diff --git a/wiretap/configure.in b/wiretap/configure.in index af31653ec6..f3bf9d3f0d 100644 --- a/wiretap/configure.in +++ b/wiretap/configure.in @@ -1,4 +1,4 @@ -# $Id: configure.in,v 1.17 1999/12/03 07:04:54 guy Exp $ +# $Id: configure.in,v 1.18 1999/12/04 05:14:38 guy Exp $ dnl dnl Process this file with autoconf 2.13 or later to produce a dnl configure script; 2.12 doesn't generate a "configure" script that @@ -91,6 +91,9 @@ AC_CHECK_HEADERS(sys/time.h netinet/in.h) AC_CANONICAL_HOST +# We must know our byte order +AC_C_BIGENDIAN + dnl zlib check AC_ARG_ENABLE(zlib, [ --enable-zlib use zlib to read compressed data. [default=yes]],, [dnl diff --git a/wiretap/file.c b/wiretap/file.c index 122e98902c..d82a205b63 100644 --- a/wiretap/file.c +++ b/wiretap/file.c @@ -1,6 +1,6 @@ /* file.c * - * $Id: file.c,v 1.30 1999/12/04 03:36:21 guy Exp $ + * $Id: file.c,v 1.31 1999/12/04 05:14:38 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -211,9 +211,10 @@ const static struct dump_type { guint type; int (*dump_open)(wtap_dumper *, int *); } dump_open_table[] = { - { WTAP_FILE_PCAP, libpcap_dump_open }, - { WTAP_FILE_SNOOP, snoop_dump_open }, - { 0, NULL } + { WTAP_FILE_PCAP, libpcap_dump_open }, + { WTAP_FILE_SNOOP, snoop_dump_open }, + { WTAP_FILE_NETMON_1_x, netmon_dump_open }, + { 0, NULL } }; static wtap_dumper* wtap_dump_open_common(FILE *fh, int filetype, int encap, @@ -258,18 +259,18 @@ FILE* wtap_dump_file(wtap_dumper *wdh) return wdh->fh; } -int wtap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, +gboolean wtap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, const u_char *pd, int *err) { return (wdh->subtype_write)(wdh, phdr, pd, err); } -int wtap_dump_close(wtap_dumper *wdh, int *err) +gboolean wtap_dump_close(wtap_dumper *wdh, int *err) { - int ret = 1; + gboolean ret = TRUE; if (!(wdh->subtype_close)(wdh, err)) - ret = 0; + ret = FALSE; errno = WTAP_ERR_CANT_CLOSE; if (fclose(wdh->fh) == EOF) { if (ret) { @@ -279,8 +280,10 @@ int wtap_dump_close(wtap_dumper *wdh, int *err) if (err != NULL) *err = errno; } - ret = 0; + ret = FALSE; } + if (wdh->private.opaque != NULL) + g_free(wdh->private.opaque); g_free(wdh); return ret; } diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index dcb46b6650..550b43ddc1 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -1,6 +1,6 @@ /* libpcap.c * - * $Id: libpcap.c,v 1.23 1999/11/06 10:31:47 guy Exp $ + * $Id: libpcap.c,v 1.24 1999/12/04 05:14:38 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -98,9 +98,9 @@ struct pcaprec_modified_hdr { static int libpcap_read(wtap *wth, int *err); static void adjust_header(wtap *wth, struct pcaprec_hdr *hdr); -static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, +static gboolean libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, const u_char *pd, int *err); -static int libpcap_dump_close(wtap_dumper *wdh, int *err); +static gboolean libpcap_dump_close(wtap_dumper *wdh, int *err); /* * XXX - this is a bit of a mess. OpenBSD, and perhaps NetBSD, and @@ -460,9 +460,9 @@ int wtap_pcap_encap_to_wtap_encap(int encap) return pcap_encap[encap]; } -/* Returns 1 on success, 0 on failure; sets "*err" to an error code on +/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on failure */ -int libpcap_dump_open(wtap_dumper *wdh, int *err) +gboolean libpcap_dump_open(wtap_dumper *wdh, int *err) { static const guint32 pcap_magic = PCAP_MAGIC; struct pcap_hdr file_hdr; @@ -488,13 +488,13 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err) /* Per-packet encapsulations aren't supported. */ if (wdh->encap == WTAP_ENCAP_PER_PACKET) { *err = WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED; - return 0; + return FALSE; } if (wdh->encap < 0 || wdh->encap >= NUM_WTAP_ENCAPS || wtap_encap[wdh->encap] == -1) { *err = WTAP_ERR_UNSUPPORTED_ENCAP; - return 0; + return FALSE; } /* This is a libpcap file */ @@ -508,7 +508,7 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err) *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } /* current "libpcap" format is 2.4 */ @@ -524,15 +524,15 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err) *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } - return 1; + return TRUE; } /* Write a record for a packet to a dump file. - Returns 1 on success, 0 on failure. */ -static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, + Returns TRUE on success, FALSE on failure. */ +static gboolean libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, const u_char *pd, int *err) { struct pcaprec_hdr rec_hdr; @@ -548,7 +548,7 @@ static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh); if (nwritten != phdr->caplen) { @@ -556,15 +556,15 @@ static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } - return 1; + return TRUE; } /* Finish writing to a dump file. - Returns 1 on success, 0 on failure. */ -static int libpcap_dump_close(wtap_dumper *wdh, int *err) + Returns TRUE on success, FALSE on failure. */ +static gboolean libpcap_dump_close(wtap_dumper *wdh, int *err) { /* Nothing to do here. */ - return 1; + return TRUE; } diff --git a/wiretap/libpcap.h b/wiretap/libpcap.h index 740f6a7a05..cf0ead2a27 100644 --- a/wiretap/libpcap.h +++ b/wiretap/libpcap.h @@ -1,6 +1,6 @@ /* libpcap.h * - * $Id: libpcap.h,v 1.3 1999/08/19 05:31:37 guy Exp $ + * $Id: libpcap.h,v 1.4 1999/12/04 05:14:39 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -22,4 +22,4 @@ */ int libpcap_open(wtap *wth, int *err); -int libpcap_dump_open(wtap_dumper *wdh, int *err); +gboolean libpcap_dump_open(wtap_dumper *wdh, int *err); diff --git a/wiretap/netmon.c b/wiretap/netmon.c index 56a9c27f34..7f7f8bbb59 100644 --- a/wiretap/netmon.c +++ b/wiretap/netmon.c @@ -1,6 +1,6 @@ /* netmon.c * - * $Id: netmon.c,v 1.17 1999/11/26 22:50:51 guy Exp $ + * $Id: netmon.c,v 1.18 1999/12/04 05:14:38 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -94,6 +94,9 @@ struct netmonrec_2_x_hdr { }; static int netmon_read(wtap *wth, int *err); +static gboolean netmon_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, + const u_char *pd, int *err); +static gboolean netmon_dump_close(wtap_dumper *wdh, int *err); int netmon_open(wtap *wth, int *err) { @@ -365,3 +368,236 @@ static int netmon_read(wtap *wth, int *err) return data_offset; } + +static const int wtap_encap[] = { + -1, /* WTAP_ENCAP_UNKNOWN -> unsupported */ + 1, /* WTAP_ENCAP_ETHERNET -> NDIS Ethernet */ + 2, /* WTAP_ENCAP_TR -> NDIS Token Ring */ + -1, /* WTAP_ENCAP_SLIP -> unsupported */ + -1, /* WTAP_ENCAP_PPP -> unsupported */ + 3, /* WTAP_ENCAP_FDDI -> NDIS FDDI */ + 3, /* WTAP_ENCAP_FDDI_BITSWAPPED -> NDIS FDDI */ + -1, /* WTAP_ENCAP_RAW_IP -> unsupported */ + -1, /* WTAP_ENCAP_ARCNET -> unsupported */ + -1, /* WTAP_ENCAP_ATM_RFC1483 -> unsupported */ + -1, /* WTAP_ENCAP_LINUX_ATM_CLIP -> unsupported */ + -1, /* WTAP_ENCAP_LAPB -> unsupported*/ + -1, /* WTAP_ENCAP_ATM_SNIFFER -> unsupported */ + 0 /* WTAP_ENCAP_NULL -> DLT_NULL */ +}; +#define NUM_WTAP_ENCAPS (sizeof wtap_encap / sizeof wtap_encap[0]) + +/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on + failure */ +gboolean netmon_dump_open(wtap_dumper *wdh, int *err) +{ + /* Per-packet encapsulations aren't supported. */ + if (wdh->encap == WTAP_ENCAP_PER_PACKET) { + *err = WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED; + return FALSE; + } + + if (wdh->encap < 0 || wdh->encap >= NUM_WTAP_ENCAPS + || wtap_encap[wdh->encap] == -1) { + *err = WTAP_ERR_UNSUPPORTED_ENCAP; + return FALSE; + } + + /* This is a netmon file */ + wdh->subtype_write = netmon_dump; + wdh->subtype_close = netmon_dump_close; + + /* We can't fill in all the fields in the file header, as we + haven't yet written any packets. As we'll have to rewrite + the header when we've written out all the packets, we just + skip over the header for now. */ + fseek(wdh->fh, CAPTUREFILE_HEADER_SIZE, SEEK_SET); + + wdh->private.netmon = g_malloc(sizeof(netmon_dump_t)); + wdh->private.netmon->frame_table_offset = CAPTUREFILE_HEADER_SIZE; + wdh->private.netmon->got_first_record_time = FALSE; + wdh->private.netmon->frame_table = NULL; + wdh->private.netmon->frame_table_index = 0; + wdh->private.netmon->frame_table_size = 0; + + return TRUE; +} + +/* Write a record for a packet to a dump file. + Returns TRUE on success, FALSE on failure. */ +static gboolean netmon_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, + const u_char *pd, int *err) +{ + netmon_dump_t *priv = wdh->private.netmon; + struct netmonrec_1_x_hdr rec_1_x_hdr; + struct netmonrec_2_x_hdr rec_2_x_hdr; + char *hdrp; + int hdr_size; + int nwritten; + + /* NetMon files have a capture start time in the file header, + and have times relative to that in the packet headers; + pick the time of the first packet as the capture start + time. */ + if (!priv->got_first_record_time) { + priv->first_record_time = phdr->ts; + priv->got_first_record_time = TRUE; + } + + switch (wdh->file_type) { + + case WTAP_FILE_NETMON_1_x: + rec_1_x_hdr.ts_delta = htolel( + (phdr->ts.tv_sec - priv->first_record_time.tv_sec)*1000 + + (phdr->ts.tv_usec - priv->first_record_time.tv_usec + 500)/1000); + rec_1_x_hdr.orig_len = htoles(phdr->len); + rec_1_x_hdr.incl_len = htoles(phdr->caplen); + hdrp = (char *)&rec_1_x_hdr; + hdr_size = sizeof rec_1_x_hdr; + break; + + case WTAP_FILE_NETMON_2_x: + /* XXX - fill in 64-bit time diff in microseconds */ + rec_2_x_hdr.orig_len = htolel(phdr->len); + rec_2_x_hdr.incl_len = htolel(phdr->caplen); + hdrp = (char *)&rec_2_x_hdr; + hdr_size = sizeof rec_2_x_hdr; + break; + + default: + /* We should never get here - our open routine + should only get called for the types above. */ + *err = WTAP_ERR_UNSUPPORTED_FILE_TYPE; + return FALSE; + } + + nwritten = fwrite(hdrp, 1, hdr_size, wdh->fh); + if (nwritten != hdr_size) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh); + if (nwritten != phdr->caplen) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + + /* + * Stash the file offset of this frame. + */ + if (priv->frame_table_size == 0) { + /* + * Haven't yet allocated