forked from osmocom/wireshark
text2pcap: Use common capture type flag
Support all possible file formats that wiretap writes, using the same "-F" flag that other CLI tools like editcap, mergecap, and tshark support. Default is still pcap for now; a future commit will switch to pcapng and remove the "-n" option, to match other CLI tools.
This commit is contained in:
parent
8501dc48dd
commit
21465962fd
|
@ -17,6 +17,7 @@ text2pcap - Generate a capture file from an ASCII hexdump of packets
|
||||||
[ *-b* 2|8|16|64 ]
|
[ *-b* 2|8|16|64 ]
|
||||||
[ *-D* ]
|
[ *-D* ]
|
||||||
[ *-e* <l3pid> ]
|
[ *-e* <l3pid> ]
|
||||||
|
[ *-F* <file format> ]
|
||||||
[ *-h* ]
|
[ *-h* ]
|
||||||
[ *-i* <proto> ]
|
[ *-i* <proto> ]
|
||||||
[ *-l* <typenum> ]
|
[ *-l* <typenum> ]
|
||||||
|
@ -40,11 +41,17 @@ text2pcap - Generate a capture file from an ASCII hexdump of packets
|
||||||
== DESCRIPTION
|
== DESCRIPTION
|
||||||
|
|
||||||
*Text2pcap* is a program that reads in an ASCII hex dump and writes the
|
*Text2pcap* is a program that reads in an ASCII hex dump and writes the
|
||||||
data described into a *pcap* or *pcapng* capture file. *text2pcap* can
|
data described into a capture file. *text2pcap* can read hexdumps with
|
||||||
read hexdumps with multiple packets in them, and build a capture file of
|
multiple packets in them, and build a capture file of multiple packets.
|
||||||
multiple packets. *text2pcap* is also capable of generating dummy
|
*Text2pcap* is also capable of generating dummy Ethernet, IP and UDP, TCP,
|
||||||
Ethernet, IP and UDP, TCP, or SCTP headers, in order to build fully
|
or SCTP headers, in order to build fully processable packet dumps from
|
||||||
processable packet dumps from hexdumps of application-level data only.
|
hexdumps of application-level data only.
|
||||||
|
|
||||||
|
*Text2pcap* can write the file in several output formats.
|
||||||
|
The *-F* flag can be used to specify the format in which to write the
|
||||||
|
capture file, *text2pcap -F* provides a list of the available output
|
||||||
|
formats. By default, it writes the packets to __outfile__ in the *pcap*
|
||||||
|
file format.
|
||||||
|
|
||||||
*Text2pcap* understands a hexdump of the form generated by __od -Ax
|
*Text2pcap* understands a hexdump of the form generated by __od -Ax
|
||||||
-tx1 -v__. In other words, each byte is individually displayed, with
|
-tx1 -v__. In other words, each byte is individually displayed, with
|
||||||
|
@ -197,6 +204,14 @@ whereas generating a dummy Ethernet header with __-e__ works for any
|
||||||
sort of L3 packet.
|
sort of L3 packet.
|
||||||
--
|
--
|
||||||
|
|
||||||
|
-F <file format>::
|
||||||
|
+
|
||||||
|
--
|
||||||
|
Sets the file format of the output capture file. *Text2pcap* can write
|
||||||
|
the file in several formats; *text2pcap -F* provides a list of the
|
||||||
|
available output formats. The default is the *pcap* format.
|
||||||
|
--
|
||||||
|
|
||||||
-h::
|
-h::
|
||||||
+
|
+
|
||||||
--
|
--
|
||||||
|
|
|
@ -58,7 +58,11 @@ They previously shipped with Npcap 1.55.
|
||||||
** Date and time can be given in UTC using ISO 8601 (with 'Z' timezone) or by appending the suffix "UTC" to the legacy formats.
|
** Date and time can be given in UTC using ISO 8601 (with 'Z' timezone) or by appending the suffix "UTC" to the legacy formats.
|
||||||
Otherwise local time is used.
|
Otherwise local time is used.
|
||||||
|
|
||||||
* text2pcap has been updated to use the new logging output options and the
|
* text2pcap:
|
||||||
|
** text2pcap supports writing the output file in all the capture file formats
|
||||||
|
that wiretap library supports, using the same "-F" option as editcap,
|
||||||
|
mergecap, and tshark.
|
||||||
|
** text2pcap has been updated to use the new logging output options and the
|
||||||
"-d" flag has been removed. The "debug" log level corresponds to the old
|
"-d" flag has been removed. The "debug" log level corresponds to the old
|
||||||
"-d" flag, and the "noisy" log level corresponds to using "-d" multiple times.
|
"-d" flag, and the "noisy" log level corresponds to using "-d" multiple times.
