osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

text2pcap: Use common capture type flag 

Support all possible file formats that wiretap writes, using the
same "-F" flag that other CLI tools like editcap, mergecap, and tshark
support. Default is still pcap for now; a future commit will switch
to pcapng and remove the "-n" option, to match other CLI tools.
This commit is contained in:
John Thacker 2022-01-03 09:46:44 -05:00 committed by A Wireshark GitLab Utility
parent 8501dc48dd
commit 21465962fd
3 changed files with 68 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
doc/text2pcap.adoc
View File

@ -17,6 +17,7 @@ text2pcap - Generate a capture file from an ASCII hexdump of packets
[ *-b* 2|8|16|64 ]
[ *-D* ]
[ *-e* <l3pid> ]
[ *-F* <file format> ]
[ *-h* ]
[ *-i* <proto> ]
[ *-l* <typenum> ]
@ -40,11 +41,17 @@ text2pcap - Generate a capture file from an ASCII hexdump of packets
== DESCRIPTION
*Text2pcap* is a program that reads in an ASCII hex dump and writes the
data described into a *pcap* or *pcapng* capture file. *text2pcap* can
read hexdumps with multiple packets in them, and build a capture file of
multiple packets. *text2pcap* is also capable of generating dummy
Ethernet, IP and UDP, TCP, or SCTP headers, in order to build fully
processable packet dumps from hexdumps of application-level data only.
data described into a capture file. *text2pcap* can read hexdumps with
multiple packets in them, and build a capture file of multiple packets.
*Text2pcap* is also capable of generating dummy Ethernet, IP and UDP, TCP,
or SCTP headers, in order to build fully processable packet dumps from
hexdumps of application-level data only.
*Text2pcap* can write the file in several output formats.
The *-F* flag can be used to specify the format in which to write the
capture file, *text2pcap -F* provides a list of the available output
formats. By default, it writes the packets to __outfile__ in the *pcap*
file format.
*Text2pcap* understands a hexdump of the form generated by __od -Ax
-tx1 -v__. In other words, each byte is individually displayed, with
@ -197,6 +204,14 @@ whereas generating a dummy Ethernet header with __-e__ works for any
sort of L3 packet.
--
-F <file format>::
+
--
Sets the file format of the output capture file. *Text2pcap* can write
the file in several formats; *text2pcap -F* provides a list of the
available output formats. The default is the *pcap* format.
--
-h::
+
--

6
docbook/release-notes.adoc
View File

@ -58,7 +58,11 @@ They previously shipped with Npcap 1.55.
** Date and time can be given in UTC using ISO 8601 (with 'Z' timezone) or by appending the suffix "UTC" to the legacy formats.
Otherwise local time is used.
* text2pcap has been updated to use the new logging output options and the
* text2pcap:
** text2pcap supports writing the output file in all the capture file formats
that wiretap library supports, using the same "-F" option as editcap,
mergecap, and tshark.
** text2pcap has been updated to use the new logging output options and the
"-d" flag has been removed. The "debug" log level corresponds to the old
"-d" flag, and the "noisy" log level corresponds to using "-d" multiple times.

