]> The Tcpdump Group git mirrors - libpcap/blob - testprogs/filtertest.c
projects / libpcap / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
filtertest: Add "-l" flag to use Linux BPF extensions.
[libpcap] / testprogs / filtertest.c
1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #include "varattrs.h"
23
24 #ifndef lint
25 static const char copyright[] _U_ =
26 "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
27 The Regents of the University of California. All rights reserved.\n";
28 #endif
29
30 #include <config.h>
31
32 #include <pcap.h>
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <stdarg.h>
37 #include <limits.h>
38 #ifdef _WIN32
39 #include "getopt.h"
40 #include "unix.h"
41 #else
42 #include <unistd.h>
43 #endif
44 #include <fcntl.h>
45 #include <errno.h>
46 #ifdef _WIN32
47 #include <winsock2.h>
48 #include <ws2tcpip.h>
49 #else
50 #include <sys/socket.h>
51 #include <arpa/inet.h>
52 #endif
53 #include <sys/types.h>
54 #include <sys/stat.h>
55
56 #include "pcap/funcattrs.h"
57
58 #define MAXIMUM_SNAPLEN 262144
59
60 #ifdef BDEBUG
61 /*
62 * We have pcap_set_optimizer_debug() and pcap_set_print_dot_graph() in
63 * libpcap; declare them (they're not declared by any libpcap header,
64 * because they're special hacks, only available if libpcap was configured
65 * to include them, and only intended for use by libpcap developers trying
66 * to debug the optimizer for filter expressions).
67 */
68 PCAP_API void pcap_set_optimizer_debug(int);
69 PCAP_API void pcap_set_print_dot_graph(int);
70 #endif
71
72 #ifdef __linux__
73 #include <linux/filter.h>
74 #if defined(SO_BPF_EXTENSIONS) && defined(SKF_AD_VLAN_TAG_PRESENT)
75 /*
76 * pcap-int.h is a private header and should not be included by programs that
77 * use libpcap. This test program uses a special hack because it is the
78 * simplest way to test internal code paths that otherwise would require
79 * elevated privileges. Do not do this in normal code.
80 */
81 #include <pcap-int.h>
82 #define LINUX_BPF_EXT
83 #endif // defined(SO_BPF_EXTENSIONS) && defined(SKF_AD_VLAN_TAG_PRESENT)
84 #endif // __linux__
85
86 static char *program_name;
87
88 /* Forwards */
89 static void PCAP_NORETURN usage(void);
90 static void PCAP_NORETURN error(const char *, ...) PCAP_PRINTFLIKE(1, 2);
91 static void warn(const char *, ...) PCAP_PRINTFLIKE(1, 2);
92
93 /*
94 * On Windows, we need to open the file in binary mode, so that
95 * we get all the bytes specified by the size we get from "fstat()".
96 * On UNIX, that's not necessary. O_BINARY is defined on Windows;
97 * we define it as 0 if it's not defined, so it does nothing.
98 */
99 #ifndef O_BINARY
100 #define O_BINARY 0
101 #endif
102
103 static char *
104 read_infile(char *fname)
105 {
106 register int i, fd, cc;
107 register char *cp;
108 struct stat buf;
109
110 fd = open(fname, O_RDONLY|O_BINARY);
111 if (fd < 0)
112 error("can't open %s: %s", fname, pcap_strerror(errno));
113
114 if (fstat(fd, &buf) < 0)
115 error("can't stat %s: %s", fname, pcap_strerror(errno));
116
117 /*
118 * _read(), on Windows, has an unsigned int byte count and an
119 * int return value, so we can't handle a file bigger than
120 * INT_MAX - 1 bytes (and have no reason to do so; a filter *that*
121 * big will take forever to compile). (The -1 is for the '\0' at
122 * the end of the string.)
