David Young <dyoung at ojctech dot com>
Dean Gaudet <dean at arctic dot org>
dhruv <rsrivat at sourceforge dot net>
- Don Ebright <Don dot Ebright at compuware dot com>
+ Don Ebright <Don dot Ebright at compuware dot com>
Dug Song <dugsong at monkey dot org>
Dustin Spicuzza <dustin at virtualroadside dot com>
dzejarczech <dzejarczech at sourceforge dot net>
handling of the timestamp in the kernel.
Note well: there is rumoured to be a version of tcpdump floating around
-called 3.0.3 that includes libpcap and is supposed to support Linux.
+called 3.0.3 that includes libpcap and is supposed to support Linux.
You should be advised that neither the Network Research Group at LBNL
-nor the Tcpdump Group ever generated a release with this version number.
+nor the Tcpdump Group ever generated a release with this version number.
The LBNL Network Research Group notes with interest that a standard
cracker trick to get people to install trojans is to distribute bogus
-packages that have a version number higher than the current release.
+packages that have a version number higher than the current release.
They also noted with annoyance that 90% of the Linux related bug reports
-they got are due to changes made to unofficial versions of their page.
+they got are due to changes made to unofficial versions of their page.
If you are having trouble but aren't using a version that came from
tcpdump.org, please try that before submitting a bug report!
License: BSD
-
+
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
-
+
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
3. The names of the authors may not be used to endorse or promote
products derived from this software without specific prior
written permission.
-
+
THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Note to Linux distributions and *BSD systems that include libpcap:
-There's now a rule to make a shared library, which should work on Linux
+There's now a rule to make a shared library, which should work on Linux
and *BSD, among other platforms.
-It sets the soname of the library to "libpcap.so.1"; this is what it
-should be, *NOT* libpcap.so.1.x or libpcap.so.1.x.y or something such as
+It sets the soname of the library to "libpcap.so.1"; this is what it
+should be, *NOT* libpcap.so.1.x or libpcap.so.1.x.y or something such as
that.
-We've been maintaining binary compatibility between libpcap releases for
-quite a while; there's no reason to tie a binary linked with libpcap to
+We've been maintaining binary compatibility between libpcap releases for
+quite a while; there's no reason to tie a binary linked with libpcap to
a particular release of libpcap.
Problems, bugs, questions, desirable enhancements, etc. should be sent
-Under Win32, libpcap is integrated in the WinPcap packet capture system.
-WinPcap provides a framework that allows libpcap to capture the packets
-under Windows 95, Windows 98, Windows ME, Windows NT 4, Windows 2000
+Under Win32, libpcap is integrated in the WinPcap packet capture system.
+WinPcap provides a framework that allows libpcap to capture the packets
+under Windows 95, Windows 98, Windows ME, Windows NT 4, Windows 2000
and Windows XP.
-WinPcap binaries and source code can be found at http://winpcap.polito.it:
-they include also a developer's pack with all the necessary to compile
+WinPcap binaries and source code can be found at http://winpcap.polito.it:
+they include also a developer's pack with all the necessary to compile
libpcap-based applications under Windows.
How to compile libpcap with Visual Studio
In order to compile libpcap you will need:
- version 6 (or higher) of Microsoft Visual Studio
-- The November 2001 (or later) edition of Microsoft Platform
-Software Development Kit (SDK), that contains some necessary includes
+- The November 2001 (or later) edition of Microsoft Platform
+Software Development Kit (SDK), that contains some necessary includes
for IPv6 support. You can download it from http://www.microsoft.com/sdk
-- the latest WinPcap sources from http://winpcap.polito.it/install
+- the latest WinPcap sources from http://winpcap.polito.it/install
-The WinPcap source code already contains a recent (usually the latest
-stable) version of libpcap. If you need to compile a different one,
-simply download it from www.tcpdump.org and copy the sources in the
+The WinPcap source code already contains a recent (usually the latest
+stable) version of libpcap. If you need to compile a different one,
+simply download it from www.tcpdump.org and copy the sources in the
winpcap\wpcap\libpcap folder of the WinPcap distribution. If you want to
-compile a libpcap source retrieved from the tcpdump.org Git, you will
-have to create the scanner and the grammar by hand (with lex and yacc)
+compile a libpcap source retrieved from the tcpdump.org Git, you will
+have to create the scanner and the grammar by hand (with lex and yacc)
or with the cygnus makefile, since The Visual Studio project is not able
to build them.
-Open the project file winpcap\wpcap\prj\wpcap.dsw with Visual Studio and
-build wpcap.dll. wpcap.lib, the library file to link with the applications,
-will be generated in winpcap\wpcap\lib\. wpcap.dll will be generated in
-winpcap\wpcap\prj\release or winpcap\wpcap\prj\debug depending on the type
+Open the project file winpcap\wpcap\prj\wpcap.dsw with Visual Studio and
+build wpcap.dll. wpcap.lib, the library file to link with the applications,
+will be generated in winpcap\wpcap\lib\. wpcap.dll will be generated in
+winpcap\wpcap\prj\release or winpcap\wpcap\prj\debug depending on the type
of binary that is being created.
How to compile libpcap with Cygnus
----------------------------------
-To build wpcap.dll, cd to the directory WPCAP/PRJ of the WinPcap source code
-distribution and type "make". libwpcap.a, the library file to link with the
-applications, will be generated in winpcap\wpcap\lib\. wpcap.dll will be
+To build wpcap.dll, cd to the directory WPCAP/PRJ of the WinPcap source code
+distribution and type "make". libwpcap.a, the library file to link with the
+applications, will be generated in winpcap\wpcap\lib\. wpcap.dll will be
generated in winpcap\wpcap\prj.
-Remember, you CANNOT use the MSVC-generated .lib files with gcc, use
+Remember, you CANNOT use the MSVC-generated .lib files with gcc, use
libwpcap.a instead.
"make install" installs wpcap.dll in the Windows system folder.
Then you need to type:
strload -f /etc/dlpi.conf
-
- Check again with strload -q -d dlpi that the dlpi driver is loaded.
+
+ Check again with strload -q -d dlpi that the dlpi driver is loaded.
Alternatively, you can uncomment the lines for DLPI in
/etc/pse.conf and reboot the machine; this way DLPI will always
HP-UX patches to fix packet capture problems
Note that packet-capture programs such as tcpdump may, on HP-UX, not be
-able to see packets sent from the machine on which they're running.
+able to see packets sent from the machine on which they're running.
Some articles on groups.google.com discussing this are:
http://groups.google.com/groups?selm=82ld3v%2480i%241%40mamenchi.zrz.TU-Berlin.DE
which says:
- Newsgroups: comp.sys.hp.hpux
+ Newsgroups: comp.sys.hp.hpux
Subject: Re: Did someone made tcpdump working on 10.20 ?
Date: 12/08/1999
>must me "patched" (poked) in order to see outbound data in promiscuous mode.
>Many things to do .... So the question is : did someone has already this
>"ready to use" PHNE_**** patch ?
-
+
Two things:
1. You do need a late "LAN products cumulative patch" (e.g. PHNE_18173
for s700/10.20).
2. You must use
echo 'lanc_outbound_promisc_flag/W1' | /usr/bin/adb -w /stand/vmunix /dev/kmem
You can insert this e.g. into /sbin/init.d/lan
-
+
Best regards,
Lutz
which says:
- Newsgroups: comp.sys.hp.hpux
+ Newsgroups: comp.sys.hp.hpux
Subject: Re: tcpdump only shows incoming packets
Date: 02/15/2000
> outgoing. I have tried tcpflow-0.12 which also uses libpcap and the
> same thing happens. Could someone please give me a hint on how to
> get this right?
-
+
Search/Read the archives ?-)
-
+
What you are seeing is expected, un-patched, behaviour for an HP-UX
system. On 11.00, you need to install the latest lancommon/DLPI
- patches, and then the latest driver patch for the interface(s) in use.
+ patches, and then the latest driver patch for the interface(s) in use.
At that point, a miracle happens and you should start seeing outbound
traffic.
Rick Jones wrote:
-
+
...
> What you are seeing is expected, un-patched, behaviour for an HP-UX
> patches, and then the latest driver patch for the interface(s) in
> use. At that point, a miracle happens and you should start seeing
> outbound traffic.
-
+
Thanks a lot. I have this problem on several machines running HPUX
10.20 and 11.00. The machines where patched up before y2k so did not
know what to think. Anyway I have now installed PHNE_19766,
Date: Mon, 29 Apr 2002 15:59:55 -0700
From: Rick Jones
Subject: Re: [tcpdump-workers] I Can't Capture the Outbound Traffic
...
: Has anyone ported tcpdump (or something similar) to HP/UX 9.x?
-
+
I'm reasonably confident that any port of tcpdump to 9.X would require
the (then optional) STREAMS product. This would bring DLPI, which is
what one uses to access interfaces in promiscuous mode.
-
+
I'm not sure that HP even sells the 9.X STREAMS product any longer,
since HP-UX 9.X is off the pricelist (well, maybe 9.10 for the old 68K
- devices).
-
+ devices).
+
Your best bet is to be up on 10.20 or better if that is at all
- possible. If your hardware is supported by it, I'd go with HP-UX 11.
+ possible. If your hardware is supported by it, I'd go with HP-UX 11.
If you want to see the system's own outbound traffic, you'll never get
that functionality on 9.X, but it might happen at some point for 10.20
- and 11.X.
-
+ and 11.X.
+
rick jones
(as per other messages cited here, the ability to see the system's own
posted the security-part some time ago)
- <<hack_ip_stack>>
+ <<hack_ip_stack>>
(Don't switch IP-forwarding off, if you need it !)
Install the hack as /sbin/init.d/hacl_ip_stack (adjust
permissions !) and make a sequencing-symlink
- /sbin/rc2.d/S350hack_ip_stack pointing to this script.
+ /sbin/rc2.d/S350hack_ip_stack pointing to this script.
Now all this is done on every reboot.
According to Rick Jones, the global promiscuous switch also has to be
The Packet protocol is used by applications which communicate
directly with network devices without an intermediate network
protocol implemented in the kernel, e.g. tcpdump. If you want them
- to work, choose Y.
+ to work, choose Y.
This driver is also available as a module called af_packet.o ( =
code which can be inserted in and removed from the running kernel
whenever you want). If you want to compile it as a module, say M
here and read Documentation/modules.txt; if you use modprobe or
- kmod, you may also want to add "alias net-pf-17 af_packet" to
+ kmod, you may also want to add "alias net-pf-17 af_packet" to
/etc/modules.conf.
and the note for the 2.2[.x] kernel says:
allow packet capture filters specified to programs such as tcpdump to be
executed in the kernel, so that packets that don't pass the filter won't
be copied from the kernel to the program, rather than having all packets
-copied to the program and libpcap doing the filtering in user mode.
+copied to the program and libpcap doing the filtering in user mode.
Copying packets from the kernel to the program consumes a significant
amount of CPU, so filtering in the kernel can reduce the overhead of
/var/src/septel.
By default (if you write only ./configure --with-septel) it takes
-./../septel as argument for DIR.
+./../septel as argument for DIR.
If the Septel software is correctly detected 'configure' will
report:
-The following instructions are applicable to Tru64 UNIX
+The following instructions are applicable to Tru64 UNIX
(formerly Digital UNIX (formerly DEC OSF/1)) version 4.0, and
probably to later versions as well; at least some options apply to
Digital UNIX 3.2 - perhaps all do.
General
-- configure should not be in Git. Most open source projects have an
- autogen.sh script to run autoconf etc. after checkout. I think we
- should stick to the standard.
+- configure should not be in Git. Most open source projects have an
+ autogen.sh script to run autoconf etc. after checkout. I think we
+ should stick to the standard.
-- The source files should be better documented. There is no official
+- The source files should be better documented. There is no official
design guideline for what is done where. There should be a common coding
style (okay, you can guess that by looking at the code) and a guide for
what needs to be documented.
