osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

text2pcap: Use common capture type flag 

Support all possible file formats that wiretap writes, using the
same "-F" flag that other CLI tools like editcap, mergecap, and tshark
support. Default is still pcap for now; a future commit will switch
to pcapng and remove the "-n" option, to match other CLI tools.
This commit is contained in:
John Thacker 2022-01-03 09:46:44 -05:00 committed by A Wireshark GitLab Utility
parent 8501dc48dd
commit 21465962fd
3 changed files with 68 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
doc/text2pcap.adoc
View File

@ -17,6 +17,7 @@ text2pcap - Generate a capture file from an ASCII hexdump of packets
[ *-b* 2|8|16|64 ] [ *-b* 2|8|16|64 ]
[ *-D* ] [ *-D* ]
[ *-e* <l3pid> ] [ *-e* <l3pid> ]
[ *-F* <file format> ]
[ *-h* ] [ *-h* ]
[ *-i* <proto> ] [ *-i* <proto> ]
[ *-l* <typenum> ] [ *-l* <typenum> ]
@ -40,11 +41,17 @@ text2pcap - Generate a capture file from an ASCII hexdump of packets
== DESCRIPTION == DESCRIPTION
*Text2pcap* is a program that reads in an ASCII hex dump and writes the *Text2pcap* is a program that reads in an ASCII hex dump and writes the
data described into a *pcap* or *pcapng* capture file. *text2pcap* can data described into a capture file. *text2pcap* can read hexdumps with
read hexdumps with multiple packets in them, and build a capture file of multiple packets in them, and build a capture file of multiple packets.
multiple packets. *text2pcap* is also capable of generating dummy *Text2pcap* is also capable of generating dummy Ethernet, IP and UDP, TCP,
Ethernet, IP and UDP, TCP, or SCTP headers, in order to build fully or SCTP headers, in order to build fully processable packet dumps from
processable packet dumps from hexdumps of application-level data only. hexdumps of application-level data only.
*Text2pcap* can write the file in several output formats.
The *-F* flag can be used to specify the format in which to write the
capture file, *text2pcap -F* provides a list of the available output
formats. By default, it writes the packets to __outfile__ in the *pcap*
file format.
*Text2pcap* understands a hexdump of the form generated by __od -Ax *Text2pcap* understands a hexdump of the form generated by __od -Ax
-tx1 -v__. In other words, each byte is individually displayed, with -tx1 -v__. In other words, each byte is individually displayed, with
@ -197,6 +204,14 @@ whereas generating a dummy Ethernet header with __-e__ works for any
sort of L3 packet. sort of L3 packet.
-- --
-F <file format>::
+
--
Sets the file format of the output capture file. *Text2pcap* can write
the file in several formats; *text2pcap -F* provides a list of the
available output formats. The default is the *pcap* format.
--
-h:: -h::
+ +
-- --

6
docbook/release-notes.adoc
View File

@ -58,7 +58,11 @@ They previously shipped with Npcap 1.55.
** Date and time can be given in UTC using ISO 8601 (with 'Z' timezone) or by appending the suffix "UTC" to the legacy formats. ** Date and time can be given in UTC using ISO 8601 (with 'Z' timezone) or by appending the suffix "UTC" to the legacy formats.
Otherwise local time is used. Otherwise local time is used.
* text2pcap has been updated to use the new logging output options and the * text2pcap:
** text2pcap supports writing the output file in all the capture file formats
that wiretap library supports, using the same "-F" option as editcap,
mergecap, and tshark.
** text2pcap has been updated to use the new logging output options and the
"-d" flag has been removed. The "debug" log level corresponds to the old "-d" flag has been removed. The "debug" log level corresponds to the old
"-d" flag, and the "noisy" log level corresponds to using "-d" multiple times. "-d" flag, and the "noisy" log level corresponds to using "-d" multiple times.

