#endif
/*
- * Mac OS X may ship pcap.h from libpcap 0.6 with a libpcap based on
- * 0.8. That means it has pcap_findalldevs() but the header doesn't
- * define pcap_if_t, meaning that we can't actually *use* pcap_findalldevs().
+ * Some older versions of Mac OS X may ship pcap.h from libpcap 0.6 with a
+ * libpcap based on 0.8. That means it has pcap_findalldevs() but the
+ * header doesn't define pcap_if_t, meaning that we can't actually *use*
+ * pcap_findalldevs().
*/
#ifdef HAVE_PCAP_FINDALLDEVS
#ifndef HAVE_PCAP_IF_T
#endif /* HAVE_CAP_NG_H */
#endif /* HAVE_LIBCAP_NG */
+#ifdef __FreeBSD__
+#include <sys/sysctl.h>
+#endif /* __FreeBSD__ */
+
#include "netdissect.h"
#include "interface.h"
#include "addrtoname.h"
#endif
static int Bflag; /* buffer size */
-static int Cflag; /* rotate dump files after this many bytes */
+static long Cflag; /* rotate dump files after this many bytes */
static int Cflag_count; /* Keep track of which file number we're writing */
static int Dflag; /* list available devices and exit */
/*
#endif
/* Forwards */
-static void error(const char *, ...)
- __attribute__((noreturn))
-#ifdef __ATTRIBUTE___FORMAT_OK
- __attribute__((format (printf, 1, 2)))
-#endif /* __ATTRIBUTE___FORMAT_OK */
- ;
-static void warning(const char *, ...)
-#ifdef __ATTRIBUTE___FORMAT_OK
- __attribute__((format (printf, 1, 2)))
-#endif /* __ATTRIBUTE___FORMAT_OK */
- ;
-static void exit_tcpdump(int) __attribute__((noreturn));
+static NORETURN void error(FORMAT_STRING(const char *), ...) PRINTFLIKE(1, 2);
+static void warning(FORMAT_STRING(const char *), ...) PRINTFLIKE(1, 2);
+static NORETURN void exit_tcpdump(int);
static RETSIGTYPE cleanup(int);
static RETSIGTYPE child_cleanup(int);
static void print_version(void);
static void print_usage(void);
-static void show_tstamp_types_and_exit(pcap_t *, const char *device) __attribute__((noreturn));
-static void show_dlts_and_exit(pcap_t *, const char *device) __attribute__((noreturn));
+static NORETURN void show_tstamp_types_and_exit(pcap_t *, const char *device);
+static NORETURN void show_dlts_and_exit(pcap_t *, const char *device);
#ifdef HAVE_PCAP_FINDALLDEVS
-static void show_devices_and_exit (void) __attribute__((noreturn));
+static NORETURN void show_devices_and_exit(void);
#endif
static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
supports_monitor_mode = 1;
else
supports_monitor_mode = 0;
- status = pcap_set_snaplen(pc, ndo->ndo_snaplen);
- if (status != 0)
- error("%s: Can't set snapshot length: %s",
- device, pcap_statustostr(status));
+ if (ndo->ndo_snaplen != 0) {
+ /*
+ * A snapshot length was explicitly specified;
+ * use it.
+ */
+ status = pcap_set_snaplen(pc, ndo->ndo_snaplen);
+ if (status != 0)
+ error("%s: Can't set snapshot length: %s",
+ device, pcap_statustostr(status));
+ }
status = pcap_set_promisc(pc, !pflag);
if (status != 0)
error("%s: Can't set promiscuous mode: %s",
} else if (status == PCAP_ERROR_PERM_DENIED && *cp != '\0')
error("%s: %s\n(%s)", device,
pcap_statustostr(status), cp);
+#ifdef __FreeBSD__
+ else if (status == PCAP_ERROR_RFMON_NOTSUP &&
+ strncmp(device, "wlan", 4) == 0) {
+ char parent[8], newdev[8];
+ char sysctl[32];
+ size_t s = sizeof(parent);
+
+ snprintf(sysctl, sizeof(sysctl),
+ "net.wlan.%d.%%parent", atoi(device + 4));
+ sysctlbyname(sysctl, parent, &s, NULL, 0);
+ strlcpy(newdev, device, sizeof(newdev));
+ /* Suggest a new wlan device. */
+ /* FIXME: incrementing the index this way is not going to work well
+ * when the index is 9 or greater but the only consequence in this
+ * specific case would be an error message that looks a bit odd.
+ */
+ newdev[strlen(newdev)-1]++;
+ error("%s is not a monitor mode VAP\n"
+ "To create a new monitor mode VAP use:\n"
+ " ifconfig %s create wlandev %s wlanmode monitor\n"
+ "and use %s as the tcpdump interface",
+ device, newdev, parent, newdev);
+ }
+#endif
else
error("%s: %s", device,
pcap_statustostr(status));
#endif /* HAVE_PCAP_SETDIRECTION */
#else /* HAVE_PCAP_CREATE */
*ebuf = '\0';
+ /*
+ * If no snapshot length was specified, or a length of 0 was
+ * specified, default to 256KB.
+ */
+ if (ndo->ndo_snaplen == 0)
+ ndo->ndo_snaplen = 262144;
pc = pcap_open_live(device, ndo->ndo_snaplen, !pflag, 1000, ebuf);
if (pc == NULL) {
/*
memset(ndo, 0, sizeof(*ndo));
ndo_set_function_pointers(ndo);
- ndo->ndo_snaplen = DEFAULT_SNAPLEN;
cnt = -1;
device = NULL;
if (optarg == end || *end != '\0'
|| ndo->ndo_snaplen < 0 || ndo->ndo_snaplen > MAXIMUM_SNAPLEN)
error("invalid snaplen %s", optarg);
- else if (ndo->ndo_snaplen == 0)
- ndo->ndo_snaplen = MAXIMUM_SNAPLEN;
break;
case 'S':
* Find the list of interfaces, and pick
* the first interface.
*/
- if (pcap_findalldevs(&devlist, ebuf) >= 0 &&
- devlist != NULL) {
- device = strdup(devlist->name);
- pcap_freealldevs(devlist);
- }
+ if (pcap_findalldevs(&devlist, ebuf) == -1)
+ error("%s", ebuf);
+ if (devlist == NULL)
+ error("no interfaces available for capture");
+ device = strdup(devlist->name);
+ pcap_freealldevs(devlist);
#else /* HAVE_PCAP_FINDALLDEVS */
/*
* Use whatever interface pcap_lookupdev()
* chooses.
*/
device = pcap_lookupdev(ebuf);
-#endif
if (device == NULL)
error("%s", ebuf);
+#endif
}
/*
}
/*
- * Let user own process after socket has been opened.
+ * Let user own process after capture device has
+ * been opened.
*/
#ifndef _WIN32
if (setgid(getgid()) != 0 || setuid(getuid()) != 0)
}
i = pcap_snapshot(pd);
if (ndo->ndo_snaplen < i) {
- warning("snaplen raised from %d to %d", ndo->ndo_snaplen, i);
+ if (ndo->ndo_snaplen != 0)
+ warning("snaplen raised from %d to %d", ndo->ndo_snaplen, i);
+ ndo->ndo_snaplen = i;
+ } else if (ndo->ndo_snaplen > i) {
+ warning("snaplen lowered from %d to %d", ndo->ndo_snaplen, i);
ndo->ndo_snaplen = i;
}
if(ndo->ndo_fflag != 0) {
projects / tcpdump / blobdiff