2003-01-22 00:42:05 +00:00
|
|
|
/* tap-smbstat.c
|
|
|
|
* smbstat 2003 Ronnie Sahlberg
|
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
2003-01-22 00:42:05 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
2003-04-25 20:54:18 +00:00
|
|
|
*
|
2003-01-22 00:42:05 +00:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
2003-04-25 20:54:18 +00:00
|
|
|
*
|
2003-01-22 00:42:05 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
2003-04-25 20:54:18 +00:00
|
|
|
*
|
2003-01-22 00:42:05 +00:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
2012-06-28 22:56:06 +00:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2003-01-22 00:42:05 +00:00
|
|
|
*/
|
|
|
|
|
2012-09-20 01:29:52 +00:00
|
|
|
#include "config.h"
|
2003-01-22 00:42:05 +00:00
|
|
|
|
|
|
|
#include <stdio.h>
|
2013-11-10 15:59:37 +00:00
|
|
|
#include <stdlib.h>
|
2003-01-22 00:42:05 +00:00
|
|
|
#include <string.h>
|
2013-11-10 15:59:37 +00:00
|
|
|
|
2003-01-22 00:42:05 +00:00
|
|
|
#include "epan/packet_info.h"
|
2004-09-29 00:06:36 +00:00
|
|
|
#include <epan/tap.h>
|
2014-11-14 18:51:40 +00:00
|
|
|
#include <epan/stat_tap_ui.h>
|
2003-01-22 00:42:05 +00:00
|
|
|
#include "epan/value_string.h"
|
2005-09-17 00:31:15 +00:00
|
|
|
#include <epan/dissectors/packet-smb.h>
|
2013-06-26 00:18:44 +00:00
|
|
|
#include "epan/timestats.h"
|
2003-01-22 00:42:05 +00:00
|
|
|
|
2011-01-14 17:06:53 +00:00
|
|
|
#define MICROSECS_PER_SEC 1000000
|
|
|
|
#define NANOSECS_PER_SEC 1000000000
|
|
|
|
|
2013-11-14 06:21:02 +00:00
|
|
|
void register_tap_listener_smbstat(void);
|
|
|
|
|
2003-01-22 00:42:05 +00:00
|
|
|
/* used to keep track of the statistics for an entire program interface */
|
|
|
|
typedef struct _smbstat_t {
|
|
|
|
char *filter;
|
2003-04-25 20:54:18 +00:00
|
|
|
timestat_t proc[256];
|
|
|
|
timestat_t trans2[256];
|
|
|
|
timestat_t nt_trans[256];
|
2003-01-22 00:42:05 +00:00
|
|
|
} smbstat_t;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int
|
2005-01-01 02:57:02 +00:00
|
|
|
smbstat_packet(void *pss, packet_info *pinfo, epan_dissect_t *edt _U_, const void *psi)
|
2003-01-22 00:42:05 +00:00
|
|
|
{
|
2014-10-13 19:04:21 +00:00
|
|
|
smbstat_t *ss = (smbstat_t *)pss;
|
|
|
|
const smb_info_t *si = (const smb_info_t *)psi;
|
2005-08-20 02:15:02 +00:00
|
|
|
nstime_t t, deltat;
|
2014-10-13 19:04:21 +00:00
|
|
|
timestat_t *sp = NULL;
|
2003-01-22 00:42:05 +00:00
|
|
|
|
|
|
|
/* we are only interested in reply packets */
|
2014-10-13 19:04:21 +00:00
|
|
|
if (si->request) {
|
2003-01-22 00:42:05 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
/* if we havnt seen the request, just ignore it */
|
2014-10-13 19:04:21 +00:00
|
|
|
if (!si->sip) {
|
2003-01-22 00:42:05 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2014-10-13 19:04:21 +00:00
|
|
|
if (si->cmd == 0xA0 && si->sip->extra_info_type == SMB_EI_NTI) {
|
|
|
|
smb_nt_transact_info_t *sti = (smb_nt_transact_info_t *)si->sip->extra_info;
|
2003-01-22 00:42:05 +00:00
|
|
|
|
|
|
|
/*nt transaction*/
|