|
||||||
|
|
||||||
|
|
56
text2pcap.c
56
text2pcap.c
|
@ -98,9 +98,6 @@
|
||||||
|
|
||||||
/*--- Options --------------------------------------------------------------------*/
|
/*--- Options --------------------------------------------------------------------*/
|
||||||
|
|
||||||
/* File format */
|
|
||||||
static gboolean use_pcapng = FALSE;
|
|
||||||
|
|
||||||
/* Be quiet */
|
/* Be quiet */
|
||||||
static gboolean quiet = FALSE;
|
static gboolean quiet = FALSE;
|
||||||
|
|
||||||
|
@ -215,6 +212,8 @@ print_usage (FILE *output)
|
||||||
" (def: 16: hexadecimal) No effect in hexdump mode.\n"
|
" (def: 16: hexadecimal) No effect in hexdump mode.\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Output:\n"
|
"Output:\n"
|
||||||
|
" -F <capture type> set the output file type; default is pcap.\n"
|
||||||
|
" an empty \"-F\" option will list the file types.\n"
|
||||||
" -l <typenum> link-layer type number; default is 1 (Ethernet). See\n"
|
" -l <typenum> link-layer type number; default is 1 (Ethernet). See\n"
|
||||||
" https://www.tcpdump.org/linktypes.html for a list of\n"
|
" https://www.tcpdump.org/linktypes.html for a list of\n"
|
||||||
" numbers. Use this option if your dump is a complete\n"
|
" numbers. Use this option if your dump is a complete\n"
|
||||||
|
@ -294,6 +293,20 @@ set_hdr_ip_proto(guint8 ip_proto)
|
||||||
hdr_ethernet = TRUE;
|
hdr_ethernet = TRUE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
list_capture_types(void) {
|
||||||
|
GArray *writable_type_subtypes;
|
||||||
|
|
||||||
|
cmdarg_err("The available capture file types for the \"-F\" flag are:\n");
|
||||||
|
writable_type_subtypes = wtap_get_writable_file_types_subtypes(FT_SORT_BY_NAME);
|
||||||
|
for (guint i = 0; i < writable_type_subtypes->len; i++) {
|
||||||
|
int ft = g_array_index(writable_type_subtypes, int, i);
|
||||||
|
fprintf(stderr, " %s - %s\n", wtap_file_type_subtype_name(ft),
|
||||||
|
wtap_file_type_subtype_description(ft));
|
||||||
|
}
|
||||||
|
g_array_free(writable_type_subtypes, TRUE);
|
||||||
|
}
|
||||||
|
|
||||||
/*----------------------------------------------------------------------
|
/*----------------------------------------------------------------------
|
||||||
* Parse CLI options
|
* Parse CLI options
|
||||||
*/
|
*/
|
||||||
|
@ -311,7 +324,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
|
||||||
const char *interface_name = NULL;
|
const char *interface_name = NULL;
|
||||||
/* Link-layer type; see https://www.tcpdump.org/linktypes.html for details */
|
/* Link-layer type; see https://www.tcpdump.org/linktypes.html for details */
|
||||||
guint32 pcap_link_type = 1; /* Default is LINKTYPE_ETHERNET */
|
guint32 pcap_link_type = 1; /* Default is LINKTYPE_ETHERNET */
|
||||||
int file_type_subtype;
|
int file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_UNKNOWN;
|
||||||
int err;
|
int err;
|
||||||
char* err_info;
|
char* err_info;
|
||||||
GError* gerror = NULL;
|
GError* gerror = NULL;
|
||||||
|
@ -326,7 +339,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
|
||||||
ws_init_version_info("Text2pcap (Wireshark)", NULL, NULL, NULL);
|
ws_init_version_info("Text2pcap (Wireshark)", NULL, NULL, NULL);
|
||||||
|
|
||||||
/* Scan CLI parameters */
|
/* Scan CLI parameters */
|
||||||
while ((c = ws_getopt_long(argc, argv, "hqab:De:i:l:m:nN:o:u:P:r:s:S:t:T:v4:6:", long_options, NULL)) != -1) {
|
while ((c = ws_getopt_long(argc, argv, "hqab:De:F:i:l:m:nN:o:u:P:r:s:S:t:T:v4:6:", long_options, NULL)) != -1) {
|
||||||
switch (c) {
|
switch (c) {
|
||||||
case 'h':
|
case 'h':
|
||||||
show_help_header("Generate a capture file from an ASCII hexdump of packets.");
|
show_help_header("Generate a capture file from an ASCII hexdump of packets.");
|
||||||
|
@ -338,7 +351,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
|
||||||
case 'D': info->hexdump.has_direction = TRUE; break;
|
case 'D': info->hexdump.has_direction = TRUE; break;
