; the first value is the #define to
|
||||
use in code, the second value is the value returned by
|
||||
.B pcap_tstamp_type_val_to_name()
|
||||
and accepted by
|
||||
.BR pcap_tstamp_name_to_val() .
|
||||
.RS 5
|
||||
.TP 5
|
||||
.BR PCAP_TSTAMP_HOST " - " host
|
||||
Time stamp provided by the host on which the capture is being done. The
|
||||
precision of this time stamp is unspecified; it might or might not be
|
||||
synchronized with the host operating system's clock.
|
||||
.TP 5
|
||||
.BR PCAP_TSTAMP_HOST_LOWPREC " - " host_lowprec
|
||||
Time stamp provided by the host on which the capture is being done.
|
||||
This is a low-precision time stamp, synchronized with the host operating
|
||||
system's clock.
|
||||
.TP 5
|
||||
.BR PCAP_TSTAMP_HOST_HIPREC " - " host_hiprec
|
||||
Time stamp provided by the host on which the capture is being done.
|
||||
This is a high-precision time stamp; it might or might not be
|
||||
synchronized with the host operating system's clock. It might be more
|
||||
expensive to fetch than
|
||||
.BR PCAP_TSTAMP_HOST_LOWPREC .
|
||||
.TP 5
|
||||
.BR PCAP_TSTAMP_ADAPTER " - " adapter
|
||||
Time stamp provided by the network adapter on which the capture is being
|
||||
done. This is a high-precision time stamp, synchronized with the host
|
||||
operating system's clock.
|
||||
.TP 5
|
||||
.BR PCAP_TSTAMP_ADAPTER_UNSYNCED " - " adapter_unsynced
|
||||
Time stamp provided by the network adapter on which the capture is being
|
||||
done. This is a high-precision time stamp; it is not synchronized with
|
||||
the host operating system's clock.
|
||||
.RE
|
||||
.SH SEE ALSO
|
||||
pcap_set_tstamp_type(3PCAP),
|
||||
pcap_list_tstamp_types(3PCAP),
|
||||
pcap_tstamp_type_val_to_name(3PCAP),
|
||||
pcap_tstamp_name_to_val(3PCAP)
|
|
@ -0,0 +1,883 @@
|
|||
/*
|
||||
* Copyright (c) 2006 Paolo Abeni (Italy)
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* USB sniffing API implementation for Linux platform
|
||||
* By Paolo Abeni <paolo.abeni@email.it>
|
||||
* Modifications: Kris Katterjohn <katterjohn@gmail.com>
|
||||
*
|
||||
*/
|
||||
#ifndef lint
|
||||
static const char rcsid[] _U_ =
|
||||
"@(#) $Header: /tcpdump/master/libpcap/pcap-usb-linux.c,v 1.33 2008-12-23 21:38:50 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
#endif
|
||||
|
||||
#include "pcap-int.h"
|
||||
#include "pcap-usb-linux.h"
|
||||
#include "pcap/usb.h"
|
||||
|
||||
#ifdef NEED_STRERROR_H
|
||||
#include "strerror.h"
|
||||
#endif
|
||||
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
#include <fcntl.h>
|
||||
#include <string.h>
|
||||
#include <dirent.h>
|
||||
#include <byteswap.h>
|
||||
#include <netinet/in.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/mman.h>
|
||||
#ifdef HAVE_LINUX_USBDEVICE_FS_H
|
||||
/*
|
||||
* We might need <linux/compiler.h> to define __user for
|
||||
* <linux/usbdevice_fs.h>.
