osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity

Add new long options to GUIs to allow arbitrary protocols and heuristics to be disabled via command-line 

Future: Allow multiple protocols to be disabled in one option statement
(perhaps using a comma or colon delmited set of names in <proto_name>)
instead of having to specify --disable-protocol <proto_name> multiple times.

Change-Id: I9b8f960acf75298ebb098d9b667fca49dca52306
Reviewed-on: https://code.wireshark.org/review/9631
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
This commit is contained in:
Jim Young 2015-07-14 00:28:49 -04:00 committed by Michael Mann
parent 9d24a26c9b
commit ad82dfd554
8 changed files with 192 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
capture_opts.h
View File

@ -63,7 +63,10 @@ extern "C" {
* Non-capture long-only options should start here, to avoid collision
* with capture options.
*/
#define MIN_NON_CAPTURE_LONGOPT 129
#define MIN_NON_CAPTURE_LONGOPT 129
#define LONGOPT_DISABLE_PROTOCOL 130
#define LONGOPT_ENABLE_HEURISTIC 131
#define LONGOPT_DISABLE_HEURISTIC 132
/*
* Options for capturing common to all capturing programs.
@ -102,7 +105,10 @@ extern "C" {
{(char *)"list-data-link-types", no_argument, NULL, 'L'}, \
{(char *)"no-promiscuous-mode", no_argument, NULL, 'p'}, \
{(char *)"snapshot-length", required_argument, NULL, 's'}, \
{(char *)"linktype", required_argument, NULL, 'y'},
{(char *)"linktype", required_argument, NULL, 'y'}, \
{(char *)"disable-protocol", required_argument, NULL, LONGOPT_DISABLE_PROTOCOL }, \
{(char *)"enable-heuristic", required_argument, NULL, LONGOPT_ENABLE_HEURISTIC }, \
{(char *)"disable-heuristic", required_argument, NULL, LONGOPT_DISABLE_HEURISTIC },
#define OPTSTRING_CAPTURE_COMMON \
"a:" OPTSTRING_A "b:" OPTSTRING_B "c:Df:i:" OPTSTRING_I "Lps:y:"

7
docbook/wsug_src/WSUG_app_tools.asciidoc
View File

@ -73,6 +73,13 @@ Processing:
Example: tcp.port==8888,http
-H <hosts file> read a list of entries from a hosts file, which will
then be written to a capture file. (Implies -W n)
--disable-protocol <proto_name> disable dissection of proto_name
Repeat option for each protocol
--enable-heuristic <short_name> enable dissection of heuristic protocol
Repeat option for each protocol
--disable-heuristic <short_name> disable dissection of heuristic protocol
Repeat option for each protocol
Output:
-w <outfile|-> write packets to a pcap-format file named "outfile"
(or to the standard output for "-")

6
docbook/wsug_src/WSUG_chapter_customize.asciidoc
View File

@ -78,6 +78,12 @@ Processing:
-R <read filter> packet filter in Wireshark display filter syntax
-n disable all name resolutions (def: all enabled)
-N <name resolve flags> enable specific name resolution(s): "mntC"
--disable-protocol <proto_name> disable dissection of proto_name
Repeat option for each protocol
--enable-heuristic <short_name> enable dissection of heuristic protocol
Repeat option for each protocol
--disable-heuristic <short_name> disable dissection of heuristic protocol
Repeat option for each protocol
User interface:
-C <config profile> start with specified configuration profile

30
epan/disabled_protos.c
View File

@ -355,6 +355,27 @@ skip:
}
}
/*
* Disable a particular protocol by name
*/
void
proto_disable_proto_by_name(const char *name)
{
protocol_t *protocol;
int proto_id;
proto_id = proto_get_id_by_filter_name(name);
if (proto_id >= 0 ) {
protocol = find_protocol_by_id(proto_id);
if (proto_is_protocol_enabled(protocol) == TRUE) {
if (proto_can_toggle_protocol(proto_id) == TRUE) {
proto_set_decoding(proto_id, FALSE);
}
}
}
}
/*
* Write out a list of disabled protocols.
*
@ -792,6 +813,15 @@ save_disabled_heur_dissector_list(char **pref_path_return, int *errno_return)
g_free(ff_path);
}
void
proto_enable_heuristic_by_name(const char *name, gboolean enable)
{
heur_dtbl_entry_t* heur = find_heur_dissector_by_unique_short_name(name);
if (heur != NULL) {
heur->enabled = enable;
}
}
/*
* Editor modelines - http://www.wireshark.org/tools/modelines.html
*

