X-Git-Url: https://git.tcpdump.org/tcpdump/blobdiff_plain/dee93c3eabaf809d90788ebf13e56ca32b9ef8ce..464c44fbd1394ac006d8d99f16e80ead423c1c47:/tcpdump.c

diff --git a/tcpdump.c b/tcpdump.c
index f331cf8c..43fad291 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
+ * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
  *	The Regents of the University of California.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -17,14 +17,20 @@
  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ * Support for splitting captures into multiple files with a maximum
+ * file size:
+ *
+ * Copyright (c) 2001
+ *	Seth Webster <swebster@sst.ll.mit.edu>
  */
 
 #ifndef lint
 static const char copyright[] =
-    "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997\n\
+    "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
 The Regents of the University of California.  All rights reserved.\n";
 static const char rcsid[] =
-    "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.136 1999-12-13 18:06:15 mcr Exp $ (LBL)";
+    "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.179 2002-07-11 09:17:25 guy Exp $ (LBL)";
 #endif
 
 /*
@@ -50,9 +56,8 @@ static const char rcsid[] =
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#include <ctype.h>
 
-#include <netinet/in_systm.h>
-#include <netinet/ip.h>
 
 #include "interface.h"
 #include "addrtoname.h"
@@ -73,25 +78,33 @@ int Rflag = 1;			/* print sequence # field in AH/ESP*/
 int sflag = 0;			/* use the libsmi to translate OIDs */
 int Sflag;			/* print raw TCP sequence numbers */
 int tflag = 1;			/* print packet arrival time */
+int uflag = 0;			/* Print undecoded NFS handles */
 int vflag;			/* verbose */
 int xflag;			/* print packet in hex */
+int Xflag;			/* print packet in ascii as well as hex */
+off_t Cflag = 0;                /* rotate dump files after this many bytes */
+int Aflag = 0;                  /* print packet only in ascii observing LF, CR, TAB, SPACE */
 
-char *ahsecret = NULL;		/* AH secret key */
 char *espsecret = NULL;		/* ESP secret key */
 
 int packettype;
 
+int infodelay;
+int infoprint;
 
 char *program_name;
 
 int32_t thiszone;		/* seconds offset from gmt to local time */
 
-/* Externs */
-extern void bpf_dump(struct bpf_program *, int);
-
 /* Forwards */
-RETSIGTYPE cleanup(int);
-extern __dead void usage(void) __attribute__((volatile));
+static RETSIGTYPE cleanup(int);
+static void usage(void) __attribute__((noreturn));
+
+static void dump_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *);
+
+#ifdef SIGINFO
+RETSIGTYPE requestinfo(int);
+#endif
 
 /* Length of saved portion of packet. */
 int snaplen = DEFAULT_SNAPLEN;
@@ -102,13 +115,17 @@ struct printer {
 };
 
 static struct printer printers[] = {
+	{ arcnet_if_print,	DLT_ARCNET },
 	{ ether_if_print,	DLT_EN10MB },
-	{ ether_if_print,	DLT_IEEE802 },
+	{ token_if_print,	DLT_IEEE802 },
 #ifdef DLT_LANE8023
 	{ lane_if_print,        DLT_LANE8023 },
 #endif
 #ifdef DLT_CIP
 	{ cip_if_print,         DLT_CIP },
+#endif
+#ifdef DLT_ATM_CLIP
+	{ cip_if_print,         DLT_ATM_CLIP },
 #endif
 	{ sl_if_print,		DLT_SLIP },
 	{ sl_bsdos_if_print,	DLT_SLIP_BSDOS },
@@ -116,10 +133,43 @@ static struct printer printers[] = {
 	{ ppp_bsdos_if_print,	DLT_PPP_BSDOS },
 	{ fddi_if_print,	DLT_FDDI },
 	{ null_if_print,	DLT_NULL },
+#ifdef DLT_LOOP
+	{ null_if_print,	DLT_LOOP },
+#endif
 	{ raw_if_print,		DLT_RAW },
 	{ atm_if_print,		DLT_ATM_RFC1483 },
-#ifdef DLT_CHDLC
-	{ chdlc_if_print,	DLT_CHDLC },
+#ifdef DLT_C_HDLC
+	{ chdlc_if_print,	DLT_C_HDLC },
+#endif
+#ifdef DLT_HDLC
+	{ chdlc_if_print,	DLT_HDLC },
+#endif
+#ifdef DLT_PPP_SERIAL
+	{ ppp_hdlc_if_print,    DLT_PPP_SERIAL },
+#endif
+#ifdef DLT_PPP_ETHER
+	{ pppoe_if_print,	DLT_PPP_ETHER },
+#endif
+#ifdef DLT_LINUX_SLL
+	{ sll_if_print,		DLT_LINUX_SLL },
+#endif
+#ifdef DLT_IEEE802_11
+	{ ieee802_11_if_print,	DLT_IEEE802_11},
+#endif
+#ifdef DLT_LTALK
+	{ ltalk_if_print,	DLT_LTALK },
+#endif
+#ifdef DLT_PFLOG
+	{ pflog_if_print, 	DLT_PFLOG },
+#endif
+#ifdef DLT_FR
+	{ fr_if_print,		DLT_FR },
+#endif
+#ifdef DLT_FRELAY
+	{ fr_if_print,		DLT_FRELAY },
+#endif
+#ifdef DLT_SUNATM
+	{ sunatm_if_print,	DLT_SUNATM },
 #endif
 	{ NULL,			0 },
 };
@@ -133,7 +183,7 @@ lookup_printer(int type)
 		if (type == p->type)
 			return p->f;
 
