]> The Tcpdump Group git mirrors - libpcap/blob - pcap.c
projects / libpcap / blob


7c94f8bb321faf8454c13dcbf4174b1438df6527
[libpcap] / pcap.c
1 /*
2 * Copyright (c) 1993, 1994, 1995, 1996, 1997, 1998
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the Computer Systems
16 * Engineering Group at Lawrence Berkeley Laboratory.
17 * 4. Neither the name of the University nor of the Laboratory may be used
18 * to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #ifndef lint
35 static const char rcsid[] _U_ =
36 "@(#) $Header: /tcpdump/master/libpcap/pcap.c,v 1.128 2008-12-23 20:13:29 guy Exp $ (LBL)";
37 #endif
38
39 #ifdef HAVE_CONFIG_H
40 #include "config.h"
41 #endif
42
43 #ifdef WIN32
44 #include <pcap-stdinc.h>
45 #else /* WIN32 */
46 #if HAVE_INTTYPES_H
47 #include <inttypes.h>
48 #elif HAVE_STDINT_H
49 #include <stdint.h>
50 #endif
51 #ifdef HAVE_SYS_BITYPES_H
52 #include <sys/bitypes.h>
53 #endif
54 #include <sys/types.h>
55 #endif /* WIN32 */
56
57 #include <stdio.h>
58 #include <stdlib.h>
59 #include <string.h>
60 #if !defined(_MSC_VER) && !defined(__BORLANDC__)
61 #include <unistd.h>
62 #endif
63 #include <fcntl.h>
64 #include <errno.h>
65
66 #ifdef HAVE_OS_PROTO_H
67 #include "os-proto.h"
68 #endif
69
70 #ifdef MSDOS
71 #include "pcap-dos.h"
72 #endif
73
74 #include "pcap-int.h"
75
76 #ifdef HAVE_DAG_API
77 #include <dagnew.h>
78 #include <dagapi.h>
79 #endif
80
81 int
82 pcap_not_initialized(pcap_t *pcap)
83 {
84 /* this means 'not initialized' */
85 return PCAP_ERROR_NOT_ACTIVATED;
86 }
87
88 /*
89 * Returns 1 if rfmon mode can be set on the pcap_t, 0 if it can't,
90 * a PCAP_ERROR value on an error.
91 */
92 int
93 pcap_can_set_rfmon(pcap_t *p)
94 {
95 return (p->can_set_rfmon_op(p));
96 }
97
98 /*
99 * For systems where rfmon mode is never supported.
100 */
101 static int
102 pcap_cant_set_rfmon(pcap_t *p _U_)
103 {
104 return (0);
105 }
106
107 /*
108 * Default one-shot callback; overridden for capture types where the
109 * packet data cannot be guaranteed to be available after the callback
110 * returns, so that a copy must be made.
111 */
112 static void
113 pcap_oneshot(u_char *user, const struct pcap_pkthdr *h, const u_char *pkt)
114 {
115 struct oneshot_userdata *sp = (struct oneshot_userdata *)user;
116
117 *sp->hdr = *h;
118 *sp->pkt = pkt;
119 }
120
121 const u_char *
122 pcap_next(pcap_t *p, struct pcap_pkthdr *h)
123 {
124 struct oneshot_userdata s;
125 const u_char *pkt;
126
127 s.hdr = h;
128 s.pkt = &pkt;
129 s.pd = p;
130 if (pcap_dispatch(p, 1, p->oneshot_callback, (u_char *)&s) <= 0)
131 return (0);
132 return (pkt);
133 }
134
135 int
136 pcap_next_ex(pcap_t *p, struct pcap_pkthdr **pkt_header,
137 const u_char **pkt_data)
138 {
139 struct oneshot_userdata s;
140
141 s.hdr = &p->pcap_header;
142 s.pkt = pkt_data;
143 s.pd = p;
144
145 /* Saves a pointer to the packet headers */
146 *pkt_header= &p->pcap_header;
147
148 if (p->sf.rfile != NULL) {
149 int status;
150
151 /* We are on an offline capture */
152 status = pcap_offline_read(p, 1, pcap_oneshot, (u_char *)&s);
153
154 /*
155 * Return codes for pcap_offline_read() are:
156 * - 0: EOF
157 * - -1: error
158 * - >1: OK
159 * The first one ('0') conflicts with the return code of
160 * 0 from pcap_read() meaning "no packets arrived before
161 * the timeout expired", so we map it to -2 so you can
162 * distinguish between an EOF from a savefile and a
163 * "no packets arrived before the timeout expired, try
164 * again" from a live capture.
165 */
166 if (status == 0)
167 return (-2);
168 else
169 return (status);
170 }
171
172 /*
173 * Return codes for pcap_read() are:
174 * - 0: timeout
175 * - -1: error
176 * - -2: loop was broken out of with pcap_breakloop()
177 * - >1: OK
178 * The first one ('0') conflicts with the return code of 0 from
179 * pcap_offline_read() meaning "end of file".
180 */
181 return (p->read_op(p, 1, pcap_oneshot, (u_char *)&s));
182 }
183
184 static void
185 initialize_ops(pcap_t *p)
186 {
187 /*
188 * Set operation pointers for operations that only work on
189 * an activated pcap_t to point to a routine that returns
190 * a "this isn't activated" error.
191 */
192 p->read_op = (read_op_t)pcap_not_initialized;
193 p->inject_op = (inject_op_t)pcap_not_initialized;
194 p->setfilter_op = (setfilter_op_t)pcap_not_initialized;
195 p->setdirection_op = (setdirection_op_t)pcap_not_initialized;
196 p->set_datalink_op = (set_datalink_op_t)pcap_not_initialized;
197 p->getnonblock_op = (getnonblock_op_t)pcap_not_initialized;
198 p->setnonblock_op = (setnonblock_op_t)pcap_not_initialized;
199 p->stats_op = (stats_op_t)pcap_not_initialized;
200 #ifdef WIN32
201 p->setbuff_op = (setbuff_op_t)pcap_not_initialized;
202 p->setmode_op = (setmode_op_t)pcap_not_initialized;
203 p->setmintocopy_op = (setmintocopy_op_t)pcap_not_initialized;
204 #endif
205
206 /*
207 * Default cleanup operation - implementations can override
208 * this, but should call pcap_cleanup_live_common() after
209 * doing their own additional cleanup.
210 */
211 p->cleanup_op = pcap_cleanup_live_common;
212
213 /*
214 * In most cases, the standard one-short callback can
215 * be used for pcap_next()/pcap_next_ex().
