search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dcerpc SPLIT auth_session_key
[wireshark-sm.git] / text2pcap.c
blob30a4d35781767ae60f3ccfb506dea3aec5ea2c96
1 /**-*-C-*-**********************************************************************
2 *
3 * text2pcap.c
4 *
5 * Utility to convert an ASCII hexdump into a libpcap-format capture file
6 *
7 * (c) Copyright 2001 Ashok Narayanan <ashokn@cisco.com>
8 *
9 * Wireshark - Network traffic analyzer
10 * By Gerald Combs <gerald@wireshark.org>
11 * Copyright 1998 Gerald Combs
12 *
13 * SPDX-License-Identifier: GPL-2.0-or-later
14 *
15 *******************************************************************************/
16
17 /*******************************************************************************
18 *
19 * This utility reads in an ASCII hexdump of this common format:
20 *
21 * 00000000 00 E0 1E A7 05 6F 00 10 5A A0 B9 12 08 00 46 00 .....o..Z.....F.
22 * 00000010 03 68 00 00 00 00 0A 2E EE 33 0F 19 08 7F 0F 19 .h.......3......
23 * 00000020 03 80 94 04 00 00 10 01 16 A2 0A 00 03 50 00 0C .............P..
24 * 00000030 01 01 0F 19 03 80 11 01 1E 61 00 0C 03 01 0F 19 .........a......
25 *
26 * Each bytestring line consists of an offset, one or more bytes, and
27 * text at the end. An offset is defined as a hex string of more than
28 * two characters. A byte is defined as a hex string of exactly two
29 * characters. The text at the end is ignored, as is any text before
30 * the offset. Bytes read from a bytestring line are added to the
31 * current packet only if all the following conditions are satisfied:
32 *
33 * - No text appears between the offset and the bytes (any bytes appearing after
34 * such text would be ignored)
35 *
36 * - The offset must be arithmetically correct, i.e. if the offset is 00000020,
37 * then exactly 32 bytes must have been read into this packet before this.
38 * If the offset is wrong, the packet is immediately terminated
39 *
40 * A packet start is signaled by a zero offset.
41 *
42 * Lines starting with #TEXT2PCAP are directives. These allow the user
43 * to embed instructions into the capture file which allows text2pcap
44 * to take some actions (e.g. specifying the encapsulation
45 * etc.). Currently no directives are implemented.
46 *
47 * Lines beginning with # which are not directives are ignored as
48 * comments. Currently all non-hexdump text is ignored by text2pcap;
49 * in the future, text processing may be added, but lines prefixed
50 * with '#' will still be ignored.
51 *
52 * The output is a libpcap packet containing Ethernet frames by
53 * default. This program takes options which allow the user to add
54 * dummy Ethernet, IP and UDP, TCP or SCTP headers to the packets in order
55 * to allow dumps of L3 or higher protocols to be decoded.
56 *
57 * Considerable flexibility is built into this code to read hexdumps
58 * of slightly different formats. For example, any text prefixing the
59 * hexdump line is dropped (including mail forwarding '>'). The offset
60 * can be any hex number of four digits or greater.
61 *
62 * This converter cannot read a single packet greater than
63 * WTAP_MAX_PACKET_SIZE_STANDARD. The snapshot length is automatically
64 * set to WTAP_MAX_PACKET_SIZE_STANDARD.
