This lets us remove a bunch of configure-time and compile-time tests.
Update documentation to reflect this.
WinPcap 4.1.3 is based on libpcap 1.0, but doesn't export all of the new
APIs, so it won't work with code that uses any of the other APIs, which
tcpdump does, so don't test with WinPcap.
fast_finish: true
install:
- - appveyor DownloadFile https://www.winpcap.org/install/bin/WpdPack_4_1_2.zip
- - 7z x .\WpdPack_4_1_2.zip -oc:\projects\libpcap\Win32
- appveyor DownloadFile https://npcap.com/dist/npcap-sdk-1.12.zip
- 7z x .\npcap-sdk-1.12.zip -oc:\projects\libpcap\Win32\npcap-sdk-1.12
environment:
matrix:
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
- GENERATOR: "Visual Studio 14 2015"
- SDK: WpdPack
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
- GENERATOR: "Visual Studio 14 2015 Win64"
- SDK: WpdPack
- APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
GENERATOR: "Visual Studio 14 2015"
SDK: npcap-sdk-1.12
- APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2015
GENERATOR: "Visual Studio 14 2015 Win64"
SDK: npcap-sdk-1.12
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
- GENERATOR: "Visual Studio 15 2017"
- SDK: WpdPack
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
- GENERATOR: "Visual Studio 15 2017 Win64"
- SDK: WpdPack
- APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
GENERATOR: "Visual Studio 15 2017"
SDK: npcap-sdk-1.12
- APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017
GENERATOR: "Visual Studio 15 2017 Win64"
SDK: npcap-sdk-1.12
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019
- GENERATOR: "Visual Studio 16 2019"
- PLATFORM: Win32
- SDK: WpdPack
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019
- GENERATOR: "Visual Studio 16 2019"
- PLATFORM: x64
- SDK: WpdPack
- APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019
GENERATOR: "Visual Studio 16 2019"
PLATFORM: Win32
GENERATOR: "Visual Studio 16 2019"
PLATFORM: x64
SDK: npcap-sdk-1.12
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2022
- GENERATOR: "Visual Studio 17 2022"
- PLATFORM: Win32
- SDK: WpdPack
- - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2022
- GENERATOR: "Visual Studio 17 2022"
- PLATFORM: x64
- SDK: WpdPack
- APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2022
GENERATOR: "Visual Studio 17 2022"
PLATFORM: Win32
Add --print-sampling to print every Nth packet instead of all.
Add --lengths option to print the captured and original packet lengths.
Source code:
+ Drop support for building with versions of libpcap that don't
+ support all the libpcap 1.0 APIs.
Use %zu when printing a sizeof to squelch compiler warnings
Remove unused missing/snprintf.c.
Remove unused missing/strdup.c.
#
check_include_file(pcap/pcap-inttypes.h HAVE_PCAP_PCAP_INTTYPES_H)
-#
-# At compile time HAVE_PCAP_FINDALLDEVS depends on HAVE_PCAP_IF_T.
-#
-cmake_push_check_state()
-set(CMAKE_EXTRA_INCLUDE_FILES pcap.h)
-check_type_size(pcap_if_t PCAP_IF_T)
-cmake_pop_check_state()
-
#
# Check for various functions in libpcap/WinPcap/Npcap.
#
set(CMAKE_REQUIRED_LIBRARIES ${PCAP_LIBRARIES})
#
-# Check for "pcap_list_datalinks()" and use a substitute version if
-# it's not present. If it is present, check for "pcap_free_datalinks()";
-# if it's not present, we don't replace it for now. (We could do so
-# on UN*X, but not on Windows, where hilarity ensues if a program
-# built with one version of the MSVC support library tries to free
-# something allocated by a library built with another version of
-# the MSVC support library.)
-#
-check_function_exists(pcap_list_datalinks HAVE_PCAP_LIST_DATALINKS)
-if(HAVE_PCAP_LIST_DATALINKS)
- check_function_exists(pcap_free_datalinks HAVE_PCAP_FREE_DATALINKS)
-endif(HAVE_PCAP_LIST_DATALINKS)
-
+# Do we have the new open API? Check for pcap_create() and for
+# pcap_statustostr(), and assume that, if we have both of them,
+# we also have pcap_activate() and the other new routines
+# introduced in libpcap 1.0.
#
-# Check for "pcap_datalink_name_to_val()", and use a substitute
-# version if it's not present. If it is present, check for
-# "pcap_datalink_val_to_description()", and if we don't have it,
-# use a substitute version.
+# We require those routines, so fail if we don't find it.
#
-check_function_exists(pcap_datalink_name_to_val HAVE_PCAP_DATALINK_NAME_TO_VAL)
-if(HAVE_PCAP_DATALINK_NAME_TO_VAL)
- check_function_exists(pcap_datalink_val_to_description HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION)
-endif(HAVE_PCAP_DATALINK_NAME_TO_VAL)
+check_function_exists(pcap_create HAVE_PCAP_CREATE)
+if(NOT HAVE_PCAP_CREATE)
+ if(WIN32)
+ MESSAGE(FATAL_ERROR "libpcap is too old; 1.0 or later is required")
+ else(WIN32)
+ MESSAGE(FATAL_ERROR "libpcap is too old; 1.0 or later is required - if you're using WinPcap, try Npcap")
+ endif(WIN32)
+endif(NOT HAVE_PCAP_CREATE)
-#
-# Check for "pcap_set_datalink()"; you can't substitute for it if
-# it's absent (it has hooks into libpcap), so just define the
-# HAVE_ value if it's there.
-#
-check_function_exists(pcap_set_datalink HAVE_PCAP_SET_DATALINK)
+if(WIN32)
+ #
+ # We check for pcap_statustostr() as well, because WinPcap 4.1.3
+ # screwed up and exported pcap_create() but not other routines
+ # such as pcap_statustostr(), even though it defined them and
+ # even though you really want pcap_statustostr() to get strings
+ # corresponding to some of the status returns from the new routines.)
+ #
+ check_function_exists(pcap_statustostr HAVE_PCAP_STATUSTOSTR)
+ if(NOT HAVE_PCAP_STATUSTOSTR)
+ MESSAGE(FATAL_ERROR "pcap_create is available, but pcap_statustostr isn't - if you're using WinPcap, try Npcap ")
+ endif(NOT HAVE_PCAP_STATUSTOSTR)
+endif(WIN32)
#
-# Check for "pcap_breakloop()"; you can't substitute for it if
-# it's absent (it has hooks into the live capture routines),
-# so just define the HAVE_ value if it's there.