216 */
217 p->oneshot_callback = pcap_oneshot;
218 }
219
220 pcap_t *
221 pcap_create_common(const char *source, char *ebuf)
222 {
223 pcap_t *p;
224
225 p = malloc(sizeof(*p));
226 if (p == NULL) {
227 snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s",
228 pcap_strerror(errno));
229 return (NULL);
230 }
231 memset(p, 0, sizeof(*p));
232 #ifndef WIN32
233 p->fd = -1; /* not opened yet */
234 p->selectable_fd = -1;
235 p->send_fd = -1;
236 #endif
237
238 p->opt.source = strdup(source);
239 if (p->opt.source == NULL) {
240 snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s",
241 pcap_strerror(errno));
242 free(p);
243 return (NULL);
244 }
245
246 /*
247 * Default to "can't set rfmon mode"; if it's supported by
248 * a platform, the create routine that called us can set
249 * the op to its routine to check whether a particular
250 * device supports it.
251 */
252 p->can_set_rfmon_op = pcap_cant_set_rfmon;
253
254 initialize_ops(p);
255
256 /* put in some defaults*/
257 pcap_set_timeout(p, 0);
258 pcap_set_snaplen(p, 65535); /* max packet size */
259 p->opt.promisc = 0;
260 p->opt.buffer_size = 0;
261 return (p);
262 }
263
264 int
265 pcap_check_activated(pcap_t *p)
266 {
267 if (p->activated) {
268 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "can't perform "
269 " operation on activated capture");
270 return -1;
271 }
272 return 0;
273 }
274
275 int
276 pcap_set_snaplen(pcap_t *p, int snaplen)
277 {
278 if (pcap_check_activated(p))
279 return PCAP_ERROR_ACTIVATED;
280 p->snapshot = snaplen;
281 return 0;
282 }
283
284 int
285 pcap_set_promisc(pcap_t *p, int promisc)
286 {
287 if (pcap_check_activated(p))
288 return PCAP_ERROR_ACTIVATED;
289 p->opt.promisc = promisc;
290 return 0;
291 }
292
293 int
294 pcap_set_rfmon(pcap_t *p, int rfmon)
295 {
296 if (pcap_check_activated(p))
297 return PCAP_ERROR_ACTIVATED;
298 p->opt.rfmon = rfmon;
299 return 0;
300 }
301
302 int
303 pcap_set_timeout(pcap_t *p, int timeout_ms)
304 {
305 if (pcap_check_activated(p))
306 return PCAP_ERROR_ACTIVATED;
307 p->md.timeout = timeout_ms;
308 return 0;
309 }
310
311 int
312 pcap_set_buffer_size(pcap_t *p, int buffer_size)
313 {
314 if (pcap_check_activated(p))
315 return PCAP_ERROR_ACTIVATED;
316 p->opt.buffer_size = buffer_size;
317 return 0;
318 }
319
320 int
321 pcap_activate(pcap_t *p)
322 {
323 int status;
324
325 status = p->activate_op(p);
326 if (status >= 0)
327 p->activated = 1;
328 else {
329 if (p->errbuf[0] == '\0') {
330 /*
331 * No error message supplied by the activate routine;
332 * for the benefit of programs that don't specially
333 * handle errors other than PCAP_ERROR, return the
334 * error message corresponding to the status.
335 */
336 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "%s",
337 pcap_statustostr(status));
338 }
339
340 /*
341 * Undo any operation pointer setting, etc. done by
342 * the activate operation.
343 */
344 initialize_ops(p);
345 }
346 return (status);
347 }
348
349 pcap_t *
350 pcap_open_live(const char *source, int snaplen, int promisc, int to_ms, char *errbuf)
351 {
352 pcap_t *p;
353 int status;
354
355 p = pcap_create(source, errbuf);
356 if (p == NULL)
357 return (NULL);
358 status = pcap_set_snaplen(p, snaplen);
359 if (status < 0)
360 goto fail;
361 status = pcap_set_promisc(p, promisc);
362 if (status < 0)
363 goto fail;
364 status = pcap_set_timeout(p, to_ms);
365 if (status < 0)
366 goto fail;
367 /*
368 * Mark this as opened with pcap_open_live(), so that, for
369 * example, we show the full list of DLT_ values, rather
370 * than just the ones that are compatible with capturing
371 * when not in monitor mode. That allows existing applications
372 * to work the way they used to work, but allows new applications
373 * that know about the new open API to, for example, find out the
374 * DLT_ values that they can select without changing whether
375 * the adapter is in monitor mode or not.
376 */
377 p->oldstyle = 1;
378 status = pcap_activate(p);
379 if (status < 0)
380 goto fail;
381 return (p);
382 fail:
383 if (status == PCAP_ERROR)
384 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", source,
385 p->errbuf);
386 else if (status == PCAP_ERROR_NO_SUCH_DEVICE ||
387 status == PCAP_ERROR_PERM_DENIED)
388 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s (%s)", source,
389 pcap_statustostr(status), p->errbuf);
390 else
391 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", source,
392 pcap_statustostr(status));
393 pcap_close(p);
394 return (NULL);
395 }
396
397 int
398 pcap_dispatch(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
399 {
400 return p->read_op(p, cnt, callback, user);
401 }
402
403 /*
404 * XXX - is this necessary?
405 */
406 int
407 pcap_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
408 {
409
410 return p->read_op(p, cnt, callback, user);
411 }
412
413 int
414 pcap_loop(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
415 {
416 register int n;
417
418 for (;;) {
419 if (p->sf.rfile != NULL) {
420 /*
421 * 0 means EOF, so don't loop if we get 0.
422 */
423 n = pcap_offline_read(p, cnt, callback, user);
424 } else {
425 /*
426 * XXX keep reading until we get something
427 * (or an error occurs)
428 */
429 do {
430 n = p->read_op(p, cnt, callback, user);
431 } while (n == 0);
432 }
433 if (n <= 0)
434 return (n);
435 if (cnt > 0) {
436 cnt -= n;
437 if (cnt <= 0)
438 return (0);
439 }
440 }
441 }
442
443 /*
444 * Force the loop in "pcap_read()" or "pcap_read_offline()" to terminate.
445 */
446 void
447 pcap_breakloop(pcap_t *p)
448 {
449 p->break_loop = 1;
450 }
451
452 int
453 pcap_datalink(pcap_t *p)
454 {
455 return (p->linktype);
456 }
457
458 int
459 pcap_datalink_ext(pcap_t *p)
460 {
461 return (p->linktype_ext);
462 }
463
464 int
465 pcap_list_datalinks(pcap_t *p, int **dlt_buffer)
466 {
467 if (p->dlt_count == 0) {
468 /*
469 * We couldn't fetch the list of DLTs, which means
470 * this platform doesn't support changing the
471 * DLT for an interface. Return a list of DLTs
472 * containing only the DLT this device supports.
