1 /* capture_opts.c
2 * Routines for capture options setting
3 *
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
7 *
8 * SPDX-License-Identifier: GPL-2.0-or-later
9 */
10
11 #include <config.h>
12
13 #include <stdio.h>
14 #include <stdlib.h>
15
16 #ifdef HAVE_LIBPCAP
17
18 #include <string.h>
19
20 #include <errno.h>
21
22 #include <glib.h>
23
24 #include "capture_opts.h"
25 #include "ringbuffer.h"
26
27 #include <ui/clopts_common.h>
28 #include <ui/cmdarg_err.h>
29 #include <ui/exit_codes.h>
30 #include <wsutil/file_util.h>
31 #include <wsutil/ws_pipe.h>
32 #include <wsutil/ws_assert.h>
33
34 #include "capture/capture_ifinfo.h"
35 #include "capture/capture-pcap-util.h"
36
37 #include "ui/filter_files.h"
38
39 static gboolean capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe);
40
41
42 void
capture_opts_init(capture_options * capture_opts)43 capture_opts_init(capture_options *capture_opts)
44 {
45 capture_opts->ifaces = g_array_new(FALSE, FALSE, sizeof(interface_options));
46 capture_opts->all_ifaces = g_array_new(FALSE, FALSE, sizeof(interface_t));
47 capture_opts->num_selected = 0;
48 capture_opts->default_options.name = NULL;
49 capture_opts->default_options.descr = NULL;
50 capture_opts->default_options.ifname = NULL;
51 capture_opts->default_options.hardware = NULL;
52 capture_opts->default_options.display_name = NULL;
53 capture_opts->default_options.cfilter = NULL;
54 capture_opts->default_options.has_snaplen = FALSE;
55 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
56 capture_opts->default_options.linktype = -1; /* use interface default */
57 capture_opts->default_options.promisc_mode = TRUE;
58 capture_opts->default_options.if_type = IF_WIRED;
59 capture_opts->default_options.extcap = NULL;
60 capture_opts->default_options.extcap_fifo = NULL;
61 capture_opts->default_options.extcap_args = NULL;
62 capture_opts->default_options.extcap_pipedata = NULL;
63 capture_opts->default_options.extcap_pid = WS_INVALID_PID;
64 #ifdef _WIN32
65 capture_opts->default_options.extcap_pipe_h = INVALID_HANDLE_VALUE;
66 capture_opts->default_options.extcap_control_in_h = INVALID_HANDLE_VALUE;
67 capture_opts->default_options.extcap_control_out_h = INVALID_HANDLE_VALUE;
68 #endif
69 capture_opts->default_options.extcap_control_in = NULL;
70 capture_opts->default_options.extcap_control_out = NULL;
71 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
72 capture_opts->default_options.buffer_size = DEFAULT_CAPTURE_BUFFER_SIZE;
73 #endif
74 capture_opts->default_options.monitor_mode = FALSE;
75 #ifdef HAVE_PCAP_REMOTE
76 capture_opts->default_options.src_type = CAPTURE_IFLOCAL;
77 capture_opts->default_options.remote_host = NULL;
78 capture_opts->default_options.remote_port = NULL;
79 capture_opts->default_options.auth_type = CAPTURE_AUTH_NULL;
80 capture_opts->default_options.auth_username = NULL;
81 capture_opts->default_options.auth_password = NULL;
82 capture_opts->default_options.datatx_udp = FALSE;
83 capture_opts->default_options.nocap_rpcap = TRUE;
84 capture_opts->default_options.nocap_local = FALSE;
85 #endif
86 #ifdef HAVE_PCAP_SETSAMPLING
87 capture_opts->default_options.sampling_method = CAPTURE_SAMP_NONE;
88 capture_opts->default_options.sampling_param = 0;
89 #endif
90 capture_opts->default_options.timestamp_type = NULL;
91 capture_opts->saving_to_file = FALSE;
92 capture_opts->save_file = NULL;
93 capture_opts->group_read_access = FALSE;
94 capture_opts->use_pcapng = TRUE; /* Save as pcapng by default */
95 capture_opts->real_time_mode = TRUE;
96 capture_opts->show_info = TRUE;
97 capture_opts->restart = FALSE;
98 capture_opts->orig_save_file = NULL;
99
100 capture_opts->multi_files_on = FALSE;
101 capture_opts->has_file_duration = FALSE;
102 capture_opts->file_duration = 60.0; /* 1 min */
103 capture_opts->has_file_interval = FALSE;
104 capture_opts->has_nametimenum = FALSE;
105 capture_opts->file_interval = 60; /* 1 min */
106 capture_opts->has_file_packets = FALSE;
107 capture_opts->file_packets = 0;
108 capture_opts->has_ring_num_files = FALSE;
109 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
110
111 capture_opts->has_autostop_files = FALSE;
112 capture_opts->autostop_files = 1;
113 capture_opts->has_autostop_packets = FALSE;
114 capture_opts->autostop_packets = 0;
115 capture_opts->has_autostop_filesize = FALSE;
116 capture_opts->autostop_filesize = 1000; /* 1 MB */
117 capture_opts->has_autostop_duration = FALSE;
118 capture_opts->autostop_duration = 60.0; /* 1 min */
119
120 capture_opts->output_to_pipe = FALSE;
121 capture_opts->capture_child = FALSE;
122 capture_opts->print_file_names = FALSE;
123 capture_opts->print_name_to = NULL;
124 capture_opts->compress_type = NULL;
125 }
126
127 void
capture_opts_cleanup(capture_options * capture_opts)128 capture_opts_cleanup(capture_options *capture_opts)
129 {
130 if (!capture_opts)
131 return;
132
133 if (capture_opts->ifaces) {
134 while (capture_opts->ifaces->len > 0) {
135 capture_opts_del_iface(capture_opts, 0);
136 }
137 g_array_free(capture_opts->ifaces, TRUE);
138 capture_opts->ifaces = NULL;
139 }
140 if (capture_opts->all_ifaces) {
141 while (capture_opts->all_ifaces->len > 0) {
142 interface_t *device = &g_array_index(capture_opts->all_ifaces, interface_t, 0);
143 capture_opts_free_interface_t(device);
144 capture_opts->all_ifaces = g_array_remove_index(capture_opts->all_ifaces, 0);
145 }
146 g_array_free(capture_opts->all_ifaces, TRUE);
147 capture_opts->all_ifaces = NULL;
148 }
149 g_free(capture_opts->save_file);
150 }
151
152 /* log content of capture_opts */
153 void
capture_opts_log(const char * log_domain,enum ws_log_level log_level,capture_options * capture_opts)154 capture_opts_log(const char *log_domain, enum ws_log_level log_level, capture_options *capture_opts) {
155 guint i;
156
157 ws_log(log_domain, log_level, "CAPTURE OPTIONS :");
158
159 for (i = 0; i < capture_opts->ifaces->len; i++) {
160 interface_options *interface_opts;
161
162 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, i);
163 ws_log(log_domain, log_level, "Interface name[%02d] : %s", i, interface_opts->name ? interface_opts->name : "(unspecified)");
164 ws_log(log_domain, log_level, "Interface description[%02d] : %s", i, interface_opts->descr ? interface_opts->descr : "(unspecified)");
165 ws_log(log_domain, log_level, "Interface vendor description[%02d] : %s", i, interface_opts->hardware ? interface_opts->hardware : "(unspecified)");