13
epan/disabled_protos.h
View File

@ -61,6 +61,13 @@ set_disabled_protos_list(void);
WS_DLL_PUBLIC void
save_disabled_protos_list(char **pref_path_return, int *errno_return);
/*
* Disable a particular protocol by name
*/
WS_DLL_PUBLIC void
proto_disable_proto_by_name(const char *name);
/*
* Read in a list of disabled protocols.
*
@ -94,6 +101,12 @@ set_disabled_heur_dissector_list(void);
WS_DLL_PUBLIC void
save_disabled_heur_dissector_list(char **pref_path_return, int *errno_return);
/*
* Enable/disable a particular heuristic dissector by name
*/
WS_DLL_PUBLIC void
proto_enable_heuristic_by_name(const char *name, gboolean enable);
#ifdef __cplusplus
}

43
tshark.c
View File

@ -351,6 +351,12 @@ print_usage(FILE *output)
fprintf(output, " Example: tcp.port==8888,http\n");
fprintf(output, " -H <hosts file> read a list of entries from a hosts file, which will\n");
fprintf(output, " then be written to a capture file. (Implies -W n)\n");
fprintf(output, " --disable-protocol <proto_name>\n");
fprintf(output, " disable dissection of proto_name\n");
fprintf(output, " --enable-heuristic <short_name>\n");
fprintf(output, " enable dissection of heuristic protocol\n");
fprintf(output, " --disable-heuristic <short_name>\n");
fprintf(output, " disable dissection of heuristic protocol\n");
/*fprintf(output, "\n");*/
fprintf(output, "Output:\n");
@ -1003,6 +1009,9 @@ DIAG_ON(cast-qual)
char badopt;
int log_flags;
gchar *output_only = NULL;
GSList *disable_protocol_slist = NULL;
GSList *enable_heur_slist = NULL;
GSList *disable_heur_slist = NULL;
/*
* The leading + ensures that getopt_long() does not permute the argv[]
@ -1702,6 +1711,16 @@ DIAG_ON(cast-qual)
return 1;
}
break;
case LONGOPT_DISABLE_PROTOCOL: /* disable dissection of protocol */
disable_protocol_slist = g_slist_append(disable_protocol_slist, optarg);
break;
case LONGOPT_ENABLE_HEURISTIC: /* enable heuristic dissection of protocol */
enable_heur_slist = g_slist_append(enable_heur_slist, optarg);
break;
case LONGOPT_DISABLE_HEURISTIC: /* disable heuristic dissection of protocol */
disable_heur_slist = g_slist_append(disable_heur_slist, optarg);
break;
default:
case '?': /* Bad flag - print usage message */
switch(optopt) {
@ -2032,6 +2051,30 @@ DIAG_ON(cast-qual)
set_disabled_heur_dissector_list();
}
if(disable_protocol_slist) {
GSList *proto_disable;
for (proto_disable = disable_protocol_slist; proto_disable != NULL; proto_disable = g_slist_next(proto_disable))
{
proto_disable_proto_by_name((char*)proto_disable->data);
}
}
if(enable_heur_slist) {
GSList *heur_enable;
for (heur_enable = enable_heur_slist; heur_enable != NULL; heur_enable = g_slist_next(heur_enable))
{
proto_enable_heuristic_by_name((char*)heur_enable->data, TRUE);
}
}
if(disable_heur_slist) {
GSList *heur_disable;
for (heur_disable = disable_heur_slist; heur_disable != NULL; heur_disable = g_slist_next(heur_disable))
{
proto_enable_heuristic_by_name((char*)heur_disable->data, FALSE);
}
}
/* Build the column format array */
build_column_format_array(&cfile.cinfo, prefs_p->num_cols, TRUE);