|
||||
*/
|
||||
#ifdef HAVE_LINUX_COMPILER_H
|
||||
#include <linux/compiler.h>
|
||||
#endif /* HAVE_LINUX_COMPILER_H */
|
||||
#include <linux/usbdevice_fs.h>
|
||||
#endif /* HAVE_LINUX_USBDEVICE_FS_H */
|
||||
|
||||
#define USB_IFACE "usbmon"
|
||||
#define USB_TEXT_DIR_OLD "/sys/kernel/debug/usbmon"
|
||||
#define USB_TEXT_DIR "/sys/kernel/debug/usb/usbmon"
|
||||
#define SYS_USB_BUS_DIR "/sys/bus/usb/devices"
|
||||
#define PROC_USB_BUS_DIR "/proc/bus/usb"
|
||||
#define USB_LINE_LEN 4096
|
||||
|
||||
#if __BYTE_ORDER == __LITTLE_ENDIAN
|
||||
#define htols(s) s
|
||||
#define htoll(l) l
|
||||
#define htol64(ll) ll
|
||||
#else
|
||||
#define htols(s) bswap_16(s)
|
||||
#define htoll(l) bswap_32(l)
|
||||
#define htol64(ll) bswap_64(ll)
|
||||
#endif
|
||||
|
||||
struct mon_bin_stats {
|
||||
u_int32_t queued;
|
||||
u_int32_t dropped;
|
||||
};
|
||||
|
||||
struct mon_bin_get {
|
||||
pcap_usb_header *hdr;
|
||||
void *data;
|
||||
size_t data_len; /* Length of data (can be zero) */
|
||||
};
|
||||
|
||||
struct mon_bin_mfetch {
|
||||
int32_t *offvec; /* Vector of events fetched */
|
||||
int32_t nfetch; /* Number of events to fetch (out: fetched) */
|
||||
int32_t nflush; /* Number of events to flush */
|
||||
};
|
||||
|
||||
#define MON_IOC_MAGIC 0x92
|
||||
|
||||
#define MON_IOCQ_URB_LEN _IO(MON_IOC_MAGIC, 1)
|
||||
#define MON_IOCX_URB _IOWR(MON_IOC_MAGIC, 2, struct mon_bin_hdr)
|
||||
#define MON_IOCG_STATS _IOR(MON_IOC_MAGIC, 3, struct mon_bin_stats)
|
||||
#define MON_IOCT_RING_SIZE _IO(MON_IOC_MAGIC, 4)
|
||||
#define MON_IOCQ_RING_SIZE _IO(MON_IOC_MAGIC, 5)
|
||||
#define MON_IOCX_GET _IOW(MON_IOC_MAGIC, 6, struct mon_bin_get)
|
||||
#define MON_IOCX_MFETCH _IOWR(MON_IOC_MAGIC, 7, struct mon_bin_mfetch)
|
||||
#define MON_IOCH_MFLUSH _IO(MON_IOC_MAGIC, 8)
|
||||
|
||||
#define MON_BIN_SETUP 0x1 /* setup hdr is present*/
|
||||
#define MON_BIN_SETUP_ZERO 0x2 /* setup buffer is not available */
|
||||
#define MON_BIN_DATA_ZERO 0x4 /* data buffer is not available */
|
||||
#define MON_BIN_ERROR 0x8
|
||||
|
||||
/* forward declaration */
|
||||
static int usb_activate(pcap_t *);
|
||||
static int usb_stats_linux(pcap_t *, struct pcap_stat *);
|
||||
static int usb_stats_linux_bin(pcap_t *, struct pcap_stat *);
|
||||
static int usb_read_linux(pcap_t *, int , pcap_handler , u_char *);
|
||||
static int usb_read_linux_bin(pcap_t *, int , pcap_handler , u_char *);
|
||||
static int usb_read_linux_mmap(pcap_t *, int , pcap_handler , u_char *);
|
||||
static int usb_inject_linux(pcap_t *, const void *, size_t);
|
||||
static int usb_setdirection_linux(pcap_t *, pcap_direction_t);
|
||||
static void usb_cleanup_linux_mmap(pcap_t *);
|
||||
|
||||
/* facility to add an USB device to the device list*/
|
||||
static int
|
||||
usb_dev_add(pcap_if_t** alldevsp, int n, char *err_str)
|
||||
{
|
||||
char dev_name[10];
|
||||
char dev_descr[30];
|
||||
snprintf(dev_name, 10, USB_IFACE"%d", n);
|
||||
snprintf(dev_descr, 30, "USB bus number %d", n);
|
||||
|
||||
if (pcap_add_if(alldevsp, dev_name, 0,
|
||||
dev_descr, err_str) < 0)
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
usb_platform_finddevs(pcap_if_t **alldevsp, char *err_str)
|
||||
{
|
||||
struct dirent* data;
|
||||
int ret = 0;
|
||||
DIR* dir;
|
||||
int n;
|
||||
char* name;
|
||||
size_t len;
|
||||
|
||||
/* try scanning sysfs usb bus directory */
|
||||
dir = opendir(SYS_USB_BUS_DIR);
|
||||
if (dir != NULL) {
|
||||
while ((ret == 0) && ((data = readdir(dir)) != 0)) {
