1998-09-16 02:39:15 +00:00
|
|
|
/* file.c
|
|
|
|
|
* File I/O routines
|
|
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
1998-09-16 02:39:15 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
2002-08-28 21:04:11 +00:00
|
|
|
*
|
2018-02-07 11:26:45 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
1998-09-16 02:39:15 +00:00
|
|
|
*/
|
|
|
|
|
|
2014-08-22 21:13:05 +00:00
|
|
|
#include <config.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1999-08-22 07:19:28 +00:00
|
|
|
#include <time.h>
|
|
|
|
|
|
1999-07-28 20:39:42 +00:00
|
|
|
#include <stdlib.h>
|
2000-02-03 06:35:27 +00:00
|
|
|
#include <stdio.h>
|
1998-09-27 22:12:47 +00:00
|
|
|
#include <string.h>
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
#include <ctype.h>
|
1998-09-16 02:39:15 +00:00
|
|
|
#include <errno.h>
|
|
|
|
|
|
2013-07-16 02:35:33 +00:00
|
|
|
#include <wsutil/tempfile.h>
|
|
|
|
|
#include <wsutil/file_util.h>
|
2013-11-17 02:55:14 +00:00
|
|
|
#include <wsutil/filesystem.h>
|
2017-09-26 14:04:56 +00:00
|
|
|
#include <version_info.h>
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2013-07-16 02:35:33 +00:00
|
|
|
#include <wiretap/merge.h>
|
|
|
|
|
|
2013-11-10 15:59:37 +00:00
|
|
|
#include <epan/exceptions.h>
|
2013-07-16 02:35:33 +00:00
|
|
|
#include <epan/epan.h>
|
2004-09-29 02:54:22 +00:00
|
|
|
#include <epan/column.h>
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/packet.h>
|
2009-07-01 17:39:19 +00:00
|
|
|
#include <epan/column-utils.h>
|
2013-07-16 02:35:33 +00:00
|
|
|
#include <epan/expert.h>
|
2004-09-27 22:55:15 +00:00
|
|
|
#include <epan/prefs.h>
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/dfilter/dfilter.h>
|
|
|
|
|
#include <epan/epan_dissect.h>
|
2004-09-29 00:06:36 +00:00
|
|
|
#include <epan/tap.h>
|
2007-01-13 12:59:27 +00:00
|
|
|
#include <epan/dissectors/packet-ber.h>
|
2005-08-25 21:29:54 +00:00
|
|
|
#include <epan/timestamp.h>
|
2007-07-30 23:32:47 +00:00
|
|
|
#include <epan/dfilter/dfilter-macro.h>
|
2008-03-01 05:16:45 +00:00
|
|
|
#include <epan/strutil.h>
|
2011-03-24 22:47:57 +00:00
|
|
|
#include <epan/addr_resolv.h>
|
2015-12-22 20:07:00 +00:00
|
|
|
#include <epan/color_filters.h>
|
2004-06-30 06:58:59 +00:00
|
|
|
|
2013-07-16 02:35:33 +00:00
|
|
|
#include "cfile.h"
|
|
|
|
|
#include "file.h"
|
|
|
|
|
#include "fileset.h"
|
|
|
|
|
#include "frame_tvbuff.h"
|
|
|
|
|
|
2012-01-16 01:07:52 +00:00
|
|
|
#include "ui/alert_box.h"
|
|
|
|
|
#include "ui/simple_dialog.h"
|
|
|
|
|
#include "ui/main_statusbar.h"
|
|
|
|
|
#include "ui/progress_dlg.h"
|
2017-10-14 20:14:14 +00:00
|
|
|
#include "ui/ws_ui_util.h"
|
2012-01-16 01:07:52 +00:00
|
|
|
|
2013-04-13 18:24:06 +00:00
|
|
|
/* Needed for addrinfo */
|
2018-05-16 19:51:45 +00:00
|
|
|
#include <sys/types.h>
|
2013-04-13 18:24:06 +00:00
|
|
|
|
|
|
|
|
#ifdef HAVE_SYS_SOCKET_H
|
|
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#ifdef HAVE_NETINET_IN_H
|
|
|
|
|
# include <netinet/in.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2015-11-19 11:24:44 +00:00
|
|
|
#ifdef _WIN32
|
2017-10-26 00:42:15 +00:00
|
|
|
# include <winsock2.h>
|
2013-04-13 18:24:06 +00:00
|
|
|
# include <ws2tcpip.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
static gboolean read_record(capture_file *cf, dfilter_t *dfcode,
|
|
|
|
|
epan_dissect_t *edt, column_info *cinfo, gint64 offset);
|
1998-11-15 05:29:17 +00:00
|
|
|
|
2012-10-20 12:51:05 +00:00
|
|
|
static void rescan_packets(capture_file *cf, const char *action, const char *action_item, gboolean redissect);
|
2000-07-09 03:29:42 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
typedef enum {
|
|
|
|
|
MR_NOTMATCHED,
|
|
|
|
|
MR_MATCHED,
|
|
|
|
|
MR_ERROR
|
|
|
|
|
} match_result;
|
|
|
|
|
static match_result match_protocol_tree(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
2003-12-04 10:59:34 +00:00
|
|
|
static void match_subtree_text(proto_node *node, gpointer data);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result match_summary_line(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
2012-12-15 01:04:39 +00:00
|
|
|
static match_result match_narrow_and_wide(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
2012-12-15 01:04:39 +00:00
|
|
|
static match_result match_narrow(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
2012-12-15 01:04:39 +00:00
|
|
|
static match_result match_wide(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result match_binary(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
2016-02-16 21:34:12 +00:00
|
|
|
static match_result match_regex(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result match_dfilter(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result match_marked(capture_file *cf, frame_data *fdata,
|
|
|
|
|
void *criterion);
|
|
|
|
|
static match_result match_time_reference(capture_file *cf, frame_data *fdata,
|
2009-09-21 15:50:15 +00:00
|
|
|
void *criterion);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static gboolean find_packet(capture_file *cf,
|
|
|
|
|
match_result (*match_function)(capture_file *, frame_data *, void *),
|
|
|
|
|
void *criterion, search_direction dir);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
2012-06-17 22:32:03 +00:00
|
|
|
static void cf_rename_failure_alert_box(const char *filename, int err);
|
2009-07-28 16:20:05 +00:00
|
|
|
static void ref_time_packets(capture_file *cf);
|
2016-07-15 18:09:01 +00:00
|
|
|
|
|
|
|
|
/* Seconds spent processing packets between pushing UI updates. */
|
|
|
|
|
#define PROGBAR_UPDATE_INTERVAL 0.150
|
|
|
|
|
|
|
|
|
|
/* Show the progress bar after this many seconds. */
|
|
|
|
|
#define PROGBAR_SHOW_DELAY 0.5
|
1999-08-05 16:46:04 +00:00
|
|
|
|
2011-03-22 21:07:00 +00:00
|
|
|
/*
|
|
|
|
|
* We could probably use g_signal_...() instead of the callbacks below but that
|
|
|
|
|
* would require linking our CLI programs to libgobject and creating an object
|
|
|
|
|
* instance for the signals.
|
|
|
|
|
*/
|
2008-04-12 15:16:52 +00:00
|
|
|
typedef struct {
|
2010-04-28 16:37:25 +00:00
|
|
|
cf_callback_t cb_fct;
|
2012-08-12 22:21:02 +00:00
|
|
|
gpointer user_data;
|
2008-04-12 15:16:52 +00:00
|
|
|
} cf_callback_data_t;
|
|
|
|
|
|
2008-06-24 08:05:45 +00:00
|
|
|
static GList *cf_callbacks = NULL;
|
2005-02-07 00:54:46 +00:00
|
|
|
|
2008-06-24 08:05:45 +00:00
|
|
|
static void
|
2005-02-07 00:54:46 +00:00
|
|
|
cf_callback_invoke(int event, gpointer data)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
cf_callback_data_t *cb;
|
2012-08-12 22:21:02 +00:00
|
|
|
GList *cb_item = cf_callbacks;
|
2008-04-12 15:16:52 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
/* there should be at least one interested */
|
|
|
|
|
g_assert(cb_item != NULL);
|
2008-04-12 15:16:52 +00:00
|
|
|
|
2012-08-12 22:21:02 +00:00
|
|
|
while (cb_item != NULL) {
|
2013-03-06 17:35:11 +00:00
|
|
|
cb = (cf_callback_data_t *)cb_item->data;
|
2010-04-28 16:37:25 +00:00
|
|
|
cb->cb_fct(event, data, cb->user_data);
|
|
|
|
|
cb_item = g_list_next(cb_item);
|
|
|
|
|
}
|
2005-02-07 00:54:46 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
cf_callback_add(cf_callback_t func, gpointer user_data)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
cf_callback_data_t *cb;
|
2008-04-12 15:16:52 +00:00
|
|
|
|
2013-03-06 17:35:11 +00:00
|
|
|
cb = g_new(cf_callback_data_t,1);
|
2010-04-28 16:37:25 +00:00
|
|
|
cb->cb_fct = func;
|
|
|
|
|
cb->user_data = user_data;
|
2008-04-12 15:16:52 +00:00
|
|
|
|
2013-10-09 20:12:08 +00:00
|
|
|
cf_callbacks = g_list_prepend(cf_callbacks, cb);
|
2005-02-07 00:54:46 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2014-09-09 20:42:58 +00:00
|
|
|
cf_callback_remove(cf_callback_t func, gpointer user_data)
|
2005-02-07 00:54:46 +00:00
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
cf_callback_data_t *cb;
|
2012-08-12 22:21:02 +00:00
|
|
|
GList *cb_item = cf_callbacks;
|
2010-04-28 16:37:25 +00:00
|
|
|
|
2012-08-12 22:21:02 +00:00
|
|
|
while (cb_item != NULL) {
|
2013-03-06 17:35:11 +00:00
|
|
|
cb = (cf_callback_data_t *)cb_item->data;
|
2014-09-09 20:42:58 +00:00
|
|
|
if (cb->cb_fct == func && cb->user_data == user_data) {
|
2010-04-28 16:37:25 +00:00
|
|
|
cf_callbacks = g_list_remove(cf_callbacks, cb);
|
|
|
|
|
g_free(cb);
|
|
|
|
|
return;
|
2008-04-12 15:16:52 +00:00
|
|
|
}
|
2010-04-28 16:37:25 +00:00
|
|
|
cb_item = g_list_next(cb_item);
|
|
|
|
|
}
|
2008-04-12 15:16:52 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
g_assert_not_reached();
|
2005-02-07 00:54:46 +00:00
|
|
|
}
|
|
|
|
|
|
2005-08-25 21:29:54 +00:00
|
|
|
void
|
|
|
|
|
cf_timestamp_auto_precision(capture_file *cf)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
int i;
|
2009-09-21 15:50:15 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
/* don't try to get the file's precision if none is opened */
|
2012-08-12 22:21:02 +00:00
|
|
|
if (cf->state == FILE_CLOSED) {
|
2010-04-28 16:37:25 +00:00
|
|
|
return;
|
|
|
|
|
}
|
2009-09-21 15:50:15 +00:00
|
|
|
|
2009-09-07 10:03:55 +00:00
|
|
|
/* Set the column widths of those columns that show the time in
|
|
|
|
|
"command-line-specified" format. */
|
|
|
|
|
for (i = 0; i < cf->cinfo.num_cols; i++) {
|
|
|
|
|
if (col_has_time_fmt(&cf->cinfo, i)) {
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_resize_column(i);
|
2009-09-21 15:50:15 +00:00
|
|
|
}
|
2009-09-07 10:03:55 +00:00
|
|
|
}
|
2005-08-25 21:29:54 +00:00
|
|
|
}
|
|
|
|
|
|
2009-09-07 21:07:51 +00:00
|
|
|
gulong
|
2013-08-14 04:14:36 +00:00
|
|
|
cf_get_computed_elapsed(capture_file *cf)
|
2009-09-07 21:07:51 +00:00
|
|
|
{
|
2013-08-14 04:14:36 +00:00
|
|
|
return cf->computed_elapsed;
|
2009-09-07 21:07:51 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-08 18:11:30 +00:00
|
|
|
/*
|
|
|
|
|
* GLIB_CHECK_VERSION(2,28,0) adds g_get_real_time which could minimize or
|
|
|
|
|
* replace this
|
|
|
|
|
*/
|
2013-08-14 04:14:36 +00:00
|
|
|
static void compute_elapsed(capture_file *cf, GTimeVal *start_time)
|
2009-09-07 21:07:51 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
gdouble delta_time;
|
|
|
|
|
GTimeVal time_now;
|
2009-09-07 21:07:51 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
g_get_current_time(&time_now);
|
2009-09-07 21:07:51 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
delta_time = (time_now.tv_sec - start_time->tv_sec) * 1e6 +
|
2009-09-07 21:07:51 +00:00
|
|
|
time_now.tv_usec - start_time->tv_usec;
|
|
|
|
|
|
2013-08-14 04:14:36 +00:00
|
|
|
cf->computed_elapsed = (gulong) (delta_time / 1000); /* ms */
|
2009-09-07 21:07:51 +00:00
|
|
|
}
|
2005-02-07 00:54:46 +00:00
|
|
|
|
2013-07-22 19:38:38 +00:00
|
|
|
static const nstime_t *
|
2017-12-08 04:33:22 +00:00
|
|
|
ws_get_frame_ts(struct packet_provider_data *prov, guint32 frame_num)
|
2013-07-21 20:48:30 +00:00
|
|
|
{
|
2017-12-08 03:31:43 +00:00
|
|
|
if (prov->prev_dis && prov->prev_dis->num == frame_num)
|
|
|
|
|
return &prov->prev_dis->abs_ts;
|
2013-07-21 20:48:30 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
if (prov->prev_cap && prov->prev_cap->num == frame_num)
|
|
|
|
|
return &prov->prev_cap->abs_ts;
|
2013-07-21 20:48:30 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
if (prov->frames) {
|
|
|
|
|
frame_data *fd = frame_data_sequence_find(prov->frames, frame_num);
|
2013-07-21 20:48:30 +00:00
|
|
|
|
|
|
|
|
return (fd) ? &fd->abs_ts : NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-23 23:45:24 +00:00
|
|
|
static epan_t *
|
2013-07-21 20:48:30 +00:00
|
|
|
ws_epan_new(capture_file *cf)
|
|
|
|
|
{
|
2017-12-08 04:33:22 +00:00
|
|
|
static const struct packet_provider_funcs funcs = {
|
|
|
|
|
ws_get_frame_ts,
|
|
|
|
|
cap_file_provider_get_interface_name,
|
|
|
|
|
cap_file_provider_get_interface_description,
|
|
|
|
|
cap_file_provider_get_user_comment
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return epan_new(&cf->provider, &funcs);
|
2013-07-21 20:48:30 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-05 12:50:47 +00:00
|
|
|
cf_status_t
|
2014-01-18 14:20:02 +00:00
|
|
|
cf_open(capture_file *cf, const char *fname, unsigned int type, gboolean is_tempfile, int *err)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap *wth;
|
2012-08-12 22:21:02 +00:00
|
|
|
gchar *err_info;
|
2005-04-29 14:51:52 +00:00
|
|
|
|
2014-01-18 14:20:02 +00:00
|
|
|
wth = wtap_open_offline(fname, type, err, &err_info, TRUE);
|
1999-08-15 06:59:13 +00:00
|
|
|
if (wth == NULL)
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
goto fail;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
/* The open succeeded. Close whatever capture file we had open,
|
|
|
|
|
and fill in the information for this file. */
|
2011-11-20 15:11:15 +00:00
|
|
|
cf_close(cf);
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
/* Initialize the record metadata. */
|
|
|
|
|
wtap_rec_init(&cf->rec);
|
2014-12-01 00:30:19 +00:00
|
|
|
|
2013-06-16 00:20:00 +00:00
|
|
|
/* XXX - we really want to initialize this after we've read all
|
|
|
|
|
the packets, so we know how much we'll ultimately need. */
|
2014-08-02 11:00:48 +00:00
|
|
|
ws_buffer_init(&cf->buf, 1500);
|
2013-06-16 00:20:00 +00:00
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We're about to start reading the file. */
|
|
|
|
|
cf->state = FILE_READ_IN_PROGRESS;
|
|
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.wth = wth;
|
2005-08-19 01:17:24 +00:00
|
|
|
cf->f_datalen = 0;
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Set the file name because we need it to set the follow stream filter.
|
|
|
|
|
XXX - is that still true? We need it for other reasons, though,
|
|
|
|
|
in any case. */
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
cf->filename = g_strdup(fname);
|
|
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Indicate whether it's a permanent or temporary file. */
|
|
|
|
|
cf->is_tempfile = is_tempfile;
|
|
|
|
|
|
2012-05-20 08:56:06 +00:00
|
|
|
/* No user changes yet. */
|
|
|
|
|
cf->unsaved_changes = FALSE;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2013-08-14 04:14:36 +00:00
|
|
|
cf->computed_elapsed = 0;
|
2009-09-07 21:07:51 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->cd_t = wtap_file_type_subtype(cf->provider.wth);
|
2014-03-20 16:57:29 +00:00
|
|
|
cf->open_type = type;
|
2012-06-15 23:54:05 +00:00
|
|
|
cf->linktypes = g_array_sized_new(FALSE, FALSE, (guint) sizeof(int), 1);
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
cf->count = 0;
|
2012-06-20 01:11:01 +00:00
|
|
|
cf->packet_comment_count = 0;
|
2004-02-03 00:16:59 +00:00
|
|
|
cf->displayed_count = 0;
|
2001-12-06 02:21:26 +00:00
|
|
|
cf->marked_count = 0;
|
2009-12-17 01:18:14 +00:00
|
|
|
cf->ignored_count = 0;
|
2010-08-16 18:17:45 +00:00
|
|
|
cf->ref_time_count = 0;
|
2001-02-11 09:28:17 +00:00
|
|
|
cf->drops_known = FALSE;
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
cf->drops = 0;
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->snap = wtap_snapshot_length(cf->provider.wth);
|
2009-09-21 15:29:32 +00:00
|
|
|
|
2011-04-27 02:54:44 +00:00
|
|
|
/* Allocate a frame_data_sequence for the frames in this file */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.frames = new_frame_data_sequence();
|
2011-04-27 02:54:44 +00:00
|
|
|
|
2005-08-24 21:31:56 +00:00
|
|
|
nstime_set_zero(&cf->elapsed_time);
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.ref = NULL;
|
|
|
|
|
cf->provider.prev_dis = NULL;
|
|
|
|
|
cf->provider.prev_cap = NULL;
|
2013-08-14 04:14:36 +00:00
|
|
|
cf->cum_bytes = 0;
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2018-06-04 20:22:49 +00:00
|
|
|
/* Create new epan session for dissection.
|
|
|
|
|
* (The old one was freed in cf_close().)
|
|
|
|
|
*/
|
|
|
|
|
cf->epan = ws_epan_new(cf);
|
|
|
|
|
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_queue_draw();
|
2012-09-26 23:33:11 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_opened, cf);
|
2005-04-29 14:51:52 +00:00
|
|
|
|
2018-08-01 06:24:24 +00:00
|
|
|
if (cf->cd_t == WTAP_FILE_TYPE_SUBTYPE_BER) {
|
2007-01-13 12:59:27 +00:00
|
|
|
/* tell the BER dissector the file name */
|
|
|
|
|
ber_set_filename(cf->filename);
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_set_cb_new_ipv4(cf->provider.wth, add_ipv4_name);
|
|
|
|
|
wtap_set_cb_new_ipv6(cf->provider.wth, (wtap_new_ipv6_callback_t) add_ipv6_name);
|
2011-03-24 22:47:57 +00:00
|
|
|
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_OK;
|
Split "load_cap_file()" into "open_cap_file()" and "read_cap_file()".
The former, which used to be called by "load_cap_file()", now just opens
the file and, if the open succeeds, closes any capture file we
previously had open, reinitializes any protocols that need
reinitialization, and saves information about the new capture file in
the "capture_file" structure to which it was passed a pointer. The
latter reads the file already opened by "read_cap_file()".
For "File/Open", call "open_cap_file()" before dismissing the file
selection box; if it fails, "open_cap_file()" will have popped up a
message box complaining about it - just return, leaving the file
selection box open so the user can, after dismissing the message box,
either try again with a different file name, or dismiss the file
selection box. (Other file selection boxes should be made to work the
same way.) If "open_cap_file()" succeeds, dismiss the file selection
box, and read the capture file in.
svn path=/trunk/; revision=492
1999-08-15 00:26:11 +00:00
|
|
|
|
|
|
|
|
fail:
|
2017-04-20 18:23:51 +00:00
|
|
|
cfile_open_failure_alert_box(fname, *err, err_info);
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_ERROR;
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
|
|
|
|
|
2012-06-15 23:54:05 +00:00
|
|
|
/*
|
|
|
|
|
* Add an encapsulation type to cf->linktypes.
|
|
|
|
|
*/
|
2013-03-21 21:58:47 +00:00
|
|
|
static void
|
2012-06-15 23:54:05 +00:00
|
|
|
cf_add_encapsulation_type(capture_file *cf, int encap)
|
|
|
|
|
{
|
|
|
|
|
guint i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < cf->linktypes->len; i++) {
|
|
|
|
|
if (g_array_index(cf->linktypes, gint, i) == encap)
|
|
|
|
|
return; /* it's already there */
|
|
|
|
|
}
|
|
|
|
|
/* It's not already there - add it. */
|
|
|
|
|
g_array_append_val(cf->linktypes, encap);
|
|
|
|
|
}
|
2005-04-29 14:51:52 +00:00
|
|
|
|
2014-07-15 22:48:29 +00:00
|
|
|
/* Reset everything to a pristine state */
|
|
|
|
|
void
|
|
|
|
|
cf_close(capture_file *cf)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
2015-06-19 23:56:44 +00:00
|
|
|
cf->stop_flag = FALSE;
|
2014-07-15 22:48:29 +00:00
|
|
|
if (cf->state == FILE_CLOSED)
|
|
|
|
|
return; /* Nothing to do */
|
|
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* Die if we're in the middle of reading a file. */
|
|
|
|
|
g_assert(cf->state != FILE_READ_IN_PROGRESS);
|
2018-06-30 19:26:40 +00:00
|
|
|
g_assert(!cf->read_lock);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2014-07-15 22:48:29 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_closing, cf);
|
|
|
|
|
|
|
|
|
|
/* close things, if not already closed before */
|
|
|
|
|
color_filters_cleanup();
|
|
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf->provider.wth) {
|
|
|
|
|
wtap_close(cf->provider.wth);
|
|
|
|
|
cf->provider.wth = NULL;
|
1999-06-19 01:14:51 +00:00
|
|
|
}
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* We have no file open... */
|
|
|
|
|
if (cf->filename != NULL) {
|
|
|
|
|
/* If it's a temporary file, remove it. */
|
|
|
|
|
if (cf->is_tempfile)
|
2008-05-22 15:46:27 +00:00
|
|
|
ws_unlink(cf->filename);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
g_free(cf->filename);
|
|
|
|
|
cf->filename = NULL;
|
|
|
|
|
}
|
2012-05-20 08:56:06 +00:00
|
|
|
/* ...which means we have no changes to that file to save. */
|
|
|
|
|
cf->unsaved_changes = FALSE;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2014-03-20 16:57:29 +00:00
|
|
|
/* no open_routine type */
|
|
|
|
|
cf->open_type = WTAP_TYPE_AUTO;
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
/* Clean up the record metadata. */
|
|
|
|
|
wtap_rec_cleanup(&cf->rec);
|
2014-12-01 00:30:19 +00:00
|
|
|
|
2013-06-16 00:20:00 +00:00
|
|
|
/* Free up the packet buffer. */
|
2014-08-02 11:00:48 +00:00
|
|
|
ws_buffer_free(&cf->buf);
|
2013-06-16 00:20:00 +00:00
|
|
|
|
2009-09-22 16:49:26 +00:00
|
|
|
dfilter_free(cf->rfcode);
|
|
|
|
|
cf->rfcode = NULL;
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf->provider.frames != NULL) {
|
|
|
|
|
free_frame_data_sequence(cf->provider.frames);
|
|
|
|
|
cf->provider.frames = NULL;
|
2011-04-27 03:13:03 +00:00
|
|
|
}
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf->provider.frames_user_comments) {
|
|
|
|
|
g_tree_destroy(cf->provider.frames_user_comments);
|
|
|
|
|
cf->provider.frames_user_comments = NULL;
|
2013-08-01 20:59:38 +00:00
|
|
|
}
|
2009-09-21 15:50:15 +00:00
|
|
|
cf_unselect_packet(cf); /* nothing to select */
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
cf->first_displayed = 0;
|
|
|
|
|
cf->last_displayed = 0;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2011-05-10 15:13:46 +00:00
|
|
|
/* No frames, no frame selected, no field in that frame selected. */
|
|
|
|
|
cf->count = 0;
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
cf->current_frame = 0;
|
2008-11-18 14:50:51 +00:00
|
|
|
cf->current_row = 0;
|
2003-09-24 00:47:37 +00:00
|
|
|
cf->finfo_selected = NULL;
|
|
|
|
|
|
2012-06-15 23:54:05 +00:00
|
|
|
/* No frame link-layer types, either. */
|
2014-07-16 00:14:11 +00:00
|
|
|
if (cf->linktypes != NULL) {
|
|
|
|
|
g_array_free(cf->linktypes, TRUE);
|
|
|
|
|
cf->linktypes = NULL;
|
|
|
|
|
}
|
2012-06-15 23:54:05 +00:00
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
/* Clear the packet list. */
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_freeze();
|
|
|
|
|
packet_list_clear();
|
|
|
|
|
packet_list_thaw();
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2005-08-19 01:17:24 +00:00
|
|
|
cf->f_datalen = 0;
|
2005-08-24 21:31:56 +00:00
|
|
|
nstime_set_zero(&cf->elapsed_time);
|
2004-02-03 00:16:59 +00:00
|
|
|
|
2004-05-02 15:04:14 +00:00
|
|
|
reset_tap_listeners();
|
|
|
|
|
|
2014-07-15 22:48:29 +00:00
|
|
|
epan_free(cf->epan);
|
|
|
|
|
cf->epan = NULL;
|
|
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We have no file open. */
|
|
|
|
|
cf->state = FILE_CLOSED;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2014-07-15 22:48:29 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_closed, cf);
|
2005-02-07 02:09:30 +00:00
|
|
|
}
|
|
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/*
|
|
|
|
|
* TRUE if the progress dialog doesn't exist and it looks like we'll
|
|
|
|
|
* take > 2s to load, FALSE otherwise.
|
|
|
|
|
*/
|
|
|
|
|
static inline gboolean
|
|
|
|
|
progress_is_slow(progdlg_t *progdlg, GTimer *prog_timer, gint64 size, gint64 pos)
|
|
|
|
|
{
|
|
|
|
|
double elapsed;
|
|
|
|
|
|
|
|
|
|
if (progdlg) return FALSE;
|
|
|
|
|
elapsed = g_timer_elapsed(prog_timer, NULL);
|
|
|
|
|
if ((elapsed / 2 > PROGBAR_SHOW_DELAY && (size / pos) > 2) /* It looks like we're going to be slow. */
|
|
|
|
|
|| elapsed > PROGBAR_SHOW_DELAY) { /* We are indeed slow. */
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-18 20:52:54 +00:00
|
|
|
static float
|
2010-10-18 21:36:41 +00:00
|
|
|
calc_progbar_val(capture_file *cf, gint64 size, gint64 file_pos, gchar *status_str, gulong status_size)
|
2010-10-18 20:52:54 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
float progbar_val;
|
2009-09-21 15:50:15 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
progbar_val = (gfloat) file_pos / (gfloat) size;
|
|
|
|
|
if (progbar_val > 1.0) {
|
2010-10-18 20:52:54 +00:00
|
|
|
|
|
|
|
|
/* The file probably grew while we were reading it.
|
|
|
|
|
* Update file size, and try again.
|
|
|
|
|
*/
|
2017-12-08 03:31:43 +00:00
|
|
|
size = wtap_file_size(cf->provider.wth, NULL);
|
2010-10-18 20:52:54 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
if (size >= 0)
|
|
|
|
|
progbar_val = (gfloat) file_pos / (gfloat) size;
|
2010-10-18 20:52:54 +00:00
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
/* If it's still > 1, either "wtap_file_size()" failed (in which
|
2010-10-18 20:52:54 +00:00
|
|
|
* case there's not much we can do about it), or the file
|
|
|
|
|
* *shrank* (in which case there's not much we can do about
|
|
|
|
|
* it); just clip the progress value at 1.0.
|
|
|
|
|
*/
|
2010-04-28 16:37:25 +00:00
|
|
|
if (progbar_val > 1.0f)
|
|
|
|
|
progbar_val = 1.0f;
|
|
|
|
|
}
|
2010-10-18 20:52:54 +00:00
|
|
|
|
|
|
|
|
g_snprintf(status_str, status_size,
|
2011-09-21 18:55:03 +00:00
|
|
|
"%" G_GINT64_MODIFIER "dKB of %" G_GINT64_MODIFIER "dKB",
|
|
|
|
|
file_pos / 1024, size / 1024);
|
2010-10-18 20:52:54 +00:00
|
|
|
|
2010-04-28 16:37:25 +00:00
|
|
|
return progbar_val;
|
2009-09-01 08:51:41 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_read_status_t
|
2012-05-22 03:52:12 +00:00
|
|
|
cf_read(capture_file *cf, gboolean reloading)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
2015-12-01 14:02:06 +00:00
|
|
|
int err = 0;
|
|
|
|
|
gchar *err_info = NULL;
|
2012-08-12 22:21:02 +00:00
|
|
|
gchar *name_ptr;
|
2016-02-12 08:25:44 +00:00
|
|
|
progdlg_t *volatile progbar = NULL;
|
2016-07-15 18:09:01 +00:00
|
|
|
GTimer *prog_timer = g_timer_new();
|
2012-08-12 22:21:02 +00:00
|
|
|
GTimeVal start_time;
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_t edt;
|
2012-08-12 22:21:02 +00:00
|
|
|
dfilter_t *dfcode;
|
2012-11-03 23:41:59 +00:00
|
|
|
volatile gboolean create_proto_tree;
|
2012-08-12 22:21:02 +00:00
|
|
|
guint tap_flags;
|
|
|
|
|
gboolean compiled;
|
2017-06-12 12:23:32 +00:00
|
|
|
volatile gboolean is_read_aborted = FALSE;
|
2007-01-01 10:23:37 +00:00
|
|
|
|
2018-06-30 05:38:10 +00:00
|
|
|
/* The update_progress_dlg call below might end up accepting a user request to
|
|
|
|
|
* trigger redissection/rescans which can modify/destroy the dissection
|
|
|
|
|
* context ("cf->epan"). That condition should be prevented by callers, but in
|
|
|
|
|
* case it occurs let's fail gracefully.
|
|
|
|
|
*/
|
|
|
|
|
if (cf->read_lock) {
|
|
|
|
|
g_warning("Failing due to recursive cf_read(\"%s\", %d) call!",
|
|
|
|
|
cf->filename, reloading);
|
|
|
|
|
return CF_READ_ERROR;
|
|
|
|
|
}
|
|
|
|
|
cf->read_lock = TRUE;
|
|
|
|
|
|
2007-01-01 10:23:37 +00:00
|
|
|
/* Compile the current display filter.
|
2007-12-05 23:50:28 +00:00
|
|
|
* We assume this will not fail since cf->dfilter is only set in
|
2007-01-01 10:23:37 +00:00
|
|
|
* cf_filter IFF the filter was valid.
|
|
|
|
|
*/
|
2015-01-18 10:22:19 +00:00
|
|
|
compiled = dfilter_compile(cf->dfilter, &dfcode, NULL);
|
2009-09-21 15:38:40 +00:00
|
|
|
g_assert(!cf->dfilter || (compiled && dfcode));
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2009-06-05 22:42:47 +00:00
|
|
|
/* Get the union of the flags for all tap listeners. */
|
|
|
|
|
tap_flags = union_of_tap_listener_flags();
|
2017-04-12 02:53:48 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Determine whether we need to create a protocol tree.
|
|
|
|
|
* We do if:
|
|
|
|
|
*
|
|
|
|
|
* we're going to apply a display filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners is going to apply a filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners requires a protocol tree;
|
|
|
|
|
*
|
2017-04-17 01:48:30 +00:00
|
|
|
* a postdissector wants field values or protocols on
|
|
|
|
|
* the first pass.
|
2017-04-12 02:53:48 +00:00
|
|
|
*/
|
2012-10-20 12:51:34 +00:00
|
|
|
create_proto_tree =
|
2017-04-12 02:53:48 +00:00
|
|
|
(dfcode != NULL || have_filtering_tap_listeners() ||
|
2017-04-17 01:48:30 +00:00
|
|
|
(tap_flags & TL_REQUIRES_PROTO_TREE) || postdissectors_want_hfids());
|
2009-06-05 22:42:47 +00:00
|
|
|
|
2002-09-04 22:15:39 +00:00
|
|
|
reset_tap_listeners();
|
1999-08-07 01:25:04 +00:00
|
|
|
|
2012-06-03 19:31:59 +00:00
|
|
|
name_ptr = g_filename_display_basename(cf->filename);
|
1999-08-28 01:51:58 +00:00
|
|
|
|
2012-05-22 03:52:12 +00:00
|
|
|
if (reloading)
|
|
|
|
|
cf_callback_invoke(cf_cb_file_reload_started, cf);
|
2009-12-14 22:05:29 +00:00
|
|
|
else
|
2012-05-22 03:52:12 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_read_started, cf);
|
2009-12-14 22:05:29 +00:00
|
|
|
|
2012-06-15 23:54:05 +00:00
|
|
|
/* Record whether the file is compressed.
|
|
|
|
|
XXX - do we know this at open time? */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->iscompressed = wtap_iscompressed(cf->provider.wth);
|
2012-05-24 05:05:29 +00:00
|
|
|
|
2012-06-05 02:49:56 +00:00
|
|
|
/* The packet list window will be empty until the file is completly loaded */
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_freeze();
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
cf->stop_flag = FALSE;
|
2002-07-30 10:13:16 +00:00
|
|
|
g_get_current_time(&start_time);
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&edt, cf->epan, create_proto_tree, FALSE);
|
|
|
|
|
|
2012-10-22 19:44:51 +00:00
|
|
|
TRY {
|
|
|
|
|
int count = 0;
|
2005-10-27 06:45:37 +00:00
|
|
|
|
2012-10-22 19:44:51 +00:00
|
|
|
gint64 size;
|
|
|
|
|
gint64 file_pos;
|
|
|
|
|
gint64 data_offset;
|
|
|
|
|
|
|
|
|
|
float progbar_val;
|
2012-10-22 21:22:35 +00:00
|
|
|
gchar status_str[100];
|
|
|
|
|
|
|
|
|
|
column_info *cinfo;
|
|
|
|
|
|
2017-04-12 02:53:48 +00:00
|
|
|
/* If any tap listeners require the columns, construct them. */
|
2012-10-22 21:22:35 +00:00
|
|
|
cinfo = (tap_flags & TL_REQUIRES_COLUMNS) ? &cf->cinfo : NULL;
|
2012-10-22 19:44:51 +00:00
|
|
|
|
|
|
|
|
/* Find the size of the file. */
|
2017-12-08 03:31:43 +00:00
|
|
|
size = wtap_file_size(cf->provider.wth, NULL);
|
2012-10-22 19:44:51 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_start(prog_timer);
|
2012-10-22 19:44:51 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
while ((wtap_read(cf->provider.wth, &err, &err_info, &data_offset))) {
|
2012-10-22 19:44:51 +00:00
|
|
|
if (size >= 0) {
|
2012-11-25 18:35:41 +00:00
|
|
|
count++;
|
2017-12-08 03:31:43 +00:00
|
|
|
file_pos = wtap_read_so_far(cf->provider.wth);
|
2012-11-25 18:35:41 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/* Create the progress bar if necessary. */
|
|
|
|
|
if (progress_is_slow(progbar, prog_timer, size, file_pos)) {
|
2012-11-25 18:35:41 +00:00
|
|
|
progbar_val = calc_progbar_val(cf, size, file_pos, status_str, sizeof(status_str));
|
|
|
|
|
if (reloading)
|
|
|
|
|
progbar = delayed_create_progress_dlg(cf->window, "Reloading", name_ptr,
|
2015-06-19 23:56:44 +00:00
|
|
|
TRUE, &cf->stop_flag, &start_time, progbar_val);
|
2012-11-25 18:35:41 +00:00
|
|
|
else
|
|
|
|
|
progbar = delayed_create_progress_dlg(cf->window, "Loading", name_ptr,
|
2015-06-19 23:56:44 +00:00
|
|
|
TRUE, &cf->stop_flag, &start_time, progbar_val);
|
2012-11-25 18:35:41 +00:00
|
|
|
}
|
|
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/*
|
|
|
|
|
* Update the progress bar, but do it only after
|
|
|
|
|
* PROGBAR_UPDATE_INTERVAL has elapsed. Calling update_progress_dlg
|
|
|
|
|
* and packets_bar_update will likely trigger UI paint events, which
|
|
|
|
|
* might take a while depending on the platform and display. Reset
|
|
|
|
|
* our timer *after* painting.
|
|
|
|
|
*/
|
|
|
|
|
if (progbar && g_timer_elapsed(prog_timer, NULL) > PROGBAR_UPDATE_INTERVAL) {
|
|
|
|
|
progbar_val = calc_progbar_val(cf, size, file_pos, status_str, sizeof(status_str));
|
|
|
|
|
/* update the packet bar content on the first run or frequently on very large files */
|
|
|
|
|
update_progress_dlg(progbar, progbar_val, status_str);
|
2017-06-19 18:48:42 +00:00
|
|
|
compute_elapsed(cf, &start_time);
|
2016-07-15 18:09:01 +00:00
|
|
|
packets_bar_update();
|
|
|
|
|
g_timer_start(prog_timer);
|
2012-11-25 18:35:41 +00:00
|
|
|
}
|
2018-06-30 19:26:40 +00:00
|
|
|
/*
|
|
|
|
|
* The previous GUI triggers should not have destroyed the running
|
|
|
|
|
* session. If that did happen, it could blow up when read_record tries
|
|
|
|
|
* to use the destroyed edt.session, so detect it right here.