+# OK, do we have pcap_set_tstamp_type? If so, assume we have
+# pcap_list_tstamp_types and pcap_free_tstamp_types as well.
#
-check_function_exists(pcap_breakloop HAVE_PCAP_BREAKLOOP)
+check_function_exists(pcap_set_tstamp_type HAVE_PCAP_SET_TSTAMP_TYPE)
#
-# Check for "pcap_dump_ftell()"; we use a substitute version
-# if it's not present.
+# And do we have pcap_set_tstamp_precision? If so, we assume
+# we also have pcap_open_offline_with_tstamp_precision.
#
-check_function_exists(pcap_dump_ftell HAVE_PCAP_DUMP_FTELL)
-
-#
-# Do we have the new open API? Check for pcap_create() and for
-# pcap_statustostr(), and assume that, if we have both of them,
-# we also have pcap_activate() and the other new routines
-# introduced in libpcap 1.0.0. (We check for pcap_statustostr()
-# as well, because WinPcap 4.1.3 screwed up and exported pcap_create()
-# but not other routines such as pcap_statustostr(), even though it
-# defined them and even though you really want pcap_statustostr() to
-# get strings corresponding to some of the status returns from the
-# new routines.)
-#
-check_function_exists(pcap_statustostr HAVE_PCAP_STATUSTOSTR)
-#
-# If we don't have pcap_statustostr(), don't check for pcap_create(),
-# so we pretend we don't have it.
-#
-if(HAVE_PCAP_STATUSTOSTR)
- check_function_exists(pcap_create HAVE_PCAP_CREATE)
-endif(HAVE_PCAP_STATUSTOSTR)
-if(HAVE_PCAP_CREATE)
- #
- # OK, do we have pcap_set_tstamp_type? If so, assume we have
- # pcap_list_tstamp_types and pcap_free_tstamp_types as well.
- #
- check_function_exists(pcap_set_tstamp_type HAVE_PCAP_SET_TSTAMP_TYPE)
-
- #
- # And do we have pcap_set_tstamp_precision? If so, we assume
- # we also have pcap_open_offline_with_tstamp_precision.
- #
- check_function_exists(pcap_set_tstamp_precision HAVE_PCAP_SET_TSTAMP_PRECISION)
-endif(HAVE_PCAP_CREATE)
+check_function_exists(pcap_set_tstamp_precision HAVE_PCAP_SET_TSTAMP_PRECISION)
#
# Check for a miscellaneous collection of functions which we use
# if we have them.
#
-check_function_exists(pcap_findalldevs HAVE_PCAP_FINDALLDEVS)
-check_function_exists(pcap_dump_flush HAVE_PCAP_DUMP_FLUSH)
-check_function_exists(pcap_lib_version HAVE_PCAP_LIB_VERSION)
-if(NOT HAVE_PCAP_LIB_VERSION)
- # Check for the pcap_version string variable and set HAVE_PCAP_VERSION
-endif(NOT HAVE_PCAP_LIB_VERSION)
-check_function_exists(pcap_setdirection HAVE_PCAP_SETDIRECTION)
check_function_exists(pcap_set_immediate_mode HAVE_PCAP_SET_IMMEDIATE_MODE)
check_function_exists(pcap_dump_ftell64 HAVE_PCAP_DUMP_FTELL64)
check_function_exists(pcap_open HAVE_PCAP_OPEN)
-check_function_exists(pcap_findalldevs_ex HAVE_PCAP_FINDALLDEVS_EX)
#
# On Windows, check for pcap_wsockinit(); if we don't have it, check for
endif(NOT HAVE_PCAP_SET_PARSER_DEBUG)
check_function_exists(pcap_set_optimizer_debug HAVE_PCAP_SET_OPTIMIZER_DEBUG)
+
+#
+# bpf_dump() moved from tcpdump to libpcap in libpcap 0.6, but not all
+# versions of libpcap didn't pick that change up; the OpenBSD libpcap
+# picked up most of the new APIs from versions up to 1.0, but didn't
+# pick up bpf_dump(), so we need to provide it if it's absent.
+#
check_function_exists(bpf_dump HAVE_BPF_DUMP)
cmake_pop_check_state()
if(NOT HAVE_BPF_DUMP)
set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} bpf_dump.c)
endif(NOT HAVE_BPF_DUMP)
-if(NOT HAVE_PCAP_DUMP_FTELL)
- set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} missing/pcap_dump_ftell.c)
-endif(NOT HAVE_PCAP_DUMP_FTELL)
-
-if(NOT HAVE_PCAP_LIST_DATALINKS)
- set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} missing/datalinks.c)
-endif(NOT HAVE_PCAP_LIST_DATALINKS)
-
-if((NOT HAVE_PCAP_DATALINK_NAME_TO_VAL) OR (NOT HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION))
- set(TCPDUMP_SOURCE_LIST_C ${TCPDUMP_SOURCE_LIST_C} missing/dlnames.c)
-endif((NOT HAVE_PCAP_DATALINK_NAME_TO_VAL) OR (NOT HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION))
set(PROJECT_SOURCE_LIST_C ${NETDISSECT_SOURCE_LIST_C} ${TCPDUMP_SOURCE_LIST_C})
# tcpdump installation notes
-If you have not built libpcap, and your system does not have libpcap
-installed, install libpcap first. Your system might provide a version
-of libpcap that can be installed; if so, to compile tcpdump you might
-need to install a "developer" version of libpcap as well as the
-"run-time" version. You can also install The Tcpdump Group version of
-libpcap; see [this file](README.md) for the location.
-
-You will need a C99 compiler to build tcpdump. The build system
-will abort if your compiler is not C99 compliant. If this happens, use
-the generally available GNU C compiler (GCC) or Clang.
-
-After libpcap has been built (either install it with `make install` or
-make sure both the libpcap and tcpdump source trees are in the same
-directory), do the following steps:
+
+## Installing libpcap
+
+Tcpdump requires libpcap.
+
+### On UN*Xes
+
+Your system might provide a version of libpcap that can be installed, or
+that is installed by default; if so, to compile tcpdump you might need
+to install a "developer" version of libpcap as well as the "run-time"
+version, even if the "run-time" version has already been installed.
