* and not continue to capture, should we report it as a warning, or
* what?
*/
-void
+static void
enable_kernel_bpf_jit_compiler(void)
{
int fd;
static void report_new_capture_file(const char *filename);
static void report_packet_count(unsigned int packet_count);
-static void report_packet_drops(guint32 received, guint32 pcap_drops, guint32 drops, guint32 flushed, gchar *name);
+static void report_packet_drops(guint32 received, guint32 pcap_drops, guint32 drops, guint32 flushed, guint32 ps_ifdrop, gchar *name);
static void report_capture_error(const char *error_msg, const char *secondary_error_msg);
static void report_cfilter_error(capture_options *capture_opts, guint i, const char *errmsg);
#define MSG_MAX_LENGTH 4096
-/* Copied from pcapio.c libpcap_write_interface_statistics_block()*/
+/* Copied from pcapio.c pcapng_write_interface_statistics_block()*/
static guint64
create_timestamp(void) {
guint64 timestamp;
* Subtract difference, in microseconds, between January 1, 1601
* 00:00:00 UTC and January 1, 1970, 00:00:00 UTC.
*/
- timestamp -= G_GINT64_CONSTANT(11644473600000000U);
+ timestamp -= G_GUINT64_CONSTANT(11644473600000000);
#else
/*
* Current time, represented as seconds and microseconds since
fprintf(output, " -I capture in monitor mode, if available\n");
#endif
#if defined(_WIN32) || defined(HAVE_PCAP_CREATE)
- fprintf(output, " -B <buffer size> size of kernel buffer in MB (def: %dMB)\n", DEFAULT_CAPTURE_BUFFER_SIZE);
+ fprintf(output, " -B <buffer size> size of kernel buffer in MiB (def: %dMiB)\n", DEFAULT_CAPTURE_BUFFER_SIZE);
#endif
fprintf(output, " -y <link type> link layer type (def: first appropriate)\n");
fprintf(output, " -D print list of interfaces and exit\n");
fprintf(output, " -v print version information and exit\n");
fprintf(output, " -h display this help and exit\n");
fprintf(output, "\n");
+#ifdef __linux__
+ fprintf(output, "WARNING: dumpcap will enable kernel BPF JIT compiler if available.\n");
+ fprintf(output, "You might want to reset it\n");
+ fprintf(output, "By doing \"echo 0 > /proc/sys/net/core/bpf_jit_enable\"\n");
+ fprintf(output, "\n");
+#endif
fprintf(output, "Example: dumpcap -i eth0 -a duration:60 -w output.pcapng\n");
fprintf(output, "\"Capture packets from interface eth0 until 60s passed into output.pcapng\"\n");
fprintf(output, "\n");
static void
get_capture_device_open_failure_messages(const char *open_err_str,
- const char *iface
-#ifndef _WIN32
- _U_
-#endif
- ,
+ const char *iface,
char *errmsg, size_t errmsg_len,
char *secondary_errmsg,
size_t secondary_errmsg_len)
#endif
g_snprintf(errmsg, (gulong) errmsg_len,
- "The capture session could not be initiated (%s).", open_err_str);
+ "The capture session could not be initiated on interface '%s' (%s).",
+ iface, open_err_str);
#ifdef _WIN32
if (!has_wpcap) {
g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len,
/* Set the data link type on a pcap. */
static gboolean
-set_pcap_linktype(pcap_t *pcap_h, int linktype,
-#ifdef HAVE_PCAP_SET_DATALINK
- char *name _U_,
-#else
- char *name,
-#endif
+set_pcap_linktype(pcap_t *pcap_h, int linktype, char *name,
char *errmsg, size_t errmsg_len,
char *secondary_errmsg, size_t secondary_errmsg_len)
{
set_linktype_err_str =
"That DLT isn't one of the DLTs supported by this device";
#endif
- g_snprintf(errmsg, (gulong) errmsg_len, "Unable to set data link type (%s).",
- set_linktype_err_str);
+ g_snprintf(errmsg, (gulong) errmsg_len, "Unable to set data link type on interface '%s' (%s).",
+ name, set_linktype_err_str);
/*
* If the error isn't "XXX is not one of the DLTs supported by this device",
* tell the user to tell the Wireshark developers about it.