|
||||
name = data->d_name;
|
||||
|
||||
if (strncmp(name, "usb", 3) != 0)
|
||||
continue;
|
||||
|
||||
if (sscanf(&name[3], "%d", &n) == 0)
|
||||
continue;
|
||||
|
||||
ret = usb_dev_add(alldevsp, n, err_str);
|
||||
}
|
||||
|
||||
closedir(dir);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* that didn't work; try scanning procfs usb bus directory */
|
||||
dir = opendir(PROC_USB_BUS_DIR);
|
||||
if (dir != NULL) {
|
||||
while ((ret == 0) && ((data = readdir(dir)) != 0)) {
|
||||
name = data->d_name;
|
||||
len = strlen(name);
|
||||
|
||||
/* if this file name does not end with a number it's not of our interest */
|
||||
if ((len < 1) || !isdigit(name[--len]))
|
||||
continue;
|
||||
while (isdigit(name[--len]));
|
||||
if (sscanf(&name[len+1], "%d", &n) != 1)
|
||||
continue;
|
||||
|
||||
ret = usb_dev_add(alldevsp, n, err_str);
|
||||
}
|
||||
|
||||
closedir(dir);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* neither of them worked */
|
||||
return 0;
|
||||
}
|
||||
|
||||
static
|
||||
int usb_mmap(pcap_t* handle)
|
||||
{
|
||||
int len = ioctl(handle->fd, MON_IOCQ_RING_SIZE);
|
||||
if (len < 0)
|
||||
return 0;
|
||||
|
||||
handle->md.mmapbuflen = len;
|
||||
handle->md.mmapbuf = mmap(0, handle->md.mmapbuflen, PROT_READ,
|
||||
MAP_SHARED, handle->fd, 0);
|
||||
return handle->md.mmapbuf != MAP_FAILED;
|
||||
}
|
||||
|
||||
#define CTRL_TIMEOUT (5*1000) /* milliseconds */
|
||||
|
||||
#define USB_DIR_IN 0x80
|
||||
#define USB_TYPE_STANDARD 0x00
|
||||
#define USB_RECIP_DEVICE 0x00
|
||||
|
||||
#define USB_REQ_GET_DESCRIPTOR 6
|
||||
|
||||
#define USB_DT_DEVICE 1
|
||||
|
||||
/* probe the descriptors of the devices attached to the bus */
|
||||
/* the descriptors will end up in the captured packet stream */
|
||||
/* and be decoded by external apps like wireshark */
|
||||
/* without these identifying probes packet data can't be fully decoded */
|
||||
static void
|
||||
probe_devices(int bus)
|
||||
{
|
||||
struct usbdevfs_ctrltransfer ctrl;
|
||||
struct dirent* data;
|
||||
int ret = 0;
|
||||
char buf[40];
|
||||
DIR* dir;
|
||||
|
||||
/* scan usb bus directories for device nodes */
|
||||
snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d", bus);
|
||||
dir = opendir(buf);
|
||||
if (!dir)
|
||||
return;
|
||||
|
||||
while ((ret >= 0) && ((data = readdir(dir)) != 0)) {
|
||||
int fd;
|
||||
char* name = data->d_name;
|
||||
|
||||
if (name[0] == '.')
|
||||
continue;
|
||||
|
||||
snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d/%s", bus, data->d_name);
|
||||
|
||||
fd = open(buf, O_RDWR);
|
||||
if (fd == -1)
|
||||
continue;
|
||||
|
||||
/*
|
||||
* Sigh. Different kernels have different member names
|
||||
* for this structure.
|
||||
*/
|
||||
#ifdef HAVE_USBDEVFS_CTRLTRANSFER_BREQUESTTYPE
|
||||
ctrl.bRequestType = USB_DIR_IN | USB_TYPE_STANDARD | USB_RECIP_DEVICE;
|
||||
ctrl.bRequest = USB_REQ_GET_DESCRIPTOR;
|
||||
ctrl.wValue = USB_DT_DEVICE << 8;
|
||||
ctrl.wIndex = 0;
|
||||
ctrl.wLength = sizeof(buf);
|
||||
#else
|
||||
ctrl.requesttype = USB_DIR_IN | USB_TYPE_STANDARD | USB_RECIP_DEVICE;
|
||||
ctrl.request = USB_REQ_GET_DESCRIPTOR;
|
||||
ctrl.value = USB_DT_DEVICE << 8;
|
||||
ctrl.index = 0;
|
||||
ctrl.length = sizeof(buf);
|
||||
#endif
|
||||
ctrl.data = buf;
|
||||
ctrl.timeout = CTRL_TIMEOUT;
|
||||
|
||||
ret = ioctl(fd, USBDEVFS_CONTROL, &ctrl);
|
||||
|
||||
close(fd);
|
||||
}
|
||||
closedir(dir);
|
||||
}
|
||||
|
||||
pcap_t *
|
||||