+
+If your system does not provide libpcap, or provides a version that does
+not support all of the libpcap 1.0 APIs, you will need to download the
+source for The Tcpdump Group version of libpcap; see [this
+file](README.md) for the location, and build and install that version.
+Either install libpcap with `make install` or make sure both the libpcap
+and tcpdump source trees are in the same directory.
+
+### On Windows
+
+You will need to install both Npcap and the Npcap SDK; see [this
+file](README.windows.md) for information on that.
+
+## Building tcpdump
+
+You will need a C99 compiler to build tcpdump and, if necessary, to
+build libpcap. The build system will abort if your compiler is not C99
+compliant. If this happens, use the generally available GNU C compiler
+(GCC) or Clang.
+
+Once you have a version of libpcap with which you can build tcpdump, do
+the following steps:
* If you build from a git clone rather than from a release archive,
run `./autogen.sh` (a shell script). The autogen.sh script will
install-sh \
instrument-functions.c \
makemib \
- missing/datalinks.c \
- missing/dlnames.c \
missing/getopt_long.c \
missing/getopt_long.h \
missing/getservent.c \
- missing/pcap_dump_ftell.c \
missing/strlcat.c \
missing/strlcpy.c \
missing/strsep.c \
$(AR) cr $@ $(LIBNETDISSECT_OBJ)
$(RANLIB) $@
-datalinks.o: $(srcdir)/missing/datalinks.c
- $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/datalinks.c
-dlnames.o: $(srcdir)/missing/dlnames.c
- $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/dlnames.c
getservent.o: $(srcdir)/missing/getservent.c
$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/getservent.c
getopt_long.o: $(srcdir)/missing/getopt_long.c
$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strlcpy.c
strsep.o: $(srcdir)/missing/strsep.c
$(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/strsep.c
-pcap_dump_ftell.o: $(srcdir)/missing/pcap_dump_ftell.c
- $(CC) $(FULL_CFLAGS) -o $@ -c $(srcdir)/missing/pcap_dump_ftell.c
install: all
[ -d $(DESTDIR)$(bindir) ] || \
### Dependency on libpcap
tcpdump uses libpcap, a system-independent interface for user-level
-packet capture. Before building tcpdump, you must first retrieve and
-build libpcap.
+packet capture. If your operating system does not provide libpcap, or
+if it provides a libpcap that does not support the APIs from libpcap 1.0
+or later, you must first retrieve and build libpcap before building
+tcpdump,
Once libpcap is built (either install it or make sure it's in
`../libpcap`), you can build tcpdump using the procedure in the
run_after_echo "$MAKE_BIN" install
print_so_deps "$TCPDUMP_BIN"
run_after_echo "$TCPDUMP_BIN" -h
-# The "-D" flag depends on HAVE_PCAP_FINDALLDEVS and it would not be difficult
-# to run the command below only if the macro is defined. That said, it seems
-# more useful to run it anyway: every system that currently runs this script
-# has pcap_findalldevs(), thus if the macro isn't defined, it means something
-# went wrong in the build process (as was observed with GCC, CMake and the
-# system libpcap on Solaris 11).
run_after_echo "$TCPDUMP_BIN" -D
if [ "$CIRRUS_CI" = true ]; then
# Likewise for the "-J" flag and HAVE_PCAP_SET_TSTAMP_TYPE.
/* if there's an os-proto.h for this platform, to use additional prototypes */
#cmakedefine HAVE_OS_PROTO_H 1
-/* Define to 1 if you have the `pcap_breakloop' function. */
-#cmakedefine HAVE_PCAP_BREAKLOOP 1
-
-/* Define to 1 if you have the `pcap_create' function. */
-#cmakedefine HAVE_PCAP_CREATE 1
-
-/* define if libpcap has pcap_datalink_name_to_val() */
-#cmakedefine HAVE_PCAP_DATALINK_NAME_TO_VAL 1
-
-/* define if libpcap has pcap_datalink_val_to_description() */
-#cmakedefine HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION 1
-
/* define if libpcap has pcap_debug */
#cmakedefine HAVE_PCAP_DEBUG 1
-/* Define to 1 if you have the `pcap_dump_flush' function. */
-#cmakedefine HAVE_PCAP_DUMP_FLUSH 1
-
-/* Define to 1 if you have the `pcap_dump_ftell' function. */
-#cmakedefine HAVE_PCAP_DUMP_FTELL 1
-
/* Define to 1 if you have the `pcap_dump_ftell64' function. */
#cmakedefine HAVE_PCAP_DUMP_FTELL64 1
-/* Define to 1 if you have the `pcap_findalldevs' function. */
-#cmakedefine HAVE_PCAP_FINDALLDEVS 1
-
/* Define to 1 if you have the `pcap_findalldevs_ex' function. */
#cmakedefine HAVE_PCAP_FINDALLDEVS_EX 1
-/* Define to 1 if you have the `pcap_free_datalinks' function. */
-#cmakedefine HAVE_PCAP_FREE_DATALINKS 1
-
-/* Define to 1 if the system has the type `pcap_if_t'. */
-#cmakedefine HAVE_PCAP_IF_T 1
-
-/* Define to 1 if you have the `pcap_lib_version' function. */
-#cmakedefine HAVE_PCAP_LIB_VERSION 1
-
-/* define if libpcap has pcap_list_datalinks() */
-#cmakedefine HAVE_PCAP_LIST_DATALINKS 1
-
/* Define to 1 if you have the `pcap_open' function. */
#cmakedefine HAVE_PCAP_OPEN 1
/* Define to 1 if you have the <pcap/pcap-inttypes.h> header file. */
#cmakedefine HAVE_PCAP_PCAP_INTTYPES_H 1
-/* Define to 1 if you have the `pcap_setdirection' function. */
-#cmakedefine HAVE_PCAP_SETDIRECTION 1
-
-/* Define to 1 if you have the `pcap_set_datalink' function. */
-#cmakedefine HAVE_PCAP_SET_DATALINK 1
-
/* Define to 1 if you have the `pcap_set_immediate_mode' function. */
#cmakedefine HAVE_PCAP_SET_IMMEDIATE_MODE 1
/* Define to 1 if you have the `pcap_set_tstamp_type' function. */
#cmakedefine HAVE_PCAP_SET_TSTAMP_TYPE 1
-/* define if libpcap has pcap_version */
-#cmakedefine HAVE_PCAP_VERSION 1
-
/* Define to 1 if you have the `pcap_wsockinit' function. */
#cmakedefine HAVE_PCAP_WSOCKINIT 1
fi
fi
-dnl
-dnl Check for "pcap_list_datalinks()" and use a substitute version if
-dnl it's not present. If it is present, check for "pcap_free_datalinks()";
-dnl if it's not present, we don't replace it for now. (We could do so
-dnl on UN*X, but not on Windows, where hilarity ensues if a program
-dnl built with one version of the MSVC support library tries to free
-dnl something allocated by a library built with another version of
-dnl the MSVC support library.)