the buffer for the frame table. + */ + priv->frame_table = g_malloc(1024 * sizeof *priv->frame_table); + priv->frame_table_size = 1024; + } else { + /* + * We've allocated it; are we at the end? + */ + if (priv->frame_table_index >= priv->frame_table_size) { + /* + * Yes - double the size of the frame table. + */ + priv->frame_table_size *= 2; + priv->frame_table = g_realloc(priv->frame_table, + priv->frame_table_size * sizeof *priv->frame_table); + } + } + priv->frame_table[priv->frame_table_index] = + htolel(priv->frame_table_offset); + priv->frame_table_index++; + priv->frame_table_offset += hdr_size + phdr->caplen; + + return TRUE; +} + +/* Finish writing to a dump file. + Returns TRUE on success, FALSE on failure. */ +static gboolean netmon_dump_close(wtap_dumper *wdh, int *err) +{ + netmon_dump_t *priv = wdh->private.netmon; + int n_to_write; + int nwritten; + struct netmon_hdr file_hdr; + const char *magicp; + int magic_size; + struct tm *tm; + + /* Write out the frame table. "priv->frame_table_index" is + the number of entries we've put into it. */ + n_to_write = priv->frame_table_index * sizeof *priv->frame_table; + nwritten = fwrite(priv->frame_table, 1, n_to_write, wdh->fh); + if (nwritten != n_to_write) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + + /* Now go fix up the file header. */ + fseek(wdh->fh, 0, SEEK_SET); + memset(&file_hdr, '\0', sizeof file_hdr); + switch (wdh->file_type) { + + case WTAP_FILE_NETMON_1_x: + magicp = netmon_1_x_magic; + magic_size = sizeof netmon_1_x_magic; + /* current NetMon version, for 1.x, is 1.1 */ + file_hdr.ver_minor = 1; + file_hdr.ver_major = 1; + break; + + case WTAP_FILE_NETMON_2_x: + magicp = netmon_2_x_magic; + magic_size = sizeof netmon_2_x_magic; + /* XXX - fill in V2 stuff. */ + break; + + default: + /* We should never get here - our open routine + should only get called for the types above. */ + *err = WTAP_ERR_UNSUPPORTED_FILE_TYPE; + return FALSE; + } + nwritten = fwrite(magicp, 1, magic_size, wdh->fh); + if (nwritten != magic_size) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + + file_hdr.network = htoles(wtap_encap[wdh->encap]); + tm = localtime(&priv->first_record_time.tv_sec); + file_hdr.ts_year = htoles(1900 + tm->tm_year); + file_hdr.ts_month = htoles(tm->tm_mon + 1); + file_hdr.ts_dow = htoles(tm->tm_wday); + file_hdr.ts_day = htoles(tm->tm_mday); + file_hdr.ts_hour = htoles(tm->tm_hour); + file_hdr.ts_min = htoles(tm->tm_min); + file_hdr.ts_sec = htoles(tm->tm_sec); + file_hdr.ts_msec = htoles(priv->first_record_time.tv_usec/1000); + /* XXX - what about rounding? */ + file_hdr.frametableoffset = htolel(priv->frame_table_offset); + file_hdr.frametablelength = + htolel(priv->frame_table_index * sizeof *priv->frame_table); + nwritten = fwrite(&file_hdr, 1, sizeof file_hdr, wdh->fh); + if (nwritten != sizeof file_hdr) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + + return TRUE; +} diff --git a/wiretap/netmon.h b/wiretap/netmon.h index a186261793..468d6775ad 100644 --- a/wiretap/netmon.h +++ b/wiretap/netmon.h @@ -1,6 +1,6 @@ /* netmon.h * - * $Id: netmon.h,v 1.2 1999/08/19 05:31:36 guy Exp $ + * $Id: netmon.h,v 1.3 1999/12/04 05:14:39 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -22,3 +22,4 @@ */ int netmon_open(wtap *wth, int *err); +gboolean netmon_dump_open(wtap_dumper *wdh, int *err); diff --git a/wiretap/snoop.c b/wiretap/snoop.c index d9efcb8b5b..0a36c3a8a3 100644 --- a/wiretap/snoop.c +++ b/wiretap/snoop.c @@ -1,6 +1,6 @@ /* snoop.c * - * $Id: snoop.c,v 1.18 1999/12/04 03:36:21 guy Exp $ + * $Id: snoop.c,v 1.19 1999/12/04 05:14:39 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -56,9 +56,9 @@ struct snooprec_hdr { }; static int snoop_read(wtap *wth, int *err); -static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, +static gboolean snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, const u_char *pd, int *err); -static int snoop_dump_close(wtap_dumper *wdh, int *err); +static gboolean snoop_dump_close(wtap_dumper *wdh, int *err); /* * See @@ -350,9 +350,9 @@ static int snoop_read(wtap *wth, int *err) return data_offset; } -/* Returns 1 on success, 0 on failure; sets "*err" to an error code on +/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on failure */ -int snoop_dump_open(wtap_dumper *wdh, int *err) +gboolean snoop_dump_open(wtap_dumper *wdh, int *err) { struct snoop_hdr file_hdr; static const int wtap_encap[] = { @@ -377,13 +377,13 @@ int snoop_dump_open(wtap_dumper *wdh, int *err) /* Per-packet encapsulations aren't supported. */ if (wdh->encap == WTAP_ENCAP_PER_PACKET) { *err = WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED; - return 0; + return FALSE; } if (wdh->encap < 0 || wdh->encap >= NUM_WTAP_ENCAPS || wtap_encap[wdh->encap] == -1) { *err = WTAP_ERR_UNSUPPORTED_ENCAP; - return 0; + return FALSE; } /* This is a snoop file */ @@ -397,7 +397,7 @@ int snoop_dump_open(wtap_dumper *wdh, int *err) *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } /* current "snoop" format is 2 */ @@ -409,15 +409,15 @@ int snoop_dump_open(wtap_dumper *wdh, int *err) *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } - return 1; + return TRUE; } /* Write a record for a packet to a dump file. - Returns 1 on success, 0 on failure. */ -static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, + Returns TRUE on success, FALSE on failure. */ +static gboolean snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, const u_char *pd, int *err) { struct snooprec_hdr rec_hdr; @@ -445,7 +445,7 @@ static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh); if (nwritten != phdr->caplen) { @@ -453,7 +453,7 @@ static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } /* Now write the padding. */ @@ -463,15 +463,15 @@ static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, *err = errno; else *err = WTAP_ERR_SHORT_WRITE; - return 0; + return FALSE; } - return 1; + return TRUE; } /* Finish writing to a dump file. - Returns 1 on success, 0 on failure. */ -static int snoop_dump_close(wtap_dumper *wdh, int *err) + Returns TRUE on success, FALSE on failure. */ +static gboolean snoop_dump_close(wtap_dumper *wdh, int *err) { /* Nothing to do here. */ - return 1; + return TRUE; } diff --git a/wiretap/snoop.h b/wiretap/snoop.h index 26811987f9..a740d1b62c 100644 --- a/wiretap/snoop.h +++ b/wiretap/snoop.h @@ -1,6 +1,6 @@ /* snoop.h * - * $Id: snoop.h,v 1.3 1999/12/04 03:36:22 guy Exp $ + * $Id: snoop.h,v 1.4 1999/12/04 05:14:39 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -22,4 +22,4 @@ */ int snoop_open(wtap *wth, int *err); -int snoop_dump_open(wtap_dumper *wdh, int *err); +gboolean snoop_dump_open(wtap_dumper *wdh, int *err);