65 */
66
67 #include <config.h>
68 #define WS_LOG_DOMAIN LOG_DOMAIN_MAIN
69
70 #include <stdio.h>
71 #include <stdlib.h>
72 #include <string.h>
73 #include <wsutil/file_util.h>
74 #include <cli_main.h>
75 #include <wsutil/cmdarg_err.h>
76 #include <ui/text_import.h>
77 #include <wsutil/version_info.h>
78 #include <ui/failure_message.h>
79 #include <wsutil/clopts_common.h>
80 #include <wsutil/inet_addr.h>
81 #include <wsutil/cpu_info.h>
82 #include <wsutil/os_version_info.h>
83 #include <wsutil/privileges.h>
84 #include <wsutil/strtoi.h>
85
86 #include <glib.h>
87
88 #include <ws_exit_codes.h>
89 #include <wsutil/filesystem.h>
90 #include <wsutil/str_util.h>
91 #include <wsutil/strnatcmp.h>
92 #include <wsutil/wslog.h>
93 #include <wsutil/ws_getopt.h>
94
95 #include <errno.h>
96
97 #include "text2pcap.h"
98
99 #include "wiretap/wtap.h"
100 #include "wiretap/pcap-encap.h"
101
102 #define LONGOPT_COMPRESS LONGOPT_BASE_APPLICATION+1
103 #define LONGOPT_LITTLE_ENDIAN LONGOPT_BASE_APPLICATION+2
104
105 /*--- Options --------------------------------------------------------------------*/
106
107
108 /* Be quiet */
109 static bool quiet;
110
111 /* Dummy Ethernet header */
112 static bool hdr_ethernet;
113 #if 0
114 /* XXX: Maybe add custom Ethernet Address options? */
115 static uint8_t hdr_eth_dest_addr[6] = {0x0a, 0x02, 0x02, 0x02, 0x02, 0x02};
116 static uint8_t hdr_eth_src_addr[6] = {0x0a, 0x02, 0x02, 0x02, 0x02, 0x01};
117 #endif
118 static uint32_t hdr_ethernet_proto;
119
120 /* Dummy IP header */
121 static bool hdr_ip;
122 static bool hdr_ipv6;
123 static bool have_hdr_ip_proto;
124 static uint8_t hdr_ip_proto;
125
126 /* Destination and source addresses for IP header */
127 static uint32_t hdr_ip_dest_addr;
128 static uint32_t hdr_ip_src_addr;
129 static ws_in6_addr hdr_ipv6_dest_addr = {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}};
130 static ws_in6_addr hdr_ipv6_src_addr = {{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}};
131
132 /* Dummy UDP header */
133 static bool hdr_udp;
134 static uint32_t hdr_dest_port;
135 static uint32_t hdr_src_port;
136
137 /* Dummy TCP header */
138 static bool hdr_tcp;
139
140 /* Dummy SCTP header */
141 static bool hdr_sctp;
142 static uint32_t hdr_sctp_src;
143 static uint32_t hdr_sctp_dest;
144 static uint32_t hdr_sctp_tag;
145
146 /* Dummy DATA chunk header */
147 static bool hdr_data_chunk;
148 static uint32_t hdr_data_chunk_tsn;
149 static uint16_t hdr_data_chunk_sid;
150 static uint16_t hdr_data_chunk_ssn;
151 static uint32_t hdr_data_chunk_ppid;
152
153 /* Export PDU */
154 static bool hdr_export_pdu;
155
156 /*--- Local data -----------------------------------------------------------------*/
157
158 /* This is where we store the packet currently being built */
159 static uint32_t max_offset = WTAP_MAX_PACKET_SIZE_STANDARD;
160
161 /* Time code of packet, derived from packet_preamble */
162 static int ts_fmt_iso;
163
164 /* Input file */
165 static char *input_filename;
166 static FILE *input_file;
167 /* Output file */
168 static char *output_filename;
169
170 static wtap_dumper* wdh;
171
172 /*----------------------------------------------------------------------