usb_create(const char *device, char *ebuf)
|
||||
{
|
||||
pcap_t *p;
|
||||
|
||||
p = pcap_create_common(device, ebuf);
|
||||
if (p == NULL)
|
||||
return (NULL);
|
||||
|
||||
p->activate_op = usb_activate;
|
||||
return (p);
|
||||
}
|
||||
|
||||
static int
|
||||
usb_activate(pcap_t* handle)
|
||||
{
|
||||
char full_path[USB_LINE_LEN];
|
||||
|
||||
/* Initialize some components of the pcap structure. */
|
||||
handle->bufsize = handle->snapshot;
|
||||
handle->offset = 0;
|
||||
handle->linktype = DLT_USB_LINUX;
|
||||
|
||||
handle->inject_op = usb_inject_linux;
|
||||
handle->setfilter_op = install_bpf_program; /* no kernel filtering */
|
||||
handle->setdirection_op = usb_setdirection_linux;
|
||||
handle->set_datalink_op = NULL; /* can't change data link type */
|
||||
handle->getnonblock_op = pcap_getnonblock_fd;
|
||||
handle->setnonblock_op = pcap_setnonblock_fd;
|
||||
|
||||
/*get usb bus index from device name */
|
||||
if (sscanf(handle->opt.source, USB_IFACE"%d", &handle->md.ifindex) != 1)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't get USB bus index from %s", handle->opt.source);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
|
||||
/*now select the read method: try to open binary interface */
|
||||
snprintf(full_path, USB_LINE_LEN, LINUX_USB_MON_DEV"%d", handle->md.ifindex);
|
||||
handle->fd = open(full_path, O_RDONLY, 0);
|
||||
if (handle->fd >= 0)
|
||||
{
|
||||
if (handle->opt.rfmon) {
|
||||
/*
|
||||
* Monitor mode doesn't apply to USB devices.
|
||||
*/
|
||||
close(handle->fd);
|
||||
return PCAP_ERROR_RFMON_NOTSUP;
|
||||
}
|
||||
|
||||
/* binary api is available, try to use fast mmap access */
|
||||
if (usb_mmap(handle)) {
|
||||
handle->linktype = DLT_USB_LINUX_MMAPPED;
|
||||
handle->stats_op = usb_stats_linux_bin;
|
||||
handle->read_op = usb_read_linux_mmap;
|
||||
handle->cleanup_op = usb_cleanup_linux_mmap;
|
||||
probe_devices(handle->md.ifindex);
|
||||
|
||||
/*
|
||||
* "handle->fd" is a real file, so "select()" and
|
||||
* "poll()" work on it.
|
||||
*/
|
||||
handle->selectable_fd = handle->fd;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* can't mmap, use plain binary interface access */
|
||||
handle->stats_op = usb_stats_linux_bin;
|
||||
handle->read_op = usb_read_linux_bin;
|
||||
probe_devices(handle->md.ifindex);
|
||||
}
|
||||
else {
|
||||
/*Binary interface not available, try open text interface */
|
||||
snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR"/%dt", handle->md.ifindex);
|
||||
handle->fd = open(full_path, O_RDONLY, 0);
|
||||
if (handle->fd < 0)
|
||||
{
|
||||
if (errno == ENOENT)
|
||||
{
|
||||
/*
|
||||
* Not found at the new location; try
|
||||
* the old location.
|
||||
*/
|
||||
snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%dt", handle->md.ifindex);
|
||||
handle->fd = open(full_path, O_RDONLY, 0);
|
||||
}
|
||||
if (handle->fd < 0) {
|
||||
/* no more fallback, give it up*/
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't open USB bus file %s: %s", full_path, strerror(errno));
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
}
|
||||
|
||||
if (handle->opt.rfmon) {
|
||||
/*
|
||||
* Monitor mode doesn't apply to USB devices.
|
||||
*/
|
||||
close(handle->fd);
|
||||
return PCAP_ERROR_RFMON_NOTSUP;
|
||||
}
|
||||
|
||||
handle->stats_op = usb_stats_linux;
|
||||
handle->read_op = usb_read_linux;
|
||||
}
|
||||
|
||||
/*
|
||||
* "handle->fd" is a real file, so "select()" and "poll()"
|
||||
* work on it.