166 ws_log(log_domain, log_level, "Display name[%02d]: %s", i, interface_opts->display_name ? interface_opts->display_name : "(unspecified)");
167 ws_log(log_domain, log_level, "Capture filter[%02d] : %s", i, interface_opts->cfilter ? interface_opts->cfilter : "(unspecified)");
168 ws_log(log_domain, log_level, "Snap length[%02d] (%u) : %d", i, interface_opts->has_snaplen, interface_opts->snaplen);
169 ws_log(log_domain, log_level, "Link Type[%02d] : %d", i, interface_opts->linktype);
170 ws_log(log_domain, log_level, "Promiscuous Mode[%02d]: %s", i, interface_opts->promisc_mode?"TRUE":"FALSE");
171 ws_log(log_domain, log_level, "Extcap[%02d] : %s", i, interface_opts->extcap ? interface_opts->extcap : "(unspecified)");
172 ws_log(log_domain, log_level, "Extcap FIFO[%02d] : %s", i, interface_opts->extcap_fifo ? interface_opts->extcap_fifo : "(unspecified)");
173 ws_log(log_domain, log_level, "Extcap PID[%02d] : %d", i, interface_opts->extcap_pid);
174 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
175 ws_log(log_domain, log_level, "Buffer size[%02d] : %d (MB)", i, interface_opts->buffer_size);
176 #endif
177 ws_log(log_domain, log_level, "Monitor Mode[%02d] : %s", i, interface_opts->monitor_mode?"TRUE":"FALSE");
178 #ifdef HAVE_PCAP_REMOTE
179 ws_log(log_domain, log_level, "Capture source[%02d] : %s", i,
180 interface_opts->src_type == CAPTURE_IFLOCAL ? "Local interface" :
181 interface_opts->src_type == CAPTURE_IFREMOTE ? "Remote interface" :
182 "Unknown");
183 if (interface_opts->src_type == CAPTURE_IFREMOTE) {
184 ws_log(log_domain, log_level, "Remote host[%02d] : %s", i, interface_opts->remote_host ? interface_opts->remote_host : "(unspecified)");
185 ws_log(log_domain, log_level, "Remote port[%02d] : %s", i, interface_opts->remote_port ? interface_opts->remote_port : "(unspecified)");
186 }
187 ws_log(log_domain, log_level, "Authentication[%02d] : %s", i,
188 interface_opts->auth_type == CAPTURE_AUTH_NULL ? "Null" :
189 interface_opts->auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
190 "Unknown");
191 if (interface_opts->auth_type == CAPTURE_AUTH_PWD) {
192 ws_log(log_domain, log_level, "Auth username[%02d] : %s", i, interface_opts->auth_username ? interface_opts->auth_username : "(unspecified)");
193 ws_log(log_domain, log_level, "Auth password[%02d] : <hidden>", i);
194 }
195 ws_log(log_domain, log_level, "UDP data tfer[%02d] : %u", i, interface_opts->datatx_udp);
196 ws_log(log_domain, log_level, "No cap. RPCAP[%02d] : %u", i, interface_opts->nocap_rpcap);
197 ws_log(log_domain, log_level, "No cap. local[%02d] : %u", i, interface_opts->nocap_local);
198 #endif
199 #ifdef HAVE_PCAP_SETSAMPLING
200 ws_log(log_domain, log_level, "Sampling meth.[%02d] : %d", i, interface_opts->sampling_method);
201 ws_log(log_domain, log_level, "Sampling param.[%02d] : %d", i, interface_opts->sampling_param);
202 #endif
203 ws_log(log_domain, log_level, "Timestamp type [%02d] : %s", i, interface_opts->timestamp_type);
204 }
205 ws_log(log_domain, log_level, "Interface name[df] : %s", capture_opts->default_options.name ? capture_opts->default_options.name : "(unspecified)");
206 ws_log(log_domain, log_level, "Interface Descr[df] : %s", capture_opts->default_options.descr ? capture_opts->default_options.descr : "(unspecified)");
207 ws_log(log_domain, log_level, "Interface Hardware Descr[df] : %s", capture_opts->default_options.hardware ? capture_opts->default_options.hardware : "(unspecified)");
208 ws_log(log_domain, log_level, "Interface display name[df] : %s", capture_opts->default_options.display_name ? capture_opts->default_options.display_name : "(unspecified)");
209 ws_log(log_domain, log_level, "Capture filter[df] : %s", capture_opts->default_options.cfilter ? capture_opts->default_options.cfilter : "(unspecified)");
210 ws_log(log_domain, log_level, "Snap length[df] (%u) : %d", capture_opts->default_options.has_snaplen, capture_opts->default_options.snaplen);
211 ws_log(log_domain, log_level, "Link Type[df] : %d", capture_opts->default_options.linktype);
212 ws_log(log_domain, log_level, "Promiscuous Mode[df]: %s", capture_opts->default_options.promisc_mode?"TRUE":"FALSE");
213 ws_log(log_domain, log_level, "Extcap[df] : %s", capture_opts->default_options.extcap ? capture_opts->default_options.extcap : "(unspecified)");
214 ws_log(log_domain, log_level, "Extcap FIFO[df] : %s", capture_opts->default_options.extcap_fifo ? capture_opts->default_options.extcap_fifo : "(unspecified)");
215 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
216 ws_log(log_domain, log_level, "Buffer size[df] : %d (MB)", capture_opts->default_options.buffer_size);
217 #endif
218 ws_log(log_domain, log_level, "Monitor Mode[df] : %s", capture_opts->default_options.monitor_mode?"TRUE":"FALSE");
219 #ifdef HAVE_PCAP_REMOTE
220 ws_log(log_domain, log_level, "Capture source[df] : %s",
221 capture_opts->default_options.src_type == CAPTURE_IFLOCAL ? "Local interface" :
222 capture_opts->default_options.src_type == CAPTURE_IFREMOTE ? "Remote interface" :
223 "Unknown");
224 if (capture_opts->default_options.src_type == CAPTURE_IFREMOTE) {
225 ws_log(log_domain, log_level, "Remote host[df] : %s", capture_opts->default_options.remote_host ? capture_opts->default_options.remote_host : "(unspecified)");
226 ws_log(log_domain, log_level, "Remote port[df] : %s", capture_opts->default_options.remote_port ? capture_opts->default_options.remote_port : "(unspecified)");
227 }
228 ws_log(log_domain, log_level, "Authentication[df] : %s",
229 capture_opts->default_options.auth_type == CAPTURE_AUTH_NULL ? "Null" :
230 capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
231 "Unknown");
232 if (capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD) {
233 ws_log(log_domain, log_level, "Auth username[df] : %s", capture_opts->default_options.auth_username ? capture_opts->default_options.auth_username : "(unspecified)");
234 ws_log(log_domain, log_level, "Auth password[df] : <hidden>");
235 }
236 ws_log(log_domain, log_level, "UDP data tfer[df] : %u", capture_opts->default_options.datatx_udp);
237 ws_log(log_domain, log_level, "No cap. RPCAP[df] : %u", capture_opts->default_options.nocap_rpcap);
238 ws_log(log_domain, log_level, "No cap. local[df] : %u", capture_opts->default_options.nocap_local);
239 #endif
240 #ifdef HAVE_PCAP_SETSAMPLING
241 ws_log(log_domain, log_level, "Sampling meth. [df] : %d", capture_opts->default_options.sampling_method);