473 */
474 *dlt_buffer = (int*)malloc(sizeof(**dlt_buffer));
475 if (*dlt_buffer == NULL) {
476 (void)snprintf(p->errbuf, sizeof(p->errbuf),
477 "malloc: %s", pcap_strerror(errno));
478 return (-1);
479 }
480 **dlt_buffer = p->linktype;
481 return (1);
482 } else {
483 *dlt_buffer = (int*)calloc(sizeof(**dlt_buffer), p->dlt_count);
484 if (*dlt_buffer == NULL) {
485 (void)snprintf(p->errbuf, sizeof(p->errbuf),
486 "malloc: %s", pcap_strerror(errno));
487 return (-1);
488 }
489 (void)memcpy(*dlt_buffer, p->dlt_list,
490 sizeof(**dlt_buffer) * p->dlt_count);
491 return (p->dlt_count);
492 }
493 }
494
495 /*
496 * In Windows, you might have a library built with one version of the
497 * C runtime library and an application built with another version of
498 * the C runtime library, which means that the library might use one
499 * version of malloc() and free() and the application might use another
500 * version of malloc() and free(). If so, that means something
501 * allocated by the library cannot be freed by the application, so we
502 * need to have a pcap_free_datalinks() routine to free up the list
503 * allocated by pcap_list_datalinks(), even though it's just a wrapper
504 * around free().
505 */
506 void
507 pcap_free_datalinks(int *dlt_list)
508 {
509 free(dlt_list);
510 }
511
512 int
513 pcap_set_datalink(pcap_t *p, int dlt)
514 {
515 int i;
516 const char *dlt_name;
517
518 if (p->dlt_count == 0 || p->set_datalink_op == NULL) {
519 /*
520 * We couldn't fetch the list of DLTs, or we don't
521 * have a "set datalink" operation, which means
522 * this platform doesn't support changing the
523 * DLT for an interface. Check whether the new
524 * DLT is the one this interface supports.
525 */
526 if (p->linktype != dlt)
527 goto unsupported;
528
529 /*
530 * It is, so there's nothing we need to do here.
531 */
532 return (0);
533 }
534 for (i = 0; i < p->dlt_count; i++)
535 if (p->dlt_list[i] == dlt)
536 break;
537 if (i >= p->dlt_count)
538 goto unsupported;
539 if (p->dlt_count == 2 && p->dlt_list[0] == DLT_EN10MB &&
540 dlt == DLT_DOCSIS) {
541 /*
542 * This is presumably an Ethernet device, as the first
543 * link-layer type it offers is DLT_EN10MB, and the only
544 * other type it offers is DLT_DOCSIS. That means that
545 * we can't tell the driver to supply DOCSIS link-layer
546 * headers - we're just pretending that's what we're
547 * getting, as, presumably, we're capturing on a dedicated
548 * link to a Cisco Cable Modem Termination System, and
549 * it's putting raw DOCSIS frames on the wire inside low-level
550 * Ethernet framing.
551 */
552 p->linktype = dlt;
553 return (0);
554 }
555 if (p->set_datalink_op(p, dlt) == -1)
556 return (-1);
557 p->linktype = dlt;
558 return (0);
559
560 unsupported:
561 dlt_name = pcap_datalink_val_to_name(dlt);
562 if (dlt_name != NULL) {
563 (void) snprintf(p->errbuf, sizeof(p->errbuf),
564 "%s is not one of the DLTs supported by this device",
565 dlt_name);
566 } else {
567 (void) snprintf(p->errbuf, sizeof(p->errbuf),
568 "DLT %d is not one of the DLTs supported by this device",
569 dlt);
570 }
571 return (-1);
572 }
573
574 struct dlt_choice {
575 const char *name;
576 const char *description;
577 int dlt;
578 };
579
580 #define DLT_CHOICE(code, description) { #code, description, code }
581 #define DLT_CHOICE_SENTINEL { NULL, NULL, 0 }
582
583 static struct dlt_choice dlt_choices[] = {
584 DLT_CHOICE(DLT_NULL, "BSD loopback"),
585 DLT_CHOICE(DLT_EN10MB, "Ethernet"),
586 DLT_CHOICE(DLT_IEEE802, "Token ring"),
587 DLT_CHOICE(DLT_ARCNET, "BSD ARCNET"),
588 DLT_CHOICE(DLT_SLIP, "SLIP"),
589 DLT_CHOICE(DLT_PPP, "PPP"),
590 DLT_CHOICE(DLT_FDDI, "FDDI"),
591 DLT_CHOICE(DLT_ATM_RFC1483, "RFC 1483 LLC-encapsulated ATM"),
592 DLT_CHOICE(DLT_RAW, "Raw IP"),
593 DLT_CHOICE(DLT_SLIP_BSDOS, "BSD/OS SLIP"),
594 DLT_CHOICE(DLT_PPP_BSDOS, "BSD/OS PPP"),
595 DLT_CHOICE(DLT_ATM_CLIP, "Linux Classical IP-over-ATM"),
596 DLT_CHOICE(DLT_PPP_SERIAL, "PPP over serial"),
597 DLT_CHOICE(DLT_PPP_ETHER, "PPPoE"),
598 DLT_CHOICE(DLT_SYMANTEC_FIREWALL, "Symantec Firewall"),
599 DLT_CHOICE(DLT_C_HDLC, "Cisco HDLC"),
600 DLT_CHOICE(DLT_IEEE802_11, "802.11"),
601 DLT_CHOICE(DLT_FRELAY, "Frame Relay"),
602 DLT_CHOICE(DLT_LOOP, "OpenBSD loopback"),
603 DLT_CHOICE(DLT_ENC, "OpenBSD encapsulated IP"),
604 DLT_CHOICE(DLT_LINUX_SLL, "Linux cooked"),
605 DLT_CHOICE(DLT_LTALK, "Localtalk"),