else
printf("\t");
- printf("%u\t", if_info->type);
+ printf("%i\t", if_info->type);
for (addr = g_slist_nth(if_info->addrs, 0); addr != NULL;
addr = g_slist_next(addr)) {
}
break;
default:
- printf("<type unknown %u>", if_addr->ifat_type);
+ printf("<type unknown %i>", if_addr->ifat_type);
}
}
}
}
#ifdef _WIN32
+ /* If we have a dummy signal pipe check it */
+ if (!signal_pipe_check_running()) {
+ global_ld.go = FALSE;
+ }
Sleep(1 * 1000);
#else
sleep(1);
{
if (byte_swapped) {
/* Byte-swap the record header fields. */
- rechdr->ts_sec = BSWAP32(rechdr->ts_sec);
- rechdr->ts_usec = BSWAP32(rechdr->ts_usec);
- rechdr->incl_len = BSWAP32(rechdr->incl_len);
- rechdr->orig_len = BSWAP32(rechdr->orig_len);
+ rechdr->ts_sec = GUINT32_SWAP_LE_BE(rechdr->ts_sec);
+ rechdr->ts_usec = GUINT32_SWAP_LE_BE(rechdr->ts_usec);
+ rechdr->incl_len = GUINT32_SWAP_LE_BE(rechdr->incl_len);
+ rechdr->orig_len = GUINT32_SWAP_LE_BE(rechdr->orig_len);
}
/* In file format version 2.3, the "incl_len" and "orig_len" fields were
if (pcap_opts->cap_pipe_byte_swapped) {
/* Byte-swap the header fields about which we care. */
- hdr->version_major = BSWAP16(hdr->version_major);
- hdr->version_minor = BSWAP16(hdr->version_minor);
- hdr->snaplen = BSWAP32(hdr->snaplen);
- hdr->network = BSWAP32(hdr->network);
+ hdr->version_major = GUINT16_SWAP_LE_BE(hdr->version_major);
+ hdr->version_minor = GUINT16_SWAP_LE_BE(hdr->version_minor);
+ hdr->snaplen = GUINT32_SWAP_LE_BE(hdr->snaplen);
+ hdr->network = GUINT32_SWAP_LE_BE(hdr->network);
}
pcap_opts->linktype = hdr->network;
if (interface_opts.buffer_size > 1 &&
pcap_setbuff(pcap_opts->pcap_h, interface_opts.buffer_size * 1024 * 1024) != 0) {
sync_secondary_msg_str = g_strdup_printf(
- "The capture buffer size of %dMB seems to be too high for your machine,\n"
- "the default of 1MB will be used.\n"
+ "The capture buffer size of %d MiB seems to be too high for your machine,\n"
+ "the default of %d MiB will be used.\n"
"\n"
"Nonetheless, the capture is started.\n",
- interface_opts.buffer_size);
+ interface_opts.buffer_size, DEFAULT_CAPTURE_BUFFER_SIZE);
report_capture_error("Couldn't set the capture buffer size!",
sync_secondary_msg_str);
g_free(sync_secondary_msg_str);
get_os_version_info(os_info_str);
g_snprintf(appname, sizeof(appname), "Dumpcap " VERSION "%s", wireshark_svnversion);
- successful = libpcap_write_session_header_block(libpcap_write_to_file, ld->pdh,
+ successful = pcapng_write_session_header_block(ld->pdh,
(const char *)capture_opts->capture_comment, /* Comment*/
NULL, /* HW*/
os_info_str->str, /* OS*/
} else {
pcap_opts->snaplen = pcap_snapshot(pcap_opts->pcap_h);
}
- successful = libpcap_write_interface_description_block(libpcap_write_to_file, global_ld.pdh,
- NULL, /* OPT_COMMENT 1 */
- interface_opts.name, /* IDB_NAME 2 */
- interface_opts.descr, /* IDB_DESCRIPTION 3 */
- interface_opts.cfilter, /* IDB_FILTER 11 */
- os_info_str->str, /* IDB_OS 12 */
- pcap_opts->linktype,
- pcap_opts->snaplen,
- &(global_ld.bytes_written),
- 0, /* IDB_IF_SPEED 8 */
- pcap_opts->ts_nsec ? 9 : 6, /* IDB_TSRESOL 9 */
- &global_ld.err);
+ successful = pcapng_write_interface_description_block(global_ld.pdh,
+ NULL, /* OPT_COMMENT 1 */
+ interface_opts.name, /* IDB_NAME 2 */
+ interface_opts.descr, /* IDB_DESCRIPTION 3 */
+ interface_opts.cfilter, /* IDB_FILTER 11 */
+ os_info_str->str, /* IDB_OS 12 */
+ pcap_opts->linktype,
+ pcap_opts->snaplen,
+ &(global_ld.bytes_written),
+ 0, /* IDB_IF_SPEED 8 */
+ pcap_opts->ts_nsec ? 9 : 6, /* IDB_TSRESOL 9 */
+ &global_ld.err);
}
g_string_free(os_info_str, TRUE);
} else {
pcap_opts->snaplen = pcap_snapshot(pcap_opts->pcap_h);
}
- successful = libpcap_write_file_header(libpcap_write_to_file, ld->pdh, pcap_opts->linktype, pcap_opts->snaplen,
+ successful = libpcap_write_file_header(ld->pdh, pcap_opts->linktype, pcap_opts->snaplen,
pcap_opts->ts_nsec, &ld->bytes_written, &err);
}
if (!successful) {
isb_ifrecv = G_MAXUINT64;