56
text2pcap.c
View File

@ -98,9 +98,6 @@
/*--- Options --------------------------------------------------------------------*/
/* File format */
static gboolean use_pcapng = FALSE;
/* Be quiet */
static gboolean quiet = FALSE;
@ -215,6 +212,8 @@ print_usage (FILE *output)
" (def: 16: hexadecimal) No effect in hexdump mode.\n"
"\n"
"Output:\n"
" -F <capture type> set the output file type; default is pcap.\n"
" an empty \"-F\" option will list the file types.\n"
" -l <typenum> link-layer type number; default is 1 (Ethernet). See\n"
" https://www.tcpdump.org/linktypes.html for a list of\n"
" numbers. Use this option if your dump is a complete\n"
@ -294,6 +293,20 @@ set_hdr_ip_proto(guint8 ip_proto)
hdr_ethernet = TRUE;
}
static void
list_capture_types(void) {
GArray *writable_type_subtypes;
cmdarg_err("The available capture file types for the \"-F\" flag are:\n");
writable_type_subtypes = wtap_get_writable_file_types_subtypes(FT_SORT_BY_NAME);
for (guint i = 0; i < writable_type_subtypes->len; i++) {
int ft = g_array_index(writable_type_subtypes, int, i);
fprintf(stderr, " %s - %s\n", wtap_file_type_subtype_name(ft),
wtap_file_type_subtype_description(ft));
}
g_array_free(writable_type_subtypes, TRUE);
}
/*----------------------------------------------------------------------
* Parse CLI options
*/
@ -311,7 +324,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
const char *interface_name = NULL;
/* Link-layer type; see https://www.tcpdump.org/linktypes.html for details */
guint32 pcap_link_type = 1; /* Default is LINKTYPE_ETHERNET */
int file_type_subtype;
int file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_UNKNOWN;
int err;
char* err_info;
GError* gerror = NULL;
@ -326,7 +339,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
ws_init_version_info("Text2pcap (Wireshark)", NULL, NULL, NULL);
/* Scan CLI parameters */
while ((c = ws_getopt_long(argc, argv, "hqab:De:i:l:m:nN:o:u:P:r:s:S:t:T:v4:6:", long_options, NULL)) != -1) {
while ((c = ws_getopt_long(argc, argv, "hqab:De:F:i:l:m:nN:o:u:P:r:s:S:t:T:v4:6:", long_options, NULL)) != -1) {
switch (c) {
case 'h':
show_help_header("Generate a capture file from an ASCII hexdump of packets.");
@ -338,7 +351,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
case 'D': info->hexdump.has_direction = TRUE; break;
case 'l': pcap_link_type = (guint32)strtol(ws_optarg, NULL, 0); break;
case 'm': max_offset = (guint32)strtol(ws_optarg, NULL, 0); break;
case 'n': use_pcapng = TRUE; break;
case 'n': file_type_subtype = wtap_pcapng_file_type_subtype(); break;
case 'N': interface_name = ws_optarg; break;
case 'b':
{
@ -384,6 +397,15 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
}
break;
case 'F':
file_type_subtype = wtap_name_to_file_type_subtype(ws_optarg);
if (file_type_subtype < 0) {
cmdarg_err("\"%s\" isn't a valid capture file type", ws_optarg);
list_capture_types();
return INVALID_OPTION;
}
break;
case 'i':
{
guint8 ip_proto;
@ -632,6 +654,14 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
case '?':
switch(ws_optopt) {
case 'F':
list_capture_types();
return INVALID_OPTION;
break;
}
/* FALLTHROUGH */
default:
print_usage(stderr);
return INVALID_OPTION;
@ -746,13 +776,14 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
wtap_encap_type = wtap_pcap_encap_to_wtap_encap(pcap_link_type);
params->encap = wtap_encap_type;
params->snaplen = max_offset;
if (use_pcapng) {
params->tsprec = WTAP_TSPREC_NSEC;
file_type_subtype = wtap_pcapng_file_type_subtype();
} else {
params->tsprec = WTAP_TSPREC_USEC;
if (file_type_subtype == WTAP_FILE_TYPE_SUBTYPE_UNKNOWN) {
file_type_subtype = wtap_pcap_file_type_subtype();
}
/* Request nanosecond precision. Most file formats only support one time
* precision and ignore this parameter (and the related options in the
* generated IDB), but it affects pcapng.
*/
params->tsprec = WTAP_TSPREC_NSEC;
if ((ret = text_import_pre_open(params, file_type_subtype, input_filename, interface_name)) != EXIT_SUCCESS) {
g_free(params->idb_inf);
wtap_dump_params_cleanup(params);
@ -829,8 +860,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
if (!quiet) {
fprintf(stderr, "Input from: %s\n", input_filename);
fprintf(stderr, "Output to: %s\n", output_filename);
fprintf(stderr, "Output format: %s\n", use_pcapng ? "pcapng" : "pcap");
fprintf(stderr, "Output format: %s\n", wtap_file_type_subtype_name(file_type_subtype));
if (hdr_ethernet) fprintf(stderr, "Generate dummy Ethernet header: Protocol: 0x%0X\n",
hdr_ethernet_proto);
if (hdr_ip) fprintf(stderr, "Generate dummy IP header: Protocol: %u\n",