606 DLT_CHOICE(DLT_PFLOG, "OpenBSD pflog file"),
607 DLT_CHOICE(DLT_PRISM_HEADER, "802.11 plus Prism header"),
608 DLT_CHOICE(DLT_IP_OVER_FC, "RFC 2625 IP-over-Fibre Channel"),
609 DLT_CHOICE(DLT_SUNATM, "Sun raw ATM"),
610 DLT_CHOICE(DLT_IEEE802_11_RADIO, "802.11 plus radiotap header"),
611 DLT_CHOICE(DLT_ARCNET_LINUX, "Linux ARCNET"),
612 DLT_CHOICE(DLT_JUNIPER_MLPPP, "Juniper Multi-Link PPP"),
613 DLT_CHOICE(DLT_JUNIPER_MLFR, "Juniper Multi-Link Frame Relay"),
614 DLT_CHOICE(DLT_JUNIPER_ES, "Juniper Encryption Services PIC"),
615 DLT_CHOICE(DLT_JUNIPER_GGSN, "Juniper GGSN PIC"),
616 DLT_CHOICE(DLT_JUNIPER_MFR, "Juniper FRF.16 Frame Relay"),
617 DLT_CHOICE(DLT_JUNIPER_ATM2, "Juniper ATM2 PIC"),
618 DLT_CHOICE(DLT_JUNIPER_SERVICES, "Juniper Advanced Services PIC"),
619 DLT_CHOICE(DLT_JUNIPER_ATM1, "Juniper ATM1 PIC"),
620 DLT_CHOICE(DLT_APPLE_IP_OVER_IEEE1394, "Apple IP-over-IEEE 1394"),
621 DLT_CHOICE(DLT_MTP2_WITH_PHDR, "SS7 MTP2 with Pseudo-header"),
622 DLT_CHOICE(DLT_MTP2, "SS7 MTP2"),
623 DLT_CHOICE(DLT_MTP3, "SS7 MTP3"),
624 DLT_CHOICE(DLT_SCCP, "SS7 SCCP"),
625 DLT_CHOICE(DLT_DOCSIS, "DOCSIS"),
626 DLT_CHOICE(DLT_LINUX_IRDA, "Linux IrDA"),
627 DLT_CHOICE(DLT_IEEE802_11_RADIO_AVS, "802.11 plus AVS radio information header"),
628 DLT_CHOICE(DLT_JUNIPER_MONITOR, "Juniper Passive Monitor PIC"),
629 DLT_CHOICE(DLT_PPP_PPPD, "PPP for pppd, with direction flag"),
630 DLT_CHOICE(DLT_JUNIPER_PPPOE, "Juniper PPPoE"),
631 DLT_CHOICE(DLT_JUNIPER_PPPOE_ATM, "Juniper PPPoE/ATM"),
632 DLT_CHOICE(DLT_GPRS_LLC, "GPRS LLC"),
633 DLT_CHOICE(DLT_GPF_T, "GPF-T"),
634 DLT_CHOICE(DLT_GPF_F, "GPF-F"),
635 DLT_CHOICE(DLT_JUNIPER_PIC_PEER, "Juniper PIC Peer"),
636 DLT_CHOICE(DLT_ERF_ETH, "Ethernet with Endace ERF header"),
637 DLT_CHOICE(DLT_ERF_POS, "Packet-over-SONET with Endace ERF header"),
638 DLT_CHOICE(DLT_LINUX_LAPD, "Linux vISDN LAPD"),
639 DLT_CHOICE(DLT_JUNIPER_ETHER, "Juniper Ethernet"),
640 DLT_CHOICE(DLT_JUNIPER_PPP, "Juniper PPP"),
641 DLT_CHOICE(DLT_JUNIPER_FRELAY, "Juniper Frame Relay"),
642 DLT_CHOICE(DLT_JUNIPER_CHDLC, "Juniper C-HDLC"),
643 DLT_CHOICE(DLT_MFR, "FRF.16 Frame Relay"),
644 DLT_CHOICE(DLT_JUNIPER_VP, "Juniper Voice PIC"),
645 DLT_CHOICE(DLT_A429, "Arinc 429"),
646 DLT_CHOICE(DLT_A653_ICM, "Arinc 653 Interpartition Communication"),
647 DLT_CHOICE(DLT_USB, "USB"),
648 DLT_CHOICE(DLT_BLUETOOTH_HCI_H4, "Bluetooth HCI UART transport layer"),
649 DLT_CHOICE(DLT_IEEE802_16_MAC_CPS, "IEEE 802.16 MAC Common Part Sublayer"),
650 DLT_CHOICE(DLT_USB_LINUX, "USB with Linux header"),
651 DLT_CHOICE(DLT_CAN20B, "Controller Area Network (CAN) v. 2.0B"),
652 DLT_CHOICE(DLT_IEEE802_15_4_LINUX, "IEEE 802.15.4 with Linux padding"),
653 DLT_CHOICE(DLT_PPI, "Per-Packet Information"),
654 DLT_CHOICE(DLT_IEEE802_16_MAC_CPS_RADIO, "IEEE 802.16 MAC Common Part Sublayer plus radiotap header"),
655 DLT_CHOICE(DLT_JUNIPER_ISM, "Juniper Integrated Service Module"),
656 DLT_CHOICE(DLT_IEEE802_15_4, "IEEE 802.15.4 with FCS"),
657 DLT_CHOICE(DLT_SITA, "SITA pseudo-header"),
658 DLT_CHOICE(DLT_ERF, "Endace ERF header"),
659 DLT_CHOICE(DLT_RAIF1, "Ethernet with u10 Networks pseudo-header"),
660 DLT_CHOICE(DLT_IPMB, "IPMB"),
661 DLT_CHOICE(DLT_JUNIPER_ST, "Juniper Secure Tunnel"),
662 DLT_CHOICE(DLT_BLUETOOTH_HCI_H4_WITH_PHDR, "Bluetooth HCI UART transport layer plus pseudo-header"),
663 DLT_CHOICE(DLT_AX25_KISS, "AX.25 with KISS header"),
664 DLT_CHOICE(DLT_IEEE802_15_4_NONASK_PHY, "IEEE 802.15.4 with non-ASK PHY data"),
665 DLT_CHOICE(DLT_MPLS, "MPLS with label as link-layer header"),
666 DLT_CHOICE(DLT_USB_LINUX_MMAPPED, "USB with padded Linux header"),
667 DLT_CHOICE(DLT_DECT, "DECT"),
668 DLT_CHOICE(DLT_AOS, "AOS Space Data Link protocol"),
669 DLT_CHOICE(DLT_WIHART, "Wireless HART"),
670 DLT_CHOICE(DLT_FC_2, "Fibre Channel FC-2"),
671 DLT_CHOICE(DLT_FC_2_WITH_FRAME_DELIMS, "Fibre Channel FC-2 with frame delimiters"),
672 DLT_CHOICE(DLT_IPNET, "Solaris ipnet"),
673 DLT_CHOICE(DLT_CAN_SOCKETCAN, "CAN-bus with SocketCAN headers"),
674 DLT_CHOICE(DLT_IPV4, "Raw IPv4"),
675 DLT_CHOICE(DLT_IPV6, "Raw IPv6"),
676 DLT_CHOICE(DLT_IEEE802_15_4_NOFCS, "IEEE 802.15.4 without FCS"),
677 DLT_CHOICE_SENTINEL
678 };
679
680 /*
681 * This array is designed for mapping upper and lower case letter
682 * together for a case independent comparison. The mappings are
683 * based upon ascii character sequences.