|
||||
*/
|
||||
handle->selectable_fd = handle->fd;
|
||||
|
||||
/* for plain binary access and text access we need to allocate the read
|
||||
* buffer */
|
||||
handle->buffer = malloc(handle->bufsize);
|
||||
if (!handle->buffer) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"malloc: %s", pcap_strerror(errno));
|
||||
close(handle->fd);
|
||||
return PCAP_ERROR;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int
|
||||
ascii_to_int(char c)
|
||||
{
|
||||
return c < 'A' ? c- '0': ((c<'a') ? c - 'A' + 10: c-'a'+10);
|
||||
}
|
||||
|
||||
/*
|
||||
* see <linux-kernel-source>/Documentation/usb/usbmon.txt and
|
||||
* <linux-kernel-source>/drivers/usb/mon/mon_text.c for urb string
|
||||
* format description
|
||||
*/
|
||||
static int
|
||||
usb_read_linux(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user)
|
||||
{
|
||||
/* see:
|
||||
* /usr/src/linux/Documentation/usb/usbmon.txt
|
||||
* for message format
|
||||
*/
|
||||
unsigned timestamp;
|
||||
int tag, cnt, ep_num, dev_addr, dummy, ret, urb_len, data_len;
|
||||
char etype, pipeid1, pipeid2, status[16], urb_tag, line[USB_LINE_LEN];
|
||||
char *string = line;
|
||||
u_char * rawdata = handle->buffer;
|
||||
struct pcap_pkthdr pkth;
|
||||
pcap_usb_header* uhdr = (pcap_usb_header*)handle->buffer;
|
||||
u_char urb_transfer=0;
|
||||
int incoming=0;
|
||||
|
||||
/* ignore interrupt system call errors */
|
||||
do {
|
||||
ret = read(handle->fd, line, USB_LINE_LEN - 1);
|
||||
if (handle->break_loop)
|
||||
{
|
||||
handle->break_loop = 0;
|
||||
return -2;
|
||||
}
|
||||
} while ((ret == -1) && (errno == EINTR));
|
||||
if (ret < 0)
|
||||
{
|
||||
if (errno == EAGAIN)
|
||||
return 0; /* no data there */
|
||||
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't read from fd %d: %s", handle->fd, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* read urb header; %n argument may increment return value, but it's
|
||||
* not mandatory, so does not count on it*/
|
||||
string[ret] = 0;
|
||||
ret = sscanf(string, "%x %d %c %c%c:%d:%d %s%n", &tag, ×tamp, &etype,
|
||||
&pipeid1, &pipeid2, &dev_addr, &ep_num, status,
|
||||
&cnt);
|
||||
if (ret < 8)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't parse USB bus message '%s', too few tokens (expected 8 got %d)",
|
||||
string, ret);
|
||||
return -1;
|
||||
}
|
||||
uhdr->id = tag;
|
||||
uhdr->device_address = dev_addr;
|
||||
uhdr->bus_id = handle->md.ifindex;
|
||||
uhdr->status = 0;
|
||||
string += cnt;
|
||||
|
||||
/* don't use usbmon provided timestamp, since it have low precision*/
|
||||
if (gettimeofday(&pkth.ts, NULL) < 0)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't get timestamp for message '%s' %d:%s",
|
||||
string, errno, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
uhdr->ts_sec = pkth.ts.tv_sec;
|
||||
uhdr->ts_usec = pkth.ts.tv_usec;
|
||||
|
||||
/* parse endpoint information */
|
||||
if (pipeid1 == 'C')
|
||||
urb_transfer = URB_CONTROL;
|
||||
else if (pipeid1 == 'Z')
|
||||
urb_transfer = URB_ISOCHRONOUS;
|
||||
else if (pipeid1 == 'I')
|
||||
urb_transfer = URB_INTERRUPT;
|
||||
else if (pipeid1 == 'B')
|
||||
urb_transfer = URB_BULK;
|
||||
if (pipeid2 == 'i') {
|
||||
ep_num |= URB_TRANSFER_IN;
|
||||
incoming = 1;
|
||||
}
|
||||
if (etype == 'C')
|
||||
incoming = !incoming;
|
||||
|
||||
/* direction check*/
|
||||
if (incoming)
|
||||
{
|
||||
if (handle->direction == PCAP_D_OUT)
|
||||
return 0;
|
||||
}
|
||||
else
|
||||
if (handle->direction == PCAP_D_IN)
|
||||
return 0;
|
||||
uhdr->event_type = etype;
|
||||
uhdr->transfer_type = urb_transfer;
|
||||
uhdr->endpoint_number = ep_num;
|
||||
pkth.caplen = sizeof(pcap_usb_header);
|
||||
rawdata += sizeof(pcap_usb_header);
|
||||
|
||||
/* check if this is a setup packet */
|
||||
ret = sscanf(status, "%d", &dummy);
