#include <tcpdump-stdinc.h>
#ifdef WIN32
-#include "getopt.h"
#include "w32_fzs.h"
extern int strcasecmp (const char *__s1, const char *__s2);
extern int SIZE_BUF;
#include <smi.h>
#endif
+#ifdef HAVE_LIBCRYPTO
+#include <openssl/crypto.h>
+#endif
+
+#ifdef HAVE_GETOPT_LONG
+#include <getopt.h>
+#else
+#include "getopt_long.h"
+#endif
#include <pcap.h>
#include <signal.h>
#include <stdio.h>
#include <sys/resource.h>
#include <pwd.h>
#include <grp.h>
-#include <errno.h>
#endif /* WIN32 */
/* capabilities convinience library */
/* Forwards */
static RETSIGTYPE cleanup(int);
static RETSIGTYPE child_cleanup(int);
-static void usage(void) __attribute__((noreturn));
+static void print_version(void);
+static void print_usage(void);
static void show_dlts_and_exit(const char *device, pcap_t *pd) __attribute__((noreturn));
static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
static const struct printer printers[] = {
- { sl_if_print, DLT_SLIP },
-#ifdef DLT_SLIP_BSDOS
- { sl_bsdos_if_print, DLT_SLIP_BSDOS },
-#endif
- { ppp_if_print, DLT_PPP },
-#ifdef DLT_PPP_WITHDIRECTION
- { ppp_if_print, DLT_PPP_WITHDIRECTION },
-#endif
-#ifdef DLT_PPP_BSDOS
- { ppp_bsdos_if_print, DLT_PPP_BSDOS },
-#endif
- { atm_if_print, DLT_ATM_RFC1483 },
-#ifdef DLT_PPP_SERIAL
- { ppp_hdlc_if_print, DLT_PPP_SERIAL },
-#endif
-#ifdef DLT_IEEE802_11
- { ieee802_11_if_print, DLT_IEEE802_11},
-#endif
-#ifdef DLT_LTALK
- { ltalk_if_print, DLT_LTALK },
-#endif
-#ifdef DLT_FR
- { fr_if_print, DLT_FR },
-#endif
-#ifdef DLT_FRELAY
- { fr_if_print, DLT_FRELAY },
-#endif
-#ifdef DLT_SUNATM
- { sunatm_if_print, DLT_SUNATM },
-#endif
-#ifdef DLT_PRISM_HEADER
- { prism_if_print, DLT_PRISM_HEADER },
-#endif
-#ifdef DLT_IEEE802_11_RADIO
- { ieee802_11_radio_if_print, DLT_IEEE802_11_RADIO },
-#endif
-#ifdef DLT_ENC
- { enc_if_print, DLT_ENC },
-#endif
-#ifdef DLT_IEEE802_11_RADIO_AVS
- { ieee802_11_radio_avs_if_print, DLT_IEEE802_11_RADIO_AVS },
-#endif
-#ifdef DLT_JUNIPER_ATM1
- { juniper_atm1_print, DLT_JUNIPER_ATM1 },
-#endif
-#ifdef DLT_JUNIPER_ATM2
- { juniper_atm2_print, DLT_JUNIPER_ATM2 },
-#endif
-#ifdef DLT_JUNIPER_MFR
- { juniper_mfr_print, DLT_JUNIPER_MFR },
-#endif
-#ifdef DLT_JUNIPER_MLFR
- { juniper_mlfr_print, DLT_JUNIPER_MLFR },
-#endif
-#ifdef DLT_JUNIPER_MLPPP
- { juniper_mlppp_print, DLT_JUNIPER_MLPPP },
-#endif
-#ifdef DLT_JUNIPER_PPPOE
- { juniper_pppoe_print, DLT_JUNIPER_PPPOE },
-#endif
-#ifdef DLT_JUNIPER_PPPOE_ATM
- { juniper_pppoe_atm_print, DLT_JUNIPER_PPPOE_ATM },
-#endif
-#ifdef DLT_JUNIPER_GGSN
- { juniper_ggsn_print, DLT_JUNIPER_GGSN },
-#endif
-#ifdef DLT_JUNIPER_ES
- { juniper_es_print, DLT_JUNIPER_ES },
-#endif
-#ifdef DLT_JUNIPER_MONITOR
- { juniper_monitor_print, DLT_JUNIPER_MONITOR },
-#endif
-#ifdef DLT_JUNIPER_SERVICES
- { juniper_services_print, DLT_JUNIPER_SERVICES },
-#endif
-#ifdef DLT_JUNIPER_ETHER
- { juniper_ether_print, DLT_JUNIPER_ETHER },