123 */
124 if (buf.st_size > INT_MAX - 1)
125 error("%s is larger than %d bytes; that's too large", fname,
126 INT_MAX - 1);
127 cp = malloc((u_int)buf.st_size + 1);
128 if (cp == NULL)
129 error("malloc(%d) for %s: %s", (u_int)buf.st_size + 1,
130 fname, pcap_strerror(errno));
131 cc = (int)read(fd, cp, (u_int)buf.st_size);
132 if (cc < 0)
133 error("read %s: %s", fname, pcap_strerror(errno));
134 if (cc != buf.st_size)
135 error("short read %s (%d != %d)", fname, cc, (int)buf.st_size);
136
137 close(fd);
138 /* replace "# comment" with spaces */
139 for (i = 0; i < cc; i++) {
140 if (cp[i] == '#')
141 while (i < cc && cp[i] != '\n')
142 cp[i++] = ' ';
143 }
144 cp[cc] = '\0';
145 return (cp);
146 }
147
148 /* VARARGS */
149 static void
150 error(const char *fmt, ...)
151 {
152 va_list ap;
153
154 (void)fprintf(stderr, "%s: ", program_name);
155 va_start(ap, fmt);
156 (void)vfprintf(stderr, fmt, ap);
157 va_end(ap);
158 if (*fmt) {
159 fmt += strlen(fmt);
160 if (fmt[-1] != '\n')
161 (void)fputc('\n', stderr);
162 }
163 exit(1);
164 /* NOTREACHED */
165 }
166
167 /* VARARGS */
168 static void
169 warn(const char *fmt, ...)
170 {
171 va_list ap;
172
173 (void)fprintf(stderr, "%s: WARNING: ", program_name);
174 va_start(ap, fmt);
175 (void)vfprintf(stderr, fmt, ap);
176 va_end(ap);
177 if (*fmt) {
178 fmt += strlen(fmt);
179 if (fmt[-1] != '\n')
180 (void)fputc('\n', stderr);
181 }
182 }
183
184 /*
185 * Copy arg vector into a new buffer, concatenating arguments with spaces.
186 */
187 static char *
188 copy_argv(register char **argv)
189 {
190 register char **p;
191 register size_t len = 0;
192 char *buf;
193 char *src, *dst;
194
195 p = argv;
196 if (*p == 0)
197 return 0;
198
199 while (*p)
200 len += strlen(*p++) + 1;
201
202 buf = (char *)malloc(len);
203 if (buf == NULL)
204 error("copy_argv: malloc");
205
206 p = argv;
207 dst = buf;
208 while ((src = *p++) != NULL) {
209 while ((*dst++ = *src++) != '\0')
210 ;
211 dst[-1] = ' ';
212 }
213 dst[-1] = '\0';
214
215 return buf;
216 }
217
218 int
219 main(int argc, char **argv)
220 {
221 char *cp;
222 int op;
223 int dflag;
224 #ifdef BDEBUG
225 int gflag;
226 #endif
227 char *infile;
228 int Oflag;
229 #ifdef LINUX_BPF_EXT
230 int lflag = 0;
231 #endif
232 int snaplen;
233 char *p;
234 int dlt;
235 bpf_u_int32 netmask = PCAP_NETMASK_UNKNOWN;
236 char *cmdbuf;
237 pcap_t *pd;
238 struct bpf_program fcode;
239
240 #ifdef _WIN32
241 WSADATA wsaData;
242 if (0 != WSAStartup(MAKEWORD(2, 2), &wsaData))
243 return 1;
244 #endif /* _WIN32 */
245
246 dflag = 1;
247 #ifdef BDEBUG
248 gflag = 0;
249 #endif
250
251 infile = NULL;
252 Oflag = 1;
253 snaplen = MAXIMUM_SNAPLEN;
254
255 if ((cp = strrchr(argv[0], '/')) != NULL)
256 program_name = cp + 1;
257 else
258 program_name = argv[0];
259
260 opterr = 0;
261 while ((op = getopt(argc, argv, "dF:gm:Os:l")) != -1) {
262 switch (op) {
263
264 case 'd':
265 ++dflag;
266 break;
267
268 case 'g':
269 #ifdef BDEBUG
270 ++gflag;
271 break;
272 #else