42
ui/gtk/main.c
View File

@ -1232,6 +1232,12 @@ print_usage(gboolean for_help_option) {
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mntC\"\n");
fprintf(output, " --disable-protocol <proto_name>\n");
fprintf(output, " disable dissection of proto_name\n");
fprintf(output, " --enable-heuristic <short_name>\n");
fprintf(output, " enable dissection of heuristic protocol\n");
fprintf(output, " --disable-heuristic <short_name>\n");
fprintf(output, " disable dissection of heuristic protocol\n");
fprintf(output, "\n");
fprintf(output, "User interface:\n");
@ -2180,6 +2186,9 @@ main(int argc, char *argv[])
#ifdef HAVE_GTKOSXAPPLICATION
GtkosxApplication *theApp;
#endif
GSList *disable_protocol_slist = NULL;
GSList *enable_heur_slist = NULL;
GSList *disable_heur_slist = NULL;
#define OPTSTRING OPTSTRING_CAPTURE_COMMON "C:g:Hh" "jJ:kK:lm:nN:o:P:r:R:St:u:vw:X:Y:z:"
DIAG_OFF(cast-qual)
@ -2807,6 +2816,15 @@ DIAG_ON(cast-qual)
exit(1);
}
break;
case LONGOPT_DISABLE_PROTOCOL: /* disable dissection of protocol */
disable_protocol_slist = g_slist_append(disable_protocol_slist, optarg);
break;
case LONGOPT_ENABLE_HEURISTIC: /* enable heuristic dissection of protocol */
enable_heur_slist = g_slist_append(enable_heur_slist, optarg);
break;
case LONGOPT_DISABLE_HEURISTIC: /* disable heuristic dissection of protocol */
disable_heur_slist = g_slist_append(disable_heur_slist, optarg);
break;
default:
case '?': /* Bad flag - print usage message */
arg_error = TRUE;
@ -3007,6 +3025,30 @@ DIAG_ON(cast-qual)
set_disabled_heur_dissector_list();
}
if(disable_protocol_slist) {
GSList *proto_disable;
for (proto_disable = disable_protocol_slist; proto_disable != NULL; proto_disable = g_slist_next(proto_disable))
{
proto_disable_proto_by_name((char*)proto_disable->data);
}
}
if(enable_heur_slist) {
GSList *heur_enable;
for (heur_enable = enable_heur_slist; heur_enable != NULL; heur_enable = g_slist_next(heur_enable))
{
proto_enable_heuristic_by_name((char*)heur_enable->data, TRUE);
}
}
if(disable_heur_slist) {
GSList *heur_disable;
for (heur_disable = disable_heur_slist; heur_disable != NULL; heur_disable = g_slist_next(heur_disable))
{
proto_enable_heuristic_by_name((char*)heur_disable->data, FALSE);
}
}
build_column_format_array(&cfile.cinfo, prefs_p->num_cols, TRUE);
/* read in rc file from global and personal configuration paths. */

43
wireshark-qt.cpp
View File

@ -216,6 +216,12 @@ print_usage(gboolean for_help_option) {
fprintf(output, " -R <read filter> packet filter in Wireshark display filter syntax\n");
fprintf(output, " -n disable all name resolutions (def: all enabled)\n");
fprintf(output, " -N <name resolve flags> enable specific name resolution(s): \"mntC\"\n");
fprintf(output, " --disable-protocol <proto_name>\n");
fprintf(output, " disable dissection of proto_name\n");
fprintf(output, " --enable-heuristic <short_name>\n");
fprintf(output, " enable dissection of heuristic protocol\n");
fprintf(output, " --disable-heuristic <short_name>\n");
fprintf(output, " disable dissection of heuristic protocol\n");
fprintf(output, "\n");
fprintf(output, "User interface:\n");
@ -467,6 +473,9 @@ int main(int argc, char *argv[])
guint go_to_packet = 0;
QString dfilter, read_filter;
GSList *disable_protocol_slist = NULL;
GSList *enable_heur_slist = NULL;
GSList *disable_heur_slist = NULL;
cmdarg_err_init(wireshark_cmdarg_err, wireshark_cmdarg_err_cont);
@ -1093,6 +1102,16 @@ DIAG_ON(cast-qual)
exit(1);
}
break;
case LONGOPT_DISABLE_PROTOCOL: /* disable dissection of protocol */
disable_protocol_slist = g_slist_append(disable_protocol_slist, optarg);
break;
case LONGOPT_ENABLE_HEURISTIC: /* enable heuristic dissection of protocol */
enable_heur_slist = g_slist_append(enable_heur_slist, optarg);
break;
case LONGOPT_DISABLE_HEURISTIC: /* disable heuristic dissection of protocol */
disable_heur_slist = g_slist_append(disable_heur_slist, optarg);
break;
default:
case '?': /* Bad flag - print usage message */
print_usage(FALSE);
@ -1293,6 +1312,30 @@ DIAG_ON(cast-qual)
set_disabled_heur_dissector_list();
}
if(disable_protocol_slist) {
GSList *proto_disable;
for (proto_disable = disable_protocol_slist; proto_disable != NULL; proto_disable = g_slist_next(proto_disable))
{
proto_disable_proto_by_name((char*)proto_disable->data);
}
}
if(enable_heur_slist) {
GSList *heur_enable;
for (heur_enable = enable_heur_slist; heur_enable != NULL; heur_enable = g_slist_next(heur_enable))
{
proto_enable_heuristic_by_name((char*)heur_enable->data, TRUE);
}
}
if(disable_heur_slist) {
GSList *heur_disable;
for (heur_disable = disable_heur_slist; heur_disable != NULL; heur_disable = g_slist_next(heur_disable))
{
proto_enable_heuristic_by_name((char*)heur_disable->data, FALSE);
}
}
build_column_format_array(&CaptureFile::globalCapFile()->cinfo, prefs_p->num_cols, TRUE);
wsApp->emitAppSignal(WiresharkApplication::ColumnsChanged); // We read "recent" widths above.
wsApp->emitAppSignal(WiresharkApplication::RecentFilesRead); // Must be emitted after PreferencesChanged.