684 */
685 static const u_char charmap[] = {
686 (u_char)'\000', (u_char)'\001', (u_char)'\002', (u_char)'\003',
687 (u_char)'\004', (u_char)'\005', (u_char)'\006', (u_char)'\007',
688 (u_char)'\010', (u_char)'\011', (u_char)'\012', (u_char)'\013',
689 (u_char)'\014', (u_char)'\015', (u_char)'\016', (u_char)'\017',
690 (u_char)'\020', (u_char)'\021', (u_char)'\022', (u_char)'\023',
691 (u_char)'\024', (u_char)'\025', (u_char)'\026', (u_char)'\027',
692 (u_char)'\030', (u_char)'\031', (u_char)'\032', (u_char)'\033',
693 (u_char)'\034', (u_char)'\035', (u_char)'\036', (u_char)'\037',
694 (u_char)'\040', (u_char)'\041', (u_char)'\042', (u_char)'\043',
695 (u_char)'\044', (u_char)'\045', (u_char)'\046', (u_char)'\047',
696 (u_char)'\050', (u_char)'\051', (u_char)'\052', (u_char)'\053',
697 (u_char)'\054', (u_char)'\055', (u_char)'\056', (u_char)'\057',
698 (u_char)'\060', (u_char)'\061', (u_char)'\062', (u_char)'\063',
699 (u_char)'\064', (u_char)'\065', (u_char)'\066', (u_char)'\067',
700 (u_char)'\070', (u_char)'\071', (u_char)'\072', (u_char)'\073',
701 (u_char)'\074', (u_char)'\075', (u_char)'\076', (u_char)'\077',
702 (u_char)'\100', (u_char)'\141', (u_char)'\142', (u_char)'\143',
703 (u_char)'\144', (u_char)'\145', (u_char)'\146', (u_char)'\147',
704 (u_char)'\150', (u_char)'\151', (u_char)'\152', (u_char)'\153',
705 (u_char)'\154', (u_char)'\155', (u_char)'\156', (u_char)'\157',
706 (u_char)'\160', (u_char)'\161', (u_char)'\162', (u_char)'\163',
707 (u_char)'\164', (u_char)'\165', (u_char)'\166', (u_char)'\167',
708 (u_char)'\170', (u_char)'\171', (u_char)'\172', (u_char)'\133',
709 (u_char)'\134', (u_char)'\135', (u_char)'\136', (u_char)'\137',
710 (u_char)'\140', (u_char)'\141', (u_char)'\142', (u_char)'\143',
711 (u_char)'\144', (u_char)'\145', (u_char)'\146', (u_char)'\147',
712 (u_char)'\150', (u_char)'\151', (u_char)'\152', (u_char)'\153',
713 (u_char)'\154', (u_char)'\155', (u_char)'\156', (u_char)'\157',
714 (u_char)'\160', (u_char)'\161', (u_char)'\162', (u_char)'\163',
715 (u_char)'\164', (u_char)'\165', (u_char)'\166', (u_char)'\167',
716 (u_char)'\170', (u_char)'\171', (u_char)'\172', (u_char)'\173',
717 (u_char)'\174', (u_char)'\175', (u_char)'\176', (u_char)'\177',
718 (u_char)'\200', (u_char)'\201', (u_char)'\202', (u_char)'\203',
719 (u_char)'\204', (u_char)'\205', (u_char)'\206', (u_char)'\207',
720 (u_char)'\210', (u_char)'\211', (u_char)'\212', (u_char)'\213',
721 (u_char)'\214', (u_char)'\215', (u_char)'\216', (u_char)'\217',
722 (u_char)'\220', (u_char)'\221', (u_char)'\222', (u_char)'\223',
723 (u_char)'\224', (u_char)'\225', (u_char)'\226', (u_char)'\227',
724 (u_char)'\230', (u_char)'\231', (u_char)'\232', (u_char)'\233',
725 (u_char)'\234', (u_char)'\235', (u_char)'\236', (u_char)'\237',
726 (u_char)'\240', (u_char)'\241', (u_char)'\242', (u_char)'\243',
727 (u_char)'\244', (u_char)'\245', (u_char)'\246', (u_char)'\247',
728 (u_char)'\250', (u_char)'\251', (u_char)'\252', (u_char)'\253',
729 (u_char)'\254', (u_char)'\255', (u_char)'\256', (u_char)'\257',
730 (u_char)'\260', (u_char)'\261', (u_char)'\262', (u_char)'\263',
731 (u_char)'\264', (u_char)'\265', (u_char)'\266', (u_char)'\267',
732 (u_char)'\270', (u_char)'\271', (u_char)'\272', (u_char)'\273',
733 (u_char)'\274', (u_char)'\275', (u_char)'\276', (u_char)'\277',
734 (u_char)'\300', (u_char)'\341', (u_char)'\342', (u_char)'\343',
735 (u_char)'\344', (u_char)'\345', (u_char)'\346', (u_char)'\347',
736 (u_char)'\350', (u_char)'\351', (u_char)'\352', (u_char)'\353',
737 (u_char)'\354', (u_char)'\355', (u_char)'\356', (u_char)'\357',
738 (u_char)'\360', (u_char)'\361', (u_char)'\362', (u_char)'\363',
739 (u_char)'\364', (u_char)'\365', (u_char)'\366', (u_char)'\367',
740 (u_char)'\370', (u_char)'\371', (u_char)'\372', (u_char)'\333',
741 (u_char)'\334', (u_char)'\335', (u_char)'\336', (u_char)'\337',
742 (u_char)'\340', (u_char)'\341', (u_char)'\342', (u_char)'\343',
743 (u_char)'\344', (u_char)'\345', (u_char)'\346', (u_char)'\347',
744 (u_char)'\350', (u_char)'\351', (u_char)'\352', (u_char)'\353',
745 (u_char)'\354', (u_char)'\355', (u_char)'\356', (u_char)'\357',
746 (u_char)'\360', (u_char)'\361', (u_char)'\362', (u_char)'\363',
747 (u_char)'\364', (u_char)'\365', (u_char)'\366', (u_char)'\367',
748 (u_char)'\370', (u_char)'\371', (u_char)'\372', (u_char)'\373',
749 (u_char)'\374', (u_char)'\375', (u_char)'\376', (u_char)'\377',
750 };
751
752 int
753 pcap_strcasecmp(const char *s1, const char *s2)
754 {
755 register const u_char *cm = charmap,
756 *us1 = (const u_char *)s1,
757 *us2 = (const u_char *)s2;
758
759 while (cm[*us1] == cm[*us2++])
760 if (*us1++ == '\0')
761 return(0);
762 return (cm[*us1] - cm[*--us2]);
763 }
764
765 int
766 pcap_datalink_name_to_val(const char *name)
767 {
768 int i;
769
770 for (i = 0; dlt_choices[i].name != NULL; i++) {
771 if (pcap_strcasecmp(dlt_choices[i].name + sizeof("DLT_") - 1,
772 name) == 0)
773 return (dlt_choices[i].dlt);
774 }
775 return (-1);
776 }
777
778 const char *
779 pcap_datalink_val_to_name(int dlt)
780 {
781 int i;
782
783 for (i = 0; dlt_choices[i].name != NULL; i++) {
784 if (dlt_choices[i].dlt == dlt)
785 return (dlt_choices[i].name + sizeof("DLT_") - 1);