273 error("libpcap and filtertest not built with optimizer debugging enabled");
274 #endif
275
276 case 'F':
277 infile = optarg;
278 break;
279
280 case 'O':
281 Oflag = 0;
282 break;
283
284 case 'm': {
285 bpf_u_int32 addr;
286
287 switch (inet_pton(AF_INET, optarg, &addr)) {
288
289 case 0:
290 error("invalid netmask %s", optarg);
291
292 case -1:
293 error("invalid netmask %s: %s", optarg,
294 pcap_strerror(errno));
295
296 case 1:
297 netmask = addr;
298 break;
299 }
300 break;
301 }
302
303 case 's': {
304 char *end;
305 long long_snaplen;
306
307 long_snaplen = strtol(optarg, &end, 0);
308 if (optarg == end || *end != '\0'
309 || long_snaplen < 0
310 || long_snaplen > MAXIMUM_SNAPLEN)
311 error("invalid snaplen %s", optarg);
312 else {
313 if (snaplen == 0)
314 snaplen = MAXIMUM_SNAPLEN;
315 else
316 snaplen = (int)long_snaplen;
317 }
318 break;
319 }
320
321 case 'l':
322 #ifdef LINUX_BPF_EXT
323 // Enable Linux BPF extensions.
324 lflag = 1;
325 break;
326 #else
327 error("libpcap and filtertest built without Linux BPF extensions");
328 #endif
329
330 default:
331 usage();
332 /* NOTREACHED */
333 }
334 }
335
336 if (optind >= argc) {
337 usage();
338 /* NOTREACHED */
339 }
340
341 dlt = pcap_datalink_name_to_val(argv[optind]);
342 if (dlt < 0) {
343 dlt = (int)strtol(argv[optind], &p, 10);
344 if (p == argv[optind] || *p != '\0')
345 error("invalid data link type %s", argv[optind]);
346 }
347
348 if (infile)
349 cmdbuf = read_infile(infile);
350 else
351 cmdbuf = copy_argv(&argv[optind+1]);
352
353 #ifdef BDEBUG
354 pcap_set_optimizer_debug(dflag);
355 pcap_set_print_dot_graph(gflag);
356 #endif
357
358 pd = pcap_open_dead(dlt, snaplen);
359 if (pd == NULL)
360 error("Can't open fake pcap_t");
361
362 #ifdef LINUX_BPF_EXT
363 if (lflag) {
364 pd->bpf_codegen_flags |= BPF_SPECIAL_VLAN_HANDLING;
365 }
366 #endif
367
368 if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0)
369 error("%s", pcap_geterr(pd));
370
371 if (!bpf_validate(fcode.bf_insns, fcode.bf_len))
372 warn("Filter doesn't pass validation");
373
374 #ifdef BDEBUG
375 if (cmdbuf != NULL) {
376 // replace line feed with space
377 for (cp = cmdbuf; *cp != '\0'; ++cp) {
378 if (*cp == '\r' || *cp == '\n') {
379 *cp = ' ';
380 }
381 }
382 // only show machine code if BDEBUG defined, since dflag > 3
383 printf("machine codes for filter: %s\n", cmdbuf);
384 } else
385 printf("machine codes for empty filter:\n");
386 #endif
387
388 bpf_dump(&fcode, dflag);
389 free(cmdbuf);
390 pcap_freecode (&fcode);
391 pcap_close(pd);
392 #ifdef _WIN32
393 WSACleanup();
394 #endif
395 exit(0);
396 }
397
398 static void
399 usage(void)
400 {
401 (void)fprintf(stderr, "%s, with %s\n", program_name,
402 pcap_lib_version());
403 (void)fprintf(stderr,
404 "Usage: %s [-d"
405 #ifdef BDEBUG
406 "g"
407 #endif
408 "O"
409 #ifdef LINUX_BPF_EXT
410 "l"
411 #endif
412 "] [ -F file ] [ -m netmask] [ -s snaplen ] dlt [ expression ]\n",
413 program_name);
414 exit(1);
415 }
[mirror] the LIBpcap interface to various kernel packet capture mechanism