-#endif
-#ifdef DLT_JUNIPER_PPP
- { juniper_ppp_print, DLT_JUNIPER_PPP },
-#endif
-#ifdef DLT_JUNIPER_FRELAY
- { juniper_frelay_print, DLT_JUNIPER_FRELAY },
-#endif
-#ifdef DLT_JUNIPER_CHDLC
- { juniper_chdlc_print, DLT_JUNIPER_CHDLC },
-#endif
-#ifdef DLT_MFR
- { mfr_if_print, DLT_MFR },
-#endif
{ NULL, 0 },
};
{ fddi_if_print, DLT_FDDI },
#ifdef DLT_LINUX_SLL
{ sll_if_print, DLT_LINUX_SLL },
+#endif
+#ifdef DLT_FR
+ { fr_if_print, DLT_FR },
+#endif
+#ifdef DLT_FRELAY
+ { fr_if_print, DLT_FRELAY },
+#endif
+#ifdef DLT_MFR
+ { mfr_if_print, DLT_MFR },
+#endif
+ { atm_if_print, DLT_ATM_RFC1483 },
+#ifdef DLT_SUNATM
+ { sunatm_if_print, DLT_SUNATM },
+#endif
+#ifdef DLT_ENC
+ { enc_if_print, DLT_ENC },
+#endif
+ { sl_if_print, DLT_SLIP },
+#ifdef DLT_SLIP_BSDOS
+ { sl_bsdos_if_print, DLT_SLIP_BSDOS },
+#endif
+#ifdef DLT_LTALK
+ { ltalk_if_print, DLT_LTALK },
+#endif
+#ifdef DLT_JUNIPER_ATM1
+ { juniper_atm1_print, DLT_JUNIPER_ATM1 },
+#endif
+#ifdef DLT_JUNIPER_ATM2
+ { juniper_atm2_print, DLT_JUNIPER_ATM2 },
+#endif
+#ifdef DLT_JUNIPER_MFR
+ { juniper_mfr_print, DLT_JUNIPER_MFR },
+#endif
+#ifdef DLT_JUNIPER_MLFR
+ { juniper_mlfr_print, DLT_JUNIPER_MLFR },
+#endif
+#ifdef DLT_JUNIPER_MLPPP
+ { juniper_mlppp_print, DLT_JUNIPER_MLPPP },
+#endif
+#ifdef DLT_JUNIPER_PPPOE
+ { juniper_pppoe_print, DLT_JUNIPER_PPPOE },
+#endif
+#ifdef DLT_JUNIPER_PPPOE_ATM
+ { juniper_pppoe_atm_print, DLT_JUNIPER_PPPOE_ATM },
+#endif
+#ifdef DLT_JUNIPER_GGSN
+ { juniper_ggsn_print, DLT_JUNIPER_GGSN },
+#endif
+#ifdef DLT_JUNIPER_ES
+ { juniper_es_print, DLT_JUNIPER_ES },
+#endif
+#ifdef DLT_JUNIPER_MONITOR
+ { juniper_monitor_print, DLT_JUNIPER_MONITOR },
+#endif
+#ifdef DLT_JUNIPER_SERVICES
+ { juniper_services_print, DLT_JUNIPER_SERVICES },
+#endif
+#ifdef DLT_JUNIPER_ETHER
+ { juniper_ether_print, DLT_JUNIPER_ETHER },
+#endif
+#ifdef DLT_JUNIPER_PPP
+ { juniper_ppp_print, DLT_JUNIPER_PPP },
+#endif
+#ifdef DLT_JUNIPER_FRELAY
+ { juniper_frelay_print, DLT_JUNIPER_FRELAY },
+#endif
+#ifdef DLT_JUNIPER_CHDLC
+ { juniper_chdlc_print, DLT_JUNIPER_CHDLC },
+#endif
+#ifdef DLT_PKTAP
+ { pktap_if_print, DLT_PKTAP },
+#endif
+#ifdef DLT_IEEE802_11_RADIO
+ { ieee802_11_radio_if_print, DLT_IEEE802_11_RADIO },
+#endif
+#ifdef DLT_IEEE802_11
+ { ieee802_11_if_print, DLT_IEEE802_11},
+#endif
+#ifdef DLT_IEEE802_11_RADIO_AVS
+ { ieee802_11_radio_avs_if_print, DLT_IEEE802_11_RADIO_AVS },
+#endif
+#ifdef DLT_PRISM_HEADER
+ { prism_if_print, DLT_PRISM_HEADER },
+#endif
+ { ppp_if_print, DLT_PPP },
+#ifdef DLT_PPP_WITHDIRECTION
+ { ppp_if_print, DLT_PPP_WITHDIRECTION },
+#endif
+#ifdef DLT_PPP_BSDOS
+ { ppp_bsdos_if_print, DLT_PPP_BSDOS },
+#endif
+#ifdef DLT_PPP_SERIAL
+ { ppp_hdlc_if_print, DLT_PPP_SERIAL },
#endif
{ NULL, 0 },
};
if (type == p->type)
return p->f;
+#if defined(DLT_USER2) && defined(DLT_PKTAP)
+ /*
+ * Apple incorrectly chose to use DLT_USER2 for their PKTAP
+ * header.