786 }
787 return (NULL);
788 }
789
790 const char *
791 pcap_datalink_val_to_description(int dlt)
792 {
793 int i;
794
795 for (i = 0; dlt_choices[i].name != NULL; i++) {
796 if (dlt_choices[i].dlt == dlt)
797 return (dlt_choices[i].description);
798 }
799 return (NULL);
800 }
801
802 int
803 pcap_snapshot(pcap_t *p)
804 {
805 return (p->snapshot);
806 }
807
808 int
809 pcap_is_swapped(pcap_t *p)
810 {
811 return (p->sf.swapped);
812 }
813
814 int
815 pcap_major_version(pcap_t *p)
816 {
817 return (p->sf.version_major);
818 }
819
820 int
821 pcap_minor_version(pcap_t *p)
822 {
823 return (p->sf.version_minor);
824 }
825
826 FILE *
827 pcap_file(pcap_t *p)
828 {
829 return (p->sf.rfile);
830 }
831
832 int
833 pcap_fileno(pcap_t *p)
834 {
835 #ifndef WIN32
836 return (p->fd);
837 #else
838 if (p->adapter != NULL)
839 return ((int)(DWORD)p->adapter->hFile);
840 else
841 return (-1);
842 #endif
843 }
844
845 #if !defined(WIN32) && !defined(MSDOS)
846 int
847 pcap_get_selectable_fd(pcap_t *p)
848 {
849 return (p->selectable_fd);
850 }
851 #endif
852
853 void
854 pcap_perror(pcap_t *p, char *prefix)
855 {
856 fprintf(stderr, "%s: %s\n", prefix, p->errbuf);
857 }
858
859 char *
860 pcap_geterr(pcap_t *p)
861 {
862 return (p->errbuf);
863 }
864
865 int
866 pcap_getnonblock(pcap_t *p, char *errbuf)
867 {
868 return p->getnonblock_op(p, errbuf);
869 }
870
871 /*
872 * Get the current non-blocking mode setting, under the assumption that
873 * it's just the standard POSIX non-blocking flag.
874 *
875 * We don't look at "p->nonblock", in case somebody tweaked the FD
876 * directly.
877 */
878 #if !defined(WIN32) && !defined(MSDOS)
879 int
880 pcap_getnonblock_fd(pcap_t *p, char *errbuf)
881 {
882 int fdflags;
883
884 fdflags = fcntl(p->fd, F_GETFL, 0);
885 if (fdflags == -1) {
886 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "F_GETFL: %s",
887 pcap_strerror(errno));
888 return (-1);
889 }
890 if (fdflags & O_NONBLOCK)
891 return (1);
892 else
893 return (0);
894 }
895 #endif
896
897 int
898 pcap_setnonblock(pcap_t *p, int nonblock, char *errbuf)
899 {
900 return p->setnonblock_op(p, nonblock, errbuf);
901 }
902
903 #if !defined(WIN32) && !defined(MSDOS)
904 /*
905 * Set non-blocking mode, under the assumption that it's just the
906 * standard POSIX non-blocking flag. (This can be called by the
907 * per-platform non-blocking-mode routine if that routine also
908 * needs to do some additional work.)
909 */
910 int
911 pcap_setnonblock_fd(pcap_t *p, int nonblock, char *errbuf)
912 {
913 int fdflags;
914
915 fdflags = fcntl(p->fd, F_GETFL, 0);
916 if (fdflags == -1) {
917 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "F_GETFL: %s",
918 pcap_strerror(errno));
919 return (-1);
920 }
921 if (nonblock)
922 fdflags |= O_NONBLOCK;
923 else
924 fdflags &= ~O_NONBLOCK;
925 if (fcntl(p->fd, F_SETFL, fdflags) == -1) {
926 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "F_SETFL: %s",
927 pcap_strerror(errno));
928 return (-1);
929 }
930 return (0);
931 }
932 #endif
933
934 #ifdef WIN32
935 /*
936 * Generate a string for the last Win32-specific error (i.e. an error generated when
937 * calling a Win32 API).
938 * For errors occurred during standard C calls, we still use pcap_strerror()
939 */
940 char *
941 pcap_win32strerror(void)
942 {
943 DWORD error;
944 static char errbuf[PCAP_ERRBUF_SIZE+1];
945 int errlen;
946 char *p;
947
948 error = GetLastError();
949 FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, error, 0, errbuf,
950 PCAP_ERRBUF_SIZE, NULL);
951
952 /*
953 * "FormatMessage()" "helpfully" sticks CR/LF at the end of the
954 * message. Get rid of it.
955 */
956 errlen = strlen(errbuf);
957 if (errlen >= 2) {
958 errbuf[errlen - 1] = '\0';
959 errbuf[errlen - 2] = '\0';
960 }
961 p = strchr(errbuf, '\0');
962 snprintf (p, sizeof(errbuf)-(p-errbuf), " (%lu)", error);
963 return (errbuf);
964 }
965 #endif
966
967 /*
968 * Generate error strings for PCAP_ERROR_ and PCAP_WARNING_ values.
969 */
970 const char *
971 pcap_statustostr(int errnum)
972 {
973 static char ebuf[15+10+1];
974
975 switch (errnum) {
976
977 case PCAP_WARNING:
978 return("Generic warning");
979
980 case PCAP_WARNING_PROMISC_NOTSUP:
981 return ("That device doesn't support promiscuous mode");
982
983 case PCAP_ERROR:
984 return("Generic error");
985
986 case PCAP_ERROR_BREAK:
987 return("Loop terminated by pcap_breakloop");
988
989 case PCAP_ERROR_NOT_ACTIVATED:
990 return("The pcap_t has not been activated");
991
992 case PCAP_ERROR_ACTIVATED:
993 return ("The setting can't be changed after the pcap_t is activated");
994
995 case PCAP_ERROR_NO_SUCH_DEVICE:
996 return ("No such device exists");
997
998 case PCAP_ERROR_RFMON_NOTSUP:
999 return ("That device doesn't support monitor mode");
1000
1001 case PCAP_ERROR_NOT_RFMON:
1002 return ("That operation is supported only in monitor mode");
1003
1004 case PCAP_ERROR_PERM_DENIED:
1005 return ("You don't have permission to capture on that device");
1006
1007 case PCAP_ERROR_IFACE_NOT_UP:
1008 return ("That device is not up");
1009 }
1010 (void)snprintf(ebuf, sizeof ebuf, "Unknown error: %d", errnum);
1011 return(ebuf);
1012 }
1013
1014 /*
1015 * Not all systems have strerror().