|
|
|
|
|
*/
|
|
|
|
|
g_assert(edt.session == cf->epan);
|
2005-08-20 02:14:01 +00:00
|
|
|
}
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2017-06-12 12:23:32 +00:00
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
|
|
|
|
/* Well, the user decided to exit Wireshark. Break out of the
|
|
|
|
|
loop, and let the code below (which is called even if there
|
|
|
|
|
aren't any packets left to read) exit. */
|
|
|
|
|
is_read_aborted = TRUE;
|
|
|
|
|
break;
|
|
|
|
|
}
|
2015-06-19 23:56:44 +00:00
|
|
|
if (cf->stop_flag) {
|
2012-11-25 18:35:41 +00:00
|
|
|
/* Well, the user decided to abort the read. He/She will be warned and
|
|
|
|
|
it might be enough for him/her to work with the already loaded
|
|
|
|
|
packets.
|
|
|
|
|
This is especially true for very large capture files, where you don't
|
|
|
|
|
want to wait loading the whole file (which may last minutes or even
|
|
|
|
|
hours even on fast machines) just to see that it was the wrong file. */
|
|
|
|
|
break;
|
2012-10-22 19:44:51 +00:00
|
|
|
}
|
2018-02-09 00:19:12 +00:00
|
|
|
read_record(cf, dfcode, &edt, cinfo, data_offset);
|
2012-12-15 01:04:39 +00:00
|
|
|
}
|
2012-10-22 19:44:51 +00:00
|
|
|
}
|
2012-10-22 19:14:43 +00:00
|
|
|
CATCH(OutOfMemoryError) {
|
|
|
|
|
simple_message_box(ESD_TYPE_ERROR, NULL,
|
2014-09-24 21:06:23 +00:00
|
|
|
"More information and workarounds can be found at\n"
|
2015-03-10 17:46:50 +00:00
|
|
|
"https://wiki.wireshark.org/KnownBugs/OutOfMemory",
|
2014-09-24 21:06:23 +00:00
|
|
|
"Sorry, but Wireshark has run out of memory and has to terminate now.");
|
2012-06-17 22:32:03 +00:00
|
|
|
#if 0
|
2012-10-22 19:14:43 +00:00
|
|
|
/* Could we close the current capture and free up memory from that? */
|
2012-06-17 22:32:03 +00:00
|
|
|
#else
|
2012-10-22 19:14:43 +00:00
|
|
|
/* we have to terminate, as we cannot recover from the memory error */
|
|
|
|
|
exit(1);
|
2012-06-17 22:32:03 +00:00
|
|
|
#endif
|
2007-01-01 10:23:37 +00:00
|
|
|
}
|
2012-10-22 19:14:43 +00:00
|
|
|
ENDTRY;
|
2007-01-01 10:23:37 +00:00
|
|
|
|
2012-06-03 22:03:05 +00:00
|
|
|
/* Free the display name */
|
|
|
|
|
g_free(name_ptr);
|
|
|
|
|
|
2007-01-01 10:23:37 +00:00
|
|
|
/* Cleanup and release all dfilter resources */
|
2017-08-26 08:30:47 +00:00
|
|
|
dfilter_free(dfcode);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_cleanup(&edt);
|
|
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
/* We're done reading the file; destroy the progress bar if it was created. */
|
2005-08-06 18:40:03 +00:00
|
|
|
if (progbar != NULL)
|
2002-07-30 10:13:16 +00:00
|
|
|
destroy_progress_dlg(progbar);
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_destroy(prog_timer);
|
2000-07-03 08:36:52 +00:00
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We're done reading sequentially through the file. */
|
|
|
|
|
cf->state = FILE_READ_DONE;
|
|
|
|
|
|
2011-04-12 17:37:05 +00:00
|
|
|
/* Close the sequential I/O side, to free up memory it requires. */
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_sequential_close(cf->provider.wth);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2002-01-05 04:12:17 +00:00
|
|
|
/* Allow the protocol dissectors to free up memory that they
|
|
|
|
|
* don't need after the sequential run-through of the packets. */
|
|
|
|
|
postseq_cleanup_all_protocols();
|
|
|
|
|
|
2009-09-06 18:25:23 +00:00
|
|
|
/* compute the time it took to load the file */
|
2013-08-14 04:14:36 +00:00
|
|
|
compute_elapsed(cf, &start_time);
|
2009-08-28 05:19:52 +00:00
|
|
|
|
1999-12-04 11:32:25 +00:00
|
|
|
/* Set the file encapsulation type now; we don't know what it is until
|
|
|
|
|
we've looked at all the packets, as we don't know until then whether
|
|
|
|
|
there's more than one type (and thus whether it's
|
|
|
|
|
WTAP_ENCAP_PER_PACKET). */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->lnk_t = wtap_file_encap(cf->provider.wth);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->current_frame = frame_data_sequence_find(cf->provider.frames, cf->first_displayed);
|
2008-11-18 14:50:51 +00:00
|
|
|
cf->current_row = 0;
|
|
|
|
|
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_thaw();
|
2012-05-22 03:52:12 +00:00
|
|
|
if (reloading)
|
|
|
|
|
cf_callback_invoke(cf_cb_file_reload_finished, cf);
|
2010-04-28 16:37:25 +00:00
|
|
|
else
|
2012-05-22 03:52:12 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_read_finished, cf);
|
1999-08-10 07:16:47 +00:00
|
|
|
|
2000-01-25 01:05:06 +00:00
|
|
|
/* If we have any displayed packets to select, select the first of those
|
|
|
|
|
packets by making the first row the selected row. */
|
2012-08-12 22:21:02 +00:00
|
|
|
if (cf->first_displayed != 0) {
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_select_first_row();
|
2009-07-24 08:10:33 +00:00
|
|
|
}
|
2000-01-18 08:38:18 +00:00
|
|
|
|
2018-06-30 05:38:10 +00:00
|
|
|
/* It is safe again to execute redissections. */
|
|
|
|
|
g_assert(cf->read_lock);
|
|
|
|
|
cf->read_lock = FALSE;
|
|
|
|
|
|
2017-06-12 12:23:32 +00:00
|
|
|
if (is_read_aborted) {
|
|
|
|
|
/*
|
|
|
|
|
* Well, the user decided to exit Wireshark while reading this *offline*
|
|
|
|
|
* capture file (Live captures are handled by something like
|
|
|
|
|
* cf_continue_tail). Clean up accordingly.
|
|
|
|
|
*/
|
|
|
|
|
cf_close(cf);
|
2018-06-28 00:28:06 +00:00
|
|
|
cf->redissection_queued = RESCAN_NONE;
|
2017-06-12 12:23:32 +00:00
|
|
|
return CF_READ_ABORTED;
|
|
|
|
|
}
|
|
|
|
|
|
2018-06-28 00:28:06 +00:00
|
|
|
if (cf->redissection_queued != RESCAN_NONE) {
|
|
|
|
|
/* Redissection was queued up. Clear the request and perform it now. */
|
|
|
|
|
gboolean redissect = cf->redissection_queued == RESCAN_REDISSECT;
|
|
|
|
|
rescan_packets(cf, "Reprocessing", "all packets", redissect);
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
if (cf->stop_flag) {
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_message_box(ESD_TYPE_WARN, NULL,
|
2010-04-28 16:37:25 +00:00
|
|
|
"The remaining packets in the file were discarded.\n"
|
|
|
|
|
"\n"
|
|
|
|
|
"As a lot of packets from the original file will be missing,\n"
|
|
|
|
|
"remember to be careful when saving the current content to a file.\n",
|
2014-09-24 21:06:23 +00:00
|
|
|
"File loading was cancelled.");
|
2005-11-08 22:24:53 +00:00
|
|
|
return CF_READ_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
Have the Wiretap open, read, and seek-and-read routines return, in
addition to an error code, an error info string, for
WTAP_ERR_UNSUPPORTED, WTAP_ERR_UNSUPPORTED_ENCAP, and
WTAP_ERR_BAD_RECORD errors. Replace the error messages logged with
"g_message()" for those errors with g_strdup()ed or g_strdup_printf()ed
strings returned as the error info string, and change the callers of
those routines to, for those errors, put the info string into the
printed message or alert box for the error.
Add messages for cases where those errors were returned without printing
an additional message.
Nobody uses the error code from "cf_read()" - "cf_read()" puts up the
alert box itself for failures; get rid of the error code, so it just
returns a success/failure indication.
Rename "file_read_error_message()" to "cf_read_error_message()", as it
handles read errors from Wiretap, and have it take an error info string
as an argument. (That handles a lot of the work of putting the info
string into the error message.)
Make some variables in "ascend-grammar.y" static.
Check the return value of "erf_read_header()" in "erf_seek_read()".
Get rid of an unused #define in "i4btrace.c".
svn path=/trunk/; revision=9852
2004-01-25 21:55:17 +00:00
|
|
|
if (err != 0) {
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
/* Put up a message box noting that the read failed somewhere along
|
|
|
|
|
the line. Don't throw out the stuff we managed to read, though,
|
|
|
|
|
if any. */
|
2017-04-19 21:43:11 +00:00
|
|
|
cfile_read_failure_alert_box(NULL, err, err_info);
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_ERROR;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
} else
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_OK;
|
1998-09-16 02:39:15 +00:00
|
|
|
}
|
|
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_LIBPCAP
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_read_status_t
|
2012-10-22 21:22:35 +00:00
|
|
|
cf_continue_tail(capture_file *cf, volatile int to_read, int *err)
|
1999-11-29 01:54:01 +00:00
|
|
|
{
|
2012-11-03 23:41:59 +00:00
|
|
|
gchar *err_info;
|
2014-04-16 02:34:07 +00:00
|
|
|
volatile int newly_displayed_packets = 0;
|
2012-11-03 23:41:59 +00:00
|
|
|
dfilter_t *dfcode;
|
2014-04-16 02:34:07 +00:00
|
|
|
epan_dissect_t edt;
|
|
|
|
|
gboolean create_proto_tree;
|
2012-11-03 23:41:59 +00:00
|
|
|
guint tap_flags;
|
|
|
|
|
gboolean compiled;
|
2007-01-01 10:23:37 +00:00
|
|
|
|
|
|
|
|
/* Compile the current display filter.
|
2007-12-05 23:50:28 +00:00
|
|
|
* We assume this will not fail since cf->dfilter is only set in
|
2007-01-01 10:23:37 +00:00
|
|
|
* cf_filter IFF the filter was valid.
|
|
|
|
|
*/
|
2015-01-18 10:22:19 +00:00
|
|
|
compiled = dfilter_compile(cf->dfilter, &dfcode, NULL);
|
2009-09-21 15:38:40 +00:00
|
|
|
g_assert(!cf->dfilter || (compiled && dfcode));
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2009-06-05 22:42:47 +00:00
|
|
|
/* Get the union of the flags for all tap listeners. */
|
|
|
|
|
tap_flags = union_of_tap_listener_flags();
|
2017-04-12 02:53:48 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Determine whether we need to create a protocol tree.
|
|
|
|
|
* We do if:
|
|
|
|
|
*
|
|
|
|
|
* we're going to apply a display filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners is going to apply a filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners requires a protocol tree;
|
|
|
|
|
*
|
2017-04-17 01:48:30 +00:00
|
|
|
* a postdissector wants field values or protocols on
|
|
|
|
|
* the first pass.
|
2017-04-12 02:53:48 +00:00
|
|
|
*/
|
2012-10-20 12:51:34 +00:00
|
|
|
create_proto_tree =
|
2017-04-12 02:53:48 +00:00
|
|
|
(dfcode != NULL || have_filtering_tap_listeners() ||
|
2017-04-17 01:48:30 +00:00
|
|
|
(tap_flags & TL_REQUIRES_PROTO_TREE) || postdissectors_want_hfids());
|
2009-06-05 22:42:47 +00:00
|
|
|
|
2002-10-14 19:59:51 +00:00
|
|
|
*err = 0;
|
|
|
|
|
|
2010-02-17 23:03:41 +00:00
|
|
|
/* Don't freeze/thaw the list when doing live capture */
|
2012-09-04 02:35:25 +00:00
|
|
|
/*packet_list_freeze();*/
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2005-10-06 00:55:21 +00:00
|
|
|
/*g_log(NULL, G_LOG_LEVEL_MESSAGE, "cf_continue_tail: %u new: %u", cf->count, to_read);*/
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&edt, cf->epan, create_proto_tree, FALSE);
|
|
|
|
|
|
2012-10-22 19:44:51 +00:00
|
|
|
TRY {
|
|
|
|
|
gint64 data_offset = 0;
|
2012-10-22 21:22:35 +00:00
|
|
|
column_info *cinfo;
|
|
|
|
|
|
2017-04-12 02:53:48 +00:00
|
|
|
/* If any tap listeners require the columns, construct them. */
|
2012-10-22 21:22:35 +00:00
|
|
|
cinfo = (tap_flags & TL_REQUIRES_COLUMNS) ? &cf->cinfo : NULL;
|
2012-10-22 19:44:51 +00:00
|
|
|
|
|
|
|
|
while (to_read != 0) {
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_cleareof(cf->provider.wth);
|
|
|
|
|
if (!wtap_read(cf->provider.wth, err, &err_info, &data_offset)) {
|
2012-11-25 18:35:41 +00:00
|
|
|
break;
|
2012-10-22 19:44:51 +00:00
|
|
|
}
|
|
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
2012-11-25 18:35:41 +00:00
|
|
|
/* Well, the user decided to exit Wireshark. Break out of the
|
|
|
|
|
loop, and let the code below (which is called even if there
|
|
|
|
|
aren't any packets left to read) exit. */
|
|
|
|
|
break;
|
2012-10-22 19:44:51 +00:00
|
|
|
}
|
2018-02-09 00:19:12 +00:00
|
|
|
if (read_record(cf, dfcode, &edt, (column_info *) cinfo, data_offset)) {
|
2014-05-23 10:50:02 +00:00
|
|
|
newly_displayed_packets++;
|
2012-10-22 19:44:51 +00:00
|
|
|
}
|
|
|
|
|
to_read--;
|
2007-01-15 05:16:13 +00:00
|
|
|
}
|
2012-10-22 19:14:43 +00:00
|
|
|
}
|
|
|
|
|
CATCH(OutOfMemoryError) {
|
|
|
|
|
simple_message_box(ESD_TYPE_ERROR, NULL,
|
2014-09-24 21:06:23 +00:00
|
|
|
"More information and workarounds can be found at\n"
|
2015-03-10 17:46:50 +00:00
|
|
|
"https://wiki.wireshark.org/KnownBugs/OutOfMemory",
|
2014-09-24 21:06:23 +00:00
|
|
|
"Sorry, but Wireshark has run out of memory and has to terminate now.");
|
2012-06-17 22:32:03 +00:00
|
|
|
#if 0
|
2012-10-22 19:14:43 +00:00
|
|
|
/* Could we close the current capture and free up memory from that? */
|
|
|
|
|
return CF_READ_ABORTED;
|
2012-06-17 22:32:03 +00:00
|
|
|
#else
|
2012-10-22 19:14:43 +00:00
|
|
|
/* we have to terminate, as we cannot recover from the memory error */
|
|
|
|
|
exit(1);
|
2012-06-17 22:32:03 +00:00
|
|
|
#endif
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
}
|
2012-10-22 19:14:43 +00:00
|
|
|
ENDTRY;
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2012-06-03 23:38:11 +00:00
|
|
|
/* Update the file encapsulation; it might have changed based on the
|
|
|
|
|
packets we've read. */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->lnk_t = wtap_file_encap(cf->provider.wth);
|
2012-06-03 23:38:11 +00:00
|
|
|
|
2007-01-01 10:23:37 +00:00
|
|
|
/* Cleanup and release all dfilter resources */
|
2017-08-26 08:30:47 +00:00
|
|
|
dfilter_free(dfcode);
|
2007-01-01 10:23:37 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_cleanup(&edt);
|
|
|
|
|
|
2006-04-27 18:46:05 +00:00
|
|
|
/*g_log(NULL, G_LOG_LEVEL_MESSAGE, "cf_continue_tail: count %u state: %u err: %u",
|
2010-04-28 16:37:25 +00:00
|
|
|
cf->count, cf->state, *err);*/
|
2005-10-06 00:55:21 +00:00
|
|
|
|
2010-02-01 06:30:47 +00:00
|
|
|
/* Don't freeze/thaw the list when doing live capture */
|
2012-09-04 02:35:25 +00:00
|
|
|
/*packet_list_thaw();*/
|
2009-09-22 18:51:33 +00:00
|
|
|
/* With the new packet list the first packet
|
|
|
|
|
* isn't automatically selected.
|
|
|
|
|
*/
|
2012-08-12 22:21:02 +00:00
|
|
|
if (!cf->current_frame)
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_select_first_row();
|
2006-10-29 12:51:15 +00:00
|
|
|
|
2007-12-05 23:50:28 +00:00
|
|
|
/* moving to the end of the packet list - if the user requested so and
|
2009-09-02 17:15:20 +00:00
|
|
|
we have some new packets. */
|
2018-04-16 00:35:42 +00:00
|
|
|
if (newly_displayed_packets && cf->count != 0)
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_moveto_end();
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
|
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
2006-05-28 20:28:20 +00:00
|
|
|
/* Well, the user decided to exit Wireshark. Return CF_READ_ABORTED
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
so that our caller can kill off the capture child process;
|
|
|
|
|
this will cause an EOF on the pipe from the child, so
|
2003-09-15 22:48:42 +00:00
|
|
|
"cf_finish_tail()" will be called, and it will clean up
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
and exit. */
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_ABORTED;
|
2000-09-17 07:58:39 +00:00
|
|
|
} else if (*err != 0) {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We got an error reading the capture file.
|
2005-10-06 00:55:21 +00:00
|
|
|
XXX - pop up a dialog box instead? */
|
2014-12-18 04:03:47 +00:00
|
|
|
if (err_info != NULL) {
|
|
|
|
|
g_warning("Error \"%s\" while reading \"%s\" (\"%s\")",
|
|
|
|
|
wtap_strerror(*err), cf->filename, err_info);
|
|
|
|
|
g_free(err_info);
|
|
|
|
|
} else {
|
|
|
|
|
g_warning("Error \"%s\" while reading \"%s\"",
|
|
|
|
|
wtap_strerror(*err), cf->filename);
|
|
|
|
|
}
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_ERROR;
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
} else
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_OK;
|
1999-11-29 01:54:01 +00:00
|
|
|
}
|
|
|
|
|
|
2010-05-27 23:55:04 +00:00
|
|
|
void
|
|
|
|
|
cf_fake_continue_tail(capture_file *cf) {
|
|
|
|
|
cf->state = FILE_READ_DONE;
|
|
|
|
|
}
|
|
|
|
|
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_read_status_t
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_finish_tail(capture_file *cf, int *err)
|
1999-11-29 01:54:01 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
gchar *err_info;
|
|
|
|
|
gint64 data_offset;
|
|
|
|
|
dfilter_t *dfcode;
|
2012-10-20 12:51:34 +00:00
|
|
|
column_info *cinfo;
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_t edt;
|
2012-10-20 12:51:34 +00:00
|
|
|
gboolean create_proto_tree;
|
2012-08-12 22:21:02 +00:00
|
|
|
guint tap_flags;
|
|
|
|
|
gboolean compiled;
|
2007-01-01 10:23:37 +00:00
|
|
|
|
|
|
|
|
/* Compile the current display filter.
|
2007-12-05 23:50:28 +00:00
|
|
|
* We assume this will not fail since cf->dfilter is only set in
|
2007-01-01 10:23:37 +00:00
|
|
|
* cf_filter IFF the filter was valid.
|
|
|
|
|
*/
|
2015-01-18 10:22:19 +00:00
|
|
|
compiled = dfilter_compile(cf->dfilter, &dfcode, NULL);
|
2009-09-21 15:38:40 +00:00
|
|
|
g_assert(!cf->dfilter || (compiled && dfcode));
|
2005-04-12 00:54:52 +00:00
|
|
|
|
2009-06-05 22:42:47 +00:00
|
|
|
/* Get the union of the flags for all tap listeners. */
|
|
|
|
|
tap_flags = union_of_tap_listener_flags();
|
2017-04-12 02:53:48 +00:00
|
|
|
|
|
|
|
|
/* If any tap listeners require the columns, construct them. */
|
2012-10-20 12:51:34 +00:00
|
|
|
cinfo = (tap_flags & TL_REQUIRES_COLUMNS) ? &cf->cinfo : NULL;
|
2017-04-12 02:53:48 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Determine whether we need to create a protocol tree.
|
|
|
|
|
* We do if:
|
|
|
|
|
*
|
|
|
|
|
* we're going to apply a display filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners is going to apply a filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners requires a protocol tree;
|
|
|
|
|
*
|
2017-04-17 01:48:30 +00:00
|
|
|
* a postdissector wants field values or protocols on
|
|
|
|
|
* the first pass.
|
2017-04-12 02:53:48 +00:00
|
|
|
*/
|
2012-10-20 12:51:34 +00:00
|
|
|
create_proto_tree =
|
2017-04-12 02:53:48 +00:00
|
|
|
(dfcode != NULL || have_filtering_tap_listeners() ||
|
2017-04-17 01:48:30 +00:00
|
|
|
(tap_flags & TL_REQUIRES_PROTO_TREE) || postdissectors_want_hfids());
|
2009-06-05 22:42:47 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf->provider.wth == NULL) {
|
2005-04-12 00:54:52 +00:00
|
|
|
cf_close(cf);
|
|
|
|
|
return CF_READ_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-17 23:03:41 +00:00
|
|
|
/* Don't freeze/thaw the list when doing live capture */
|
2012-09-04 02:35:25 +00:00
|
|
|
/*packet_list_freeze();*/
|
1999-11-29 01:54:01 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&edt, cf->epan, create_proto_tree, FALSE);
|
|
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
while ((wtap_read(cf->provider.wth, err, &err_info, &data_offset))) {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
|
|
|
|
/* Well, the user decided to abort the read. Break out of the
|
|
|
|
|
loop, and let the code below (which is called even if there
|
2012-06-15 23:54:05 +00:00
|
|
|
aren't any packets left to read) exit. */
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-02-09 00:19:12 +00:00
|
|
|
read_record(cf, dfcode, &edt, cinfo, data_offset);
|
2007-01-01 10:23:37 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Cleanup and release all dfilter resources */
|
2017-08-26 08:30:47 +00:00
|
|
|
dfilter_free(dfcode);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_cleanup(&edt);
|
|
|
|
|
|
2010-02-17 23:03:41 +00:00
|
|
|
/* Don't freeze/thaw the list when doing live capture */
|
2012-09-04 02:35:25 +00:00
|
|
|
/*packet_list_thaw();*/
|
2005-10-06 00:55:21 +00:00
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
if (cf->state == FILE_READ_ABORTED) {
|
|
|
|
|
/* Well, the user decided to abort the read. We're only called
|
|
|
|
|
when the child capture process closes the pipe to us (meaning
|
|
|
|
|
it's probably exited), so we can just close the capture
|
2005-02-05 13:44:27 +00:00
|
|
|
file; we return CF_READ_ABORTED so our caller can do whatever
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
is appropriate when that happens. */
|
2003-09-15 22:48:42 +00:00
|
|
|
cf_close(cf);
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_ABORTED;
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
}
|
1999-11-29 01:54:01 +00:00
|
|
|
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We're done reading sequentially through the file. */
|
|
|
|
|
cf->state = FILE_READ_DONE;
|
|
|
|
|
|
2000-05-18 09:09:50 +00:00
|
|
|
/* We're done reading sequentially through the file; close the
|
2011-04-12 17:37:05 +00:00
|
|
|
sequential I/O side, to free up memory it requires. */
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_sequential_close(cf->provider.wth);
|
2000-05-18 09:09:50 +00:00
|
|
|
|
2002-01-05 04:12:17 +00:00
|
|
|
/* Allow the protocol dissectors to free up memory that they
|
|
|
|
|
* don't need after the sequential run-through of the packets. */
|
|
|
|
|
postseq_cleanup_all_protocols();
|
|
|
|
|
|
2012-06-03 23:38:11 +00:00
|
|
|
/* Update the file encapsulation; it might have changed based on the
|
|
|
|
|
packets we've read. */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->lnk_t = wtap_file_encap(cf->provider.wth);
|
1999-12-04 11:32:25 +00:00
|
|
|
|
2012-06-24 15:08:41 +00:00
|
|
|
/* Update the details in the file-set dialog, as the capture file
|
|
|
|
|
* has likely grown since we first stat-ed it */
|
|
|
|
|
fileset_update_file(cf->filename);
|
|
|
|
|
|
2000-09-17 07:58:39 +00:00
|
|
|
if (*err != 0) {
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
/* We got an error reading the capture file.
|
|
|
|
|
XXX - pop up a dialog box? */
|
2014-12-18 04:03:47 +00:00
|
|
|
if (err_info != NULL) {
|
|
|
|
|
g_warning("Error \"%s\" while reading \"%s\" (\"%s\")",
|
|
|
|
|
wtap_strerror(*err), cf->filename, err_info);
|
|
|
|
|
g_free(err_info);
|
|
|
|
|
} else {
|
|
|
|
|
g_warning("Error \"%s\" while reading \"%s\"",
|
|
|
|
|
wtap_strerror(*err), cf->filename);
|
|
|
|
|
}
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_ERROR;
|
2004-02-03 17:59:01 +00:00
|
|
|
} else {
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_OK;
|
2004-02-03 17:59:01 +00:00
|
|
|
}
|
1999-05-11 18:51:10 +00:00
|
|
|
}
|
1999-09-19 15:54:54 +00:00
|
|
|
#endif /* HAVE_LIBPCAP */
|
1999-05-11 18:51:10 +00:00
|
|
|
|
2012-06-03 22:03:05 +00:00
|
|
|
gchar *
|
2003-09-15 22:16:08 +00:00
|
|
|
cf_get_display_name(capture_file *cf)
|
|
|
|
|
{
|
2012-06-03 22:03:05 +00:00
|
|
|
gchar *displayname;
|
2003-09-15 22:16:08 +00:00
|
|
|
|
|
|
|
|
/* Return a name to use in displays */
|
2003-09-15 23:28:07 +00:00
|
|
|
if (!cf->is_tempfile) {
|
2003-09-15 22:16:08 +00:00
|
|
|
/* Get the last component of the file name, and use that. */
|
2012-08-12 22:21:02 +00:00
|
|
|
if (cf->filename) {
|
2012-06-03 19:31:59 +00:00
|
|
|
displayname = g_filename_display_basename(cf->filename);
|
2003-10-26 03:09:03 +00:00
|
|
|
} else {
|
2012-06-03 22:03:05 +00:00
|
|
|
displayname=g_strdup("(No file)");
|
2003-10-26 03:09:03 +00:00
|
|
|
}
|
2003-09-15 22:16:08 +00:00
|
|
|
} else {
|
2012-06-03 18:48:51 +00:00
|
|
|
/* The file we read is a temporary file from a live capture or
|
|
|
|
|
a merge operation; we don't mention its name, but, if it's
|
|
|
|
|
from a capture, give the source of the capture. */
|
2010-04-01 21:55:01 +00:00
|
|
|
if (cf->source) {
|
2012-06-03 22:03:05 +00:00
|
|
|
displayname = g_strdup(cf->source);
|
2010-04-01 21:55:01 +00:00
|
|
|
} else {
|
2012-06-03 22:03:05 +00:00
|
|
|
displayname = g_strdup("(Untitled)");
|
2010-04-01 21:55:01 +00:00
|
|
|
}
|
2003-09-15 22:16:08 +00:00
|
|
|
}
|
|
|
|
|
return displayname;
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-06 09:06:56 +00:00
|
|
|
gchar *
|
|
|
|
|
cf_get_basename(capture_file *cf)
|
|
|
|
|
{
|
|
|
|
|
gchar *displayname;
|
|
|
|
|
|
|
|
|
|
/* Return a name to use in the GUI for the basename for files to
|
|
|
|
|
which we save statistics */
|
|
|
|
|
if (!cf->is_tempfile) {
|
|
|
|
|
/* Get the last component of the file name, and use that. */
|
|
|
|
|
if (cf->filename) {
|
|
|
|
|
displayname = g_filename_display_basename(cf->filename);
|
|
|
|
|
|
|
|
|
|
/* If the file name ends with any extension that corresponds
|
|
|
|
|
to a file type we support - including compressed versions
|
|
|
|
|
of those files - strip it off. */
|
|
|
|
|
size_t displayname_len = strlen(displayname);
|
|
|
|
|
GSList *extensions = wtap_get_all_file_extensions_list();
|
|
|
|
|
GSList *suffix;
|
|
|
|
|
for (suffix = extensions; suffix != NULL; suffix = g_slist_next(suffix)) {
|
|
|
|
|
/* Does the file name end with that extension? */
|
|
|
|
|
const char *extension = (char *)suffix->data;
|
|
|
|
|
size_t extension_len = strlen(extension);
|
|
|
|
|
if (displayname_len > extension_len &&
|
|
|
|
|
displayname[displayname_len - extension_len - 1] == '.' &&
|
|
|
|
|
strcmp(&displayname[displayname_len - extension_len], extension) == 0) {
|
|
|
|
|
/* Yes. Strip the extension off, and return the result. */
|
|
|
|
|
displayname[displayname_len - extension_len - 1] = '\0';
|
2018-07-06 09:58:06 +00:00
|
|
|
break;
|
2018-07-06 09:06:56 +00:00
|
|
|
}
|
|
|
|
|
}
|
2018-07-06 09:58:06 +00:00
|
|
|
wtap_free_extensions_list(extensions);
|
2018-07-06 09:06:56 +00:00
|
|
|
} else {
|
|
|
|
|
displayname=g_strdup("");
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
/* The file we read is a temporary file from a live capture or
|
|
|
|
|
a merge operation; we don't mention its name, but, if it's
|
|
|
|
|
from a capture, give the source of the capture. */
|
|
|
|
|
if (cf->source) {
|
|
|
|
|
displayname = g_strdup(cf->source);
|
|
|
|
|
} else {
|
|
|
|
|
displayname = g_strdup("");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return displayname;
|
|
|
|
|
}
|
|
|
|
|
|
2010-04-01 21:55:01 +00:00
|
|
|
void cf_set_tempfile_source(capture_file *cf, gchar *source) {
|
|
|
|
|
if (cf->source) {
|
|
|
|
|
g_free(cf->source);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (source) {
|
|
|
|
|
cf->source = g_strdup(source);
|
|
|
|
|
} else {
|
|
|
|
|
cf->source = g_strdup("");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const gchar *cf_get_tempfile_source(capture_file *cf) {
|
|
|
|
|
if (!cf->source) {
|
|
|
|
|
return "";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return cf->source;
|
|
|
|
|
}
|
|
|
|
|
|
2005-02-04 01:29:29 +00:00
|
|
|
/* XXX - use a macro instead? */
|
|
|
|
|
int
|
2006-01-22 16:26:41 +00:00
|
|
|
cf_get_packet_count(capture_file *cf)
|
2005-02-04 01:29:29 +00:00
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
return cf->count;
|
2005-02-04 01:29:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XXX - use a macro instead? */
|
|
|
|
|
gboolean
|
|
|
|
|
cf_is_tempfile(capture_file *cf)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
return cf->is_tempfile;
|
2005-02-04 01:29:29 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-28 14:39:31 +00:00
|
|
|
void cf_set_tempfile(capture_file *cf, gboolean is_tempfile)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
cf->is_tempfile = is_tempfile;
|
2005-03-28 14:39:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2005-02-04 01:29:29 +00:00
|
|
|
/* XXX - use a macro instead? */
|
|
|
|
|
void cf_set_drops_known(capture_file *cf, gboolean drops_known)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
cf->drops_known = drops_known;
|
2005-02-04 01:29:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XXX - use a macro instead? */
|
|
|
|
|
void cf_set_drops(capture_file *cf, guint32 drops)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
cf->drops = drops;
|
2005-02-04 01:29:29 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-28 22:46:49 +00:00
|
|
|
/* XXX - use a macro instead? */
|
|
|
|
|
gboolean cf_get_drops_known(capture_file *cf)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
return cf->drops_known;
|
2005-02-28 22:46:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XXX - use a macro instead? */
|
|
|
|
|
guint32 cf_get_drops(capture_file *cf)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
return cf->drops;
|
2005-02-28 22:46:49 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-04 08:27:41 +00:00
|
|
|
void cf_set_rfcode(capture_file *cf, dfilter_t *rfcode)
|
|
|
|
|
{
|
2010-04-28 16:37:25 +00:00
|
|
|
cf->rfcode = rfcode;
|
2005-02-04 08:27:41 +00:00
|
|
|
}
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
static void
|
2000-05-18 09:09:50 +00:00
|
|
|
add_packet_to_packet_list(frame_data *fdata, capture_file *cf,
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_t *edt, dfilter_t *dfcode, column_info *cinfo,
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *rec, const guint8 *buf, gboolean add_to_packet_list)
|
1999-08-14 04:23:22 +00:00
|
|
|
{
|
2009-09-22 14:41:30 +00:00
|
|
|
frame_data_set_before_dissect(fdata, &cf->elapsed_time,
|
2017-12-08 03:31:43 +00:00
|
|
|
&cf->provider.ref, cf->provider.prev_dis);
|
|
|
|
|
cf->provider.prev_cap = fdata;
|
2009-09-21 19:30:06 +00:00
|
|
|
|
2012-11-03 20:51:19 +00:00
|
|
|
if (dfcode != NULL) {
|
2017-04-12 04:56:14 +00:00
|
|
|
epan_dissect_prime_with_dfilter(edt, dfcode);
|
2012-11-03 20:51:19 +00:00
|
|
|
}
|
2016-01-10 17:07:24 +00:00
|
|
|
#if 0
|
|
|
|
|
/* Prepare coloring rules, this ensures that display filter rules containing
|
|
|
|
|
* frame.color_rule references are still processed.
|
|
|
|
|
* TODO: actually detect that situation or maybe apply other optimizations? */
|
|
|
|
|
if (edt->tree && color_filters_used()) {
|
|
|
|
|
color_filters_prime_edt(edt);
|
|
|
|
|
fdata->flags.need_colorize = 1;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2012-11-03 20:51:19 +00:00
|
|
|
|
2017-04-17 02:32:33 +00:00
|
|
|
if (!fdata->flags.visited) {
|
2017-04-12 20:52:07 +00:00
|
|
|
/* This is the first pass, so prime the epan_dissect_t with the
|
2017-04-17 01:48:30 +00:00
|
|
|
hfids postdissectors want on the first pass. */
|
|
|
|
|
prime_epan_dissect_with_postdissector_wanted_hfids(edt);
|
2017-04-12 20:52:07 +00:00
|
|
|
}
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
/* Dissect the frame. */
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run_with_taps(edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, buf),
|
|
|
|
|
fdata, cinfo);
|
2009-09-21 12:14:11 +00:00
|
|
|
|
2012-10-20 12:51:05 +00:00
|
|
|
/* If we don't have a display filter, set "passed_dfilter" to 1. */
|
2009-09-21 12:14:11 +00:00
|
|
|
if (dfcode != NULL) {
|
2013-10-20 13:22:48 +00:00
|
|
|
fdata->flags.passed_dfilter = dfilter_apply_edt(dfcode, edt) ? 1 : 0;
|
2012-02-28 03:19:49 +00:00
|
|
|
|
2012-10-20 12:51:05 +00:00
|
|
|
if (fdata->flags.passed_dfilter) {
|
|
|
|
|
/* This frame passed the display filter but it may depend on other
|
|
|
|
|
* (potentially not displayed) frames. Find those frames and mark them
|
|
|
|
|
* as depended upon.
|
|
|
|
|
*/
|
2017-12-08 03:31:43 +00:00
|
|
|
g_slist_foreach(edt->pi.dependent_frames, find_and_mark_frame_depended_upon, cf->provider.frames);
|
2009-09-21 12:14:11 +00:00
|
|
|
}
|
2012-05-22 01:59:34 +00:00
|
|
|
} else
|
2009-09-21 12:14:11 +00:00
|
|
|
fdata->flags.passed_dfilter = 1;
|
|
|
|
|
|
2012-08-12 22:21:02 +00:00
|
|
|
if (fdata->flags.passed_dfilter || fdata->flags.ref_time)
|
2010-06-26 21:03:01 +00:00
|
|
|
cf->displayed_count++;
|
|
|
|
|
|
2009-09-21 12:14:11 +00:00
|
|
|
if (add_to_packet_list) {
|
|
|
|
|
/* We fill the needed columns from new_packet_list */
|
2018-02-09 00:19:12 +00:00
|
|
|
packet_list_append(cinfo, fdata);
|
2009-09-21 12:14:11 +00:00
|
|
|
}
|
|
|
|
|
|
2012-08-12 22:21:02 +00:00
|
|
|
if (fdata->flags.passed_dfilter || fdata->flags.ref_time)
|
2009-09-21 12:14:11 +00:00
|
|
|
{
|
2013-08-14 04:14:36 +00:00
|
|
|
frame_data_set_after_dissect(fdata, &cf->cum_bytes);
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.prev_dis = fdata;
|
2009-09-21 20:17:59 +00:00
|
|
|
|
2016-12-12 22:03:25 +00:00
|
|
|
/* If we haven't yet seen the first frame, this is it. */
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
if (cf->first_displayed == 0)
|
|
|
|
|
cf->first_displayed = fdata->num;
|
2009-09-21 12:14:11 +00:00
|
|
|
|
|
|
|
|
/* This is the last frame we've seen so far. */
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
cf->last_displayed = fdata->num;
|
2009-09-21 12:14:11 +00:00
|
|
|
}
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(edt);
|
2009-09-21 12:14:11 +00:00
|
|
|
}
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
/*
|
|
|
|
|
* Read in a new record.
|
|
|
|
|
* Returns TRUE if the packet was added to the packet (record) list,
|
|
|
|
|
* FALSE otherwise.
|
|
|
|
|
*/
|
|
|
|
|
static gboolean
|
|
|
|
|
read_record(capture_file *cf, dfilter_t *dfcode, epan_dissect_t *edt,
|
2013-10-20 13:22:48 +00:00
|
|
|
column_info *cinfo, gint64 offset)
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
{
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *rec = wtap_get_rec(cf->provider.wth);
|
|
|
|
|
const guint8 *buf = wtap_get_buf_ptr(cf->provider.wth);
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
frame_data fdlocal;
|
1999-06-19 01:14:51 +00:00
|
|
|
frame_data *fdata;
|
2017-05-01 16:35:04 +00:00
|
|
|
gboolean passed = TRUE;
|
2018-02-09 00:19:12 +00:00
|
|
|
gboolean added = FALSE;
|
1999-09-23 04:39:01 +00:00
|
|
|
|
2012-06-15 23:54:05 +00:00
|
|
|
/* Add this packet's link-layer encapsulation type to cf->linktypes, if
|
|
|
|
|
it's not already there.
