#include <netdissect-stdinc.h>
-#ifdef _WIN32
-#ifndef _WINSOCKAPI_
-#define _WINSOCKAPI_ /* Prevent inclusion of winsock.h in windows.h */
-#endif /* _WINSOCKAPI_ */
-#include <windows.h>
-#include <winsock2.h>
-extern int SIZE_BUF;
-#define off_t long
-#define uint UINT
-#endif /* _WIN32 */
-
#ifdef USE_LIBSMI
#include <smi.h>
#endif
static int Cflag; /* rotate dump files after this many bytes */
static int Cflag_count; /* Keep track of which file number we're writing */
static int Dflag; /* list available devices and exit */
-static int dflag; /* print filter code */
+/*
+ * This is exported because, in some versions of libpcap, if libpcap
+ * is built with optimizer debugging code (which is *NOT* the default
+ * configuration!), the library *imports*(!) a variable named dflag,
+ * under the expectation that tcpdump is exporting it, to govern
+ * how much debugging information to print when optimizing
+ * the generated BPF code.
+ *
+ * This is a horrible hack; newer versions of libpcap don't import
+ * dflag but, instead, *if* built with optimizer debugging code,
+ * *export* a routine to set that flag.
+ */
+int dflag; /* print filter code */
static int Gflag; /* rotate dump files after this many seconds */
static int Gflag_count; /* number of files created with Gflag rotation */
static time_t Gflag_time; /* The last time_t the dump file was rotated. */
#endif
};
+#if defined(HAVE_PCAP_SET_PARSER_DEBUG)
+/*
+ * We have pcap_set_parser_debug() in libpcap; declare it (it's not declared
+ * by any libpcap header, because it's a special hack, only available if
+ * libpcap was configured to include it, and only intended for use by
+ * libpcap developers trying to debug the parser for filter expressions).
+ */
+#ifdef _WIN32
+__declspec(dllimport)
+#else /* _WIN32 */
+extern
+#endif /* _WIN32 */
+void pcap_set_parser_debug(int);
+#elif defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
+/*
+ * We don't have pcap_set_parser_debug() in libpcap, but we do have
+ * pcap_debug or yydebug. Make a local version of pcap_set_parser_debug()
+ * to set the flag, and define HAVE_PCAP_SET_PARSER_DEBUG.
+ */
+static void
+pcap_set_parser_debug(int value)
+{
+#ifdef HAVE_PCAP_DEBUG
+ extern int pcap_debug;
+
+ pcap_debug = value;
+#else /* HAVE_PCAP_DEBUG */
+ extern int yydebug;
+
+ yydebug = value;
+#endif /* HAVE_PCAP_DEBUG */
+}
+
+#define HAVE_PCAP_SET_PARSER_DEBUG
+#endif
+
+#if defined(HAVE_PCAP_SET_OPTIMIZER_DEBUG)
+/*
+ * We have pcap_set_optimizer_debug() in libpcap; declare it (it's not declared
+ * by any libpcap header, because it's a special hack, only available if
+ * libpcap was configured to include it, and only intended for use by
+ * libpcap developers trying to debug the optimizer for filter expressions).
+ */
+#ifdef _WIN32
+__declspec(dllimport)
+#else /* _WIN32 */
+extern
+#endif /* _WIN32 */
+void pcap_set_optimizer_debug(int);
+#endif
+
#ifdef HAVE_PCAP_SET_TSTAMP_TYPE
static void
show_tstamp_types_and_exit(const char *device)
static void
show_devices_and_exit (void)
{
- pcap_if_t *devpointer;
+ pcap_if_t *dev, *devlist;
char ebuf[PCAP_ERRBUF_SIZE];
int i;
- if (pcap_findalldevs(&devpointer, ebuf) < 0)
+ if (pcap_findalldevs(&devlist, ebuf) < 0)
error("%s", ebuf);
- else {
- for (i = 0; devpointer != NULL; i++) {
- printf("%d.%s", i+1, devpointer->name);
- if (devpointer->description != NULL)
- printf(" (%s)", devpointer->description);
- if (devpointer->flags != 0)
- printf(" [%s]", bittok2str(status_flags, "none", devpointer->flags));
- printf("\n");
- devpointer = devpointer->next;
- }
+ for (i = 0, dev = devlist; dev != NULL; i++, dev = dev->next) {
+ printf("%d.%s", i+1, dev->name);
+ if (dev->description != NULL)
+ printf(" (%s)", dev->description);
+ if (dev->flags != 0)
+ printf(" [%s]", bittok2str(status_flags, "none", dev->flags));
+ printf("\n");
}
+ pcap_freealldevs(devlist);
exit(0);
}
#endif /* HAVE_PCAP_FINDALLDEVS */
#ifdef HAVE_PCAP_SET_IMMEDIATE_MODE
{ "immediate-mode", no_argument, NULL, OPTION_IMMEDIATE_MODE },
#endif
-#if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
+#ifdef HAVE_PCAP_SET_PARSER_DEBUG
{ "debug-filter-parser", no_argument, NULL, 'Y' },
#endif
{ "relinquish-privileges", required_argument, NULL, 'Z' },
char *ret = NULL;
char *end;
#ifdef HAVE_PCAP_FINDALLDEVS
- pcap_if_t *devpointer;
+ pcap_if_t *dev, *devlist;
int devnum;
#endif
int status;
if (devnum < 0)
error("Invalid adapter index");
- if (pcap_findalldevs(&devpointer, ebuf) < 0)
+ if (pcap_findalldevs(&devlist, ebuf) < 0)
error("%s", ebuf);
- else {
- /*
- * Look for the devnum-th entry
- * in the list of devices
- * (1-based).