173 * Print usage string and exit
174 */
175 static void
176 print_usage (FILE *output)
177 {
178 fprintf(output,
179 "\n"
180 "Usage: text2pcap [options] <infile> <outfile>\n"
181 "\n"
182 "where <infile> specifies input filename (use - for standard input)\n"
183 " <outfile> specifies output filename (use - for standard output)\n"
184 "\n"
185 "Input:\n"
186 " -o hex|oct|dec|none parse offsets as (h)ex, (o)ctal, (d)ecimal, or (n)one;\n"
187 " default is hex.\n"
188 " -t <timefmt> treat the text before the packet as a date/time code;\n"
189 " <timefmt> is a format string supported by strptime,\n"
190 " with an optional %%f descriptor for fractional seconds.\n"
191 " Example: The time \"10:15:14.5476\" has the format code\n"
192 " \"%%H:%%M:%%S.%%f\"\n"
193 " The special format string ISO supports ISO-8601 times.\n"
194 " NOTE: Date/time fields from the current date/time are\n"
195 " used as the default for unspecified fields.\n"
196 " -D the text before the packet starts with an I or an O,\n"
197 " indicating that the packet is inbound or outbound.\n"
198 " This is used when generating dummy headers if the\n"
199 " output format supports it (e.g. pcapng).\n"
200 " -a enable ASCII text dump identification.\n"
201 " The start of the ASCII text dump can be identified\n"
202 " and excluded from the packet data, even if it looks\n"
203 " like a HEX dump.\n"
204 " NOTE: Do not enable it if the input file does not\n"
205 " contain the ASCII text dump.\n"
206 " -r <regex> enable regex mode. Scan the input using <regex>, a Perl\n"
207 " compatible regular expression matching a single packet.\n"
208 " Named capturing subgroups are used to identify fields:\n"
209 " <data> (mand.), and <time>, <dir>, and <seqno> (opt.)\n"
210 " The time field format is taken from the -t option\n"
211 " Example: -r '^(?<dir>[<>])\\s(?<time>\\d+:\\d\\d:\\d\\d.\\d+)\\s(?<data>[0-9a-fA-F]+)$'\n"
212 " could match a file with lines like\n"
213 " > 0:00:00.265620 a130368b000000080060\n"
214 " < 0:00:00.295459 a2010800000000000000000800000000\n"
215 " -b 2|8|16|64 encoding base (radix) of the packet data in regex mode\n"
216 " (def: 16: hexadecimal) No effect in hexdump mode.\n"
217 "\n"
218 "Output:\n"
219 " if the output file(s) have the .gz extension, then\n"
220 " gzip compression will be used.\n"
221 " -F <capture type> set the output file type; default is pcapng.\n"
222 " an empty \"-F\" option will list the file types.\n"
223 " -E <encap type> set the output file encapsulation type; default is\n"
224 " ether (Ethernet). An empty \"-E\" option will list\n"
225 " the encapsulation types.\n"
226 " -l <typenum> set the output file encapsulation type via link-layer\n"
227 " type number; default is 1 (Ethernet). See\n"
228 " https://www.tcpdump.org/linktypes.html for a list of\n"
229 " numbers.\n"
230 " Example: -l 7 for ARCNet packets.\n"
231 " -m <max-packet> max packet length in output; default is %u\n"
232 " -N <intf-name> assign name to the interface in the pcapng file.\n"
233 " --compress <type> Compress the output file using the type compression format.\n"
234 " "
235 "\n"
236 "Prepend dummy header:\n"
237 " -e <ethertype> prepend dummy Ethernet II header with specified EtherType\n"