2014-10-13 19:04:21 +00:00
|
|
|
if (sti) {
|
|
|
|
sp = &(ss->nt_trans[sti->subcmd]);
|
2003-09-28 00:00:36 +00:00
|
|
|
}
|
2014-10-13 19:04:21 +00:00
|
|
|
} else if (si->cmd == 0x32 && si->sip->extra_info_type == SMB_EI_T2I) {
|
|
|
|
smb_transact2_info_t *st2i = (smb_transact2_info_t *)si->sip->extra_info;
|
2003-01-22 00:42:05 +00:00
|
|
|
|
|
|
|
/*transaction2*/
|
2014-10-13 19:04:21 +00:00
|
|
|
if (st2i) {
|
|
|
|
sp = &(ss->trans2[st2i->subcmd]);
|
2003-09-28 00:00:36 +00:00
|
|
|
}
|
2003-01-22 00:42:05 +00:00
|
|
|
} else {
|
2014-10-13 19:04:21 +00:00
|
|
|
sp = &(ss->proc[si->cmd]);
|
2003-01-22 00:42:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* calculate time delta between request and reply */
|
2014-10-13 19:04:21 +00:00
|
|
|
t = pinfo->fd->abs_ts;
|
2005-08-24 21:31:56 +00:00
|
|
|
nstime_delta(&deltat, &t, &si->sip->req_time);
|
2003-01-22 00:42:05 +00:00
|
|
|
|
2014-10-13 19:04:21 +00:00
|
|
|
if (sp) {
|
|
|
|
time_stat_update(sp, &deltat, pinfo);
|
2003-09-28 00:00:36 +00:00
|
|
|
}
|
2003-01-22 00:42:05 +00:00
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
smbstat_draw(void *pss)
|
|
|
|
{
|
2014-10-13 19:04:21 +00:00
|
|
|
smbstat_t *ss = (smbstat_t *)pss;
|
2003-01-22 00:42:05 +00:00
|
|
|
guint32 i;
|
|
|
|
guint64 td;
|
|
|
|
printf("\n");
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("=================================================================\n");
|
|
|
|
printf("SMB SRT Statistics:\n");
|
2014-10-13 19:04:21 +00:00
|
|
|
printf("Filter: %s\n", ss->filter ? ss->filter : "");
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("Commands Calls Min SRT Max SRT Avg SRT\n");
|
2014-10-13 19:04:21 +00:00
|
|
|
for (i=0; i<256; i++) {
|
2003-01-22 00:42:05 +00:00
|
|
|
/* nothing seen, nothing to do */
|
2014-10-13 19:04:21 +00:00
|
|
|
if (ss->proc[i].num == 0) {
|
2003-01-22 00:42:05 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* we deal with transaction2 later */
|
2014-10-13 19:04:21 +00:00
|
|
|
if (i == 0x32) {
|
2003-01-22 00:42:05 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* we deal with nt transaction later */
|
2014-10-13 19:04:21 +00:00
|
|
|
if (i == 0xA0) {
|
2003-01-22 00:42:05 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2011-01-14 17:06:53 +00:00
|
|
|
/* Scale the average SRT in units of 1us and round to the nearest us. */
|
|
|
|
td = ((guint64)(ss->proc[i].tot.secs)) * NANOSECS_PER_SEC + ss->proc[i].tot.nsecs;
|
|
|
|
|
|
|
|
td = ((td / ss->proc[i].num) + 500) / 1000;
|
2003-01-22 00:42:05 +00:00
|
|
|
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("%-25s %6d %3d.%06d %3d.%06d %3" G_GINT64_MODIFIER "u.%06" G_GINT64_MODIFIER "u\n",
|
2014-10-13 19:04:21 +00:00
|
|
|
val_to_str_ext(i, &smb_cmd_vals_ext, "Unknown (0x%02x)"),
|
|
|
|
ss->proc[i].num,
|
|
|
|
(int)(ss->proc[i].min.secs), (ss->proc[i].min.nsecs+500)/1000,
|
|
|
|
(int)(ss->proc[i].max.secs), (ss->proc[i].max.nsecs+500)/1000,
|
|
|
|
td/MICROSECS_PER_SEC, td%MICROSECS_PER_SEC
|