242 ws_log(log_domain, log_level, "Sampling param.[df] : %d", capture_opts->default_options.sampling_param);
243 #endif
244 ws_log(log_domain, log_level, "Timestamp type [df] : %s", capture_opts->default_options.timestamp_type ? capture_opts->default_options.timestamp_type : "(unspecified)");
245 ws_log(log_domain, log_level, "SavingToFile : %u", capture_opts->saving_to_file);
246 ws_log(log_domain, log_level, "SaveFile : %s", (capture_opts->save_file) ? capture_opts->save_file : "");
247 ws_log(log_domain, log_level, "GroupReadAccess : %u", capture_opts->group_read_access);
248 ws_log(log_domain, log_level, "Fileformat : %s", (capture_opts->use_pcapng) ? "PCAPNG" : "PCAP");
249 ws_log(log_domain, log_level, "RealTimeMode : %u", capture_opts->real_time_mode);
250 ws_log(log_domain, log_level, "ShowInfo : %u", capture_opts->show_info);
251
252 ws_log(log_domain, log_level, "MultiFilesOn : %u", capture_opts->multi_files_on);
253 ws_log(log_domain, log_level, "FileDuration (%u) : %.3f", capture_opts->has_file_duration, capture_opts->file_duration);
254 ws_log(log_domain, log_level, "FileInterval (%u) : %u", capture_opts->has_file_interval, capture_opts->file_interval);
255 ws_log(log_domain, log_level, "FilePackets (%u) : %u", capture_opts->has_file_packets, capture_opts->file_packets);
256 ws_log(log_domain, log_level, "FileNameType : %s", (capture_opts->has_nametimenum) ? "prefix_time_num.suffix" : "prefix_num_time.suffix");
257 ws_log(log_domain, log_level, "RingNumFiles (%u) : %u", capture_opts->has_ring_num_files, capture_opts->ring_num_files);
258 ws_log(log_domain, log_level, "RingPrintFiles (%u) : %s", capture_opts->print_file_names, (capture_opts->print_file_names ? capture_opts->print_name_to : ""));
259
260 ws_log(log_domain, log_level, "AutostopFiles (%u) : %u", capture_opts->has_autostop_files, capture_opts->autostop_files);
261 ws_log(log_domain, log_level, "AutostopPackets (%u) : %u", capture_opts->has_autostop_packets, capture_opts->autostop_packets);
262 ws_log(log_domain, log_level, "AutostopFilesize(%u) : %u (KB)", capture_opts->has_autostop_filesize, capture_opts->autostop_filesize);
263 ws_log(log_domain, log_level, "AutostopDuration(%u) : %.3f", capture_opts->has_autostop_duration, capture_opts->autostop_duration);
264 }
265
266 /*
267 * Given a string of the form "<autostop criterion>:<value>", as might appear
268 * as an argument to a "-a" option, parse it and set the criterion in
269 * question. Return an indication of whether it succeeded or failed
270 * in some fashion.
271 */
272 static gboolean
set_autostop_criterion(capture_options * capture_opts,const char * autostoparg)273 set_autostop_criterion(capture_options *capture_opts, const char *autostoparg)
274 {
275 gchar *p, *colonp;
276
277 colonp = strchr(autostoparg, ':');
278 if (colonp == NULL)
279 return FALSE;
280
281 p = colonp;
282 *p++ = '\0';
283
284 /*
285 * Skip over any white space (there probably won't be any, but
286 * as we allow it in the preferences file, we might as well
287 * allow it here).
288 */
289 while (g_ascii_isspace(*p))
290 p++;
291 if (*p == '\0') {
292 /*
293 * Put the colon back, so if our caller uses, in an
294 * error message, the string they passed us, the message
295 * looks correct.
296 */
297 *colonp = ':';
298 return FALSE;
299 }
300 if (strcmp(autostoparg,"duration") == 0) {
301 capture_opts->has_autostop_duration = TRUE;
302 capture_opts->autostop_duration = get_positive_double(p,"autostop duration");
303 } else if (strcmp(autostoparg,"filesize") == 0) {
304 capture_opts->has_autostop_filesize = TRUE;
305 capture_opts->autostop_filesize = get_nonzero_guint32(p,"autostop filesize");
306 } else if (strcmp(autostoparg,"files") == 0) {
307 capture_opts->multi_files_on = TRUE;
308 capture_opts->has_autostop_files = TRUE;
309 capture_opts->autostop_files = get_positive_int(p,"autostop files");
310 } else if (strcmp(autostoparg,"packets") == 0) {
311 capture_opts->has_autostop_packets = TRUE;
312 capture_opts->autostop_packets = get_positive_int(p,"packet count");
313 } else {
314 return FALSE;
315 }
316 *colonp = ':'; /* put the colon back */
317 return TRUE;
318 }
319
get_filter_arguments(capture_options * capture_opts,const char * arg)320 static gboolean get_filter_arguments(capture_options* capture_opts, const char* arg)
321 {
322 char* colonp;
323 char* val;
324 char* filter_exp = NULL;
325
326 colonp = strchr(arg, ':');
327 if (colonp) {
328 val = colonp;
329 *val = '\0';
330 val++;
331 if (strcmp(arg, "predef") == 0) {
332 GList* filterItem;
333
334 filterItem = get_filter_list_first(CFILTER_LIST);
335 while (filterItem != NULL) {
336 filter_def *filterDef;
337
338 filterDef = (filter_def*)filterItem->data;
339 if (strcmp(val, filterDef->name) == 0) {
340 filter_exp = g_strdup(filterDef->strval);
341 break;
342 }
343 filterItem = filterItem->next;
344 }
345 }
346 }
347
348 if (filter_exp == NULL) {
349 /* No filter expression found yet; fallback to previous implemention
350 and assume the arg contains a filter expression */
351 if (colonp) {
352 *colonp = ':'; /* restore colon */
353 }
354 filter_exp = g_strdup(arg);
355 }
356
357 if (capture_opts->ifaces->len > 0) {
358 interface_options *interface_opts;
359
360 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
361 g_free(interface_opts->cfilter);
362 interface_opts->cfilter = filter_exp;
363 return TRUE;
364 }
365 else {
366 g_free(capture_opts->default_options.cfilter);
367 capture_opts->default_options.cfilter = filter_exp;
368 return TRUE;
369 }
370 }
371
372 /*
373 * Given a string of the form "<ring buffer file>:<duration>", as might appear
374 * as an argument to a "-b" option, parse it and set the arguments in
375 * question. Return an indication of whether it succeeded or failed
376 * in some fashion.
377 */
378 static gboolean
get_ring_arguments(capture_options * capture_opts,const char * arg)379 get_ring_arguments(capture_options *capture_opts, const char *arg)
380 {
381 gchar *p = NULL, *colonp;
382
383 colonp = strchr(arg, ':');
384 if (colonp == NULL)
385 return FALSE;
386
387 p = colonp;
388 *p++ = '\0';
389
390 /*
391 * Skip over any white space (there probably won't be any, but
392 * as we allow it in the preferences file, we might as well
393 * allow it here).
394 */
395 while (g_ascii_isspace(*p))
396 p++;
397 if (*p == '\0') {
398 /*
399 * Put the colon back, so if our caller uses, in an
400 * error message, the string they passed us, the message
401 * looks correct.