- */
- for (i = 0;
- i < devnum-1 && devpointer != NULL;
- i++, devpointer = devpointer->next)
- ;
- if (devpointer == NULL)
- error("Invalid adapter index");
- }
- device = devpointer->name;
+ /*
+ * Look for the devnum-th entry in the
+ * list of devices (1-based).
+ */
+ for (i = 0, dev = devlist;
+ i < devnum-1 && dev != NULL;
+ i++, dev = dev->next)
+ ;
+ if (dev == NULL)
+ error("Invalid adapter index");
+ device = strdup(dev->name);
+ pcap_freealldevs(devlist);
break;
}
#endif /* HAVE_PCAP_FINDALLDEVS */
error("invalid data link type %s", yflag_dlt_name);
break;
-#if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
+#ifdef HAVE_PCAP_SET_PARSER_DEBUG
case 'Y':
{
/* Undocumented flag */
-#ifdef HAVE_PCAP_DEBUG
- extern int pcap_debug;
- pcap_debug = 1;
-#else
- extern int yydebug;
- yydebug = 1;
-#endif
+ pcap_set_parser_debug(1);
}
break;
#endif
case 'z':
- zflag = strdup(optarg);
- if (zflag == NULL)
- error("Unable to allocate memory for -z argument");
+ zflag = optarg;
break;
case 'Z':
- username = strdup(optarg);
- if (username == NULL)
- error("Unable to allocate memory for -Z argument");
+ username = optarg;
break;
case '#':
VFile = fopen(VFileName, "r");
if (VFile == NULL)
- error("Unable to open file: %s\n", strerror(errno));
+ error("Unable to open file: %s\n", pcap_strerror(errno));
ret = get_next_file(VFile, VFileLine);
if (!ret)
* We're doing a live capture.
*/
if (device == NULL) {
+#ifdef HAVE_PCAP_FINDALLDEVS
+ if (pcap_findalldevs(&devlist, ebuf) >= 0 &&
+ devlist != NULL) {
+ device = strdup(devlist->name);
+ pcap_freealldevs(devlist);
+ }
+#else /* HAVE_PCAP_FINDALLDEVS */
device = pcap_lookupdev(ebuf);
+#endif
if (device == NULL)
error("%s", ebuf);
}
#endif /* HAVE_PCAP_SETDIRECTION */
#else
*ebuf = '\0';
- pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf);
+ pd = pcap_open_live(device, ndo->ndo_snaplen, !pflag, 1000,
+ ebuf);
if (pd == NULL)
error("%s", ebuf);
else if (*ebuf)
else
cmdbuf = copy_argv(&argv[optind]);
+#ifdef HAVE_PCAP_SET_OPTIMIZER_DEBUG
+ pcap_set_optimizer_debug(dflag);
+#endif
if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0)
error("%s", pcap_geterr(pd));
if (dflag) {
bpf_dump(&fcode, dflag);
pcap_close(pd);
free(cmdbuf);
+ pcap_freecode(&fcode);
exit(0);
}
init_print(ndo, localnet, netmask, timezone_offset);
error("%s", pcap_geterr(pd));
#ifdef HAVE_CAPSICUM
if (RFileName == NULL && VFileName == NULL) {
- static const unsigned long cmds[] = { BIOCGSTATS };
+ static const unsigned long cmds[] = { BIOCGSTATS, BIOCROTZBUF };
cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 &&
while (ret != NULL);
free(cmdbuf);
+ pcap_freecode(&fcode);
exit(status == -1 ? 1 : 0);
}
static void
info(register int verbose)
{
- struct pcap_stat stat;
+ struct pcap_stat stats;
/*
* Older versions of libpcap didn't set ps_ifdrop on some
* platforms; initialize it to 0 to handle that.