238 " (in HEX).\n"
239 " Example: -e 0x806 to specify an ARP packet.\n"
240 " -i <proto> prepend dummy IP header with specified IP protocol\n"
241 " (in DECIMAL).\n"
242 " Automatically prepends Ethernet header as well if\n"
243 " link-layer type is Ethernet.\n"
244 " Example: -i 46\n"
245 " -4 <srcip>,<destip> prepend dummy IPv4 header with specified\n"
246 " source and destination addresses.\n"
247 " Example: -4 10.0.0.1,10.0.0.2\n"
248 " -6 <srcip>,<destip> prepend dummy IPv6 header with specified\n"
249 " source and destination addresses.\n"
250 " Example: -6 2001:db8::b3ff:fe1e:8329,2001:0db8:85a3::8a2e:0370:7334\n"
251 " -u <srcp>,<destp> prepend dummy UDP header with specified\n"
252 " source and destination ports (in DECIMAL).\n"
253 " Automatically prepends Ethernet & IP headers as well.\n"
254 " Example: -u 1000,69 to make the packets look like\n"
255 " TFTP/UDP packets.\n"
256 " -T <srcp>,<destp> prepend dummy TCP header with specified\n"
257 " source and destination ports (in DECIMAL).\n"
258 " Automatically prepends Ethernet & IP headers as well.\n"
259 " Example: -T 50,60\n"
260 " -s <srcp>,<dstp>,<tag> prepend dummy SCTP header with specified\n"
261 " source/destination ports and verification tag (in DECIMAL).\n"
262 " Automatically prepends Ethernet & IP headers as well.\n"
263 " Example: -s 30,40,34\n"
264 " -S <srcp>,<dstp>,<ppi> prepend dummy SCTP header with specified\n"
265 " source/destination ports and verification tag 0.\n"
266 " Automatically prepends a dummy SCTP DATA\n"
267 " chunk header with payload protocol identifier ppi.\n"
268 " Example: -S 30,40,34\n"
269 " -P <dissector> prepend EXPORTED_PDU header with specified dissector\n"
270 " as the payload DISSECTOR_NAME tag.\n"
271 " Automatically sets link type to Upper PDU Export.\n"
272 " EXPORTED_PDU payload defaults to \"data\" otherwise.\n"
273 "\n",
274 WTAP_MAX_PACKET_SIZE_STANDARD);
275
276 ws_log_print_usage(output);
277
278 fprintf(output, "\n"
279 "Miscellaneous:\n"
280 " -h, --help display this help and exit\n"
281 " -v, --version print version information and exit\n"
282 " -q don't report processed packet counts\n"
283 "");
284 }
285
286 /*
287 * Set the hdr_ip_proto parameter, and set the flag indicate that the
288 * parameter has been specified.
289 *
290 * XXX - catch the case where two different options set it differently?
291 */
292 static void
293 set_hdr_ip_proto(uint8_t ip_proto)
294 {
295 have_hdr_ip_proto = true;
296 hdr_ip_proto = ip_proto;
297 }
298
299 static void
300 list_capture_types(void) {
301 GArray *writable_type_subtypes;
302
303 cmdarg_err("The available capture file types for the \"-F\" flag are:\n");
304 writable_type_subtypes = wtap_get_writable_file_types_subtypes(FT_SORT_BY_NAME);
305 for (unsigned i = 0; i < writable_type_subtypes->len; i++) {
306 int ft = g_array_index(writable_type_subtypes, int, i);
307 fprintf(stderr, " %s - %s\n", wtap_file_type_subtype_name(ft),
308 wtap_file_type_subtype_description(ft));
309 }
310 g_array_free(writable_type_subtypes, TRUE);
311 }
312
313 static void
314 list_output_compression_types(void) {
315 GSList *output_compression_types;
316