402 */
403 *colonp = ':';
404 return FALSE;
405 }
406
407 if (strcmp(arg,"files") == 0) {
408 capture_opts->has_ring_num_files = TRUE;
409 capture_opts->ring_num_files = get_nonzero_guint32(p, "number of ring buffer files");
410 } else if (strcmp(arg,"filesize") == 0) {
411 capture_opts->has_autostop_filesize = TRUE;
412 capture_opts->autostop_filesize = get_nonzero_guint32(p, "ring buffer filesize");
413 } else if (strcmp(arg,"duration") == 0) {
414 capture_opts->has_file_duration = TRUE;
415 capture_opts->file_duration = get_positive_double(p, "ring buffer duration");
416 } else if (strcmp(arg,"interval") == 0) {
417 capture_opts->has_file_interval = TRUE;
418 capture_opts->file_interval = get_positive_int(p, "ring buffer interval");
419 } else if (strcmp(arg,"nametimenum") == 0) {
420 int val = get_positive_int(p, "file name: time before num");
421 capture_opts->has_nametimenum = (val > 1);
422 } else if (strcmp(arg,"packets") == 0) {
423 capture_opts->has_file_packets = TRUE;
424 capture_opts->file_packets = get_positive_int(p, "ring buffer packet count");
425 } else if (strcmp(arg,"printname") == 0) {
426 capture_opts->print_file_names = TRUE;
427 capture_opts->print_name_to = g_strdup(p);
428 }
429
430 *colonp = ':'; /* put the colon back */
431 return TRUE;
432 }
433
434 #ifdef HAVE_PCAP_SETSAMPLING
435 /*
436 * Given a string of the form "<sampling type>:<value>", as might appear
437 * as an argument to a "-m" option, parse it and set the arguments in
438 * question. Return an indication of whether it succeeded or failed
439 * in some fashion.
440 */
441 static gboolean
get_sampling_arguments(capture_options * capture_opts,const char * arg)442 get_sampling_arguments(capture_options *capture_opts, const char *arg)
443 {
444 gchar *p = NULL, *colonp;
445
446 colonp = strchr(arg, ':');
447 if (colonp == NULL)
448 return FALSE;
449
450 p = colonp;
451 *p++ = '\0';
452
453 while (g_ascii_isspace(*p))
454 p++;
455 if (*p == '\0') {
456 *colonp = ':';
457 return FALSE;
458 }
459
460 if (strcmp(arg, "count") == 0) {
461 if (capture_opts->ifaces->len > 0) {
462 interface_options *interface_opts;
463
464 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
465 interface_opts->sampling_method = CAPTURE_SAMP_BY_COUNT;
466 interface_opts->sampling_param = get_positive_int(p, "sampling count");
467 } else {
468 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_COUNT;
469 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling count");
470 }
471 } else if (strcmp(arg, "timer") == 0) {
472 if (capture_opts->ifaces->len > 0) {
473 interface_options *interface_opts;
474
475 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
476 interface_opts->sampling_method = CAPTURE_SAMP_BY_TIMER;
477 interface_opts->sampling_param = get_positive_int(p, "sampling timer");
478 } else {
479 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_TIMER;
480 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling timer");
481 }
482 }
483 *colonp = ':';
484 return TRUE;
485 }
486 #endif
487
488 #ifdef HAVE_PCAP_REMOTE
489 /*
490 * Given a string of the form "<username>:<password>", as might appear
491 * as an argument to a "-A" option, parse it and set the arguments in
492 * question. Return an indication of whether it succeeded or failed
493 * in some fashion.
494 */
495 static gboolean
get_auth_arguments(capture_options * capture_opts,const char * arg)496 get_auth_arguments(capture_options *capture_opts, const char *arg)
497 {
498 gchar *p = NULL, *colonp;
499
500 colonp = strchr(arg, ':');
501 if (colonp == NULL)
502 return FALSE;
503
504 p = colonp;
505 *p++ = '\0';
506
507 while (g_ascii_isspace(*p))
508 p++;
509
510 if (capture_opts->ifaces->len > 0) {
511 interface_options *interface_opts;
512
513 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
514 interface_opts->auth_type = CAPTURE_AUTH_PWD;
515 interface_opts->auth_username = g_strdup(arg);
516 interface_opts->auth_password = g_strdup(p);
517 } else {
518 capture_opts->default_options.auth_type = CAPTURE_AUTH_PWD;
519 capture_opts->default_options.auth_username = g_strdup(arg);
520 capture_opts->default_options.auth_password = g_strdup(p);
521 }
522 *colonp = ':';
523 return TRUE;
524 }
525 #endif
526
527 #ifdef _WIN32
528 static char *
capture_opts_generate_display_name(const char * friendly_name,const char * name _U_)529 capture_opts_generate_display_name(const char *friendly_name,
530 const char *name _U_)
531 {
532 /*
533 * Display the friendly name rather than the not-so-friendly
534 * GUID-based interface name.
535 */
536 return g_strdup(friendly_name);
537 }
538 #else
539 static char *
capture_opts_generate_display_name(const char * friendly_name,const char * name)540 capture_opts_generate_display_name(const char *friendly_name,
541 const char *name)
542 {
543 /*
544 * On UN*X, however, users are more used to interface names,
545 * and may find it helpful to see them.
546 */
547 return g_strdup_printf("%s: %s", friendly_name, name);
548 }
549 #endif
550
551 static void
fill_in_interface_opts_from_ifinfo(interface_options * interface_opts,const if_info_t * if_info)552 fill_in_interface_opts_from_ifinfo(interface_options *interface_opts,
553 const if_info_t *if_info)
554 {
555 interface_opts->name = g_strdup(if_info->name);
556
557 interface_opts->hardware = g_strdup(if_info->vendor_description);
558 if (if_info->friendly_name != NULL) {
559 /*
560 * We have a friendly name; remember it as the
561 * description...
562 */
563 interface_opts->descr = g_strdup(if_info->friendly_name);
564 /*
565 * ...and use it in the console display name.
566 */
567 interface_opts->display_name = capture_opts_generate_display_name(if_info->friendly_name, if_info->name);
568 } else {
569 /* fallback to the interface name */
570 interface_opts->descr = NULL;
571 interface_opts->display_name = g_strdup(if_info->name);
572 }
573 interface_opts->ifname = NULL;
574 interface_opts->if_type = if_info->type;
575 interface_opts->extcap = g_strdup(if_info->extcap);
576 }
577
578 static gboolean
fill_in_interface_opts_from_ifinfo_by_name(interface_options * interface_opts,const char * name)579 fill_in_interface_opts_from_ifinfo_by_name(interface_options *interface_opts,
580 const char *name)
581 {
582 gboolean matched;
583 GList *if_list;
584 int err;
585 GList *if_entry;
586 if_info_t *if_info;
587 size_t prefix_length;
588
589 matched = FALSE;
590 if_list = capture_interface_list(&err, NULL, NULL);
591 if (if_list != NULL) {
592 /*
593 * Try and do an exact match (case insensitive) on the
594 * interface name, the interface description, and the
595 * hardware description.
596 */
597 for (if_entry = g_list_first(if_list); if_entry != NULL;
598 if_entry = g_list_next(if_entry))
599 {
600 if_info = (if_info_t *)if_entry->data;
601
602 /*
603 * Does the specified name match the interface name
604 * with a case-insensitive match?
605 */
606 if (g_ascii_strcasecmp(if_info->name, name) == 0) {
607 /*
608 * Yes.
609 */
610 matched = TRUE;
611 break;
612 }
613
614 /*
615 * Does this interface have a friendly name and, if so,
616 * does the specified name match the friendly name with
617 * a case-insensitive match?