-	error("unknown data link type 0x%x", type);
+	error("unknown data link type %d", type);
 	/* NOTREACHED */
 }
 
@@ -143,6 +193,12 @@ extern int optind;
 extern int opterr;
 extern char *optarg;
 
+struct dump_info {
+	char	*WFileName;
+	pcap_t	*pd;
+	pcap_dumper_t *p;
+};
+
 int
 main(int argc, char **argv)
 {
@@ -152,6 +208,7 @@ main(int argc, char **argv)
 	pcap_handler printer;
 	struct bpf_program fcode;
 	RETSIGTYPE (*oldhandler)(int);
+	struct dump_info dumpinfo;
 	u_char *pcap_userdata;
 	char ebuf[PCAP_ERRBUF_SIZE];
 
@@ -165,30 +222,27 @@ main(int argc, char **argv)
 	else
 		program_name = argv[0];
 
-	if (abort_on_misalignment(ebuf) < 0)
+	if (abort_on_misalignment(ebuf, sizeof(ebuf)) < 0)
 		error("%s", ebuf);
 
 #ifdef LIBSMI
 	smiInit("tcpdump");
 #endif
-	
+
 	opterr = 0;
 	while (
-	    (op = getopt(argc, argv, "ac:deE:fF:i:lnNm:Opqr:Rs:StT:vw:xY")) != EOF)
+	    (op = getopt(argc, argv, "aAc:C:deE:fF:i:lm:nNOpqr:Rs:StT:uvw:xXY")) != -1)
 		switch (op) {
 
 		case 'a':
 			++aflag;
 			break;
 
-#if 0
-		case 'A':
-#ifndef CRYPTO
-			warning("crypto code not compiled in");
-#endif
-			ahsecret = optarg;
-			break;
-#endif
+               case 'A':
+                       ++xflag;
+                       ++Xflag;
+                       ++Aflag;
+                       break;
 
 		case 'c':
 			cnt = atoi(optarg);
@@ -196,6 +250,12 @@ main(int argc, char **argv)
 				error("invalid packet count %s", optarg);
 			break;
 
+		case 'C':
+			Cflag = atoi(optarg) * 1000000;
+			if (Cflag < 0)
+				error("invalid file size %s", optarg);
+			break;
+
 		case 'd':
 			++dflag;
 			break;
@@ -205,7 +265,7 @@ main(int argc, char **argv)
 			break;
 
 		case 'E':
-#ifndef CRYPTO
+#ifndef HAVE_LIBCRYPTO
 			warning("crypto code not compiled in");
 #endif
 			espsecret = optarg;
@@ -250,7 +310,7 @@ main(int argc, char **argv)
 				      program_name, optarg);
 			(void)fprintf(stderr, "(no libsmi support)\n");
 #endif
-			
+
 		case 'O':
 			Oflag = 0;
 			break;
@@ -271,11 +331,17 @@ main(int argc, char **argv)
 			Rflag = 0;
 			break;
 
-		case 's':
-			snaplen = atoi(optarg);
-			if (snaplen <= 0)
+		case 's': {
+			char *end;
+
+			snaplen = strtol(optarg, &end, 0);
+			if (optarg == end || *end != '\0'
+			    || snaplen < 0 || snaplen > 65535)
 				error("invalid snaplen %s", optarg);
+			else if (snaplen == 0)
+				snaplen = 65535;
 			break;
+		}
 
 		case 'S':
 			++Sflag;
@@ -298,10 +364,16 @@ main(int argc, char **argv)
 				packettype = PT_RTCP;
 			else if (strcasecmp(optarg, "snmp") == 0)
 				packettype = PT_SNMP;
+			else if (strcasecmp(optarg, "cnfp") == 0)
+				packettype = PT_CNFP;
 			else
 				error("unknown packet type `%s'", optarg);
 			break;
 
