1 /*
2  * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that: (1) source code distributions
7  * retain the above copyright notice and this paragraph in its entirety, (2)
8  * distributions including binary code include the above copyright notice and
9  * this paragraph in its entirety in the documentation or other materials
10  * provided with the distribution, and (3) all advertising materials mentioning
11  * features or use of this software display the following acknowledgement:
12  * ``This product includes software developed by the University of California,
13  * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14  * the University nor the names of its contributors may be used to endorse
15  * or promote products derived from this software without specific prior
16  * written permission.
17  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18  * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20  */
21 
22 #include "varattrs.h"
23 
24 #ifndef lint
25 static const char copyright[] _U_ =
26     "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
27 The Regents of the University of California.  All rights reserved.\n";
28 #endif
29 
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <string.h>
33 #include <stdarg.h>
34 #include <limits.h>
35 #ifdef _WIN32
36   #include <winsock2.h>
37   #include <windows.h>
38 
39   #define THREAD_HANDLE			HANDLE
40   #define THREAD_FUNC_ARG_TYPE		LPVOID
41   #define THREAD_FUNC_RETURN_TYPE	DWORD __stdcall
42 
43   #include "getopt.h"
44 #else
45   #include <pthread.h>
46   #include <signal.h>
47   #include <unistd.h>
48 
49   #define THREAD_HANDLE			pthread_t
50   #define THREAD_FUNC_ARG_TYPE		void *
51   #define THREAD_FUNC_RETURN_TYPE	void *
52 #endif
53 #include <errno.h>
54 #include <sys/types.h>
55 
56 #include <pcap.h>
57 
58 #include "pcap/funcattrs.h"
59 
60 #ifdef _WIN32
61   #include "portability.h"
62 #endif
63 
64 static char *program_name;
65 
66 /* Forwards */
67 static void countme(u_char *, const struct pcap_pkthdr *, const u_char *);
68 static void PCAP_NORETURN usage(void);
69 static void PCAP_NORETURN error(const char *, ...) PCAP_PRINTFLIKE(1, 2);
70 static void warning(const char *, ...) PCAP_PRINTFLIKE(1, 2);
71 static char *copy_argv(char **);
72 
73 static pcap_t *pd;
74 
75 #ifdef _WIN32
76 /*
77  * Generate a string for a Win32-specific error (i.e. an error generated when
78  * calling a Win32 API).
79  * For errors occurred during standard C calls, we still use pcap_strerror()
80  */
81 #define ERRBUF_SIZE	1024
82 static const char *
83 win32_strerror(DWORD error)
84 {
85   static char errbuf[ERRBUF_SIZE+1];
86   size_t errlen;
87 
88   FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, error, 0, errbuf,
89                 ERRBUF_SIZE, NULL);
90 
91   /*
92    * "FormatMessage()" "helpfully" sticks CR/LF at the end of the
93    * message.  Get rid of it.
94    */
95   errlen = strlen(errbuf);
96   if (errlen >= 2) {
97     errbuf[errlen - 1] = '\0';
98     errbuf[errlen - 2] = '\0';
99     errlen -= 2;
100   }
101   return errbuf;
102 }
103 #else
104 static void
105 catch_sigusr1(int sig _U_)
106 {
107 	printf("Got SIGUSR1\n");
108 }
109 #endif
110 
111 static void
112 sleep_secs(int secs)
113 {
114 #ifdef _WIN32
115 	Sleep(secs*1000);
116 #else
117 	unsigned secs_remaining;
118 
119 	if (secs <= 0)
120 		return;
121 	secs_remaining = secs;
122 	while (secs_remaining != 0)
123 		secs_remaining = sleep(secs_remaining);
124 #endif
125 }
126 
127 static THREAD_FUNC_RETURN_TYPE
128 capture_thread_func(THREAD_FUNC_ARG_TYPE arg)
129 {
130 	char *device = arg;
131 	int packet_count;
132 	int status;
133 #ifndef _WIN32
134 	struct sigaction action;
135 	sigset_t mask;
136 #endif
137 
138 #ifndef _WIN32
139 	sigemptyset(&mask);
140 	action.sa_handler = catch_sigusr1;
141 	action.sa_mask = mask;
142 	action.sa_flags = 0;
143 	if (sigaction(SIGUSR1, &action, NULL) == -1)
144 		error("Can't catch SIGUSR1: %s", strerror(errno));
145 #endif
146 
147 	printf("Listening on %s\n", device);
148 	for (;;) {
149 		packet_count = 0;
150 		status = pcap_dispatch(pd, -1, countme,
151 		    (u_char *)&packet_count);
152 		if (status < 0)
153 			break;
154 		if (status != 0) {
155 			printf("%d packets seen, %d packets counted after pcap_dispatch returns\n",
156 			    status, packet_count);
157 		} else
158 			printf("No packets seen by pcap_dispatch\n");
159 	}
160 	if (status == PCAP_ERROR_BREAK) {
161 		/*
162 		 * We got interrupted, so perhaps we didn't
163 		 * manage to finish a line we were printing.