|
||||||
case 'l': pcap_link_type = (guint32)strtol(ws_optarg, NULL, 0); break;
|
case 'l': pcap_link_type = (guint32)strtol(ws_optarg, NULL, 0); break;
|
||||||
case 'm': max_offset = (guint32)strtol(ws_optarg, NULL, 0); break;
|
case 'm': max_offset = (guint32)strtol(ws_optarg, NULL, 0); break;
|
||||||
case 'n': use_pcapng = TRUE; break;
|
case 'n': file_type_subtype = wtap_pcapng_file_type_subtype(); break;
|
||||||
case 'N': interface_name = ws_optarg; break;
|
case 'N': interface_name = ws_optarg; break;
|
||||||
case 'b':
|
case 'b':
|
||||||
{
|
{
|
||||||
|
@ -384,6 +397,15 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'F':
|
||||||
|
file_type_subtype = wtap_name_to_file_type_subtype(ws_optarg);
|
||||||
|
if (file_type_subtype < 0) {
|
||||||
|
cmdarg_err("\"%s\" isn't a valid capture file type", ws_optarg);
|
||||||
|
list_capture_types();
|
||||||
|
return INVALID_OPTION;
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
|
||||||
case 'i':
|
case 'i':
|
||||||
{
|
{
|
||||||
guint8 ip_proto;
|
guint8 ip_proto;
|
||||||
|
@ -632,6 +654,14 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
|
||||||
|
|
||||||
|
|
||||||
case '?':
|
case '?':
|
||||||
|
switch(ws_optopt) {
|
||||||
|
case 'F':
|
||||||
|
list_capture_types();
|
||||||
|
return INVALID_OPTION;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
/* FALLTHROUGH */
|
||||||
|
|
||||||
default:
|
default:
|
||||||
print_usage(stderr);
|
print_usage(stderr);
|
||||||
return INVALID_OPTION;
|
return INVALID_OPTION;
|
||||||
|
@ -746,13 +776,14 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
|
||||||
wtap_encap_type = wtap_pcap_encap_to_wtap_encap(pcap_link_type);
|
wtap_encap_type = wtap_pcap_encap_to_wtap_encap(pcap_link_type);
|
||||||
params->encap = wtap_encap_type;
|
params->encap = wtap_encap_type;
|
||||||
params->snaplen = max_offset;
|
params->snaplen = max_offset;
|
||||||
if (use_pcapng) {
|
if (file_type_subtype == WTAP_FILE_TYPE_SUBTYPE_UNKNOWN) {
|
||||||
params->tsprec = WTAP_TSPREC_NSEC;
|
|
||||||
file_type_subtype = wtap_pcapng_file_type_subtype();
|
|
||||||
} else {
|
|
||||||
params->tsprec = WTAP_TSPREC_USEC;
|
|
||||||
file_type_subtype = wtap_pcap_file_type_subtype();
|
file_type_subtype = wtap_pcap_file_type_subtype();
|
||||||
}
|
}
|
||||||
|
/* Request nanosecond precision. Most file formats only support one time
|
||||||
|
* precision and ignore this parameter (and the related options in the
|
||||||
|
* generated IDB), but it affects pcapng.
|
||||||
|
*/
|
||||||
|
params->tsprec = WTAP_TSPREC_NSEC;
|
||||||
if ((ret = text_import_pre_open(params, file_type_subtype, input_filename, interface_name)) != EXIT_SUCCESS) {
|
if ((ret = text_import_pre_open(params, file_type_subtype, input_filename, interface_name)) != EXIT_SUCCESS) {
|
||||||
g_free(params->idb_inf);
|
g_free(params->idb_inf);
|
||||||
wtap_dump_params_cleanup(params);
|
wtap_dump_params_cleanup(params);
|
||||||
|
@ -829,8 +860,7 @@ parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump
|
||||||
if (!quiet) {
|
if (!quiet) {
|
||||||
fprintf(stderr, "Input from: %s\n", input_filename);
|
fprintf(stderr, "Input from: %s\n", input_filename);
|
||||||
fprintf(stderr, "Output to: %s\n", output_filename);
|
fprintf(stderr, "Output to: %s\n", output_filename);
|
||||||
fprintf(stderr, "Output format: %s\n", use_pcapng ? "pcapng" : "pcap");
|
fprintf(stderr, "Output format: %s\n", wtap_file_type_subtype_name(file_type_subtype));
|
||||||
|
|
||||||
if (hdr_ethernet) fprintf(stderr, "Generate dummy Ethernet header: Protocol: 0x%0X\n",
|
if (hdr_ethernet) fprintf(stderr, "Generate dummy Ethernet header: Protocol: 0x%0X\n",
|
||||||
hdr_ethernet_proto);
|
hdr_ethernet_proto);
|
||||||
if (hdr_ip) fprintf(stderr, "Generate dummy IP header: Protocol: %u\n",
|
if (hdr_ip) fprintf(stderr, "Generate dummy IP header: Protocol: %u\n",
|
||||||
|
|
Loading…
Reference in New Issue