Less urgent items
-----------------
-- Better documentation and cleanup of the interface. I am seeing a few
+- Better documentation and cleanup of the interface. I am seeing a few
problems at the first glance which needs fixing:
+ pcap_lookupnet makes little to no sense with protocols != IPv4
+ not very well suited for interactive programs (think ethereal). There
/*
* Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
#ifndef EAI_BADHINTS
#define EAI_BADHINTS 12
-#endif
+#endif
-#ifndef EAI_PROTOCOL
+#ifndef EAI_PROTOCOL
#define EAI_PROTOCOL 13
#endif
-#ifndef EAI_MAX
+#ifndef EAI_MAX
#define EAI_MAX 14
#endif
* -
* Copyright (c) 1983, 1989, 1993
* The Regents of the University of California. All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* SUCH DAMAGE.
* -
* Portions Copyright (c) 1993 by Digital Equipment Corporation.
- *
+ *
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies, and that
* the name of Digital Equipment Corporation not be used in advertising or
* publicity pertaining to distribution of the document or software without
* specific, written prior permission.
- *
+ *
* THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
* WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
# include <sys/types.h>
#endif
#include <sys/cdefs.h>
-#else
+#else
#include <pcap-stdinc.h>
#define __LITTLE_ENDIAN 1
#define __BYTE_ORDER __LITTLE_ENDIAN
/*
* Copyright (C) 1999 WIDE Project.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
typedef signed char int8_t;
#endif /* HAVE_U_INT8_T */
-#ifndef HAVE_U_INT16_T
+#ifndef HAVE_U_INT16_T
typedef unsigned short u_int16_t;
typedef signed short int16_t;
#endif /* HAVE_U_INT16_T */
/*
* Copyright (C) 1999 WIDE Project.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
#ifndef _NET_IF_H_
#define _NET_IF_H_
-
+
/*
* <net/if.h> does not depend on <sys/time.h> on most other systems. This
* helps userland compatability. (struct timeval ifi_lastchange)
/*
* Copyright (C) 1999 WIDE Project.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
CFG=libpcap - Win32 Debug
!MESSAGE This is not a valid makefile. To build this project using NMAKE,
!MESSAGE use the Export Makefile command and run
-!MESSAGE
+!MESSAGE
!MESSAGE NMAKE /f "libpcap.mak".
-!MESSAGE
+!MESSAGE
!MESSAGE You can specify a configuration when running NMAKE
!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE
+!MESSAGE
!MESSAGE NMAKE /f "libpcap.mak" CFG="libpcap - Win32 Debug"
-!MESSAGE
+!MESSAGE
!MESSAGE Possible choices for configuration are:
-!MESSAGE
+!MESSAGE
!MESSAGE "libpcap - Win32 Release" (based on "Win32 (x86) Static Library")
!MESSAGE "libpcap - Win32 Debug" (based on "Win32 (x86) Static Library")
-!MESSAGE
+!MESSAGE
# Begin Project
# PROP AllowPerConfigDependencies 0
# ADD BASE LIB32 /nologo
# ADD LIB32 /nologo
-!ENDIF
+!ENDIF
# Begin Target
#define EAI_MAX (sizeof(ai_errlist)/sizeof(ai_errlist[0]))
#endif
-/* on MingW, gai_strerror is available.
+/* on MingW, gai_strerror is available.
We need to compile gai_strerrorA only for Cygwin
*/
#ifndef gai_strerror
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* Mingw64 has its own implementation of getaddrinfo, mingw32 no
*/
#ifndef __MINGW64__
-
+
#ifdef HAVE_CONFIG_H
#include <config.h>
-#endif
+#endif
#include <pcap-stdinc.h>
#if 0
#ifndef HAVE_PORTABLE_PROTOTYPE
#include "cdecl_ext.h"
-#endif
+#endif
#ifndef HAVE_U_INT32_T
#include "bittypes.h"
-#endif
+#endif
#ifndef HAVE_SOCKADDR_STORAGE
#ifndef __MINGW32__
#include "sockstorage.h"
#endif
-#endif
+#endif
#ifdef NEED_ADDRINFO_H
#include "addrinfo.h"
static const char in6_addrany[] = {
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
-static const char in_loopback[] = { 127, 0, 0, 1 };
+static const char in_loopback[] = { 127, 0, 0, 1 };
static const char in6_loopback[] = {
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1
};
int a_socklen;
int a_off;
const char *a_addrany;
- const char *a_loopback;
+ const char *a_loopback;
int a_scoped;
} afdl [] = {
#ifdef INET6
pai->ai_canonname = NULL;
pai->ai_addr = NULL;
pai->ai_next = NULL;
-
+
if (hostname == NULL && servname == NULL)
return EAI_NONAME;
if (hints) {
}
while (cur && cur->ai_next)
cur = cur->ai_next;
- } else
+ } else
ERR(EAI_FAMILY); /*xxx*/
}
GET_AI(cur, afd, numaddr);
GET_PORT(cur, servname);
}
-
+
#ifdef USE_GETIPNODEBY
if (hp)
freehostent(hp);
net.n_net = inet_network(cp);
net.n_addrtype = AF_INET;
q = net.n_aliases = net_aliases;
- if (p != NULL)
+ if (p != NULL)
cp = p;
while (cp && *cp) {
if (*cp == ' ' || *cp == '\t') {
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- *
+ *
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
- *
+ *
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
+ *
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
- *
+ *
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* Copyright (c) 1999 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- *
+ *
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
- *
+ *
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- *
+ *
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
- *
+ *
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# We're assuming this is clang, where
# -Werror=unknown-warning-option is the appropriate
# option to force the compiler to fail.
- #
+ #
ac_lbl_unknown_warning_option_error="-Werror=unknown-warning-option"
],
[
dnl AC_LBL_DL_PASSIVE_REQ_T
dnl
dnl results:
-dnl
+dnl
dnl HAVE_DLPI_PASSIVE (defined)
dnl
AC_DEFUN(AC_LBL_DL_PASSIVE_REQ_T,
font-weight: bold; text-align: right;
font-family: helvetica, arial, sans-serif;
background-color: transparent; }
- td.rfcbug { background-color: #000000 ; width: 30px ; height: 30px ;
+ td.rfcbug { background-color: #000000 ; width: 30px ; height: 30px ;
text-align: justify; vertical-align: middle ; padding-top: 2px ; }
td.rfcbug span.RFC { color: #666666; font-weight: bold; text-decoration: none;
background-color: #000000 ;
</p><br /><hr />
<a name="formatblock"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Block Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SHB v1.0 | Data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- Typical configuration with a single Section Header Block
+ Typical configuration with a single Section Header Block
|-- 1st Section --|-- 2nd Section --|-- 3rd Section --|
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | SHB v1.0 | Data | SHB V1.1 | Data | SHB V1.0 | Data |
+ | SHB v1.0 | Data | SHB V1.1 | Data | SHB V1.0 | Data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Configuration with three different Section Header Blocks
</pre>
</p><br /><hr />
<a name="formatSHB"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Magic |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Major | Minor |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</pre>
<table border="0" cellpadding="0" cellspacing="2" align="center"><tr><td align="center"><font face="monaco, MS Sans Serif" size="1"><b> Section Header Block format. </b></font><br /></td></tr></table><hr size="1" shade="0">
</p><br /><hr />
<a name="formatidb"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface ID | LinkType |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SnapLen |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</pre>
<table border="0" cellpadding="0" cellspacing="2" align="center"><tr><td align="center"><font face="monaco, MS Sans Serif" size="1"><b> Interface Description Block format. </b></font><br /></td></tr></table><hr size="1" shade="0">
</p><br /><hr />
<a name="formatpb"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface ID | Drops Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| /* variable length, byte-aligned */ |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</pre>
<table border="0" cellpadding="0" cellspacing="2" align="center"><tr><td align="center"><font face="monaco, MS Sans Serif" size="1"><b> Packet Block format. </b></font><br /></td></tr></table><hr size="1" shade="0">
</p><br /><hr />
<a name="formatpbs"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</p><br /><hr />
<a name="formatnrb"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | Record Type | Record Length |
+ | Record Type | Record Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Record Value |
| /* variable length, byte-aligned */ |
. . . other records . . .
| Record Type == end_of_recs | Record Length == 00 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</pre>
<table border="0" cellpadding="0" cellspacing="2" align="center"><tr><td align="center"><font face="monaco, MS Sans Serif" size="1"><b> Name Resolution Block format. </b></font><br /></td></tr></table><hr size="1" shade="0">
</p><br /><hr />
<a name="formatisb"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IfRecv |
| (high + low) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface ID | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</pre>
<table border="0" cellpadding="0" cellspacing="2" align="center"><tr><td align="center"><font face="monaco, MS Sans Serif" size="1"><b> Interface Statistics Block format. </b></font><br /></td></tr></table><hr size="1" shade="0">
</p><br /><hr />
<a name="formatopt"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | Option Code | Option Length |
+ | Option Code | Option Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Option Value |
| /* variable length, byte-aligned */ |
</p><br /><hr />
<a name="formatcb"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Compr. Type | |
+-+-+-+-+-+-+-+-+ |
</p><br /><hr />
<a name="formateb"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Encr. Type | |
+-+-+-+-+-+-+-+-+ |
</p><br /><hr />
<a name="formatflm"></a>
<pre>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cell Size | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
<figure anchor="formatblock" title="Basic block structure.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Block Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SHB v1.0 | Data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- Typical configuration with a single Section Header Block
+ Typical configuration with a single Section Header Block
|-- 1st Section --|-- 2nd Section --|-- 3rd Section --|
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | SHB v1.0 | Data | SHB V1.1 | Data | SHB V1.0 | Data |
+ | SHB v1.0 | Data | SHB V1.1 | Data | SHB V1.0 | Data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Configuration with three different Section Header Blocks
</artwork>
<t>The Section Header Block is mandatory. It identifies the beginning of a section of the capture dump file. Its format is shown in <xref target="formatSHB"/>.</t>
<figure anchor="formatSHB" title="Section Header Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Magic |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Major | Minor |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<figure anchor="formatidb" title="Interface Description Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface ID | LinkType |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SnapLen |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<c>9</c>
<c>4</c>
<c>Time zone for GMT support (TODO: specify better).</c>
-
+
<c>if_flags</c>
<c>10</c>
<c>4</c>
<figure anchor="formatpb" title="Packet Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface ID | Drops Count |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| /* variable length, byte-aligned */ |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<figure anchor="formatpbs" title="Simple Packet Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
<figure anchor="formatnrb" title="Name Resolution Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | Record Type | Record Length |
+ | Record Type | Record Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Record Value |
| /* variable length, byte-aligned */ |
. . . other records . . .
| Record Type == end_of_recs | Record Length == 00 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<figure anchor="formatisb" title="Interface Statistics Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IfRecv |
| (high + low) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Interface ID | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- / /
- / Options (variable) /
- / /
+ / /
+ / Options (variable) /
+ / /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
</figure>
<figure anchor="formatopt" title="Options format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | Option Code | Option Length |
+ | Option Code | Option Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Option Value |
| /* variable length, byte-aligned */ |
<figure anchor="formatcb" title="Compression Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Compr. Type | |
+-+-+-+-+-+-+-+-+ |
<figure anchor="formateb" title="Encryption Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Encr. Type | |
+-+-+-+-+-+-+-+-+ |
<figure anchor="formatflm" title="Fixed Length Block format.">
<artwork>
- 0 1 2 3
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cell Size | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
/*
* XXX - The 32-bit compatibility layer for Linux on IA-64
* is slightly broken. It correctly converts the structures
- * to and from kernel land from 64 bit to 32 bit but
- * doesn't update ifc.ifc_len, leaving it larger than the
- * amount really used. This means we read off the end
- * of the buffer and encounter an interface with an
- * "empty" name. Since this is highly unlikely to ever
- * occur in a valid case we can just finish looking for
+ * to and from kernel land from 64 bit to 32 bit but
+ * doesn't update ifc.ifc_len, leaving it larger than the
+ * amount really used. This means we read off the end
+ * of the buffer and encounter an interface with an
+ * "empty" name. Since this is highly unlikely to ever
+ * occur in a valid case we can just finish looking for
* interfaces if we see an empty name.