|
2012-07-19 21:49:52 +00:00
|
|
|
XXX - yes, this is O(N), so if every packet had a different
|
2012-06-15 23:54:05 +00:00
|
|
|
link-layer encapsulation type, it'd be O(N^2) to read the file, but
|
|
|
|
|
there are probably going to be a small number of encapsulation types
|
|
|
|
|
in a file. */
|
2018-02-09 00:19:12 +00:00
|
|
|
if (rec->rec_type == REC_TYPE_PACKET) {
|
|
|
|
|
cf_add_encapsulation_type(cf, rec->rec_header.packet_header.pkt_encap);
|
|
|
|
|
}
|
2009-09-22 14:41:30 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
/* The frame number of this packet, if we add it to the set of frames,
|
|
|
|
|
would be one more than the count of frames in the file so far. */
|
|
|
|
|
frame_data_init(&fdlocal, cf->count + 1, rec, offset, cf->cum_bytes);
|
2007-04-03 21:17:13 +00:00
|
|
|
|
1999-08-15 19:18:46 +00:00
|
|
|
if (cf->rfcode) {
|
2013-10-20 17:53:55 +00:00
|
|
|
epan_dissect_t rf_edt;
|
2013-10-20 13:22:48 +00:00
|
|
|
|
2013-10-20 17:53:55 +00:00
|
|
|
epan_dissect_init(&rf_edt, cf->epan, TRUE, FALSE);
|
2017-04-12 04:56:14 +00:00
|
|
|
epan_dissect_prime_with_dfilter(&rf_edt, cf->rfcode);
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&rf_edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, &fdlocal, buf),
|
|
|
|
|
&fdlocal, NULL);
|
2013-10-20 17:53:55 +00:00
|
|
|
passed = dfilter_apply_edt(cf->rfcode, &rf_edt);
|
|
|
|
|
epan_dissect_cleanup(&rf_edt);
|
2002-08-28 21:04:11 +00:00
|
|
|
}
|
2009-09-21 04:29:25 +00:00
|
|
|
|
1999-08-08 01:29:24 +00:00
|
|
|
if (passed) {
|
2018-02-09 00:19:12 +00:00
|
|
|
added = TRUE;
|
|
|
|
|
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
/* This does a shallow copy of fdlocal, which is good enough. */
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_add(cf->provider.frames, &fdlocal);
|
2009-09-22 16:39:48 +00:00
|
|
|
|
2011-04-27 02:54:44 +00:00
|
|
|
cf->count++;
|
2018-02-09 00:19:12 +00:00
|
|
|
if (rec->opt_comment != NULL)
|
2012-06-20 01:11:01 +00:00
|
|
|
cf->packet_comment_count++;
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
cf->f_datalen = offset + fdlocal.cap_len;
|
2009-09-21 15:23:33 +00:00
|
|
|
|
2018-06-28 00:28:06 +00:00
|
|
|
/* When a redissection is in progress (or queued), do not process packets.
|
|
|
|
|
* This will be done once all (new) packets have been scanned. */
|
|
|
|
|
if (!cf->redissecting && cf->redissection_queued == RESCAN_NONE) {
|
2018-02-09 00:19:12 +00:00
|
|
|
add_packet_to_packet_list(fdata, cf, edt, dfcode,
|
|
|
|
|
cinfo, rec, buf, TRUE);
|
2008-09-30 15:45:20 +00:00
|
|
|
}
|
2000-04-03 08:42:45 +00:00
|
|
|
}
|
2006-11-05 13:47:17 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
return added;
|
1999-07-11 08:40:52 +00:00
|
|
|
}
|
|
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
|
|
|
|
|
typedef struct _callback_data_t {
|
2017-01-21 00:05:56 +00:00
|
|
|
gpointer pd_window;
|
2015-08-16 16:37:11 +00:00
|
|
|
gint64 f_len;
|
|
|
|
|
GTimeVal start_time;
|
|
|
|
|
progdlg_t *progbar;
|
2016-07-15 18:09:01 +00:00
|
|
|
GTimer *prog_timer;
|
2015-08-16 16:37:11 +00:00
|
|
|
gboolean stop_flag;
|
|
|
|
|
} callback_data_t;
|
2012-08-12 22:21:02 +00:00
|
|
|
|
|
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
static gboolean
|
|
|
|
|
merge_callback(merge_event event, int num _U_,
|
|
|
|
|
const merge_in_file_t in_files[], const guint in_file_count,
|
|
|
|
|
void *data)
|
|
|
|
|
{
|
|
|
|
|
guint i;
|
|
|
|
|
callback_data_t *cb_data = (callback_data_t*) data;
|
2012-08-12 22:21:02 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
g_assert(cb_data != NULL);
|
2012-08-12 22:21:02 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
switch (event) {
|
2004-10-27 23:28:37 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
case MERGE_EVENT_INPUT_FILES_OPENED:
|
|
|
|
|
/* do nothing */
|
|
|
|
|
break;
|
2004-10-29 00:36:52 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
case MERGE_EVENT_FRAME_TYPE_SELECTED:
|
|
|
|
|
/* do nothing */
|
|
|
|
|
break;
|
2004-10-29 00:36:52 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
case MERGE_EVENT_READY_TO_MERGE:
|
|
|
|
|
/* Get the sum of the sizes of all the files. */
|
|
|
|
|
for (i = 0; i < in_file_count; i++)
|
|
|
|
|
cb_data->f_len += in_files[i].size;
|
2004-10-29 00:36:52 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
cb_data->prog_timer = g_timer_new();
|
|
|
|
|
g_timer_start(cb_data->prog_timer);
|
2011-11-21 06:26:03 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
g_get_current_time(&cb_data->start_time);
|
2004-10-29 00:36:52 +00:00
|
|
|
break;
|
2004-10-27 23:28:37 +00:00
|
|
|
|
2018-02-05 20:55:00 +00:00
|
|
|
case MERGE_EVENT_RECORD_WAS_READ:
|
2015-08-16 16:37:11 +00:00
|
|
|
{
|
|
|
|
|
/* Create the progress bar if necessary.
|
|
|
|
|
We check on every iteration of the loop, so that it takes no
|
|
|
|
|
longer than the standard time to create it (otherwise, for a
|
|
|
|
|
large file, we might take considerably longer than that standard
|
|
|
|
|
time in order to get to the next progress bar step). */
|
|
|
|
|
if (cb_data->progbar == NULL) {
|
2017-01-21 00:05:56 +00:00
|
|
|
cb_data->progbar = delayed_create_progress_dlg(cb_data->pd_window, "Merging", "files",
|
2015-08-16 16:37:11 +00:00
|
|
|
FALSE, &cb_data->stop_flag, &cb_data->start_time, 0.0f);
|
2004-10-29 00:36:52 +00:00
|
|
|
}
|
|
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/*
|
|
|
|
|
* Update the progress bar, but do it only after
|
|
|
|
|
* PROGBAR_UPDATE_INTERVAL has elapsed. Calling update_progress_dlg
|
|
|
|
|
* and packets_bar_update will likely trigger UI paint events, which
|
|
|
|
|
* might take a while depending on the platform and display. Reset
|
|
|
|
|
* our timer *after* painting.
|
|
|
|
|
*/
|
|
|
|
|
if (g_timer_elapsed(cb_data->prog_timer, NULL) > PROGBAR_UPDATE_INTERVAL) {
|
2015-08-16 16:37:11 +00:00
|
|
|
float progbar_val;
|
|
|
|
|
gint64 file_pos = 0;
|
|
|
|
|
/* Get the sum of the seek positions in all of the files. */
|
|
|
|
|
for (i = 0; i < in_file_count; i++)
|
|
|
|
|
file_pos += wtap_read_so_far(in_files[i].wth);
|
|
|
|
|
|
|
|
|
|
progbar_val = (gfloat) file_pos / (gfloat) cb_data->f_len;
|
|
|
|
|
if (progbar_val > 1.0f) {
|
|
|
|
|
/* Some file probably grew while we were reading it.
|
|
|
|
|
That "shouldn't happen", so we'll just clip the progress
|
|
|
|
|
value at 1.0. */
|
|
|
|
|
progbar_val = 1.0f;
|
|
|
|
|
}
|
2005-11-12 11:05:02 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
if (cb_data->progbar != NULL) {
|
|
|
|
|
gchar status_str[100];
|
|
|
|
|
g_snprintf(status_str, sizeof(status_str),
|
|
|
|
|
"%" G_GINT64_MODIFIER "dKB of %" G_GINT64_MODIFIER "dKB",
|
|
|
|
|
file_pos / 1024, cb_data->f_len / 1024);
|
|
|
|
|
update_progress_dlg(cb_data->progbar, progbar_val, status_str);
|
|
|
|
|
}
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_start(cb_data->prog_timer);
|
2015-08-16 16:37:11 +00:00
|
|
|
}
|
2015-05-04 21:13:04 +00:00
|
|
|
}
|
2004-10-29 00:36:52 +00:00
|
|
|
break;
|
2015-08-16 16:37:11 +00:00
|
|
|
|
|
|
|
|
case MERGE_EVENT_DONE:
|
|
|
|
|
/* We're done merging the files; destroy the progress bar if it was created. */
|
|
|
|
|
if (cb_data->progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(cb_data->progbar);
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_destroy(cb_data->prog_timer);
|
2015-08-16 16:37:11 +00:00
|
|
|
break;
|
2004-10-29 00:36:52 +00:00
|
|
|
}
|
2004-10-28 01:52:05 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
return cb_data->stop_flag;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
cf_status_t
|
2017-01-21 00:05:56 +00:00
|
|
|
cf_merge_files_to_tempfile(gpointer pd_window, char **out_filenamep,
|
|
|
|
|
int in_file_count, char *const *in_filenames,
|
|
|
|
|
int file_type, gboolean do_append)
|
2015-08-16 16:37:11 +00:00
|
|
|
{
|
|
|
|
|
int err = 0;
|
|
|
|
|
gchar *err_info = NULL;
|
2016-02-11 01:48:46 +00:00
|
|
|
guint err_fileno;
|
2017-04-20 20:25:21 +00:00
|
|
|
guint32 err_framenum;
|
2015-08-16 16:37:11 +00:00
|
|
|
merge_result status;
|
|
|
|
|
merge_progress_callback_t cb;
|
2017-01-21 00:05:56 +00:00
|
|
|
callback_data_t *cb_data = g_new0(callback_data_t, 1);
|
2004-10-28 01:52:05 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
/* prepare our callback routine */
|
2017-01-21 00:05:56 +00:00
|
|
|
cb_data->pd_window = pd_window;
|
2015-08-16 16:37:11 +00:00
|
|
|
cb.callback_func = merge_callback;
|
2017-01-21 00:05:56 +00:00
|
|
|
cb.data = cb_data;
|
|
|
|
|
|
|
|
|
|
cf_callback_invoke(cf_cb_file_merge_started, NULL);
|
When reporting "sorry, *this* packet can't be written to a file of that
type" when writing out a capture file (i.e., writing a
per-packet-encapsulation capture to a file type that supports it but
doesn't support one of the packet's encapsulations), report the packet
number and, when doing this in a merge operation, report the file from
which it came.
When reporting "sorry, that file can't be written to a file of that
type, period", show the file type rather than the input file link-layer
type that causes the problem. (We could show both. We could be
*really* ambitious and iterate through all possible file types and show
the ones that will or at least might work....)
file_write_error_message() is documented as handling only UNIX-style
errnos, and libwireshark should be usable without libwiretap, so leave
it up to its callers to handle Wiretap errors such as
WTAP_ERR_SHORT_WRITE.
Clean up indentation.
svn path=/trunk/; revision=39949
2011-11-19 20:18:01 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
/* merge the files */
|
2016-12-04 01:57:34 +00:00
|
|
|
status = merge_files_to_tempfile(out_filenamep, "wireshark", file_type,
|
|
|
|
|
(const char *const *) in_filenames,
|
|
|
|
|
in_file_count, do_append,
|
|
|
|
|
IDB_MERGE_MODE_ALL_SAME, 0 /* snaplen */,
|
|
|
|
|
"Wireshark", &cb, &err, &err_info,
|
2017-04-20 20:25:21 +00:00
|
|
|
&err_fileno, &err_framenum);
|
2014-01-22 00:26:36 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
g_free(cb.data);
|
2014-12-18 00:02:50 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
switch (status) {
|
|
|
|
|
case MERGE_OK:
|
|
|
|
|
break;
|
2014-12-18 00:02:50 +00:00
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
case MERGE_USER_ABORTED:
|
|
|
|
|
/* this isn't really an error, though we will return CF_ERROR later */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case MERGE_ERR_CANT_OPEN_INFILE:
|
2017-04-20 18:23:51 +00:00
|
|
|
cfile_open_failure_alert_box(in_filenames[err_fileno], err, err_info);
|
2015-08-16 16:37:11 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case MERGE_ERR_CANT_OPEN_OUTFILE:
|
2017-04-20 18:23:51 +00:00
|
|
|
cfile_dump_open_failure_alert_box(*out_filenamep, err, file_type);
|
2015-08-16 16:37:11 +00:00
|
|
|
break;
|
|
|
|
|
|
2017-04-20 20:25:21 +00:00
|
|
|
case MERGE_ERR_CANT_READ_INFILE:
|
|
|
|
|
cfile_read_failure_alert_box(in_filenames[err_fileno], err, err_info);
|
|
|
|
|
break;
|
|
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
case MERGE_ERR_BAD_PHDR_INTERFACE_ID:
|
2017-04-20 20:25:21 +00:00
|
|
|
simple_error_message_box("Record %u of \"%s\" has an interface ID that does not match any IDB in its file.",
|
|
|
|
|
err_framenum, in_filenames[err_fileno]);
|
|
|
|
|
break;
|
|
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
case MERGE_ERR_CANT_WRITE_OUTFILE:
|
2017-04-20 20:25:21 +00:00
|
|
|
cfile_write_failure_alert_box(in_filenames[err_fileno],
|
|
|
|
|
*out_filenamep, err, err_info,
|
|
|
|
|
err_framenum, file_type);
|
|
|
|
|
break;
|
|
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
case MERGE_ERR_CANT_CLOSE_OUTFILE:
|
2017-04-20 20:25:21 +00:00
|
|
|
cfile_close_failure_alert_box(*out_filenamep, err);
|
|
|
|
|
break;
|
|
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
default:
|
2017-04-20 20:25:21 +00:00
|
|
|
simple_error_message_box("Unknown merge_files error %d", status);
|
2015-08-16 16:37:11 +00:00
|
|
|
break;
|
2004-10-28 01:52:05 +00:00
|
|
|
}
|
2004-10-29 00:36:52 +00:00
|
|
|
|
2017-01-21 00:05:56 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_merge_finished, NULL);
|
|
|
|
|
|
2015-08-16 16:37:11 +00:00
|
|
|
if (status != MERGE_OK) {
|
2005-11-12 11:05:02 +00:00
|
|
|
/* Callers aren't expected to treat an error or an explicit abort
|
|
|
|
|
differently - we put up error dialogs ourselves, so they don't
|
|
|
|
|
have to. */
|
|
|
|
|
return CF_ERROR;
|
|
|
|
|
} else
|
2008-05-30 07:15:05 +00:00
|
|
|
return CF_OK;
|
2004-10-27 23:28:37 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-05 12:50:47 +00:00
|
|
|
cf_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_filter_packets(capture_file *cf, gchar *dftext, gboolean force)
|
1999-07-11 08:40:52 +00:00
|
|
|
{
|
2005-08-06 14:03:14 +00:00
|
|
|
const char *filter_new = dftext ? dftext : "";
|
|
|
|
|
const char *filter_old = cf->dfilter ? cf->dfilter : "";
|
2012-08-12 22:21:02 +00:00
|
|
|
dfilter_t *dfcode;
|
2015-01-18 10:22:19 +00:00
|
|
|
gchar *err_msg;
|
2012-08-12 22:21:02 +00:00
|
|
|
GTimeVal start_time;
|
2004-01-26 06:43:00 +00:00
|
|
|
|
2004-02-23 22:48:52 +00:00
|
|
|
/* if new filter equals old one, do nothing unless told to do so */
|
|
|
|
|
if (!force && strcmp(filter_new, filter_old) == 0) {
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_OK;
|
2004-01-26 06:43:00 +00:00
|
|
|
}
|
1999-08-05 16:46:04 +00:00
|
|
|
|
2007-01-01 10:23:37 +00:00
|
|
|
dfcode=NULL;
|
|
|
|
|
|
1999-10-11 06:39:26 +00:00
|
|
|
if (dftext == NULL) {
|
2007-01-01 10:23:37 +00:00
|
|
|
/* The new filter is an empty filter (i.e., display all packets).
|
|
|
|
|
* so leave dfcode==NULL
|
|
|
|
|
*/
|
1999-10-11 06:39:26 +00:00
|
|
|
} else {
|
1999-07-11 08:40:52 +00:00
|
|
|
/*
|
Clean up the handling of filter strings:
have "filter_packets()" make a copy of the filter string handed
to it, as it may save the filter string in the "capture_file"
structure, and the caller of "filter_packets()" shouldn't have
to worry about the string it passed to "filter_packets()" being
stashed away somewhere so that it can't just free that string or
change it;
have callers of "filter_packets()" free up the string they
handed to it, if the string was allocated and they're done with
it;
plug some memory leaks in "match_selected_cb_do()".
Check for an illegal "action" argument being passed to
"match_selected_cb_do()".
Move some keys out of "keys.h" into "gtk/main.c", as they're only used
in "gtk/main.c".
Make the pointer to the filter list a data item for the combo box, as
it's a copy of the list of strings for the combo box, rather than
attaching it to the widgets that activate the filter (a pointer to the
combo box *itself* is a data item for those widgets).
In "filter_activate_cb()", make a copy of the text from the text entry
field as soon as we fetch it, and use that copy. Free that copy if
we didn't add the filter to the filter list.
Don't make a copy of the entire filter list and use that to set the
combo box's list of items - just use the list itself. Also, when the
list is changed, make the new value the data for the combo box (the list
pointer will actually not be changed, because we happen to be using
"g_list_append()", but let's not rely on that).
svn path=/trunk/; revision=5368
2002-05-03 03:24:47 +00:00
|
|
|
* We have a filter; make a copy of it (as we'll be saving it),
|
|
|
|
|
* and try to compile it.
|
1999-07-11 08:40:52 +00:00
|
|
|
*/
|
Clean up the handling of filter strings:
have "filter_packets()" make a copy of the filter string handed
to it, as it may save the filter string in the "capture_file"
structure, and the caller of "filter_packets()" shouldn't have
to worry about the string it passed to "filter_packets()" being
stashed away somewhere so that it can't just free that string or
change it;
have callers of "filter_packets()" free up the string they
handed to it, if the string was allocated and they're done with
it;
plug some memory leaks in "match_selected_cb_do()".
Check for an illegal "action" argument being passed to
"match_selected_cb_do()".
Move some keys out of "keys.h" into "gtk/main.c", as they're only used
in "gtk/main.c".
Make the pointer to the filter list a data item for the combo box, as
it's a copy of the list of strings for the combo box, rather than
attaching it to the widgets that activate the filter (a pointer to the
combo box *itself* is a data item for those widgets).
In "filter_activate_cb()", make a copy of the text from the text entry
field as soon as we fetch it, and use that copy. Free that copy if
we didn't add the filter to the filter list.
Don't make a copy of the entire filter list and use that to set the
combo box's list of items - just use the list itself. Also, when the
list is changed, make the new value the data for the combo box (the list
pointer will actually not be changed, because we happen to be using
"g_list_append()", but let's not rely on that).
svn path=/trunk/; revision=5368
2002-05-03 03:24:47 +00:00
|
|
|
dftext = g_strdup(dftext);
|
2015-01-18 10:22:19 +00:00
|
|
|
if (!dfilter_compile(dftext, &dfcode, &err_msg)) {
|
1999-10-12 05:01:07 +00:00
|
|
|
/* The attempt failed; report an error. */
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_message_box(ESD_TYPE_ERROR, NULL,
|
2004-02-11 00:55:28 +00:00
|
|
|
"See the help for a description of the display filter syntax.",
|
2012-06-17 22:32:03 +00:00
|
|
|
"\"%s\" isn't a valid display filter: %s",
|
2015-01-18 10:22:19 +00:00
|
|
|
dftext, err_msg);
|
|
|
|
|
g_free(err_msg);
|
2004-01-26 06:43:00 +00:00
|
|
|
g_free(dftext);
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_ERROR;
|
1999-07-11 08:40:52 +00:00
|
|
|
}
|
1999-10-11 06:39:26 +00:00
|
|
|
|
|
|
|
|
/* Was it empty? */
|
1999-10-12 05:01:07 +00:00
|
|
|
if (dfcode == NULL) {
|
|
|
|
|
/* Yes - free the filter text, and set it to null. */
|
1999-10-11 06:39:26 +00:00
|
|
|
g_free(dftext);
|
|
|
|
|
dftext = NULL;
|
|
|
|
|
}
|
1999-07-07 22:52:57 +00:00
|
|
|
}
|
1999-06-22 03:39:07 +00:00
|
|
|
|
1999-10-11 06:39:26 +00:00
|
|
|
/* We have a valid filter. Replace the current filter. */
|
2009-03-15 18:08:46 +00:00
|
|
|
g_free(cf->dfilter);
|
1999-10-11 06:39:26 +00:00
|
|
|
cf->dfilter = dftext;
|
2010-03-15 06:28:01 +00:00
|
|
|
g_get_current_time(&start_time);
|
|
|
|
|
|
1999-10-11 06:39:26 +00:00
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
/* Now rescan the packet list, applying the new filter, but not
|
2018-06-28 00:28:06 +00:00
|
|
|
* throwing away information constructed on a previous pass.
|
|
|
|
|
* If a dissection is already in progress, queue it.
|
|
|
|
|
*/
|
|
|
|
|
if (cf->redissection_queued == RESCAN_NONE) {
|
2018-06-30 05:38:10 +00:00
|
|
|
if (cf->read_lock) {
|
2018-06-28 00:28:06 +00:00
|
|
|
cf->redissection_queued = RESCAN_SCAN;
|
|
|
|
|
} else if (cf->state != FILE_CLOSED) {
|
|
|
|
|
if (dftext == NULL) {
|
|
|
|
|
rescan_packets(cf, "Resetting", "Filter", FALSE);
|
|
|
|
|
} else {
|
|
|
|
|
rescan_packets(cf, "Filtering", dftext, FALSE);
|
|
|
|
|
}
|
2015-09-29 21:27:01 +00:00
|
|
|
}
|
2002-08-28 10:07:37 +00:00
|
|
|
}
|
2007-01-01 10:23:37 +00:00
|
|
|
|
|
|
|
|
/* Cleanup and release all dfilter resources */
|
2009-09-22 16:49:26 +00:00
|
|
|
dfilter_free(dfcode);
|
|
|
|
|
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_OK;
|
1999-10-11 06:39:26 +00:00
|
|
|
}
|
|
|
|
|
|
2003-09-12 02:48:23 +00:00
|
|
|
void
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_reftime_packets(capture_file *cf)
|
2003-09-12 02:48:23 +00:00
|
|
|
{
|
2009-07-28 16:20:05 +00:00
|
|
|
ref_time_packets(cf);
|
2003-09-12 02:48:23 +00:00
|
|
|
}
|
|
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
void
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_redissect_packets(capture_file *cf)
|
2000-07-09 03:29:42 +00:00
|
|
|
{
|
2018-06-30 05:38:10 +00:00
|
|
|
if (cf->read_lock || cf->redissection_queued == RESCAN_SCAN) {
|
2018-06-28 00:28:06 +00:00
|
|
|
/* Dissection in progress, signal redissection rather than rescanning. That
|
|
|
|
|
* would destroy the current (in-progress) dissection in "cf_read" which
|
|
|
|
|
* will cause issues when "cf_read" tries to add packets to the list.
|
|
|
|
|
* If a previous rescan was requested, "upgrade" it to a full redissection.
|
|
|
|
|
*/
|
|
|
|
|
cf->redissection_queued = RESCAN_REDISSECT;
|
|
|
|
|
}
|
|
|
|
|
if (cf->redissection_queued != RESCAN_NONE) {
|
|
|
|
|
/* Redissection is (already) queued, wait for "cf_read" to finish. */
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2013-08-13 02:18:04 +00:00
|
|
|
if (cf->state != FILE_CLOSED) {
|
2018-06-28 00:28:06 +00:00
|
|
|
/* Restart dissection in case no cf_read is pending. */
|
2013-08-13 02:18:04 +00:00
|
|
|
rescan_packets(cf, "Reprocessing", "all packets", TRUE);
|
|
|
|
|
}
|
2000-07-09 03:29:42 +00:00
|
|
|
}
|
|
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
gboolean
|
2014-05-24 18:28:30 +00:00
|
|
|
cf_read_record_r(capture_file *cf, const frame_data *fdata,
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *rec, Buffer *buf)
|
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
2010-05-26 19:11:23 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
int err;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
gchar *err_info;
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
if (!wtap_seek_read(cf->provider.wth, fdata->file_off, rec, buf, &err, &err_info)) {
|
2017-04-19 21:43:11 +00:00
|
|
|
cfile_read_failure_alert_box(cf->filename, err, err_info);
|
2014-05-23 10:50:02 +00:00
|
|
|
return FALSE;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
}
|
2014-05-23 10:50:02 +00:00
|
|
|
return TRUE;
|
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
2010-05-26 19:11:23 +00:00
|
|
|
}
|
|
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
gboolean
|
2014-05-24 18:28:30 +00:00
|
|
|
cf_read_record(capture_file *cf, frame_data *fdata)
|
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
2010-05-26 19:11:23 +00:00
|
|
|
{
|
2018-02-09 00:19:12 +00:00
|
|
|
return cf_read_record_r(cf, fdata, &cf->rec, &cf->buf);
|
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
2010-05-26 19:11:23 +00:00
|
|
|
}
|
|
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
/* Rescan the list of packets, reconstructing the CList.
|
|
|
|
|
|
|
|
|
|
"action" describes why we're doing this; it's used in the progress
|
|
|
|
|
dialog box.
|
|
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
"action_item" describes what we're doing; it's used in the progress
|
|
|
|
|
dialog box.
|
|
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
"redissect" is TRUE if we need to make the dissectors reconstruct
|
|
|
|
|
any state information they have (because a preference that affects
|
|
|
|
|
some dissector has changed, meaning some dissector might construct
|
|
|
|
|
its state differently from the way it was constructed the last time). */
|
2000-07-09 03:29:42 +00:00
|
|
|
static void
|
2012-10-20 12:51:05 +00:00
|
|
|
rescan_packets(capture_file *cf, const char *action, const char *action_item, gboolean redissect)
|
1999-10-11 06:39:26 +00:00
|
|
|
{
|
2011-04-25 05:33:07 +00:00
|
|
|
/* Rescan packets new packet list */
|
|
|
|
|
guint32 framenum;
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
2002-07-30 10:13:16 +00:00
|
|
|
progdlg_t *progbar = NULL;
|
2016-07-15 18:09:01 +00:00
|
|
|
GTimer *prog_timer = g_timer_new();
|
2002-08-28 10:07:37 +00:00
|
|
|
int count;
|
2003-09-25 08:20:01 +00:00
|
|
|
frame_data *selected_frame, *preceding_frame, *following_frame, *prev_frame;
|
2009-09-21 17:32:35 +00:00
|
|
|
int selected_frame_num, preceding_frame_num, following_frame_num, prev_frame_num;
|
2003-09-25 08:20:01 +00:00
|
|
|
gboolean selected_frame_seen;
|
2005-10-27 20:18:50 +00:00
|
|
|
float progbar_val;
|
2002-07-30 10:13:16 +00:00
|
|
|
GTimeVal start_time;
|
2002-08-28 10:07:37 +00:00
|
|
|
gchar status_str[100];
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_t edt;
|
2012-08-12 22:21:02 +00:00
|
|
|
dfilter_t *dfcode;
|
2012-10-20 12:51:34 +00:00
|
|
|
column_info *cinfo;
|
|
|
|
|
gboolean create_proto_tree;
|
2009-06-05 22:42:47 +00:00
|
|
|
guint tap_flags;
|
2009-09-21 17:32:35 +00:00
|
|
|
gboolean add_to_packet_list = FALSE;
|
2012-08-12 22:21:02 +00:00
|
|
|
gboolean compiled;
|
2012-09-28 10:08:17 +00:00
|
|
|
guint32 frames_count;
|
2018-06-28 00:28:06 +00:00
|
|
|
gboolean queued_rescan_type = RESCAN_NONE;
|
|
|
|
|
|
|
|
|
|
/* Rescan in progress, clear pending actions. */
|
|
|
|
|
cf->redissection_queued = RESCAN_NONE;
|
2018-06-30 05:38:10 +00:00
|
|
|
g_assert(!cf->read_lock);
|
|
|
|
|
cf->read_lock = TRUE;
|
2007-01-01 10:23:37 +00:00
|
|
|
|
|
|
|
|
/* Compile the current display filter.
|
2007-12-05 23:50:28 +00:00
|
|
|
* We assume this will not fail since cf->dfilter is only set in
|
2007-01-01 10:23:37 +00:00
|
|
|
* cf_filter IFF the filter was valid.
|
|
|
|
|
*/
|
2015-01-18 10:22:19 +00:00
|
|
|
compiled = dfilter_compile(cf->dfilter, &dfcode, NULL);
|
2009-09-21 15:38:40 +00:00
|
|
|
g_assert(!cf->dfilter || (compiled && dfcode));
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
|
2009-06-05 22:42:47 +00:00
|
|
|
/* Get the union of the flags for all tap listeners. */
|
|
|
|
|
tap_flags = union_of_tap_listener_flags();
|
2017-04-12 02:53:48 +00:00
|
|
|
|
|
|
|
|
/* If any tap listeners require the columns, construct them. */
|
2012-10-20 12:51:34 +00:00
|
|
|
cinfo = (tap_flags & TL_REQUIRES_COLUMNS) ? &cf->cinfo : NULL;
|
2017-04-12 02:53:48 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Determine whether we need to create a protocol tree.
|
|
|
|
|
* We do if:
|
|
|
|
|
*
|
|
|
|
|
* we're going to apply a display filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners is going to apply a filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners requires a protocol tree;
|
|
|
|
|
*
|
|
|
|
|
* we're redissecting and a postdissector wants field
|
2017-04-17 01:48:30 +00:00
|
|
|
* values or protocols on the first pass.
|
2017-04-12 02:53:48 +00:00
|
|
|
*/
|
2012-10-20 12:51:34 +00:00
|
|
|
create_proto_tree =
|
2017-04-12 02:53:48 +00:00
|
|
|
(dfcode != NULL || have_filtering_tap_listeners() ||
|
|
|
|
|
(tap_flags & TL_REQUIRES_PROTO_TREE) ||
|
2017-04-17 01:48:30 +00:00
|
|
|
(redissect && postdissectors_want_hfids()));
|
2009-06-05 22:42:47 +00:00
|
|
|
|
2002-09-04 22:15:39 +00:00
|
|
|
reset_tap_listeners();
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Which frame, if any, is the currently selected frame?
|
|
|
|
|
XXX - should the selected frame or the focus frame be the "current"
|
|
|
|
|
frame, that frame being the one from which "Find Frame" searches
|
|
|
|
|
start? */
|
|
|
|
|
selected_frame = cf->current_frame;
|
|
|
|
|
|
2010-08-27 15:01:28 +00:00
|
|
|
/* Mark frame num as not found */
|
2009-09-21 17:32:35 +00:00
|
|
|
selected_frame_num = -1;
|
1999-10-11 06:39:26 +00:00
|
|
|
|
2009-07-29 21:32:49 +00:00
|
|
|
/* Freeze the packet list while we redo it, so we don't get any
|
|
|
|
|
screen updates while it happens. */
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_freeze();
|
2009-07-29 21:32:49 +00:00
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
if (redissect) {
|
|
|
|
|
/* We need to re-initialize all the state information that protocols
|
|
|
|
|
keep, because some preference that controls a dissector has changed,
|
|
|
|
|
which might cause the state information to be constructed differently
|
|
|
|
|
by that dissector. */
|
|
|
|
|
|
2012-09-28 10:08:17 +00:00
|
|
|
/* We might receive new packets while redissecting, and we don't
|
|
|
|
|
want to dissect those before their time. */
|
|
|
|
|
cf->redissecting = TRUE;
|
|
|
|
|
|
2013-07-21 18:38:03 +00:00
|
|
|
/* 'reset' dissection session */
|
|
|
|
|
epan_free(cf->epan);
|
2015-11-20 18:39:55 +00:00
|
|
|
if (cf->edt && cf->edt->pi.fd) {
|
|
|
|
|
/* All pointers in "per frame proto data" for the currently selected
|
|
|
|
|
packet are allocated in wmem_file_scope() and deallocated in epan_free().
|
|
|
|
|
Free them here to avoid unintended usage in packet_list_clear(). */
|
|
|
|
|
frame_data_destroy(cf->edt->pi.fd);
|
|
|
|
|
}
|
2013-07-21 20:48:30 +00:00
|
|
|
cf->epan = ws_epan_new(cf);
|
2014-04-29 13:47:09 +00:00
|
|
|
cf->cinfo.epan = cf->epan;
|
2009-07-26 10:34:07 +00:00
|
|
|
|
2016-04-09 12:30:07 +00:00
|
|
|
/* A new Lua tap listener may be registered in lua_prime_all_fields()
|
|
|
|
|
called via epan_new() / init_dissection() when reloading Lua plugins. */
|
|
|
|
|
if (!create_proto_tree && have_filtering_tap_listeners()) {
|
|
|
|
|
create_proto_tree = TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2009-09-21 17:32:35 +00:00
|
|
|
/* We need to redissect the packets so we have to discard our old
|
|
|
|
|
* packet list store. */
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_clear();
|
2009-09-21 17:32:35 +00:00
|
|
|
add_to_packet_list = TRUE;
|
2000-08-24 06:45:37 +00:00
|
|
|
}
|
|
|
|
|
|
1999-11-06 06:28:07 +00:00
|
|
|
/* We don't yet know which will be the first and last frames displayed. */
|
Store the frame_data structures in a tree, rather than a linked list.
This lets us get rid of the per-frame_data-structure prev and next
pointers, saving memory (at least according to Activity Monitor's report
of the virtual address space size on my Snow Leopard machine, it's a
noticeable saving), and lets us look up frame_data structures by frame
number in O(log2(number of frames)) time rather than O(number of frames)
time. It seems to take more CPU time when reading in the file, but
seems to go from "finished reading in all the packets" to "displaying
the packets" faster and seems to free up the frame_data structures
faster when closing the file.
It *is* doing more copying, currently, as we now don't allocate the
frame_data structure until after the packet has passed the read filter,
so that might account for the additional CPU time.
(Oh, and, for what it's worth, on an LP64 platform, a frame_data
structure is exactly 128 bytes long. However, there's more stuff to
remove, so the power-of-2 size is not guaranteed to remain, and it's not
a power-of-2 size on an ILP32 platform.)
It also means we don't need GLib 2.10 or later for the two-pass mode in
TShark.
It also means some code in the TCP dissector that was checking
pinfo->fd->next to see if it's NULL, in order to see if this is the last
packet in the file, no longer works, but that wasn't guaranteed to work
anyway:
we might be doing a one-pass read through the capture in TShark;
we might be dissecting the frame while we're reading in the
packets for the first time in Wireshark;
we might be doing a live capture in Wireshark;
in which case packets might be prematurely considered "the last packet".