1016 */
1017 const char *
1018 pcap_strerror(int errnum)
1019 {
1020 #ifdef HAVE_STRERROR
1021 return (strerror(errnum));
1022 #else
1023 extern int sys_nerr;
1024 extern const char *const sys_errlist[];
1025 static char ebuf[15+10+1];
1026
1027 if ((unsigned int)errnum < sys_nerr)
1028 return ((char *)sys_errlist[errnum]);
1029 (void)snprintf(ebuf, sizeof ebuf, "Unknown error: %d", errnum);
1030 return(ebuf);
1031 #endif
1032 }
1033
1034 int
1035 pcap_setfilter(pcap_t *p, struct bpf_program *fp)
1036 {
1037 return p->setfilter_op(p, fp);
1038 }
1039
1040 /*
1041 * Set direction flag, which controls whether we accept only incoming
1042 * packets, only outgoing packets, or both.
1043 * Note that, depending on the platform, some or all direction arguments
1044 * might not be supported.
1045 */
1046 int
1047 pcap_setdirection(pcap_t *p, pcap_direction_t d)
1048 {
1049 if (p->setdirection_op == NULL) {
1050 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
1051 "Setting direction is not implemented on this platform");
1052 return -1;
1053 } else
1054 return p->setdirection_op(p, d);
1055 }
1056
1057 int
1058 pcap_stats(pcap_t *p, struct pcap_stat *ps)
1059 {
1060 return p->stats_op(p, ps);
1061 }
1062
1063 static int
1064 pcap_stats_dead(pcap_t *p, struct pcap_stat *ps _U_)
1065 {
1066 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
1067 "Statistics aren't available from a pcap_open_dead pcap_t");
1068 return (-1);
1069 }
1070
1071 #ifdef WIN32
1072 int
1073 pcap_setbuff(pcap_t *p, int dim)
1074 {
1075 return p->setbuff_op(p, dim);
1076 }
1077
1078 static int
1079 pcap_setbuff_dead(pcap_t *p, int dim)
1080 {
1081 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
1082 "The kernel buffer size cannot be set on a pcap_open_dead pcap_t");
1083 return (-1);
1084 }
1085
1086 int
1087 pcap_setmode(pcap_t *p, int mode)
1088 {
1089 return p->setmode_op(p, mode);
1090 }
1091
1092 static int
1093 pcap_setmode_dead(pcap_t *p, int mode)
1094 {
1095 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
1096 "impossible to set mode on a pcap_open_dead pcap_t");
1097 return (-1);
1098 }
1099
1100 int
1101 pcap_setmintocopy(pcap_t *p, int size)
1102 {
1103 return p->setmintocopy_op(p, size);
1104 }
1105
1106 static int
1107 pcap_setmintocopy_dead(pcap_t *p, int size)
1108 {
1109 snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
1110 "The mintocopy parameter cannot be set on a pcap_open_dead pcap_t");
1111 return (-1);
1112 }
1113 #endif
1114
1115 /*
1116 * On some platforms, we need to clean up promiscuous or monitor mode
1117 * when we close a device - and we want that to happen even if the
1118 * application just exits without explicitl closing devices.
1119 * On those platforms, we need to register a "close all the pcaps"
1120 * routine to be called when we exit, and need to maintain a list of
1121 * pcaps that need to be closed to clean up modes.
1122 *
1123 * XXX - not thread-safe.
1124 */
1125
1126 /*
1127 * List of pcaps on which we've done something that needs to be
1128 * cleaned up.
1129 * If there are any such pcaps, we arrange to call "pcap_close_all()"
1130 * when we exit, and have it close all of them.
1131 */
1132 static struct pcap *pcaps_to_close;
1133
1134 /*
1135 * TRUE if we've already called "atexit()" to cause "pcap_close_all()" to
1136 * be called on exit.
1137 */
1138 static int did_atexit;
1139
1140 static void
1141 pcap_close_all(void)
1142 {
1143 struct pcap *handle;
1144
1145 while ((handle = pcaps_to_close) != NULL)
1146 pcap_close(handle);
1147 }
1148
1149 int
1150 pcap_do_addexit(pcap_t *p)
1151 {
1152 /*
1153 * If we haven't already done so, arrange to have
1154 * "pcap_close_all()" called when we exit.
1155 */
1156 if (!did_atexit) {
1157 if (atexit(pcap_close_all) == -1) {
1158 /*
1159 * "atexit()" failed; let our caller know.
1160 */
1161 strncpy(p->errbuf, "atexit failed",
1162 PCAP_ERRBUF_SIZE);
1163 return (0);
1164 }
1165 did_atexit = 1;
1166 }
1167 return (1);
1168 }
1169
1170 void
1171 pcap_add_to_pcaps_to_close(pcap_t *p)
1172 {
1173 p->md.next = pcaps_to_close;
1174 pcaps_to_close = p;
1175 }
1176
1177 void
1178 pcap_remove_from_pcaps_to_close(pcap_t *p)
1179 {
1180 pcap_t *pc, *prevpc;
1181
1182 for (pc = pcaps_to_close, prevpc = NULL; pc != NULL;
1183 prevpc = pc, pc = pc->md.next) {
1184 if (pc == p) {
1185 /*
1186 * Found it. Remove it from the list.
1187 */
1188 if (prevpc == NULL) {
1189 /*
1190 * It was at the head of the list.
1191 */
1192 pcaps_to_close = pc->md.next;
1193 } else {
1194 /*
1195 * It was in the middle of the list.