-dnl
-AC_CHECK_FUNC(pcap_list_datalinks,
- [
- AC_DEFINE(HAVE_PCAP_LIST_DATALINKS, 1,
- [define if libpcap has pcap_list_datalinks()])
- AC_CHECK_FUNCS(pcap_free_datalinks)
- ],
- [
- AC_LIBOBJ(datalinks)
- ])
-
-dnl
-dnl Check for "pcap_datalink_name_to_val()", and use a substitute
-dnl version if it's not present. If it is present, check for
-dnl "pcap_datalink_val_to_description()", and if we don't have it,
-dnl use a substitute version.
-dnl
-AC_CHECK_FUNC(pcap_datalink_name_to_val,
- [
- AC_DEFINE(HAVE_PCAP_DATALINK_NAME_TO_VAL, 1,
- [define if libpcap has pcap_datalink_name_to_val()])
- AC_CHECK_FUNC(pcap_datalink_val_to_description,
- AC_DEFINE(HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION, 1,
- [define if libpcap has pcap_datalink_val_to_description()]),
- [
- AC_LIBOBJ(dlnames)
- ])
- ],
- [
- AC_LIBOBJ(dlnames)
- ])
-
-dnl
-dnl Check for "pcap_set_datalink()"; you can't substitute for it if
-dnl it's absent (it has hooks into libpcap), so just define the
-dnl HAVE_ value if it's there.
-dnl
-AC_CHECK_FUNCS(pcap_set_datalink)
-
-dnl
-dnl Check for "pcap_breakloop()"; you can't substitute for it if
-dnl it's absent (it has hooks into the live capture routines),
-dnl so just define the HAVE_ value if it's there.
-dnl
-AC_CHECK_FUNCS(pcap_breakloop)
-
#
# Do we have the new open API? Check for pcap_create, and assume that,
# if we do, we also have pcap_activate() and the other new routines
-# introduced in libpcap 1.0.0.
+# introduced in libpcap 1.0.
#
-AC_CHECK_FUNCS(pcap_create)
-if test $ac_cv_func_pcap_create = "yes" ; then
- #
- # OK, do we have pcap_set_tstamp_type? If so, assume we have
- # pcap_list_tstamp_types and pcap_free_tstamp_types as well.
- #
- AC_CHECK_FUNCS(pcap_set_tstamp_type)
- #
- # And do we have pcap_set_tstamp_precision? If so, we assume
- # we also have pcap_open_offline_with_tstamp_precision.
- #
- AC_CHECK_FUNCS(pcap_set_tstamp_precision)
-fi
+# We require those routines, so fail if we don't find it.
+#
+AC_CHECK_FUNC(pcap_create,,
+ [AC_MSG_ERROR([libpcap is too old; 1.0 or later is required])])
+
+#
+# OK, do we have pcap_set_tstamp_type? If so, assume we have
+# pcap_list_tstamp_types and pcap_free_tstamp_types as well.
+#
+AC_CHECK_FUNCS(pcap_set_tstamp_type)
+#
+# And do we have pcap_set_tstamp_precision? If so, we assume
+# we also have pcap_open_offline_with_tstamp_precision.
+#
+AC_CHECK_FUNCS(pcap_set_tstamp_precision)
#
# Check for a miscellaneous collection of functions which we use
# if we have them.
#
-AC_CHECK_FUNCS(pcap_findalldevs)
-AC_CHECK_FUNCS(pcap_dump_flush pcap_lib_version)
-if test $ac_cv_func_pcap_lib_version = "no" ; then
- AC_MSG_CHECKING(whether pcap_version is defined by libpcap)
- AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[
- extern char pcap_version[];
-
- return (int)pcap_version;
- ]])
- ],
- [ac_lbl_cv_pcap_version_defined=yes],
- [ac_lbl_cv_pcap_version_defined=no])
- if test "$ac_lbl_cv_pcap_version_defined" = yes ; then
- AC_MSG_RESULT(yes)
- AC_DEFINE(HAVE_PCAP_VERSION, 1, [define if libpcap has pcap_version])
- else
- AC_MSG_RESULT(no)
- fi
-fi
-AC_CHECK_FUNCS(pcap_setdirection pcap_set_immediate_mode pcap_dump_ftell64)
+AC_CHECK_FUNCS(pcap_set_immediate_mode pcap_dump_ftell64)
AC_CHECK_FUNCS(pcap_open pcap_findalldevs_ex)
-AC_REPLACE_FUNCS(pcap_dump_ftell)
#
# Check for special debugging functions
fi
fi
AC_CHECK_FUNCS(pcap_set_optimizer_debug)
+
+#
+# bpf_dump() moved from tcpdump to libpcap in libpcap 0.6, but not all
+# versions of libpcap didn't pick that change up; the OpenBSD libpcap
+# picked up most of the new APIs from versions up to 1.0, but didn't
+# pick up bpf_dump(), so we need to provide it if it's absent.
+#
AC_REPLACE_FUNCS(bpf_dump) dnl moved to libpcap in 0.6
#
#
AC_CHECK_HEADERS(pcap/pcap-inttypes.h)
-#
-# At compile time HAVE_PCAP_FINDALLDEVS depends on HAVE_PCAP_IF_T.
-#
-AC_CHECK_TYPES(pcap_if_t, , , [#include <pcap.h>])
-
CPPFLAGS="$savedcppflags"
#
+++ /dev/null
-/*
- * Copyright (c) 1993, 1994, 1995, 1996, 1997, 1998
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the Computer Systems
- * Engineering Group at Lawrence Berkeley Laboratory.