#if 0 the no-longer-working tests, pending figuring out a better way of
doing it.
svn path=/trunk/; revision=36849
2011-04-25 19:01:05 +00:00
|
|
|
cf->first_displayed = 0;
|
|
|
|
|
cf->last_displayed = 0;
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2004-02-03 00:16:59 +00:00
|
|
|
/* We currently don't display any packets */
|
|
|
|
|
cf->displayed_count = 0;
|
|
|
|
|
|
2000-07-09 03:29:42 +00:00
|
|
|
/* Iterate through the list of frames. Call a routine for each frame
|
|
|
|
|
to check whether it should be displayed and, if so, add it to
|
|
|
|
|
the display list. */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.ref = NULL;
|
|
|
|
|
cf->provider.prev_dis = NULL;
|
|
|
|
|
cf->provider.prev_cap = NULL;
|
2013-08-14 04:14:36 +00:00
|
|
|
cf->cum_bytes = 0;
|
1999-08-05 16:46:04 +00:00
|
|
|
|
2015-09-18 18:31:16 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_rescan_started, cf);
|
|
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_start(prog_timer);
|
2000-01-08 23:49:33 +00:00
|
|
|
/* Count of packets at which we've looked. */
|
|
|
|
|
count = 0;
|
2005-10-27 20:18:50 +00:00
|
|
|
/* Progress so far. */
|
2009-04-21 16:57:52 +00:00
|
|
|
progbar_val = 0.0f;
|
2000-01-08 23:49:33 +00:00
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
cf->stop_flag = FALSE;
|
2002-07-30 10:13:16 +00:00
|
|
|
g_get_current_time(&start_time);
|
1999-08-28 01:51:58 +00:00
|
|
|
|
2009-09-21 17:32:35 +00:00
|
|
|
/* no previous row yet */
|
|
|
|
|
prev_frame_num = -1;
|
2003-09-25 08:20:01 +00:00
|
|
|
prev_frame = NULL;
|
|
|
|
|
|
2009-09-21 17:32:35 +00:00
|
|
|
preceding_frame_num = -1;
|
2003-09-25 08:20:01 +00:00
|
|
|
preceding_frame = NULL;
|
2009-09-21 17:32:35 +00:00
|
|
|
following_frame_num = -1;
|
2003-09-25 08:20:01 +00:00
|
|
|
following_frame = NULL;
|
|
|
|
|
|
|
|
|
|
selected_frame_seen = FALSE;
|
|
|
|
|
|
2012-09-28 10:08:17 +00:00
|
|
|
frames_count = cf->count;
|
2013-10-20 13:22:48 +00:00
|
|
|
|
|
|
|
|
epan_dissect_init(&edt, cf->epan, create_proto_tree, FALSE);
|
|
|
|
|
|
2012-09-28 10:08:17 +00:00
|
|
|
for (framenum = 1; framenum <= frames_count; framenum++) {
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
|
2011-04-25 05:33:07 +00:00
|
|
|
|
2005-10-27 06:45:37 +00:00
|
|
|
/* Create the progress bar if necessary.
|
|
|
|
|
We check on every iteration of the loop, so that it takes no
|
|
|
|
|
longer than the standard time to create it (otherwise, for a
|
|
|
|
|
large file, we might take considerably longer than that standard
|
|
|
|
|
time in order to get to the next progress bar step). */
|
|
|
|
|
if (progbar == NULL)
|
2012-07-19 21:49:52 +00:00
|
|
|
progbar = delayed_create_progress_dlg(cf->window, action, action_item, TRUE,
|
2015-06-19 23:56:44 +00:00
|
|
|
&cf->stop_flag,
|
|
|
|
|
&start_time,
|
2005-11-12 11:05:02 +00:00
|
|
|
progbar_val);
|
2005-10-27 06:45:37 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/*
|
|
|
|
|
* Update the progress bar, but do it only after PROGBAR_UPDATE_INTERVAL
|
|
|
|
|
* has elapsed. Calling update_progress_dlg and packets_bar_update will
|
|
|
|
|
* likely trigger UI paint events, which might take a while depending on
|
|
|
|
|
* the platform and display. Reset our timer *after* painting.
|
|
|
|
|
*/
|
|
|
|
|
if (g_timer_elapsed(prog_timer, NULL) > PROGBAR_UPDATE_INTERVAL) {
|
1999-08-28 01:51:58 +00:00
|
|
|
/* let's not divide by zero. I should never be started
|
2000-01-08 23:49:33 +00:00
|
|
|
* with count == 0, so let's assert that
|
1999-08-28 01:51:58 +00:00
|
|
|
*/
|
2000-01-08 23:49:33 +00:00
|
|
|
g_assert(cf->count > 0);
|
2012-09-28 10:08:17 +00:00
|
|
|
progbar_val = (gfloat) count / frames_count;
|
1999-08-28 01:51:58 +00:00
|
|
|
|
2002-08-28 10:07:37 +00:00
|
|
|
if (progbar != NULL) {
|
|
|
|
|
g_snprintf(status_str, sizeof(status_str),
|
2012-09-28 10:08:17 +00:00
|
|
|
"%4u of %u frames", count, frames_count);
|
2005-10-27 20:18:50 +00:00
|
|
|
update_progress_dlg(progbar, progbar_val, status_str);
|
2002-08-28 10:07:37 +00:00
|
|
|
}
|
2002-07-30 10:13:16 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_start(prog_timer);
|
2000-07-03 08:36:52 +00:00
|
|
|
}
|
|
|
|
|
|
2018-06-28 00:28:06 +00:00
|
|
|
queued_rescan_type = cf->redissection_queued;
|
|
|
|
|
if (queued_rescan_type != RESCAN_NONE) {
|
|
|
|
|
/* A redissection was requested while an existing redissection was
|
|
|
|
|
* pending. */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
if (cf->stop_flag) {
|
2000-07-03 08:36:52 +00:00
|
|
|
/* Well, the user decided to abort the filtering. Just stop.
|
|
|
|
|
|
|
|
|
|
XXX - go back to the previous filter? Users probably just
|
2011-03-22 03:56:39 +00:00
|
|
|
want not to wait for a filtering operation to finish;
|
|
|
|
|
unless we cancel by having no filter, reverting to the
|
|
|
|
|
previous filter will probably be even more expensive than
|
|
|
|
|
continuing the filtering, as it involves going back to the
|
|
|
|
|
beginning and filtering, and even with no filter we currently
|
|
|
|
|
have to re-generate the entire clist, which is also expensive.
|
|
|
|
|
|
|
|
|
|
I'm not sure what Network Monitor does, but it doesn't appear
|
|
|
|
|
to give you an unfiltered display if you cancel. */
|
2000-07-03 08:36:52 +00:00
|
|
|
break;
|
1999-08-28 01:51:58 +00:00
|
|
|
}
|
|
|
|
|
|
2000-01-08 23:49:33 +00:00
|
|
|
count++;
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2000-08-24 06:45:37 +00:00
|
|
|
if (redissect) {
|
|
|
|
|
/* Since all state for the frame was destroyed, mark the frame
|
2000-09-12 03:27:00 +00:00
|
|
|
* as not visited, free the GSList referring to the state
|
2000-08-24 09:16:39 +00:00
|
|
|
* data (the per-frame data itself was freed by
|
2009-09-21 17:32:35 +00:00
|
|
|
* "init_dissection()"), and null out the GSList pointer. */
|
2013-03-15 18:04:50 +00:00
|
|
|
frame_data_reset(fdata);
|
2012-09-28 10:08:17 +00:00
|
|
|
frames_count = cf->count;
|
2000-09-11 07:33:56 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-20 12:51:05 +00:00
|
|
|
/* Frame dependencies from the previous dissection/filtering are no longer valid. */
|
|
|
|
|
fdata->flags.dependent_of_displayed = 0;
|
2012-05-22 01:59:34 +00:00
|
|
|
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata))
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
break; /* error reading the frame */
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2003-09-25 08:20:01 +00:00
|
|
|
/* If the previous frame is displayed, and we haven't yet seen the
|
|
|
|
|
selected frame, remember that frame - it's the closest one we've
|
|
|
|
|
yet seen before the selected frame. */
|
2009-09-21 17:32:35 +00:00
|
|
|
if (prev_frame_num != -1 && !selected_frame_seen && prev_frame->flags.passed_dfilter) {
|
|
|
|
|
preceding_frame_num = prev_frame_num;
|
2003-09-25 08:20:01 +00:00
|
|
|
preceding_frame = prev_frame;
|
|
|
|
|
}
|
2013-10-20 13:22:48 +00:00
|
|
|
|
|
|
|
|
add_packet_to_packet_list(fdata, cf, &edt, dfcode,
|
2018-02-09 00:19:12 +00:00
|
|
|
cinfo, &cf->rec,
|
2014-08-02 11:00:48 +00:00
|
|
|
ws_buffer_start_ptr(&cf->buf),
|
2009-08-14 05:49:57 +00:00
|
|
|
add_to_packet_list);
|
2003-09-25 08:20:01 +00:00
|
|
|
|
|
|
|
|
/* If this frame is displayed, and this is the first frame we've
|
|
|
|
|
seen displayed after the selected frame, remember this frame -
|
|
|
|
|
it's the closest one we've yet seen at or after the selected
|
|
|
|
|
frame. */
|
2009-09-21 17:32:35 +00:00
|
|
|
if (fdata->flags.passed_dfilter && selected_frame_seen && following_frame_num == -1) {
|
|
|
|
|
following_frame_num = fdata->num;
|
2003-09-25 08:20:01 +00:00
|
|
|
following_frame = fdata;
|
|
|
|
|
}
|
|
|
|
|
if (fdata == selected_frame) {
|
|
|
|
|
selected_frame_seen = TRUE;
|
2009-09-21 17:32:35 +00:00
|
|
|
if (fdata->flags.passed_dfilter)
|
|
|
|
|
selected_frame_num = fdata->num;
|
2003-09-25 08:20:01 +00:00
|
|
|
}
|
|
|
|
|
|
2009-09-21 17:32:35 +00:00
|
|
|
/* Remember this frame - it'll be the previous frame
|
2003-09-25 08:20:01 +00:00
|
|
|
on the next pass through the loop. */
|
2009-09-21 17:32:35 +00:00
|
|
|
prev_frame_num = fdata->num;
|
2003-09-25 08:20:01 +00:00
|
|
|
prev_frame = fdata;
|
1999-08-10 04:13:37 +00:00
|
|
|
}
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_cleanup(&edt);
|
|
|
|
|
|
2008-09-30 15:45:20 +00:00
|
|
|
/* We are done redissecting the packet list. */
|
2012-09-28 10:08:17 +00:00
|
|
|
cf->redissecting = FALSE;
|
2008-09-30 15:45:20 +00:00
|
|
|
|
2000-08-24 09:16:39 +00:00
|
|
|
if (redissect) {
|
2012-09-28 10:08:17 +00:00
|
|
|
frames_count = cf->count;
|
2000-08-24 09:16:39 +00:00
|
|
|
/* Clear out what remains of the visited flags and per-frame data
|
|
|
|
|
pointers.
|
|
|
|
|
|
|
|
|
|
XXX - that may cause various forms of bogosity when dissecting
|
|
|
|
|
these frames, as they won't have been seen by this sequential
|
|
|
|
|
pass, but the only alternative I see is to keep scanning them
|
|
|
|
|
even though the user requested that the scan stop, and that
|
2006-05-28 20:28:20 +00:00
|
|
|
would leave the user stuck with an Wireshark grinding on
|
2000-08-24 09:16:39 +00:00
|
|
|
until it finishes. Should we just stick them with that? */
|
2012-09-28 10:08:17 +00:00
|
|
|
for (; framenum <= frames_count; framenum++) {
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
|
2013-03-15 18:04:50 +00:00
|
|
|
frame_data_reset(fdata);
|
2000-08-24 09:16:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2002-07-30 10:13:16 +00:00
|
|
|
/* We're done filtering the packets; destroy the progress bar if it
|
|
|
|
|
was created. */
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_destroy(prog_timer);
|
1999-07-11 08:40:52 +00:00
|
|
|
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Unfreeze the packet list. */
|
2009-09-21 17:32:35 +00:00
|
|
|
if (!add_to_packet_list)
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_recreate_visible_rows();
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
|
2010-03-15 06:28:01 +00:00
|
|
|
/* Compute the time it took to filter the file */
|
2013-08-14 04:14:36 +00:00
|
|
|
compute_elapsed(cf, &start_time);
|
2010-03-15 06:28:01 +00:00
|
|
|
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_thaw();
|
2009-09-21 17:32:35 +00:00
|
|
|
|
2015-09-18 18:31:16 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_rescan_finished, cf);
|
|
|
|
|
|
2009-09-21 17:32:35 +00:00
|
|
|
if (selected_frame_num == -1) {
|
2003-09-25 08:20:01 +00:00
|
|
|
/* The selected frame didn't pass the filter. */
|
|
|
|
|
if (selected_frame == NULL) {
|
|
|
|
|
/* That's because there *was* no selected frame. Make the first
|
|
|
|
|
displayed frame the current frame. */
|
2009-09-21 17:32:35 +00:00
|
|
|
selected_frame_num = 0;
|
2003-09-25 08:20:01 +00:00
|
|
|
} else {
|
|
|
|
|
/* Find the nearest displayed frame to the selected frame (whether
|
|
|
|
|
it's before or after that frame) and make that the current frame.
|
|
|
|
|
If the next and previous displayed frames are equidistant from the
|
|
|
|
|
selected frame, choose the next one. */
|
|
|
|
|
g_assert(following_frame == NULL ||
|
|
|
|
|
following_frame->num >= selected_frame->num);
|
|
|
|
|
g_assert(preceding_frame == NULL ||
|
|
|
|
|
preceding_frame->num <= selected_frame->num);
|
2003-09-25 08:31:52 +00:00
|
|
|
if (following_frame == NULL) {
|
|
|
|
|
/* No frame after the selected frame passed the filter, so we
|
|
|
|
|
have to select the last displayed frame before the selected
|
|
|
|
|
frame. */
|
2009-09-21 17:32:35 +00:00
|
|
|
selected_frame_num = preceding_frame_num;
|
|
|
|
|
selected_frame = preceding_frame;
|
2003-09-25 08:31:52 +00:00
|
|
|
} else if (preceding_frame == NULL) {
|
|
|
|
|
/* No frame before the selected frame passed the filter, so we
|
|
|
|
|
have to select the first displayed frame after the selected
|
|
|
|
|
frame. */
|
2009-09-21 17:32:35 +00:00
|
|
|
selected_frame_num = following_frame_num;
|
|
|
|
|
selected_frame = following_frame;
|
2007-01-11 06:36:14 +00:00
|
|
|
} else {
|
|
|
|
|
/* Frames before and after the selected frame passed the filter, so
|
2009-09-21 15:50:15 +00:00
|
|
|
we'll select the previous frame */
|
2009-09-21 17:32:35 +00:00
|
|
|
selected_frame_num = preceding_frame_num;
|
|
|
|
|
selected_frame = preceding_frame;
|
2003-09-25 08:20:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2003-09-24 00:47:37 +00:00
|
|
|
|
2009-09-21 17:32:35 +00:00
|
|
|
if (selected_frame_num == -1) {
|
2003-09-25 08:20:01 +00:00
|
|
|
/* There are no frames displayed at all. */
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_unselect_packet(cf);
|
2003-09-25 08:20:01 +00:00
|
|
|
} else {
|
|
|
|
|
/* Either the frame that was selected passed the filter, or we've
|
|
|
|
|
found the nearest displayed frame to that frame. Select it, make
|
|
|
|
|
it the focus row, and make it visible. */
|
2009-11-10 20:16:14 +00:00
|
|
|
/* Set to invalid to force update of packet list and packet details */
|
|
|
|
|
cf->current_row = -1;
|
2009-09-21 17:32:35 +00:00
|
|
|
if (selected_frame_num == 0) {
|
2012-09-04 02:35:25 +00:00
|
|
|
packet_list_select_first_row();
|
2009-09-21 17:32:35 +00:00
|
|
|
}else{
|
2012-09-04 02:35:25 +00:00
|
|
|
if (!packet_list_select_row_from_data(selected_frame)) {
|
2011-04-24 21:02:55 +00:00
|
|
|
/* We didn't find a row corresponding to this frame.
|
|
|
|
|
This means that the frame isn't being displayed currently,
|
|
|
|
|
so we can't select it. */
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_message_box(ESD_TYPE_INFO, NULL,
|
|
|
|
|
"The capture file is probably not fully dissected.",
|
2014-09-24 21:06:23 +00:00
|
|
|
"End of capture exceeded.");
|
2011-04-24 21:02:55 +00:00
|
|
|
}
|
2008-12-10 11:05:45 +00:00
|
|
|
}
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
}
|
2007-01-01 10:23:37 +00:00
|
|
|
|
|
|
|
|
/* Cleanup and release all dfilter resources */
|
2009-09-22 16:49:26 +00:00
|
|
|
dfilter_free(dfcode);
|
2018-06-28 00:28:06 +00:00
|
|
|
|
2018-06-30 05:38:10 +00:00
|
|
|
/* It is safe again to execute redissections. */
|
|
|
|
|
g_assert(cf->read_lock);
|
|
|
|
|
cf->read_lock = FALSE;
|
|
|
|
|
|
2018-06-28 00:28:06 +00:00
|
|
|
/* If another rescan (due to dfilter change) or redissection (due to profile
|
|
|
|
|
* change) was requested, the rescan above is aborted and restarted here. */
|
|
|
|
|
if (queued_rescan_type != RESCAN_NONE) {
|
|
|
|
|
redissect = redissect || queued_rescan_type == RESCAN_REDISSECT;
|
|
|
|
|
rescan_packets(cf, "Reprocessing", "all packets", redissect);
|
|
|
|
|
}
|
1999-06-22 03:39:07 +00:00
|
|
|
}
|
2009-09-21 14:13:46 +00:00
|
|
|
|
|
|
|
|
|
2009-07-28 16:20:05 +00:00
|
|
|
/*
|
2016-01-06 00:58:42 +00:00
|
|
|
* Scan through all frame data and recalculate the ref time
|
2009-07-28 16:20:05 +00:00
|
|
|
* without rereading the file.
|
|
|
|
|
* XXX - do we need a progres bar or is this fast enough?
|
|
|
|
|
*/
|
|
|
|
|
static void
|
|
|
|
|
ref_time_packets(capture_file *cf)
|
|
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
guint32 framenum;
|
2009-07-28 16:20:05 +00:00
|
|
|
frame_data *fdata;
|
2013-07-21 23:07:33 +00:00
|
|
|
nstime_t rel_ts;
|
2009-07-28 16:20:05 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.ref = NULL;
|
|
|
|
|
cf->provider.prev_dis = NULL;
|
2013-08-14 04:14:36 +00:00
|
|
|
cf->cum_bytes = 0;
|
2009-07-28 16:20:05 +00:00
|
|
|
|
2011-04-25 05:33:07 +00:00
|
|
|
for (framenum = 1; framenum <= cf->count; framenum++) {
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
|
2011-04-25 05:33:07 +00:00
|
|
|
|
2009-09-21 15:50:15 +00:00
|
|
|
/* just add some value here until we know if it is being displayed or not */
|
2013-08-14 04:14:36 +00:00
|
|
|
fdata->cum_bytes = cf->cum_bytes + fdata->pkt_len;
|
2009-07-28 16:20:05 +00:00
|
|
|
|
2010-05-26 23:29:56 +00:00
|
|
|
/*
|
|
|
|
|
*Timestamps
|
|
|
|
|
*/
|
|
|
|
|
|
2009-09-21 15:50:15 +00:00
|
|
|
/* If we don't have the time stamp of the first packet in the
|
2009-07-28 16:20:05 +00:00
|
|
|
capture, it's because this is the first packet. Save the time
|
|
|
|
|
stamp of this packet as the time stamp of the first packet. */
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf->provider.ref == NULL)
|
|
|
|
|
cf->provider.ref = fdata;
|
2009-09-21 15:50:15 +00:00
|
|
|
/* if this frames is marked as a reference time frame, reset
|
|
|
|
|
firstsec and firstusec to this frame */
|
2013-07-21 23:07:33 +00:00
|
|
|
if (fdata->flags.ref_time)
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.ref = fdata;
|
2009-07-28 16:20:05 +00:00
|
|
|
|
2009-09-21 15:50:15 +00:00
|
|
|
/* If we don't have the time stamp of the previous displayed packet,
|
2009-07-28 16:20:05 +00:00
|
|
|
it's because this is the first displayed packet. Save the time
|
|
|
|
|
stamp of this packet as the time stamp of the previous displayed
|
|
|
|
|
packet. */
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf->provider.prev_dis == NULL) {
|
|
|
|
|
cf->provider.prev_dis = fdata;
|
2009-09-21 15:50:15 +00:00
|
|
|
}
|
2009-07-28 16:20:05 +00:00
|
|
|
|
2009-09-21 15:50:15 +00:00
|
|
|
/* Get the time elapsed between the first packet and this packet. */
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata->frame_ref_num = (fdata != cf->provider.ref) ? cf->provider.ref->num : 0;
|
|
|
|
|
nstime_delta(&rel_ts, &fdata->abs_ts, &cf->provider.ref->abs_ts);
|
2009-07-28 16:20:05 +00:00
|
|
|
|
2009-09-21 15:50:15 +00:00
|
|
|
/* If it's greater than the current elapsed time, set the elapsed time
|
2009-07-28 16:20:05 +00:00
|
|
|
to it (we check for "greater than" so as not to be confused by
|
|
|
|
|
time moving backwards). */
|
2013-07-21 23:07:33 +00:00
|
|
|
if ((gint32)cf->elapsed_time.secs < rel_ts.secs
|
|
|
|
|
|| ((gint32)cf->elapsed_time.secs == rel_ts.secs && (gint32)cf->elapsed_time.nsecs < rel_ts.nsecs)) {
|
|
|
|
|
cf->elapsed_time = rel_ts;
|
2009-09-21 15:50:15 +00:00
|
|
|
}
|
2009-07-28 16:20:05 +00:00
|
|
|
|
2012-02-28 03:19:49 +00:00
|
|
|
/* If this frame is displayed, get the time elapsed between the
|
|
|
|
|
previous displayed packet and this packet. */
|
2012-08-12 22:21:02 +00:00
|
|
|
if ( fdata->flags.passed_dfilter ) {
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata->prev_dis_num = cf->provider.prev_dis->num;
|
|
|
|
|
cf->provider.prev_dis = fdata;
|
2011-12-27 18:16:12 +00:00
|
|
|
}
|
2010-05-26 23:29:56 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Byte counts
|
|
|
|
|
*/
|
2012-08-12 22:21:02 +00:00
|
|
|
if ( (fdata->flags.passed_dfilter) || (fdata->flags.ref_time) ) {
|
2009-09-21 15:50:15 +00:00
|
|
|
/* This frame either passed the display filter list or is marked as
|
|
|
|
|
a time reference frame. All time reference frames are displayed
|
2014-09-16 15:25:17 +00:00
|
|
|
even if they don't pass the display filter */
|
2012-08-12 22:21:02 +00:00
|
|
|
if (fdata->flags.ref_time) {
|
2010-05-26 23:29:56 +00:00
|
|
|
/* if this was a TIME REF frame we should reset the cum_bytes field */
|
2013-08-14 04:14:36 +00:00
|
|
|
cf->cum_bytes = fdata->pkt_len;
|
|
|
|
|
fdata->cum_bytes = cf->cum_bytes;
|
2009-09-21 15:50:15 +00:00
|
|
|
} else {
|
|
|
|
|
/* increase cum_bytes with this packets length */
|
2013-08-14 04:14:36 +00:00
|
|
|
cf->cum_bytes += fdata->pkt_len;
|
2009-09-21 15:50:15 +00:00
|
|
|
}
|
|
|
|
|
}
|
2009-07-28 16:20:05 +00:00
|
|
|
}
|
|
|
|
|
}
|
2009-09-21 15:50:15 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
typedef enum {
|
|
|
|
|
PSP_FINISHED,
|
|
|
|
|
PSP_STOPPED,
|
|
|
|
|
PSP_FAILED
|
|
|
|
|
} psp_return_t;
|
|
|
|
|
|
2005-08-14 23:25:20 +00:00
|
|
|
static psp_return_t
|
2014-05-24 18:28:30 +00:00
|
|
|
process_specified_records(capture_file *cf, packet_range_t *range,
|
2005-11-12 11:05:02 +00:00
|
|
|
const char *string1, const char *string2, gboolean terminate_is_stop,
|
2004-01-09 22:56:59 +00:00
|
|
|
gboolean (*callback)(capture_file *, frame_data *,
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *, const guint8 *, void *),
|
2016-03-01 02:52:52 +00:00
|
|
|
void *callback_args,
|
|
|
|
|
gboolean show_progress_bar)
|
1999-07-23 08:29:24 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
guint32 framenum;
|
|
|
|
|
frame_data *fdata;
|
2018-09-29 20:12:57 +00:00
|
|
|
wtap_rec rec;
|
2013-06-16 00:20:00 +00:00
|
|
|
Buffer buf;
|
2012-08-12 22:21:02 +00:00
|
|
|
psp_return_t ret = PSP_FINISHED;
|
|
|
|
|
|
|
|
|
|
progdlg_t *progbar = NULL;
|
2016-07-15 18:09:01 +00:00
|
|
|
GTimer *prog_timer = g_timer_new();
|
2012-08-12 22:21:02 +00:00
|
|
|
int progbar_count;
|
|
|
|
|
float progbar_val;
|
|
|
|
|
GTimeVal progbar_start_time;
|
|
|
|
|
gchar progbar_status_str[100];
|
|
|
|
|
range_process_e process_this;
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec_init(&rec);
|
2014-08-02 11:00:48 +00:00
|
|
|
ws_buffer_init(&buf, 1500);
|
2013-06-16 00:20:00 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_start(prog_timer);
|
2000-01-08 23:49:33 +00:00
|
|
|
/* Count of packets at which we've looked. */
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar_count = 0;
|
2005-10-27 20:18:50 +00:00
|
|
|
/* Progress so far. */
|
2009-04-21 16:57:52 +00:00
|
|
|
progbar_val = 0.0f;
|
1999-09-13 23:45:22 +00:00
|
|
|
|
2018-06-30 19:08:54 +00:00
|
|
|
if (cf->read_lock) {
|
|
|
|
|
g_warning("Failing due to nested process_specified_records(\"%s\") call!", cf->filename);
|
|
|
|
|
return PSP_FAILED;
|
|
|
|
|
}
|
|
|
|
|
cf->read_lock = TRUE;
|
|
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
cf->stop_flag = FALSE;
|
2004-01-09 22:56:59 +00:00
|
|
|
g_get_current_time(&progbar_start_time);
|
2000-01-08 23:49:33 +00:00
|
|
|
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
if (range != NULL)
|
|
|
|
|
packet_range_process_init(range);
|
2004-01-09 18:11:21 +00:00
|
|
|
|
2011-04-25 05:33:07 +00:00
|
|
|
/* Iterate through all the packets, printing the packets that
|
1999-09-12 06:11:51 +00:00
|
|
|
were selected by the current display filter. */
|
2011-04-25 05:33:07 +00:00
|
|
|
for (framenum = 1; framenum <= cf->count; framenum++) {
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
|
2011-04-25 05:33:07 +00:00
|
|
|
|
2005-10-27 06:45:37 +00:00
|
|
|
/* Create the progress bar if necessary.
|
|
|
|
|
We check on every iteration of the loop, so that it takes no
|
|
|
|
|
longer than the standard time to create it (otherwise, for a
|
|
|
|
|
large file, we might take considerably longer than that standard
|
|
|
|
|
time in order to get to the next progress bar step). */
|
2016-03-01 02:52:52 +00:00
|
|
|
if (show_progress_bar && progbar == NULL)
|
2012-07-19 21:49:52 +00:00
|
|
|
progbar = delayed_create_progress_dlg(cf->window, string1, string2,
|
2005-11-12 11:05:02 +00:00
|
|
|
terminate_is_stop,
|
2015-06-19 23:56:44 +00:00
|
|
|
&cf->stop_flag,
|
2005-10-27 06:45:37 +00:00
|
|
|
&progbar_start_time,
|
|
|
|
|
progbar_val);
|
|
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/*
|
|
|
|
|
* Update the progress bar, but do it only after PROGBAR_UPDATE_INTERVAL
|
|
|
|
|
* has elapsed. Calling update_progress_dlg and packets_bar_update will
|
|
|
|
|
* likely trigger UI paint events, which might take a while depending on
|
|
|
|
|
* the platform and display. Reset our timer *after* painting.
|
|
|
|
|
*/
|
|
|
|
|
if (progbar && g_timer_elapsed(prog_timer, NULL) > PROGBAR_UPDATE_INTERVAL) {
|
1999-09-13 23:45:22 +00:00
|
|
|
/* let's not divide by zero. I should never be started
|
2000-01-08 23:49:33 +00:00
|
|
|
* with count == 0, so let's assert that
|
1999-09-13 23:45:22 +00:00
|
|
|
*/
|
2000-01-08 23:49:33 +00:00
|
|
|
g_assert(cf->count > 0);
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar_val = (gfloat) progbar_count / cf->count;
|
1999-09-13 23:45:22 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
g_snprintf(progbar_status_str, sizeof(progbar_status_str),
|
|
|
|
|
"%4u of %u packets", progbar_count, cf->count);
|
|
|
|
|
update_progress_dlg(progbar, progbar_val, progbar_status_str);
|
2002-07-30 10:13:16 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_start(prog_timer);
|
1999-09-13 23:45:22 +00:00
|
|
|
}
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
if (cf->stop_flag) {
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Well, the user decided to abort the operation. Just stop,
|
2005-11-12 11:05:02 +00:00
|
|
|
and arrange to return PSP_STOPPED to our caller, so they know
|
|
|
|
|
it was stopped explicitly. */
|
2004-01-09 22:56:59 +00:00
|
|
|
ret = PSP_STOPPED;
|
2000-07-03 08:36:52 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
progbar_count++;
|
2004-01-09 18:11:21 +00:00
|
|
|
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
if (range != NULL) {
|
|
|
|
|
/* do we have to process this packet? */
|
|
|
|
|
process_this = packet_range_process_packet(range, fdata);
|
|
|
|
|
if (process_this == range_process_next) {
|
2004-01-09 18:11:21 +00:00
|
|
|
/* this packet uninteresting, continue with next one */
|
|
|
|
|
continue;
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
} else if (process_this == range_processing_finished) {
|
2004-01-09 18:11:21 +00:00
|
|
|
/* all interesting packets processed, stop the loop */
|
|
|
|
|
break;
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
}
|
2004-01-09 18:11:21 +00:00
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Get the packet */
|
2018-02-09 00:19:12 +00:00
|
|
|
if (!cf_read_record_r(cf, fdata, &rec, &buf)) {
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
ret = PSP_FAILED;
|
|
|
|
|
break;
|
2004-01-09 18:11:21 +00:00
|
|
|
}
|
2004-05-27 21:48:10 +00:00
|
|
|
/* Process the packet */
|
2018-02-09 00:19:12 +00:00
|
|
|
if (!callback(cf, fdata, &rec, ws_buffer_start_ptr(&buf), callback_args)) {
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Callback failed. We assume it reported the error appropriately. */
|
|
|
|
|
ret = PSP_FAILED;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2000-02-21 08:18:00 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* We're done printing the packets; destroy the progress bar if
|
|
|
|
|
it was created. */
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_destroy(prog_timer);
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2018-06-30 19:08:54 +00:00
|
|
|
g_assert(cf->read_lock);
|
|
|
|
|
cf->read_lock = FALSE;
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec_cleanup(&rec);
|
2014-08-02 11:00:48 +00:00
|
|
|
ws_buffer_free(&buf);
|
2013-06-16 00:20:00 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
return ret;
|
|
|
|
|
}
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2009-06-05 22:42:47 +00:00
|
|
|
typedef struct {
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_t edt;
|
2009-06-05 22:42:47 +00:00
|
|
|
column_info *cinfo;
|
|
|
|
|
} retap_callback_args_t;
|
|
|
|
|
|
2004-01-13 22:34:10 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
retap_packet(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2004-01-13 22:34:10 +00:00
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
retap_callback_args_t *args = (retap_callback_args_t *)argsp;
|
2004-01-13 22:34:10 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run_with_taps(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd),
|
|
|
|
|
fdata, args->cinfo);
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(&args->edt);
|
2004-01-13 22:34:10 +00:00
|
|
|
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2005-02-05 12:50:47 +00:00
|
|
|
cf_read_status_t
|
2009-06-05 22:42:47 +00:00
|
|
|
cf_retap_packets(capture_file *cf)
|
2004-01-13 22:34:10 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
packet_range_t range;
|
2009-06-05 22:42:47 +00:00
|
|
|
retap_callback_args_t callback_args;
|
2017-04-12 02:53:48 +00:00
|
|
|
gboolean create_proto_tree;
|
2012-08-12 22:21:02 +00:00
|
|
|
guint tap_flags;
|
2013-10-20 13:22:48 +00:00
|
|
|
psp_return_t ret;
|
2009-06-05 22:42:47 +00:00
|
|
|
|
Add a Qt I/O Graph dialog.
For each graph you can set:
- Its visibility
- A name
- A display filter
- Color, from a fixed list
- Plot style: Line, Impulse, Bar, Stacked Bar, Dot, Square, Diamond
- Basic Y Axes (packets/s, bytes/s, bits/s)
- Computed Y Axes (SUM, MIN, AVG, MAX)
- Smoothing
You can pan and zoom using the mouse and keyboard. Clicking on a graph
selects the last packet for that interval. If all graphs have the same Y
axis a single label is shown, otherwise a legend is shown.
The time scale (X axis) can be toggled between relative seconds and the
time of day.
Graphs can be saved as PDF, PNG, BMP, and JPEG. Settings are "sticky"
via the io_graphs UAT.
To do:
- Minimize graph drawing delays.
- Figure out why smoothing differs from GTK+
- Everything else at the top of io_graph_dialog.cpp
- Fix empty resets.
A fair amount of code was copied from TCPStreamDialog. We might want to
subclass QCustomPlot and place the shared code there.
Move common syntax checking to SyntaxLineEdit.
Move some common code from ui/gtk/io_stat.c to ui/io_graph_item.[ch] and
use it in both GTK+ and Qt.
Make the io_graph_item_t array allocation in io_stat.c static. The
behavior should be identical and this gives us additional compile-time
checks.
Change-Id: I9a3d544469b7048f0761fdbf7bcf20f44ae76577
Reviewed-on: https://code.wireshark.org/review/435
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Tested-by: Gerald Combs <gerald@wireshark.org>
2014-02-12 00:07:10 +00:00
|
|
|
/* Presumably the user closed the capture file. */
|
|
|
|
|
if (cf == NULL) {
|
|
|
|
|
return CF_READ_ABORTED;
|
|
|
|
|
}
|
2014-07-11 03:11:25 +00:00
|
|
|
|
2015-08-24 19:30:56 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_retap_started, cf);
|
|
|
|
|
|
2017-04-12 02:53:48 +00:00
|
|
|
/* Get the union of the flags for all tap listeners. */
|
2009-06-05 22:42:47 +00:00
|
|
|
tap_flags = union_of_tap_listener_flags();
|
|
|
|
|
|
|
|
|
|
/* If any tap listeners require the columns, construct them. */
|
|
|
|
|
callback_args.cinfo = (tap_flags & TL_REQUIRES_COLUMNS) ? &cf->cinfo : NULL;
|
2004-01-13 22:34:10 +00:00
|
|
|
|
2017-04-12 02:53:48 +00:00
|
|
|
/*
|
|
|
|
|
* Determine whether we need to create a protocol tree.
|
|
|
|
|
* We do if:
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners is going to apply a filter;
|
|
|
|
|
*
|
|
|
|
|
* one of the tap listeners requires a protocol tree.
|
|
|
|
|
*/
|
|
|
|
|
create_proto_tree =
|
|
|
|
|
(have_filtering_tap_listeners() || (tap_flags & TL_REQUIRES_PROTO_TREE));
|
|
|
|
|
|
2004-01-16 19:35:32 +00:00
|
|
|
/* Reset the tap listeners. */
|
|
|
|
|
reset_tap_listeners();
|
|
|
|
|
|
2017-04-12 02:53:48 +00:00
|
|
|
epan_dissect_init(&callback_args.edt, cf->epan, create_proto_tree, FALSE);
|
2013-10-20 13:22:48 +00:00
|
|
|
|
2004-01-13 22:34:10 +00:00
|
|
|
/* Iterate through the list of packets, dissecting all packets and
|
|
|
|
|
re-running the taps. */
|
2012-10-05 18:52:42 +00:00
|
|
|
packet_range_init(&range, cf);
|
2004-01-13 22:34:10 +00:00
|
|
|
packet_range_process_init(&range);
|
2013-10-20 13:22:48 +00:00
|
|
|
|
2014-05-24 18:28:30 +00:00
|
|
|
ret = process_specified_records(cf, &range, "Recalculating statistics on",
|
2013-10-20 13:22:48 +00:00
|
|
|
"all packets", TRUE, retap_packet,
|
2016-03-01 02:52:52 +00:00
|
|
|
&callback_args, TRUE);
|
2013-10-20 13:22:48 +00:00
|
|
|
|
2018-05-21 20:33:37 +00:00
|
|
|
packet_range_cleanup(&range);
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_cleanup(&callback_args.edt);
|
|
|
|
|
|
2015-08-24 19:30:56 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_retap_finished, cf);
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
switch (ret) {
|
2004-01-13 22:34:10 +00:00
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
2008-05-30 07:15:05 +00:00
|
|
|
return CF_READ_OK;
|
2004-01-13 22:34:10 +00:00
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the refiltering.
|
2005-02-05 12:50:47 +00:00
|
|
|
Return CF_READ_ABORTED so our caller knows they did that. */
|
2005-02-05 13:44:27 +00:00
|
|
|
return CF_READ_ABORTED;
|
2004-01-13 22:34:10 +00:00
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while retapping. */
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_ERROR;
|
2004-01-13 22:34:10 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-05 13:44:27 +00:00
|
|
|
g_assert_not_reached();
|
2005-02-05 12:50:47 +00:00
|
|
|
return CF_READ_OK;
|
2004-01-13 22:34:10 +00:00
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
typedef struct {
|
|
|
|
|
print_args_t *print_args;
|
2004-04-16 20:20:54 +00:00
|
|
|
gboolean print_header_line;
|
|
|
|
|
char *header_line_buf;
|
|
|
|
|
int header_line_buf_len;
|
2004-04-22 17:03:21 +00:00
|
|
|
gboolean print_formfeed;
|
2004-01-09 22:56:59 +00:00
|
|
|
gboolean print_separator;
|
|
|
|
|
char *line_buf;
|
|
|
|
|
int line_buf_len;
|
|
|
|
|
gint *col_widths;
|
2012-07-15 14:56:40 +00:00
|
|
|
int num_visible_cols;
|
|
|
|
|
gint *visible_cols;
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_t edt;
|
2004-01-09 22:56:59 +00:00
|
|
|
} print_callback_args_t;
|
1999-08-10 04:13:37 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
print_packet(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2004-01-09 22:56:59 +00:00
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
print_callback_args_t *args = (print_callback_args_t *)argsp;
|
2004-01-09 22:56:59 +00:00
|
|
|
int i;
|
|
|
|
|
char *cp;
|
|
|
|
|
int line_len;
|
|
|
|
|
int column_len;
|
|
|
|
|
int cp_off;
|
2012-08-12 22:21:02 +00:00
|
|
|
char bookmark_name[9+10+1]; /* "__frameNNNNNNNNNN__\0" */
|
|
|
|
|
char bookmark_title[6+10+1]; /* "Frame NNNNNNNNNN__\0" */
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item_t* col_item;
|
2004-04-16 18:17:48 +00:00
|
|
|
|
2004-07-08 11:07:29 +00:00
|
|
|
/* Fill in the column information if we're printing the summary
|
|
|
|
|
information. */
|
|
|
|
|
if (args->print_args->print_summary) {
|
2013-10-20 13:22:48 +00:00
|
|
|
col_custom_prime_edt(&args->edt, &cf->cinfo);
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd),
|
|
|
|
|
fdata, &cf->cinfo);
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_fill_in_columns(&args->edt, FALSE, TRUE);
|
2004-07-08 11:07:29 +00:00
|
|
|
} else
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd), fdata, NULL);
|
2004-04-16 18:17:48 +00:00
|
|
|
|
2004-04-22 17:03:21 +00:00
|
|
|
if (args->print_formfeed) {
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!new_page(args->print_args->stream))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
2018-07-10 04:45:33 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Print another header line if we print a packet summary on the
|
|
|
|
|
* new page.