isb_ifdrop = G_MAXUINT64;
}
- libpcap_write_interface_statistics_block(libpcap_write_to_file, ld->pdh,
- i,
- &ld->bytes_written,
- "Counters provided by dumpcap",
- start_time,
- end_time,
- isb_ifrecv,
- isb_ifdrop,
- err_close);
+ pcapng_write_interface_statistics_block(ld->pdh,
+ i,
+ &ld->bytes_written,
+ "Counters provided by dumpcap",
+ start_time,
+ end_time,
+ isb_ifrecv,
+ isb_ifdrop,
+ err_close);
}
}
}
get_os_version_info(os_info_str);
g_snprintf(appname, sizeof(appname), "Dumpcap " VERSION "%s", wireshark_svnversion);
- successful = libpcap_write_session_header_block(libpcap_write_to_file, global_ld.pdh,
+ successful = pcapng_write_session_header_block(global_ld.pdh,
NULL, /* Comment */
NULL, /* HW */
os_info_str->str, /* OS */
for (i = 0; successful && (i < capture_opts->ifaces->len); i++) {
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
pcap_opts = g_array_index(global_ld.pcaps, pcap_options *, i);
- successful = libpcap_write_interface_description_block(libpcap_write_to_file, global_ld.pdh,
- NULL, /* OPT_COMMENT 1 */
- interface_opts.name, /* IDB_NAME 2 */
- interface_opts.descr, /* IDB_DESCRIPTION 3 */
- interface_opts.cfilter, /* IDB_FILTER 11 */
- os_info_str->str, /* IDB_OS 12 */
- pcap_opts->linktype,
- pcap_opts->snaplen,
- &(global_ld.bytes_written),
- 0, /* IDB_IF_SPEED 8 */
- pcap_opts->ts_nsec ? 9 : 6, /* IDB_TSRESOL 9 */
- &global_ld.err);
+ successful = pcapng_write_interface_description_block(global_ld.pdh,
+ NULL, /* OPT_COMMENT 1 */
+ interface_opts.name, /* IDB_NAME 2 */
+ interface_opts.descr, /* IDB_DESCRIPTION 3 */
+ interface_opts.cfilter, /* IDB_FILTER 11 */
+ os_info_str->str, /* IDB_OS 12 */
+ pcap_opts->linktype,
+ pcap_opts->snaplen,
+ &(global_ld.bytes_written),
+ 0, /* IDB_IF_SPEED 8 */
+ pcap_opts->ts_nsec ? 9 : 6, /* IDB_TSRESOL 9 */
+ &global_ld.err);
}
g_string_free(os_info_str, TRUE);
} else {
pcap_opts = g_array_index(global_ld.pcaps, pcap_options *, 0);
- successful = libpcap_write_file_header(libpcap_write_to_file, global_ld.pdh, pcap_opts->linktype, pcap_opts->snaplen,
+ successful = libpcap_write_file_header(global_ld.pdh, pcap_opts->linktype, pcap_opts->snaplen,
pcap_opts->ts_nsec, &global_ld.bytes_written, &global_ld.err);
}
if (!successful) {
/* initialize capture stop (and alike) conditions */
init_capture_stop_conditions();
/* create stop conditions */
- if (capture_opts->has_autostop_filesize)
+ if (capture_opts->has_autostop_filesize) {
+ if (capture_opts->autostop_filesize > (((guint32)INT_MAX + 1) / 1000)) {
+ capture_opts->autostop_filesize = ((guint32)INT_MAX + 1) / 1000;
+ }
cnd_autostop_size =
- cnd_new(CND_CLASS_CAPTURESIZE,(long)capture_opts->autostop_filesize * 1024);
+ cnd_new(CND_CLASS_CAPTURESIZE, (guint64)capture_opts->autostop_filesize * 1000);
+ }
if (capture_opts->has_autostop_duration)
cnd_autostop_duration =
cnd_new(CND_CLASS_TIMEOUT,(gint32)capture_opts->autostop_duration);
/* check capture size condition */
if (cnd_autostop_size != NULL &&
- cnd_eval(cnd_autostop_size, (guint32)global_ld.bytes_written)) {
+ cnd_eval(cnd_autostop_size, global_ld.bytes_written)) {
/* Capture size limit reached, do we have another file? */
if (!do_file_switch_or_stop(capture_opts, cnd_autostop_files,
cnd_autostop_size, cnd_file_duration))
if ((cur_time - upd_time) > DUMPCAP_UPD_TIME) { /* wrap just causes an extra update */
#else
gettimeofday(&cur_time, NULL);
- if ((cur_time.tv_sec * 1000000 + cur_time.tv_usec) >
- (upd_time.tv_sec * 1000000 + upd_time.tv_usec + DUMPCAP_UPD_TIME*1000)) {
+ if (((guint64)cur_time.tv_sec * 1000000 + cur_time.tv_usec) >
+ ((guint64)upd_time.tv_sec * 1000000 + upd_time.tv_usec + DUMPCAP_UPD_TIME*1000)) {
#endif
upd_time = cur_time;
if (pcap_opts->pcap_h != NULL) {
g_assert(!pcap_opts->from_cap_pipe);
/* Get the capture statistics, so we know how many packets were dropped. */
+ /*
+ * Older versions of libpcap didn't set ps_ifdrop on some
+ * platforms; initialize it to 0 to handle that.