*/
if (!(*ifrp->ifr_name))
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the Politecnico di Torino, CACE Technologies
- * nor the names of its contributors may be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. Neither the name of the Politecnico di Torino, CACE Technologies
+ * nor the names of its contributors may be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
char *AdaptersName;
ULONG NameLength;
char *name;
-
+
/*
* Find out how big a buffer we need.
*
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, "Cannot allocate enough memory to list the adapters.");
return (-1);
- }
+ }
if (!PacketGetAdapterNames(AdaptersName, &NameLength)) {
snprintf(errbuf, PCAP_ERRBUF_SIZE,
free(AdaptersName);
return (-1);
}
-
+
/*
* "PacketGetAdapterNames()" returned a list of
* null-terminated ASCII interface name strings,
desc = &AdaptersName[0];
while (*desc != '\0' || *(desc + 1) != '\0')
desc++;
-
+
/*
* Found it - "desc" points to the first of the two
* nulls at the end of the list of names, so the
* after it.
*/
desc += 2;
-
+
/*
* Loop over the elements in the first list.
*/
if (pcap_platform_finddevs(&devlist, errbuf) < 0)
ret = -1;
}
-
+
if (ret == -1) {
/*
* We had an error; free the list we've been constructing.
devlist = NULL;
}
}
-
+
*alldevsp = devlist;
free(AdaptersName);
return (ret);
s = new_stmt(BPF_ALU|BPF_ADD|BPF_K);
s->s.k = off_linkpl.constant_part + off_nl + 8;
- /* Stash this in X since we'll need it later. */
+ /* Stash this in X since we'll need it later. */
s1 = new_stmt(BPF_MISC|BPF_TAX);
sappend(s, s1);
#define A_CONNECTACK 44 /* Connect Ack message */
#define A_RELEASE 45 /* Release message */
#define A_RELEASE_DONE 46 /* Release message */
-
+
/* ATM field types */
#define A_VPI 51
#define A_VCI 52
%token IPV6 ICMPV6 AH ESP
%token VLAN MPLS
%token PPPOED PPPOES GENEVE
-%token ISO ESIS CLNP ISIS L1 L2 IIH LSP SNP CSNP PSNP
+%token ISO ESIS CLNP ISIS L1 L2 IIH LSP SNP CSNP PSNP
%token STP
%token IPX
%token NETBEUI
%token RADIO
%token FISU LSSU MSU HFISU HLSSU HMSU
%token SIO OPC DPC SLS HSIO HOPC HDPC HSLS
-
+
%type <s> ID
%type <e> EID
"in this configuration");
#endif /*INET6*/
}
- | EID {
+ | EID {
$$.b = gen_ecode($1, $$.q = $<blk>0.q);
/*
* $1 was allocated by "pcap_ether_aton()",
if [ x"$dir_arg" != x ]; then
dst=$src
src=""
-
+
if [ -d $dst ]; then
instcmd=:
else
else
# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
-# might cause directories to be created, which would be especially bad
+# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if [ -f $src -o -d $src ]
echo "install: $src does not exist"
exit 1
fi
-
+
if [ x"$dst" = x ]
then
echo "install: no destination specified"
# Skip lots of stat calls in the usual case.
if [ ! -d "$dstdir" ]; then
-defaultIFS='
+defaultIFS='
'
IFS="${IFS-${defaultIFS}}"
# If we're going to rename the final executable, determine the name now.
- if [ x"$transformarg" = x ]
+ if [ x"$transformarg" = x ]
then
dstfile=`basename $dst`
else
- dstfile=`basename $dst $transformbasename |
+ dstfile=`basename $dst $transformbasename |
sed $transformarg`$transformbasename
fi
# don't allow the sed command to completely eliminate the filename
- if [ x"$dstfile" = x ]
+ if [ x"$dstfile" = x ]
then
dstfile=`basename $dst`
else
# Now rename the file to the real destination.
$doit $rmcmd -f $dstdir/$dstfile &&
- $doit $mvcmd $dsttmp $dstdir/$dstfile
+ $doit $mvcmd $dsttmp $dstdir/$dstfile
fi &&
int snprintf(char *, size_t, const char *, ...);
int vsnprintf(char *, size_t, const char *, va_list);
int pfopen(char *, int);
-
+
int snprintf(char *, size_t, const char *, ...);
int vsnprintf(char *, size_t, const char *, va_list);
int pfopen(char *, int);
-
+
#
# Manually generated dependencies
-#
+#
msdos/pktdrvr.c: msdos/pkt_stub.inc
scanner.c: scanner.l
grammar.c tokdefs.h: grammar.y
I've included some extra functions to DOS-libpcap:
- `pcap_config_hook (const char *name, const char *value)'
+ `pcap_config_hook (const char *name, const char *value)'
Allows an application to set values of internal libpcap variables.
`name' is typically a left-side keyword with an associated `value'
*/
static int
pcap_getnonblock_bpf(pcap_t *p, char *errbuf)
-{
+{
#ifdef HAVE_ZEROCOPY_BPF
struct pcap_bpf *pb = p->priv;
static int
pcap_setnonblock_bpf(pcap_t *p, int nonblock, char *errbuf)
-{
+{
#ifdef HAVE_ZEROCOPY_BPF
struct pcap_bpf *pb = p->priv;
*
* This code is derived from the Stanford/CMU enet packet filter,
* (net/enet.c) distributed as part of 4.3BSD, and code contributed
- * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
+ * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
* Berkeley Laboratory.
*
* Redistribution and use in source and binary forms, with or without
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
*
*/
-
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
int dev_id; /* device ID of device we're bound to */
};
-int
+int
bt_findalldevs(pcap_if_t **alldevsp, char *err_str)
{
struct hci_dev_list_req *dev_list;
sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
if (sock < 0)
{
- /* if bluetooth is not supported this this is not fatal*/
+ /* if bluetooth is not supported this this is not fatal*/
if (errno == EAFNOSUPPORT)
return 0;
snprintf(err_str, PCAP_ERRBUF_SIZE,
}
dev_list = malloc(HCI_MAX_DEV * sizeof(*dev_req) + sizeof(*dev_list));
- if (!dev_list)
+ if (!dev_list)
{
snprintf(err_str, PCAP_ERRBUF_SIZE, "Can't allocate %zu bytes for Bluetooth device list",
HCI_MAX_DEV * sizeof(*dev_req) + sizeof(*dev_list));
dev_list->dev_num = HCI_MAX_DEV;
- if (ioctl(sock, HCIGETDEVLIST, (void *) dev_list) < 0)
+ if (ioctl(sock, HCIGETDEVLIST, (void *) dev_list) < 0)
{
snprintf(err_str, PCAP_ERRBUF_SIZE,
"Can't get Bluetooth device list via ioctl: %s",
dev_req = dev_list->dev_req;
for (i = 0; i < dev_list->dev_num; i++, dev_req++) {
char dev_name[20], dev_descr[30];
-
+
snprintf(dev_name, 20, BT_IFACE"%d", dev_req->dev_id);
snprintf(dev_descr, 30, "Bluetooth adapter number %d", i);
-
- if (pcap_add_if(alldevsp, dev_name, 0,
+
+ if (pcap_add_if(alldevsp, dev_name, 0,
dev_descr, err_str) < 0)
{
ret = -1;
if (sscanf(handle->opt.source, BT_IFACE"%d", &dev_id) != 1)
{
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
- "Can't get Bluetooth device index from %s",
+ "Can't get Bluetooth device index from %s",
handle->opt.source);
return PCAP_ERROR;
}
handle->setnonblock_op = pcap_setnonblock_fd;
handle->stats_op = bt_stats_linux;
handlep->dev_id = dev_id;
-
+
/* Create HCI socket */
handle->fd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
if (handle->fd < 0) {
goto close_fail;
}
- /* Setup filter, do not call hci function to avoid dependence on
+ /* Setup filter, do not call hci function to avoid dependence on
* external libs */
memset(&flt, 0, sizeof(flt));
- memset((void *) &flt.type_mask, 0xff, sizeof(flt.type_mask));
+ memset((void *) &flt.type_mask, 0xff, sizeof(flt.type_mask));
memset((void *) &flt.event_mask, 0xff, sizeof(flt.event_mask));
if (setsockopt(handle->fd, SOL_HCI, HCI_FILTER, &flt, sizeof(flt)) < 0) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
bthdr = (pcap_bluetooth_h4_header*) &handle->buffer[handle->offset];
iv.iov_base = &handle->buffer[handle->offset+sizeof(pcap_bluetooth_h4_header)];
iv.iov_len = handle->snapshot;
-
+
memset(&msg, 0, sizeof(msg));
msg.msg_iov = &iv;
msg.msg_iovlen = 1;
pkth.caplen = ret;
- /* get direction and timestamp*/
+ /* get direction and timestamp*/
cmsg = CMSG_FIRSTHDR(&msg);
int in=0;
while (cmsg) {
}
cmsg = CMSG_NXTHDR(&msg, cmsg);
}
- if ((in && (handle->direction == PCAP_D_OUT)) ||
+ if ((in && (handle->direction == PCAP_D_OUT)) ||
((!in) && (handle->direction == PCAP_D_IN)))
return 0;
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "inject not supported on "
"bluetooth devices");
return (-1);
-}
+}
-static int
+static int
bt_stats_linux(pcap_t *handle, struct pcap_stat *stats)
{
struct pcap_bt *handlep = handle->priv;
struct hci_dev_info dev_info;
struct hci_dev_stats * s = &dev_info.stat;
dev_info.dev_id = handlep->dev_id;
-
+
/* ignore eintr */
do {
ret = ioctl(handle->fd, HCIGETDEVINFO, (void *)&dev_info);
} while ((ret == -1) && (errno == EINTR));
-
+
if (ret < 0) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
"Can't get stats via ioctl: %s", strerror(errno));
return (-1);
-
+
}
- /* we receive both rx and tx frames, so comulate all stats */
- stats->ps_recv = s->evt_rx + s->acl_rx + s->sco_rx + s->cmd_tx +
+ /* we receive both rx and tx frames, so comulate all stats */
+ stats->ps_recv = s->evt_rx + s->acl_rx + s->sco_rx + s->cmd_tx +
s->acl_tx +s->sco_tx;
stats->ps_drop = s->err_rx + s->err_tx;
stats->ps_ifdrop = 0;
return 0;
}
-static int
+static int
bt_setdirection_linux(pcap_t *p, pcap_direction_t d)
{
p->direction = d;
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
libusb_device** devs;
unsigned char sernum[65];
int cnt, i;
-
+
if (libusb_init(&fdctx) != 0) {
/*
* XXX - if this doesn't just mean "no USB file system mounted",
* saying "no CANUSB devices".
*/
return 0;
- }
+ }
cnt = libusb_get_device_list(fdctx,&devs);
struct libusb_device_descriptor desc;
libusb_get_device_descriptor(devs[i],&desc);
- if ((desc.idVendor != CANUSB_VID) || (desc.idProduct != CANUSB_PID))
+ if ((desc.idVendor != CANUSB_VID) || (desc.idProduct != CANUSB_PID))
continue; //It is not, check next device
-
+
//It is!
libusb_device_handle *dh = NULL;
if ((ret = libusb_open(devs[i],&dh)) == 0)
{
char dev_name[30];
- char dev_descr[50];
+ char dev_descr[50];
int n = libusb_get_string_descriptor_ascii(dh,desc.iSerialNumber,sernum,64);
sernum[n] = 0;
snprintf(dev_name, 30, CANUSB_IFACE"%s", sernum);
snprintf(dev_descr, 50, "CanUSB [%s]", sernum);
-
+
libusb_close(dh);
-
+
if (pcap_add_if(alldevsp, dev_name, 0, dev_descr, err_str) < 0)
{
libusb_free_device_list(devs,1);
libusb_device** devs;
unsigned char serial[65];
int cnt,i,n;
-
+
cnt = libusb_get_device_list(ctx,&devs);
for(i=0;i<cnt;i++)
- {
+ {
// Check if this device is interesting.
struct libusb_device_descriptor desc;
libusb_get_device_descriptor(devs[i],&desc);
if ((desc.idVendor != CANUSB_VID) || (desc.idProduct != CANUSB_PID))
continue;
-
+
//Found one!
libusb_device_handle *dh = NULL;
libusb_close(dh);
continue;
}
-
+
//Fount it!