- * 4. Neither the name of the University nor of the Laboratory may be used
- * to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <config.h>
-
-#include <netdissect-stdinc.h>
-
-#include <pcap.h>
-#include <string.h>
-
-#include "pcap-missing.h"
-#include "ascii_strcasecmp.h"
-
-struct dlt_choice {
- const char *name;
- const char *description;
- int dlt;
-};
-
-#define DLT_CHOICE(code, description) { #code, description, code }
-#define DLT_CHOICE_SENTINEL { NULL, NULL, 0 }
-
-static struct dlt_choice dlt_choices[] = {
- DLT_CHOICE(DLT_NULL, "BSD loopback"),
- DLT_CHOICE(DLT_EN10MB, "Ethernet"),
- DLT_CHOICE(DLT_IEEE802, "Token ring"),
- DLT_CHOICE(DLT_ARCNET, "ARCNET"),
- DLT_CHOICE(DLT_SLIP, "SLIP"),
- DLT_CHOICE(DLT_PPP, "PPP"),
- DLT_CHOICE(DLT_FDDI, "FDDI"),
- DLT_CHOICE(DLT_ATM_RFC1483, "RFC 1483 IP-over-ATM"),
- DLT_CHOICE(DLT_RAW, "Raw IP"),
-#ifdef DLT_SLIP_BSDOS
- DLT_CHOICE(DLT_SLIP_BSDOS, "BSD/OS SLIP"),
-#endif
-#ifdef DLT_PPP_BSDOS
- DLT_CHOICE(DLT_PPP_BSDOS, "BSD/OS PPP"),
-#endif
-#ifdef DLT_ATM_CLIP
- DLT_CHOICE(DLT_ATM_CLIP, "Linux Classical IP-over-ATM"),
-#endif
-#ifdef DLT_PPP_SERIAL
- DLT_CHOICE(DLT_PPP_SERIAL, "PPP over serial"),
-#endif
-#ifdef DLT_PPP_ETHER
- DLT_CHOICE(DLT_PPP_ETHER, "PPPoE"),
-#endif
-#ifdef DLT_C_HDLC
- DLT_CHOICE(DLT_C_HDLC, "Cisco HDLC"),
-#endif
-#ifdef DLT_IEEE802_11
- DLT_CHOICE(DLT_IEEE802_11, "802.11"),
-#endif
-#ifdef DLT_FRELAY
- DLT_CHOICE(DLT_FRELAY, "Frame Relay"),
-#endif
-#ifdef DLT_LOOP
- DLT_CHOICE(DLT_LOOP, "OpenBSD loopback"),
-#endif
-#ifdef DLT_ENC
- DLT_CHOICE(DLT_ENC, "OpenBSD encapsulated IP"),
-#endif
-#ifdef DLT_LINUX_SLL
- DLT_CHOICE(DLT_LINUX_SLL, "Linux cooked"),
-#endif
-#ifdef DLT_LTALK
- DLT_CHOICE(DLT_LTALK, "Localtalk"),
-#endif
-#ifdef DLT_PFLOG
- DLT_CHOICE(DLT_PFLOG, "OpenBSD pflog file"),
-#endif
-#ifdef DLT_PRISM_HEADER
- DLT_CHOICE(DLT_PRISM_HEADER, "802.11 plus Prism header"),
-#endif
-#ifdef DLT_IP_OVER_FC
- DLT_CHOICE(DLT_IP_OVER_FC, "RFC 2625 IP-over-Fibre Channel"),
-#endif
-#ifdef DLT_SUNATM
- DLT_CHOICE(DLT_SUNATM, "Sun raw ATM"),
-#endif
-#ifdef DLT_IEEE802_11_RADIO
- DLT_CHOICE(DLT_IEEE802_11_RADIO, "802.11 plus radio information header"),
-#endif
-#ifdef DLT_ARCNET_LINUX
- DLT_CHOICE(DLT_ARCNET_LINUX, "Linux ARCNET"),
-#endif
-#ifdef DLT_LINUX_IRDA
- DLT_CHOICE(DLT_LINUX_IRDA, "Linux IrDA"),
-#endif
-#ifdef DLT_CIP
- DLT_CHOICE(DLT_CIP, "Linux Classical IP-over-ATM"),
-#endif
-#ifdef DLT_HDLC
- DLT_CHOICE(DLT_HDLC, "Cisco HDLC"),
-#endif
- DLT_CHOICE_SENTINEL
-};
-
-#ifndef HAVE_PCAP_DATALINK_NAME_TO_VAL
-int
-pcap_datalink_name_to_val(const char *name)
-{
- int i;
-
- for (i = 0; dlt_choices[i].name != NULL; i++) {
- if (ascii_strcasecmp(dlt_choices[i].name + sizeof("DLT_") - 1,
- name) == 0)
- return (dlt_choices[i].dlt);
- }
- return (-1);
-}
-
-const char *
-pcap_datalink_val_to_name(int dlt)
-{
- int i;
-
- for (i = 0; dlt_choices[i].name != NULL; i++) {
- if (dlt_choices[i].dlt == dlt)
- return (dlt_choices[i].name + sizeof("DLT_") - 1);
- }
- return (NULL);
-}
-#endif
-
-const char *
-pcap_datalink_val_to_description(int dlt)
-{
- int i;
-
- for (i = 0; dlt_choices[i].name != NULL; i++) {
- if (dlt_choices[i].dlt == dlt)
- return (dlt_choices[i].description);
- }
- return (NULL);
-}
+++ /dev/null
-/*
- * Copyright (c) 1993, 1994, 1995, 1996, 1997, 1998
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the Computer Systems
- * Engineering Group at Lawrence Berkeley Laboratory.
- * 4. Neither the name of the University nor of the Laboratory may be used
- * to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-#include <stdio.h>
-#include <pcap.h>
-
-#include "pcap-missing.h"
-
-long
-pcap_dump_ftell(pcap_dumper_t *p)
-{
- /* FIXME: Using pcap_dump_file(p) would be a better style. That would
- * require to test if pcap_dump_file() is available, and to substitute it,
- * if it is not.
- */
- return (ftell((FILE *)p));
-}
extern int pcap_list_datalinks(pcap_t *, int **);
#endif
-#ifndef HAVE_PCAP_DATALINK_NAME_TO_VAL
-/*
- * We assume no platform has one but not the other.
- */
-extern int pcap_datalink_name_to_val(const char *);
-extern const char *pcap_datalink_val_to_name(int);
-#endif
-
-#ifndef HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION
-extern const char *pcap_datalink_val_to_description(int);
-#endif
-
-#ifndef HAVE_PCAP_DUMP_FTELL
-extern long pcap_dump_ftell(pcap_dumper_t *);
-#endif
-
#endif /* netdissect_pcap_missing_h */
.BR "ifconfig \-a" );
the number can be useful on Windows 2000 and later systems, where the
interface name is a somewhat complex string.