|
||||
if (ret != 1)
|
||||
{
|
||||
/* this a setup packet, setup data can be filled with underscore if
|
||||
* usbmon has not been able to read them, so we must parse this fields as
|
||||
* strings */
|
||||
pcap_usb_setup* shdr;
|
||||
char str1[3], str2[3], str3[5], str4[5], str5[5];
|
||||
ret = sscanf(string, "%s %s %s %s %s%n", str1, str2, str3, str4,
|
||||
str5, &cnt);
|
||||
if (ret < 5)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't parse USB bus message '%s', too few tokens (expected 5 got %d)",
|
||||
string, ret);
|
||||
return -1;
|
||||
}
|
||||
string += cnt;
|
||||
|
||||
/* try to convert to corresponding integer */
|
||||
shdr = &uhdr->setup;
|
||||
shdr->bmRequestType = strtoul(str1, 0, 16);
|
||||
shdr->bRequest = strtoul(str2, 0, 16);
|
||||
shdr->wValue = htols(strtoul(str3, 0, 16));
|
||||
shdr->wIndex = htols(strtoul(str4, 0, 16));
|
||||
shdr->wLength = htols(strtoul(str5, 0, 16));
|
||||
|
||||
uhdr->setup_flag = 0;
|
||||
}
|
||||
else
|
||||
uhdr->setup_flag = 1;
|
||||
|
||||
/* read urb data */
|
||||
ret = sscanf(string, " %d%n", &urb_len, &cnt);
|
||||
if (ret < 1)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't parse urb length from '%s'", string);
|
||||
return -1;
|
||||
}
|
||||
string += cnt;
|
||||
|
||||
/* urb tag is not present if urb length is 0, so we can stop here
|
||||
* text parsing */
|
||||
pkth.len = urb_len+pkth.caplen;
|
||||
uhdr->urb_len = urb_len;
|
||||
uhdr->data_flag = 1;
|
||||
data_len = 0;
|
||||
if (uhdr->urb_len == 0)
|
||||
goto got;
|
||||
|
||||
/* check for data presence; data is present if and only if urb tag is '=' */
|
||||
if (sscanf(string, " %c", &urb_tag) != 1)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't parse urb tag from '%s'", string);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (urb_tag != '=')
|
||||
goto got;
|
||||
|
||||
/* skip urb tag and following space */
|
||||
string += 3;
|
||||
|
||||
/* if we reach this point we got some urb data*/
|
||||
uhdr->data_flag = 0;
|
||||
|
||||
/* read all urb data; if urb length is greater then the usbmon internal
|
||||
* buffer length used by the kernel to spool the URB, we get only
|
||||
* a partial information.
|
||||
* At least until linux 2.6.17 there is no way to set usbmon intenal buffer
|
||||
* length and default value is 130. */
|
||||
while ((string[0] != 0) && (string[1] != 0) && (pkth.caplen < handle->snapshot))
|
||||
{
|
||||
rawdata[0] = ascii_to_int(string[0]) * 16 + ascii_to_int(string[1]);
|
||||
rawdata++;
|
||||
string+=2;
|
||||
if (string[0] == ' ')
|
||||
string++;
|
||||
pkth.caplen++;
|
||||
data_len++;
|
||||
}
|
||||
|
||||
got:
|
||||
uhdr->data_len = data_len;
|
||||
if (pkth.caplen > handle->snapshot)
|
||||
pkth.caplen = handle->snapshot;
|
||||
|
||||
if (handle->fcode.bf_insns == NULL ||
|
||||
bpf_filter(handle->fcode.bf_insns, handle->buffer,
|
||||
pkth.len, pkth.caplen)) {
|
||||
handle->md.packets_read++;
|
||||
callback(user, &pkth, handle->buffer);
|
||||
return 1;
|
||||
}
|
||||
return 0; /* didn't pass filter */
|
||||
}
|
||||
|
||||
static int
|
||||
usb_inject_linux(pcap_t *handle, const void *buf, size_t size)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "inject not supported on "
|
||||
"USB devices");
|
||||
return (-1);
|
||||
}
|
||||
|
||||
static int
|
||||
usb_stats_linux(pcap_t *handle, struct pcap_stat *stats)
|
||||
{
|
||||
int dummy, ret, consumed, cnt;
|
||||
char string[USB_LINE_LEN];
|
||||
char token[USB_LINE_LEN];
|
||||
char * ptr = string;
|
||||
int fd;
|
||||
|
||||
snprintf(string, USB_LINE_LEN, USB_TEXT_DIR"/%ds", handle->md.ifindex);
|
||||
fd = open(string, O_RDONLY, 0);
|
||||
if (fd < 0)
|
||||
{
|
||||
if (errno == ENOENT)
|
||||
{
|
||||
/*
|
||||
* Not found at the new location; try the old
|
||||
* location.