1196 */
1197 prevpc->md.next = pc->md.next;
1198 }
1199 break;
1200 }
1201 }
1202 }
1203
1204 void
1205 pcap_cleanup_live_common(pcap_t *p)
1206 {
1207 if (p->buffer != NULL) {
1208 free(p->buffer);
1209 p->buffer = NULL;
1210 }
1211 if (p->dlt_list != NULL) {
1212 free(p->dlt_list);
1213 p->dlt_list = NULL;
1214 p->dlt_count = 0;
1215 }
1216 pcap_freecode(&p->fcode);
1217 #if !defined(WIN32) && !defined(MSDOS)
1218 if (p->fd >= 0) {
1219 close(p->fd);
1220 p->fd = -1;
1221 }
1222 p->selectable_fd = -1;
1223 p->send_fd = -1;
1224 #endif
1225 }
1226
1227 static void
1228 pcap_cleanup_dead(pcap_t *p _U_)
1229 {
1230 /* Nothing to do. */
1231 }
1232
1233 pcap_t *
1234 pcap_open_dead(int linktype, int snaplen)
1235 {
1236 pcap_t *p;
1237
1238 p = malloc(sizeof(*p));
1239 if (p == NULL)
1240 return NULL;
1241 memset (p, 0, sizeof(*p));
1242 p->snapshot = snaplen;
1243 p->linktype = linktype;
1244 p->stats_op = pcap_stats_dead;
1245 #ifdef WIN32
1246 p->setbuff_op = pcap_setbuff_dead;
1247 p->setmode_op = pcap_setmode_dead;
1248 p->setmintocopy_op = pcap_setmintocopy_dead;
1249 #endif
1250 p->cleanup_op = pcap_cleanup_dead;
1251 p->activated = 1;
1252 return p;
1253 }
1254
1255 /*
1256 * API compatible with WinPcap's "send a packet" routine - returns -1
1257 * on error, 0 otherwise.
1258 *
1259 * XXX - what if we get a short write?
1260 */
1261 int
1262 pcap_sendpacket(pcap_t *p, const u_char *buf, int size)
1263 {
1264 if (p->inject_op(p, buf, size) == -1)
1265 return (-1);
1266 return (0);
1267 }
1268
1269 /*
1270 * API compatible with OpenBSD's "send a packet" routine - returns -1 on
1271 * error, number of bytes written otherwise.
1272 */
1273 int
1274 pcap_inject(pcap_t *p, const void *buf, size_t size)
1275 {
1276 return (p->inject_op(p, buf, size));
1277 }
1278
1279 void
1280 pcap_close(pcap_t *p)
1281 {
1282 if (p->opt.source != NULL)
1283 free(p->opt.source);
1284 p->cleanup_op(p);
1285 free(p);
1286 }
1287
1288 /*
1289 * Given a BPF program, a pcap_pkthdr structure for a packet, and the raw
1290 * data for the packet, check whether the packet passes the filter.
1291 * Returns the return value of the filter program, which will be zero if
1292 * the packet doesn't pass and non-zero if the packet does pass.
1293 */
1294 int
1295 pcap_offline_filter(struct bpf_program *fp, const struct pcap_pkthdr *h,
1296 const u_char *pkt)
1297 {
1298 struct bpf_insn *fcode = fp->bf_insns;
1299
1300 if (fcode != NULL)
1301 return (bpf_filter(fcode, pkt, h->len, h->caplen));
1302 else
1303 return (0);
1304 }
1305
1306 /*
1307 * We make the version string static, and return a pointer to it, rather
1308 * than exporting the version string directly. On at least some UNIXes,
1309 * if you import data from a shared library into an program, the data is
1310 * bound into the program binary, so if the string in the version of the
1311 * library with which the program was linked isn't the same as the
1312 * string in the version of the library with which the program is being
1313 * run, various undesirable things may happen (warnings, the string
1314 * being the one from the version of the library with which the program
1315 * was linked, or even weirder things, such as the string being the one
1316 * from the library but being truncated).
1317 */
1318 #ifdef HAVE_VERSION_H
1319 #include "version.h"
1320 #else
1321 static const char pcap_version_string[] = "libpcap version 1.x.y";
1322 #endif
1323
1324 #ifdef WIN32
1325 /*
1326 * XXX - it'd be nice if we could somehow generate the WinPcap and libpcap
1327 * version numbers when building WinPcap. (It'd be nice to do so for
1328 * the packet.dll version number as well.)
1329 */
1330 static const char wpcap_version_string[] = "4.0";
1331 static const char pcap_version_string_fmt[] =
1332 "WinPcap version %s, based on %s";
1333 static const char pcap_version_string_packet_dll_fmt[] =
1334 "WinPcap version %s (packet.dll version %s), based on %s";
1335 static char *full_pcap_version_string;
1336
1337 const char *
1338 pcap_lib_version(void)
1339 {
1340 char *packet_version_string;
1341 size_t full_pcap_version_string_len;
1342
1343 if (full_pcap_version_string == NULL) {
1344 /*
1345 * Generate the version string.
1346 */
1347 packet_version_string = PacketGetVersion();
1348 if (strcmp(wpcap_version_string, packet_version_string) == 0) {
1349 /*
1350 * WinPcap version string and packet.dll version
1351 * string are the same; just report the WinPcap
1352 * version.
1353 */
1354 full_pcap_version_string_len =
1355 (sizeof pcap_version_string_fmt - 4) +
1356 strlen(wpcap_version_string) +
1357 strlen(pcap_version_string);
1358 full_pcap_version_string =
1359 malloc(full_pcap_version_string_len);
1360 sprintf(full_pcap_version_string,
1361 pcap_version_string_fmt, wpcap_version_string,
1362 pcap_version_string);
1363 } else {
1364 /*
1365 * WinPcap version string and packet.dll version
1366 * string are different; that shouldn't be the
1367 * case (the two libraries should come from the
1368 * same version of WinPcap), so we report both
1369 * versions.
1370 */
1371 full_pcap_version_string_len =
1372 (sizeof pcap_version_string_packet_dll_fmt - 6) +
1373 strlen(wpcap_version_string) +
1374 strlen(packet_version_string) +
1375 strlen(pcap_version_string);
1376 full_pcap_version_string = malloc(full_pcap_version_string_len);
1377
1378 sprintf(full_pcap_version_string,
1379 pcap_version_string_packet_dll_fmt,
1380 wpcap_version_string, packet_version_string,
1381 pcap_version_string);
1382 }
1383 }
1384 return (full_pcap_version_string);
1385 }
1386
1387 #elif defined(MSDOS)
1388
1389 static char *full_pcap_version_string;
1390
1391 const char *
1392 pcap_lib_version (void)
1393 {
1394 char *packet_version_string;
1395 size_t full_pcap_version_string_len;
1396 static char dospfx[] = "DOS-";
1397
1398 if (full_pcap_version_string == NULL) {
1399 /*
1400 * Generate the version string.
1401 */
1402 full_pcap_version_string_len =
1403 sizeof dospfx + strlen(pcap_version_string);
1404 full_pcap_version_string =
1405 malloc(full_pcap_version_string_len);
1406 strcpy(full_pcap_version_string, dospfx);
1407 strcat(full_pcap_version_string, pcap_version_string);
1408 }
1409 return (full_pcap_version_string);
1410 }
1411
1412 #else /* UN*X */
1413
1414 const char *
1415 pcap_lib_version(void)
1416 {
1417 return (pcap_version_string);
1418 }
1419 #endif
[mirror] the LIBpcap interface to various kernel packet capture mechanism