-.IP
-The
-.B \-D
-flag will not be supported if
-.I tcpdump
-was built with an older version of
-.I libpcap
-that lacks the
-.BR pcap_findalldevs (3PCAP)
-function.
.TP
.B \-e
Print the link-level header on each dump line. This can be used, for
Note that captures on the ``any'' pseudo-interface will not be done in promiscuous
mode.
.IP
-If the
+An interface number as printed by the
.B \-D
-flag is supported, an interface number as printed by that flag can be
-used as the
+flag can be used as the
.I interface
argument, if no interface on the system has that number as a name.
.TP
``packet-buffered''; i.e., as each packet is saved, it will be written
to the output file, rather than being written only when the output
buffer fills.
-.IP
-The
-.B \-U
-flag will not be supported if
-.I tcpdump
-was built with an older version of
-.I libpcap
-that lacks the
-.BR pcap_dump_flush (3PCAP)
-function.
.TP
.B \-v
When parsing and printing, produce (slightly more) verbose output.
#include <config.h>
-/*
- * Some older versions of Mac OS X ship pcap.h from libpcap 0.6 with a
- * libpcap based on 0.8. That means it has pcap_findalldevs() but the
- * header doesn't define pcap_if_t, meaning that we can't actually *use*
- * pcap_findalldevs().
- */
-#ifdef HAVE_PCAP_FINDALLDEVS
-#ifndef HAVE_PCAP_IF_T
-#undef HAVE_PCAP_FINDALLDEVS
-#endif
-#endif
-
#include "netdissect-stdinc.h"
/*
#define SIGNAL_REQ_INFO SIGUSR1
#endif
-#if defined(HAVE_PCAP_DUMP_FLUSH) && defined(SIGUSR2)
+#if defined(SIGUSR2)
#define SIGNAL_FLUSH_PCAP SIGUSR2
#endif
-#if defined(HAVE_PCAP_CREATE) || defined(_WIN32)
static int Bflag; /* buffer size */
-#endif
#ifdef HAVE_PCAP_DUMP_FTELL64
static int64_t Cflag; /* rotate dump files after this many bytes */
#else
static long Cflag; /* rotate dump files after this many bytes */
#endif
static int Cflag_count; /* Keep track of which file number we're writing */
-#ifdef HAVE_PCAP_FINDALLDEVS
static int Dflag; /* list available devices and exit */
-#endif
#ifdef HAVE_PCAP_FINDALLDEVS_EX
static char *remote_interfaces_source; /* list available devices from this source and exit */
#endif
#endif
static int lflag; /* line-buffered output */
static int pflag; /* don't go promiscuous */
-#ifdef HAVE_PCAP_SETDIRECTION
static int Qflag = -1; /* restrict captured packet by send/receive direction */
-#endif
-#ifdef HAVE_PCAP_DUMP_FLUSH
static int Uflag; /* "unbuffered" output of dump files */
-#endif
static int Wflag; /* recycle output files after this number of files */
static int WflagChars;
static char *zflag = NULL; /* compress each savefile using a specified command (like gzip or bzip2) */
static void info(int);
static u_int packets_captured;
-#ifdef HAVE_PCAP_FINDALLDEVS
static const struct tok status_flags[] = {
#ifdef PCAP_IF_UP
{ PCAP_IF_UP, "Up" },
#endif
{ 0, NULL }
};
-#endif
static pcap_t *pd;
static pcap_dumper_t *pdd = NULL;
dlts[i]);
}
}
-#ifdef HAVE_PCAP_FREE_DATALINKS
pcap_free_datalinks(dlts);
-#endif
exit_tcpdump(S_SUCCESS);
}
-#ifdef HAVE_PCAP_FINDALLDEVS
static void NORETURN
show_devices_and_exit(void)
{
pcap_freealldevs(devlist);
exit_tcpdump(S_SUCCESS);
}
-#endif /* HAVE_PCAP_FINDALLDEVS */
#ifdef HAVE_PCAP_FINDALLDEVS_EX
static void NORETURN
pcap_freealldevs(devlist);
exit_tcpdump(S_SUCCESS);
}
-#endif /* HAVE_PCAP_FINDALLDEVS */
+#endif /* HAVE_PCAP_FINDALLDEVS_EX */
/*
* Short options.
* Set up flags that might or might not be supported depending on the
* version of libpcap we're using.
*/
-#if defined(HAVE_PCAP_CREATE) || defined(_WIN32)
-#define B_FLAG "B:"
-#define B_FLAG_USAGE " [ -B size ]"
-#else /* defined(HAVE_PCAP_CREATE) || defined(_WIN32) */
-#define B_FLAG
-#define B_FLAG_USAGE
-#endif /* defined(HAVE_PCAP_CREATE) || defined(_WIN32) */
-
-#ifdef HAVE_PCAP_FINDALLDEVS
-#define D_FLAG "D"
-#else
-#define D_FLAG
-#endif
-
-#ifdef HAVE_PCAP_CREATE
-#define I_FLAG "I"
-#else /* HAVE_PCAP_CREATE */
-#define I_FLAG
-#endif /* HAVE_PCAP_CREATE */
-
#ifdef HAVE_PCAP_SET_TSTAMP_TYPE
#define j_FLAG "j:"
#define j_FLAG_USAGE " [ -j tstamptype ]"
#define J_FLAG "J"
-#else /* PCAP_ERROR_TSTAMP_TYPE_NOTSUP */
+#else /* HAVE_PCAP_SET_TSTAMP_TYPE */
#define j_FLAG
#define j_FLAG_USAGE
#define J_FLAG
-#endif /* PCAP_ERROR_TSTAMP_TYPE_NOTSUP */
+#endif /* HAVE_PCAP_SET_TSTAMP_TYPE */
#ifdef USE_LIBSMI
#define m_FLAG_USAGE "[ -m module ] ..."