- libusb_free_device_list(devs,1);
+ libusb_free_device_list(devs,1);
return dh;
}
pcap_t *
canusb_create(const char *device, char *ebuf, int *is_ours)
-{
+{
const char *cp;
char *cpend;
long devnum;
{
struct pcap_canusb *canusb = arg;
int i;
- struct
+ struct
{
uint8_t rxsz, txsz;
} status;
-
- fcntl(canusb->wrpipe, F_SETFL, O_NONBLOCK);
+
+ fcntl(canusb->wrpipe, F_SETFL, O_NONBLOCK);
while(canusb->loop)
{
int sz;
struct CAN_Msg msg;
-
+
+ libusb_interrupt_transfer(canusb->dev, 0x81, (unsigned char*)&status, sizeof(status), &sz, 100);
+ //HACK!!!!! -> drop buffered data, read new one by reading twice.
libusb_interrupt_transfer(canusb->dev, 0x81, (unsigned char*)&status, sizeof(status), &sz, 100);
- //HACK!!!!! -> drop buffered data, read new one by reading twice.
- libusb_interrupt_transfer(canusb->dev, 0x81, (unsigned char*)&status, sizeof(status), &sz, 100);
for(i = 0; i<status.rxsz; i++)
{
- libusb_bulk_transfer(canusb->dev, 0x85, (unsigned char*)&msg, sizeof(msg), &sz, 100);
+ libusb_bulk_transfer(canusb->dev, 0x85, (unsigned char*)&msg, sizeof(msg), &sz, 100);
if(write(canusb->wrpipe, &msg, sizeof(msg)) < 0)
fprintf(stderr,"write() error: %s\n", strerror(errno));
}
}
-
+
return NULL;
}
this->rdpipe = pipefd[0];
this->wrpipe = pipefd[1];
- this->loop = 1;
+ this->loop = 1;
pthread_create(&this->worker, NULL, canusb_capture_thread, this);
return this->rdpipe;
cmd[1] = 1; //Empty outgoing buffer
cmd[3] = 0; //Not a write to serial number
memset(&cmd[4],0,16-4);
-
+
libusb_interrupt_transfer(this->dev, 0x1,cmd,16,&al,100);
}
{
libusb_close(canusb->dev);
canusb->dev = NULL;
- }
+ }
if (canusb->ctx)
{
libusb_exit(canusb->ctx);
/*
* XXX - what causes this to fail?
*/
- snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "libusb_init() failed");
+ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "libusb_init() failed");
return PCAP_ERROR;
- }
+ }
handle->read_op = canusb_read_linux;
if (!canusb->dev)
{
libusb_exit(canusb->ctx);
- snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't open USB Device");
+ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't open USB Device");
return PCAP_ERROR;
}
int i = 0;
struct CAN_Msg msg;
struct pcap_pkthdr pkth;
-
+
while(i < max_packets)
{
int n;
pkth.caplen = pkth.len = n;
pkth.caplen -= 4;
pkth.caplen -= 8 - msg.length;
-
+
if ((firstpacket.tv_sec == -1) && (firstpacket.tv_usec == -1))
gettimeofday(&firstpacket, NULL);
-
+
pkth.ts.tv_usec = firstpacket.tv_usec + (msg.timestamp % 100) * 10000;
pkth.ts.tv_sec = firstpacket.tv_usec + (msg.timestamp / 100);
if (pkth.ts.tv_usec > 1000000)
callback(user, &pkth, (void*)&msg.id);
i++;
}
-
+
return i;
}
/*
* Juniper-private data link type, as per request from
* The Link Types are used for prepending meta-information
* like interface index, interface name
* before standard Ethernet, PPP, Frelay & C-HDLC Frames
/*
* Juniper-private data link type, as per request from
* The DLT_ is used for internal communication with a
* voice Adapter Card (PIC)
*/
/*
* Juniper-private data link type, as per request from
* The DLT_ is used for internal communication with a
* integrated service module (ISM).
*/
/*
* Juniper-private data link type, as per request from
* The DLT_ is used for capturing data on a secure tunnel interface.
*/
#define LINKTYPE_JUNIPER_ST 200
*/
#define LINKTYPE_IEEE802_15_4_NONASK_PHY 215
-/*
+/*
* captures from the Linux kernel /dev/input/eventN devices. This
* is used to communicate keystrokes and mouse movements from the
- * Linux kernel to display systems, such as Xorg.
+ * Linux kernel to display systems, such as Xorg.
*/
#define LINKTYPE_LINUX_EVDEV 216
/*
* Juniper-private data link type, as per request from
*/
#define LINKTYPE_JUNIPER_VS 232
#define LINKTYPE_JUNIPER_SRX_E2E 233
/*
* Juniper-private data link type, as per request from
*/
#define LINKTYPE_JUNIPER_ATM_CEMIC 238
/*
- * NetFilter LOG messages
+ * NetFilter LOG messages
* (payload of netlink NFNL_SUBSYS_ULOG/NFULNL_MSG_PACKET packets)
*
/*
* Link-layer header type for upper-protocol layer PDU saves from wireshark.
- *
+ *
* the actual contents are determined by two TAGs stored with each
* packet:
* EXP_PDU_TAG_LINKTYPE the link type (LINKTYPE_ value) of the
*/
/*
- * The URB id is a totally opaque value; do we really need to
+ * The URB id is a totally opaque value; do we really need to
* convert it to the reading host's byte order???
*/
offset += 8; /* skip past id */
#ifdef HAVE_DAG_STREAMS_API
if(dag_stop_stream(p->fd, pd->dag_stream) < 0)
fprintf(stderr,"dag_stop_stream: %s\n", strerror(errno));
-
+
if(dag_detach_stream(p->fd, pd->dag_stream) < 0)
fprintf(stderr,"dag_detach_stream: %s\n", strerror(errno));
#else
/* loop over the extension headers */
do {
-
+
/* sanity check we have enough bytes */
if ( len < (24 + (hdr_num * 8)) )
return hdr_num;
/* Get the next bufferful of packets (if necessary). */
while (pd->dag_mem_top - pd->dag_mem_bottom < dag_record_size) {
-
+
/*
* Has "pcap_breakloop()" been called?
*/
/* Pcap is configured to process only available packets, and there aren't any, return immediately. */
return 0;
}
-
+
if(!nonblocking &&
pd->dag_timeout &&
(pd->dag_mem_top - pd->dag_mem_bottom < dag_record_size))
}
}
-
+
/* Process the packets. */
while (pd->dag_mem_top - pd->dag_mem_bottom >= dag_record_size) {
-
+
unsigned short packet_len = 0;
int caplen = 0;
struct pcap_pkthdr pcap_header;
-
+
#ifdef HAVE_DAG_STREAMS_API
dag_record_t *header = (dag_record_t *)(pd->dag_mem_bottom);
#else
u_char *dp = ((u_char *)header); /* + dag_record_size; */
unsigned short rlen;
-
+
/*
* Has "pcap_breakloop()" been called?
*/
p->break_loop = 0;
return -2;
}
-
+
rlen = ntohs(header->rlen);
if (rlen < dag_record_size)
{
}
}
}
-
+
if ((header->type & 0x7f) == TYPE_PAD) {
continue;
}
num_ext_hdr = dag_erf_ext_header_count(dp, rlen);
/* ERF encapsulation */
- /* The Extensible Record Format is not dropped for this kind of encapsulation,
+ /* The Extensible Record Format is not dropped for this kind of encapsulation,
* and will be handled as a pseudo header by the decoding application.
* The information carried in the ERF header and in the optional subheader (if present)
* could be merged with the libpcap information, to offer a better decoding.
* The packet length is
* o the length of the packet on the link (header->wlen),
- * o plus the length of the ERF header (dag_record_size), as the length of the
+ * o plus the length of the ERF header (dag_record_size), as the length of the
* pseudo header will be adjusted during the decoding,
* o plus the length of the optional subheader (if present).
*
dp += dag_record_size;
/* Skip over extension headers */
dp += 8 * num_ext_hdr;
-
+
switch((header->type & 0x7f)) {
case TYPE_ATM:
case TYPE_AAL5:
if (p->linktype == DLT_SUNATM) {
struct sunatm_hdr *sunatm = (struct sunatm_hdr *)dp;
unsigned long rawatm;
-
+
rawatm = ntohl(*((unsigned long *)dp));
sunatm->vci = htons((rawatm >> 4) & 0xffff);
sunatm->vpi = (rawatm >> 20) & 0x00ff;
- sunatm->flags = ((header->flags.iface & 1) ? 0x80 : 0x00) |
+ sunatm->flags = ((header->flags.iface & 1) ? 0x80 : 0x00) |
((sunatm->vpi == 0 && sunatm->vci == htons(5)) ? 6 :
- ((sunatm->vpi == 0 && sunatm->vci == htons(16)) ? 5 :
+ ((sunatm->vpi == 0 && sunatm->vci == htons(16)) ? 5 :
((dp[ATM_HDR_SIZE] == 0xaa &&
dp[ATM_HDR_SIZE+1] == 0xaa &&
dp[ATM_HDR_SIZE+2] == 0x03) ? 2 : 1)));
/* Add the MTP2 Pseudo Header */
caplen += MTP2_HDR_LEN;
packet_len += MTP2_HDR_LEN;
-
+
TempPkt[MTP2_SENT_OFFSET] = 0;
TempPkt[MTP2_ANNEX_A_USED_OFFSET] = MTP2_ANNEX_A_USED_UNKNOWN;
*(TempPkt+MTP2_LINK_NUMBER_OFFSET) = ((header->rec.mc_hdlc.mc_header>>16)&0x01);
} /* switch type */
} /* ERF encapsulation */
-
+
if (caplen > p->snapshot)
caplen = p->snapshot;
/* Run the packet filter if there is one. */
if ((p->fcode.bf_insns == NULL) || bpf_filter(p->fcode.bf_insns, dp, packet_len, caplen)) {
-
+
/* convert between timestamp formats */
register unsigned long long ts;
-
+
if (IS_BIGENDIAN()) {
ts = SWAPLL(header->ts);
} else {
pcap_header.ts.tv_sec = ts >> 32;
ts = (ts & 0xffffffffULL) * ticks_per_second;
ts += 0x80000000; /* rounding */
- pcap_header.ts.tv_usec = ts >> 32;
+ pcap_header.ts.tv_usec = ts >> 32;
if (pcap_header.ts.tv_usec >= ticks_per_second) {
pcap_header.ts.tv_usec -= ticks_per_second;
pcap_header.ts.tv_sec++;
/* Fill in our own header data */
pcap_header.caplen = caplen;
pcap_header.len = packet_len;
-
+
/* Count the packet. */
pd->stat.ps_recv++;
-
+
/* Call the user supplied callback function */
callback(user, &pcap_header, dp);
-
+
/* Only count packets that pass the filter, for consistency with standard Linux behaviour. */
processed++;
if (processed == cnt && !PACKET_COUNT_IS_UNLIMITED(cnt))
* device will result in a failure. The promisc flag is ignored because DAG
* cards are always promiscuous. The to_ms parameter is used in setting the
* API polling parameters.
- *
+ *
* snaplen is now also ignored, until we get per-stream slen support. Set
* slen with approprite DAG tool BEFORE pcap_activate().
*
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't allocate string for device name: %s\n", pcap_strerror(errno));
goto fail;
}
-
+
/* Parse input name to get dag device and stream number if provided */
if (dag_parse_name(device, newDev, strlen(device) + 16, &handlep->dag_stream) < 0) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "dag_parse_name: %s\n", pcap_strerror(errno));
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "dag_get_stream_poll: %s\n", pcap_strerror(errno));
goto faildetach;
}
-
+
if (handle->opt.immediate) {
/* Call callback immediately.
* XXX - is this the right way to handle this?
