Add -I option in editcap to extend Duplicate packet removal

Description:
Ignore the specified bytes number at the beginning of the frame during MD5 hash calculation.
Useful to remove duplicated packets taken on several routers or SW(differents mac addresses for example).
e.g. -I 26 in case of Ether/IP/ will ignore ether(14) and IP header(20 - 4(src ip) - 4(dst ip)).
The default value is 0.
This option is only relevant when used with -d|-D|-w

Bug: 8511
Change-Id: I009a09d32778a182b2d88f372651f658a4938882
Reviewed-on: https://code.wireshark.org/review/4104
Tested-by: Evan Huus <eapache@gmail.com>
Reviewed-by: Evan Huus <eapache@gmail.com>

doc/editcap.pod

@@ -30,6 +30,7 @@ S< B<-d> > |
 S< B<-D> E<lt>dup windowE<gt> > |
 S< B<-w> E<lt>dup time windowE<gt> >
 S<[ B<-v> ]>
+S<[ B<-I> E<lt>bytes to ignoreE<gt> ]>
 I<infile>
 I<outfile>
 
@@ -165,6 +166,13 @@ be created with a suffix -nnnnn, starting with 00000. If packets for the specifi
 time interval are written to the output file, the next output file is
 opened. The default is to use a single output file.
 
+=item -I  E<lt>bytes to ignoreE<gt>
+
+Ignore the specified bytes number at the beginning of the frame during MD5 hash calculation
+Useful to remove duplicated packets taken on several routers(differents mac addresses for example)
+e.g. -I 26 in case of Ether/IP/ will ignore ether(14) and IP header(20 - 4(src ip) - 4(dst ip)).
+The default value is 0.
+
 =item -L
 
 Adjust the original frame length accordingly when chopping and/or snapping

editcap.c

@@ -121,6 +121,8 @@ static fd_hash_t fd_hash[MAX_DUP_DEPTH];
 static int       dup_window    = DEFAULT_DUP_DEPTH;
 static int       cur_dup_entry = 0;
 
+static int       ignored_bytes  = 0;  /* Used with -I */
+
 #define ONE_MILLION    1000000
 #define ONE_BILLION 1000000000
 
@@ -540,13 +542,20 @@ is_duplicate(guint8* fd, guint32 len) {
     int i;
     md5_state_t ms;
 
+    /*Hint to ignore some bytes at the start of the frame for the digest calculation(-I option) */
+    guint32 new_len;
+    guint8 *new_fd;
+
+    new_fd  = &fd[ignored_bytes];
+    new_len = len - (ignored_bytes);
+
     cur_dup_entry++;
     if (cur_dup_entry >= dup_window)
         cur_dup_entry = 0;
 
     /* Calculate our digest */
     md5_init(&ms);
-    md5_append(&ms, fd, len);
+    md5_append(&ms, new_fd, new_len);
     md5_finish(&ms, fd_hash[cur_dup_entry].digest);
 
     fd_hash[cur_dup_entry].len = len;
@@ -570,13 +579,20 @@ is_duplicate_rel_time(guint8* fd, guint32 len, const nstime_t *current) {
     int i;
     md5_state_t ms;
 
+    /*Hint to ignore some bytes at the start of the frame for the digest calculation(-I option) */
+    guint32 new_len;
+    guint8 *new_fd;
+
+    new_fd  = &fd[ignored_bytes];
+    new_len = len - (ignored_bytes);
+
     cur_dup_entry++;
     if (cur_dup_entry >= dup_window)
         cur_dup_entry = 0;
 
     /* Calculate our digest */
     md5_init(&ms);
-    md5_append(&ms, fd, len);
+    md5_append(&ms, new_fd, new_len);
     md5_finish(&ms, fd_hash[cur_dup_entry].digest);
 
     fd_hash[cur_dup_entry].len = len;
@@ -710,6 +726,14 @@ print_usage(FILE *output)
     fprintf(output, "                         A <dup time window> is specified in relative seconds\n");
     fprintf(output, "                         (e.g. 0.000001).\n");
     fprintf(output, "\n");
+    fprintf(output, "  -I <bytes to ignore>   ignore the specified bytes at the beginning of\n");
+    fprintf(output, "                         the frame during MD5 hash calculation\n");
+    fprintf(output, "                         Useful to remove duplicated packets taken on\n");
+    fprintf(output, "                         several routers(differents mac addresses for \n");
+    fprintf(output, "                         example)\n");
+    fprintf(output, "                         e.g. -I 26 in case of Ether/IP/ will ignore \n");
+    fprintf(output, "                         ether(14) and IP header(20 - 4(src ip) - 4(dst ip)).\n");
+    fprintf(output, "\n");
     fprintf(output, "           NOTE: The use of the 'Duplicate packet removal' options with\n");
     fprintf(output, "           other editcap options except -v may not always work as expected.\n");
     fprintf(output, "           Specifically the -r, -t or -S options will very likely NOT have the\n");
@@ -960,7 +984,7 @@ main(int argc, char *argv[])
 #endif
 
     /* Process the options */
-    while ((opt = getopt_long(argc, argv, "A:B:c:C:dD:E:F:hi:Lrs:S:t:T:vVw:", long_options, NULL)) != -1) {
+    while ((opt = getopt_long(argc, argv, "A:B:c:C:dD:E:F:hi:I:Lrs:S:t:T:vVw:", long_options, NULL)) != -1) {
         switch (opt) {
         case 'A':
         {
@@ -1108,6 +1132,14 @@ main(int argc, char *argv[])
             }
             break;
 
+        case 'I': /* ignored_bytes at the beginning of the frame for duplications removal */
+            ignored_bytes = atoi(optarg);
+            if(ignored_bytes <= 0) {
+                fprintf(stderr, "editcap: \"%s\" isn't a valid number of bytes to ignore\n", optarg);
+                exit(1);
+            }
+            break;
+
         case 'L':
             adjlen = TRUE;
             break;