+ *
+ * We map DLT_PKTAP, whether it's DLT_USER2 as it is on Darwin-
+ * based OSes or the same value as LINKTYPE_PKTAP as it is on
+ * other OSes, to LINKTYPE_PKTAP, so files written with
+ * this version of libpcap for a DLT_PKTAP capture have a link-
+ * layer header type of LINKTYPE_PKTAP.
+ *
+ * However, files written on OS X Mavericks for a DLT_PKTAP
+ * capture have a link-layer header type of LINKTYPE_USER2.
+ * If we don't have a printer for DLT_USER2, and type is
+ * DLT_USER2, we look up the printer for DLT_PKTAP and use
+ * that.
+ */
+ if (type == DLT_USER2) {
+ for (p = ndo_printers; p->f; ++p)
+ if (DLT_PKTAP == p->type)
+ return p->f;
+ }
+#endif
+
return NULL;
/* NOTREACHED */
}
}
#endif /* HAVE_PCAP_FINDALLDEVS */
+/*
+ * Short options.
+ *
+ * Note that there we use all letters for short options except for g, k,
+ * o, and P, and those are used by other versions of tcpdump, and we should
+ * only use them for the same purposes that the other versions of tcpdump
+ * use them:
+ *
+ * OS X tcpdump uses -g to force non--v output for IP to be on one
+ * line, making it more "g"repable;
+ *
+ * OS X tcpdump uses -k tospecify that packet comments in pcap-ng files
+ * should be printed;
+ *
+ * OpenBSD tcpdump uses -o to indicate that OS fingerprinting should be done
+ * for hosts sending TCP SYN packets;
+ *
+ * OS X tcpdump uses -P to indicate that -w should write pcap-ng rather
+ * than pcap files.
+ */
+
/*
* Set up flags that might or might not be supported depending on the
* version of libpcap we're using.
#define Q_FLAG
#endif
+/*
+ * Long options.
+ *
+ * We do not currently have long options corresponding to all short
+ * options; we should probably pick appropriate option names for them.
+ *
+ * However, the short options where the number of times the option is
+ * specified matters, such as -v and -d and -t, should probably not
+ * just map to a long option, as saying
+ *
+ * tcpdump --verbose --verbose
+ *
+ * doesn't make sense; it should be --verbosity={N} or something such
+ * as that.
+ *
+ * For long options with no corresponding short options, we define values
+ * outside the range of ASCII graphic characters, make that the last
+ * component of the entry for the long option, and have a case for that
+ * option in the switch statement.