|
||||
*/
|
||||
snprintf(string, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%ds", handle->md.ifindex);
|
||||
fd = open(string, O_RDONLY, 0);
|
||||
}
|
||||
if (fd < 0) {
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't open USB stats file %s: %s",
|
||||
string, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
/* read stats line */
|
||||
do {
|
||||
ret = read(fd, string, USB_LINE_LEN-1);
|
||||
} while ((ret == -1) && (errno == EINTR));
|
||||
close(fd);
|
||||
|
||||
if (ret < 0)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't read stats from fd %d ", fd);
|
||||
return -1;
|
||||
}
|
||||
string[ret] = 0;
|
||||
|
||||
/* extract info on dropped urbs */
|
||||
for (consumed=0; consumed < ret; ) {
|
||||
/* from the sscanf man page:
|
||||
* The C standard says: "Execution of a %n directive does
|
||||
* not increment the assignment count returned at the completion
|
||||
* of execution" but the Corrigendum seems to contradict this.
|
||||
* Do not make any assumptions on the effect of %n conversions
|
||||
* on the return value and explicitly check for cnt assignmet*/
|
||||
int ntok;
|
||||
|
||||
cnt = -1;
|
||||
ntok = sscanf(ptr, "%s%n", token, &cnt);
|
||||
if ((ntok < 1) || (cnt < 0))
|
||||
break;
|
||||
consumed += cnt;
|
||||
ptr += cnt;
|
||||
if (strcmp(token, "nreaders") == 0)
|
||||
ret = sscanf(ptr, "%d", &stats->ps_drop);
|
||||
else
|
||||
ret = sscanf(ptr, "%d", &dummy);
|
||||
if (ntok != 1)
|
||||
break;
|
||||
consumed += cnt;
|
||||
ptr += cnt;
|
||||
}
|
||||
|
||||
stats->ps_recv = handle->md.packets_read;
|
||||
stats->ps_ifdrop = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
usb_setdirection_linux(pcap_t *p, pcap_direction_t d)
|
||||
{
|
||||
p->direction = d;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
usb_stats_linux_bin(pcap_t *handle, struct pcap_stat *stats)
|
||||
{
|
||||
int ret;
|
||||
struct mon_bin_stats st;
|
||||
ret = ioctl(handle->fd, MON_IOCG_STATS, &st);
|
||||
if (ret < 0)
|
||||
{
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't read stats from fd %d:%s ", handle->fd, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
stats->ps_recv = handle->md.packets_read + st.queued;
|
||||
stats->ps_drop = st.dropped;
|
||||
stats->ps_ifdrop = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* see <linux-kernel-source>/Documentation/usb/usbmon.txt and
|
||||
* <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI
|
||||
*/
|
||||
static int
|
||||
usb_read_linux_bin(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user)
|
||||
{
|
||||
struct mon_bin_get info;
|
||||
int ret;
|
||||
struct pcap_pkthdr pkth;
|
||||
int clen = handle->snapshot - sizeof(pcap_usb_header);
|
||||
|
||||
/* the usb header is going to be part of 'packet' data*/
|
||||
info.hdr = (pcap_usb_header*) handle->buffer;
|
||||
info.data = handle->buffer + sizeof(pcap_usb_header);
|
||||
info.data_len = clen;
|
||||
|
||||
/* ignore interrupt system call errors */
|
||||
do {
|
||||
ret = ioctl(handle->fd, MON_IOCX_GET, &info);
|
||||
if (handle->break_loop)
|
||||
{
|
||||
handle->break_loop = 0;
|
||||
return -2;
|
||||
}
|
||||
} while ((ret == -1) && (errno == EINTR));
|
||||
if (ret < 0)
|
||||
{
|
||||
if (errno == EAGAIN)
|
||||
return 0; /* no data there */
|
||||
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't read from fd %d: %s", handle->fd, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* we can get less that than really captured from kernel, depending on
|
||||
* snaplen, so adjust header accordingly */
|
||||
if (info.hdr->data_len < clen)
|
||||
clen = info.hdr->data_len;
|
||||
info.hdr->data_len = clen;
|
||||
pkth.caplen = clen + sizeof(pcap_usb_header);
|
||||
pkth.len = info.hdr->data_len + sizeof(pcap_usb_header);
|
||||
pkth.ts.tv_sec = info.hdr->ts_sec;
|
||||
pkth.ts.tv_usec = info.hdr->ts_usec;
|
||||
|
||||
if (handle->fcode.bf_insns == NULL ||
