forked from osmocom/wireshark
tshark, export_pdu: Allow tshark to export PDUs to other file types
The export PDU API now allows writing to a different file type. tshark already has a -F flag for the output file type. If that option is given, respect it for export PDU. Also, rec.rec_header.packet_header.pkt_encap expects WTAP encapsulation types, not PCAP encapsulation types, so don't call wtap_wtap_encap_to_pcap_encap(), or else it won't actually write to pcap files, only pcapng (using the wrong sort of encap numbers eventually leads to WTAP_ENCAP_PER_PACKET, which we don't write to non-pcapng.)
This commit is contained in:
parent
9bd144b8ea
commit
ea60a57826
10
tshark.c
10
tshark.c
|
@ -759,7 +759,6 @@ main(int argc, char *argv[])
|
|||
gchar *output_only = NULL;
|
||||
gchar *volatile pdu_export_arg = NULL;
|
||||
char *volatile exp_pdu_filename = NULL;
|
||||
int exp_pdu_file_type_subtype;
|
||||
exp_pdu_t exp_pdu_tap_data;
|
||||
const gchar* elastic_mapping_filter = NULL;
|
||||
|
||||
|
@ -2066,18 +2065,17 @@ main(int argc, char *argv[])
|
|||
}
|
||||
|
||||
/* Activate the export PDU tap */
|
||||
/* Write a pcapng file... */
|
||||
exp_pdu_file_type_subtype = wtap_pcapng_file_type_subtype();
|
||||
/* ...with this comment */
|
||||
/* Write to our output file with this comment (if the type supports it,
|
||||
* otherwise exp_pdu_open() will ignore the comment) */
|
||||
comment = g_strdup_printf("Dump of PDUs from %s", cf_name);
|
||||
exp_pdu_status = exp_pdu_open(&exp_pdu_tap_data,
|
||||
exp_pdu_file_type_subtype, exp_fd, comment,
|
||||
out_file_type, exp_fd, comment,
|
||||
&err, &err_info);
|
||||
g_free(comment);
|
||||
if (!exp_pdu_status) {
|
||||
cfile_dump_open_failure_message("TShark", exp_pdu_filename,
|
||||
err, err_info,
|
||||
exp_pdu_file_type_subtype);
|
||||
out_file_type);
|
||||
exit_status = INVALID_EXPORT;
|
||||
goto clean_exit;
|
||||
}
|
||||
|
|
|
@ -148,7 +148,7 @@ exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int file_type_subtype, int fd,
|
|||
/* create the fake interface data */
|
||||
int_data = wtap_block_create(WTAP_BLOCK_IF_ID_AND_INFO);
|
||||
int_data_mand = (wtapng_if_descr_mandatory_t*)wtap_block_get_mandatory_data(int_data);
|
||||
int_data_mand->wtap_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
|
||||
int_data_mand->wtap_encap = exp_pdu_tap_data->pkt_encap;
|
||||
int_data_mand->time_units_per_second = 1000000000; /* default nanosecond resolution */
|
||||
int_data_mand->snap_len = WTAP_MAX_PACKET_SIZE_STANDARD;
|
||||
|
||||
|
@ -161,7 +161,7 @@ exp_pdu_open(exp_pdu_t *exp_pdu_tap_data, int file_type_subtype, int fd,
|
|||
}
|
||||
|
||||
const wtap_dump_params params = {
|
||||
.encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU,
|
||||
.encap = exp_pdu_tap_data->pkt_encap,
|
||||
.snaplen = WTAP_MAX_PACKET_SIZE_STANDARD,
|
||||
.shb_hdrs = exp_pdu_tap_data->shb_hdrs,
|
||||
.idb_inf = exp_pdu_tap_data->idb_inf,
|
||||
|
@ -200,7 +200,7 @@ exp_pdu_pre_open(const char *tap_name, const char *filter, exp_pdu_t *exp_pdu_ta
|
|||
GString *error_string;
|
||||
|
||||
/* XXX: can we always assume WTAP_ENCAP_WIRESHARK_UPPER_PDU? */
|
||||
exp_pdu_tap_data->pkt_encap = wtap_wtap_encap_to_pcap_encap(WTAP_ENCAP_WIRESHARK_UPPER_PDU);
|
||||
exp_pdu_tap_data->pkt_encap = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
|
||||
|
||||
/* Register this tap listener now */
|
||||
error_string = register_tap_listener(tap_name, /* The name of the tap we want to listen to */
|
||||
|
|
Loading…
Reference in New Issue