2 * Capture options (all parameters needed to do the actual capture)
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 * Capture options (all parameters needed to do the actual capture)
30 #ifndef __CAPTURE_OPTS_H__
31 #define __CAPTURE_OPTS_H__
33 #ifdef HAVE_SYS_TYPES_H
34 # include <sys/types.h> /* for gid_t */
37 #include "capture_ifinfo.h"
41 #endif /* __cplusplus */
44 for tshark, we're using a leading - in the optstring to prevent getopt()
45 from permuting the argv[] entries, in this case, unknown argv[] entries
46 will be returned as parameters to a dummy-option 1
47 in short: we must not use 1 here */
49 /* this does not clash with tshark's -2 option which returns '2' */
50 #define LONGOPT_NUM_CAP_COMMENT 2
53 #ifdef HAVE_PCAP_REMOTE
54 /* Type of capture source */
56 CAPTURE_IFLOCAL, /**< Local network interface */
57 CAPTURE_IFREMOTE /**< Remote network interface */
60 /* Type of RPCAPD Authentication */
62 CAPTURE_AUTH_NULL, /**< No authentication */
63 CAPTURE_AUTH_PWD /**< User/password authentication */
66 #ifdef HAVE_PCAP_SETSAMPLING
68 * Method of packet sampling (dropping some captured packets),
69 * may require additional integer parameter, marked here as N
72 CAPTURE_SAMP_NONE, /**< No sampling - capture all packets */
73 CAPTURE_SAMP_BY_COUNT, /**< Counter-based sampling -
74 capture 1 packet from every N */
75 CAPTURE_SAMP_BY_TIMER /**< Timer-based sampling -
76 capture no more than 1 packet
81 #ifdef HAVE_PCAP_REMOTE
82 struct remote_host_info {
83 gchar *remote_host; /**< Host name or network address for remote capturing */
84 gchar *remote_port; /**< TCP port of remote RPCAP server */
85 gint auth_type; /**< Authentication type */
86 gchar *auth_username; /**< Remote authentication parameters */
87 gchar *auth_password; /**< Remote authentication parameters */
93 typedef struct remote_options_tag {
94 capture_source src_type;
95 struct remote_host_info remote_host_opts;
96 #ifdef HAVE_PCAP_SETSAMPLING
97 capture_sampling sampling_method;
101 #endif /* HAVE_PCAP_REMOTE */
103 typedef struct interface_tag {
106 gchar *friendly_name;
114 gboolean has_snaplen;
117 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
120 #ifdef HAVE_PCAP_CREATE
121 gboolean monitor_mode_enabled;
122 gboolean monitor_mode_supported;
124 #ifdef HAVE_PCAP_REMOTE
125 remote_options remote_opts;
127 guint32 last_packets;
134 typedef struct link_row_tag {
139 typedef struct interface_options_tag {
140 gchar *name; /* the name of the interface provided to winpcap/libpcap to specify the interface */
142 gchar *console_display_name; /* the name displayed in the console, also the basis for autonamed pcap filenames */
144 gboolean has_snaplen;
147 gboolean promisc_mode;
148 interface_type if_type;
149 #if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
152 gboolean monitor_mode;
153 #ifdef HAVE_PCAP_REMOTE
154 capture_source src_type;
157 capture_auth auth_type;
158 gchar *auth_username;
159 gchar *auth_password;
161 gboolean nocap_rpcap;
162 gboolean nocap_local;
164 #ifdef HAVE_PCAP_SETSAMPLING
165 capture_sampling sampling_method;
170 /** Capture options coming from user interface */
171 typedef struct capture_options_tag {
173 GArray *ifaces; /**< array of interfaces.
174 Currently only used by dumpcap. */
179 * Options to be applied to all interfaces.
181 * Some of these can be set from the GUI, others can't; setting
182 * the link-layer header type, for example, doesn't necessarily
183 * make sense, as different interfaces may support different sets
184 * of link-layer header types.
186 * Some that can't be set from the GUI can be set from the command
187 * line, by specifying them before any interface is specified.
188 * This includes the link-layer header type, so if somebody asks
189 * for a link-layer header type that an interface on which they're
190 * capturing doesn't support, we should report an error and fail
193 * These can be overridden per-interface.
195 interface_options default_options;
197 gboolean saving_to_file; /**< TRUE if capture is writing to a file */
198 gchar *save_file; /**< the capture file name */
199 gboolean group_read_access; /**< TRUE is group read permission needs to be set */
200 gboolean use_pcapng; /**< TRUE if file format is pcapng */
203 gboolean real_time_mode; /**< Update list of packets in real time */
204 gboolean show_info; /**< show the info dialog */
205 gboolean quit_after_cap; /**< Makes a "capture only mode". Implies -k */
206 gboolean restart; /**< restart after closing is done */
207 gchar *orig_save_file; /**< the original capture file name (saved for a restart) */
209 /* multiple files (and ringbuffer) */
210 gboolean multi_files_on; /**< TRUE if ring buffer in use */
212 gboolean has_file_duration; /**< TRUE if ring duration specified */
213 gint32 file_duration; /**< Switch file after n seconds */
214 gboolean has_ring_num_files; /**< TRUE if ring num_files specified */
215 guint32 ring_num_files; /**< Number of multiple buffer files */
217 /* autostop conditions */
218 gboolean has_autostop_files; /**< TRUE if maximum number of capture files
220 gint32 autostop_files; /**< Maximum number of capture files */
222 gboolean has_autostop_packets; /**< TRUE if maximum packet count is
224 int autostop_packets; /**< Maximum packet count */
225 gboolean has_autostop_filesize; /**< TRUE if maximum capture file size
227 guint32 autostop_filesize; /**< Maximum capture file size */
228 gboolean has_autostop_duration; /**< TRUE if maximum capture duration
230 gint32 autostop_duration; /**< Maximum capture duration */
232 gchar *capture_comment; /** capture comment to write to the
235 /* internally used (don't touch from outside) */
236 gboolean output_to_pipe; /**< save_file is a pipe (named or stdout) */
237 gboolean capture_child; /**< hidden option: Wireshark child mode */
240 /* initialize the capture_options with some reasonable values */
242 capture_opts_init(capture_options *capture_opts);
244 /* set a command line option value */
246 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg, gboolean *start_capture);
248 /* log content of capture_opts */
250 capture_opts_log(const char *log_domain, GLogLevelFlags log_level, capture_options *capture_opts);
252 /* print interface capabilities, including link layer types */
254 capture_opts_print_if_capabilities(if_capabilities_t *caps, char *name,
255 gboolean monitor_mode);
257 /* print list of interfaces */
259 capture_opts_print_interfaces(GList *if_list);
261 /* trim the snaplen entry */
263 capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min);
265 /* trim the ring_num_files entry */
267 capture_opts_trim_ring_num_files(capture_options *capture_opts);
269 /* pick default interface if none was specified */
271 capture_opts_default_iface_if_necessary(capture_options *capture_opts,
272 const char *capture_device);
275 collect_ifaces(capture_options *capture_opts);
277 /* Default capture buffer size in Mbytes. */
278 #define DEFAULT_CAPTURE_BUFFER_SIZE 2
282 #endif /* __cplusplus */
284 #endif /* capture_opts.h */