317 cmdarg_err("The available output compression type(s) for the \"--compress\" flag are:\n");
318 output_compression_types = wtap_get_all_output_compression_type_names_list();
319 for (GSList *compression_type = output_compression_types;
320 compression_type != NULL;
321 compression_type = g_slist_next(compression_type)) {
322 fprintf(stderr, " %s\n", (const char *)compression_type->data);
323 }
324
325 g_slist_free(output_compression_types);
326 }
327
328 struct string_elem {
329 const char *sstr; /* The short string */
330 const char *lstr; /* The long string */
331 };
332
333 static int
334 string_nat_compare(const void *a, const void *b)
335 {
336 return ws_ascii_strnatcmp(((const struct string_elem *)a)->sstr,
337 ((const struct string_elem *)b)->sstr);
338 }
339
340 static void
341 string_elem_print(void *data, void *stream_ptr)
342 {
343 fprintf((FILE *) stream_ptr, " %s - %s\n",
344 ((struct string_elem *)data)->sstr,
345 ((struct string_elem *)data)->lstr);
346 }
347
348 static void
349 list_encap_types(void) {
350 int i;
351 struct string_elem *encaps;
352 GSList *list = NULL;
353
354 encaps = g_new(struct string_elem, wtap_get_num_encap_types());
355 cmdarg_err("The available encapsulation types for the \"-E\" flag are:\n");
356 for (i = 0; i < wtap_get_num_encap_types(); i++) {
357 /* Exclude wtap encapsulations that require a pseudo header,
358 * because we won't setup one from the text we import and
359 * wiretap doesn't allow us to write 'raw' frames
360 */
361 if (!wtap_encap_requires_phdr(i)) {
362 encaps[i].sstr = wtap_encap_name(i);
363 if (encaps[i].sstr != NULL) {
364 encaps[i].lstr = wtap_encap_description(i);
365 list = g_slist_insert_sorted(list, &encaps[i], string_nat_compare);
366 }
367 }
368 }
369 g_slist_foreach(list, string_elem_print, stderr);
370 g_slist_free(list);
371 g_free(encaps);
372 }
373
374 static void
375 cleanup_dump_params(wtap_dump_params *params)
376 {
377 wtap_free_idb_info(params->idb_inf);
378 wtap_dump_params_cleanup(params);
379 }
380
381 /*----------------------------------------------------------------------
382 * Parse CLI options
383 */
384 static int
385 parse_options(int argc, char *argv[], text_import_info_t * const info, wtap_dump_params * const params)
386 {
387 int ret;
388 int c;
389 char *p;
390 static const struct ws_option long_options[] = {
391 {"help", ws_no_argument, NULL, 'h'},
392 {"version", ws_no_argument, NULL, 'v'},
393 {"compress", ws_required_argument, NULL, LONGOPT_COMPRESS},
394 {"little-endian", ws_no_argument, NULL, LONGOPT_LITTLE_ENDIAN},
395 {0, 0, 0, 0 }
396 };
397 const char *interface_name = NULL;
398 /* Link-layer type; see https://www.tcpdump.org/linktypes.html for details */
399 uint32_t pcap_link_type = 1; /* Default is LINKTYPE_ETHERNET */
400 int file_type_subtype = WTAP_FILE_TYPE_SUBTYPE_UNKNOWN;
401 int wtap_encap_type = WTAP_ENCAP_ETHERNET;
402 int err;
403 char* err_info;
404 wtap_compression_type compression_type = WTAP_UNKNOWN_COMPRESSION;
405 GError* gerror = NULL;
406 GRegex* regex = NULL;
407
408 info->mode = TEXT_IMPORT_HEXDUMP;
409 info->hexdump.offset_type = OFFSET_HEX;
410 info->regex.encoding = ENCODING_PLAIN_HEX;
411 info->payload = "data";