+		case 'u':
+			++uflag;
+			break;
+
 		case 'v':
 			++vflag;
 			break;
@@ -309,6 +381,16 @@ main(int argc, char **argv)
 		case 'w':
 			WFileName = optarg;
 			break;
+
+		case 'x':
+			++xflag;
+			break;
+
+		case 'X':
+		        ++xflag;
+			++Xflag;
+			break;
+
 #ifdef YYDEBUG
 		case 'Y':
 			{
@@ -318,10 +400,6 @@ main(int argc, char **argv)
 			}
 			break;
 #endif
-		case 'x':
-			++xflag;
-			break;
-
 		default:
 			usage();
 			/* NOTREACHED */
@@ -354,9 +432,12 @@ main(int argc, char **argv)
 			if (device == NULL)
 				error("%s", ebuf);
 		}
+		*ebuf = '\0';
 		pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf);
 		if (pd == NULL)
 			error("%s", ebuf);
+		else if (*ebuf)
+			warning("%s", ebuf);
 		i = pcap_snapshot(pd);
 		if (snaplen < i) {
 			warning("snaplen raised from %d to %d", snaplen, i);
@@ -397,11 +478,22 @@ main(int argc, char **argv)
 		pcap_dumper_t *p = pcap_dump_open(pd, WFileName);
 		if (p == NULL)
 			error("%s", pcap_geterr(pd));
-		printer = pcap_dump;
-		pcap_userdata = (u_char *)p;
+		if (Cflag != 0) {
+			printer = dump_and_trunc;
+			dumpinfo.WFileName = WFileName;
+			dumpinfo.pd = pd;
+			dumpinfo.p = p;
+			pcap_userdata = (u_char *)&dumpinfo;
+		} else {
+			printer = pcap_dump;
+			pcap_userdata = (u_char *)p;
+		}
 	} else {
 		printer = lookup_printer(pcap_datalink(pd));
 		pcap_userdata = 0;
+#ifdef SIGINFO
+		(void)setsignal(SIGINFO, requestinfo);
+#endif
 	}
 	if (RFileName == NULL) {
 		(void)fprintf(stderr, "%s: listening on %s\n",
@@ -411,93 +503,155 @@ main(int argc, char **argv)
 	if (pcap_loop(pd, cnt, printer, pcap_userdata) < 0) {
 		(void)fprintf(stderr, "%s: pcap_loop: %s\n",
 		    program_name, pcap_geterr(pd));
+		cleanup(0);
+		pcap_close(pd);
 		exit(1);
 	}
+	if (RFileName == NULL)
+		info(1);
 	pcap_close(pd);
 	exit(0);
 }
 
 /* make a clean exit on interrupts */
-RETSIGTYPE
+static RETSIGTYPE
 cleanup(int signo)
 {
-	struct pcap_stat stat;
 
 	/* Can't print the summary if reading from a savefile */
 	if (pd != NULL && pcap_file(pd) == NULL) {
 		(void)fflush(stdout);
 		putc('\n', stderr);
-		if (pcap_stats(pd, &stat) < 0)
-			(void)fprintf(stderr, "pcap_stats: %s\n",
-			    pcap_geterr(pd));
-		else {
-			(void)fprintf(stderr, "%d packets received by filter\n",
-			    stat.ps_recv);
-			(void)fprintf(stderr, "%d packets dropped by kernel\n",
-			    stat.ps_drop);
-		}
+		info(1);
 	}
-	exit(0);
+	if (signo)
+		exit(0);
+}
+
+void
+info(register int verbose)
+{
+	struct pcap_stat stat;
+
+	if (pcap_stats(pd, &stat) < 0) {
+		(void)fprintf(stderr, "pcap_stats: %s\n", pcap_geterr(pd));
+		return;
+	}
+	if (!verbose)
+		fprintf(stderr, "%s: ", program_name);
+	(void)fprintf(stderr, "%d packets received by filter", stat.ps_recv);
+	if (!verbose)
+		fputs(", ", stderr);
+	else
+		putc('\n', stderr);
+	(void)fprintf(stderr, "%d packets dropped by kernel\n", stat.ps_drop);
+	infoprint = 0;
+}
+
+static void
+reverse(char *s)
+{
+	int i, j, c;
+
+	for (i = 0, j = strlen(s) - 1; i < j; i++, j--) {
+		c = s[i];
+		s[i] = s[j];
+		s[j] = c;
+	}
+}
+
+
+static void
+swebitoa(unsigned int n, char *s)
+{
+	unsigned int i;
+
+	i = 0;
+	do {
+		s[i++] = n % 10 + '0';
+	} while ((n /= 10) > 0);
+
+	s[i] = '\0';
+	reverse(s);
+}
+
+static void
+dump_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
+{
+	struct dump_info *info;
+	static uint cnt = 2;
+	char *name;
+
+	info = (struct dump_info *)user;
+
+	/*
+	 * XXX - this won't prevent capture files from getting
+	 * larger than Cflag - the last packet written to the
+	 * file could put it over Cflag.
+	 */
+	if (ftell((FILE *)info->p) > Cflag) {
+		name = (char *) malloc(strlen(info->WFileName) + 4);
+		if (name == NULL)
+			error("dump_and_trunc: malloc");
+		strcpy(name, info->WFileName);
+		swebitoa(cnt, name + strlen(info->WFileName));
+		cnt++;
+		pcap_dump_close(info->p);
+		info->p = pcap_dump_open(info->pd, name);
+		free(name);
+		if (info->p == NULL)
+			error("%s", pcap_geterr(pd));
+	}
+
+	pcap_dump((u_char *)info->p, h, sp);
 }
 