2003-01-22 00:42:05 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
printf("\n");
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("Transaction2 Commands Calls Min SRT Max SRT Avg SRT\n");
|
2014-10-13 19:04:21 +00:00
|
|
|
for (i=0; i<256; i++) {
|
2003-01-22 00:42:05 +00:00
|
|
|
/* nothing seen, nothing to do */
|
2014-10-13 19:04:21 +00:00
|
|
|
if (ss->trans2[i].num == 0) {
|
2003-01-22 00:42:05 +00:00
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2011-01-14 17:06:53 +00:00
|
|
|
/* Scale the average SRT in units of 1us and round to the nearest us. */
|
|
|
|
td = ((guint64)(ss->trans2[i].tot.secs)) * NANOSECS_PER_SEC + ss->trans2[i].tot.nsecs;
|
|
|
|
td = ((td / ss->trans2[i].num) + 500) / 1000;
|
2003-01-22 00:42:05 +00:00
|
|
|
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("%-25s %6d %3d.%06d %3d.%06d %3" G_GINT64_MODIFIER "u.%06" G_GINT64_MODIFIER "u\n",
|
2014-10-13 19:04:21 +00:00
|
|
|
val_to_str_ext(i, &trans2_cmd_vals_ext, "Unknown (0x%02x)"),
|
|
|
|
ss->trans2[i].num,
|
|
|
|
(int)(ss->trans2[i].min.secs), (ss->trans2[i].min.nsecs+500)/1000,
|
|
|
|
(int)(ss->trans2[i].max.secs), (ss->trans2[i].max.nsecs+500)/1000,
|
|
|
|
td/MICROSECS_PER_SEC, td%MICROSECS_PER_SEC
|
2003-01-22 00:42:05 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
printf("\n");
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("NT Transaction Commands Calls Min SRT Max SRT Avg SRT\n");
|
2014-10-13 19:04:21 +00:00
|
|
|
for (i=0; i<256; i++) {
|
2003-01-22 00:42:05 +00:00
|
|
|
/* nothing seen, nothing to do */
|
2014-10-13 19:04:21 +00:00
|
|
|
if (ss->nt_trans[i].num == 0) {
|
2003-01-22 00:42:05 +00:00
|
|
|
continue;
|
|
|
|
}
|
2011-01-14 17:06:53 +00:00
|
|
|
/* Scale the average SRT in units of 1us and round to the nearest us. */
|
|
|
|
td = ((guint64)(ss->nt_trans[i].tot.secs)) * NANOSECS_PER_SEC + ss->nt_trans[i].tot.nsecs;
|
|
|
|
td = ((td / ss->nt_trans[i].num) + 500) / 1000;
|
2003-01-22 00:42:05 +00:00
|
|
|
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("%-25s %6d %3d.%06d %3d.%06d %3" G_GINT64_MODIFIER "u.%06" G_GINT64_MODIFIER "u\n",
|
2014-10-13 19:04:21 +00:00
|
|
|
val_to_str_ext(i, &nt_cmd_vals_ext, "Unknown (0x%02x)"),
|
|
|
|
ss->nt_trans[i].num,
|
|
|
|
(int)(ss->nt_trans[i].min.secs), (ss->nt_trans[i].min.nsecs+500)/1000,
|
|
|
|
(int)(ss->nt_trans[i].max.secs), (ss->nt_trans[i].max.nsecs+500)/1000,
|
|
|
|
td/MICROSECS_PER_SEC, td%MICROSECS_PER_SEC
|
2003-01-22 00:42:05 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2011-01-14 17:06:53 +00:00
|
|
|
printf("=================================================================\n");
|
2003-01-22 00:42:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static void
|
2014-10-13 19:04:21 +00:00
|
|
|
smbstat_init(const char *opt_arg, void *userdata _U_)
|
2003-01-22 00:42:05 +00:00
|
|
|
{
|
|
|
|
smbstat_t *ss;
|
|
|
|
guint32 i;
|
2014-10-13 19:04:21 +00:00
|
|
|
const char *filter = NULL;
|
2003-04-23 08:20:06 +00:00
|
|
|
GString *error_string;
|
2003-01-22 00:42:05 +00:00
|
|
|
|