412
413 /* Initialize the version information. */
414 ws_init_version_info("Text2pcap", NULL, NULL);
415
416 /* Scan CLI parameters */
417 while ((c = ws_getopt_long(argc, argv, "hqab:De:E:F:i:l:m:nN:o:u:P:r:s:S:t:T:v4:6:", long_options, NULL)) != -1) {
418 switch (c) {
419 case 'h':
420 show_help_header("Generate a capture file from an ASCII hexdump of packets.");
421 print_usage(stdout);
422 exit(0);
423 break;
424 case 'q': quiet = true; break;
425 case 'a': info->hexdump.identify_ascii = true; break;
426 case 'D': info->hexdump.has_direction = true; break;
427 case 'l':
428 pcap_link_type = (uint32_t)strtol(ws_optarg, NULL, 0);
429 wtap_encap_type = wtap_pcap_encap_to_wtap_encap(pcap_link_type);
430 break;
431 case 'm': max_offset = (uint32_t)strtol(ws_optarg, NULL, 0); break;
432 case 'n': cmdarg_err("'-n' is deprecated; the output format already defaults to pcapng."); break;
433 case 'N': interface_name = ws_optarg; break;
434 case 'b':
435 {
436 uint8_t radix;
437 if (!ws_strtou8(ws_optarg, NULL, &radix)) {
438 cmdarg_err("Bad argument for '-b': %s", ws_optarg);
439 print_usage(stderr);
440 return WS_EXIT_INVALID_OPTION;
441 }
442 switch (radix) {
443 case 2: info->regex.encoding = ENCODING_PLAIN_BIN; break;
444 case 8: info->regex.encoding = ENCODING_PLAIN_OCT; break;
445 case 16: info->regex.encoding = ENCODING_PLAIN_HEX; break;
446 case 64: info->regex.encoding = ENCODING_BASE64; break;
447 default:
448 cmdarg_err("Bad argument for '-b': %s", ws_optarg);
449 print_usage(stderr);
450 return WS_EXIT_INVALID_OPTION;
451 }
452 break;
453 }
454
455 case 'o':
456 if (ws_optarg[0] != 'h' && ws_optarg[0] != 'o' && ws_optarg[0] != 'd' && ws_optarg[0] != 'n') {
457 cmdarg_err("Bad argument for '-o': %s", ws_optarg);
458 print_usage(stderr);
459 return WS_EXIT_INVALID_OPTION;
460 }
461 switch (ws_optarg[0]) {
462 case 'o': info->hexdump.offset_type = OFFSET_OCT; break;
463 case 'h': info->hexdump.offset_type = OFFSET_HEX; break;
464 case 'd': info->hexdump.offset_type = OFFSET_DEC; break;
465 case 'n': info->hexdump.offset_type = OFFSET_NONE; break;
466 }
467 break;
468
469 case 'e':
470 hdr_ethernet = true;
471 if (sscanf(ws_optarg, "%x", &hdr_ethernet_proto) < 1) {
472 cmdarg_err("Bad argument for '-e': %s", ws_optarg);
473 print_usage(stderr);
474 return WS_EXIT_INVALID_OPTION;
475 }
476 break;
477
478 case 'E':
479 wtap_encap_type = wtap_name_to_encap(ws_optarg);
480 if (wtap_encap_type < 0) {
481 cmdarg_err("\"%s\" isn't a valid encapsulation type", ws_optarg);
482 list_encap_types();
483 return WS_EXIT_INVALID_OPTION;
484 }
485 break;
486
487 case 'F':
488 file_type_subtype = wtap_name_to_file_type_subtype(ws_optarg);
489 if (file_type_subtype < 0) {
490 cmdarg_err("\"%s\" isn't a valid capture file type", ws_optarg);
491 list_capture_types();
492 return WS_EXIT_INVALID_OPTION;
493 }
494 break;
495
496 case 'i':
497 {
498 uint8_t ip_proto;
499 if (!ws_strtou8(ws_optarg, NULL, &ip_proto)) {
500 cmdarg_err("Bad argument for '-i': %s", ws_optarg);
501 print_usage(stderr);
502 return WS_EXIT_INVALID_OPTION;
503 }
504 set_hdr_ip_proto(ip_proto);
505 break;
506 }
507
508 case 'P':
509 hdr_export_pdu = true;