|
|
|
|
|
*/
|
|
|
|
|
if (args->print_args->print_col_headings)
|
|
|
|
|
args->print_header_line = TRUE;
|
2004-04-22 17:03:21 +00:00
|
|
|
} else {
|
2004-07-25 08:53:38 +00:00
|
|
|
if (args->print_separator) {
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!print_line(args->print_args->stream, 0, ""))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
2004-04-22 17:03:21 +00:00
|
|
|
}
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-07-25 08:53:38 +00:00
|
|
|
/*
|
|
|
|
|
* We generate bookmarks, if the output format supports them.
|
|
|
|
|
* The name is "__frameN__".
|
|
|
|
|
*/
|
2005-08-10 19:37:29 +00:00
|
|
|
g_snprintf(bookmark_name, sizeof bookmark_name, "__frame%u__", fdata->num);
|
2004-07-25 08:53:38 +00:00
|
|
|
|
2004-07-08 11:07:29 +00:00
|
|
|
if (args->print_args->print_summary) {
|
2013-06-19 15:22:56 +00:00
|
|
|
if (!args->print_args->print_col_headings)
|
|
|
|
|
args->print_header_line = FALSE;
|
2004-04-16 20:20:54 +00:00
|
|
|
if (args->print_header_line) {
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!print_line(args->print_args->stream, 0, args->header_line_buf))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
2009-09-21 15:50:15 +00:00
|
|
|
args->print_header_line = FALSE; /* we might not need to print any more */
|
2004-04-16 20:20:54 +00:00
|
|
|
}
|
2004-01-09 22:56:59 +00:00
|
|
|
cp = &args->line_buf[0];
|
|
|
|
|
line_len = 0;
|
2012-07-15 14:56:40 +00:00
|
|
|
for (i = 0; i < args->num_visible_cols; i++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
col_item = &cf->cinfo.columns[args->visible_cols[i]];
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Find the length of the string for this column. */
|
2015-06-27 03:00:33 +00:00
|
|
|
column_len = (int) strlen(col_item->col_data);
|
2004-01-09 22:56:59 +00:00
|
|
|
if (args->col_widths[i] > column_len)
|
|
|
|
|
column_len = args->col_widths[i];
|
1999-09-29 22:19:24 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Make sure there's room in the line buffer for the column; if not,
|
|
|
|
|
double its length. */
|
2009-09-21 15:50:15 +00:00
|
|
|
line_len += column_len + 1; /* "+1" for space */
|
2004-01-09 22:56:59 +00:00
|
|
|
if (line_len > args->line_buf_len) {
|
2009-04-16 04:05:39 +00:00
|
|
|
cp_off = (int) (cp - args->line_buf);
|
2004-01-09 22:56:59 +00:00
|
|
|
args->line_buf_len = 2 * line_len;
|
2013-03-06 17:35:11 +00:00
|
|
|
args->line_buf = (char *)g_realloc(args->line_buf, args->line_buf_len + 1);
|
2004-01-09 22:56:59 +00:00
|
|
|
cp = args->line_buf + cp_off;
|
|
|
|
|
}
|
1999-07-23 08:29:24 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Right-justify the packet number column. */
|
2015-06-27 03:00:33 +00:00
|
|
|
if (col_item->col_fmt == COL_NUMBER)
|
|
|
|
|
g_snprintf(cp, column_len+1, "%*s", args->col_widths[i], col_item->col_data);
|
2004-01-09 22:56:59 +00:00
|
|
|
else
|
2015-06-27 03:00:33 +00:00
|
|
|
g_snprintf(cp, column_len+1, "%-*s", args->col_widths[i], col_item->col_data);
|
2004-01-09 22:56:59 +00:00
|
|
|
cp += column_len;
|
2012-07-15 14:56:40 +00:00
|
|
|
if (i != args->num_visible_cols - 1)
|
2004-01-09 22:56:59 +00:00
|
|
|
*cp++ = ' ';
|
|
|
|
|
}
|
|
|
|
|
*cp = '\0';
|
2004-04-22 17:03:21 +00:00
|
|
|
|
2004-07-25 08:53:38 +00:00
|
|
|
/*
|
|
|
|
|
* Generate a bookmark, using the summary line as the title.
|
|
|
|
|
*/
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!print_bookmark(args->print_args->stream, bookmark_name,
|
|
|
|
|
args->line_buf))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
2004-04-22 17:03:21 +00:00
|
|
|
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!print_line(args->print_args->stream, 0, args->line_buf))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
|
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* Generate a bookmark, using "Frame N" as the title, as we're not
|
|
|
|
|
* printing the summary line.
|
|
|
|
|
*/
|
2005-08-10 19:37:29 +00:00
|
|
|
g_snprintf(bookmark_title, sizeof bookmark_title, "Frame %u", fdata->num);
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!print_bookmark(args->print_args->stream, bookmark_name,
|
|
|
|
|
bookmark_title))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
2004-04-16 18:17:48 +00:00
|
|
|
} /* if (print_summary) */
|
2004-07-25 08:53:38 +00:00
|
|
|
|
2004-04-16 18:17:48 +00:00
|
|
|
if (args->print_args->print_dissections != print_dissections_none) {
|
2004-04-16 20:20:54 +00:00
|
|
|
if (args->print_args->print_summary) {
|
|
|
|
|
/* Separate the summary line from the tree with a blank line. */
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!print_line(args->print_args->stream, 0, ""))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
2004-04-16 20:20:54 +00:00
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Print the information in that tree. */
|
2017-04-23 23:48:17 +00:00
|
|
|
if (!proto_tree_print(args->print_args->print_dissections,
|
|
|
|
|
args->print_args->print_hex, &args->edt, NULL,
|
|
|
|
|
args->print_args->stream))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-04-16 18:17:48 +00:00
|
|
|
/* Print a blank line if we print anything after this (aka more than one packet). */
|
|
|
|
|
args->print_separator = TRUE;
|
2004-04-16 20:20:54 +00:00
|
|
|
|
|
|
|
|
/* Print a header line if we print any more packet summaries */
|
2013-06-19 15:22:56 +00:00
|
|
|
if (args->print_args->print_col_headings)
|
|
|
|
|
args->print_header_line = TRUE;
|
2004-04-16 18:17:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (args->print_args->print_hex) {
|
2012-10-22 15:56:59 +00:00
|
|
|
if (args->print_args->print_summary || (args->print_args->print_dissections != print_dissections_none)) {
|
|
|
|
|
if (!print_line(args->print_args->stream, 0, ""))
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
2004-04-16 18:17:48 +00:00
|
|
|
/* Print the full packet data as hex. */
|
2013-10-20 13:22:48 +00:00
|
|
|
if (!print_hex_data(args->print_args->stream, &args->edt))
|
2004-07-25 08:53:38 +00:00
|
|
|
goto fail;
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-04-16 18:17:48 +00:00
|
|
|
/* Print a blank line if we print anything after this (aka more than one packet). */
|
2004-01-09 22:56:59 +00:00
|
|
|
args->print_separator = TRUE;
|
2004-04-16 20:20:54 +00:00
|
|
|
|
|
|
|
|
/* Print a header line if we print any more packet summaries */
|
2013-06-19 15:22:56 +00:00
|
|
|
if (args->print_args->print_col_headings)
|
|
|
|
|
args->print_header_line = TRUE;
|
2004-07-25 08:53:38 +00:00
|
|
|
} /* if (args->print_args->print_dissections != print_dissections_none) */
|
2004-04-16 18:17:48 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(&args->edt);
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-04-22 17:03:21 +00:00
|
|
|
/* do we want to have a formfeed between each packet from now on? */
|
2012-08-12 22:21:02 +00:00
|
|
|
if (args->print_args->print_formfeed) {
|
2004-04-22 17:03:21 +00:00
|
|
|
args->print_formfeed = TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2004-07-25 08:53:38 +00:00
|
|
|
return TRUE;
|
|
|
|
|
|
|
|
|
|
fail:
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(&args->edt);
|
2004-07-25 08:53:38 +00:00
|
|
|
return FALSE;
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_print_status_t
|
2016-03-01 02:52:52 +00:00
|
|
|
cf_print_packets(capture_file *cf, print_args_t *print_args,
|
|
|
|
|
gboolean show_progress_bar)
|
2004-01-09 22:56:59 +00:00
|
|
|
{
|
|
|
|
|
print_callback_args_t callback_args;
|
2012-08-12 22:21:02 +00:00
|
|
|
gint data_width;
|
|
|
|
|
char *cp;
|
|
|
|
|
int i, cp_off, column_len, line_len;
|
|
|
|
|
int num_visible_col = 0, last_visible_col = 0, visible_col_count;
|
|
|
|
|
psp_return_t ret;
|
|
|
|
|
GList *clp;
|
|
|
|
|
fmt_data *cfmt;
|
2013-10-20 13:22:48 +00:00
|
|
|
gboolean proto_tree_needed;
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
callback_args.print_args = print_args;
|
2013-06-19 15:22:56 +00:00
|
|
|
callback_args.print_header_line = print_args->print_col_headings;
|
2004-04-16 20:20:54 +00:00
|
|
|
callback_args.header_line_buf = NULL;
|
|
|
|
|
callback_args.header_line_buf_len = 256;
|
2004-04-22 17:03:21 +00:00
|
|
|
callback_args.print_formfeed = FALSE;
|
2004-01-09 22:56:59 +00:00
|
|
|
callback_args.print_separator = FALSE;
|
|
|
|
|
callback_args.line_buf = NULL;
|
|
|
|
|
callback_args.line_buf_len = 256;
|
|
|
|
|
callback_args.col_widths = NULL;
|
2012-07-15 14:56:40 +00:00
|
|
|
callback_args.num_visible_cols = 0;
|
|
|
|
|
callback_args.visible_cols = NULL;
|
2004-07-27 20:10:02 +00:00
|
|
|
|
2014-06-22 01:02:27 +00:00
|
|
|
if (!print_preamble(print_args->stream, cf->filename, get_ws_vcs_version_info())) {
|
2004-07-27 20:10:02 +00:00
|
|
|
destroy_print_stream(print_args->stream);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-07-27 20:10:02 +00:00
|
|
|
}
|
|
|
|
|
|
2004-07-08 11:07:29 +00:00
|
|
|
if (print_args->print_summary) {
|
2004-04-16 20:20:54 +00:00
|
|
|
/* We're printing packet summaries. Allocate the header line buffer
|
|
|
|
|
and get the column widths. */
|
2013-03-06 17:35:11 +00:00
|
|
|
callback_args.header_line_buf = (char *)g_malloc(callback_args.header_line_buf_len + 1);
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2012-07-15 14:56:40 +00:00
|
|
|
/* Find the number of visible columns and the last visible column */
|
|
|
|
|
for (i = 0; i < prefs.num_cols; i++) {
|
|
|
|
|
|
|
|
|
|
clp = g_list_nth(prefs.col_list, i);
|
|
|
|
|
if (clp == NULL) /* Sanity check, Invalid column requested */
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
cfmt = (fmt_data *) clp->data;
|
|
|
|
|
if (cfmt->visible) {
|
|
|
|
|
num_visible_col++;
|
|
|
|
|
last_visible_col = i;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-17 13:54:36 +00:00
|
|
|
/* if num_visible_col is 0, we are done */
|
2018-01-19 08:32:27 +00:00
|
|
|
if (num_visible_col == 0) {
|
|
|
|
|
g_free(callback_args.header_line_buf);
|
2018-01-17 13:54:36 +00:00
|
|
|
return CF_PRINT_OK;
|
2018-01-19 08:32:27 +00:00
|
|
|
}
|
2018-01-17 13:54:36 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Find the widths for each of the columns - maximum of the
|
2004-04-16 20:20:54 +00:00
|
|
|
width of the title and the width of the data - and construct
|
|
|
|
|
a buffer with a line containing the column titles. */
|
2012-07-15 14:56:40 +00:00
|
|
|
callback_args.num_visible_cols = num_visible_col;
|
|
|
|
|
callback_args.col_widths = (gint *) g_malloc(sizeof(gint) * num_visible_col);
|
|
|
|
|
callback_args.visible_cols = (gint *) g_malloc(sizeof(gint) * num_visible_col);
|
2004-04-16 20:20:54 +00:00
|
|
|
cp = &callback_args.header_line_buf[0];
|
2004-01-09 22:56:59 +00:00
|
|
|
line_len = 0;
|
2012-07-15 14:56:40 +00:00
|
|
|
visible_col_count = 0;
|
2004-01-09 22:56:59 +00:00
|
|
|
for (i = 0; i < cf->cinfo.num_cols; i++) {
|
2012-07-15 14:56:40 +00:00
|
|
|
|
|
|
|
|
clp = g_list_nth(prefs.col_list, i);
|
|
|
|
|
if (clp == NULL) /* Sanity check, Invalid column requested */
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
cfmt = (fmt_data *) clp->data;
|
|
|
|
|
if (cfmt->visible == FALSE)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
/* Save the order of visible columns */
|
|
|
|
|
callback_args.visible_cols[visible_col_count] = i;
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Don't pad the last column. */
|
2012-07-15 14:56:40 +00:00
|
|
|
if (i == last_visible_col)
|
|
|
|
|
callback_args.col_widths[visible_col_count] = 0;
|
2004-01-09 22:56:59 +00:00
|
|
|
else {
|
2015-06-27 03:00:33 +00:00
|
|
|
callback_args.col_widths[visible_col_count] = (gint) strlen(cf->cinfo.columns[i].col_title);
|
2004-01-09 22:56:59 +00:00
|
|
|
data_width = get_column_char_width(get_column_format(i));
|
2012-07-15 14:56:40 +00:00
|
|
|
if (data_width > callback_args.col_widths[visible_col_count])
|
|
|
|
|
callback_args.col_widths[visible_col_count] = data_width;
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Find the length of the string for this column. */
|
2015-06-27 03:00:33 +00:00
|
|
|
column_len = (int) strlen(cf->cinfo.columns[i].col_title);
|
2018-01-24 02:34:48 +00:00
|
|
|
if (callback_args.col_widths[visible_col_count] > column_len)
|
2012-07-15 14:56:40 +00:00
|
|
|
column_len = callback_args.col_widths[visible_col_count];
|
2004-01-09 22:56:59 +00:00
|
|
|
|
|
|
|
|
/* Make sure there's room in the line buffer for the column; if not,
|
|
|
|
|
double its length. */
|
2009-09-21 15:50:15 +00:00
|
|
|
line_len += column_len + 1; /* "+1" for space */
|
2004-04-16 20:20:54 +00:00
|
|
|
if (line_len > callback_args.header_line_buf_len) {
|
2009-04-16 04:05:39 +00:00
|
|
|
cp_off = (int) (cp - callback_args.header_line_buf);
|
2004-04-16 20:20:54 +00:00
|
|
|
callback_args.header_line_buf_len = 2 * line_len;
|
2013-03-06 17:35:11 +00:00
|
|
|
callback_args.header_line_buf = (char *)g_realloc(callback_args.header_line_buf,
|
2004-04-16 20:20:54 +00:00
|
|
|
callback_args.header_line_buf_len + 1);
|
|
|
|
|
cp = callback_args.header_line_buf + cp_off;
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Right-justify the packet number column. */
|
2004-04-20 22:34:08 +00:00
|
|
|
/* if (cf->cinfo.col_fmt[i] == COL_NUMBER)
|
2015-06-27 03:00:33 +00:00
|
|
|
g_snprintf(cp, column_len+1, "%*s", callback_args.col_widths[visible_col_count], cf->cinfo.columns[i].col_title);
|
2004-04-20 22:34:08 +00:00
|
|
|
else*/
|
2015-06-27 03:00:33 +00:00
|
|
|
g_snprintf(cp, column_len+1, "%-*s", callback_args.col_widths[visible_col_count], cf->cinfo.columns[i].col_title);
|
2004-01-09 22:56:59 +00:00
|
|
|
cp += column_len;
|
|
|
|
|
if (i != cf->cinfo.num_cols - 1)
|
|
|
|
|
*cp++ = ' ';
|
2012-07-15 14:56:40 +00:00
|
|
|
|
|
|
|
|
visible_col_count++;
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
|
|
|
|
*cp = '\0';
|
2004-04-16 20:20:54 +00:00
|
|
|
|
|
|
|
|
/* Now start out the main line buffer with the same length as the
|
|
|
|
|
header line buffer. */
|
|
|
|
|
callback_args.line_buf_len = callback_args.header_line_buf_len;
|
2013-03-06 17:35:11 +00:00
|
|
|
callback_args.line_buf = (char *)g_malloc(callback_args.line_buf_len + 1);
|
2004-01-09 22:56:59 +00:00
|
|
|
} /* if (print_summary) */
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
/* Create the protocol tree, and make it visible, if we're printing
|
|
|
|
|
the dissection or the hex data.
|
|
|
|
|
XXX - do we need it if we're just printing the hex data? */
|
|
|
|
|
proto_tree_needed =
|
|
|
|
|
callback_args.print_args->print_dissections != print_dissections_none ||
|
|
|
|
|
callback_args.print_args->print_hex ||
|
2016-02-03 22:10:40 +00:00
|
|
|
have_custom_cols(&cf->cinfo) || have_field_extractors();
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&callback_args.edt, cf->epan, proto_tree_needed, proto_tree_needed);
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* Iterate through the list of packets, printing the packets we were
|
|
|
|
|
told to print. */
|
2014-05-24 18:28:30 +00:00
|
|
|
ret = process_specified_records(cf, &print_args->range, "Printing",
|
2005-11-12 11:05:02 +00:00
|
|
|
"selected packets", TRUE, print_packet,
|
2016-03-01 02:52:52 +00:00
|
|
|
&callback_args, show_progress_bar);
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_cleanup(&callback_args.edt);
|
2009-03-15 18:08:46 +00:00
|
|
|
g_free(callback_args.header_line_buf);
|
|
|
|
|
g_free(callback_args.line_buf);
|
|
|
|
|
g_free(callback_args.col_widths);
|
2012-07-15 14:56:40 +00:00
|
|
|
g_free(callback_args.visible_cols);
|
2004-01-25 00:58:13 +00:00
|
|
|
|
|
|
|
|
switch (ret) {
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the printing.
|
|
|
|
|
|
|
|
|
|
XXX - note that what got generated before they did that
|
2004-01-25 00:58:13 +00:00
|
|
|
will get printed if we're piping to a print program; we'd
|
2004-01-09 22:56:59 +00:00
|
|
|
have to write to a file and then hand that to the print
|
|
|
|
|
program to make it actually not print anything. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
2004-01-25 00:58:13 +00:00
|
|
|
/* Error while printing.
|
2004-01-09 22:56:59 +00:00
|
|
|
|
2004-01-25 00:58:13 +00:00
|
|
|
XXX - note that what got generated before they did that
|
|
|
|
|
will get printed if we're piping to a print program; we'd
|
|
|
|
|
have to write to a file and then hand that to the print
|
|
|
|
|
program to make it actually not print anything. */
|
2004-07-27 20:10:02 +00:00
|
|
|
destroy_print_stream(print_args->stream);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-01-25 00:58:13 +00:00
|
|
|
}
|
1999-07-23 21:09:25 +00:00
|
|
|
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!print_finale(print_args->stream)) {
|
|
|
|
|
destroy_print_stream(print_args->stream);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-01-25 00:58:13 +00:00
|
|
|
}
|
2002-08-28 21:04:11 +00:00
|
|
|
|
2004-07-27 20:10:02 +00:00
|
|
|
if (!destroy_print_stream(print_args->stream))
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2000-05-18 08:35:01 +00:00
|
|
|
|
2005-02-05 13:44:27 +00:00
|
|
|
return CF_PRINT_OK;
|
1999-07-23 08:29:24 +00:00
|
|
|
}
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
typedef struct {
|
|
|
|
|
FILE *fh;
|
|
|
|
|
epan_dissect_t edt;
|
2016-06-19 14:52:50 +00:00
|
|
|
print_args_t *print_args;
|
2013-10-20 13:22:48 +00:00
|
|
|
} write_packet_callback_args_t;
|
|
|
|
|
|
2004-07-08 10:36:29 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
write_pdml_packet(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2004-07-08 10:36:29 +00:00
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t *args = (write_packet_callback_args_t *)argsp;
|
2004-07-08 10:36:29 +00:00
|
|
|
|
|
|
|
|
/* Create the protocol tree, but don't fill in the column information. */
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd), fdata, NULL);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
|
|
|
|
/* Write out the information in that tree. */
|
2017-12-21 13:58:07 +00:00
|
|
|
write_pdml_proto_tree(NULL, NULL, PF_NONE, &args->edt, &cf->cinfo, args->fh, FALSE);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(&args->edt);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
return !ferror(args->fh);
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_print_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_write_pdml_packets(capture_file *cf, print_args_t *print_args)
|
2004-07-08 10:36:29 +00:00
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t callback_args;
|
2012-08-12 22:21:02 +00:00
|
|
|
FILE *fh;
|
|
|
|
|
psp_return_t ret;
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2008-05-22 15:46:27 +00:00
|
|
|
fh = ws_fopen(print_args->file, "w");
|
2004-07-08 10:36:29 +00:00
|
|
|
if (fh == NULL)
|
2009-09-21 15:50:15 +00:00
|
|
|
return CF_PRINT_OPEN_ERROR; /* attempt to open destination failed */
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2011-05-19 18:10:21 +00:00
|
|
|
write_pdml_preamble(fh, cf->filename);
|
2004-07-08 10:36:29 +00:00
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
callback_args.fh = fh;
|
2016-06-19 14:52:50 +00:00
|
|
|
callback_args.print_args = print_args;
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&callback_args.edt, cf->epan, TRUE, TRUE);
|
|
|
|
|
|
2004-07-08 10:36:29 +00:00
|
|
|
/* Iterate through the list of packets, printing the packets we were
|
|
|
|
|
told to print. */
|
2014-05-24 18:28:30 +00:00
|
|
|
ret = process_specified_records(cf, &print_args->range, "Writing PDML",
|
2005-11-12 11:05:02 +00:00
|
|
|
"selected packets", TRUE,
|
2016-03-01 02:52:52 +00:00
|
|
|
write_pdml_packet, &callback_args, TRUE);
|
2013-10-20 13:22:48 +00:00
|
|
|
|
|
|
|
|
epan_dissect_cleanup(&callback_args.edt);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
|
|
|
|
switch (ret) {
|
|
|
|
|
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the printing. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while printing. */
|
|
|
|
|
fclose(fh);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
write_pdml_finale(fh);
|
|
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XXX - check for an error */
|
|
|
|
|
fclose(fh);
|
|
|
|
|
|
2005-02-05 13:44:27 +00:00
|
|
|
return CF_PRINT_OK;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
write_psml_packet(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2004-07-08 10:36:29 +00:00
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t *args = (write_packet_callback_args_t *)argsp;
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2014-11-29 22:43:22 +00:00
|
|
|
/* Fill in the column information */
|
2013-10-20 13:22:48 +00:00
|
|
|
col_custom_prime_edt(&args->edt, &cf->cinfo);
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd),
|
|
|
|
|
fdata, &cf->cinfo);
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_fill_in_columns(&args->edt, FALSE, TRUE);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2014-11-29 22:43:22 +00:00
|
|
|
/* Write out the column information. */
|
2017-06-11 16:03:13 +00:00
|
|
|
write_psml_columns(&args->edt, args->fh, FALSE);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(&args->edt);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
return !ferror(args->fh);
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_print_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_write_psml_packets(capture_file *cf, print_args_t *print_args)
|
2004-07-08 10:36:29 +00:00
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t callback_args;
|
2012-08-12 22:21:02 +00:00
|
|
|
FILE *fh;
|
|
|
|
|
psp_return_t ret;
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
gboolean proto_tree_needed;
|
|
|
|
|
|
2008-05-22 15:46:27 +00:00
|
|
|
fh = ws_fopen(print_args->file, "w");
|
2004-07-08 10:36:29 +00:00
|
|
|
if (fh == NULL)
|
2009-09-21 15:50:15 +00:00
|
|
|
return CF_PRINT_OPEN_ERROR; /* attempt to open destination failed */
|
2004-07-08 10:36:29 +00:00
|
|
|
|
2014-11-29 22:43:22 +00:00
|
|
|
write_psml_preamble(&cf->cinfo, fh);
|
2004-07-08 10:36:29 +00:00
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
callback_args.fh = fh;
|
2016-06-19 14:52:50 +00:00
|
|
|
callback_args.print_args = print_args;
|
2013-10-20 13:22:48 +00:00
|
|
|
|
|
|
|
|
/* Fill in the column information, only create the protocol tree
|
2016-02-03 22:10:40 +00:00
|
|
|
if having custom columns or field extractors. */
|
|
|
|
|
proto_tree_needed = have_custom_cols(&cf->cinfo) || have_field_extractors();
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&callback_args.edt, cf->epan, proto_tree_needed, proto_tree_needed);
|
|
|
|
|
|
2004-07-08 10:36:29 +00:00
|
|
|
/* Iterate through the list of packets, printing the packets we were
|
|
|
|
|
told to print. */
|
2014-05-24 18:28:30 +00:00
|
|
|
ret = process_specified_records(cf, &print_args->range, "Writing PSML",
|
2005-11-12 11:05:02 +00:00
|
|
|
"selected packets", TRUE,
|
2016-03-01 02:52:52 +00:00
|
|
|
write_psml_packet, &callback_args, TRUE);
|
2013-10-20 13:22:48 +00:00
|
|
|
|
|
|
|
|
epan_dissect_cleanup(&callback_args.edt);
|
2004-07-08 10:36:29 +00:00
|
|
|
|
|
|
|
|
switch (ret) {
|
|
|
|
|
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the printing. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while printing. */
|
|
|
|
|
fclose(fh);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
write_psml_finale(fh);
|
|
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
2005-02-04 18:44:44 +00:00
|
|
|
return CF_PRINT_WRITE_ERROR;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XXX - check for an error */
|
|
|
|
|
fclose(fh);
|
|
|
|
|
|
2005-02-05 13:44:27 +00:00
|
|
|
return CF_PRINT_OK;
|
2004-07-08 10:36:29 +00:00
|
|
|
}
|
|
|
|
|
|
2005-03-11 20:56:31 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
write_csv_packet(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2005-03-11 20:56:31 +00:00
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t *args = (write_packet_callback_args_t *)argsp;
|
2005-03-11 20:56:31 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
/* Fill in the column information */
|
|
|
|
|
col_custom_prime_edt(&args->edt, &cf->cinfo);
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd),
|
|
|
|
|
fdata, &cf->cinfo);
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_fill_in_columns(&args->edt, FALSE, TRUE);
|
2005-03-11 20:56:31 +00:00
|
|
|
|
2014-11-29 22:43:22 +00:00
|
|
|
/* Write out the column information. */
|
|
|
|
|
write_csv_columns(&args->edt, args->fh);
|
2005-03-11 20:56:31 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(&args->edt);
|
2005-03-11 20:56:31 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
return !ferror(args->fh);
|
2005-03-11 20:56:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cf_print_status_t
|
|
|
|
|
cf_write_csv_packets(capture_file *cf, print_args_t *print_args)
|
|
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t callback_args;
|
|
|
|
|
gboolean proto_tree_needed;
|
2012-08-12 22:21:02 +00:00
|
|
|
FILE *fh;
|
|
|
|
|
psp_return_t ret;
|
2005-03-11 20:56:31 +00:00
|
|
|
|
2008-05-22 15:46:27 +00:00
|
|
|
fh = ws_fopen(print_args->file, "w");
|
2005-03-11 20:56:31 +00:00
|
|
|
if (fh == NULL)
|
|
|
|
|
return CF_PRINT_OPEN_ERROR; /* attempt to open destination failed */
|
|
|
|
|
|
2014-11-29 22:43:22 +00:00
|
|
|
write_csv_column_titles(&cf->cinfo, fh);
|
2005-03-11 20:56:31 +00:00
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_WRITE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
callback_args.fh = fh;
|
2016-06-19 14:52:50 +00:00
|
|
|
callback_args.print_args = print_args;
|
2013-10-20 13:22:48 +00:00
|
|
|
|
2016-02-03 22:10:40 +00:00
|
|
|
/* only create the protocol tree if having custom columns or field extractors. */
|
|
|
|
|
proto_tree_needed = have_custom_cols(&cf->cinfo) || have_field_extractors();
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&callback_args.edt, cf->epan, proto_tree_needed, proto_tree_needed);
|
|
|
|
|
|
2005-03-11 20:56:31 +00:00
|
|
|
/* Iterate through the list of packets, printing the packets we were
|
|
|
|
|
told to print. */
|
2014-05-24 18:28:30 +00:00
|
|
|
ret = process_specified_records(cf, &print_args->range, "Writing CSV",
|
2005-11-12 11:05:02 +00:00
|
|
|
"selected packets", TRUE,
|
2016-03-01 02:52:52 +00:00
|
|
|
write_csv_packet, &callback_args, TRUE);
|
2005-03-11 20:56:31 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_cleanup(&callback_args.edt);
|
|
|
|
|
|
2005-03-11 20:56:31 +00:00
|
|
|
switch (ret) {
|
|
|
|
|
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the printing. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while printing. */
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_WRITE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XXX - check for an error */
|
|
|
|
|
fclose(fh);
|
|
|
|
|
|
|
|
|
|
return CF_PRINT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2008-03-11 18:23:16 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
carrays_write_packet(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2008-03-11 18:23:16 +00:00
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t *args = (write_packet_callback_args_t *)argsp;
|
2011-12-09 19:44:28 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd), fdata, NULL);
|
2014-11-29 22:43:22 +00:00
|
|
|
write_carrays_hex_data(fdata->num, args->fh, &args->edt);
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_reset(&args->edt);
|
2008-03-11 18:23:16 +00:00
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
return !ferror(args->fh);
|
2008-03-11 18:23:16 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cf_print_status_t
|
|
|
|
|
cf_write_carrays_packets(capture_file *cf, print_args_t *print_args)
|
|
|
|
|
{
|
2013-10-20 13:22:48 +00:00
|
|
|
write_packet_callback_args_t callback_args;
|
2012-08-12 22:21:02 +00:00
|
|
|
FILE *fh;
|
|
|
|
|
psp_return_t ret;
|
2008-03-11 18:23:16 +00:00
|
|
|
|
2008-05-22 15:46:27 +00:00
|
|
|
fh = ws_fopen(print_args->file, "w");
|
2008-03-11 18:23:16 +00:00
|
|
|
|
|
|
|
|
if (fh == NULL)
|
|
|
|
|
return CF_PRINT_OPEN_ERROR; /* attempt to open destination failed */
|
|
|
|
|
|
|
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_WRITE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-20 13:22:48 +00:00
|
|
|
callback_args.fh = fh;
|
2016-06-19 14:52:50 +00:00
|
|
|
callback_args.print_args = print_args;
|
2013-10-20 13:22:48 +00:00
|
|
|
epan_dissect_init(&callback_args.edt, cf->epan, TRUE, TRUE);
|
|
|
|
|
|
2008-03-11 18:23:16 +00:00
|
|
|
/* Iterate through the list of packets, printing the packets we were
|
|
|
|
|
told to print. */
|
2014-05-24 18:28:30 +00:00
|
|
|
ret = process_specified_records(cf, &print_args->range,
|
2016-03-01 02:52:52 +00:00
|
|
|
"Writing C Arrays",
|
|
|
|
|
"selected packets", TRUE,
|
|
|
|
|
carrays_write_packet, &callback_args, TRUE);
|
2013-10-20 13:22:48 +00:00
|
|
|
|
|
|
|
|
epan_dissect_cleanup(&callback_args.edt);
|
|
|
|
|
|
2008-03-11 18:23:16 +00:00
|
|
|
switch (ret) {
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the printing. */
|
|
|
|
|
break;
|
|
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while printing. */
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_WRITE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-19 14:52:50 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
write_json_packet(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2016-06-19 14:52:50 +00:00
|
|
|
{
|
|
|
|
|
write_packet_callback_args_t *args = (write_packet_callback_args_t *)argsp;
|
|
|
|
|
|
|
|
|
|
/* Create the protocol tree, but don't fill in the column information. */
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&args->edt, cf->cd_t, rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new(&cf->provider, fdata, pd), fdata, NULL);
|
2016-06-19 14:52:50 +00:00
|
|
|
|
|
|
|
|
/* Write out the information in that tree. */
|
2017-04-23 23:48:17 +00:00
|
|
|
write_json_proto_tree(NULL, args->print_args->print_dissections,
|
|
|
|
|
args->print_args->print_hex, NULL, PF_NONE,
|
2017-12-21 13:58:07 +00:00
|
|
|
&args->edt, &cf->cinfo, proto_node_group_children_by_unique, args->fh);
|
2016-06-19 14:52:50 +00:00
|
|
|
|
|
|
|
|
epan_dissect_reset(&args->edt);
|
|
|
|
|
|
|
|
|
|
return !ferror(args->fh);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cf_print_status_t
|
|
|
|
|
cf_write_json_packets(capture_file *cf, print_args_t *print_args)
|
|
|
|
|
{
|
|
|
|
|
write_packet_callback_args_t callback_args;
|
|
|
|
|
FILE *fh;
|
|
|
|
|
psp_return_t ret;
|
|
|
|
|
|
|
|
|
|
fh = ws_fopen(print_args->file, "w");
|
|
|
|
|
if (fh == NULL)
|
|
|
|
|
return CF_PRINT_OPEN_ERROR; /* attempt to open destination failed */
|
|
|
|
|
|
|
|
|
|
write_json_preamble(fh);
|
|
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_WRITE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
callback_args.fh = fh;
|
|
|
|
|
callback_args.print_args = print_args;
|
|
|
|
|
epan_dissect_init(&callback_args.edt, cf->epan, TRUE, TRUE);
|
|
|
|
|
|
|
|
|
|
/* Iterate through the list of packets, printing the packets we were
|
|
|
|
|
told to print. */
|
|
|
|
|
ret = process_specified_records(cf, &print_args->range, "Writing PDML",
|
|
|
|
|
"selected packets", TRUE,
|
|
|
|
|
write_json_packet, &callback_args, TRUE);
|
|
|
|
|
|
|
|
|
|
epan_dissect_cleanup(&callback_args.edt);
|
|
|
|
|
|
|
|
|
|
switch (ret) {
|
|
|
|
|
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* Well, the user decided to abort the printing. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
|
|
|
|
/* Error while printing. */
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_WRITE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
write_json_finale(fh);
|
|
|
|
|
if (ferror(fh)) {
|
|
|
|
|
fclose(fh);
|
|
|
|
|
return CF_PRINT_WRITE_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XXX - check for an error */
|
|
|
|
|
fclose(fh);
|
|
|
|
|
|
|
|
|
|
return CF_PRINT_OK;
|
|
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
cf_find_packet_protocol_tree(capture_file *cf, const char *string,
|
|
|
|
|
search_direction dir)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
match_data mdata;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
mdata.string = string;
|
|
|
|
|
mdata.string_len = strlen(string);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return find_packet(cf, match_protocol_tree, &mdata, dir);
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
2011-01-31 12:19:15 +00:00
|
|
|
gboolean
|
|
|
|
|
cf_find_string_protocol_tree(capture_file *cf, proto_tree *tree, match_data *mdata)
|
|
|
|
|
{
|
|
|
|
|
mdata->frame_matched = FALSE;
|
|
|
|
|
mdata->string = convert_string_case(cf->sfilter, cf->case_type);
|
|
|
|
|
mdata->string_len = strlen(mdata->string);
|
|
|
|
|
mdata->cf = cf;
|
|
|
|
|
/* Iterate through all the nodes looking for matching text */
|
|
|
|
|
proto_tree_children_foreach(tree, match_subtree_text, mdata);
|
2011-09-21 18:55:03 +00:00
|
|
|
return mdata->frame_matched ? MR_MATCHED : MR_NOTMATCHED;
|
2011-01-31 12:19:15 +00:00
|
|
|
}
|
|
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_protocol_tree(capture_file *cf, frame_data *fdata, void *criterion)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
match_data *mdata = (match_data *)criterion;
|
2012-08-12 22:21:02 +00:00
|
|
|
epan_dissect_t edt;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Load the frame's data. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Construct the protocol tree, including the displayed text */
|
2013-07-21 18:38:03 +00:00
|
|
|
epan_dissect_init(&edt, cf->epan, TRUE, TRUE);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* We don't need the column information */
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&edt, cf->cd_t, &cf->rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new_buffer(&cf->provider, fdata, &cf->buf),
|
|
|
|
|
fdata, NULL);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
|
|
|
|
/* Iterate through all the nodes, seeing if they have text that matches. */
|
|
|
|
|
mdata->cf = cf;
|
|
|
|
|
mdata->frame_matched = FALSE;
|
2009-08-13 19:42:46 +00:00
|
|
|
proto_tree_children_foreach(edt.tree, match_subtree_text, mdata);
|
|
|
|
|
epan_dissect_cleanup(&edt);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return mdata->frame_matched ? MR_MATCHED : MR_NOTMATCHED;
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static void
|
2003-12-04 10:59:34 +00:00
|
|
|
match_subtree_text(proto_node *node, gpointer data)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
match_data *mdata = (match_data *) data;
|
|
|
|
|
const gchar *string = mdata->string;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
size_t string_len = mdata->string_len;
|
2012-08-12 22:21:02 +00:00
|
|
|
capture_file *cf = mdata->cf;
|
|
|
|
|
field_info *fi = PNODE_FINFO(node);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
gchar label_str[ITEM_LABEL_LENGTH];
|
2012-08-12 22:21:02 +00:00
|
|
|
gchar *label_ptr;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
size_t label_len;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
2012-08-12 22:21:02 +00:00
|
|
|
size_t c_match = 0;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
2012-09-05 01:44:09 +00:00
|
|
|
/* dissection with an invisible proto tree? */
|
|
|
|
|
g_assert(fi);
|
2009-08-21 11:03:30 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (mdata->frame_matched) {
|
|
|
|
|
/* We already had a match; don't bother doing any more work. */
|
|
|
|
|
return;
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Don't match invisible entries. */
|
2004-05-01 15:15:08 +00:00
|
|
|
if (PROTO_ITEM_IS_HIDDEN(node))
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
return;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* was a free format label produced? */
|
2003-11-25 14:07:45 +00:00
|
|
|
if (fi->rep) {
|
|
|
|
|
label_ptr = fi->rep->representation;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
} else {
|
|
|
|
|
/* no, make a generic label */
|
|
|
|
|
label_ptr = label_str;
|
|
|
|
|
proto_item_fill_label(fi, label_str);
|
|
|
|
|
}
|
2006-04-27 18:46:05 +00:00
|
|
|
|
2016-02-16 21:34:12 +00:00
|
|
|
if (cf->regex) {
|
|
|
|
|
if (g_regex_match(cf->regex, label_ptr, (GRegexMatchFlags) 0, NULL)) {
|
|
|
|
|
mdata->frame_matched = TRUE;
|
|
|
|
|
mdata->finfo = fi;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
/* Does that label match? */
|
|
|
|
|
label_len = strlen(label_ptr);
|
|
|
|
|
for (i = 0; i < label_len; i++) {
|
|
|
|
|
c_char = label_ptr[i];
|
|
|
|
|
if (cf->case_type)
|
|
|
|
|
c_char = g_ascii_toupper(c_char);
|
|
|
|
|
if (c_char == string[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
if (c_match == string_len) {
|
|
|
|
|
/* No need to look further; we have a match */
|
|
|
|
|
mdata->frame_matched = TRUE;
|
|
|
|
|
mdata->finfo = fi;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
c_match = 0;
|
|
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2006-04-27 18:46:05 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Recurse into the subtree, if it exists */
|
2003-12-04 10:59:34 +00:00
|
|
|
if (node->first_child != NULL)
|
|
|
|
|
proto_tree_children_foreach(node, match_subtree_text, mdata);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
cf_find_packet_summary_line(capture_file *cf, const char *string,
|
|
|
|
|
search_direction dir)
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
match_data mdata;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
mdata.string = string;
|
|
|
|
|
mdata.string_len = strlen(string);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return find_packet(cf, match_summary_line, &mdata, dir);
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_summary_line(capture_file *cf, frame_data *fdata, void *criterion)
|
2003-08-11 22:41:10 +00:00
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
match_data *mdata = (match_data *)criterion;
|
2012-08-12 22:21:02 +00:00
|
|
|
const gchar *string = mdata->string;
|
|
|
|
|
size_t string_len = mdata->string_len;
|
|
|
|
|
epan_dissect_t edt;
|
|
|
|
|
const char *info_column;
|
|
|
|
|
size_t info_column_len;
|
|
|
|
|
match_result result = MR_NOTMATCHED;
|
|
|
|
|
gint colx;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
|
|
|
|
|
/* Load the frame's data. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
|
|
|
|
/* Don't bother constructing the protocol tree */
|
2013-07-21 18:38:03 +00:00
|
|
|
epan_dissect_init(&edt, cf->epan, FALSE, FALSE);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Get the column information */
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&edt, cf->cd_t, &cf->rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new_buffer(&cf->provider, fdata, &cf->buf),
|
|
|
|
|
fdata, &cf->cinfo);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
|
|
|
|
/* Find the Info column */
|
|
|
|
|
for (colx = 0; colx < cf->cinfo.num_cols; colx++) {
|
2015-06-27 03:00:33 +00:00
|
|
|
if (cf->cinfo.columns[colx].fmt_matx[COL_INFO]) {
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Found it. See if we match. */
|
2015-06-27 03:00:33 +00:00
|
|
|
info_column = edt.pi.cinfo->columns[colx].col_data;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
info_column_len = strlen(info_column);
|
2016-02-16 21:34:12 +00:00
|
|
|
if (cf->regex) {
|
|
|
|
|
if (g_regex_match(cf->regex, info_column, (GRegexMatchFlags) 0, NULL)) {
|
|
|
|
|
result = MR_MATCHED;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
for (i = 0; i < info_column_len; i++) {
|
|
|
|
|
c_char = info_column[i];
|
|
|
|
|
if (cf->case_type)
|
|
|
|
|
c_char = g_ascii_toupper(c_char);
|
|
|
|
|
if (c_char == string[c_match]) {
|
|
|
|
|
c_match++;
|
|
|
|
|
if (c_match == string_len) {
|
|
|
|
|
result = MR_MATCHED;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
c_match = 0;
|
|
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2009-08-13 19:42:46 +00:00
|
|
|
epan_dissect_cleanup(&edt);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return result;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
typedef struct {
|
2009-09-21 15:50:15 +00:00
|
|
|
const guint8 *data;
|
2012-08-12 22:21:02 +00:00
|
|
|
size_t data_len;
|
2009-09-21 15:50:15 +00:00
|
|
|
} cbs_t; /* "Counted byte string" */
|
2003-08-11 22:41:10 +00:00
|
|
|
|
2012-12-15 01:04:39 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The current match_* routines only support ASCII case insensitivity and don't
|
|
|
|
|
* convert UTF-8 inputs to UTF-16 for matching.