618 */
619 if (if_info->friendly_name != NULL &&
620 g_ascii_strcasecmp(if_info->friendly_name, name) == 0) {
621 /*
622 * Yes.
623 */
624 matched = TRUE;
625 break;
626 }
627 }
628
629 if (!matched) {
630 /*
631 * We didn't find it; attempt a case-insensitive prefix match
632 * of the friendly name.
633 */
634 prefix_length = strlen(name);
635 for (if_entry = g_list_first(if_list); if_entry != NULL;
636 if_entry = g_list_next(if_entry))
637 {
638 if_info = (if_info_t *)if_entry->data;
639
640 if (if_info->friendly_name != NULL &&
641 g_ascii_strncasecmp(if_info->friendly_name, name, prefix_length) == 0) {
642 /*
643 * We found an interface whose friendly name matches
644 * with a case-insensitive prefix match.
645 */
646 matched = TRUE;
647 break;
648 }
649 }
650 }
651 }
652
653 if (matched) {
654 /*
655 * We found an interface that matches.
656 */
657 fill_in_interface_opts_from_ifinfo(interface_opts, if_info);
658 }
659 free_interface_list(if_list);
660 return matched;
661 }
662
663 static int
capture_opts_add_iface_opt(capture_options * capture_opts,const char * optarg_str_p)664 capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
665 {
666 long adapter_index;
667 char *p;
668 GList *if_list;
669 if_info_t *if_info;
670 int err;
671 gchar *err_str;
672 interface_options interface_opts;
673
674 /*
675 * If the argument is a number, treat it as an index into the list
676 * of adapters, as printed by "tshark -D".
677 *
678 * This should be OK on UN*X systems, as interfaces shouldn't have
679 * names that begin with digits. It can be useful on Windows, where
680 * more than one interface can have the same name.
681 *
682 * XXX - "shouldn't have names that begin with digits" is not true
683 * on Linux; see
684 *
685 * https://github.com/the-tcpdump-group/tcpdump/issues/522
686 *
687 * tcpdump handles that by trying to open the device by name and,
688 * if that fails *and* the name is a syntactically valid number
689 * (optional sign, followed by decimal digits), reports an error
690 * if it's not a valid interface index, and otherwise uses it as
691 * an interface index.
692 */
693 adapter_index = strtol(optarg_str_p, &p, 10);
694 if (p != NULL && *p == '\0') {
695 if (adapter_index < 0) {
696 cmdarg_err("The specified adapter index is a negative number");
697 return 1;
698 }
699 if (adapter_index > INT_MAX) {
700 cmdarg_err("The specified adapter index is too large (greater than %d)",
701 INT_MAX);
702 return 1;
703 }
704 if (adapter_index == 0) {
705 cmdarg_err("There is no interface with that adapter index");
706 return 1;
707 }
708 if_list = capture_interface_list(&err, &err_str, NULL);
709 if (if_list == NULL) {
710 if (err == 0)
711 cmdarg_err("There are no interfaces on which a capture can be done");
712 else {
713 cmdarg_err("%s", err_str);
714 g_free(err_str);
715 }
716 return 2;
717 }
718 if_info = (if_info_t *)g_list_nth_data(if_list, (int)(adapter_index - 1));
719 if (if_info == NULL) {
720 cmdarg_err("There is no interface with that adapter index");
721 return 1;
722 }
723 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
724 free_interface_list(if_list);
725 } else if (capture_opts->capture_child) {
726 /*
727 * In Wireshark capture child mode, so the exact interface name
728 * is supplied, and we don't need to look it up.
729 */
730 if_info = if_info_get(optarg_str_p);
731 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
732 if_info_free(if_info);
733 } else {
734 /*
735 * Search for that name in the interface list and, if we found
736 * it, fill in fields in the interface_opts structure.
737 */
738 if (!fill_in_interface_opts_from_ifinfo_by_name(&interface_opts,
739 optarg_str_p)) {
740 /*
741 * We didn't find the interface in the list; just use
742 * the specified name, so that, for example, if an
743 * interface doesn't show up in the list for some
744 * reason, the user can try specifying it explicitly
745 * for testing purposes.
746 */
747 interface_opts.name = g_strdup(optarg_str_p);
748 interface_opts.descr = NULL;
749 interface_opts.hardware = NULL;
750 interface_opts.display_name = g_strdup(optarg_str_p);
751 interface_opts.ifname = NULL;
752 interface_opts.if_type = capture_opts->default_options.if_type;
753 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
754 }
755 }
756
757 interface_opts.cfilter = g_strdup(capture_opts->default_options.cfilter);
758 interface_opts.snaplen = capture_opts->default_options.snaplen;
759 interface_opts.has_snaplen = capture_opts->default_options.has_snaplen;
760 interface_opts.linktype = capture_opts->default_options.linktype;
761 interface_opts.promisc_mode = capture_opts->default_options.promisc_mode;
762 interface_opts.extcap_fifo = g_strdup(capture_opts->default_options.extcap_fifo);
763 interface_opts.extcap_args = NULL;
764 interface_opts.extcap_pid = WS_INVALID_PID;
765 interface_opts.extcap_pipedata = NULL;
766 #ifdef _WIN32
767 interface_opts.extcap_pipe_h = INVALID_HANDLE_VALUE;
768 interface_opts.extcap_control_in_h = INVALID_HANDLE_VALUE;
769 interface_opts.extcap_control_out_h = INVALID_HANDLE_VALUE;
770 #endif
771 interface_opts.extcap_control_in = g_strdup(capture_opts->default_options.extcap_control_in);
772 interface_opts.extcap_control_out = g_strdup(capture_opts->default_options.extcap_control_out);
773 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
774 interface_opts.buffer_size = capture_opts->default_options.buffer_size;
775 #endif
776 interface_opts.monitor_mode = capture_opts->default_options.monitor_mode;
777 #ifdef HAVE_PCAP_REMOTE
778 interface_opts.src_type = capture_opts->default_options.src_type;
779 interface_opts.remote_host = g_strdup(capture_opts->default_options.remote_host);
780 interface_opts.remote_port = g_strdup(capture_opts->default_options.remote_port);
781 interface_opts.auth_type = capture_opts->default_options.auth_type;
782 interface_opts.auth_username = g_strdup(capture_opts->default_options.auth_username);
783 interface_opts.auth_password = g_strdup(capture_opts->default_options.auth_password);
784 interface_opts.datatx_udp = capture_opts->default_options.datatx_udp;
785 interface_opts.nocap_rpcap = capture_opts->default_options.nocap_rpcap;
786 interface_opts.nocap_local = capture_opts->default_options.nocap_local;
787 #endif
788 #ifdef HAVE_PCAP_SETSAMPLING
789 interface_opts.sampling_method = capture_opts->default_options.sampling_method;
790 interface_opts.sampling_param = capture_opts->default_options.sampling_param;
791 #endif
792 interface_opts.timestamp_type = capture_opts->default_options.timestamp_type;
793
794 g_array_append_val(capture_opts->ifaces, interface_opts);
795
796 return 0;
797 }
798
799
800 int
capture_opts_add_opt(capture_options * capture_opts,int opt,const char * optarg_str_p)801 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p)
802 {
803 int status, snaplen;
804
805 switch(opt) {
806 case 'a': /* autostop criteria */
807 if (set_autostop_criterion(capture_opts, optarg_str_p) == FALSE) {
808 cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
809 return 1;
810 }
811 break;
812 #ifdef HAVE_PCAP_REMOTE
813 case 'A':
814 if (get_auth_arguments(capture_opts, optarg_str_p) == FALSE) {
815 cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
816 return 1;
817 }
818 break;
819 #endif
820 case 'b': /* Ringbuffer option */
821 capture_opts->multi_files_on = TRUE;