+ */
+ stats->ps_ifdrop = 0;
if (pcap_stats(pcap_opts->pcap_h, stats) >= 0) {
*stats_known = TRUE;
/* Let the parent process know. */
report_capture_error(errmsg, please_report);
}
}
- report_packet_drops(received, pcap_dropped, pcap_opts->dropped, pcap_opts->flushed, interface_opts.console_display_name);
+ report_packet_drops(received, pcap_dropped, pcap_opts->dropped, pcap_opts->flushed, stats->ps_ifdrop, interface_opts.console_display_name);
}
/* close the input file (pcap or capture pipe) */
If this fails, set "ld->go" to FALSE, to stop the capture, and set
"ld->err" to the error. */
if (global_capture_opts.use_pcapng) {
- successful = libpcap_write_enhanced_packet_block(libpcap_write_to_file, global_ld.pdh,
- NULL,
- phdr->ts.tv_sec, (gint32)phdr->ts.tv_usec,
- phdr->caplen, phdr->len,
- pcap_opts->interface_id,
- ts_mul,
- pd, 0,
- &global_ld.bytes_written, &err);
+ successful = pcapng_write_enhanced_packet_block(global_ld.pdh,
+ NULL,
+ phdr->ts.tv_sec, (gint32)phdr->ts.tv_usec,
+ phdr->caplen, phdr->len,
+ pcap_opts->interface_id,
+ ts_mul,
+ pd, 0,
+ &global_ld.bytes_written, &err);
} else {
- successful = libpcap_write_packet(libpcap_write_to_file, global_ld.pdh,
+ successful = libpcap_write_packet(global_ld.pdh,
phdr->ts.tv_sec, (gint32)phdr->ts.tv_usec,
phdr->caplen, phdr->len,
pd,
*/
interface_opts = g_array_index(capture_opts->ifaces, interface_options, i);
cmdarg_err(
- "Invalid capture filter \"%s\" for interface %s!\n"
+ "Invalid capture filter \"%s\" for interface '%s'!\n"
"\n"
"That string isn't a valid capture filter (%s).\n"
"See the User's Guide for a description of the capture filter syntax.",
}
static void
-report_packet_drops(guint32 received, guint32 pcap_drops, guint32 drops, guint32 flushed, gchar *name)
+report_packet_drops(guint32 received, guint32 pcap_drops, guint32 drops, guint32 flushed, guint32 ps_ifdrop, gchar *name)
{
char tmp[SP_DECISIZE+1+1];
guint32 total_drops = pcap_drops + drops + flushed;
if (capture_child) {
g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG,
- "Packets received/dropped on interface %s: %u/%u (pcap:%u/dumpcap:%u/flushed:%u)",
- name, received, total_drops, pcap_drops, drops, flushed);
+ "Packets received/dropped on interface '%s': %u/%u (pcap:%u/dumpcap:%u/flushed:%u/ps_ifdrop:%u)",
+ name, received, total_drops, pcap_drops, drops, flushed, ps_ifdrop);
/* XXX: Need to provide interface id, changes to consumers required. */
pipe_write_block(2, SP_DROPS, tmp);
} else {
fprintf(stderr,
- "Packets received/dropped on interface '%s': %u/%u (pcap:%u/dumpcap:%u/flushed:%u) (%.1f%%)\n",
- name, received, total_drops, pcap_drops, drops, flushed,
+ "Packets received/dropped on interface '%s': %u/%u (pcap:%u/dumpcap:%u/flushed:%u/ps_ifdrop:%u) (%.1f%%)\n",
+ name, received, total_drops, pcap_drops, drops, flushed, ps_ifdrop,
received ? 100.0 * received / (received + total_drops) : 0.0);
/* stderr could be line buffered */
fflush(stderr);
git.samba.org / metze / wireshark / wip.git / blobdiff