|
|
|
|
|
*
|
|
|
|
|
* We could modify them to use the GLib Unicode routines or the International
|
|
|
|
|
* Components for Unicode library but it's not apparent that we could do so
|
|
|
|
|
* without consuming a lot more CPU and memory or that searching would be
|
|
|
|
|
* significantly better.
|
|
|
|
|
*/
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
cf_find_packet_data(capture_file *cf, const guint8 *string, size_t string_size,
|
|
|
|
|
search_direction dir)
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
{
|
|
|
|
|
cbs_t info;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
info.data = string;
|
|
|
|
|
info.data_len = string_size;
|
2003-08-11 22:41:10 +00:00
|
|
|
|
2016-02-16 21:34:12 +00:00
|
|
|
/* Regex, String or hex search? */
|
|
|
|
|
if (cf->regex) {
|
|
|
|
|
/* Regular Expression search */
|
|
|
|
|
return find_packet(cf, match_regex, NULL, dir);
|
|
|
|
|
} else if (cf->string) {
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* String search - what type of string? */
|
|
|
|
|
switch (cf->scs_type) {
|
2003-08-11 22:41:10 +00:00
|
|
|
|
2012-12-15 01:04:39 +00:00
|
|
|
case SCS_NARROW_AND_WIDE:
|
|
|
|
|
return find_packet(cf, match_narrow_and_wide, &info, dir);
|
2003-08-11 22:41:10 +00:00
|
|
|
|
2012-12-15 01:04:39 +00:00
|
|
|
case SCS_NARROW:
|
|
|
|
|
return find_packet(cf, match_narrow, &info, dir);
|
2003-08-11 22:41:10 +00:00
|
|
|
|
2012-12-15 01:04:39 +00:00
|
|
|
case SCS_WIDE:
|
|
|
|
|
return find_packet(cf, match_wide, &info, dir);
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
default:
|
|
|
|
|
g_assert_not_reached();
|
|
|
|
|
return FALSE;
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
} else
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return find_packet(cf, match_binary, &info, dir);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result
|
2012-12-15 01:04:39 +00:00
|
|
|
match_narrow_and_wide(capture_file *cf, frame_data *fdata, void *criterion)
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
cbs_t *info = (cbs_t *)criterion;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
const guint8 *ascii_text = info->data;
|
2012-08-12 22:21:02 +00:00
|
|
|
size_t textlen = info->data_len;
|
|
|
|
|
match_result result;
|
|
|
|
|
guint32 buf_len;
|
2013-06-16 00:20:00 +00:00
|
|
|
guint8 *pd;
|
2012-08-12 22:21:02 +00:00
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
|
|
|
|
|
/* Load the frame's data. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result = MR_NOTMATCHED;
|
2012-10-17 21:14:14 +00:00
|
|
|
buf_len = fdata->cap_len;
|
2014-08-02 11:00:48 +00:00
|
|
|
pd = ws_buffer_start_ptr(&cf->buf);
|
2012-01-13 21:09:33 +00:00
|
|
|
i = 0;
|
|
|
|
|
while (i < buf_len) {
|
2013-06-16 00:20:00 +00:00
|
|
|
c_char = pd[i];
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (cf->case_type)
|
2015-05-17 20:59:12 +00:00
|
|
|
c_char = g_ascii_toupper(c_char);
|
2012-01-13 21:09:33 +00:00
|
|
|
if (c_char != '\0') {
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (c_char == ascii_text[c_match]) {
|
2012-01-13 21:09:33 +00:00
|
|
|
c_match += 1;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
if (c_match == textlen) {
|
|
|
|
|
result = MR_MATCHED;
|
|
|
|
|
cf->search_pos = i; /* Save the position of the last character
|
|
|
|
|
for highlighting the field. */
|
2016-02-23 08:30:48 +00:00
|
|
|
cf->search_len = (guint32)textlen;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2012-01-13 21:09:33 +00:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
g_assert(i>=c_match);
|
2012-01-13 22:27:59 +00:00
|
|
|
i -= (guint32)c_match;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
c_match = 0;
|
2012-01-13 21:09:33 +00:00
|
|
|
}
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2012-01-13 21:09:33 +00:00
|
|
|
i += 1;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return result;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-08-11 22:41:10 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result
|
2012-12-15 01:04:39 +00:00
|
|
|
match_narrow(capture_file *cf, frame_data *fdata, void *criterion)
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
{
|
2013-06-16 00:20:00 +00:00
|
|
|
guint8 *pd;
|
2013-03-06 17:35:11 +00:00
|
|
|
cbs_t *info = (cbs_t *)criterion;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
const guint8 *ascii_text = info->data;
|
2012-08-12 22:21:02 +00:00
|
|
|
size_t textlen = info->data_len;
|
|
|
|
|
match_result result;
|
|
|
|
|
guint32 buf_len;
|
|
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
|
|
|
|
|
/* Load the frame's data. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result = MR_NOTMATCHED;
|
2012-10-17 21:14:14 +00:00
|
|
|
buf_len = fdata->cap_len;
|
2014-08-02 11:00:48 +00:00
|
|
|
pd = ws_buffer_start_ptr(&cf->buf);
|
2012-01-13 21:09:33 +00:00
|
|
|
i = 0;
|
|
|
|
|
while (i < buf_len) {
|
2013-06-16 00:20:00 +00:00
|
|
|
c_char = pd[i];
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (cf->case_type)
|
2015-05-17 20:59:12 +00:00
|
|
|
c_char = g_ascii_toupper(c_char);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (c_char == ascii_text[c_match]) {
|
2012-01-13 21:09:33 +00:00
|
|
|
c_match += 1;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (c_match == textlen) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
result = MR_MATCHED;
|
|
|
|
|
cf->search_pos = i; /* Save the position of the last character
|
|
|
|
|
for highlighting the field. */
|
2016-02-23 08:30:48 +00:00
|
|
|
cf->search_len = (guint32)textlen;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
break;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2012-01-13 21:09:33 +00:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
g_assert(i>=c_match);
|
2012-01-13 22:27:59 +00:00
|
|
|
i -= (guint32)c_match;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
c_match = 0;
|
2012-01-13 21:09:33 +00:00
|
|
|
}
|
|
|
|
|
i += 1;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2012-01-13 21:09:33 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return result;
|
2003-08-11 22:41:10 +00:00
|
|
|
}
|
|
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result
|
2012-12-15 01:04:39 +00:00
|
|
|
match_wide(capture_file *cf, frame_data *fdata, void *criterion)
|
2003-07-22 23:08:48 +00:00
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
cbs_t *info = (cbs_t *)criterion;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
const guint8 *ascii_text = info->data;
|
2012-08-12 22:21:02 +00:00
|
|
|
size_t textlen = info->data_len;
|
|
|
|
|
match_result result;
|
|
|
|
|
guint32 buf_len;
|
2013-06-16 00:20:00 +00:00
|
|
|
guint8 *pd;
|
2012-08-12 22:21:02 +00:00
|
|
|
guint32 i;
|
|
|
|
|
guint8 c_char;
|
|
|
|
|
size_t c_match = 0;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
|
|
|
|
|
/* Load the frame's data. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result = MR_NOTMATCHED;
|
2012-10-17 21:14:14 +00:00
|
|
|
buf_len = fdata->cap_len;
|
2014-08-02 11:00:48 +00:00
|
|
|
pd = ws_buffer_start_ptr(&cf->buf);
|
2012-01-13 21:09:33 +00:00
|
|
|
i = 0;
|
|
|
|
|
while (i < buf_len) {
|
2013-06-16 00:20:00 +00:00
|
|
|
c_char = pd[i];
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (cf->case_type)
|
2015-05-17 20:59:12 +00:00
|
|
|
c_char = g_ascii_toupper(c_char);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (c_char == ascii_text[c_match]) {
|
2012-01-13 21:09:33 +00:00
|
|
|
c_match += 1;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (c_match == textlen) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
result = MR_MATCHED;
|
|
|
|
|
cf->search_pos = i; /* Save the position of the last character
|
|
|
|
|
for highlighting the field. */
|
2016-02-23 08:30:48 +00:00
|
|
|
cf->search_len = (guint32)textlen;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
break;
|
2003-08-05 00:01:27 +00:00
|
|
|
}
|
2012-01-13 21:09:33 +00:00
|
|
|
i += 1;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
g_assert(i>=(c_match*2));
|
2012-01-13 22:27:59 +00:00
|
|
|
i -= (guint32)c_match*2;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
c_match = 0;
|
2012-01-13 21:09:33 +00:00
|
|
|
}
|
|
|
|
|
i += 1;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return result;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-08-05 00:01:27 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
static match_result
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_binary(capture_file *cf, frame_data *fdata, void *criterion)
|
|
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
cbs_t *info = (cbs_t *)criterion;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
const guint8 *binary_data = info->data;
|
2012-08-12 22:21:02 +00:00
|
|
|
size_t datalen = info->data_len;
|
|
|
|
|
match_result result;
|
|
|
|
|
guint32 buf_len;
|
2013-06-16 00:20:00 +00:00
|
|
|
guint8 *pd;
|
2012-08-12 22:21:02 +00:00
|
|
|
guint32 i;
|
|
|
|
|
size_t c_match = 0;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
|
|
|
|
|
/* Load the frame's data. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result = MR_NOTMATCHED;
|
2012-10-17 21:14:14 +00:00
|
|
|
buf_len = fdata->cap_len;
|
2014-08-02 11:00:48 +00:00
|
|
|
pd = ws_buffer_start_ptr(&cf->buf);
|
2012-01-13 21:09:33 +00:00
|
|
|
i = 0;
|
|
|
|
|
while (i < buf_len) {
|
2013-06-16 00:20:00 +00:00
|
|
|
if (pd[i] == binary_data[c_match]) {
|
2012-01-13 21:09:33 +00:00
|
|
|
c_match += 1;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
if (c_match == datalen) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
result = MR_MATCHED;
|
|
|
|
|
cf->search_pos = i; /* Save the position of the last character
|
|
|
|
|
for highlighting the field. */
|
2016-02-23 08:30:48 +00:00
|
|
|
cf->search_len = (guint32)datalen;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
break;
|
2003-07-22 23:08:48 +00:00
|
|
|
}
|
2012-01-13 21:09:33 +00:00
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
g_assert(i>=c_match);
|
2012-01-13 22:27:59 +00:00
|
|
|
i -= (guint32)c_match;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
c_match = 0;
|
2012-01-13 21:09:33 +00:00
|
|
|
}
|
|
|
|
|
i += 1;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return result;
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-07-22 23:08:48 +00:00
|
|
|
|
2016-02-16 21:34:12 +00:00
|
|
|
static match_result
|
|
|
|
|
match_regex(capture_file *cf, frame_data *fdata, void *criterion _U_)
|
|
|
|
|
{
|
|
|
|
|
match_result result = MR_NOTMATCHED;
|
|
|
|
|
GMatchInfo *match_info = NULL;
|
|
|
|
|
|
|
|
|
|
/* Load the frame's data. */
|
|
|
|
|
if (!cf_read_record(cf, fdata)) {
|
|
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-16 21:21:59 +00:00
|
|
|
if (g_regex_match_full(cf->regex, (const gchar *)ws_buffer_start_ptr(&cf->buf), fdata->cap_len,
|
2016-02-16 21:34:12 +00:00
|
|
|
0, (GRegexMatchFlags) 0, &match_info, NULL))
|
|
|
|
|
{
|
|
|
|
|
gint start_pos = 0, end_pos = 0;
|
|
|
|
|
g_match_info_fetch_pos (match_info, 0, &start_pos, &end_pos);
|
2016-02-23 08:30:48 +00:00
|
|
|
cf->search_pos = end_pos - 1;
|
|
|
|
|
cf->search_len = end_pos - start_pos;
|
2016-02-16 21:34:12 +00:00
|
|
|
result = MR_MATCHED;
|
|
|
|
|
}
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
cf_find_packet_dfilter(capture_file *cf, dfilter_t *sfcode,
|
|
|
|
|
search_direction dir)
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
{
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return find_packet(cf, match_dfilter, sfcode, dir);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
}
|
2003-07-22 23:08:48 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
gboolean
|
|
|
|
|
cf_find_packet_dfilter_string(capture_file *cf, const char *filter,
|
|
|
|
|
search_direction dir)
|
|
|
|
|
{
|
|
|
|
|
dfilter_t *sfcode;
|
2012-08-12 22:21:02 +00:00
|
|
|
gboolean result;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
|
2015-01-18 10:22:19 +00:00
|
|
|
if (!dfilter_compile(filter, &sfcode, NULL)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/*
|
|
|
|
|
* XXX - this shouldn't happen, as the filter string is machine
|
|
|
|
|
* generated
|
|
|
|
|
*/
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
if (sfcode == NULL) {
|
|
|
|
|
/*
|
|
|
|
|
* XXX - this shouldn't happen, as the filter string is machine
|
|
|
|
|
* generated.
|
|
|
|
|
*/
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
result = find_packet(cf, match_dfilter, sfcode, dir);
|
|
|
|
|
dfilter_free(sfcode);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static match_result
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
match_dfilter(capture_file *cf, frame_data *fdata, void *criterion)
|
|
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
dfilter_t *sfcode = (dfilter_t *)criterion;
|
2012-08-12 22:21:02 +00:00
|
|
|
epan_dissect_t edt;
|
|
|
|
|
match_result result;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
|
|
|
|
|
/* Load the frame's data. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record(cf, fdata)) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Attempt to get the packet failed. */
|
|
|
|
|
return MR_ERROR;
|
|
|
|
|
}
|
2003-07-22 23:08:48 +00:00
|
|
|
|
2013-07-21 18:38:03 +00:00
|
|
|
epan_dissect_init(&edt, cf->epan, TRUE, FALSE);
|
2017-04-12 04:56:14 +00:00
|
|
|
epan_dissect_prime_with_dfilter(&edt, sfcode);
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(&edt, cf->cd_t, &cf->rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new_buffer(&cf->provider, fdata, &cf->buf),
|
|
|
|
|
fdata, NULL);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
result = dfilter_apply_edt(sfcode, &edt) ? MR_MATCHED : MR_NOTMATCHED;
|
2009-08-13 19:42:46 +00:00
|
|
|
epan_dissect_cleanup(&edt);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gboolean
|
|
|
|
|
cf_find_packet_marked(capture_file *cf, search_direction dir)
|
|
|
|
|
{
|
|
|
|
|
return find_packet(cf, match_marked, NULL, dir);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static match_result
|
|
|
|
|
match_marked(capture_file *cf _U_, frame_data *fdata, void *criterion _U_)
|
|
|
|
|
{
|
|
|
|
|
return fdata->flags.marked ? MR_MATCHED : MR_NOTMATCHED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
gboolean
|
|
|
|
|
cf_find_packet_time_reference(capture_file *cf, search_direction dir)
|
|
|
|
|
{
|
|
|
|
|
return find_packet(cf, match_time_reference, NULL, dir);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static match_result
|
|
|
|
|
match_time_reference(capture_file *cf _U_, frame_data *fdata, void *criterion _U_)
|
|
|
|
|
{
|
|
|
|
|
return fdata->flags.ref_time ? MR_MATCHED : MR_NOTMATCHED;
|
2003-07-22 23:08:48 +00:00
|
|
|
}
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
static gboolean
|
|
|
|
|
find_packet(capture_file *cf,
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
match_result (*match_function)(capture_file *, frame_data *, void *),
|
|
|
|
|
void *criterion, search_direction dir)
|
1999-11-06 06:28:07 +00:00
|
|
|
{
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
frame_data *start_fd;
|
2011-04-25 05:33:07 +00:00
|
|
|
guint32 framenum;
|
2018-05-23 18:15:32 +00:00
|
|
|
guint32 prev_framenum;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
frame_data *fdata;
|
|
|
|
|
frame_data *new_fd = NULL;
|
|
|
|
|
progdlg_t *progbar = NULL;
|
2016-07-15 18:09:01 +00:00
|
|
|
GTimer *prog_timer = g_timer_new();
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
int count;
|
2011-04-24 21:02:55 +00:00
|
|
|
gboolean found;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
float progbar_val;
|
|
|
|
|
GTimeVal start_time;
|
|
|
|
|
gchar status_str[100];
|
|
|
|
|
const char *title;
|
|
|
|
|
match_result result;
|
1999-11-06 06:28:07 +00:00
|
|
|
|
|
|
|
|
start_fd = cf->current_frame;
|
|
|
|
|
if (start_fd != NULL) {
|
2018-05-23 18:15:32 +00:00
|
|
|
prev_framenum = start_fd->num;
|
|
|
|
|
} else {
|
|
|
|
|
prev_framenum = 0; /* No start packet selected. */
|
|
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
/* Iterate through the list of packets, starting at the packet we've
|
|
|
|
|
picked, calling a routine to run the filter on the packet, see if
|
|
|
|
|
it matches, and stop if so. */
|
|
|
|
|
count = 0;
|
|
|
|
|
framenum = prev_framenum;
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
g_timer_start(prog_timer);
|
|
|
|
|
/* Progress so far. */
|
|
|
|
|
progbar_val = 0.0f;
|
|
|
|
|
|
|
|
|
|
cf->stop_flag = FALSE;
|
|
|
|
|
g_get_current_time(&start_time);
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
title = cf->sfilter?cf->sfilter:"";
|
|
|
|
|
for (;;) {
|
|
|
|
|
/* Create the progress bar if necessary.
|
|
|
|
|
We check on every iteration of the loop, so that it takes no
|
|
|
|
|
longer than the standard time to create it (otherwise, for a
|
2005-10-27 06:45:37 +00:00
|
|
|
large file, we might take considerably longer than that standard
|
2018-05-23 18:15:32 +00:00
|
|
|
time in order to get to the next progress bar step). */
|
|
|
|
|
if (progbar == NULL)
|
|
|
|
|
progbar = delayed_create_progress_dlg(cf->window, "Searching", title,
|
|
|
|
|
FALSE, &cf->stop_flag, &start_time, progbar_val);
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
/*
|
|
|
|
|
* Update the progress bar, but do it only after PROGBAR_UPDATE_INTERVAL
|
|
|
|
|
* has elapsed. Calling update_progress_dlg and packets_bar_update will
|
|
|
|
|
* likely trigger UI paint events, which might take a while depending on
|
|
|
|
|
* the platform and display. Reset our timer *after* painting.
|
|
|
|
|
*/
|
|
|
|
|
if (g_timer_elapsed(prog_timer, NULL) > PROGBAR_UPDATE_INTERVAL) {
|
|
|
|
|
/* let's not divide by zero. I should never be started
|
|
|
|
|
* with count == 0, so let's assert that
|
|
|
|
|
*/
|
|
|
|
|
g_assert(cf->count > 0);
|
2002-07-30 10:13:16 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
progbar_val = (gfloat) count / cf->count;
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
g_snprintf(status_str, sizeof(status_str),
|
|
|
|
|
"%4u of %u packets", count, cf->count);
|
|
|
|
|
update_progress_dlg(progbar, progbar_val, status_str);
|
2000-07-03 08:36:52 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
g_timer_start(prog_timer);
|
|
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
if (cf->stop_flag) {
|
|
|
|
|
/* Well, the user decided to abort the search. Go back to the
|
|
|
|
|
frame where we started. */
|
|
|
|
|
new_fd = start_fd;
|
|
|
|
|
break;
|
|
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
/* Go past the current frame. */
|
|
|
|
|
if (dir == SD_BACKWARD) {
|
|
|
|
|
/* Go on to the previous frame. */
|
|
|
|
|
if (framenum <= 1) {
|
|
|
|
|
/*
|
|
|
|
|
* XXX - other apps have a bit more of a detailed message
|
|
|
|
|
* for this, and instead of offering "OK" and "Cancel",
|
|
|
|
|
* they offer things such as "Continue" and "Cancel";
|
|
|
|
|
* we need an API for popping up alert boxes with
|
|
|
|
|
* {Verb} and "Cancel".
|
|
|
|
|
*/
|
2000-01-08 23:49:33 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
if (prefs.gui_find_wrap) {
|
|
|
|
|
statusbar_push_temporary_msg("Search reached the beginning. Continuing at end.");
|
|
|
|
|
framenum = cf->count; /* wrap around */
|
|
|
|
|
} else {
|
|
|
|
|
statusbar_push_temporary_msg("Search reached the beginning.");
|
|
|
|
|
framenum = prev_framenum; /* stay on previous packet */
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
2018-05-23 18:15:32 +00:00
|
|
|
} else
|
|
|
|
|
framenum--;
|
|
|
|
|
} else {
|
|
|
|
|
/* Go on to the next frame. */
|
|
|
|
|
if (framenum == cf->count) {
|
|
|
|
|
if (prefs.gui_find_wrap) {
|
|
|
|
|
statusbar_push_temporary_msg("Search reached the end. Continuing at beginning.");
|
|
|
|
|
framenum = 1; /* wrap around */
|
|
|
|
|
} else {
|
|
|
|
|
statusbar_push_temporary_msg("Search reached the end.");
|
|
|
|
|
framenum = prev_framenum; /* stay on previous packet */
|
|
|
|
|
}
|
|
|
|
|
} else
|
|
|
|
|
framenum++;
|
|
|
|
|
}
|
2000-04-07 08:00:34 +00:00
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
|
|
|
|
|
count++;
|
|
|
|
|
|
|
|
|
|
/* Is this packet in the display? */
|
|
|
|
|
if (fdata && fdata->flags.passed_dfilter) {
|
|
|
|
|
/* Yes. Does it match the search criterion? */
|
|
|
|
|
result = (*match_function)(cf, fdata, criterion);
|
|
|
|
|
if (result == MR_ERROR) {
|
|
|
|
|
/* Error; our caller has reported the error. Go back to the frame
|
|
|
|
|
where we started. */
|
|
|
|
|
new_fd = start_fd;
|
|
|
|
|
break;
|
|
|
|
|
} else if (result == MR_MATCHED) {
|
|
|
|
|
/* Yes. Go to the new frame. */
|
|
|
|
|
new_fd = fdata;
|
2000-04-07 08:00:34 +00:00
|
|
|
break;
|
|
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
if (fdata == start_fd) {
|
|
|
|
|
/* We're back to the frame we were on originally, and that frame
|
|
|
|
|
doesn't match the search filter. The search failed. */
|
|
|
|
|
break;
|
|
|
|
|
}
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-23 18:15:32 +00:00
|
|
|
/* We're done scanning the packets; destroy the progress bar if it
|
|
|
|
|
was created. */
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
|
|
|
|
g_timer_destroy(prog_timer);
|
|
|
|
|
|
1999-11-06 06:28:07 +00:00
|
|
|
if (new_fd != NULL) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* Find and select */
|
2011-01-19 18:21:21 +00:00
|
|
|
cf->search_in_progress = TRUE;
|
2012-09-04 02:35:25 +00:00
|
|
|
found = packet_list_select_row_from_data(new_fd);
|
2011-01-19 18:21:21 +00:00
|
|
|
cf->search_in_progress = FALSE;
|
|
|
|
|
cf->search_pos = 0; /* Reset the position */
|
2016-02-23 08:30:48 +00:00
|
|
|
cf->search_len = 0; /* Reset length */
|
2011-04-24 21:02:55 +00:00
|
|
|
if (!found) {
|
|
|
|
|
/* We didn't find a row corresponding to this frame.
|
|
|
|
|
This means that the frame isn't being displayed currently,
|
|
|
|
|
so we can't select it. */
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_message_box(ESD_TYPE_INFO, NULL,
|
|
|
|
|
"The capture file is probably not fully dissected.",
|
2014-09-24 21:06:23 +00:00
|
|
|
"End of capture exceeded.");
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
return FALSE;
|
2009-06-01 15:26:15 +00:00
|
|
|
}
|
2009-09-21 15:50:15 +00:00
|
|
|
return TRUE; /* success */
|
1999-11-06 06:54:24 +00:00
|
|
|
} else
|
2009-09-21 15:50:15 +00:00
|
|
|
return FALSE; /* failure */
|
1999-11-06 06:28:07 +00:00
|
|
|
}
|
1999-08-15 07:28:23 +00:00
|
|
|
|
2003-03-02 22:07:25 +00:00
|
|
|
gboolean
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_goto_frame(capture_file *cf, guint fnumber)
|
1999-11-08 01:03:40 +00:00
|
|
|
{
|
2000-05-12 22:03:59 +00:00
|
|
|
frame_data *fdata;
|
1999-11-08 01:03:40 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf == NULL || cf->provider.frames == NULL) {
|
2016-01-09 16:45:48 +00:00
|
|
|
/* we don't have a loaded capture file - fix for bugs 11810 & 11989 */
|
2015-11-29 22:49:46 +00:00
|
|
|
statusbar_push_temporary_msg("There is no file loaded");
|
|
|
|
|
return FALSE; /* we failed to go to that packet */
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, fnumber);
|
1999-11-08 01:03:40 +00:00
|
|
|
|
2003-03-02 22:07:25 +00:00
|
|
|
if (fdata == NULL) {
|
2004-01-09 02:57:54 +00:00
|
|
|
/* we didn't find a packet with that packet number */
|
2010-11-27 21:50:49 +00:00
|
|
|
statusbar_push_temporary_msg("There is no packet number %u.", fnumber);
|
2009-09-21 15:50:15 +00:00
|
|
|
return FALSE; /* we failed to go to that packet */
|
2003-03-02 22:07:25 +00:00
|
|
|
}
|
|
|
|
|
if (!fdata->flags.passed_dfilter) {
|
2004-01-09 02:57:54 +00:00
|
|
|
/* that packet currently isn't displayed */
|
|
|
|
|
/* XXX - add it to the set of displayed packets? */
|
2010-11-27 21:50:49 +00:00
|
|
|
statusbar_push_temporary_msg("Packet number %u isn't displayed.", fnumber);
|
2009-09-21 15:50:15 +00:00
|
|
|
return FALSE; /* we failed to go to that packet */
|
2003-03-02 22:07:25 +00:00
|
|
|
}
|
1999-11-30 07:27:37 +00:00
|
|
|
|
2012-09-04 02:35:25 +00:00
|
|
|
if (!packet_list_select_row_from_data(fdata)) {
|
2011-04-24 21:02:55 +00:00
|
|
|
/* We didn't find a row corresponding to this frame.
|
|
|
|
|
This means that the frame isn't being displayed currently,
|
|
|
|
|
so we can't select it. */
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_message_box(ESD_TYPE_INFO, NULL,
|
|
|
|
|
"The capture file is probably not fully dissected.",
|
2014-09-24 21:06:23 +00:00
|
|
|
"End of capture exceeded.");
|
2011-04-24 21:02:55 +00:00
|
|
|
return FALSE;
|
|
|
|
|
}
|
2009-09-21 15:50:15 +00:00
|
|
|
return TRUE; /* we got to that packet */
|
2004-01-20 18:47:25 +00:00
|
|
|
}
|
|
|
|
|
|
2004-09-02 19:52:39 +00:00
|
|
|
/*
|
|
|
|
|
* Go to frame specified by currently selected protocol tree item.
|
|
|
|
|
*/
|
2005-02-04 18:44:44 +00:00
|
|
|
gboolean
|
|
|
|
|
cf_goto_framenum(capture_file *cf)
|
2004-09-02 19:52:39 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
header_field_info *hfinfo;
|
|
|
|
|
guint32 framenum;
|
2004-09-02 19:52:39 +00:00
|
|
|
|
|
|
|
|
if (cf->finfo_selected) {
|
|
|
|
|
hfinfo = cf->finfo_selected->hfinfo;
|
|
|
|
|
g_assert(hfinfo);
|
|
|
|
|
if (hfinfo->type == FT_FRAMENUM) {
|
2007-01-18 11:02:26 +00:00
|
|
|
framenum = fvalue_get_uinteger(&cf->finfo_selected->value);
|
2004-09-02 19:52:39 +00:00
|
|
|
if (framenum != 0)
|
2005-02-04 18:44:44 +00:00
|
|
|
return cf_goto_frame(cf, framenum);
|
2004-09-02 19:52:39 +00:00
|
|
|
}
|
|
|
|
|
}
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
return FALSE;
|
2004-09-02 19:52:39 +00:00
|
|
|
}
|
|
|
|
|
|
1999-07-24 03:22:50 +00:00
|
|
|
/* Select the packet on a given row. */
|
|
|
|
|
void
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_select_packet(capture_file *cf, int row)
|
1999-07-24 03:22:50 +00:00
|
|
|
{
|
2012-06-10 22:03:17 +00:00
|
|
|
epan_dissect_t *old_edt;
|
2012-08-12 22:21:02 +00:00
|
|
|
frame_data *fdata;
|
2000-01-03 22:53:34 +00:00
|
|
|
|
We already set the foreground and background color for every frame,
which means we're already doing a "do something to the last row in the
packet list" operation on every frame we add to the list, so adding a
call to "gtk_clist_set_row_data()" won't make matters worse.
In addition, we already set one column in a row on a "change time
format" operation, so finding the row for a frame by calling
"gtk_clist_find_row_from_data()" doesn't turn a constant-time operation
into a linear-time operation, it just cranks the proportionality
constant up - it was quadratic before, alas, and it's still quadratic.
Adding calls to "gtk_clist_find_row_from_data()" to the "Find Frame" and
"Go To Frame" code does add an extra linear operation there, but those
operations shouldn't be common - and "Go To Frame", going to the last
frame on an ~100,000-frame big capture file, was quick, at least on my
450 MHz Pentium II machine, so maybe it won't be too bad.
And "select_packet()" either has to search the frame table for the frame
with the specified row number, or has to call "gtk_clist_get_row_data()"
to do that - the first is linear in the position of the frame in the
frame table, and the latter is linear in its position in the CList, and
the latter is less than or equal to the former, so the only thing making
it worse would be a change in the proportionality constant.
So it probably won't hurt performance by much.
Furthermore, if we add the ability to sort the display on an arbitrary
column, or to delete frames from the display - both of which are in the
wish list - storing the row number of the frame in the "frame_data"
structure won't necessarily work, as the row number can change out from
under us.
Therefore, reinstate the old way of doing things, where we associate
with each row a pointer to the "frame_data" structure for the row, using
"gtk_clist_set_row_data()".
svn path=/trunk/; revision=1703
2000-03-08 06:48:01 +00:00
|
|
|
/* Get the frame data struct pointer for this frame */
|
2012-09-04 02:35:25 +00:00
|
|
|
fdata = packet_list_get_row_data(row);
|
1999-10-05 04:34:00 +00:00
|
|
|
|
2006-04-27 18:46:05 +00:00
|
|
|
if (fdata == NULL) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2003-09-03 23:15:40 +00:00
|
|
|
/* Get the data in that frame. */
|
2014-05-24 18:28:30 +00:00
|
|
|
if (!cf_read_record (cf, fdata)) {
|
2003-09-03 23:15:40 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
We can't trust "cf->current_frame" to refer to the frame that was
selected before we started re-colorizing or re-filtering the display, as
when the first row is added to the clist, that may be selected and thus
made the current frame.
This means that we can't find the row corresponding to the
previously-selected frame, if any, by checking as each packet is
colorized/filtered and see whether its "frame_data" structure is equal
to "cf->current_frame", as that'll always say that the first frame in
the display is the selected frame.
Instead, we recored the value of "cf->current_frame" before we do
anything to the clist, have "add_packet_to_packet_list()" return either
the row number of the frame (if it passed the filter and thus was added
to the clist) or -1 (if it didn't pass the filter and thus wasn't added
to the clist), and, after "add_packet_to_packet_list()", if the current
frame is the one that was the selected row, remember its row number (if
any), and, when we're finished colorizing/filtering the display, make
that row the current row if it's not -1 (-1 means that the selected row
didn't pass the filter).
Also, don't do that until after we've thawed the clist, as the vertical
adjustment for the clist doesn't reflect reality until then, and
attempting to go to a given row won't work right until the vertical
adjustment for the clist reflects reality.
Shove all the code to set the selected and focus rows, and to make said
row visible, into a routine, so the "Find Frame" and "Go To Frame" code
can use it as well.
svn path=/trunk/; revision=1959
2000-05-15 01:50:16 +00:00
|
|
|
/* Record that this frame is the current frame. */
|
2000-05-12 22:03:59 +00:00
|
|
|
cf->current_frame = fdata;
|
2008-11-18 14:50:51 +00:00
|
|
|
cf->current_row = row;
|
1999-07-24 03:22:50 +00:00
|
|
|
|
2012-06-10 22:03:17 +00:00
|
|
|
old_edt = cf->edt;
|
1999-07-24 03:22:50 +00:00
|
|
|
/* Create the logical protocol tree. */
|
2001-12-10 03:25:58 +00:00
|
|
|
/* We don't need the columns here. */
|
2013-07-21 18:38:03 +00:00
|
|
|
cf->edt = epan_dissect_new(cf->epan, TRUE, TRUE);
|
2006-10-03 18:39:36 +00:00
|
|
|
|
2009-10-02 19:55:43 +00:00
|
|
|
tap_build_interesting(cf->edt);
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_run(cf->edt, cf->cd_t, &cf->rec,
|
2017-12-08 08:30:55 +00:00
|
|
|
frame_tvbuff_new_buffer(&cf->provider, cf->current_frame, &cf->buf),
|
2013-06-16 00:20:00 +00:00
|
|
|
cf->current_frame, NULL);
|
2007-12-05 23:50:28 +00:00
|
|
|
|
2007-07-30 23:32:47 +00:00
|
|
|
dfilter_macro_build_ftv_cache(cf->edt->tree);
|
2007-12-05 23:50:28 +00:00
|
|
|
|
2012-06-10 22:03:17 +00:00
|
|
|
if (old_edt != NULL)
|
|
|
|
|
epan_dissect_free(old_edt);
|
|
|
|
|
|
1999-07-24 03:22:50 +00:00
|
|
|
}
|
|
|
|
|
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
/* Unselect the selected packet, if any. */
|
|
|
|
|
void
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_unselect_packet(capture_file *cf)
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
{
|
2012-06-10 22:03:17 +00:00
|
|
|
epan_dissect_t *old_edt = cf->edt;
|
|
|
|
|
|
|
|
|
|
cf->edt = NULL;
|
1999-07-24 03:22:50 +00:00
|
|
|
|
2000-01-03 03:57:04 +00:00
|
|
|
/* No packet is selected. */
|
2003-09-24 02:36:35 +00:00
|
|
|
cf->current_frame = NULL;
|
2008-11-18 14:50:51 +00:00
|
|
|
cf->current_row = 0;
|
2005-02-07 00:54:46 +00:00
|
|
|
|
2012-06-10 22:03:17 +00:00
|
|
|
/* Destroy the epan_dissect_t for the unselected packet. */
|
|
|
|
|
if (old_edt != NULL)
|
|
|
|
|
epan_dissect_free(old_edt);
|
Have "close_cap_file()" disable all menu items that make sense only if
you have a capture.