2014-10-13 19:04:21 +00:00
|
|
|
if (!strncmp(opt_arg, "smb,srt,", 8)) {
|
|
|
|
filter = opt_arg + 8;
|
2003-01-22 00:42:05 +00:00
|
|
|
} else {
|
2014-10-13 19:04:21 +00:00
|
|
|
filter = NULL;
|
2003-01-22 00:42:05 +00:00
|
|
|
}
|
|
|
|
|
2014-10-13 19:04:21 +00:00
|
|
|
ss = g_new(smbstat_t, 1);
|
|
|
|
if (filter) {
|
|
|
|
ss->filter = g_strdup(filter);
|
2003-01-22 00:42:05 +00:00
|
|
|
} else {
|
2014-10-13 19:04:21 +00:00
|
|
|
ss->filter = NULL;
|
2003-01-22 00:42:05 +00:00
|
|
|
}
|
|
|
|
|
2014-10-13 19:04:21 +00:00
|
|
|
for (i=0; i<256; i++) {
|
|
|
|
ss->proc[i].num = 0;
|
|
|
|
ss->proc[i].min_num = 0;
|
|
|
|
ss->proc[i].max_num = 0;
|
|
|
|
ss->proc[i].min.secs = 0;
|
|
|
|
ss->proc[i].min.nsecs = 0;
|
|
|
|
ss->proc[i].max.secs = 0;
|
|
|
|
ss->proc[i].max.nsecs = 0;
|
|
|
|
ss->proc[i].tot.secs = 0;
|
|
|
|
ss->proc[i].tot.nsecs = 0;
|
|
|
|
|
|
|
|
ss->trans2[i].num = 0;
|
|
|
|
ss->trans2[i].min_num = 0;
|
|
|
|
ss->trans2[i].max_num = 0;
|
|
|
|
ss->trans2[i].min.secs = 0;
|
|
|
|
ss->trans2[i].min.nsecs = 0;
|
|
|
|
ss->trans2[i].max.secs = 0;
|
|
|
|
ss->trans2[i].max.nsecs = 0;
|
|
|
|
ss->trans2[i].tot.secs = 0;
|
|
|
|
ss->trans2[i].tot.nsecs = 0;
|
|
|
|
|
|
|
|
ss->nt_trans[i].num = 0;
|
|
|
|
ss->nt_trans[i].min_num = 0;
|
|
|
|
ss->nt_trans[i].max_num = 0;
|
|
|
|
ss->nt_trans[i].min.secs = 0;
|
|
|
|
ss->nt_trans[i].min.nsecs = 0;
|
|
|
|
ss->nt_trans[i].max.secs = 0;
|
|
|
|
ss->nt_trans[i].max.nsecs = 0;
|
|
|
|
ss->nt_trans[i].tot.secs = 0;
|
|
|
|
ss->nt_trans[i].tot.nsecs = 0;
|
2003-01-22 00:42:05 +00:00
|
|
|
}
|
|
|
|
|
2014-10-13 19:04:21 +00:00
|
|
|
error_string = register_tap_listener("smb", ss, filter, 0, NULL, smbstat_packet, smbstat_draw);
|
|
|
|
if (error_string) {
|
2003-01-22 00:42:05 +00:00
|
|
|
/* error, we failed to attach to the tap. clean up */
|
|
|
|
g_free(ss->filter);
|
|
|
|
g_free(ss);
|
|
|
|
|
2011-03-23 20:00:13 +00:00
|
|
|
fprintf(stderr, "tshark: Couldn't register smb,srt tap: %s\n",
|
2014-10-13 19:04:21 +00:00
|
|
|
error_string->str);
|
2003-04-23 08:20:06 +00:00
|
|
|
g_string_free(error_string, TRUE);
|
2003-01-22 00:42:05 +00:00
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-11-14 18:42:26 +00:00
|
|
|
static stat_tap_ui smbstat_ui = {
|
2014-11-14 18:31:04 +00:00
|
|
|
REGISTER_STAT_GROUP_GENERIC,
|
|
|
|
NULL,
|
|
|
|
"smb,srt",
|
|
|
|
smbstat_init,
|
|
|
|
-1,
|
|
|
|
0,
|
|
|
|
NULL
|
|
|
|
};
|
2003-01-22 00:42:05 +00:00
|
|
|
|
|
|
|
void
|
|
|
|
register_tap_listener_smbstat(void)
|
|
|
|
{
|
2014-11-14 18:42:26 +00:00
|
|
|
register_stat_tap_ui(&smbstat_ui, NULL);
|
2003-01-22 00:42:05 +00:00
|
|
|
}
|
|
|
|
|
2014-10-13 19:04:21 +00:00
|
|
|
/*
|
|
|
|
* Editor modelines - http://www.wireshark.org/tools/modelines.html
|
|
|
|
*
|
|
|
|
* Local variables:
|
|
|
|
* c-basic-offset: 8
|
|
|
|
* tab-width: 8
|
|
|
|
* indent-tabs-mode: t
|
|
|
|
* End:
|
|
|
|
*
|
|
|
|
* vi: set shiftwidth=8 tabstop=8 noexpandtab:
|
|
|
|
* :indentSize=8:tabSize=8:noTabs=false:
|
|
|
|
*/
|