822 if (get_ring_arguments(capture_opts, optarg_str_p) == FALSE) {
823 cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
824 return 1;
825 }
826 break;
827 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
828 case 'B': /* Buffer size */
829 if (capture_opts->ifaces->len > 0) {
830 interface_options *interface_opts;
831
832 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
833 interface_opts->buffer_size = get_positive_int(optarg_str_p, "buffer size");
834 } else {
835 capture_opts->default_options.buffer_size = get_positive_int(optarg_str_p, "buffer size");
836 }
837 break;
838 #endif
839 case 'c': /* Capture n packets */
840 /* XXX Use set_autostop_criterion instead? */
841 capture_opts->has_autostop_packets = TRUE;
842 capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
843 break;
844 case 'f': /* capture filter */
845 get_filter_arguments(capture_opts, optarg_str_p);
846 break;
847 case 'g': /* enable group read access on the capture file(s) */
848 capture_opts->group_read_access = TRUE;
849 break;
850 case 'H': /* Hide capture info dialog box */
851 capture_opts->show_info = FALSE;
852 break;
853 case LONGOPT_SET_TSTAMP_TYPE: /* Set capture time stamp type */
854 if (capture_opts->ifaces->len > 0) {
855 interface_options *interface_opts;
856
857 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
858 g_free(interface_opts->timestamp_type);
859 interface_opts->timestamp_type = g_strdup(optarg_str_p);
860 } else {
861 g_free(capture_opts->default_options.timestamp_type);
862 capture_opts->default_options.timestamp_type = g_strdup(optarg_str_p);
863 }
864 break;
865 case 'i': /* Use interface x */
866 status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
867 if (status != 0) {
868 return status;
869 }
870 break;
871 #ifdef HAVE_PCAP_CREATE
872 case 'I': /* Capture in monitor mode */
873 if (capture_opts->ifaces->len > 0) {
874 interface_options *interface_opts;
875
876 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
877 interface_opts->monitor_mode = TRUE;
878 } else {
879 capture_opts->default_options.monitor_mode = TRUE;
880 }
881 break;
882 #endif
883 /*case 'l':*/ /* Automatic scrolling in live capture mode */
884 #ifdef HAVE_PCAP_SETSAMPLING
885 case 'm':
886 if (get_sampling_arguments(capture_opts, optarg_str_p) == FALSE) {
887 cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
888 return 1;
889 }
890 break;
891 #endif
892 case 'n': /* Use pcapng format */
893 capture_opts->use_pcapng = TRUE;
894 break;
895 case 'p': /* Don't capture in promiscuous mode */
896 if (capture_opts->ifaces->len > 0) {
897 interface_options *interface_opts;
898
899 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
900 interface_opts->promisc_mode = FALSE;
901 } else {
902 capture_opts->default_options.promisc_mode = FALSE;
903 }
904 break;
905 case 'P': /* Use pcap format */
906 capture_opts->use_pcapng = FALSE;
907 break;
908 #ifdef HAVE_PCAP_REMOTE
909 case 'r':
910 if (capture_opts->ifaces->len > 0) {
911 interface_options *interface_opts;
912
913 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
914 interface_opts->nocap_rpcap = FALSE;
915 } else {
916 capture_opts->default_options.nocap_rpcap = FALSE;
917 }
918 break;
919 #endif
920 case 's': /* Set the snapshot (capture) length */
921 snaplen = get_natural_int(optarg_str_p, "snapshot length");
922 /*
923 * Make a snapshot length of 0 equivalent to the maximum packet
924 * length, mirroring what tcpdump does.
925 */
926 if (snaplen == 0)
927 snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
928 if (capture_opts->ifaces->len > 0) {
929 interface_options *interface_opts;
930
931 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
932 interface_opts->has_snaplen = TRUE;
933 interface_opts->snaplen = snaplen;
934 } else {
935 capture_opts->default_options.snaplen = snaplen;
936 capture_opts->default_options.has_snaplen = TRUE;
937 }
938 break;
939 case 'S': /* "Real-Time" mode: used for following file ala tail -f */
940 capture_opts->real_time_mode = TRUE;
941 break;
942 #ifdef HAVE_PCAP_REMOTE
943 case 'u':
944 if (capture_opts->ifaces->len > 0) {
945 interface_options *interface_opts;
946
947 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
948 interface_opts->datatx_udp = TRUE;
949 } else {
950 capture_opts->default_options.datatx_udp = TRUE;
951 }
952 break;
953 #endif
954 case 'w': /* Write to capture file x */
955 capture_opts->saving_to_file = TRUE;
956 g_free(capture_opts->save_file);
957 capture_opts->save_file = g_strdup(optarg_str_p);
958 capture_opts->orig_save_file = g_strdup(optarg_str_p);
959 status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
960 return status;
961 case 'y': /* Set the pcap data link type */
962 if (capture_opts->ifaces->len > 0) {
963 interface_options *interface_opts;
964
965 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
966 interface_opts->linktype = linktype_name_to_val(optarg_str_p);
967 if (interface_opts->linktype == -1) {
968 cmdarg_err("The specified data link type \"%s\" isn't valid",
969 optarg_str_p);
970 return 1;
971 }
972 } else {
973 capture_opts->default_options.linktype = linktype_name_to_val(optarg_str_p);
974 if (capture_opts->default_options.linktype == -1) {
975 cmdarg_err("The specified data link type \"%s\" isn't valid",
976 optarg_str_p);
977 return 1;
978 }
979 }
980 break;
981 case LONGOPT_COMPRESS_TYPE: /* compress type */
982 if (capture_opts->compress_type) {
983 cmdarg_err("--compress-type can be set only once");
984 return 1;
985 }
986 if (strcmp(optarg_str_p, "none") == 0) {
987 ;
988 } else if (strcmp(optarg_str_p, "gzip") == 0) {
989 ;
990 } else {
991 cmdarg_err("parameter of --compress-type can be 'none' or 'gzip'");
992 return 1;
993 }
994 capture_opts->compress_type = g_strdup(optarg_str_p);
995 break;
996 default:
997 /* the caller is responsible to send us only the right opt's */
998 ws_assert_not_reached();
999 }
1000
1001 return 0;
1002 }
1003
1004 int
capture_opts_print_if_capabilities(if_capabilities_t * caps,interface_options * interface_opts,int queries)1005 capture_opts_print_if_capabilities(if_capabilities_t *caps,
1006 interface_options *interface_opts,
1007 int queries)
1008 {
1009 GList *lt_entry, *ts_entry;
1010
1011 if (queries & CAPS_QUERY_LINK_TYPES) {
1012 if (caps->data_link_types == NULL) {
1013 cmdarg_err("The capture device \"%s\" has no data link types.",
1014 interface_opts->name);
1015 return IFACE_HAS_NO_LINK_TYPES;
1016 }
1017 if (caps->can_set_rfmon)
1018 printf("Data link types of interface %s when %sin monitor mode (use option -y to set):\n",
1019 interface_opts->name,
1020 (interface_opts->monitor_mode) ? "" : "not ");
1021 else
1022 printf("Data link types of interface %s (use option -y to set):\n",
1023 interface_opts->name);
1024 for (lt_entry = caps->data_link_types; lt_entry != NULL;
1025 lt_entry = g_list_next(lt_entry)) {
1026 data_link_info_t *data_link_info = (data_link_info_t *)lt_entry->data;
1027 printf(" %s", data_link_info->name);
1028 if (data_link_info->description != NULL)
1029 printf(" (%s)", data_link_info->description);
1030 else
1031 printf(" (not supported)");
1032 printf("\n");
1033 }
1034 }
1035
1036 if (queries & CAPS_QUERY_TIMESTAMP_TYPES) {
1037 if (caps->timestamp_types == NULL) {
1038 cmdarg_err("The capture device \"%s\" has no timestamp types.",
1039 interface_opts->name);