+ */
+#define OPTION_NUMBER 128
+#define OPTION_VERSION 129
+
+static struct option longopts[] = {
+#if defined(HAVE_PCAP_CREATE) || defined(WIN32)
+ { "buffer-size", required_argument, NULL, 'B' },
+#endif
+ { "list-interfaces", no_argument, NULL, 'D' },
+ { "help", no_argument, NULL, 'h' },
+ { "interface", required_argument, NULL, 'i' },
+#ifdef HAVE_PCAP_CREATE
+ { "monitor-mode", no_argument, NULL, 'I' },
+#endif
+#ifdef HAVE_PCAP_SET_TSTAMP_TYPE
+ { "time-stamp-type", required_argument, NULL, 'j' },
+ { "list-time-stamp-types", no_argument, NULL, 'J' },
+#endif
+ { "dont-verify-checksums", no_argument, NULL, 'K' },
+ { "list-data-link-types", no_argument, NULL, 'L' },
+ { "no-optimize", no_argument, NULL, 'O' },
+ { "no-promiscuous-mode", no_argument, NULL, 'p' },
+#ifdef HAVE_PCAP_SETDIRECTION
+ { "direction", required_argument, NULL, 'Q' },
+#endif
+ { "snapshot-length", required_argument, NULL, 's' },
+ { "absolute-tcp-sequence-numbers", no_argument, NULL, 'S' },
+#ifdef HAVE_PCAP_DUMP_FLUSH
+ { "packet-buffered", no_argument, NULL, 'U' },
+#endif
+ { "linktype", required_argument, NULL, 'y' },
+#if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG)
+ { "debug-filter-parser", no_argument, NULL, 'Y' },
+#endif
+ { "relinquish-privileges", required_argument, NULL, 'Z' },
+ { "number", no_argument, NULL, OPTION_NUMBER },
+ { "version", no_argument, NULL, OPTION_VERSION },
+ { NULL, 0, NULL, 0 }
+};
+
#ifndef WIN32
/* Drop root privileges and chroot if necessary */
static void
#endif
while (
- (op = getopt(argc, argv, "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" Q_FLAG "r:Rs:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:")) != -1)
+ (op = getopt_long(argc, argv, "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" Q_FLAG "r:Rs:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:", longopts, NULL)) != -1)
switch (op) {
case 'a':
break;
case 'h':
- usage();
+ print_usage();
+ exit(0);
break;
case 'H':
username = strdup(optarg);
break;
+ case OPTION_NUMBER:
+ gndo->ndo_packet_number = 1;
+ break;
+
+ case OPTION_VERSION:
+ print_version();
+ exit(0);
+ break;
+
default:
- usage();
+ print_usage();
+ exit(1);
/* NOTREACHED */
}
free(cmdbuf);
exit(0);
}
- init_addrtoname(localnet, netmask);
+ init_addrtoname(gndo, localnet, netmask);
init_checksum();
#ifndef WIN32
++packets_captured;
++infodelay;
- ts_print(&h->ts);
print_info = (struct print_info *)user;
ndo = print_info->ndo;
+ if(ndo->ndo_packet_number)
+ ND_PRINT((ndo, "%5u ", packets_captured));
+
+ ts_print(ndo, &h->ts);
+
/*
* Some printers want to check that they're not walking off the
* end of the packet.
/*
* Include the link-layer header.
*/
- ascii_print(sp, h->caplen);
+ ascii_print(ndo, sp, h->caplen);
} else {
/*
* Don't include the link-layer header - and if
* print nothing.
*/
if (h->caplen > hdrlen)
- ascii_print(sp + hdrlen, h->caplen - hdrlen);
+ ascii_print(ndo, sp + hdrlen, h->caplen - hdrlen);
}
}
#endif
static void
-usage(void)
+print_version(void)
{
extern char version[];
#ifndef HAVE_PCAP_LIB_VERSION
(void)fprintf(stderr, "libpcap version %s\n", pcap_version);
#endif /* WIN32 */
#endif /* HAVE_PCAP_LIB_VERSION */
+
+#if defined(HAVE_LIBCRYPTO) && defined(SSLEAY_VERSION)
+ (void)fprintf (stderr, "%s\n", SSLeay_version(SSLEAY_VERSION));
+#endif
+
+#if defined(HAVE_SMI_H)
+ (void)fprintf (stderr, "SMI-library: %s\n", smi_version_string);
+#endif
+}
+
+static void
+print_usage(void)
+{
+ print_version();
(void)fprintf(stderr,
"Usage: %s [-aAbd" D_FLAG "efhH" I_FLAG J_FLAG "KlLnNOpqRStu" U_FLAG "vxX]" B_FLAG_USAGE " [ -c count ]\n", program_name);
(void)fprintf(stderr,
"\t\t[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]\n");
(void)fprintf(stderr,
-"\t\t[ -i interface ]" j_FLAG_USAGE " [ -M secret ]\n");
+"\t\t[ -i interface ]" j_FLAG_USAGE " [ -M secret ] [ --number ]\n");
#ifdef HAVE_PCAP_SETDIRECTION
(void)fprintf(stderr,
"\t\t[ -Q in|out|inout ]\n");
#endif
(void)fprintf(stderr,
-"\t\t[ -r file ] [ -s snaplen ] [ -T type ] [ -V file ] [ -w file ]\n");
+"\t\t[ -r file ] [ -s snaplen ] [ -T type ] [ --version ] [ -V file ]\n");
(void)fprintf(stderr,
-"\t\t[ -W filecount ] [ -y datalinktype ] [ -z command ]\n");
+"\t\t[ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z command ]\n");
(void)fprintf(stderr,
"\t\t[ -Z user ] [ expression ]\n");
- exit(1);
}
projects / tcpdump / blobdiff