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "dag_set_stream_poll: %s\n", pcap_strerror(errno));
goto faildetach;
}
-
+
#else
if((handlep->dag_mem_base = dag_mmap(handle->fd)) == MAP_FAILED) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,"dag_mmap %s: %s\n", device, pcap_strerror(errno));
handle->snapshot = MIN_DAG_SNAPLEN;
}
/* snap len has to be a multiple of 4 */
- snprintf(conf, 30, "varlen slen=%d", (snaplen + 3) & ~3);
+ snprintf(conf, 30, "varlen slen=%d", (snaplen + 3) & ~3);
if(dag_configure(handle->fd, conf) < 0) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,"dag_configure %s: %s\n", device, pcap_strerror(errno));
goto faildetach;
}
-#endif
-
+#endif
+
#ifdef HAVE_DAG_STREAMS_API
if(dag_start_stream(handle->fd, handlep->dag_stream) < 0) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "dag_start_stream %s: %s\n", device, pcap_strerror(errno));
handle->linktype = -1;
if (dag_get_datalink(handle) < 0)
goto failstop;
-
+
handle->bufsize = 0;
if (new_pcap_dag(handle) < 0) {
handlep->stat.ps_ifdrop = 0;
return 0;
-#ifdef HAVE_DAG_STREAMS_API
+#ifdef HAVE_DAG_STREAMS_API
failstop:
if (dag_stop_stream(handle->fd, handlep->dag_stream) < 0) {
fprintf(stderr,"dag_stop_stream: %s\n", strerror(errno));
}
-
+
faildetach:
if (dag_detach_stream(handle->fd, handlep->dag_stream) < 0)
fprintf(stderr,"dag_detach_stream: %s\n", strerror(errno));
if (dag_stop(handle->fd) < 0)
fprintf(stderr,"dag_stop: %s\n", strerror(errno));
#endif /* HAVE_DAG_STREAMS_API */
-
+
failclose:
if (dag_close(handle->fd) < 0)
fprintf(stderr,"dag_close: %s\n", strerror(errno));
*/
/*pd->stat.ps_recv = 0;*/
/*pd->stat.ps_drop = 0;*/
-
+
*ps = pd->stat;
-
+
return 0;
}
*/
ret = -1;
}
-
+
rxstreams--;
if(rxstreams <= 0) {
break;
}
}
- }
+ }
}
#endif /* HAVE_DAG_STREAMS_API */
dag_close(dagfd);
uint32_t mindata;
struct timeval maxwait;
struct timeval poll;
-
+
if (dag_get_stream_poll(p->fd, pd->dag_stream,
&mindata, &maxwait, &poll) < 0) {
snprintf(errbuf, PCAP_ERRBUF_SIZE, "dag_get_stream_poll: %s\n", pcap_strerror(errno));
return -1;
}
-
+
/* Amount of data to collect in Bytes before calling callbacks.
* Important for efficiency, but can introduce latency
* at low packet rates if to_ms not set!
mindata = 0;
else
mindata = 65536;
-
+
if (dag_set_stream_poll(p->fd, pd->dag_stream,
mindata, &maxwait, &poll) < 0) {
snprintf(errbuf, PCAP_ERRBUF_SIZE, "dag_set_stream_poll: %s\n", pcap_strerror(errno));
}
return (0);
}
-
+
static int
dag_get_datalink(pcap_t *p)
{
/* Get list of possible ERF types for this card */
if (dag_get_stream_erf_types(p->fd, pd->dag_stream, types, 255) < 0) {
snprintf(p->errbuf, sizeof(p->errbuf), "dag_get_stream_erf_types: %s", pcap_strerror(errno));
- return (-1);
+ return (-1);
}
-
+
while (types[index]) {
#elif defined HAVE_DAG_GET_ERF_TYPES
/* Get list of possible ERF types for this card */
if (dag_get_erf_types(p->fd, types, 255) < 0) {
snprintf(p->errbuf, sizeof(p->errbuf), "dag_get_erf_types: %s", pcap_strerror(errno));
- return (-1);
+ return (-1);
}
-
+
while (types[index]) {
#else
/* Check the type through a dagapi call. */
p->linktype = DLT_EN10MB;
break;
- case TYPE_ATM:
+ case TYPE_ATM:
case TYPE_AAL5:
case TYPE_MC_ATM:
case TYPE_MC_AAL5:
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
dbus_message_unref(msg);
return 0;
-}
+}
static int
dbus_stats(pcap_t *handle, struct pcap_stat *stats)
{
pcap_t *p;
- if (strcmp(device, "dbus-system") &&
- strcmp(device, "dbus-session") &&
+ if (strcmp(device, "dbus-system") &&
+ strcmp(device, "dbus-session") &&
strncmp(device, "dbus://", 7))
{
*is_ours = 0;
return (p);
}
-int
+int
dbus_findalldevs(pcap_if_t **alldevsp, char *err_str)
{
if (pcap_add_if(alldevsp, "dbus-system", 0, "D-Bus system bus", err_str) < 0)
ret = -1;
#endif /* raw mode */
return (ret);
-}
+}
#ifndef DL_IPATM
#define DL_IPATM 0x12 /* ATM Classical IP interface */
* network packets.
*/
static int pcap_activate_dos (pcap_t *pcap)
-{
+{
struct pcap_dos *pcapd = pcap->priv;
if (pcap->opt.rfmon) {
!first_init(pcap->opt.source, pcap->errbuf, pcap->opt.promisc))
{
return (PCAP_ERROR);
- }
+ }
atexit (close_driver);
}
else if (stricmp(active_dev->name,pcap->opt.source))
strlcpy (p->errbuf, "pktdrvr doesn't have detailed statistics",
PCAP_ERRBUF_SIZE);
return (-1);
- }
+ }
memcpy (se, (*dev->get_stats)(dev), sizeof(*se));
return (0);
}
}
ARGSUSED (device);
return (0);
-}
+}
/*
* Get a list of all interfaces that are present and that we probe okay.
* have default values. Should be taken from another
* ini-file/environment in any case (ref. tcpdump.ini)
*/
- _watt_is_init = 1;
+ _watt_is_init = 1;
if (!using_pktdrv || !has_ip_addr) /* for now .... */
{
if (!PktInitDriver(mode))
return (0);
-
+
PktResetStatistics (pktInfo.handle);
PktQueueBusy (FALSE);
return (1);
0,0,0,0,0,0,
&cs89_dev,
rtl8139_probe /* dev->probe routine */
- };
+ };
/*
* Dequeue routine is called by polling.
#define PCAP_ASSERT(x) ((void)0)
#else
- void pcap_assert (const char *what, const char *file, unsigned line);
+ void pcap_assert (const char *what, const char *file, unsigned line);
#define PCAP_ASSERT(x) do { \
if (!(x)) \
the assumption that the packet is a MPLS-encapsulated IP packet. The
\fBmpls \fI[label_num]\fR expression may be used more than once, to
filter on MPLS hierarchies. Each use of that expression increments the
-filter offsets by 4.
+filter offsets by 4.
.IP
For example:
.in +.5i
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* Modifications: Added PACKET_MMAP support
* Added TPACKET_V3 support
- *
+ *
* based on previous works of:
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
- * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
# endif /* PACKET_HOST */
- /* check for memory mapped access avaibility. We assume every needed
+ /* check for memory mapped access avaibility. We assume every needed
* struct is defined if the macro TPACKET_HDRLEN is defined, because it
* uses many ring related structs and macros */
# ifdef PCAP_SUPPORT_PACKET_RING
FILE * file;
int field_to_convert = 3, if_name_sz = strlen(if_name);
long int dropped_pkts = 0;
-
+
file = fopen("/proc/net/dev", "r");
if (!file)
return 0;
field_to_convert = 4;
continue;
}
-
+
/* find iface and make sure it actually matches -- space before the name and : after it */
if ((bufptr = strstr(buffer, if_name)) &&
(bufptr == buffer || *(bufptr-1) == ' ') &&
while (*bufptr != '\0' && *(bufptr++) == ' ');
while (*bufptr != '\0' && *(bufptr++) != ' ');
}
-
+
/* get rid of any final spaces */
while (*bufptr != '\0' && *bufptr == ' ') bufptr++;
-
+
if (*bufptr != '\0')
dropped_pkts = strtol(bufptr, NULL, 10);
break;
}
}
-
+
fclose(file);
return dropped_pkts;
-}
+}
/*
pcap_strerror(errno) );
return PCAP_ERROR;
}
-
+
/* copy timeout value */
handlep->timeout = handle->opt.timeout;
/*
- * If we're in promiscuous mode, then we probably want
+ * If we're in promiscuous mode, then we probably want
* to see when the interface drops packets too, so get an
* initial count from /proc/net/dev
*/
return (-1);
}
return (ret);
-}
+}
/*
* Get the statistics for the given packet capture handle.
#endif /* HAVE_TPACKET_STATS */
long if_dropped = 0;
-
- /*
+
+ /*
* To fill in ps_ifdrop, we parse /proc/net/dev for the number
*/
if (handle->opt.promisc)
* dropped by the interface driver. It counts only
* packets that passed the filter.
*
- * See above for ps_ifdrop.
+ * See above for ps_ifdrop.
*
* Both statistics include packets not yet read from
* the kernel by libpcap, and thus not yet seen by
* "tp_packets" as the count of packets and "tp_drops"
* as the count of drops.
*
- * Keep a running total because each call to
+ * Keep a running total because each call to
* getsockopt(handle->fd, SOL_PACKET, PACKET_STATISTICS, ....
* resets the counters to zero.
*/
* We maintain the count of packets processed by libpcap in
* "handlep->packets_read", for reasons described in the comment
* at the end of pcap_read_packet(). We have no idea how many
- * packets were dropped by the kernel buffers -- but we know
+ * packets were dropped by the kernel buffers -- but we know
* how many the interface dropped, so we can return that.
*/
-
+
stats->ps_recv = handlep->packets_read;
stats->ps_drop = 0;
stats->ps_ifdrop = handlep->stat.ps_ifdrop;
handle->linktype = DLT_RAW;
return;
}
-
+
/*
* Is this a real Ethernet device? If so, give it a
* link-layer-type list with DLT_EN10MB and DLT_DOCSIS, so
* On error, returns -1, and sets *status to the appropriate error code;
* if that is PCAP_ERROR, sets handle->errbuf to the appropriate message.
*/
-static int
+static int
activate_mmap(pcap_t *handle, int *status)
{
struct pcap_linux *handlep = handle->priv;
return 1;
}
#else /* HAVE_PACKET_RING */
-static int
+static int
activate_mmap(pcap_t *handle _U_, int *status _U_)
{
return 0;
return -1;
}
- /* compute the minumum block size that will handle this frame.
- * The block has to be page size aligned.
- * The max block size allowed by the kernel is arch-dependent and
+ /* compute the minumum block size that will handle this frame.
+ * The block has to be page size aligned.
+ * The max block size allowed by the kernel is arch-dependent and
* it's not explicitly checked here. */
req.tp_block_size = getpagesize();
- while (req.tp_block_size < req.tp_frame_size)
+ while (req.tp_block_size < req.tp_frame_size)
req.tp_block_size <<= 1;
frames_per_block = req.tp_block_size/req.tp_frame_size;
}
if (setsockopt(handle->fd, SOL_PACKET, PACKET_TIMESTAMP,
(void *)×ource, sizeof(timesource))) {
- snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
- "can't set PACKET_TIMESTAMP: %s",
+ snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
+ "can't set PACKET_TIMESTAMP: %s",
pcap_strerror(errno));
*status = PCAP_ERROR;
return -1;
/* req.tp_frame_nr is requested to match frames_per_block*req.tp_block_nr */
req.tp_frame_nr = req.tp_block_nr * frames_per_block;
-
+
#ifdef HAVE_TPACKET3
/* timeout value to retire block - use the configured buffering timeout, or default if <0. */
req.tp_retire_blk_tov = (handlep->timeout>=0)?handlep->timeout:0;
memcpy(handlep->oneshot_buffer, bytes, h->caplen);
*sp->pkt = handlep->oneshot_buffer;
}
-
+
static void
pcap_cleanup_linux_mmap( pcap_t *handle )
{
}
#endif /* HAVE_TPACKET3 */
-static int
+static int
pcap_setfilter_linux_mmap(pcap_t *handle, struct bpf_program *filter)
{
struct pcap_linux *handlep = handle->priv;
cmdname, strerror(errno));
return -1;
}
- return eval.data;
+ return eval.data;
}
static int
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
#include <linux/netfilter/nfnetlink_queue.h>
/* NOTE: if your program drops privilages after pcap_activate() it WON'T work with nfqueue.