510 wtap_encap_type = WTAP_ENCAP_WIRESHARK_UPPER_PDU;
511 info->payload = ws_optarg;
512 break;
513
514 case 'r':
515 info->mode = TEXT_IMPORT_REGEX;
516 if (regex != NULL) {
517 /* XXX: Used the option twice. Should we warn? */
518 g_regex_unref(regex);
519 }
520 regex = g_regex_new(ws_optarg, G_REGEX_DUPNAMES | G_REGEX_OPTIMIZE | G_REGEX_MULTILINE, G_REGEX_MATCH_NOTEMPTY, &gerror);
521 if (gerror) {
522 cmdarg_err("%s", gerror->message);
523 g_error_free(gerror);
524 print_usage(stderr);
525 return WS_EXIT_INVALID_OPTION;
526 } else {
527 if (g_regex_get_string_number(regex, "data") == -1) {
528 cmdarg_err("Regex missing capturing group data (use (?<data>(...)) )");
529 g_regex_unref(regex);
530 print_usage(stderr);
531 return WS_EXIT_INVALID_OPTION;
532 }
533 }
534 break;
535
536 case 's':
537 hdr_sctp = true;
538 hdr_data_chunk = false;
539 hdr_tcp = false;
540 hdr_udp = false;
541 hdr_sctp_src = (uint32_t)strtol(ws_optarg, &p, 10);
542 if (p == ws_optarg || (*p != ',' && *p != '\0')) {
543 cmdarg_err("Bad src port for '-%c'", c);
544 print_usage(stderr);
545 return WS_EXIT_INVALID_OPTION;
546 }
547 if (*p == '\0') {
548 cmdarg_err("No dest port specified for '-%c'", c);
549 print_usage(stderr);
550 return WS_EXIT_INVALID_OPTION;
551 }
552 p++;
553 ws_optarg = p;
554 hdr_sctp_dest = (uint32_t)strtol(ws_optarg, &p, 10);
555 if (p == ws_optarg || (*p != ',' && *p != '\0')) {
556 cmdarg_err("Bad dest port for '-s'");
557 print_usage(stderr);
558 return WS_EXIT_INVALID_OPTION;
559 }
560 if (*p == '\0') {
561 cmdarg_err("No tag specified for '-%c'", c);
562 print_usage(stderr);
563 return WS_EXIT_INVALID_OPTION;
564 }
565 p++;
566 ws_optarg = p;
567 hdr_sctp_tag = (uint32_t)strtol(ws_optarg, &p, 10);
568 if (p == ws_optarg || *p != '\0') {
569 cmdarg_err("Bad tag for '-%c'", c);
570 print_usage(stderr);
571 return WS_EXIT_INVALID_OPTION;
572 }
573
574 set_hdr_ip_proto(132);
575 break;
576
577 case 'S':
578 hdr_sctp = true;
579 hdr_data_chunk = true;
580 hdr_tcp = false;
581 hdr_udp = false;
582 hdr_sctp_src = (uint32_t)strtol(ws_optarg, &p, 10);
583 if (p == ws_optarg || (*p != ',' && *p != '\0')) {
584 cmdarg_err("Bad src port for '-%c'", c);
585 print_usage(stderr);
586 return WS_EXIT_INVALID_OPTION;
587 }
588 if (*p == '\0') {
589 cmdarg_err("No dest port specified for '-%c'", c);
590 print_usage(stderr);
591 return WS_EXIT_INVALID_OPTION;
592 }
593 p++;
594 ws_optarg = p;
595 hdr_sctp_dest = (uint32_t)strtol(ws_optarg, &p, 10);
596 if (p == ws_optarg || (*p != ',' && *p != '\0')) {
597 cmdarg_err("Bad dest port for '-s'");
598 print_usage(stderr);
599 return WS_EXIT_INVALID_OPTION;
600 }
601 if (*p == '\0') {
602 cmdarg_err("No ppi specified for '-%c'", c);
603 print_usage(stderr);
604 return WS_EXIT_INVALID_OPTION;
605 }
606 p++;
607 ws_optarg = p;
608 hdr_data_chunk_ppid = (uint32_t)strtoul(ws_optarg, &p, 10);
609 if (p == ws_optarg || *p != '\0') {
610 cmdarg_err("Bad ppi for '-%c'", c);
611 print_usage(stderr);
612 return WS_EXIT_INVALID_OPTION;
613 }
614
615 set_hdr_ip_proto(132);
616 break;
617
618 case 't':
619 info->timestamp_format = ws_optarg;
620 if (!strcmp(ws_optarg, "ISO"))
621 ts_fmt_iso = 1;
622 break;
623
624 case 'u':