Leave the job of enabling and disabling menu items that make sense only
if you have a capture (except for "File/Save" and "File/Save As...", for
now) up to "load_cap_file()", "close_cap_file()", and the like - don't
scatter that stuff throughout the code.
Disable "File/Print Packet" if no packet is selected; enable it only if
a packet is selected.
If there's a selected packet, and a display filter is run:
if the selected packet passed the filter, re-select it;
if the selected packet didn't pass the filter, un-select it.
If we've opened a live "pcap" capture, but can't do the capture because
we can't get the netmask info, or can't parse the capture filter string,
or can't install the filter, close the live capture and the dump and
delete the dump file.
If we failed to open a live "pcap" capture, don't try to read the
capture file - it doesn't exist.
svn path=/trunk/; revision=384
1999-07-24 02:42:52 +00:00
|
|
|
}
|
|
|
|
|
|
2001-12-06 02:21:26 +00:00
|
|
|
/*
|
|
|
|
|
* Mark a particular frame.
|
|
|
|
|
*/
|
|
|
|
|
void
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_mark_frame(capture_file *cf, frame_data *frame)
|
2001-12-06 02:21:26 +00:00
|
|
|
{
|
2004-08-19 14:35:55 +00:00
|
|
|
if (! frame->flags.marked) {
|
|
|
|
|
frame->flags.marked = TRUE;
|
|
|
|
|
if (cf->count > cf->marked_count)
|
|
|
|
|
cf->marked_count++;
|
|
|
|
|
}
|
2001-12-06 02:21:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Unmark a particular frame.
|
|
|
|
|
*/
|
|
|
|
|
void
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_unmark_frame(capture_file *cf, frame_data *frame)
|
2001-12-06 02:21:26 +00:00
|
|
|
{
|
2004-08-19 14:35:55 +00:00
|
|
|
if (frame->flags.marked) {
|
|
|
|
|
frame->flags.marked = FALSE;
|
|
|
|
|
if (cf->marked_count > 0)
|
|
|
|
|
cf->marked_count--;
|
|
|
|
|
}
|
2001-12-06 02:21:26 +00:00
|
|
|
}
|
|
|
|
|
|
2009-12-17 01:18:14 +00:00
|
|
|
/*
|
|
|
|
|
* Ignore a particular frame.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
cf_ignore_frame(capture_file *cf, frame_data *frame)
|
|
|
|
|
{
|
|
|
|
|
if (! frame->flags.ignored) {
|
|
|
|
|
frame->flags.ignored = TRUE;
|
|
|
|
|
if (cf->count > cf->ignored_count)
|
|
|
|
|
cf->ignored_count++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Un-ignore a particular frame.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
cf_unignore_frame(capture_file *cf, frame_data *frame)
|
|
|
|
|
{
|
|
|
|
|
if (frame->flags.ignored) {
|
|
|
|
|
frame->flags.ignored = FALSE;
|
|
|
|
|
if (cf->ignored_count > 0)
|
|
|
|
|
cf->ignored_count--;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-02-29 16:51:32 +00:00
|
|
|
/*
|
2017-07-17 03:37:32 +00:00
|
|
|
* Read the section comment.
|
2012-02-29 16:51:32 +00:00
|
|
|
*/
|
2012-05-22 01:59:34 +00:00
|
|
|
const gchar *
|
2017-07-17 03:37:32 +00:00
|
|
|
cf_read_section_comment(capture_file *cf)
|
2012-02-29 16:51:32 +00:00
|
|
|
{
|
2016-07-14 23:01:57 +00:00
|
|
|
wtap_block_t shb_inf;
|
|
|
|
|
char *shb_comment;
|
|
|
|
|
|
|
|
|
|
/* Get the SHB. */
|
|
|
|
|
/* XXX - support multiple SHBs */
|
2017-12-08 03:31:43 +00:00
|
|
|
shb_inf = wtap_file_get_shb(cf->provider.wth);
|
2016-07-14 23:01:57 +00:00
|
|
|
|
|
|
|
|
/* Get the first comment from the SHB. */
|
|
|
|
|
/* XXX - support multiple comments */
|
|
|
|
|
if (wtap_block_get_nth_string_option_value(shb_inf, OPT_COMMENT, 0, &shb_comment) != WTAP_OPTTYPE_SUCCESS)
|
|
|
|
|
return NULL;
|
|
|
|
|
return shb_comment;
|
2012-02-29 16:51:32 +00:00
|
|
|
}
|
|
|
|
|
|
2017-07-17 03:37:32 +00:00
|
|
|
/*
|
|
|
|
|
* Modify the section comment.
|
|
|
|
|
*/
|
2012-02-29 16:51:32 +00:00
|
|
|
void
|
2017-07-17 03:37:32 +00:00
|
|
|
cf_update_section_comment(capture_file *cf, gchar *comment)
|
2012-02-29 16:51:32 +00:00
|
|
|
{
|
2016-07-14 23:01:57 +00:00
|
|
|
wtap_block_t shb_inf;
|
|
|
|
|
gchar *shb_comment;
|
2012-02-29 16:51:32 +00:00
|
|
|
|
2016-07-14 23:01:57 +00:00
|
|
|
/* Get the SHB. */
|
|
|
|
|
/* XXX - support multiple SHBs */
|
2017-12-08 03:31:43 +00:00
|
|
|
shb_inf = wtap_file_get_shb(cf->provider.wth);
|
2012-02-29 16:51:32 +00:00
|
|
|
|
2016-07-14 23:01:57 +00:00
|
|
|
/* Get the first comment from the SHB. */
|
|
|
|
|
/* XXX - support multiple comments */
|
|
|
|
|
if (wtap_block_get_nth_string_option_value(shb_inf, OPT_COMMENT, 0, &shb_comment) != WTAP_OPTTYPE_SUCCESS) {
|
|
|
|
|
/* There's no comment - add one. */
|
|
|
|
|
wtap_block_add_string_option(shb_inf, OPT_COMMENT, comment, strlen(comment));
|
|
|
|
|
} else {
|
|
|
|
|
/* See if the comment has changed or not */
|
2016-07-21 00:27:36 +00:00
|
|
|
if (strcmp(shb_comment, comment) == 0) {
|
|
|
|
|
g_free(comment);
|
|
|
|
|
return;
|
2012-03-23 01:41:59 +00:00
|
|
|
}
|
|
|
|
|
|
2016-07-14 23:01:57 +00:00
|
|
|
/* The comment has changed, let's update it */
|
|
|
|
|
wtap_block_set_nth_string_option_value(shb_inf, OPT_COMMENT, 0, comment, strlen(comment));
|
|
|
|
|
}
|
2012-05-20 08:56:06 +00:00
|
|
|
/* Mark the file as having unsaved changes */
|
|
|
|
|
cf->unsaved_changes = TRUE;
|
2012-02-29 16:51:32 +00:00
|
|
|
}
|
|
|
|
|
|
2017-07-17 03:49:01 +00:00
|
|
|
/*
|
|
|
|
|
* Get the comment on a packet (record).
|
|
|
|
|
* If the comment has been edited, it returns the result of the edit,
|
|
|
|
|
* otherwise it returns the comment from the file.
|
|
|
|
|
*/
|
2013-08-01 20:59:38 +00:00
|
|
|
char *
|
2017-07-17 03:49:01 +00:00
|
|
|
cf_get_packet_comment(capture_file *cf, const frame_data *fd)
|
2013-08-01 20:59:38 +00:00
|
|
|
{
|
2014-12-01 00:30:19 +00:00
|
|
|
char *comment;
|
|
|
|
|
|
2013-08-01 20:59:38 +00:00
|
|
|
/* fetch user comment */
|
|
|
|
|
if (fd->flags.has_user_comment)
|
2017-12-08 03:31:43 +00:00
|
|
|
return g_strdup(cap_file_provider_get_user_comment(&cf->provider, fd));
|
2013-08-01 20:59:38 +00:00
|
|
|
|
|
|
|
|
/* fetch phdr comment */
|
|
|
|
|
if (fd->flags.has_phdr_comment) {
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec rec; /* Record metadata */
|
|
|
|
|
Buffer buf; /* Record data */
|
2013-08-01 20:59:38 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec_init(&rec);
|
2014-08-02 11:00:48 +00:00
|
|
|
ws_buffer_init(&buf, 1500);
|
2014-12-01 00:30:19 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
if (!cf_read_record_r(cf, fd, &rec, &buf))
|
2013-08-01 20:59:38 +00:00
|
|
|
{ /* XXX, what we can do here? */ }
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
comment = rec.opt_comment;
|
|
|
|
|
wtap_rec_cleanup(&rec);
|
2014-08-02 11:00:48 +00:00
|
|
|
ws_buffer_free(&buf);
|
2014-12-01 00:30:19 +00:00
|
|
|
return comment;
|
2012-06-20 01:11:01 +00:00
|
|
|
}
|
2013-08-01 20:59:38 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-17 03:49:01 +00:00
|
|
|
/*
|
|
|
|
|
* Update(replace) the comment on a capture from a frame
|
|
|
|
|
*/
|
2013-08-01 20:59:38 +00:00
|
|
|
gboolean
|
|
|
|
|
cf_set_user_packet_comment(capture_file *cf, frame_data *fd, const gchar *new_comment)
|
|
|
|
|
{
|
2017-07-17 03:49:01 +00:00
|
|
|
char *pkt_comment = cf_get_packet_comment(cf, fd);
|
2013-08-01 20:59:38 +00:00
|
|
|
|
|
|
|
|
/* Check if the comment has changed */
|
|
|
|
|
if (!g_strcmp0(pkt_comment, new_comment)) {
|
|
|
|
|
g_free(pkt_comment);
|
|
|
|
|
return FALSE;
|
2012-06-20 01:11:01 +00:00
|
|
|
}
|
2013-08-01 20:59:38 +00:00
|
|
|
g_free(pkt_comment);
|
|
|
|
|
|
|
|
|
|
if (pkt_comment)
|
|
|
|
|
cf->packet_comment_count--;
|
|
|
|
|
|
|
|
|
|
if (new_comment)
|
|
|
|
|
cf->packet_comment_count++;
|
|
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
cap_file_provider_set_user_comment(&cf->provider, fd, new_comment);
|
2012-06-20 01:11:01 +00:00
|
|
|
|
2013-06-20 22:25:33 +00:00
|
|
|
expert_update_comment_count(cf->packet_comment_count);
|
|
|
|
|
|
2012-06-20 01:11:01 +00:00
|
|
|
/* OK, we have unsaved changes. */
|
|
|
|
|
cf->unsaved_changes = TRUE;
|
2013-08-01 20:59:38 +00:00
|
|
|
return TRUE;
|
2012-06-20 01:11:01 +00:00
|
|
|
}
|
|
|
|
|
|
2012-06-20 04:44:14 +00:00
|
|
|
/*
|
2013-04-01 20:36:42 +00:00
|
|
|
* What types of comments does this capture file have?
|
2012-06-20 04:44:14 +00:00
|
|
|
*/
|
2013-04-01 20:36:42 +00:00
|
|
|
guint32
|
|
|
|
|
cf_comment_types(capture_file *cf)
|
2012-06-20 04:44:14 +00:00
|
|
|
{
|
2013-04-01 20:36:42 +00:00
|
|
|
guint32 comment_types = 0;
|
|
|
|
|
|
2017-07-17 03:37:32 +00:00
|
|
|
if (cf_read_section_comment(cf) != NULL)
|
2013-04-01 20:36:42 +00:00
|
|
|
comment_types |= WTAP_COMMENT_PER_SECTION;
|
|
|
|
|
if (cf->packet_comment_count != 0)
|
|
|
|
|
comment_types |= WTAP_COMMENT_PER_PACKET;
|
|
|
|
|
return comment_types;
|
2012-06-20 04:44:14 +00:00
|
|
|
}
|
|
|
|
|
|
2016-07-18 23:04:22 +00:00
|
|
|
/*
|
|
|
|
|
* Add a resolved address to this file's list of resolved addresses.
|
|
|
|
|
*/
|
|
|
|
|
gboolean
|
|
|
|
|
cf_add_ip_name_from_string(capture_file *cf, const char *addr, const char *name)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* XXX - support multiple resolved address lists, and add to the one
|
|
|
|
|
* attached to this file?
|
|
|
|
|
*/
|
|
|
|
|
if (!add_ip_name_from_string(addr, name))
|
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
|
|
/* OK, we have unsaved changes. */
|
|
|
|
|
cf->unsaved_changes = TRUE;
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
typedef struct {
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dumper *pdh;
|
|
|
|
|
const char *fname;
|
|
|
|
|
int file_type;
|
2004-01-09 22:56:59 +00:00
|
|
|
} save_callback_args_t;
|
|
|
|
|
|
2002-05-23 07:46:58 +00:00
|
|
|
/*
|
|
|
|
|
* Save a capture to a file, in a particular format, saving either
|
|
|
|
|
* all packets, all currently-displayed packets, or all marked packets.
|
|
|
|
|
*
|
|
|
|
|
* Returns TRUE if it succeeds, FALSE otherwise; if it fails, it pops
|
|
|
|
|
* up a message box for the failure.
|
|
|
|
|
*/
|
2004-01-09 22:56:59 +00:00
|
|
|
static gboolean
|
2018-02-09 00:19:12 +00:00
|
|
|
save_record(capture_file *cf, frame_data *fdata, wtap_rec *rec,
|
|
|
|
|
const guint8 *pd, void *argsp)
|
2004-01-09 22:56:59 +00:00
|
|
|
{
|
2013-03-06 17:35:11 +00:00
|
|
|
save_callback_args_t *args = (save_callback_args_t *)argsp;
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec new_rec;
|
2004-01-09 22:56:59 +00:00
|
|
|
int err;
|
2014-12-18 00:02:50 +00:00
|
|
|
gchar *err_info;
|
2013-08-01 20:59:38 +00:00
|
|
|
const char *pkt_comment;
|
|
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
/* Copy the record information from what was read in from the file. */
|
|
|
|
|
new_rec = *rec;
|
|
|
|
|
|
|
|
|
|
/* Make changes based on anything that the user has done but that
|
|
|
|
|
hasn't been saved yet. */
|
2013-08-01 20:59:38 +00:00
|
|
|
if (fdata->flags.has_user_comment)
|
2017-12-08 03:31:43 +00:00
|
|
|
pkt_comment = cap_file_provider_get_user_comment(&cf->provider, fdata);
|
2013-08-01 20:59:38 +00:00
|
|
|
else
|
2018-02-09 00:19:12 +00:00
|
|
|
pkt_comment = rec->opt_comment;
|
|
|
|
|
new_rec.opt_comment = g_strdup(pkt_comment);
|
|
|
|
|
new_rec.has_comment_changed = fdata->flags.has_user_comment ? TRUE : FALSE;
|
|
|
|
|
/* XXX - what if times have been shifted? */
|
|
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
/* and save the packet */
|
2018-02-09 00:19:12 +00:00
|
|
|
if (!wtap_dump(args->pdh, &new_rec, pd, &err, &err_info)) {
|
2017-04-20 20:25:21 +00:00
|
|
|
cfile_write_failure_alert_box(NULL, args->fname, err, err_info, fdata->num,
|
2017-04-19 22:06:20 +00:00
|
|
|
args->file_type);
|
2004-01-09 22:56:59 +00:00
|
|
|
return FALSE;
|
|
|
|
|
}
|
2013-08-01 20:59:38 +00:00
|
|
|
|
2018-02-09 00:19:12 +00:00
|
|
|
g_free(new_rec.opt_comment);
|
2004-01-09 22:56:59 +00:00
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
2007-03-14 19:30:19 +00:00
|
|
|
/*
|
2012-06-25 18:37:52 +00:00
|
|
|
* Can this capture file be written out in any format using Wiretap
|
|
|
|
|
* rather than by copying the raw data?
|
2007-03-14 19:30:19 +00:00
|
|
|
*/
|
|
|
|
|
gboolean
|
2012-06-25 18:37:52 +00:00
|
|
|
cf_can_write_with_wiretap(capture_file *cf)
|
2007-03-14 19:30:19 +00:00
|
|
|
{
|
2013-04-01 21:17:50 +00:00
|
|
|
/* We don't care whether we support the comments in this file or not;
|
|
|
|
|
if we can't, we'll offer the user the option of discarding the
|
2013-04-01 23:44:29 +00:00
|
|
|
comments. */
|
2013-04-01 21:17:50 +00:00
|
|
|
return wtap_dump_can_write(cf->linktypes, 0);
|
2007-03-14 19:30:19 +00:00
|
|
|
}
|
|
|
|
|
|
2013-04-01 23:44:29 +00:00
|
|
|
/*
|
|
|
|
|
* Should we let the user do a save?
|
|
|
|
|
*
|
|
|
|
|
* We should if:
|
|
|
|
|
*
|
|
|
|
|
* the file has unsaved changes, and we can save it in some
|
|
|
|
|
* format through Wiretap
|
|
|
|
|
*
|
|
|
|
|
* or
|
|
|
|
|
*
|
|
|
|
|
* the file is a temporary file and has no unsaved changes (so
|
|
|
|
|
* that "saving" it just means copying it).
|
|
|
|
|
*
|
|
|
|
|
* XXX - we shouldn't allow files to be edited if they can't be saved,
|
|
|
|
|
* so cf->unsaved_changes should be true only if the file can be saved.
|
|
|
|
|
*
|
|
|
|
|
* We don't care whether we support the comments in this file or not;
|
|
|
|
|
* if we can't, we'll offer the user the option of discarding the
|
|
|
|
|
* comments.
|
|
|
|
|
*/
|
|
|
|
|
gboolean
|
|
|
|
|
cf_can_save(capture_file *cf)
|
|
|
|
|
{
|
|
|
|
|
if (cf->unsaved_changes && wtap_dump_can_write(cf->linktypes, 0)) {
|
|
|
|
|
/* Saved changes, and we can write it out with Wiretap. */
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (cf->is_tempfile && !cf->unsaved_changes) {
|
|
|
|
|
/*
|
|
|
|
|
* Temporary file with no unsaved changes, so we can just do a
|
|
|
|
|
* raw binary copy.
|
|
|
|
|
*/
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Nothing to save. */
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Should we let the user do a "save as"?
|
|
|
|
|
*
|
|
|
|
|
* That's true if:
|
|
|
|
|
*
|
|
|
|
|
* we can save it in some format through Wiretap
|
|
|
|
|
*
|
|
|
|
|
* or
|
|
|
|
|
*
|
|
|
|
|
* the file is a temporary file and has no unsaved changes (so
|
|
|
|
|
* that "saving" it just means copying it).
|
|
|
|
|
*
|
|
|
|
|
* XXX - we shouldn't allow files to be edited if they can't be saved,
|
|
|
|
|
* so cf->unsaved_changes should be true only if the file can be saved.
|
|
|
|
|
*
|
|
|
|
|
* We don't care whether we support the comments in this file or not;
|
|
|
|
|
* if we can't, we'll offer the user the option of discarding the
|
|
|
|
|
* comments.
|
|
|
|
|
*/
|
|
|
|
|
gboolean
|
|
|
|
|
cf_can_save_as(capture_file *cf)
|
|
|
|
|
{
|
|
|
|
|
if (wtap_dump_can_write(cf->linktypes, 0)) {
|
|
|
|
|
/* We can write it out with Wiretap. */
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (cf->is_tempfile && !cf->unsaved_changes) {
|
|
|
|
|
/*
|
|
|
|
|
* Temporary file with no unsaved changes, so we can just do a
|
|
|
|
|
* raw binary copy.
|
|
|
|
|
*/
|
|
|
|
|
return TRUE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Nothing to save. */
|
|
|
|
|
return FALSE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Does this file have unsaved data?
|
|
|
|
|
*/
|
|
|
|
|
gboolean
|
2013-04-02 20:35:46 +00:00
|
|
|
cf_has_unsaved_data(capture_file *cf)
|
2013-04-01 23:44:29 +00:00
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* If this is a temporary file, or a file with unsaved changes, it
|
|
|
|
|
* has unsaved data.
|
|
|
|
|
*/
|
2015-06-24 22:41:22 +00:00
|
|
|
return (cf->is_tempfile && cf->count>0) || cf->unsaved_changes;
|
2013-04-01 23:44:29 +00:00
|
|
|
}
|
|
|
|
|
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
/*
|
|
|
|
|
* Quick scan to find packet offsets.
|
|
|
|
|
*/
|
|
|
|
|
static cf_read_status_t
|
2017-04-19 21:43:11 +00:00
|
|
|
rescan_file(capture_file *cf, const char *fname, gboolean is_tempfile)
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
{
|
2018-02-09 00:19:12 +00:00
|
|
|
const wtap_rec *rec;
|
2017-04-19 21:43:11 +00:00
|
|
|
int err;
|
2012-08-12 22:21:02 +00:00
|
|
|
gchar *err_info;
|
|
|
|
|
gchar *name_ptr;
|
|
|
|
|
gint64 data_offset;
|
2012-10-22 19:14:43 +00:00
|
|
|
progdlg_t *progbar = NULL;
|
2016-07-15 18:09:01 +00:00
|
|
|
GTimer *prog_timer = g_timer_new();
|
2012-10-22 19:14:43 +00:00
|
|
|
gint64 size;
|
|
|
|
|
float progbar_val;
|
2012-08-12 22:21:02 +00:00
|
|
|
GTimeVal start_time;
|
|
|
|
|
gchar status_str[100];
|
|
|
|
|
guint32 framenum;
|
|
|
|
|
frame_data *fdata;
|
2012-10-22 19:14:43 +00:00
|
|
|
int count = 0;
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
/* Close the old handle. */
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_close(cf->provider.wth);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
/* Open the new file. */
|
2014-03-20 16:57:29 +00:00
|
|
|
/* XXX: this will go through all open_routines for a matching one. But right
|
|
|
|
|
now rescan_file() is only used when a file is being saved to a different
|
|
|
|
|
format than the original, and the user is not given a choice of which
|
|
|
|
|
reader to use (only which format to save it in), so doing this makes
|
|
|
|
|
sense for now. */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.wth = wtap_open_offline(fname, WTAP_TYPE_AUTO, &err, &err_info, TRUE);
|
|
|
|
|
if (cf->provider.wth == NULL) {
|
2017-04-20 18:23:51 +00:00
|
|
|
cfile_open_failure_alert_box(fname, err, err_info);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
return CF_READ_ERROR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* We're scanning a file whose contents should be the same as what
|
|
|
|
|
we had before, so we don't discard dissection state etc.. */
|
|
|
|
|
cf->f_datalen = 0;
|
|
|
|
|
|
|
|
|
|
/* Set the file name because we need it to set the follow stream filter.
|
|
|
|
|
XXX - is that still true? We need it for other reasons, though,
|
|
|
|
|
in any case. */
|
|
|
|
|
cf->filename = g_strdup(fname);
|
|
|
|
|
|
|
|
|
|
/* Indicate whether it's a permanent or temporary file. */
|
|
|
|
|
cf->is_tempfile = is_tempfile;
|
|
|
|
|
|
|
|
|
|
/* No user changes yet. */
|
|
|
|
|
cf->unsaved_changes = FALSE;
|
|
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->cd_t = wtap_file_type_subtype(cf->provider.wth);
|
2012-06-15 23:54:05 +00:00
|
|
|
cf->linktypes = g_array_sized_new(FALSE, FALSE, (guint) sizeof(int), 1);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->snap = wtap_snapshot_length(cf->provider.wth);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
name_ptr = g_filename_display_basename(cf->filename);
|
|
|
|
|
|
|
|
|
|
cf_callback_invoke(cf_cb_file_rescan_started, cf);
|
|
|
|
|
|
2012-06-15 23:54:05 +00:00
|
|
|
/* Record whether the file is compressed.
|
|
|
|
|
XXX - do we know this at open time? */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->iscompressed = wtap_iscompressed(cf->provider.wth);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
/* Find the size of the file. */
|
2017-12-08 03:31:43 +00:00
|
|
|
size = wtap_file_size(cf->provider.wth, NULL);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_start(prog_timer);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
cf->stop_flag = FALSE;
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
g_get_current_time(&start_time);
|
|
|
|
|
|
|
|
|
|
framenum = 0;
|
2018-02-09 00:19:12 +00:00
|
|
|
rec = wtap_get_rec(cf->provider.wth);
|
2017-12-08 03:31:43 +00:00
|
|
|
while ((wtap_read(cf->provider.wth, &err, &err_info, &data_offset))) {
|
2014-05-23 10:50:02 +00:00
|
|
|
framenum++;
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
|
2014-05-23 10:50:02 +00:00
|
|
|
fdata->file_off = data_offset;
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
if (size >= 0) {
|
|
|
|
|
count++;
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->f_datalen = wtap_read_so_far(cf->provider.wth);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/* Create the progress bar if necessary. */
|
|
|
|
|
if (progress_is_slow(progbar, prog_timer, size, cf->f_datalen)) {
|
2015-05-22 22:33:38 +00:00
|
|
|
progbar_val = calc_progbar_val(cf, size, cf->f_datalen, status_str, sizeof(status_str));
|
2012-07-19 21:49:52 +00:00
|
|
|
progbar = delayed_create_progress_dlg(cf->window, "Rescanning", name_ptr,
|
2015-06-19 23:56:44 +00:00
|
|
|
TRUE, &cf->stop_flag, &start_time, progbar_val);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
}
|
|
|
|
|
|
2016-07-15 18:09:01 +00:00
|
|
|
/*
|
|
|
|
|
* Update the progress bar, but do it only after PROGBAR_UPDATE_INTERVAL
|
|
|
|
|
* has elapsed. Calling update_progress_dlg and packets_bar_update will
|
|
|
|
|
* likely trigger UI paint events, which might take a while depending on
|
|
|
|
|
* the platform and display. Reset our timer *after* painting.
|
|
|
|
|
*/
|
|
|
|
|
if (progbar && g_timer_elapsed(prog_timer, NULL) > PROGBAR_UPDATE_INTERVAL) {
|
|
|
|
|
progbar_val = calc_progbar_val(cf, size, cf->f_datalen, status_str, sizeof(status_str));
|
|
|
|
|
/* update the packet bar content on the first run or frequently on very large files */
|
|
|
|
|
update_progress_dlg(progbar, progbar_val, status_str);
|
2017-06-19 18:48:42 +00:00
|
|
|
compute_elapsed(cf, &start_time);
|
2016-07-15 18:09:01 +00:00
|
|
|
packets_bar_update();
|
|
|
|
|
g_timer_start(prog_timer);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
if (cf->stop_flag) {
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
/* Well, the user decided to abort the rescan. Sadly, as this
|
|
|
|
|
isn't a reread, recovering is difficult, so we'll just
|
|
|
|
|
close the current capture. */
|
|
|
|
|
break;
|
|
|
|
|
}
|
2012-06-15 23:54:05 +00:00
|
|
|
|
2014-05-23 10:50:02 +00:00
|
|
|
/* Add this packet's link-layer encapsulation type to cf->linktypes, if
|
|
|
|
|
it's not already there.
|
|
|
|
|
XXX - yes, this is O(N), so if every packet had a different
|
|
|
|
|
link-layer encapsulation type, it'd be O(N^2) to read the file, but
|
|
|
|
|
there are probably going to be a small number of encapsulation types
|
|
|
|
|
in a file. */
|
2018-02-09 00:19:12 +00:00
|
|
|
if (rec->rec_type == REC_TYPE_PACKET) {
|
|
|
|
|
cf_add_encapsulation_type(cf, rec->rec_header.packet_header.pkt_encap);
|
|
|
|
|
}
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Free the display name */
|
|
|
|
|
g_free(name_ptr);
|
|
|
|
|
|
|
|
|
|
/* We're done reading the file; destroy the progress bar if it was created. */
|
|
|
|
|
if (progbar != NULL)
|
|
|
|
|
destroy_progress_dlg(progbar);
|
2016-07-15 18:09:01 +00:00
|
|
|
g_timer_destroy(prog_timer);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
/* We're done reading sequentially through the file. */
|
|
|
|
|
cf->state = FILE_READ_DONE;
|
|
|
|
|
|
|
|
|
|
/* Close the sequential I/O side, to free up memory it requires. */
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_sequential_close(cf->provider.wth);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
/* compute the time it took to load the file */
|
2013-08-14 04:14:36 +00:00
|
|
|
compute_elapsed(cf, &start_time);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
/* Set the file encapsulation type now; we don't know what it is until
|
|
|
|
|
we've looked at all the packets, as we don't know until then whether
|
|
|
|
|
there's more than one type (and thus whether it's
|
|
|
|
|
WTAP_ENCAP_PER_PACKET). */
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->lnk_t = wtap_file_encap(cf->provider.wth);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
cf_callback_invoke(cf_cb_file_rescan_finished, cf);
|
|
|
|
|
|
2015-06-19 23:56:44 +00:00
|
|
|
if (cf->stop_flag) {
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
/* Our caller will give up at this point. */
|
|
|
|
|
return CF_READ_ABORTED;
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-19 21:43:11 +00:00
|
|
|
if (err != 0) {
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
/* Put up a message box noting that the read failed somewhere along
|
|
|
|
|
the line. Don't throw out the stuff we managed to read, though,
|
|
|
|
|
if any. */
|
2017-04-19 21:43:11 +00:00
|
|
|
cfile_read_failure_alert_box(NULL, err, err_info);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
return CF_READ_ERROR;
|
|
|
|
|
} else
|
|
|
|
|
return CF_READ_OK;
|
|
|
|
|
}
|
|
|
|
|
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
cf_write_status_t
|
2014-05-24 18:28:30 +00:00
|
|
|
cf_save_records(capture_file *cf, const char *fname, guint save_format,
|
2012-06-20 01:11:01 +00:00
|
|
|
gboolean compressed, gboolean discard_comments,
|
|
|
|
|
gboolean dont_reopen)
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
{
|
2013-04-13 18:24:06 +00:00
|
|
|
gchar *err_info;
|
|
|
|
|
gchar *fname_new = NULL;
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dumper *pdh;
|
2013-04-13 18:24:06 +00:00
|
|
|
frame_data *fdata;
|
2013-09-22 19:40:02 +00:00
|
|
|
addrinfo_lists_t *addr_lists;
|
2013-04-13 18:24:06 +00:00
|
|
|
guint framenum;
|
|
|
|
|
int err;
|
|
|
|
|
#ifdef _WIN32
|
|
|
|
|
gchar *display_basename;
|
|
|
|
|
#endif
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
enum {
|
|
|
|
|
SAVE_WITH_MOVE,
|
|
|
|
|
SAVE_WITH_COPY,
|
|
|
|
|
SAVE_WITH_WTAP
|
2013-04-13 18:24:06 +00:00
|
|
|
} how_to_save;
|
2004-01-09 22:56:59 +00:00
|
|
|
save_callback_args_t callback_args;
|
2017-06-01 08:34:25 +00:00
|
|
|
gboolean needs_reload = FALSE;
|
2004-01-02 21:01:40 +00:00
|
|
|
|
2018-06-30 19:26:40 +00:00
|
|
|
/* XXX caller should avoid saving the file while a read is pending
|
|
|
|
|
* (e.g. by delaying the save action) */
|
|
|
|
|
if (cf->read_lock) {
|
|
|
|
|
g_warning("cf_save_records(\"%s\") while the file is being read, potential crash ahead", fname);
|
|
|
|
|
}
|
|
|
|
|
|
2009-12-14 22:05:29 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_save_started, (gpointer)fname);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2013-09-22 19:40:02 +00:00
|
|
|
addr_lists = get_addrinfo_list();
|
2013-04-13 18:24:06 +00:00
|
|
|
|
2012-05-24 05:05:29 +00:00
|
|
|
if (save_format == cf->cd_t && compressed == cf->iscompressed
|
2013-04-13 18:24:06 +00:00
|
|
|
&& !discard_comments && !cf->unsaved_changes
|
2017-12-29 04:58:38 +00:00
|
|
|
&& (wtap_addrinfo_list_empty(addr_lists) || !wtap_dump_has_name_resolution(save_format))) {
|
|
|
|
|
/* We're saving in the format it's already in, and we're not discarding
|
|
|
|
|
comments, and there are no changes we have in memory that aren't saved
|
|
|
|
|
to the file, and we have no name resolution information to write or
|
|
|
|
|
the file format we're saving in doesn't support writing name
|
|
|
|
|
resolution information, so we can just move or copy the raw data. */
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
|
|
|
|
if (cf->is_tempfile) {
|
|
|
|
|
/* The file being saved is a temporary file from a live
|
|
|
|
|
capture, so it doesn't need to stay around under that name;
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
first, try renaming the capture buffer file to the new name.
|
2012-05-24 02:16:53 +00:00
|
|
|
This acts as a "safe save", in that, if the file already
|
|
|
|
|
exists, the existing file will be removed only if the rename
|
2012-05-26 00:44:49 +00:00
|
|
|
succeeds.
|
|
|
|
|
|
|
|
|
|
Sadly, on Windows, as we have the current capture file
|
|
|
|
|
open, even MoveFileEx() with MOVEFILE_REPLACE_EXISTING
|
|
|
|
|
(to cause the rename to remove an existing target), as
|
|
|
|
|
done by ws_stdio_rename() (ws_rename() is #defined to
|
|
|
|
|
be ws_stdio_rename() on Windows) will fail.
|
|
|
|
|
|
|
|
|
|
According to the MSDN documentation for CreateFile(), if,
|
|
|
|
|
when we open a capture file, we were to directly do a CreateFile(),
|
|
|
|
|
opening with FILE_SHARE_DELETE|FILE_SHARE_READ, and then
|
|
|
|
|
convert it to a file descriptor with _open_osfhandle(),
|
|
|
|
|
that would allow the file to be renamed out from under us.
|
|
|
|
|
|
2012-06-01 08:05:12 +00:00
|
|
|
However, that doesn't work in practice. Perhaps the problem
|
|
|
|
|
is that the process doing the rename is the process that
|
|
|
|
|
has the file open. */
|
2012-05-26 00:44:49 +00:00
|
|
|
#ifndef _WIN32
|
2008-05-22 15:46:27 +00:00
|
|
|
if (ws_rename(cf->filename, fname) == 0) {
|
2009-09-21 15:50:15 +00:00
|
|
|
/* That succeeded - there's no need to copy the source file. */
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
how_to_save = SAVE_WITH_MOVE;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
} else {
|
2009-09-21 15:50:15 +00:00
|
|
|
if (errno == EXDEV) {
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/* They're on different file systems, so we have to copy the
|
|
|
|
|
file. */
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
how_to_save = SAVE_WITH_COPY;
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
} else {
|
|
|
|
|
/* The rename failed, but not because they're on different
|
|
|
|
|
file systems - put up an error message. (Or should we
|
|
|
|
|
just punt and try to copy? The only reason why I'd
|
|
|
|
|
expect the rename to fail and the copy to succeed would
|
|
|
|
|
be if we didn't have permission to remove the file from
|
|
|
|
|
the temporary directory, and that might be fixable - but
|
|
|
|
|
is it worth requiring the user to go off and fix it?) */
|
2012-06-17 22:32:03 +00:00
|
|
|
cf_rename_failure_alert_box(fname, errno);
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
2012-05-26 00:44:49 +00:00
|
|
|
#else
|
2017-12-29 03:58:04 +00:00
|
|
|
/* Windows - copy the file to its new location. */
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
how_to_save = SAVE_WITH_COPY;
|
2012-05-26 00:44:49 +00:00
|
|
|
#endif
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
} else {
|
|
|
|
|
/* It's a permanent file, so we should copy it, and not remove the
|
|
|
|
|
original. */
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
how_to_save = SAVE_WITH_COPY;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
2002-04-22 19:10:33 +00:00
|
|
|
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
if (how_to_save == SAVE_WITH_COPY) {
|
2012-05-24 02:16:53 +00:00
|
|
|
/* Copy the file, if we haven't moved it. If we're overwriting
|
|
|
|
|
an existing file, we do it with a "safe save", by writing
|
|
|
|
|
to a new file and, if the write succeeds, renaming the
|
|
|
|
|
new file on top of the old file. */
|
|
|
|
|
if (file_exists(fname)) {
|
|
|
|
|
fname_new = g_strdup_printf("%s~", fname);
|
|
|
|
|
if (!copy_file_binary_mode(cf->filename, fname_new))
|
|
|
|
|
goto fail;
|
|
|
|
|
} else {
|
|
|
|
|
if (!copy_file_binary_mode(cf->filename, fname))
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
/* Either we're saving in a different format or we're saving changes,
|
|
|
|
|
such as added, modified, or removed comments, that haven't yet
|
|
|
|
|
been written to the underlying file; we can't do that by copying
|
|
|
|
|
or moving the capture file, we have to do it by writing the packets
|
|
|
|
|
out in Wiretap. */
|
2012-02-15 19:44:16 +00:00
|
|
|
|
2016-05-31 03:42:41 +00:00
|
|
|
GArray *shb_hdrs = NULL;
|
2012-02-21 16:29:29 +00:00
|
|
|
wtapng_iface_descriptions_t *idb_inf = NULL;
|
2016-06-01 14:11:46 +00:00
|
|
|
GArray *nrb_hdrs = NULL;
|
Add a routine that, given a set of packet encapsulation types, returns
the per-file encapsulation type needed to write out a set of packets
with all those encapsulation types. If there's only one such
encapsulation type, that's the type, otherwise WTAP_ENCAP_PER_PACKET is
needed. Use that in wtap_dump_can_write_encaps().
Also use it in cf_save_packets() and cf_export_specified_packets(), so
that we can write out files with WTAP_ENCAP_PER_PACKET as the file
encapsulation type and only one actual per-packet encapsulation type in
some cases where that failed before. This fixes the case that showed up
in bug 7505, although there are other cases where we *could* write out a
capture in a given file format but won't be able to do so; fixing those
will take more work.