*/
- stat.ps_ifdrop = 0;
- if (pcap_stats(pd, &stat) < 0) {
+ stats.ps_ifdrop = 0;
+ if (pcap_stats(pd, &stats) < 0) {
(void)fprintf(stderr, "pcap_stats: %s\n", pcap_geterr(pd));
infoprint = 0;
return;
fputs(", ", stderr);
else
putc('\n', stderr);
- (void)fprintf(stderr, "%u packet%s received by filter", stat.ps_recv,
- PLURAL_SUFFIX(stat.ps_recv));
+ (void)fprintf(stderr, "%u packet%s received by filter", stats.ps_recv,
+ PLURAL_SUFFIX(stats.ps_recv));
if (!verbose)
fputs(", ", stderr);
else
putc('\n', stderr);
- (void)fprintf(stderr, "%u packet%s dropped by kernel", stat.ps_drop,
- PLURAL_SUFFIX(stat.ps_drop));
- if (stat.ps_ifdrop != 0) {
+ (void)fprintf(stderr, "%u packet%s dropped by kernel", stats.ps_drop,
+ PLURAL_SUFFIX(stats.ps_drop));
+ if (stats.ps_ifdrop != 0) {
if (!verbose)
fputs(", ", stderr);
else
putc('\n', stderr);
(void)fprintf(stderr, "%u packet%s dropped by interface\n",
- stat.ps_ifdrop, PLURAL_SUFFIX(stat.ps_ifdrop));
+ stats.ps_ifdrop, PLURAL_SUFFIX(stats.ps_ifdrop));
} else
putc('\n', stderr);
infoprint = 0;
}
#if defined(HAVE_FORK) || defined(HAVE_VFORK)
+#ifdef HAVE_FORK
+#define fork_subprocess() fork()
+#else
+#define fork_subprocess() vfork()
+#endif
static void
compress_savefile(const char *filename)
{
-# ifdef HAVE_FORK
- if (fork())
-# else
- if (vfork())
-# endif
+ pid_t child;
+
+ child = fork_subprocess();
+ if (child == -1) {
+ fprintf(stderr,
+ "compress_savefile: fork failed: %s\n",
+ pcap_strerror(errno));
+ return;
+ }
+ if (child != 0) {
+ /* Parent process. */
return;
+ }
+
/*
- * Set to lowest priority so that this doesn't disturb the capture
+ * Child process.
+ * Set to lowest priority so that this doesn't disturb the capture.
*/
#ifdef NZERO
setpriority(PRIO_PROCESS, 0, NZERO - 1);
#endif
if (execlp(zflag, zflag, filename, (char *)NULL) == -1)
fprintf(stderr,
- "compress_savefile:execlp(%s, %s): %s\n",
+ "compress_savefile: execlp(%s, %s) failed: %s\n",
zflag,
filename,
- strerror(errno));
-# ifdef HAVE_FORK
+ pcap_strerror(errno));
+#ifdef HAVE_FORK
exit(1);
-# else
+#else
_exit(1);
-# endif
+#endif
}
#else /* HAVE_FORK && HAVE_VFORK */
static void
void CALLBACK verbose_stats_dump (UINT timer_id _U_, UINT msg _U_, DWORD_PTR arg _U_,
DWORD_PTR dw1 _U_, DWORD_PTR dw2 _U_)
{
- struct pcap_stat stat;
-
- if (infodelay == 0 && pcap_stats(pd, &stat) >= 0)
+ if (infodelay == 0)
fprintf(stderr, "Got %u\r", packets_captured);
}
#elif defined(HAVE_ALARM)
static void verbose_stats_dump(int sig _U_)
{
- struct pcap_stat stat;
-
- if (infodelay == 0 && pcap_stats(pd, &stat) >= 0)
+ if (infodelay == 0)
fprintf(stderr, "Got %u\r", packets_captured);
alarm(1);
}
projects / tcpdump / blobdiff