|
||||
bpf_filter(handle->fcode.bf_insns, handle->buffer,
|
||||
pkth.len, pkth.caplen)) {
|
||||
handle->md.packets_read++;
|
||||
callback(user, &pkth, handle->buffer);
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0; /* didn't pass filter */
|
||||
}
|
||||
|
||||
/*
|
||||
* see <linux-kernel-source>/Documentation/usb/usbmon.txt and
|
||||
* <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI
|
||||
*/
|
||||
#define VEC_SIZE 32
|
||||
static int
|
||||
usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user)
|
||||
{
|
||||
struct mon_bin_mfetch fetch;
|
||||
int32_t vec[VEC_SIZE];
|
||||
struct pcap_pkthdr pkth;
|
||||
pcap_usb_header* hdr;
|
||||
int nflush = 0;
|
||||
int packets = 0;
|
||||
int clen, max_clen;
|
||||
|
||||
max_clen = handle->snapshot - sizeof(pcap_usb_header);
|
||||
|
||||
for (;;) {
|
||||
int i, ret;
|
||||
int limit = max_packets - packets;
|
||||
if (limit <= 0)
|
||||
limit = VEC_SIZE;
|
||||
if (limit > VEC_SIZE)
|
||||
limit = VEC_SIZE;
|
||||
|
||||
/* try to fetch as many events as possible*/
|
||||
fetch.offvec = vec;
|
||||
fetch.nfetch = limit;
|
||||
fetch.nflush = nflush;
|
||||
/* ignore interrupt system call errors */
|
||||
do {
|
||||
ret = ioctl(handle->fd, MON_IOCX_MFETCH, &fetch);
|
||||
if (handle->break_loop)
|
||||
{
|
||||
handle->break_loop = 0;
|
||||
return -2;
|
||||
}
|
||||
} while ((ret == -1) && (errno == EINTR));
|
||||
if (ret < 0)
|
||||
{
|
||||
if (errno == EAGAIN)
|
||||
return 0; /* no data there */
|
||||
|
||||
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
||||
"Can't mfetch fd %d: %s", handle->fd, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* keep track of processed events, we will flush them later */
|
||||
nflush = fetch.nfetch;
|
||||
for (i=0; i<fetch.nfetch; ++i) {
|
||||
/* discard filler */
|
||||
hdr = (pcap_usb_header*) &handle->md.mmapbuf[vec[i]];
|
||||
if (hdr->event_type == '@')
|
||||
continue;
|
||||
|
||||
/* we can get less that than really captured from kernel, depending on
|
||||
* snaplen, so adjust header accordingly */
|
||||
clen = max_clen;
|
||||
if (hdr->data_len < clen)
|
||||
clen = hdr->data_len;
|
||||
|
||||
/* get packet info from header*/
|
||||
pkth.caplen = clen + sizeof(pcap_usb_header_mmapped);
|
||||
pkth.len = hdr->data_len + sizeof(pcap_usb_header_mmapped);
|
||||
pkth.ts.tv_sec = hdr->ts_sec;
|
||||
pkth.ts.tv_usec = hdr->ts_usec;
|
||||
|
||||
if (handle->fcode.bf_insns == NULL ||
|
||||
bpf_filter(handle->fcode.bf_insns, (u_char*) hdr,
|
||||
pkth.len, pkth.caplen)) {
|
||||
handle->md.packets_read++;
|
||||
callback(user, &pkth, (u_char*) hdr);
|
||||
packets++;
|
||||
}
|
||||
}
|
||||
|
||||
/* with max_packets <= 0 we stop afer the first chunk*/
|
||||
if ((max_packets <= 0) || (packets == max_packets))
|
||||
break;
|
||||
}
|
||||
|
||||
/* flush pending events*/
|
||||
ioctl(handle->fd, MON_IOCH_MFLUSH, nflush);
|
||||
return packets;
|
||||
}
|
||||
|
||||
static void
|
||||
usb_cleanup_linux_mmap(pcap_t* handle)
|
||||
{
|
||||
/* if we have a memory-mapped buffer, unmap it */
|
||||
if (handle->md.mmapbuf != NULL) {
|
||||
munmap(handle->md.mmapbuf, handle->md.mmapbuflen);
|
||||
handle->md.mmapbuf = NULL;
|
||||
}
|
||||
pcap_cleanup_live_common(handle);
|
||||
}
|
|
@ -0,0 +1,40 @@
|
|||
/*
|
||||
* Copyright (c) 2006 Paolo Abeni (Italy)
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* USB sniffing API implementation for Linux platform
|
||||
* By Paolo Abeni <paolo.abeni@email.it>
|
||||
*
|
||||
* @(#) $Header: /tcpdump/master/libpcap/pcap-usb-linux.h,v 1.5 2008-04-04 19:37:45 guy Exp $ (LBL)
|
||||
*/
|
||||
|
||||
/*
|
||||
* Prototypes for USB-related functions
|
||||
*/
|
||||
int usb_platform_finddevs(pcap_if_t **alldevsp, char *err_str);
|
||||
pcap_t *usb_create(const char *device, char *ebuf);
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue