diff --git a/wiretap/lanalyzer.c b/wiretap/lanalyzer.c index b44fadc144..619bf4d117 100644 --- a/wiretap/lanalyzer.c +++ b/wiretap/lanalyzer.c @@ -1,6 +1,6 @@ /* lanalyzer.c * - * $Id: lanalyzer.c,v 1.4 1998/11/23 15:48:38 gram Exp $ + * $Id: lanalyzer.c,v 1.5 1998/12/13 05:08:03 gram Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -21,6 +21,7 @@ * */ #include +#include #include "wtap.h" #include "lanalyzer.h" @@ -33,6 +34,7 @@ int lanalyzer_open(wtap *wth) guint16 board_type, mxslc; guint16 type, length; guint8 cr_day, cr_month, cr_year; + struct tm tm; fseek(wth->fh, 0, SEEK_SET); bytes_read = fread(record_type, 1, 2, wth->fh); @@ -83,7 +85,25 @@ int lanalyzer_open(wtap *wth) cr_day = summary[0]; cr_month = summary[1]; cr_year = pletohs(&summary[2]); + /*g_message("Day %d Month %d Year %d (%04X)", cr_day, cr_month, + cr_year, cr_year);*/ + /* Get capture start time. I learned how to do + * this from Guy's code in ngsniffer.c + */ + /* this strange year offset is not in the + * lanalyzer file format documentation, but it + * works. */ + tm.tm_year = cr_year - (1900 - 1792); + tm.tm_mon = cr_month - 1; + tm.tm_mday = cr_day; + tm.tm_hour = 0; + tm.tm_min = 0; + tm.tm_sec = 0; + tm.tm_isdst = -1; + wth->capture.lanalyzer->start = mktime(&tm); + g_message("Day %d Month %d Year %d", tm.tm_mday, + tm.tm_mon, tm.tm_year); mxslc = pletohs(&summary[30]); wth->snapshot_length = mxslc; @@ -126,7 +146,7 @@ int lanalyzer_read(wtap *wth) gchar descriptor[32]; int data_offset; guint16 time_low, time_med, time_high, true_size; - double t, x; + double t; /* If this is the very first packet, then the fh cursor will already * be at the start of the packet data instead of at the start of the Trace @@ -183,10 +203,10 @@ int lanalyzer_read(wtap *wth) time_med = pletohs(&descriptor[10]); time_high = pletohs(&descriptor[12]); - x = 4.0 * (double)(1<<30); t = (double)time_low+(double)(time_med)*65536.0 + - (double)time_high*x; + (double)time_high*4294967296.0; t = t/1000000.0 * 0.5; /* t = # of secs */ + t += wth->capture.lanalyzer->start; wth->phdr.ts.tv_sec = (long)t; wth->phdr.ts.tv_usec = (unsigned long)((t-(double)(wth->phdr.ts.tv_sec)) diff --git a/wiretap/ngsniffer.c b/wiretap/ngsniffer.c index fdc8ec787c..819dbf976d 100644 --- a/wiretap/ngsniffer.c +++ b/wiretap/ngsniffer.c @@ -1,6 +1,6 @@ /* ngsniffer.c * - * $Id: ngsniffer.c,v 1.7 1998/11/23 04:40:22 gram Exp $ + * $Id: ngsniffer.c,v 1.8 1998/12/13 05:08:04 gram Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -57,6 +57,7 @@ */ #include +#include #include "wtap.h" #include "ngsniffer.h" @@ -92,6 +93,9 @@ int ngsniffer_open(wtap *wth) guint8 network; gchar version[18]; /* to hold the entire version record */ guint8 timeunit; + guint16 start_date; + guint16 start_time; + struct tm tm; /* Read in the string that should be at the start of a Sniffer file */ fseek(wth->fh, 0, SEEK_SET); @@ -162,6 +166,38 @@ int ngsniffer_open(wtap *wth) else { wth->capture.ngsniffer->timeunit = Usec[timeunit]; } + + /* Get capture start time */ + start_time = pletohs(&version[4]); + start_date = pletohs(&version[6]); + tm.tm_year = ((start_date&0xfe00)>>9) + 1980 - 1900; + tm.tm_mon = ((start_date&0x1e0)>>5) - 1; + tm.tm_mday = (start_date&0x1f); + /* The time does not appear to act as an + * offset; only the date + tm.tm_hour = (start_time&0xfc00)>>11; + tm.tm_min = (start_time&0x7e0)>>5; + tm.tm_sec = (start_time&0x1f)<<1;*/ + tm.tm_hour = 0; + tm.tm_min = 0; + tm.tm_sec = 0; + tm.tm_isdst = -1; + wth->capture.ngsniffer->start = mktime(&tm); + /* + * XXX - what if "secs" is -1? Unlikely, + * but if the capture was done in a time + * zone that switches between standard and + * summer time sometime other than when we + * do, and thus the time was one that doesn't + * exist here because a switch from standard + * to summer time zips over it, it could + * happen. + * + * On the other hand, if the capture was done + * in a different time zone, this won't work + * right anyway; unfortunately, the time zone + * isn't stored in the capture file. + */ break; case REC_FRAME2: @@ -186,7 +222,7 @@ int ngsniffer_read(wtap *wth) char record_length[4]; /* only 1st 2 bytes are length */ guint16 type, length; char frame2[14]; - double t, x; + double t; guint16 time_low, time_med, time_high, true_size, size; int data_offset; @@ -246,10 +282,10 @@ int ngsniffer_read(wtap *wth) return -1; } - x = 4.0 * (double)(1<<30); t = (double)time_low+(double)(time_med)*65536.0 + - (double)time_high*x; + (double)time_high*4294967296.0; t = t/1000000.0 * wth->capture.ngsniffer->timeunit; /* t = # of secs */ + t += wth->capture.ngsniffer->start; wth->phdr.ts.tv_sec = (long)t; wth->phdr.ts.tv_usec = (unsigned long)((t-(double)(wth->phdr.ts.tv_sec)) diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 330774afa9..36c20fd0bb 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.6 1998/11/23 04:40:21 gram Exp $ + * $Id: wtap.h,v 1.7 1998/12/13 05:08:05 gram Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez @@ -49,11 +49,13 @@ typedef struct { guint16 pkt_len; double timeunit; + time_t start; } ngsniffer_t; typedef struct { guint16 pkt_len; guint32 totpktt; + time_t start; } lanalyzer_t; typedef struct { @@ -127,20 +129,3 @@ void wtap_close(wtap *wth); (guint32)*((guint8 *)p+0)<<0) -#ifdef 0 -#define DLT_NULL 0 /* no link-layer encapsulation */ -#define DLT_EN10MB 1 /* Ethernet (10Mb) */ -#define DLT_EN3MB 2 /* Experimental Ethernet (3Mb) */ -#define DLT_AX25 3 /* Amateur Radio AX.25 */ -#define DLT_PRONET 4 /* Proteon ProNET Token Ring */ -#define DLT_CHAOS 5 /* Chaos */ -#define DLT_IEEE802 6 /* IEEE 802 Networks */ -#define DLT_ARCNET 7 /* ARCNET */ -#define DLT_SLIP 8 /* Serial Line IP */ -#define DLT_PPP 9 /* Point-to-point Protocol */ -#define DLT_FDDI 10 /* FDDI */ -#define DLT_ATM_RFC1483 11 /* LLC/SNAP encapsulated atm */ -#define DLT_RAW 12 /* raw IP */ -#define DLT_SLIP_BSDOS 13 /* BSD/OS Serial Line IP */ -#define DLT_PPP_BSDOS 14 /* BSD/OS Point-to-point Protocol */ -#endif