by dumpcap and Ethereal (so that, on UN*X, the child process can report
a detailed "can't exec dumpcap" error).
Rename most of the "sync_pipe_XXX_to_parent()" routines, as they're also
in Tethereal, which doesn't have a sync pipe.
svn path=/trunk/; revision=17789
even if doing a live capture; just print the packets without saving
them.
In dumpcap:
default to the capturing the entire packet;
don't do the "Press any key" stuff when debugging on UN*X;
do console logging (to the standard error) even when we're
running as the capture child (the sync pipe should only be the
standard output, not the standard error).
svn path=/trunk/; revision=17786
I've also changed the way the secondary error message is transported from former "header message 0 secondary 0" to "header header message 0 header secondary 0" as that might be a bit more clearer, and I'll need it for further development anyway.
I was using this while debugging and not recognizing the real problem - for about four hours :-(. I'll need this feature when doing the interface (and link layer type) browsing later (transferring this data from dumpcap to Ethereal) to get a full blown privilege seperation.
svn path=/trunk/; revision=17608
- fix buggy g_snprintf call (Win32 fails if %s is called with a NULL pointer)
- don't call file close if file wasn't open before (Win32 crashes if eth_unlink is called with a NULL pointer)
svn path=/trunk/; revision=17558
doing anything with the output file, so that
1) if the attempt to open the capture device fails, we don't
bother creating any output files;
2) we could relinquish privileges permanently as soon as we
finish opening the capture device, so we don't have to give
them up temporarily when opening the output file, reclaim
them to open the input device, and then give them up
permanently;
(we already do that in Tethereal).
While we're at it, set the capture filter immediately after opening the
capture device, so we quit before opening capture devices if that fails.
svn path=/trunk/; revision=17468
primary and secondary error messages and let the parent worry about how
to display them. This means dumpcap doesn't need stub routines for
generating the formatting tags for the primary and secondary messages.
Have a separate message for capture filter errors, so that the parent
can check whether the capture filter looks like a display filter and
report the appropriate message. This means that dumpcap doesn't need a
stub routine for compiling display filters (a stub routine also means
that Ethereal won't do the check for capture filters that look like
display filters!).
svn path=/trunk/; revision=17465
bypass Wiretap; that means we don't have to run the packet through
wtap_process_pcap_packet() and then undo that conversion in Wiretap if
we're just going to write it out, shortening the code path.
svn path=/trunk/; revision=17461
no longer needs util.c, so it no longer includes routines that use
host_ip_af(), so it no longer needs to define its own host_ip_af().
That also means dumpcap.c no longer needs to include <sys/socket.h>.
svn path=/trunk/; revision=17278
using dumpcap as the capture child for Ethereal.
dumpcap is a plain console application now, even for Win32 (so no WinMain, create_console and special piping stuff reguired). The undocumented command line option -Z will switch dumpcap into "child mode", using binary instead of plain text output messages to communicate with a parent Ethereal.
Ethereal's main.c no longer needs to distinguish between child mode or not, so some simplifying here.
capture_sync.c has to call dumpcap in a "hidden window" mode using CreateProcess instead of spawnvp, otherwise an uggly console window would appear. The handles created by _pipe doesn't seem to be inheritable for this function, using CreatePipe instead.
The file capture_loop.c is only needed by dumpcap, removed from Ethereal link objects.
Some debugging aid added and other minor cleanup done.
svn path=/trunk/; revision=17256
tethereal internally converted the stdout capture filename "-" into "" which doesn't make any real sense and only complicated things.
To make things even more confusing, wiretap expected "" for dump output and "-" for offline reading ...
svn path=/trunk/; revision=16962
warnings.
Include "wiretap/libpcap.h" in "capture_loop.h", to get its declarations
of data structures for headers in libpcap files. This lets us remove
the includes of "wiretap/libpcap.h from files including
"capture_loop.h".
Make "log_func_ignore()" in "tethereal.c" static, and declare some of
its arguments unused. Also get rid of an unused variable.
Include <pcap.h> before including "wiretap/wtap-capture.h", to declare
"struct pcap_pkthdr".
svn path=/trunk/; revision=16791
remove a lot of redundant code from tethereal and use (move) stuff from capture_loop.c instead.
concentrate common capture related code in capture_opts.c, e.g. trying to find the right interface to capture from (command line option, preference, first usable) instead of duplicating this code over several files.
remove redundant code from dumpcap.c
this also implements command line option -D (and indexed interfaces at -i) for Ethereal and Dumpcap (as we have it in Tethereal already for a while)
svn path=/trunk/; revision=16787
this way, the capture prefix will "logically" group the files together and file browsers will also group them
we may want to move the files into a subdir capture later
svn path=/trunk/; revision=16691
This way, the capture child don't need to now any of the packet_counter things (no epan/packet.h and all alike).
Currently the capture_info code will always open another wiretap file instance to build it's own counter values. This isn't optimized for now (next step: use data from cf_continue_tail() somehow).
svn path=/trunk/; revision=16669
this fortunately removes *a lot* of dependencies and make the resulting binary a lot smaller (and hopefully faster to load :-)
some more cleanup (like replacing // by /**/)
svn path=/trunk/; revision=16620
personal backup only, not meant for public testing!
I've copied main.c into dumpcap.c and carved out all things not needed
currently won't work as a command line tool, capture_loop.c wants an input pipe
console output is also very ugly and the whole code needs a lot of further cleanup
shouldn't break the unix build as I've only changed the nmake files so far, but who knows ...
svn path=/trunk/; revision=16615
made the CaptureSetup wiki page more prominent
added some "headings" so some of the help subtopics are easier for "human grep" IMHO
svn path=/trunk/; revision=16592
to do this, I've added file_util.h to wiretap (would file_compat.h be a better name?), and provide compat_macros like eth_open() instead of open(). While at it, move other file related things there, like #include <io.h>, definition of O_BINARY and alike, so it's all in one place.
deleted related things from config.h.win32
As of these massive changes, I'm almost certain that this will break the Unix build. I'll keep an eye on the buildbot so hopefully everything is working again soon.
svn path=/trunk/; revision=16403
remove Byte(s) from the dropdown list of filesizes, this doesn't make sense
replace 1000 with 1024, as all (modern?) file managers are based on 1024 bytes for a kilobyte (the old KB vs. KiB controversy)
svn path=/trunk/; revision=16149
currently limited to Ethereal and all the variants of libpcap filetypes only.
We might want to add output compression support to the other tools as well (tethereal, mergecap, ...).
We might also want to add support for the other filetypes, but this is only possible if the filetype functions doesn't use special output operations like fseek.
One bug is still left: if the input and output filetypes while saving are the same, Ethereal currently optimizes this by simply copy the binary file instead of using wiretap (so it will be faster but it will ignore the compress setting).
Don't know a good workaround for this, as I don't know a way to find out if the input file is currently compressed or not. One idea might be to use a heuristic on the filesize (compared to the packet size summmary). Another workaround I see is to remove this optimization, which is of course not the way I like to do it ...
svn path=/trunk/; revision=15804
use the console_log_handler in main.c for win32 AND unix now
Currently use the log for the capturing engine (only), as I desperately needed a log output for debugging.
svn path=/trunk/; revision=14438
Guy Harris