164 		 * Print an extra newline, just in case.
165 		 */
166 		putchar('\n');
167 		printf("Loop got broken\n");
168 	}
169 	(void)fflush(stdout);
170 	if (status == PCAP_ERROR) {
171 		/*
172 		 * Error.  Report it.
173 		 */
174 		(void)fprintf(stderr, "%s: pcap_dispatch: %s\n",
175 		    program_name, pcap_geterr(pd));
176 	}
177 	return 0;
178 }
179 
180 int
181 main(int argc, char **argv)
182 {
183 	register int op;
184 	register char *cp, *cmdbuf, *device;
185 	int do_wakeup = 1;
186 	pcap_if_t *devlist;
187 	bpf_u_int32 localnet, netmask;
188 	struct bpf_program fcode;
189 	char ebuf[PCAP_ERRBUF_SIZE];
190 	int status;
191 	THREAD_HANDLE capture_thread;
192 #ifndef _WIN32
193 	void *retval;
194 #endif
195 
196 	device = NULL;
197 	if ((cp = strrchr(argv[0], '/')) != NULL)
198 		program_name = cp + 1;
199 	else
200 		program_name = argv[0];
201 
202 	opterr = 0;
203 	while ((op = getopt(argc, argv, "i:n")) != -1) {
204 		switch (op) {
205 
206 		case 'i':
207 			device = optarg;
208 			break;
209 
210 		case 'n':
211 			do_wakeup = 0;
212 			break;
213 
214 		default:
215 			usage();
216 			/* NOTREACHED */
217 		}
218 	}
219 
220 	if (device == NULL) {
221 		if (pcap_findalldevs(&devlist, ebuf) == -1)
222 			error("%s", ebuf);
223 		if (devlist == NULL)
224 			error("no interfaces available for capture");
225 		device = strdup(devlist->name);
226 		pcap_freealldevs(devlist);
227 	}
228 	*ebuf = '\0';
229 	pd = pcap_create(device, ebuf);
230 	if (pd == NULL)
231 		error("%s", ebuf);
232 	status = pcap_set_snaplen(pd, 65535);
233 	if (status != 0)
234 		error("%s: pcap_set_snaplen failed: %s",
235 			    device, pcap_statustostr(status));
236 	status = pcap_set_timeout(pd, 5*60*1000);
237 	if (status != 0)
238 		error("%s: pcap_set_timeout failed: %s",
239 		    device, pcap_statustostr(status));
240 	status = pcap_activate(pd);
241 	if (status < 0) {
242 		/*
243 		 * pcap_activate() failed.
244 		 */
245 		error("%s: %s\n(%s)", device,
246 		    pcap_statustostr(status), pcap_geterr(pd));
247 	} else if (status > 0) {
248 		/*
249 		 * pcap_activate() succeeded, but it's warning us
250 		 * of a problem it had.
251 		 */
252 		warning("%s: %s\n(%s)", device,
253 		    pcap_statustostr(status), pcap_geterr(pd));
254 	}
255 	if (pcap_lookupnet(device, &localnet, &netmask, ebuf) < 0) {
256 		localnet = 0;
257 		netmask = 0;
258 		warning("%s", ebuf);
259 	}
260 	cmdbuf = copy_argv(&argv[optind]);
261 
262 	if (pcap_compile(pd, &fcode, cmdbuf, 1, netmask) < 0)
263 		error("%s", pcap_geterr(pd));
264 
265 	if (pcap_setfilter(pd, &fcode) < 0)
266 		error("%s", pcap_geterr(pd));
267 
268 #ifdef _WIN32
269 	capture_thread = CreateThread(NULL, 0, capture_thread_func, device,
270 	    0, NULL);
271 	if (capture_thread == NULL)
272 		error("Can't create capture thread: %s",
273 		    win32_strerror(GetLastError()));
274 #else
275 	status = pthread_create(&capture_thread, NULL, capture_thread_func,
276 	    device);
277 	if (status != 0)
278 		error("Can't create capture thread: %s", strerror(status));
279 #endif
280 	sleep_secs(60);
281 	printf("Doing pcap_breakloop()\n");
282 	pcap_breakloop(pd);
283 	if (do_wakeup) {
284 		/*
285 		 * Force a wakeup in the capture thread.