56
text2pcap.c
View File

@ -98,9 +98,6 @@
/*--- Options --------------------------------------------------------------------*/ /*--- Options --------------------------------------------------------------------*/
/* File format */
static gboolean use_pcapng = FALSE;
/* Be quiet */ /* Be quiet */
static gboolean quiet = FALSE; static gboolean quiet = FALSE;
@ -215,6 +212,8 @@ print_usage (FILE *output)
" (def: 16: hexadecimal) No effect in hexdump mode.\n" " (def: 16: hexadecimal) No effect in hexdump mode.\n"
"\n" "\n"
"Output:\n" "Output:\n"
" -F <capture type> set the output file type; default is pcap.\n"
" an empty \"-F\" option will list the file types.\n"
" -l <typenum> link-layer type number; default is 1 (Ethernet). See\n" " -l <typenum> link-layer type number; default is 1 (Ethernet). See\n"
" https://www.tcpdump.org/linktypes.html for a list of\n" " https://www.tcpdump.org/linktypes.html for a list of\n"
" numbers. Use this option if your dump is a complete\n" " numbers. Use this option if your dump is a complete\n"
@ -294,6 +293,20 @@ set_hdr_ip_proto(guint8 ip_proto)
hdr_ethernet = TRUE; hdr_ethernet = TRUE;
} }
static void
list_capture_types(void) {
GArray *writable_type_subtypes;
cmdarg_err("The available capture file types for the \"-F\" flag are:\n");
writable_type_subtypes = wtap_get_writable_file_types_subtypes(FT_SORT_BY_NAME);
for (guint i = 0; i < writable_type_subtypes->len; i++) {
int ft = g_array_index(writable_type_subtypes, int, i);
fprintf(stderr, " %s - %s\n", wtap_file_type_subtype_name(ft),
wtap_file_type_subtype_description(ft));
}
g_array_free(writable_type_subtypes, TRUE);
}
/*---------------------------------------------------------------------- /*----------------------------------------------------------------------
* Parse CLI options * Parse CLI options
*/ */
@ -311,7 +324,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
const char *interface_name = NULL; const char *interface_name = NULL;
/* Link-layer type; see https://www.tcpdump.org/linktypes.html for details */ /* Link-layer type; see https://www.tcpdump.org/linktypes.html for details */
guint32 pcap_link_type = 1; /* Default is LINKTYPE_ETHERNET */ guint32 pcap_link_type = 1; /* Default is LINKTYPE_ETHERNET */
int file_type_subtype; int file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_UNKNOWN;
int err; int err;
char* err_info; char* err_info;
GError* gerror = NULL; GError* gerror = NULL;
@ -326,7 +339,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
ws_init_version_info("Text2pcap (Wireshark)", NULL, NULL, NULL); ws_init_version_info("Text2pcap (Wireshark)", NULL, NULL, NULL);
/* Scan CLI parameters */ /* Scan CLI parameters */
while ((c = ws_getopt_long(argc, argv, "hqab:De:i:l:m:nN:o:u:P:r:s:S:t:T:v4:6:", long_options, NULL)) != -1) { while ((c = ws_getopt_long(argc, argv, "hqab:De:F:i:l:m:nN:o:u:P:r:s:S:t:T:v4:6:", long_options, NULL)) != -1) {
switch (c) { switch (c) {
case 'h': case 'h':
show_help_header("Generate a capture file from an ASCII hexdump of packets."); show_help_header("Generate a capture file from an ASCII hexdump of packets.");
@ -338,7 +351,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
case 'D': info->hexdump.has_direction = TRUE; break; case 'D': info->hexdump.has_direction = TRUE; break;
case 'l': pcap_link_type = (guint32)strtol(ws_optarg, NULL, 0); break; case 'l': pcap_link_type = (guint32)strtol(ws_optarg, NULL, 0); break;
case 'm': max_offset = (guint32)strtol(ws_optarg, NULL, 0); break; case 'm': max_offset = (guint32)strtol(ws_optarg, NULL, 0); break;
case 'n': use_pcapng = TRUE; break; case 'n': file_type_subtype = wtap_pcapng_file_type_subtype(); break;
case 'N': interface_name = ws_optarg; break; case 'N': interface_name = ws_optarg; break;
case 'b': case 'b':
{ {
@ -384,6 +397,15 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
} }
break; break;
case 'F':
file_type_subtype = wtap_name_to_file_type_subtype(ws_optarg);
if (file_type_subtype < 0) {
cmdarg_err("\"%s\" isn't a valid capture file type", ws_optarg);
list_capture_types();
return INVALID_OPTION;
}
break;
case 'i': case 'i':
{ {
guint8 ip_proto; guint8 ip_proto;
@ -632,6 +654,14 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
case '?': case '?':
switch(ws_optopt) {
case 'F':
list_capture_types();
return INVALID_OPTION;
break;
}
/* FALLTHROUGH */
default: default:
print_usage(stderr); print_usage(stderr);
return INVALID_OPTION; return INVALID_OPTION;
@ -746,13 +776,14 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
wtap_encap_type = wtap_pcap_encap_to_wtap_encap(pcap_link_type); wtap_encap_type = wtap_pcap_encap_to_wtap_encap(pcap_link_type);
params->encap = wtap_encap_type; params->encap = wtap_encap_type;
params->snaplen = max_offset; params->snaplen = max_offset;
if (use_pcapng) { if (file_type_subtype == WTAP_FILE_TYPE_SUBTYPE_UNKNOWN) {
params->tsprec = WTAP_TSPREC_NSEC;
file_type_subtype = wtap_pcapng_file_type_subtype();
} else {
params->tsprec = WTAP_TSPREC_USEC;
file_type_subtype = wtap_pcap_file_type_subtype(); file_type_subtype = wtap_pcap_file_type_subtype();
} }
/* Request nanosecond precision. Most file formats only support one time
* precision and ignore this parameter (and the related options in the
* generated IDB), but it affects pcapng.
*/
params->tsprec = WTAP_TSPREC_NSEC;
if ((ret = text_import_pre_open(params, file_type_subtype, input_filename, interface_name)) != EXIT_SUCCESS) { if ((ret = text_import_pre_open(params, file_type_subtype, input_filename, interface_name)) != EXIT_SUCCESS) {
g_free(params->idb_inf); g_free(params->idb_inf);
wtap_dump_params_cleanup(params); wtap_dump_params_cleanup(params);
@ -829,8 +860,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
if (!quiet) { if (!quiet) {
fprintf(stderr, "Input from: %s\n", input_filename); fprintf(stderr, "Input from: %s\n", input_filename);
fprintf(stderr, "Output to: %s\n", output_filename); fprintf(stderr, "Output to: %s\n", output_filename);
fprintf(stderr, "Output format: %s\n", use_pcapng ? "pcapng" : "pcap"); fprintf(stderr, "Output format: %s\n", wtap_file_type_subtype_name(file_type_subtype));
if (hdr_ethernet) fprintf(stderr, "Generate dummy Ethernet header: Protocol: 0x%0X\n", if (hdr_ethernet) fprintf(stderr, "Generate dummy Ethernet header: Protocol: 0x%0X\n",
hdr_ethernet_proto); hdr_ethernet_proto);
if (hdr_ip) fprintf(stderr, "Generate dummy IP header: Protocol: %u\n", if (hdr_ip) fprintf(stderr, "Generate dummy IP header: Protocol: %u\n",