- * It took me quite some time to debug ;/
+ * It took me quite some time to debug ;/
*
* Sending any data to nfnetlink socket requires CAP_NET_ADMIN privilages,
* and in nfqueue we need to send verdict reply after recving packet.
*
* In tcpdump you can disable dropping privilages with -Z root
*/
-
+
#include "pcap-netfilter-linux.h"
#define HDR_LENGTH (NLMSG_LENGTH(NLMSG_ALIGN(sizeof(struct nfgenmsg))))
return -1;
}
- if (NFNL_SUBSYS_ID(nlh->nlmsg_type) == NFNL_SUBSYS_ULOG &&
- NFNL_MSG_TYPE(nlh->nlmsg_type) == NFULNL_MSG_PACKET)
+ if (NFNL_SUBSYS_ID(nlh->nlmsg_type) == NFNL_SUBSYS_ULOG &&
+ NFNL_MSG_TYPE(nlh->nlmsg_type) == NFULNL_MSG_PACKET)
type = NFLOG;
- else if (NFNL_SUBSYS_ID(nlh->nlmsg_type) == NFNL_SUBSYS_QUEUE &&
+ else if (NFNL_SUBSYS_ID(nlh->nlmsg_type) == NFNL_SUBSYS_QUEUE &&
NFNL_MSG_TYPE(nlh->nlmsg_type) == NFQNL_MSG_PACKET)
type = NFQUEUE;
gettimeofday(&pkth.ts, NULL);
if (handle->fcode.bf_insns == NULL ||
- bpf_filter(handle->fcode.bf_insns, payload, pkth.len, pkth.caplen))
+ bpf_filter(handle->fcode.bf_insns, payload, pkth.len, pkth.caplen))
{
handlep->packets_read++;
callback(user, &pkth, payload);
{
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "inject not supported on netfilter devices");
return (-1);
-}
+}
struct my_nfattr {
u_int16_t nfa_len;
struct sockaddr_nl snl;
static unsigned int seq_id;
-
+
if (!seq_id)
seq_id = time(NULL);
++seq_id;
return nflog_send_config_msg(handle, family, group_id, &nfa);
}
-static int
+static int
nflog_send_config_mode(const pcap_t *handle, u_int16_t group_id, u_int8_t copy_mode, u_int32_t copy_range)
{
struct nfulnl_msg_config_mode msg;
return nfqueue_send_config_msg(handle, AF_UNSPEC, group_id, &nfa);
}
-static int
+static int
nfqueue_send_config_mode(const pcap_t *handle, u_int16_t group_id, u_int8_t copy_mode, u_int32_t copy_range)
{
struct nfqnl_msg_config_params msg;
dev += strlen(NFQUEUE_IFACE);
type = NFQUEUE;
}
-
+
if (type != OTHER && *dev == ':') {
dev++;
while (*dev) {
if (group_count == 32) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
- "Maximum 32 netfilter groups! dev: %s",
+ "Maximum 32 netfilter groups! dev: %s",
handle->opt.source);
return PCAP_ERROR;
}
if (type == OTHER || *dev) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
- "Can't get netfilter group(s) index from %s",
+ "Can't get netfilter group(s) index from %s",
handle->opt.source);
return PCAP_ERROR;
}
/* Does it begin with NFLOG_IFACE or NFQUEUE_IFACE? */
if (strncmp(cp, NFLOG_IFACE, sizeof NFLOG_IFACE - 1) == 0)
cp += sizeof NFLOG_IFACE - 1;
- else if (strncmp(cp, NFQUEUE_IFACE, sizeof NFQUEUE_IFACE - 1) == 0)
+ else if (strncmp(cp, NFQUEUE_IFACE, sizeof NFQUEUE_IFACE - 1) == 0)
cp += sizeof NFQUEUE_IFACE - 1;
else {
/* Nope, doesn't begin with NFLOG_IFACE nor NFQUEUE_IFACE */
return (p);
}
-int
+int
netfilter_findalldevs(pcap_if_t **alldevsp, char *err_str)
{
int sock;
-
+
sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER);
if (sock < 0) {
/* if netlink is not supported this is not fatal */
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
return (-1);
}
return (ret);
-}
+}
static int
nit_setflags(pcap_t *p)
return (-1);
}
return (ret);
-}
+}
static int
pcap_stats_pf(pcap_t *p, struct pcap_stat *ps)
pcap-savefile \- libpcap savefile format
.SH DESCRIPTION
NOTE: applications and libraries should, if possible, use libpcap to
-read savefiles, rather than having their own code to read savefiles.
+read savefiles, rather than having their own code to read savefiles.
If, in the future, a new file format is supported by libpcap,
applications and libraries using libpcap to read savefiles will be able
to read the new format of savefiles, but applications and libraries
* See also pcap(3).
*/
static pcap_t *septel_activate(pcap_t* handle) {
- /* Initialize some components of the pcap structure. */
+ /* Initialize some components of the pcap structure. */
handle->linktype = DLT_MTP2;
-
+
handle->bufsize = 0;
/*
struct pcap_septel *handlep = p->priv;
/*handlep->stat.ps_recv = 0;*/
/*handlep->stat.ps_drop = 0;*/
-
+
*ps = handlep->stat;
-
+
return 0;
}
find_unit_by_fd(fd, &chassis, &geoslot, &u);
while (count) {
if ((len = recv(fd, buf, count, 0)) <= 0) return -1; /* read in whatever data was sent to us */
- count -= len;
+ count -= len;
buf += len;
} /* till we have everything we are looking for */
return 0;
u->imsg = (char *)realloc(u->imsg, 1); /* and re-allocate the old large buffer into a new small one */
if (u->imsg == NULL) { /* oops, realloc call failed */
fprintf(stderr, "Warning...call to realloc() failed, value of errno is %d\n", errno);
-
+
}
}
}
if (has_swapped == 0)
return;
- }
+ }
return;
}
-
+
static int process_client_data (char *errbuf) { /* returns: -1 = error, 0 = OK */
int chassis, geoslot;
unit_t *u;
ps = p->priv;
/*
- * We support microsecond and nanosecond time stamps.
+ * We support microsecond and nanosecond time stamps.
*/
p->tstamp_precision_count = 2;
p->tstamp_precision_list = malloc(2 * sizeof(u_int));
pcap_inject_snit(pcap_t *p, const void *buf, size_t size)
{
struct strbuf ctl, data;
-
+
/*
* XXX - can we just do
*
caplen = (datalen < p->snapshot) ? datalen : p->snapshot;
cp = (u_char *)(sh + 1) + p->offset; /* XXX */
- /*
+ /*
* XXX unfortunately snoop loopback isn't exactly like
* BSD's. The address family is encoded in the first 2
* bytes rather than the first 4 bytes! Luckily the last
return (-1);
}
return (ret);
-}
+}
static int
pcap_stats_snoop(pcap_t *p, struct pcap_stat *ps)
synchronized with the host operating system's clock.
.TP 5
.BR PCAP_TSTAMP_HOST_LOWPREC " - " host_lowprec
-Time stamp provided by the host on which the capture is being done.
+Time stamp provided by the host on which the capture is being done.
This is a low-precision time stamp, synchronized with the host operating
system's clock.
.TP 5
.BR PCAP_TSTAMP_HOST_HIPREC " - " host_hiprec
-Time stamp provided by the host on which the capture is being done.
+Time stamp provided by the host on which the capture is being done.
This is a high-precision time stamp; it might or might not be
synchronized with the host operating system's clock. It might be more
expensive to fetch than
By default, when performing a live capture or reading from a savefile,
time stamps are supplied as seconds since January 1, 1970, 00:00:00 UTC,
and microseconds since that seconds value, even if higher-resolution
-time stamps are available from the capture device or in the savefile.
+time stamps are available from the capture device or in the savefile.
If, when reading a savefile, the time stamps in the file have a higher
resolution than one microsecond, the additional digits of resolution are
discarded.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
*
*/
-
+
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
static void usb_cleanup_linux_mmap(pcap_t *);
/* facility to add an USB device to the device list*/
-static int
+static int
usb_dev_add(pcap_if_t** alldevsp, int n, char *err_str)
{
char dev_name[10];
- char dev_descr[30];
+ char dev_descr[30];
snprintf(dev_name, 10, USB_IFACE"%d", n);
snprintf(dev_descr, 30, "USB bus number %d", n);
- if (pcap_add_if(alldevsp, dev_name, 0,
+ if (pcap_add_if(alldevsp, dev_name, 0,
dev_descr, err_str) < 0)
return -1;
- return 0;
+ return 0;
}
-int
+int
usb_findalldevs(pcap_if_t **alldevsp, char *err_str)
{
struct dirent* data;
if (strncmp(name, "usb", 3) != 0)
continue;
- if (sscanf(&name[3], "%d", &n) == 0)
+ if (sscanf(&name[3], "%d", &n) == 0)
continue;
ret = usb_dev_add(alldevsp, n, err_str);
if ((len < 1) || !isdigit(name[--len]))
continue;
while (isdigit(name[--len]));
- if (sscanf(&name[len+1], "%d", &n) != 1)
+ if (sscanf(&name[len+1], "%d", &n) != 1)
continue;
ret = usb_dev_add(alldevsp, n, err_str);
return 0;
}
-static
+static
int usb_mmap(pcap_t* handle)
{
struct pcap_usb_linux *handlep = handle->priv;
int len = ioctl(handle->fd, MON_IOCQ_RING_SIZE);
- if (len < 0)
+ if (len < 0)
return 0;
handlep->mmapbuflen = len;
continue;
snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d/%s", bus, data->d_name);
-
+
fd = open(buf, O_RDWR);
if (fd == -1)
continue;
}
/*now select the read method: try to open binary interface */
- snprintf(full_path, USB_LINE_LEN, LINUX_USB_MON_DEV"%d", handlep->bus_index);
+ snprintf(full_path, USB_LINE_LEN, LINUX_USB_MON_DEV"%d", handlep->bus_index);
handle->fd = open(full_path, O_RDONLY, 0);
if (handle->fd >= 0)
{
}
else {
/*Binary interface not available, try open text interface */
- snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR"/%dt", handlep->bus_index);
+ snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR"/%dt", handlep->bus_index);
handle->fd = open(full_path, O_RDONLY, 0);
if (handle->fd < 0)
{
* Not found at the new location; try
* the old location.