1040 return IFACE_HAS_NO_TIMESTAMP_TYPES;
1041 }
1042 printf("Timestamp types of the interface (use option --time-stamp-type to set):\n");
1043 for (ts_entry = caps->timestamp_types; ts_entry != NULL;
1044 ts_entry = g_list_next(ts_entry)) {
1045 timestamp_info_t *timestamp = (timestamp_info_t *)ts_entry->data;
1046 printf(" %s", timestamp->name);
1047 if (timestamp->description != NULL)
1048 printf(" (%s)", timestamp->description);
1049 else
1050 printf(" (none)");
1051 printf("\n");
1052 }
1053 }
1054 return EXIT_SUCCESS;
1055 }
1056
1057 /* Print an ASCII-formatted list of interfaces. */
1058 void
capture_opts_print_interfaces(GList * if_list)1059 capture_opts_print_interfaces(GList *if_list)
1060 {
1061 int i;
1062 GList *if_entry;
1063 if_info_t *if_info;
1064
1065 i = 1; /* Interface id number */
1066 for (if_entry = g_list_first(if_list); if_entry != NULL;
1067 if_entry = g_list_next(if_entry)) {
1068 if_info = (if_info_t *)if_entry->data;
1069 printf("%d. %s", i++, if_info->name);
1070
1071 /* Print the interface friendly name, if it exists;
1072 if not, fall back to the vendor description, if it exists. */
1073 if (if_info->friendly_name != NULL){
1074 printf(" (%s)", if_info->friendly_name);
1075 } else {
1076 if (if_info->vendor_description != NULL)
1077 printf(" (%s)", if_info->vendor_description);
1078 }
1079 printf("\n");
1080 }
1081 }
1082
1083
1084 void
capture_opts_trim_snaplen(capture_options * capture_opts,int snaplen_min)1085 capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min)
1086 {
1087 guint i;
1088 interface_options *interface_opts;
1089
1090 if (capture_opts->ifaces->len > 0) {
1091 for (i = 0; i < capture_opts->ifaces->len; i++) {
1092 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, 0);
1093 if (interface_opts->snaplen < 1)
1094 interface_opts->snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1095 else if (interface_opts->snaplen < snaplen_min)
1096 interface_opts->snaplen = snaplen_min;
1097 }
1098 } else {
1099 if (capture_opts->default_options.snaplen < 1)
1100 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1101 else if (capture_opts->default_options.snaplen < snaplen_min)
1102 capture_opts->default_options.snaplen = snaplen_min;
1103 }
1104 }
1105
1106
1107 void
capture_opts_trim_ring_num_files(capture_options * capture_opts)1108 capture_opts_trim_ring_num_files(capture_options *capture_opts)
1109 {
1110 /* Check the value range of the ring_num_files parameter */
1111 if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES) {
1112 cmdarg_err("Too many ring buffer files (%u). Reducing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MAX_NUM_FILES);
1113 capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
1114 } else if (capture_opts->ring_num_files > RINGBUFFER_WARN_NUM_FILES) {
1115 cmdarg_err("%u is a lot of ring buffer files.\n", capture_opts->ring_num_files);
1116 }
1117 #if RINGBUFFER_MIN_NUM_FILES > 0
1118 else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES)
1119 cmdarg_err("Too few ring buffer files (%u). Increasing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MIN_NUM_FILES);
1120 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
1121 #endif
1122 }
1123
1124 /*
1125 * If no interface was specified explicitly, pick a default.
1126 */
1127 int
capture_opts_default_iface_if_necessary(capture_options * capture_opts,const char * capture_device)1128 capture_opts_default_iface_if_necessary(capture_options *capture_opts,
1129 const char *capture_device)
1130 {
1131 int status;
1132
1133 /* Did the user specify an interface to use? */
1134 if (capture_opts->num_selected != 0 || capture_opts->ifaces->len != 0) {
1135 /* yes they did, return immediately - nothing further to do here */
1136 return 0;
1137 }
1138
1139 /* No - is a default specified in the preferences file? */
1140 if (capture_device != NULL) {
1141 /* Yes - use it. */
1142 status = capture_opts_add_iface_opt(capture_opts, capture_device);
1143 return status;
1144 }
1145 /* No default in preferences file, just pick the first interface from the list of interfaces. */
1146 return capture_opts_add_iface_opt(capture_opts, "1");
1147 }
1148
1149 #ifndef S_IFIFO
1150 #define S_IFIFO _S_IFIFO
1151 #endif
1152 #ifndef S_ISFIFO
1153 #define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
1154 #endif
1155
1156 /* copied from filesystem.c */
1157 static int
capture_opts_test_for_fifo(const char * path)1158 capture_opts_test_for_fifo(const char *path)
1159 {
1160 ws_statb64 statb;
1161
1162 if (ws_stat64(path, &statb) < 0)
1163 return errno;
1164
1165 if (S_ISFIFO(statb.st_mode))
1166 return ESPIPE;
1167 else
1168 return 0;
1169 }
1170
1171 static gboolean
capture_opts_output_to_pipe(const char * save_file,gboolean * is_pipe)1172 capture_opts_output_to_pipe(const char *save_file, gboolean *is_pipe)
1173 {
1174 int err;
1175
1176 *is_pipe = FALSE;
1177
1178 if (save_file != NULL) {
1179 /* We're writing to a capture file. */
1180 if (strcmp(save_file, "-") == 0) {
1181 /* Writing to stdout. */
1182 /* XXX - should we check whether it's a pipe? It's arguably
1183 silly to do "-w - >output_file" rather than "-w output_file",
1184 but by not checking we might be violating the Principle Of
1185 Least Astonishment. */
1186 *is_pipe = TRUE;
1187 } else {
1188 /* not writing to stdout, test for a FIFO (aka named pipe) */
1189 err = capture_opts_test_for_fifo(save_file);
1190 switch (err) {
1191
1192 case ENOENT: /* it doesn't exist, so we'll be creating it,
1193 and it won't be a FIFO */
1194 case 0: /* found it, but it's not a FIFO */
1195 break;
1196
1197 case ESPIPE: /* it is a FIFO */
1198 *is_pipe = TRUE;
1199 break;
1200
1201 default: /* couldn't stat it */
1202 break; /* ignore: later attempt to open */
1203 /* will generate a nice msg */
1204 }
1205 }
1206 }
1207
1208 return 0;
1209 }
1210
1211 void
capture_opts_del_iface(capture_options * capture_opts,guint if_index)1212 capture_opts_del_iface(capture_options *capture_opts, guint if_index)
1213 {
1214 interface_options *interface_opts;
1215
1216 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, if_index);
1217 /* XXX - check if found? */
1218
1219 g_free(interface_opts->name);
1220 g_free(interface_opts->descr);
1221 g_free(interface_opts->hardware);
1222 g_free(interface_opts->display_name);
1223 g_free(interface_opts->ifname);
1224 g_free(interface_opts->cfilter);
1225 g_free(interface_opts->timestamp_type);
1226 g_free(interface_opts->extcap);
1227 g_free(interface_opts->extcap_fifo);
1228 if (interface_opts->extcap_args)
1229 g_hash_table_unref(interface_opts->extcap_args);
1230 if (interface_opts->extcap_pid != WS_INVALID_PID)
1231 ws_pipe_close((ws_pipe_t *) interface_opts->extcap_pipedata);
1232 g_free(interface_opts->extcap_pipedata);
1233 g_free(interface_opts->extcap_control_in);
1234 g_free(interface_opts->extcap_control_out);
1235 #ifdef HAVE_PCAP_REMOTE
1236 if (interface_opts->src_type == CAPTURE_IFREMOTE) {
1237 g_free(interface_opts->remote_host);
1238 g_free(interface_opts->remote_port);
1239 g_free(interface_opts->auth_username);
1240 g_free(interface_opts->auth_password);
1241 }
1242 #endif
1243 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, if_index);
1244 }
1245
1246
1247
1248 /*
1249 * Add all non-hidden selected interfaces in the "all interfaces" list
1250 * to the list of interfaces for the capture.