 /* Like default_print() but data need not be aligned */
 void
 default_print_unaligned(register const u_char *cp, register u_int length)
 {
-  register u_int i, s;
-  register int nshorts;
-
-  char line[81];
-  
-  nshorts = (u_int) length / sizeof(u_short);
-  i = 0;
-  memset(line, ' ', 80);
-  line[81]='\0';
-
-  putchar('\n');
-  while (nshorts >= 0) {
-    
-    sprintf(line+20+i*5, "%02x%02x  ", cp[0], cp[1]);
-
-    if(isprint(cp[0])) {
-      line[62+i*2]=cp[0];
-    } else {
-      line[62+i*2]='.';
-    }
-    if(isprint(cp[1])) {
-      line[62+i*2+1]=cp[1];
-    } else {
-      line[62+i*2+1]='.';
-    }
-    i++;
-    if (i == 8) {
-      line[60]=' ';
-      line[61]=' ';
-      line[62+16]='\0';
-      puts(line);
-      i=0;
-    }
-    cp += 2;
-    nshorts--;
-  }
+	register u_int i, s;
+	register int nshorts;
+
+	if (Xflag) {
+		ascii_print(cp, length);
+		return;
+	}
+	nshorts = (u_int) length / sizeof(u_short);
+	i = 0;
+	while (--nshorts >= 0) {
+		if ((i++ % 8) == 0)
+			(void)printf("\n\t\t\t");
+		s = *cp++;
+		(void)printf(" %02x%02x", s, *cp++);
+	}
+	if (length & 1) {
+		if ((i % 8) == 0)
+			(void)printf("\n\t\t\t");
+		(void)printf(" %02x", *cp);
+	}
 }
 
 /*
  * By default, print the packet out in hex.
- *
- * (BTW, please don't send us patches to print the packet out in ascii)
  */
 void
 default_print(register const u_char *bp, register u_int length)
 {
-	register const u_short *sp;
-	register u_int i;
-	register int nshorts;
-
 	default_print_unaligned(bp, length);
 }
 
-__dead void
+#ifdef SIGINFO
+RETSIGTYPE requestinfo(int signo)
+{
+	if (infodelay)
+		++infoprint;
+	else
+		info(0);
+}
+#endif
+
+static void
 usage(void)
 {
 	extern char version[];
@@ -506,10 +660,10 @@ usage(void)
 	(void)fprintf(stderr, "%s version %s\n", program_name, version);
 	(void)fprintf(stderr, "libpcap version %s\n", pcap_version);
 	(void)fprintf(stderr,
-"Usage: %s [-adeflnNOpqStvx] [-c count] [ -F file ]\n", program_name);
+"Usage: %s [-aAdeflnNOpqRStuvxX] [ -c count ] [ -C file_size ]\n", program_name);
 	(void)fprintf(stderr,
-"\t\t[ -i interface ] [ -r file ] [ -s snaplen ]\n");
+"\t\t[ -F file ] [ -i interface ] [ -r file ] [ -s snaplen ]\n");
 	(void)fprintf(stderr,
-"\t\t[ -T type ] [ -w file ] [ expression ]\n");
-	exit(-1);
+"\t\t[ -T type ] [ -w file ] [ -E algo:secret ] [ expression ]\n");
+	exit(1);
 }