#endif
-#ifdef HAVE_PCAP_SETDIRECTION
-#define Q_FLAG "Q:"
-#define Q_FLAG_USAGE " [ -Q in|out|inout ]"
-#else
-#define Q_FLAG
-#define Q_FLAG_USAGE
-#endif
-
-#ifdef HAVE_PCAP_DUMP_FLUSH
-#define U_FLAG "U"
-#else
-#define U_FLAG
-#endif
-
-#define SHORTOPTS "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" Q_FLAG "r:s:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:#"
+#define SHORTOPTS "aAbB:c:C:dDeE:fF:G:hHi:I" j_FLAG J_FLAG "KlLm:M:nNOpqQ:r:s:StT:uUvV:w:W:xXy:Yz:Z:#"
/*
* Long options.
#define OPTION_LENGTHS 138
static const struct option longopts[] = {
-#if defined(HAVE_PCAP_CREATE) || defined(_WIN32)
{ "buffer-size", required_argument, NULL, 'B' },
-#endif
{ "list-interfaces", no_argument, NULL, 'D' },
#ifdef HAVE_PCAP_FINDALLDEVS_EX
{ "list-remote-interfaces", required_argument, NULL, OPTION_LIST_REMOTE_INTERFACES },
#endif
{ "help", no_argument, NULL, 'h' },
{ "interface", required_argument, NULL, 'i' },
-#ifdef HAVE_PCAP_CREATE
{ "monitor-mode", no_argument, NULL, 'I' },
-#endif
#ifdef HAVE_PCAP_SET_TSTAMP_TYPE
{ "time-stamp-type", required_argument, NULL, 'j' },
{ "list-time-stamp-types", no_argument, NULL, 'J' },
{ "list-data-link-types", no_argument, NULL, 'L' },
{ "no-optimize", no_argument, NULL, 'O' },
{ "no-promiscuous-mode", no_argument, NULL, 'p' },
-#ifdef HAVE_PCAP_SETDIRECTION
{ "direction", required_argument, NULL, 'Q' },
-#endif
{ "snapshot-length", required_argument, NULL, 's' },
{ "absolute-tcp-sequence-numbers", no_argument, NULL, 'S' },
-#ifdef HAVE_PCAP_DUMP_FLUSH
{ "packet-buffered", no_argument, NULL, 'U' },
-#endif
{ "linktype", required_argument, NULL, 'y' },
#ifdef HAVE_PCAP_SET_IMMEDIATE_MODE
{ "immediate-mode", no_argument, NULL, OPTION_IMMEDIATE_MODE },
return (cp);
}
-#ifdef HAVE_PCAP_FINDALLDEVS
static long
parse_interface_number(const char *device)
{
pcap_freealldevs(devlist);
return (device);
}
-#endif
#ifdef HAVE_PCAP_OPEN
/*
open_interface(const char *device, netdissect_options *ndo, char *ebuf)
{
pcap_t *pc;
-#ifdef HAVE_PCAP_CREATE
int status;
char *cp;
-#endif
#ifdef HAVE_PCAP_OPEN
/*
}
#endif /* HAVE_PCAP_OPEN */
-#ifdef HAVE_PCAP_CREATE
pc = pcap_create(device, ebuf);
if (pc == NULL) {
/*
warning("%s: %s", device,
pcap_statustostr(status));
}
-#ifdef HAVE_PCAP_SETDIRECTION
if (Qflag != -1) {
status = pcap_setdirection(pc, Qflag);
if (status != 0)
error("%s: pcap_setdirection() failed: %s",
device, pcap_geterr(pc));
}
-#endif /* HAVE_PCAP_SETDIRECTION */
-#else /* HAVE_PCAP_CREATE */
- *ebuf = '\0';
- /*
- * If no snapshot length was specified, or a length of 0 was
- * specified, default to 256KB.
- */
- if (ndo->ndo_snaplen == 0)
- ndo->ndo_snaplen = MAXIMUM_SNAPLEN;
- pc = pcap_open_live(device, ndo->ndo_snaplen, !pflag, timeout, ebuf);
- if (pc == NULL) {
- /*
- * If this failed with "No such device", that means
- * the interface doesn't exist; return NULL, so that
- * the caller can see whether the device name is
- * actually an interface index.
- */
- if (strstr(ebuf, "No such device") != NULL)
- return (NULL);
- error("%s", ebuf);
- }
- if (*ebuf)
- warning("%s", ebuf);
-#endif /* HAVE_PCAP_CREATE */
return (pc);
}
#endif
char *ret = NULL;
char *end;
-#ifdef HAVE_PCAP_FINDALLDEVS
pcap_if_t *devlist;
long devnum;
-#endif
int status;
FILE *VFile;
#ifdef HAVE_CAPSICUM
++ndo->ndo_bflag;
break;
-#if defined(HAVE_PCAP_CREATE) || defined(_WIN32)
case 'B':
Bflag = atoi(optarg)*1024;
if (Bflag <= 0)
error("invalid packet buffer size %s", optarg);
break;
-#endif /* defined(HAVE_PCAP_CREATE) || defined(_WIN32) */
case 'c':
cnt = atoi(optarg);
++dflag;
break;
-#ifdef HAVE_PCAP_FINDALLDEVS
case 'D':
Dflag++;
break;
-#endif
#ifdef HAVE_PCAP_FINDALLDEVS_EX
case OPTION_LIST_REMOTE_INTERFACES:
device = optarg;
break;
-#ifdef HAVE_PCAP_CREATE
case 'I':
++Iflag;
break;
-#endif /* HAVE_PCAP_CREATE */
#ifdef HAVE_PCAP_SET_TSTAMP_TYPE
case 'j':
++ndo->ndo_suppress_default_print;
break;
-#ifdef HAVE_PCAP_SETDIRECTION
case 'Q':
if (ascii_strcasecmp(optarg, "in") == 0)
Qflag = PCAP_D_IN;
else
error("unknown capture direction '%s'", optarg);
break;
-#endif /* HAVE_PCAP_SETDIRECTION */
case 'r':
RFileName = optarg;
++ndo->ndo_uflag;
break;
-#ifdef HAVE_PCAP_DUMP_FLUSH
case 'U':
++Uflag;
break;
-#endif
case 'v':
++ndo->ndo_vflag;
/* NOTREACHED */
}
-#ifdef HAVE_PCAP_FINDALLDEVS
if (Dflag)
show_devices_and_exit();
-#endif
#ifdef HAVE_PCAP_FINDALLDEVS_EX
if (remote_interfaces_source != NULL)
show_remote_devices_and_exit();
/*
* No interface was specified. Pick one.