1251 */
1252 void
collect_ifaces(capture_options * capture_opts)1253 collect_ifaces(capture_options *capture_opts)
1254 {
1255 guint i;
1256 interface_t *device;
1257 interface_options interface_opts;
1258
1259 /* Empty out the existing list of interfaces. */
1260 for (i = capture_opts->ifaces->len; i != 0; i--)
1261 capture_opts_del_iface(capture_opts, i-1);
1262
1263 /* Now fill the list up again. */
1264 for (i = 0; i < capture_opts->all_ifaces->len; i++) {
1265 device = &g_array_index(capture_opts->all_ifaces, interface_t, i);
1266 if (!device->hidden && device->selected) {
1267 interface_opts.name = g_strdup(device->name);
1268 interface_opts.descr = g_strdup(device->friendly_name);
1269 interface_opts.ifname = NULL;
1270 interface_opts.hardware = g_strdup(device->vendor_description);
1271 interface_opts.display_name = g_strdup(device->display_name);
1272 interface_opts.linktype = device->active_dlt;
1273 interface_opts.cfilter = g_strdup(device->cfilter);
1274 interface_opts.timestamp_type = g_strdup(device->timestamp_type);
1275 interface_opts.snaplen = device->snaplen;
1276 interface_opts.has_snaplen = device->has_snaplen;
1277 interface_opts.promisc_mode = device->pmode;
1278 interface_opts.if_type = device->if_info.type;
1279 interface_opts.extcap = g_strdup(device->if_info.extcap);
1280 interface_opts.extcap_fifo = NULL;
1281 interface_opts.extcap_pipedata = NULL;
1282 interface_opts.extcap_args = device->external_cap_args_settings;
1283 interface_opts.extcap_pid = WS_INVALID_PID;
1284 if (interface_opts.extcap_args)
1285 g_hash_table_ref(interface_opts.extcap_args);
1286 interface_opts.extcap_pipedata = NULL;
1287 #ifdef _WIN32
1288 interface_opts.extcap_pipe_h = INVALID_HANDLE_VALUE;
1289 interface_opts.extcap_control_in_h = INVALID_HANDLE_VALUE;
1290 interface_opts.extcap_control_out_h = INVALID_HANDLE_VALUE;
1291 #endif
1292 interface_opts.extcap_control_in = NULL;
1293 interface_opts.extcap_control_out = NULL;
1294 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
1295 interface_opts.buffer_size = device->buffer;
1296 #endif
1297 #ifdef HAVE_PCAP_CREATE
1298 interface_opts.monitor_mode = device->monitor_mode_enabled;
1299 #endif
1300 #ifdef HAVE_PCAP_REMOTE
1301 interface_opts.src_type = CAPTURE_IFREMOTE;
1302 interface_opts.remote_host = g_strdup(device->remote_opts.remote_host_opts.remote_host);
1303 interface_opts.remote_port = g_strdup(device->remote_opts.remote_host_opts.remote_port);
1304 interface_opts.auth_type = device->remote_opts.remote_host_opts.auth_type;
1305 interface_opts.auth_username = g_strdup(device->remote_opts.remote_host_opts.auth_username);
1306 interface_opts.auth_password = g_strdup(device->remote_opts.remote_host_opts.auth_password);
1307 interface_opts.datatx_udp = device->remote_opts.remote_host_opts.datatx_udp;
1308 interface_opts.nocap_rpcap = device->remote_opts.remote_host_opts.nocap_rpcap;
1309 interface_opts.nocap_local = device->remote_opts.remote_host_opts.nocap_local;
1310 #endif
1311 #ifdef HAVE_PCAP_SETSAMPLING
1312 interface_opts.sampling_method = device->remote_opts.sampling_method;
1313 interface_opts.sampling_param = device->remote_opts.sampling_param;
1314 #endif
1315 g_array_append_val(capture_opts->ifaces, interface_opts);
1316 } else {
1317 continue;
1318 }
1319 }
1320 }
1321
1322 static void
capture_opts_free_interface_t_links(gpointer elem,gpointer unused _U_)1323 capture_opts_free_interface_t_links(gpointer elem, gpointer unused _U_)
1324 {
1325 link_row* e = (link_row*)elem;
1326 if (e != NULL)
1327 g_free(e->name);
1328 g_free(elem);
1329 }
1330
1331 void
capture_opts_free_interface_t(interface_t * device)1332 capture_opts_free_interface_t(interface_t *device)
1333 {
1334 if (device != NULL) {
1335 g_free(device->name);
1336 g_free(device->display_name);
1337 g_free(device->vendor_description);
1338 g_free(device->friendly_name);
1339 g_free(device->addresses);
1340 g_free(device->cfilter);
1341 g_free(device->timestamp_type);
1342 g_list_foreach(device->links,
1343 capture_opts_free_interface_t_links, NULL);
1344 g_list_free(device->links);
1345 #ifdef HAVE_PCAP_REMOTE
1346 g_free(device->remote_opts.remote_host_opts.remote_host);
1347 g_free(device->remote_opts.remote_host_opts.remote_port);
1348 g_free(device->remote_opts.remote_host_opts.auth_username);
1349 g_free(device->remote_opts.remote_host_opts.auth_password);
1350 #endif
1351 g_free(device->if_info.name);
1352 g_free(device->if_info.friendly_name);
1353 g_free(device->if_info.vendor_description);
1354 g_slist_free_full(device->if_info.addrs, g_free);
1355 g_free(device->if_info.extcap);
1356 }
1357 }
1358
1359 #endif /* HAVE_LIBPCAP */
1360
1361 /*
1362 * Editor modelines - https://www.wireshark.org/tools/modelines.html
1363 *
1364 * Local variables:
1365 * c-basic-offset: 4
1366 * tab-width: 8
1367 * indent-tabs-mode: nil
1368 * End:
1369 *
1370 * vi: set shiftwidth=4 tabstop=8 expandtab:
1371 * :indentSize=4:tabSize=8:noTabs=true:
1372 */
1373