286 		 *
287 		 * On some platforms, with some devices,, pcap_breakloop()
288 		 * can't do that itself.  On Windows, poke the device's
289 		 * event handle; on UN*X, send a SIGUSR1 to the thread.
290 		 */
291 #ifdef _WIN32
292 		printf("Setting event\n");
293 		if (!SetEvent(pcap_getevent(pd)))
294 			error("Can't set event for pcap_t: %s",
295 			    win32_strerror(GetLastError()));
296 #else
297 		printf("Sending SIGUSR1\n");
298 		status = pthread_kill(capture_thread, SIGUSR1);
299 		if (status != 0)
300 			warning("Can't interrupt capture thread: %s",
301 			strerror(status));
302 #endif
303 	}
304 
305 	/*
306 	 * Now wait for the capture thread to terminate.
307 	 */
308 #ifdef _WIN32
309 	if (WaitForSingleObject(capture_thread, INFINITE) == WAIT_FAILED)
310 		error("Wait for thread termination failed: %s",
311 		    win32_strerror(GetLastError()));
312 	CloseHandle(capture_thread);
313 #else
314 	status = pthread_join(capture_thread, &retval);
315 	if (status != 0)
316 		error("Wait for thread termination failed: %s",
317 		    strerror(status));
318 #endif
319 
320 	pcap_close(pd);
321 	pcap_freecode(&fcode);
322 	exit(status == -1 ? 1 : 0);
323 }
324 
325 static void
326 countme(u_char *user, const struct pcap_pkthdr *h _U_, const u_char *sp _U_)
327 {
328 	int *counterp = (int *)user;
329 
330 	(*counterp)++;
331 }
332 
333 static void
334 usage(void)
335 {
336 	(void)fprintf(stderr, "Usage: %s [ -n ] [ -i interface ] [ expression ]\n",
337 	    program_name);
338 	exit(1);
339 }
340 
341 /* VARARGS */
342 static void
343 error(const char *fmt, ...)
344 {
345 	va_list ap;
346 
347 	(void)fprintf(stderr, "%s: ", program_name);
348 	va_start(ap, fmt);
349 	(void)vfprintf(stderr, fmt, ap);
350 	va_end(ap);
351 	if (*fmt) {
352 		fmt += strlen(fmt);
353 		if (fmt[-1] != '\n')
354 			(void)fputc('\n', stderr);
355 	}
356 	exit(1);
357 	/* NOTREACHED */
358 }
359 
360 /* VARARGS */
361 static void
362 warning(const char *fmt, ...)
363 {
364 	va_list ap;
365 
366 	(void)fprintf(stderr, "%s: WARNING: ", program_name);
367 	va_start(ap, fmt);
368 	(void)vfprintf(stderr, fmt, ap);
369 	va_end(ap);
370 	if (*fmt) {
371 		fmt += strlen(fmt);
372 		if (fmt[-1] != '\n')
373 			(void)fputc('\n', stderr);
374 	}
375 }
376 
377 /*
378  * Copy arg vector into a new buffer, concatenating arguments with spaces.
379  */
380 static char *
381 copy_argv(register char **argv)
382 {
383 	register char **p;
384 	register size_t len = 0;
385 	char *buf;
386 	char *src, *dst;
387 
388 	p = argv;
389 	if (*p == 0)
390 		return 0;
391 
392 	while (*p)
393 		len += strlen(*p++) + 1;
394 
395 	buf = (char *)malloc(len);
396 	if (buf == NULL)
397 		error("copy_argv: malloc");
398 
399 	p = argv;
400 	dst = buf;
401 	while ((src = *p++) != NULL) {
402 		while ((*dst++ = *src++) != '\0')
403 			;
404 		dst[-1] = ' ';
405 	}
406 	dst[-1] = '\0';
407 
408 	return buf;
409 }
410