*/
-#ifdef HAVE_PCAP_FINDALLDEVS
/*
* Find the list of interfaces, and pick
* the first interface.
error("no interfaces available for capture");
device = strdup(devlist->name);
pcap_freealldevs(devlist);
-#else /* HAVE_PCAP_FINDALLDEVS */
- /*
- * Use whatever interface pcap_lookupdev()
- * chooses.
- */
- device = pcap_lookupdev(ebuf);
- if (device == NULL)
- error("%s", ebuf);
-#endif
}
/*
* a 1-based index in the list of
* interfaces.
*/
-#ifdef HAVE_PCAP_FINDALLDEVS
devnum = parse_interface_number(device);
if (devnum == -1) {
/*
pd = open_interface(device, ndo, ebuf);
if (pd == NULL)
error("%s", ebuf);
-#else /* HAVE_PCAP_FINDALLDEVS */
- /*
- * We can't get a list of interfaces; just
- * fail.
- */
- error("%s", ebuf);
-#endif /* HAVE_PCAP_FINDALLDEVS */
}
/*
if (setgid(getgid()) != 0 || setuid(getuid()) != 0)
fprintf(stderr, "Warning: setgid/setuid failed !\n");
#endif /* _WIN32 */
-#if !defined(HAVE_PCAP_CREATE) && defined(_WIN32)
- if(Bflag != 0)
- if(pcap_setbuff(pd, Bflag)==-1){
- error("%s", pcap_geterr(pd));
- }
-#endif /* !defined(HAVE_PCAP_CREATE) && defined(_WIN32) */
if (Lflag)
show_dlts_and_exit(pd, device);
if (yflag_dlt >= 0) {
-#ifdef HAVE_PCAP_SET_DATALINK
if (pcap_set_datalink(pd, yflag_dlt) < 0)
error("%s", pcap_geterr(pd));
-#else
- /*
- * We don't actually support changing the
- * data link type, so we only let them
- * set it to what it already is.
- */
- if (yflag_dlt != pcap_datalink(pd)) {
- error("%s is not one of the DLTs supported by this device\n",
- yflag_dlt_name);
- }
-#endif
(void)fprintf(stderr, "%s: data link type %s\n",
program_name,
pcap_datalink_val_to_name(yflag_dlt));
(void)fflush(stderr);
}
-#if defined(DLT_LINUX_SLL2) && defined(HAVE_PCAP_SET_DATALINK)
+#if defined(DLT_LINUX_SLL2)
else {
/*
* Attempt to set default linktype to
} else
dumpinfo.ndo = NULL;
-#ifdef HAVE_PCAP_DUMP_FLUSH
if (Uflag)
pcap_dump_flush(pdd);
-#endif
} else {
dlt = pcap_datalink(pd);
ndo->ndo_if_printer = get_if_printer(dlt);
setitimer(ITIMER_REAL, &timer, NULL);
#endif /* _WIN32 */
-#ifdef HAVE_PCAP_BREAKLOOP
/*
* We have "pcap_breakloop()"; use it, so that we do as little
* as possible in the signal handler (it's probably not safe
* the ANSI C standard doesn't say it is).
*/
pcap_breakloop(pd);
-#else
- /*
- * We don't have "pcap_breakloop()"; this isn't safe, but
- * it's the best we can do. Print the summary if we're
- * not reading from a savefile - i.e., if we're doing a
- * live capture - and exit.
- */
- if (pd != NULL && pcap_file(pd) == NULL) {
- /*
- * We got interrupted, so perhaps we didn't
- * manage to finish a line we were printing.
- * Print an extra newline, just in case.
- */
- putchar('\n');
- (void)fflush(stdout);
- info(1);
- }
- exit_tcpdump(S_SUCCESS);
-#endif
}
/*
}
pcap_dump((u_char *)dump_info->pdd, h, sp);
-#ifdef HAVE_PCAP_DUMP_FLUSH
if (Uflag)
pcap_dump_flush(dump_info->pdd);
-#endif
if (dump_info->ndo != NULL)
pretty_print_packet(dump_info->ndo, h, sp, packets_captured);
dump_info = (struct dump_info *)user;
pcap_dump((u_char *)dump_info->pdd, h, sp);
-#ifdef HAVE_PCAP_DUMP_FLUSH
if (Uflag)
pcap_dump_flush(dump_info->pdd);
-#endif
if (dump_info->ndo != NULL)
pretty_print_packet(dump_info->ndo, h, sp, packets_captured);
static void
print_version(FILE *f)
{
-#ifndef HAVE_PCAP_LIB_VERSION
- #ifdef HAVE_PCAP_VERSION
- extern char pcap_version[];
- #else /* HAVE_PCAP_VERSION */
- static char pcap_version[] = "unknown";
- #endif /* HAVE_PCAP_VERSION */
-#endif /* HAVE_PCAP_LIB_VERSION */
const char *smi_version_string;
(void)fprintf(f, "%s version " PACKAGE_VERSION "\n", program_name);
-#ifdef HAVE_PCAP_LIB_VERSION
(void)fprintf(f, "%s\n", pcap_lib_version());
-#else /* HAVE_PCAP_LIB_VERSION */
- (void)fprintf(f, "libpcap version %s\n", pcap_version);
-#endif /* HAVE_PCAP_LIB_VERSION */
#if defined(HAVE_LIBCRYPTO) && defined(SSLEAY_VERSION)
(void)fprintf (f, "%s\n", SSLeay_version(SSLEAY_VERSION));
{
print_version(f);
(void)fprintf(f,
-"Usage: %s [-Abd" D_FLAG "efhH" I_FLAG J_FLAG "KlLnNOpqStu" U_FLAG "vxX#]" B_FLAG_USAGE " [ -c count ] [--count]\n", program_name);
+"Usage: %s [-AbdDefhHI" J_FLAG "KlLnNOpqStuUvxX#] [ -B size ] [ -c count ] [--count]\n", program_name);
(void)fprintf(f,
"\t\t[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]\n");
(void)fprintf(f,
(void)fprintf(f,
"\t\t[ -M secret ] [ --number ] [ --print ]\n");
(void)fprintf(f,
-"\t\t[ --print-sampling nth ]" Q_FLAG_USAGE " [ -r file ]\n");
+"\t\t[ --print-sampling nth ] [ -Q in|out|inout ] [ -r file ]\n");
(void)fprintf(f,
"\t\t[ -s snaplen ] [ -T type ] [ --version ]\n");
(void)fprintf(f,
projects / tcpdump / commitdiff