*/
- snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%dt", handlep->bus_index);
+ snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%dt", handlep->bus_index);
handle->fd = open(full_path, O_RDONLY, 0);
}
if (handle->fd < 0) {
return 0;
}
-static inline int
+static inline int
ascii_to_int(char c)
{
return c < 'A' ? c- '0': ((c<'a') ? c - 'A' + 10: c-'a'+10);
}
/*
- * see <linux-kernel-source>/Documentation/usb/usbmon.txt and
- * <linux-kernel-source>/drivers/usb/mon/mon_text.c for urb string
+ * see <linux-kernel-source>/Documentation/usb/usbmon.txt and
+ * <linux-kernel-source>/drivers/usb/mon/mon_text.c for urb string
* format description
*/
static int
usb_read_linux(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user)
{
/* see:
- * /usr/src/linux/Documentation/usb/usbmon.txt
+ * /usr/src/linux/Documentation/usb/usbmon.txt
* for message format
*/
struct pcap_usb_linux *handlep = handle->priv;
return -1;
}
- /* read urb header; %n argument may increment return value, but it's
+ /* read urb header; %n argument may increment return value, but it's
* not mandatory, so does not count on it*/
string[ret] = 0;
- ret = sscanf(string, "%x %d %c %c%c:%d:%d %s%n", &tag, ×tamp, &etype,
- &pipeid1, &pipeid2, &dev_addr, &ep_num, status,
+ ret = sscanf(string, "%x %d %c %c%c:%d:%d %s%n", &tag, ×tamp, &etype,
+ &pipeid1, &pipeid2, &dev_addr, &ep_num, status,
&cnt);
if (ret < 8)
{
string += cnt;
/* don't use usbmon provided timestamp, since it have low precision*/
- if (gettimeofday(&pkth.ts, NULL) < 0)
+ if (gettimeofday(&pkth.ts, NULL) < 0)
{
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
- "Can't get timestamp for message '%s' %d:%s",
+ "Can't get timestamp for message '%s' %d:%s",
string, errno, strerror(errno));
return -1;
}
if (ret != 1)
{
/* this a setup packet, setup data can be filled with underscore if
- * usbmon has not been able to read them, so we must parse this fields as
+ * usbmon has not been able to read them, so we must parse this fields as
* strings */
pcap_usb_setup* shdr;
char str1[3], str2[3], str3[5], str4[5], str5[5];
- ret = sscanf(string, "%s %s %s %s %s%n", str1, str2, str3, str4,
+ ret = sscanf(string, "%s %s %s %s %s%n", str1, str2, str3, str4,
str5, &cnt);
if (ret < 5)
{
uhdr->setup_flag = 0;
}
- else
+ else
uhdr->setup_flag = 1;
/* read urb data */
}
string += cnt;
- /* urb tag is not present if urb length is 0, so we can stop here
+ /* urb tag is not present if urb length is 0, so we can stop here
* text parsing */
pkth.len = urb_len+pkth.caplen;
uhdr->urb_len = urb_len;
return -1;
}
- if (urb_tag != '=')
+ if (urb_tag != '=')
goto got;
/* skip urb tag and following space */
/* if we reach this point we got some urb data*/
uhdr->data_flag = 0;
- /* read all urb data; if urb length is greater then the usbmon internal
+ /* read all urb data; if urb length is greater then the usbmon internal
* buffer length used by the kernel to spool the URB, we get only
* a partial information.
* At least until linux 2.6.17 there is no way to set usbmon intenal buffer
return (-1);
}
-static int
+static int
usb_stats_linux(pcap_t *handle, struct pcap_stat *stats)
{
struct pcap_usb_linux *handlep = handle->priv;
}
if (fd < 0) {
snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
- "Can't open USB stats file %s: %s",
+ "Can't open USB stats file %s: %s",
string, strerror(errno));
return -1;
}
/* extract info on dropped urbs */
for (consumed=0; consumed < ret; ) {
- /* from the sscanf man page:
- * The C standard says: "Execution of a %n directive does
+ /* from the sscanf man page:
+ * The C standard says: "Execution of a %n directive does
* not increment the assignment count returned at the completion
* of execution" but the Corrigendum seems to contradict this.
- * Do not make any assumptions on the effect of %n conversions
+ * Do not make any assumptions on the effect of %n conversions
* on the return value and explicitly check for cnt assignmet*/
int ntok;
ptr += cnt;
if (strcmp(token, "nreaders") == 0)
ret = sscanf(ptr, "%d", &stats->ps_drop);
- else
+ else
ret = sscanf(ptr, "%d", &dummy);
if (ntok != 1)
break;
return 0;
}
-static int
+static int
usb_setdirection_linux(pcap_t *p, pcap_direction_t d)
{
p->direction = d;
}
-static int
+static int
usb_stats_linux_bin(pcap_t *handle, struct pcap_stat *stats)
{
struct pcap_usb_linux *handlep = handle->priv;
}
/*
- * see <linux-kernel-source>/Documentation/usb/usbmon.txt and
+ * see <linux-kernel-source>/Documentation/usb/usbmon.txt and
* <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI
*/
static int
}
/*
- * see <linux-kernel-source>/Documentation/usb/usbmon.txt and
+ * see <linux-kernel-source>/Documentation/usb/usbmon.txt and
* <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI
*/
#define VEC_SIZE 32
for (i=0; i<fetch.nfetch; ++i) {
/* discard filler */
hdr = (pcap_usb_header*) &handlep->mmapbuf[vec[i]];
- if (hdr->event_type == '@')
+ if (hdr->event_type == '@')
continue;
/* we can get less that than really captured from kernel, depending on
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the Politecnico di Torino, CACE Technologies
- * nor the names of its contributors may be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. Neither the name of the Politecnico di Torino, CACE Technologies
+ * nor the names of its contributors may be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
}
/* Start winsock */
-int
+int
wsockinit()
{
WORD wVersionRequested;
if (done)
return err;
-
- wVersionRequested = MAKEWORD( 1, 1);
+
+ wVersionRequested = MAKEWORD( 1, 1);
err = WSAStartup( wVersionRequested, &wsaData );
atexit ((void(*)(void))WSACleanup);
InitializeCriticalSection(&g_PcapCompileCriticalSection);
done = 1;
-
+
if ( err != 0 )
err = -1;
return err;
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "read error: PacketReceivePacket failed");
return (PCAP_ERROR);
}
-
+
cc = p->Packet->ulBytesReceived;
bp = p->Packet->Buffer;
- }
+ }
else
bp = p->bp;
/* The timeout has expired but we no packets arrived */
return 0;
header = (dag_record_t*)p->adapter->DagBuffer;
- }
+ }
else
header = (dag_record_t*)p->bp;
-
+
endofbuf = (char*)header + cc;
-
- /*
- * Cycle through the packets
+
+ /*
+ * Cycle through the packets
*/
do
{
/* Increase the number of captured packets */
pw->stat.ps_recv++;
-
+
/* Find the beginning of the packet */
dp = ((u_char *)header) + dag_record_size;
/* Determine actual packet len */
- switch(header->type)
+ switch(header->type)
{
case TYPE_ATM:
packet_len = ATM_SNAPLEN;
caplen = packet_len;
}
dp += 2;
-
+
break;
-
+
case TYPE_HDLC_POS:
swt = SWAPS(header->wlen);
packet_len = swt - (pw->dag_fcs_bits);
{
caplen = packet_len;
}
-
+
break;
}
-
+
if(caplen > p->snapshot)
caplen = p->snapshot;
* out of the loop without having read any packets, and
* return the number of packets we've processed so far.
*/
- if (p->break_loop)
+ if (p->break_loop)
{
- if (n == 0)
+ if (n == 0)
{
p->break_loop = 0;
return (-2);
- }
- else
+ }
+ else
{
p->bp = (char*)header;
p->cc = endofbuf - (char*)header;
pcap_header.ts.tv_sec++;
}
}
-
+
/* No underlaying filtering system. We need to filter on our own */
- if (p->fcode.bf_insns)
+ if (p->fcode.bf_insns)
{
- if (bpf_filter(p->fcode.bf_insns, dp, packet_len, caplen) == 0)
+ if (bpf_filter(p->fcode.bf_insns, dp, packet_len, caplen) == 0)
{
/* Move to next packet */
header = (dag_record_t*)((char*)header + erf_record_len);
continue;
}
}
-
+
/* Fill the header for the user suppplied callback function */
pcap_header.caplen = caplen;
pcap_header.len = packet_len;
-
+
/* Call the callback function */
(*callback)(user, &pcap_header, dp);
-
+
/* Move to next packet */
header = (dag_record_t*)((char*)header + erf_record_len);
/* Stop if the number of packets requested by user has been reached*/
- if (++n >= cnt && !PACKET_COUNT_IS_UNLIMITED(cnt))
+ if (++n >= cnt && !PACKET_COUNT_IS_UNLIMITED(cnt))
{
p->bp = (char*)header;
p->cc = endofbuf - (char*)header;
}
}
while((u_char*)header < endofbuf);
-
+
return 1;
}
#endif /* HAVE_DAG_API */
/* Send a packet to the network */
-static int
+static int
pcap_inject_win32(pcap_t *p, const void *buf, size_t size){
LPPACKET PacketToSend;
PacketToSend=PacketAllocatePacket();
-
+
if (PacketToSend == NULL)
{
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "send error: PacketAllocatePacket failed");
return -1;
}
-
+
PacketInitPacket(PacketToSend,(PVOID)buf,size);
if(PacketSendPacket(p->adapter,PacketToSend,TRUE) == FALSE){
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "send error: PacketSendPacket failed");
wsockinit();
p->adapter = PacketOpenAdapter(p->opt.source);
-
+
if (p->adapter == NULL)
{
/* Adapter detected but we are not able to open it. Return failure. */
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "Error opening adapter: %s", pcap_win32strerror());
return PCAP_ERROR;
}
-
+
/*get network type*/
if(PacketGetNetType (p->adapter,&type) == FALSE)
{
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "Cannot determine the network type: %s", pcap_win32strerror());
goto bad;
}
-
+
/*Set the linktype*/
- switch (type.LinkType)
+ switch (type.LinkType)
{
case NdisMediumWan:
p->linktype = DLT_EN10MB;
break;
-
+
case NdisMedium802_3:
p->linktype = DLT_EN10MB;
/*
p->dlt_count = 2;
}
break;
-
+
case NdisMediumFddi:
p->linktype = DLT_FDDI;
break;
-
- case NdisMedium802_5:
- p->linktype = DLT_IEEE802;
+
+ case NdisMedium802_5:
+ p->linktype = DLT_IEEE802;
break;
-
+
case NdisMediumArcnetRaw:
p->linktype = DLT_ARCNET;
break;
-
+
case NdisMediumArcnet878_2:
p->linktype = DLT_ARCNET;
break;
-
+
case NdisMediumAtm:
p->linktype = DLT_ATM_RFC1483;
break;
-
+
case NdisMediumCHDLC:
p->linktype = DLT_CHDLC;
break;
}
/* Set promiscuous mode */
- if (p->opt.promisc)
+ if (p->opt.promisc)
{
if (PacketSetHwFilter(p->adapter,NDIS_PACKET_TYPE_PROMISCUOUS) == FALSE)
goto bad;
}
}
- else
+ else
{
if (PacketSetHwFilter(p->adapter,NDIS_PACKET_TYPE_ALL_LOCAL) == FALSE)
{
if(!(p->adapter->Flags & INFO_FLAG_DAG_CARD))
{
- /*
- * Traditional Adapter
+ /*
+ * Traditional Adapter
*/
/*
* If the buffer size wasn't explicitly set, default to
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "driver error: not enough memory to allocate the kernel buffer");
goto bad;
}
-
+
p->buffer = (u_char *)malloc(p->bufsize);
- if (p->buffer == NULL)
+ if (p->buffer == NULL)
{
snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "malloc: %s", pcap_strerror(errno));
goto bad;
}
-
+
PacketInitPacket(p->Packet,(BYTE*)p->buffer,p->bufsize);
-
+
if (p->opt.immediate)
{
/* tell the driver to copy the buffer as soon as data arrives */
else
#ifdef HAVE_DAG_API
{
- /*
- * Dag Card
+ /*
+ * Dag Card
*/
LONG status;
HKEY dagkey;
DWORD lpcbdata;
int postype = 0;
char keyname[512];
-
- snprintf(keyname, sizeof(keyname), "%s\\CardParams\\%s",
+
+ snprintf(keyname, sizeof(keyname), "%s\\CardParams\\%s",
"SYSTEM\\CurrentControlSet\\Services\\DAG",
strstr(_strlwr(p->opt.source), "dag"));
do
status = RegOpenKeyEx(HKEY_LOCAL_MACHINE, keyname, 0, KEY_READ, &dagkey);
if(status != ERROR_SUCCESS)
break;
-
+
status = RegQueryValueEx(dagkey,
"PosType",
NULL,
&lptype,
(char*)&postype,
&lpcbdata);
-
+
if(status != ERROR_SUCCESS)
{
postype = 0;
}
-
+
RegCloseKey(dagkey);
}
while(FALSE);
-
-
+
+
p->snapshot = PacketSetSnapLen(p->adapter, snaplen);
-
- /* Set the length of the FCS associated to any packet. This value
+
+ /* Set the length of the FCS associated to any packet. This value
* will be subtracted to the packet length */
pw->dag_fcs_bits = p->adapter->DagFcsLen;
}
#else
goto bad;
#endif /* HAVE_DAG_API */
-
+
PacketSetReadTimeout(p->adapter, p->opt.timeout);
-
+
#ifdef HAVE_DAG_API
if(p->adapter->Flags & INFO_FLAG_DAG_CARD)
{
/*
* We filter at user level, since the kernel driver does't process the packets
*/
-static int
+static int
pcap_setfilter_win32_dag(pcap_t *p, struct bpf_program *fp) {
-
- if(!fp)
+
+ if(!fp)
{
strncpy(p->errbuf, "setfilter: No filter specified", sizeof(p->errbuf));
return -1;
}
-
+
/* Install a user level filter */
- if (install_bpf_program(p, fp) < 0)
+ if (install_bpf_program(p, fp) < 0)
{
snprintf(p->errbuf, sizeof(p->errbuf),
"setfilter, unable to install the filter: %s", pcap_strerror(errno));
return -1;
}
-
+
return (0);
}
.BR pcap_next_ex ()
is passed two pointer arguments, one of which points to a
.IR struct pcap_pkthdr *
-and one of which points to a
+and one of which points to a
.IR "const u_char" *.
It sets the first pointer to point to a
.I struct pcap_pkthdr
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* bluetooth data struct
*/
-
+
#ifndef _PCAP_BLUETOOTH_STRUCTS_H__
#define _PCAP_BLUETOOTH_STRUCTS_H__
*
* This code is derived from the Stanford/CMU enet packet filter,
* (net/enet.c) distributed as part of 4.3BSD, and code contributed
- * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
+ * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
* Berkeley Laboratory.
*
* Redistribution and use in source and binary forms, with or without
#endif
/*
- * Alignment macros. BPF_WORDALIGN rounds up to the next
+ * Alignment macros. BPF_WORDALIGN rounds up to the next
* even multiple of BPF_ALIGNMENT.
*
* Tcpdump's print-pflog.c uses this, so we define it here.
u_int bf_len;
struct bpf_insn *bf_insns;
};
-
+
/*
* Link-layer header type codes.
*
*/
#define DLT_SUNATM 123 /* Solaris+SunATM */
-/*
+/*
* for private use.
*/
/*
* Juniper-private data link type, as per request from
* The DLT_ are used for prepending meta-information
* like interface index, interface name
* before standard Ethernet, PPP, Frelay & C-HDLC Frames
/*
* Juniper-private data link type, as per request from
* The DLT_ is used for internal communication with a
* voice Adapter Card (PIC)
*/
/*
* Juniper-private data link type, as per request from
* The DLT_ is used for internal communication with a
* integrated service module (ISM).
*/
/*
* Juniper-private data link type, as per request from
* The DLT_ is used for capturing data on a secure tunnel interface.
*/
#define DLT_JUNIPER_ST 200
*/
#define DLT_IEEE802_15_4_NONASK_PHY 215
-/*
+/*
* captures from the Linux kernel /dev/input/eventN devices. This
* is used to communicate keystrokes and mouse movements from the
- * Linux kernel to display systems, such as Xorg.
+ * Linux kernel to display systems, such as Xorg.
*/
#define DLT_LINUX_EVDEV 216
#define DLT_JUNIPER_ATM_CEMIC 238
/*
- * NetFilter LOG messages
+ * NetFilter LOG messages
* (payload of netlink NFNL_SUBSYS_ULOG/NFULNL_MSG_PACKET packets)
*
/*
* DLT type for upper-protocol layer PDU saves from wireshark.
- *
+ *
* the actual contents are determined by two TAGs stored with each
* packet:
* EXP_PDU_TAG_LINKTYPE the link type (LINKTYPE_ value) of the
#if __STDC__ || defined(__cplusplus)
extern int bpf_validate(const struct bpf_insn *, int);
extern u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
-extern u_int bpf_filter_with_aux_data(const struct bpf_insn *, const u_char *, u_int, u_int, const struct bpf_aux_data *);
+extern u_int bpf_filter_with_aux_data(const struct bpf_insn *, const u_char *, u_int, u_int, const struct bpf_aux_data *);
#else
extern int bpf_validate();
extern u_int bpf_filter();
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote
- * products derived from this software without specific prior written
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* Basic USB data struct
*/
-
+
#ifndef _PCAP_USB_STRUCTS_H__
#define _PCAP_USB_STRUCTS_H__
-/*
+/*
* possible transfer mode
*/
#define URB_TRANSFER_IN 0x80
.B pcap_dispatch()
or
.BR pcap_loop() ,
-the flag is cleared, so a subsequent call will resume reading packets.
+the flag is cleared, so a subsequent call will resume reading packets.
If a positive number is returned, the flag is not cleared, so a
subsequent call will return \-2 and clear the flag.
.SH SEE ALSO
.B pcap_dispatch()
or
.BR pcap_loop() .
-If called directly, the
+If called directly, the
.I user
-parameter is of type
+parameter is of type
.B pcap_dumper_t
as returned by
.BR pcap_dump_open() .
interface associated with the pcap descriptor.
.B pcap_list_datalinks()
allocates an array to hold the list and sets
-.IR *dlt_buf
+.IR *dlt_buf
to point to that array.
.LP
The caller is responsible for freeing the array with
is one of the constants
.BR PCAP_D_IN ,
.B PCAP_D_OUT
-or
+or
.BR PCAP_D_INOUT .
.B PCAP_D_IN
will only capture packets received by the device,
#
# OK, rename lex.yy.c to the right output file.
#
- mv lex.yy.c "$outfile"
+ mv lex.yy.c "$outfile"
#
# Did that succeed?
$prefixline
#ifndef YY_DECL
#define YY_DECL int yylex(void)
-#endif
+#endif
YY_DECL;
EOF
FILE *file;
fd = _open_osfhandle(osfd, _O_RDONLY);
- if ( fd < 0 )
+ if ( fd < 0 )
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, pcap_strerror(errno));
return NULL;
}
file = _fdopen(fd, "rb");
- if ( file == NULL )
+ if ( file == NULL )
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, pcap_strerror(errno));
return NULL;
/*
* Check whether the first 4 bytes of the file are the block
- * type for a pcap-ng savefile.
+ * type for a pcap-ng savefile.
*/
if (magic != BT_SHB) {
/*
epbp->timestamp_low;
}
goto found;
-
+
case BT_SPB:
/*
* Get a pointer to the fixed-length portion of the
* Not a packet block, IDB, or SHB; ignore it.
*/
break;
- }
+ }
}
found:
*/
pcap_dumper_t *
pcap_dump_fopen(pcap_t *p, FILE *f)
-{
+{
int linktype;
linktype = dlt_to_linktype(p->linktype);
# or pullup
-ether[12:2] = 0x800 or ether[12:2] = 0x8100 or ether[0] & 0x80 != 0 or ether[12:2] = 0x9100
+ether[12:2] = 0x800 or ether[12:2] = 0x8100 or ether[0] & 0x80 != 0 or ether[12:2] = 0x9100
- pcap = pcap_open_dead(link, snaplen);
- /* todo: hook together argv to a single string */
- prog = argv[0];
- if (pcap_compile(pcap, &p, prog, optimize, 0) < 0) {
- fprintf(stderr, pcap_geterr(pcap));
- exit(1);
- }
- bpf_dump(&p, option);
- pcap_freecode(&p);
- pcap_close(pcap);
-
+ pcap = pcap_open_dead(link, snaplen);
+ /* todo: hook together argv to a single string */
+ prog = argv[0];
+ if (pcap_compile(pcap, &p, prog, optimize, 0) < 0) {
+ fprintf(stderr, pcap_geterr(pcap));
+ exit(1);
+ }
+ bpf_dump(&p, option);
+ pcap_freecode(&p);
+ pcap_close(pcap);
+
dorfmon = 0;
useactivate = 0;
infile = NULL;
-
+
if ((cp = strrchr(argv[0], '/')) != NULL)
program_name = cp + 1;
else
each optimize phase.
Usage guide:
-1. Enable optimizier debugging code when configure libpcap,
+1. Enable optimizier debugging code when configure libpcap,
and build libpcap & filtertest
./configure --enable-optimizer-dbg
make
./filtertest EN10MB host 192.168.1.1 > a.txt
3. Send a.txt to this program's standard input
cat a.txt | tests/visopts.py
-4. Step 2&3 can be merged:
+4. Step 2&3 can be merged:
./filtertest EN10MB host 192.168.1.1 | tests/visopts.py
5. The standard output is something like this:
generated files under directory: /tmp/visopts-W9ekBw
the directory will be removed when this programs finished.
open this link: http://localhost:39062/expr1.html
-6. Using open link at the 3rd line `http://localhost:39062/expr1.html'
+6. Using open link at the 3rd line `http://localhost:39062/expr1.html'
Note:
1. CFG graph is translated to SVG document, expr1.html embeded them as external
- document. If you open expr1.html as local file using file:// protocol, some
+ document. If you open expr1.html as local file using file:// protocol, some
browsers will deny such requests so the web pages will not shown properly.
- For chrome, you can run it using following command to avoid this:
+ For chrome, you can run it using following command to avoid this:
chromium --disable-web-security
That's why this program start a localhost http server.
-2. expr1.html use jquery from http://ajax.googleapis.com, so you need internet
- access to show the web page.
+2. expr1.html use jquery from http://ajax.googleapis.com, so you need internet
+ access to show the web page.
"""
import sys, os
index += 1;
if (index < 10)
s = "00" + index;
- else if (index < 100)
+ else if (index < 100)
s = "0" + index;
- else
+ else
s = "" + index;
return "./expr" + exprid + "_g" + s + ".svg"
}
$$(this).removeAttr('opacity');
});
});
-
+
$$(leftsvg).find("[id|='block']").each(function() {
var has = $$(rightsvg).find("#" + this.id).length != 0;
if (!has) $$(this).attr("opacity", "0.4");
target.focus();
});
}
- });
+ });
}
function init_svgroot(svg) {
$$(document).ready(function() {
for (var i = 0; i < gcount; i++) {
- var opt = "<option value='" + i + "'>loop" + i + " -- " + logs[i] + "</option>";
+ var opt = "<option value='" + i + "'>loop" + i + " -- " + logs[i] + "</option>";
$$("#lselect").append(opt);
$$("#rselect").append(opt);
}
var index = parseInt($$(this).children("option:selected").val());
if (this.id == "lselect")
load_left(index);
- else
+ else
load_right(index);
}
$$("#lselect").change(on_selected);
if (index <= 0) return;
$$("#lselect").val(index - 1).change();
$$("#rselect").val(index).change();
- });
+ });
$$("#forward").click(function() {
var index = parseInt($$("#rselect option:selected").val());
if (index >= gcount - 1) return;
def write_html(expr, gcount, logs):
logs = map(lambda s: s.strip().replace("\n", "<br/>"), logs)
-
+
global html_template
html = html_template.safe_substitute(expr=expr.encode("string-escape"), gcount=gcount, logs=json.dumps(logs).encode("string-escape"))
with file("expr1.html", "wt") as f:
indot = 2
else:
log += line
-
+
if indot == 2:
p = subprocess.Popen(['dot', '-Tsvg'], stdin=subprocess.PIPE, stdout=subprocess.PIPE)
svg = p.communicate(dot)[0]
log = ""
dot = ""
indot = 0
-
+
if indot != 0:
#unterminated dot graph for expression
return False
def run_httpd():
import SimpleHTTPServer
import SocketServer
-
+
class MySocketServer(SocketServer.TCPServer):
allow_reuse_address = True
Handler = SimpleHTTPServer.SimpleHTTPRequestHandler
return 1
run_httpd()
return 0
-
+
if __name__ == "__main__":
if '-h' in sys.argv or '--help' in sys.argv:
print __doc__
projects / libpcap / commitdiff