#BACKPORT
(Note: this adds a routine to libwiretap, so, when backported, the
*minor* version of the library should be increased. Code that worked
with the version of the library prior to this change will continue to
work, so there's no need to change the *major* version of the library.)
svn path=/trunk/; revision=43847
2012-07-20 04:00:29 +00:00
|
|
|
int encap;
|
2012-02-15 19:44:16 +00:00
|
|
|
|
2015-07-20 14:35:06 +00:00
|
|
|
/* XXX: what free's this shb_hdr? */
|
2017-12-08 03:31:43 +00:00
|
|
|
shb_hdrs = wtap_file_get_shb_for_new_file(cf->provider.wth);
|
|
|
|
|
idb_inf = wtap_file_get_idb_info(cf->provider.wth);
|
|
|
|
|
nrb_hdrs = wtap_file_get_nrb_for_new_file(cf->provider.wth);
|
2012-02-20 20:15:51 +00:00
|
|
|
|
Add a routine that, given a set of packet encapsulation types, returns
the per-file encapsulation type needed to write out a set of packets
with all those encapsulation types. If there's only one such
encapsulation type, that's the type, otherwise WTAP_ENCAP_PER_PACKET is
needed. Use that in wtap_dump_can_write_encaps().
Also use it in cf_save_packets() and cf_export_specified_packets(), so
that we can write out files with WTAP_ENCAP_PER_PACKET as the file
encapsulation type and only one actual per-packet encapsulation type in
some cases where that failed before. This fixes the case that showed up
in bug 7505, although there are other cases where we *could* write out a
capture in a given file format but won't be able to do so; fixing those
will take more work.
#BACKPORT
(Note: this adds a routine to libwiretap, so, when backported, the
*minor* version of the library should be increased. Code that worked
with the version of the library prior to this change will continue to
work, so there's no need to change the *major* version of the library.)
svn path=/trunk/; revision=43847
2012-07-20 04:00:29 +00:00
|
|
|
/* Determine what file encapsulation type we should use. */
|
|
|
|
|
encap = wtap_dump_file_encap_type(cf->linktypes);
|
|
|
|
|
|
2012-05-24 02:16:53 +00:00
|
|
|
if (file_exists(fname)) {
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
/* We're overwriting an existing file; write out to a new file,
|
|
|
|
|
and, if that succeeds, rename the new file on top of the
|
|
|
|
|
old file. That makes this a "safe save", so that we don't
|
|
|
|
|
lose the old file if we have a problem writing out the new
|
|
|
|
|
file. (If the existing file is the current capture file,
|
|
|
|
|
we *HAVE* to do that, otherwise we're overwriting the file
|
|
|
|
|
from which we're reading the packets that we're writing!) */
|
2012-05-24 02:16:53 +00:00
|
|
|
fname_new = g_strdup_printf("%s~", fname);
|
Add a routine that, given a set of packet encapsulation types, returns
the per-file encapsulation type needed to write out a set of packets
with all those encapsulation types. If there's only one such
encapsulation type, that's the type, otherwise WTAP_ENCAP_PER_PACKET is
needed. Use that in wtap_dump_can_write_encaps().
Also use it in cf_save_packets() and cf_export_specified_packets(), so
that we can write out files with WTAP_ENCAP_PER_PACKET as the file
encapsulation type and only one actual per-packet encapsulation type in
some cases where that failed before. This fixes the case that showed up
in bug 7505, although there are other cases where we *could* write out a
capture in a given file format but won't be able to do so; fixing those
will take more work.
#BACKPORT
(Note: this adds a routine to libwiretap, so, when backported, the
*minor* version of the library should be increased. Code that worked
with the version of the library prior to this change will continue to
work, so there's no need to change the *major* version of the library.)
svn path=/trunk/; revision=43847
2012-07-20 04:00:29 +00:00
|
|
|
pdh = wtap_dump_open_ng(fname_new, save_format, encap, cf->snap,
|
2016-06-01 14:11:46 +00:00
|
|
|
compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
} else {
|
Add a routine that, given a set of packet encapsulation types, returns
the per-file encapsulation type needed to write out a set of packets
with all those encapsulation types. If there's only one such
encapsulation type, that's the type, otherwise WTAP_ENCAP_PER_PACKET is
needed. Use that in wtap_dump_can_write_encaps().
Also use it in cf_save_packets() and cf_export_specified_packets(), so
that we can write out files with WTAP_ENCAP_PER_PACKET as the file
encapsulation type and only one actual per-packet encapsulation type in
some cases where that failed before. This fixes the case that showed up
in bug 7505, although there are other cases where we *could* write out a
capture in a given file format but won't be able to do so; fixing those
will take more work.
#BACKPORT
(Note: this adds a routine to libwiretap, so, when backported, the
*minor* version of the library should be increased. Code that worked
with the version of the library prior to this change will continue to
work, so there's no need to change the *major* version of the library.)
svn path=/trunk/; revision=43847
2012-07-20 04:00:29 +00:00
|
|
|
pdh = wtap_dump_open_ng(fname, save_format, encap, cf->snap,
|
2016-06-01 14:11:46 +00:00
|
|
|
compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
}
|
2012-03-15 02:35:49 +00:00
|
|
|
g_free(idb_inf);
|
|
|
|
|
idb_inf = NULL;
|
|
|
|
|
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
if (pdh == NULL) {
|
2017-04-20 18:23:51 +00:00
|
|
|
cfile_dump_open_failure_alert_box(fname, err, save_format);
|
2002-05-23 10:27:12 +00:00
|
|
|
goto fail;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
2012-02-08 20:15:59 +00:00
|
|
|
/* Add address resolution */
|
2013-09-22 19:40:02 +00:00
|
|
|
wtap_dump_set_addrinfo_list(pdh, addr_lists);
|
2012-02-08 20:15:59 +00:00
|
|
|
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
/* Iterate through the list of packets, processing all the packets. */
|
2004-01-09 22:56:59 +00:00
|
|
|
callback_args.pdh = pdh;
|
|
|
|
|
callback_args.fname = fname;
|
When reporting "sorry, *this* packet can't be written to a file of that
type" when writing out a capture file (i.e., writing a
per-packet-encapsulation capture to a file type that supports it but
doesn't support one of the packet's encapsulations), report the packet
number and, when doing this in a merge operation, report the file from
which it came.
When reporting "sorry, that file can't be written to a file of that
type, period", show the file type rather than the input file link-layer
type that causes the problem. (We could show both. We could be
*really* ambitious and iterate through all possible file types and show
the ones that will or at least might work....)
file_write_error_message() is documented as handling only UNIX-style
errnos, and libwireshark should be usable without libwiretap, so leave
it up to its callers to handle Wiretap errors such as
WTAP_ERR_SHORT_WRITE.
Clean up indentation.
svn path=/trunk/; revision=39949
2011-11-19 20:18:01 +00:00
|
|
|
callback_args.file_type = save_format;
|
2014-05-24 18:28:30 +00:00
|
|
|
switch (process_specified_records(cf, NULL, "Saving", "packets",
|
2016-03-01 02:52:52 +00:00
|
|
|
TRUE, save_record, &callback_args, TRUE)) {
|
2004-01-09 22:56:59 +00:00
|
|
|
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
2003-12-29 20:05:59 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
case PSP_STOPPED:
|
|
|
|
|
/* The user decided to abort the saving.
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
If we're writing to a temporary file, remove it.
|
|
|
|
|
XXX - should we do so even if we're not writing to a
|
|
|
|
|
temporary file? */
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dump_close(pdh, &err);
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
if (fname_new != NULL)
|
|
|
|
|
ws_unlink(fname_new);
|
|
|
|
|
cf_callback_invoke(cf_cb_file_save_stopped, NULL);
|
|
|
|
|
return CF_WRITE_ABORTED;
|
2004-01-02 21:01:40 +00:00
|
|
|
|
2004-01-09 22:56:59 +00:00
|
|
|
case PSP_FAILED:
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
/* Error while saving.
|
|
|
|
|
If we're writing to a temporary file, remove it. */
|
|
|
|
|
if (fname_new != NULL)
|
|
|
|
|
ws_unlink(fname_new);
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dump_close(pdh, &err);
|
2004-01-09 22:56:59 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
2017-06-01 08:34:25 +00:00
|
|
|
needs_reload = wtap_dump_get_needs_reload(pdh);
|
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if (!wtap_dump_close(pdh, &err)) {
|
2017-04-18 21:02:18 +00:00
|
|
|
cfile_close_failure_alert_box(fname, err);
|
2002-05-23 10:27:12 +00:00
|
|
|
goto fail;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
|
|
|
|
|
how_to_save = SAVE_WITH_WTAP;
|
2004-01-09 22:56:59 +00:00
|
|
|
}
|
2004-01-02 21:01:40 +00:00
|
|
|
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
if (fname_new != NULL) {
|
|
|
|
|
/* We wrote out to fname_new, and should rename it on top of
|
2012-06-01 08:05:12 +00:00
|
|
|
fname. fname_new is now closed, so that should be possible even
|
|
|
|
|
on Windows. However, on Windows, we first need to close whatever
|
|
|
|
|
file descriptors we have open for fname. */
|
|
|
|
|
#ifdef _WIN32
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_fdclose(cf->provider.wth);
|
2012-06-01 08:05:12 +00:00
|
|
|
#endif
|
|
|
|
|
/* Now do the rename. */
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
if (ws_rename(fname_new, fname) == -1) {
|
2012-05-24 02:16:53 +00:00
|
|
|
/* Well, the rename failed. */
|
2012-06-17 22:32:03 +00:00
|
|
|
cf_rename_failure_alert_box(fname, errno);
|
2012-06-01 08:05:12 +00:00
|
|
|
#ifdef _WIN32
|
2012-06-02 16:59:47 +00:00
|
|
|
/* Attempt to reopen the random file descriptor using the
|
|
|
|
|
current file's filename. (At this point, the sequential
|
|
|
|
|
file descriptor is closed.) */
|
2017-12-08 03:31:43 +00:00
|
|
|
if (!wtap_fdreopen(cf->provider.wth, cf->filename, &err)) {
|
2012-06-01 08:05:12 +00:00
|
|
|
/* Oh, well, we're screwed. */
|
2012-06-17 22:32:03 +00:00
|
|
|
display_basename = g_filename_display_basename(cf->filename);
|
|
|
|
|
simple_error_message_box(
|
|
|
|
|
file_open_error_message(err, FALSE), display_basename);
|
|
|
|
|
g_free(display_basename);
|
2012-06-01 08:05:12 +00:00
|
|
|
}
|
|
|
|
|
#endif
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-29 03:58:04 +00:00
|
|
|
/* If this was a temporary file, and we didn't do the save by doing
|
|
|
|
|
a move, so the tempoary file is still around under its old name,
|
|
|
|
|
remove it. */
|
2017-12-29 06:10:59 +00:00
|
|
|
if (cf->is_tempfile && how_to_save != SAVE_WITH_MOVE) {
|
2017-12-29 03:58:04 +00:00
|
|
|
/* If this fails, there's not much we can do, so just ignore errors. */
|
|
|
|
|
ws_unlink(cf->filename);
|
|
|
|
|
}
|
|
|
|
|
|
2009-12-14 22:05:29 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_save_finished, NULL);
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
cf->unsaved_changes = FALSE;
|
|
|
|
|
|
2012-05-25 21:25:55 +00:00
|
|
|
if (!dont_reopen) {
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
switch (how_to_save) {
|
|
|
|
|
|
|
|
|
|
case SAVE_WITH_MOVE:
|
|
|
|
|
/* We just moved the file, so the wtap structure refers to the
|
|
|
|
|
new file, and all the information other than the filename
|
|
|
|
|
and the "is temporary" status applies to the new file; just
|
|
|
|
|
update that. */
|
|
|
|
|
g_free(cf->filename);
|
|
|
|
|
cf->filename = g_strdup(fname);
|
|
|
|
|
cf->is_tempfile = FALSE;
|
|
|
|
|
cf_callback_invoke(cf_cb_file_fast_save_finished, cf);
|
|
|
|
|
break;
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
case SAVE_WITH_COPY:
|
2017-12-29 03:58:04 +00:00
|
|
|
/* We just copied the file, so all the information other than
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
the wtap structure, the filename, and the "is temporary"
|
|
|
|
|
status applies to the new file; just update that. */
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_close(cf->provider.wth);
|
2014-03-20 16:57:29 +00:00
|
|
|
/* Although we're just "copying" and then opening the copy, it will
|
|
|
|
|
try all open_routine readers to open the copy, so we need to
|
|
|
|
|
reset the cfile's open_type. */
|
|
|
|
|
cf->open_type = WTAP_TYPE_AUTO;
|
2017-12-08 03:31:43 +00:00
|
|
|
cf->provider.wth = wtap_open_offline(fname, WTAP_TYPE_AUTO, &err, &err_info, TRUE);
|
|
|
|
|
if (cf->provider.wth == NULL) {
|
2017-04-20 18:23:51 +00:00
|
|
|
cfile_open_failure_alert_box(fname, err, err_info);
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
cf_close(cf);
|
|
|
|
|
} else {
|
|
|
|
|
g_free(cf->filename);
|
|
|
|
|
cf->filename = g_strdup(fname);
|
|
|
|
|
cf->is_tempfile = FALSE;
|
|
|
|
|
}
|
|
|
|
|
cf_callback_invoke(cf_cb_file_fast_save_finished, cf);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case SAVE_WITH_WTAP:
|
|
|
|
|
/* Open and read the file we saved to.
|
|
|
|
|
|
|
|
|
|
XXX - this is somewhat of a waste; we already have the
|
|
|
|
|
packets, all this gets us is updated file type information
|
|
|
|
|
(which we could just stuff into "cf"), and having the new
|
|
|
|
|
file be the one we have opened and from which we're reading
|
|
|
|
|
the data, and it means we have to spend time opening and
|
|
|
|
|
reading the file, which could be a significant amount of
|
|
|
|
|
time if the file is large.
|
|
|
|
|
|
|
|
|
|
If the capture-file-writing code were to return the
|
|
|
|
|
seek offset of each packet it writes, we could save that
|
|
|
|
|
in the frame_data structure for the frame, and just open
|
|
|
|
|
the file without reading it again...
|
|
|
|
|
|
|
|
|
|
...as long as, for gzipped files, the process of writing
|
|
|
|
|
out the file *also* generates the information needed to
|
|
|
|
|
support fast random access to the compressed file. */
|
2014-03-20 16:57:29 +00:00
|
|
|
/* rescan_file will cause us to try all open_routines, so
|
|
|
|
|
reset cfile's open_type */
|
|
|
|
|
cf->open_type = WTAP_TYPE_AUTO;
|
2017-06-01 08:34:25 +00:00
|
|
|
/* There are cases when SAVE_WITH_WTAP can result in new packets
|
|
|
|
|
being written to the file, e.g ERF records
|
|
|
|
|
In that case, we need to reload the whole file */
|
|
|
|
|
if(needs_reload) {
|
|
|
|
|
if (cf_open(cf, fname, WTAP_TYPE_AUTO, FALSE, &err) == CF_OK) {
|
|
|
|
|
if (cf_read(cf, TRUE) != CF_READ_OK) {
|
|
|
|
|
/* The rescan failed; just close the file. Either
|
|
|
|
|
a dialog was popped up for the failure, so the
|
|
|
|
|
user knows what happened, or they stopped the
|
|
|
|
|
rescan, in which case they know what happened. */
|
|
|
|
|
/* XXX: This is inconsistent with normal open/reload behaviour. */
|
|
|
|
|
cf_close(cf);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (rescan_file(cf, fname, FALSE) != CF_READ_OK) {
|
|
|
|
|
/* The rescan failed; just close the file. Either
|
|
|
|
|
a dialog was popped up for the failure, so the
|
|
|
|
|
user knows what happened, or they stopped the
|
|
|
|
|
rescan, in which case they know what happened. */
|
|
|
|
|
cf_close(cf);
|
|
|
|
|
}
|
2012-05-25 21:25:55 +00:00
|
|
|
}
|
If we do a Save or Save As with a move, don't reread the capture file,
just tweak the elements in the capture_file structure as necessary and
poke the UI to update stuff such as the windows title.
If we do a Save or Save As with a copy, don't reread the capture file,
just close the old wtap, open a wtap for the copy, and tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title.
Otherwise, don't do a full read-and-dissect pass on the capture file,
just close the old wtap, open a wtap for the new file, tweak the
elements in the capture_file structure as necessary and poke the UI to
update stuff such as the windows title, and rescan the file to update
the packet offsets (and cause Wiretap to regenerate, for a gzipped file,
the information needed to support fast random access to the gzipped
file).
This should speed up Save and Save As a bit, as well as removing some
glitches in the UI (e.g., you won't see the packet list disappear and
reappear).
svn path=/trunk/; revision=43101
2012-06-05 06:52:18 +00:00
|
|
|
break;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
2012-06-20 01:11:01 +00:00
|
|
|
|
|
|
|
|
/* If we were told to discard the comments, do so. */
|
|
|
|
|
if (discard_comments) {
|
|
|
|
|
/* Remove SHB comment, if any. */
|
2017-12-08 03:31:43 +00:00
|
|
|
wtap_write_shb_comment(cf->provider.wth, NULL);
|
2012-06-20 01:11:01 +00:00
|
|
|
|
2013-08-01 20:59:38 +00:00
|
|
|
/* remove all user comments */
|
2012-06-20 01:11:01 +00:00
|
|
|
for (framenum = 1; framenum <= cf->count; framenum++) {
|
2017-12-08 03:31:43 +00:00
|
|
|
fdata = frame_data_sequence_find(cf->provider.frames, framenum);
|
2013-08-01 20:59:38 +00:00
|
|
|
|
|
|
|
|
fdata->flags.has_phdr_comment = FALSE;
|
|
|
|
|
fdata->flags.has_user_comment = FALSE;
|
2012-06-20 01:11:01 +00:00
|
|
|
}
|
2013-08-01 20:59:38 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
if (cf->provider.frames_user_comments) {
|
|
|
|
|
g_tree_destroy(cf->provider.frames_user_comments);
|
|
|
|
|
cf->provider.frames_user_comments = NULL;
|
2013-08-01 20:59:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cf->packet_comment_count = 0;
|
2012-07-19 21:49:52 +00:00
|
|
|
}
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
return CF_WRITE_OK;
|
2002-05-23 10:27:12 +00:00
|
|
|
|
|
|
|
|
fail:
|
2012-05-29 01:18:16 +00:00
|
|
|
if (fname_new != NULL) {
|
2012-05-24 02:16:53 +00:00
|
|
|
/* We were trying to write to a temporary file; get rid of it if it
|
|
|
|
|
exists. (We don't care whether this fails, as, if it fails,
|
|
|
|
|
there's not much we can do about it. I guess if it failed for
|
|
|
|
|
a reason other than "it doesn't exist", we could report an
|
|
|
|
|
error, so the user knows there's a junk file that they might
|
|
|
|
|
want to clean up.) */
|
|
|
|
|
ws_unlink(fname_new);
|
|
|
|
|
g_free(fname_new);
|
|
|
|
|
}
|
2009-12-14 22:05:29 +00:00
|
|
|
cf_callback_invoke(cf_cb_file_save_failed, NULL);
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
return CF_WRITE_ERROR;
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
}
|
|
|
|
|
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
cf_write_status_t
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
cf_export_specified_packets(capture_file *cf, const char *fname,
|
|
|
|
|
packet_range_t *range, guint save_format,
|
|
|
|
|
gboolean compressed)
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
{
|
2012-08-12 22:21:02 +00:00
|
|
|
gchar *fname_new = NULL;
|
|
|
|
|
int err;
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dumper *pdh;
|
2012-08-12 22:21:02 +00:00
|
|
|
save_callback_args_t callback_args;
|
2016-05-31 03:42:41 +00:00
|
|
|
GArray *shb_hdrs = NULL;
|
2015-07-20 14:35:06 +00:00
|
|
|
wtapng_iface_descriptions_t *idb_inf = NULL;
|
2016-06-01 14:11:46 +00:00
|
|
|
GArray *nrb_hdrs = NULL;
|
2012-08-12 22:21:02 +00:00
|
|
|
int encap;
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
|
|
|
|
|
packet_range_process_init(range);
|
|
|
|
|
|
|
|
|
|
/* We're writing out specified packets from the specified capture
|
|
|
|
|
file to another file. Even if all captured packets are to be
|
|
|
|
|
written, don't special-case the operation - read each packet
|
|
|
|
|
and then write it out if it's one of the specified ones. */
|
|
|
|
|
|
2015-07-20 14:35:06 +00:00
|
|
|
/* XXX: what free's this shb_hdr? */
|
2017-12-08 03:31:43 +00:00
|
|
|
shb_hdrs = wtap_file_get_shb_for_new_file(cf->provider.wth);
|
|
|
|
|
idb_inf = wtap_file_get_idb_info(cf->provider.wth);
|
|
|
|
|
nrb_hdrs = wtap_file_get_nrb_for_new_file(cf->provider.wth);
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
|
Add a routine that, given a set of packet encapsulation types, returns
the per-file encapsulation type needed to write out a set of packets
with all those encapsulation types. If there's only one such
encapsulation type, that's the type, otherwise WTAP_ENCAP_PER_PACKET is
needed. Use that in wtap_dump_can_write_encaps().
Also use it in cf_save_packets() and cf_export_specified_packets(), so
that we can write out files with WTAP_ENCAP_PER_PACKET as the file
encapsulation type and only one actual per-packet encapsulation type in
some cases where that failed before. This fixes the case that showed up
in bug 7505, although there are other cases where we *could* write out a
capture in a given file format but won't be able to do so; fixing those
will take more work.
#BACKPORT
(Note: this adds a routine to libwiretap, so, when backported, the
*minor* version of the library should be increased. Code that worked
with the version of the library prior to this change will continue to
work, so there's no need to change the *major* version of the library.)
svn path=/trunk/; revision=43847
2012-07-20 04:00:29 +00:00
|
|
|
/* Determine what file encapsulation type we should use. */
|
|
|
|
|
encap = wtap_dump_file_encap_type(cf->linktypes);
|
|
|
|
|
|
2012-05-24 02:16:53 +00:00
|
|
|
if (file_exists(fname)) {
|
|
|
|
|
/* We're overwriting an existing file; write out to a new file,
|
|
|
|
|
and, if that succeeds, rename the new file on top of the
|
|
|
|
|
old file. That makes this a "safe save", so that we don't
|
|
|
|
|
lose the old file if we have a problem writing out the new
|
|
|
|
|
file. (If the existing file is the current capture file,
|
|
|
|
|
we *HAVE* to do that, otherwise we're overwriting the file
|
|
|
|
|
from which we're reading the packets that we're writing!) */
|
|
|
|
|
fname_new = g_strdup_printf("%s~", fname);
|
Add a routine that, given a set of packet encapsulation types, returns
the per-file encapsulation type needed to write out a set of packets
with all those encapsulation types. If there's only one such
encapsulation type, that's the type, otherwise WTAP_ENCAP_PER_PACKET is
needed. Use that in wtap_dump_can_write_encaps().
Also use it in cf_save_packets() and cf_export_specified_packets(), so
that we can write out files with WTAP_ENCAP_PER_PACKET as the file
encapsulation type and only one actual per-packet encapsulation type in
some cases where that failed before. This fixes the case that showed up
in bug 7505, although there are other cases where we *could* write out a
capture in a given file format but won't be able to do so; fixing those
will take more work.
#BACKPORT
(Note: this adds a routine to libwiretap, so, when backported, the
*minor* version of the library should be increased. Code that worked
with the version of the library prior to this change will continue to
work, so there's no need to change the *major* version of the library.)
svn path=/trunk/; revision=43847
2012-07-20 04:00:29 +00:00
|
|
|
pdh = wtap_dump_open_ng(fname_new, save_format, encap, cf->snap,
|
2016-06-01 14:11:46 +00:00
|
|
|
compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
|
2012-05-24 02:16:53 +00:00
|
|
|
} else {
|
Add a routine that, given a set of packet encapsulation types, returns
the per-file encapsulation type needed to write out a set of packets
with all those encapsulation types. If there's only one such
encapsulation type, that's the type, otherwise WTAP_ENCAP_PER_PACKET is
needed. Use that in wtap_dump_can_write_encaps().
Also use it in cf_save_packets() and cf_export_specified_packets(), so
that we can write out files with WTAP_ENCAP_PER_PACKET as the file
encapsulation type and only one actual per-packet encapsulation type in
some cases where that failed before. This fixes the case that showed up
in bug 7505, although there are other cases where we *could* write out a
capture in a given file format but won't be able to do so; fixing those
will take more work.
#BACKPORT
(Note: this adds a routine to libwiretap, so, when backported, the
*minor* version of the library should be increased. Code that worked
with the version of the library prior to this change will continue to
work, so there's no need to change the *major* version of the library.)
svn path=/trunk/; revision=43847
2012-07-20 04:00:29 +00:00
|
|
|
pdh = wtap_dump_open_ng(fname, save_format, encap, cf->snap,
|
2016-06-01 14:11:46 +00:00
|
|
|
compressed, shb_hdrs, idb_inf, nrb_hdrs, &err);
|
2012-05-24 02:16:53 +00:00
|
|
|
}
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
g_free(idb_inf);
|
|
|
|
|
idb_inf = NULL;
|
|
|
|
|
|
|
|
|
|
if (pdh == NULL) {
|
2017-04-20 18:23:51 +00:00
|
|
|
cfile_dump_open_failure_alert_box(fname, err, save_format);
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Add address resolution */
|
|
|
|
|
wtap_dump_set_addrinfo_list(pdh, get_addrinfo_list());
|
|
|
|
|
|
|
|
|
|
/* Iterate through the list of packets, processing the packets we were
|
|
|
|
|
told to process.
|
|
|
|
|
|
|
|
|
|
XXX - we've already called "packet_range_process_init(range)", but
|
2014-05-24 18:28:30 +00:00
|
|
|
"process_specified_records()" will do it again. Fortunately,
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
that's harmless in this case, as we haven't done anything to
|
|
|
|
|
"range" since we initialized it. */
|
|
|
|
|
callback_args.pdh = pdh;
|
|
|
|
|
callback_args.fname = fname;
|
|
|
|
|
callback_args.file_type = save_format;
|
2014-05-24 18:28:30 +00:00
|
|
|
switch (process_specified_records(cf, range, "Writing", "specified records",
|
2016-03-01 02:52:52 +00:00
|
|
|
TRUE, save_record, &callback_args, TRUE)) {
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
|
|
|
|
|
case PSP_FINISHED:
|
|
|
|
|
/* Completed successfully. */
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_STOPPED:
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
/* The user decided to abort the saving.
|
|
|
|
|
If we're writing to a temporary file, remove it.
|
|
|
|
|
XXX - should we do so even if we're not writing to a
|
|
|
|
|
temporary file? */
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dump_close(pdh, &err);
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
if (fname_new != NULL)
|
|
|
|
|
ws_unlink(fname_new);
|
|
|
|
|
return CF_WRITE_ABORTED;
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case PSP_FAILED:
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
/* Error while saving.
|
|
|
|
|
If we're writing to a temporary file, remove it. */
|
|
|
|
|
if (fname_new != NULL)
|
|
|
|
|
ws_unlink(fname_new);
|
2014-05-09 05:18:49 +00:00
|
|
|
wtap_dump_close(pdh, &err);
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-09 05:18:49 +00:00
|
|
|
if (!wtap_dump_close(pdh, &err)) {
|
2017-04-18 21:02:18 +00:00
|
|
|
cfile_close_failure_alert_box(fname, err);
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
2012-05-24 02:16:53 +00:00
|
|
|
if (fname_new != NULL) {
|
|
|
|
|
/* We wrote out to fname_new, and should rename it on top of
|
|
|
|
|
fname; fname is now closed, so that should be possible even
|
|
|
|
|
on Windows. Do the rename. */
|
|
|
|
|
if (ws_rename(fname_new, fname) == -1) {
|
|
|
|
|
/* Well, the rename failed. */
|
2012-06-17 22:32:03 +00:00
|
|
|
cf_rename_failure_alert_box(fname, errno);
|
2012-05-24 02:16:53 +00:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
return CF_WRITE_OK;
|
"Save As" always saves everything and, when the save is done, makes the
new file the current file, as is the case in most if not all other GUI
applications.
A new "Export Specified Packets" menu option allows you to specify which
packets to write out, with the default being the displayed packets (and
those on which the displayed packets depend for, e.g. reassembly), and
never makes the resulting file the current file.
The two operations are conceptually distinct. Lumping them into one
menu item, with the default for "Save As" being "displayed packets only"
and thus making it behave like the latter operation, was causing some
confusion; see, for example, bug 6640.
Make the dialog popped up if you try to "Save As" or "Export Specified
Packets" on top of an existing file ask the "do you want to do this?"
question in the main part of the message, and note in the secondary text
that doing that will overwrite what's in the file; that matches what
TextEdit on OS X and the GNOME text editor say.
svn path=/trunk/; revision=42792
2012-05-22 22:17:57 +00:00
|
|
|
|
|
|
|
|
fail:
|
2012-05-29 01:18:16 +00:00
|
|
|
if (fname_new != NULL) {
|
2012-05-24 02:16:53 +00:00
|
|
|
/* We were trying to write to a temporary file; get rid of it if it
|
|
|
|
|
exists. (We don't care whether this fails, as, if it fails,
|
|
|
|
|
there's not much we can do about it. I guess if it failed for
|
|
|
|
|
a reason other than "it doesn't exist", we could report an
|
|
|
|
|
error, so the user knows there's a junk file that they might
|
|
|
|
|
want to clean up.) */
|
|
|
|
|
ws_unlink(fname_new);
|
|
|
|
|
g_free(fname_new);
|
|
|
|
|
}
|
Distinguish between "failed" and "user stopped it" for "save as" and
"export specified packets". For "failed", let the user try again with a
different file, in case it failed due to, for example, running out of
space or quota (probably the most likely failure mode for writing, and
trying to a different volume might be the best workaround). For "user
stopped it", presumably they don't want to try again (the most likely
reason is "it was taking too damn long").
Put "Exporting to: ...", not "Saving: ..." in the statusbar if we're
doing "export specified packets".
In process_specified_packets(), allow a null range pointer to be
specified, meaning "save 'em all"; that avoids the possibly-expensive
(with a large capture) operation of initializing the range.
If a "safe save" atop an existing file fails or is stopped, get rid of
the temporary file we created.
svn path=/trunk/; revision=43095
2012-06-05 02:46:54 +00:00
|
|
|
return CF_WRITE_ERROR;
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* XXX - whether we mention the source pathname, the target pathname,
|
|
|
|
|
* or both depends on the error and on what we find if we look for
|
|
|
|
|
* one or both of them.
|
|
|
|
|
*/
|
2012-06-17 22:32:03 +00:00
|
|
|
static void
|
|
|
|
|
cf_rename_failure_alert_box(const char *filename, int err)
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
{
|
2012-06-17 22:32:03 +00:00
|
|
|
gchar *display_basename;
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
|
2012-06-17 22:32:03 +00:00
|
|
|
display_basename = g_filename_display_basename(filename);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
switch (err) {
|
|
|
|
|
|
|
|
|
|
case ENOENT:
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
/* XXX - should check whether the source exists and, if not,
|
|
|
|
|
report it as the problem and, if so, report the destination
|
|
|
|
|
as the problem. */
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_error_message_box("The path to the file \"%s\" doesn't exist.",
|
|
|
|
|
display_basename);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case EACCES:
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
/* XXX - if we're doing a rename after a safe save, we should
|
|
|
|
|
probably say something else. */
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_error_message_box("You don't have permission to move the capture file to \"%s\".",
|
|
|
|
|
display_basename);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
We're an editor now, as we let you add, delete, and edit frame comments,
so "Save" should, for non-temporary files, mean "save the current state
of the capture file on top of the existing file" without prompting for a
file name.
That means we have to do a "safe save" - i.e, write the capture out to a
new file and, if that succeeds, rename the new file on top of the old
file - as the actual packet data to write out is in the file we're
overwriting, not in memory. (We'd want to do that anyway, of
course....)
Update some comments.
Clean up indentation slightly, and get rid of an unnecessary variable
(in all the cases where we use it, we assign it the same value, and that
value isn't modified out from under us before we use it).
Note that after a "Save", or a "Save As" that writes out all captured
packets, we shouldn't have to close the current file and open the new
file and reread it - we should be able to open the new file and update
the frame offsets in the frame_data structures.
Note that we need to do some a better job of reporting rename failures.
svn path=/trunk/; revision=42777
2012-05-22 10:36:40 +00:00
|
|
|
/* XXX - this should probably mention both the source and destination
|
|
|
|
|
pathnames. */
|
2012-06-17 22:32:03 +00:00
|
|
|
simple_error_message_box("The file \"%s\" could not be moved: %s.",
|
|
|
|
|
display_basename, wtap_strerror(err));
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2012-06-17 22:32:03 +00:00
|
|
|
g_free(display_basename);
|
Allow the user to save either all of the current capture, or only the
packets that are currently being displayed from that capture.
Centralize the code to control whether "File:Save" and "File:Save As"
are enabled (and *always* have "File:Save As" enabled if you have a
capture; "File:Save" is enabled only if you have a live capture you've
not yet saved, although it does the same thing as "File:Save As").
Have the "save_file" member of a "capture_file" structure represent
*only* the file currently being *written* to by a capture, and, if there
is no capture currently in progress, have it be NULL; the name of the
file currently being *displayed" is in the "filename" member, and an
"is_tempfile" member indicates whether it's a temporary file for a live
capture or not.
Have "close_cap_file()" delete the current capture file if it's a
temporary capture file that hasn't been saved (in its entirety - saving
selected frames doesn't count). Do the same (if there *is* a current
capture file) when exiting.
The "Ready to load or capture" message is the only statusbar message in
the "main" context; "close_cap_file()" should never pop it, it should
only pop whatever message exists in the "file" context, and thus has no
need to take, as an argument, the context for the message it should pop.
Update the man page to reflect the new behavior of "File:Save" and
"File:Save As", and to reflect recent changes to "Display:Match Selected".
svn path=/trunk/; revision=1170
1999-11-30 20:50:15 +00:00
|
|
|
}
|
|
|
|
|
|
2004-09-02 19:52:39 +00:00
|
|
|
/* Reload the current capture file. */
|
2004-08-25 03:01:32 +00:00
|
|
|
void
|
2005-02-04 18:44:44 +00:00
|
|
|
cf_reload(capture_file *cf) {
|
2012-08-12 22:21:02 +00:00
|
|
|
gchar *filename;
|
|
|
|
|
gboolean is_tempfile;
|
|
|
|
|
int err;
|
2004-08-25 03:01:32 +00:00
|
|
|
|
2018-06-30 19:26:40 +00:00
|
|
|
if (cf->read_lock) {
|
|
|
|
|
g_warning("Failing cf_reload(\"%s\") since a read is in progress", cf->filename);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-25 03:01:32 +00:00
|
|
|
/* If the file could be opened, "cf_open()" calls "cf_close()"
|
|
|
|
|
to get rid of state for the old capture file before filling in state
|
|
|
|
|
for the new capture file. "cf_close()" will remove the file if
|
|
|
|
|
it's a temporary file; we don't want that to happen (for one thing,
|
|
|
|
|
it'd prevent subsequent reopens from working). Remember whether it's
|
|
|
|
|
a temporary file, mark it as not being a temporary file, and then
|
|
|
|
|
reopen it as the type of file it was.
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
Also, "cf_close()" will free "cf->filename", so we must make
|
2004-08-25 03:01:32 +00:00
|
|
|
a copy of it first. */
|
2005-02-04 18:44:44 +00:00
|
|
|
filename = g_strdup(cf->filename);
|
|
|
|
|
is_tempfile = cf->is_tempfile;
|
|
|
|
|
cf->is_tempfile = FALSE;
|
2014-03-20 16:57:29 +00:00
|
|
|
if (cf_open(cf, filename, cf->open_type, is_tempfile, &err) == CF_OK) {
|
2012-05-22 03:52:12 +00:00
|
|
|
switch (cf_read(cf, TRUE)) {
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2005-02-05 12:50:47 +00:00
|
|
|
case CF_READ_OK:
|
|
|
|
|
case CF_READ_ERROR:
|
2004-08-25 03:01:32 +00:00
|
|
|
/* Just because we got an error, that doesn't mean we were unable
|
|
|
|
|
to read any of the file; we handle what we could get from the
|
|
|
|
|
file. */
|
|
|
|
|
break;
|
|
|
|
|
|
2005-02-05 12:50:47 +00:00
|
|
|
case CF_READ_ABORTED:
|
2004-08-25 03:01:32 +00:00
|
|
|
/* The user bailed out of re-reading the capture file; the
|
|
|
|
|
capture file has been closed - just free the capture file name
|
|
|
|
|
string and return (without changing the last containing
|
|
|
|
|
directory). */
|
|
|
|
|
g_free(filename);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2005-02-04 18:44:44 +00:00
|
|
|
/* The open failed, so "cf->is_tempfile" wasn't set to "is_tempfile".
|
|
|
|
|
Instead, the file was left open, so we should restore "cf->is_tempfile"
|
2004-08-25 03:01:32 +00:00
|
|
|
ourselves.
|
|
|
|
|
|
|
|
|
|
XXX - change the menu? Presumably "cf_open()" will do that;
|
|
|
|
|
make sure it does! */
|
2005-02-04 18:44:44 +00:00
|
|
|
cf->is_tempfile = is_tempfile;
|
2004-08-25 03:01:32 +00:00
|
|
|
}
|
|
|
|
|
/* "cf_open()" made a copy of the file name we handed it, so
|
|
|
|
|
we should free up our copy. */
|
|
|
|
|
g_free(filename);
|
|
|
|
|
}
|
2010-04-01 21:55:01 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Editor modelines
|
|
|
|
|
*
|
|
|
|
|
* Local Variables:
|
|
|
|
|
* c-basic-offset: 2
|
2010-04-28 16:37:25 +00:00
|
|
|
* tab-width: 8
|
2010-04-01 21:55:01 +00:00
|
|
|
* indent-tabs-mode: nil
|
|
|
|
|
* End:
|
|
|
|
|
*
|
2011-09-21 17:49:11 +00:00
|
|
|
* ex: set shiftwidth=2 tabstop=8 expandtab:
|
2010-04-28 16:37:25 +00:00
|
|
|
* :indentSize=2:tabSize=8:noTabs=true:
|
2010-04-01 21:55:01 +00:00
|
|
|
*/
|