625 hdr_udp = true;
626 hdr_tcp = false;
627 hdr_sctp = false;
628 hdr_data_chunk = false;
629 hdr_src_port = (uint32_t)strtol(ws_optarg, &p, 10);
630 if (p == ws_optarg || (*p != ',' && *p != '\0')) {
631 cmdarg_err("Bad src port for '-u'");
632 print_usage(stderr);
633 return WS_EXIT_INVALID_OPTION;
634 }
635 if (*p == '\0') {
636 cmdarg_err("No dest port specified for '-u'");
637 print_usage(stderr);
638 return WS_EXIT_INVALID_OPTION;
639 }
640 p++;
641 ws_optarg = p;
642 hdr_dest_port = (uint32_t)strtol(ws_optarg, &p, 10);
643 if (p == ws_optarg || *p != '\0') {
644 cmdarg_err("Bad dest port for '-u'");
645 print_usage(stderr);
646 return WS_EXIT_INVALID_OPTION;
647 }
648 set_hdr_ip_proto(17);
649 break;
650
651 case 'T':
652 hdr_tcp = true;
653 hdr_udp = false;
654 hdr_sctp = false;
655 hdr_data_chunk = false;
656 hdr_src_port = (uint32_t)strtol(ws_optarg, &p, 10);
657 if (p == ws_optarg || (*p != ',' && *p != '\0')) {
658 cmdarg_err("Bad src port for '-T'");
659 print_usage(stderr);
660 return WS_EXIT_INVALID_OPTION;
661 }
662 if (*p == '\0') {
663 cmdarg_err("No dest port specified for '-u'");
664 print_usage(stderr);
665 return WS_EXIT_INVALID_OPTION;
666 }
667 p++;
668 ws_optarg = p;
669 hdr_dest_port = (uint32_t)strtol(ws_optarg, &p, 10);
670 if (p == ws_optarg || *p != '\0') {
671 cmdarg_err("Bad dest port for '-T'");
672 print_usage(stderr);
673 return WS_EXIT_INVALID_OPTION;
674 }
675 set_hdr_ip_proto(6);
676 break;
677
678 case 'v':
679 show_version();
680 exit(0);
681 break;
682
683 case '4':
684 case '6':
685 p = strchr(ws_optarg, ',');
686
687 if (!p) {
688 cmdarg_err("Bad source param addr for '-%c'", c);
689 print_usage(stderr);
690 return WS_EXIT_INVALID_OPTION;
691 }
692
693 *p = '\0';
694 if (c == '6')
695 {
696 hdr_ipv6 = true;
697 hdr_ip = false;
698 }
699 else
700 {
701 hdr_ip = true;
702 hdr_ipv6 = false;
703 }
704 hdr_ethernet = true;
705
706 if (hdr_ipv6 == true) {
707 if (!ws_inet_pton6(ws_optarg, &hdr_ipv6_src_addr)) {
708 cmdarg_err("Bad src addr -%c '%s'", c, p);
709 print_usage(stderr);
710 return WS_EXIT_INVALID_OPTION;
711 }
712 } else {
713 if (!ws_inet_pton4(ws_optarg, &hdr_ip_src_addr)) {
714 cmdarg_err("Bad src addr -%c '%s'", c, p);
715 print_usage(stderr);
716 return WS_EXIT_INVALID_OPTION;
717 }
718 }
719
720 p++;
721 if (*p == '\0') {
722 cmdarg_err("No dest addr specified for '-%c'", c);
723 print_usage(stderr);
724 return WS_EXIT_INVALID_OPTION;
725 }
726
727 if (hdr_ipv6 == true) {
728 if (!ws_inet_pton6(p, &hdr_ipv6_dest_addr)) {
729 cmdarg_err("Bad dest addr for -%c '%s'", c, p);
730 print_usage(stderr);
731 return WS_EXIT_INVALID_OPTION;
732 }
733 } else {
734 if (!ws_inet_pton4(p, &hdr_ip_dest_addr)) {
735 cmdarg_err("Bad dest addr for -%c '%s'", c, p);
736 print_usage(stderr);
737 return WS_EXIT_INVALID_OPTION;
738 }
739 }
740 break;
741
742 case LONGOPT_COMPRESS:
743 compression_type = wtap_name_to_compression_type(ws_optarg);
744 if (compression_type == WTAP_UNKNOWN_COMPRESSION) {
745 cmdarg_err("\"%s\" isn't a valid output compression mode",
746 ws_optarg);
747 list_output_compression_types();
748 return WS_EXIT_INVALID_OPTION;
749 }
750 break;
751
752 case LONGOPT_LITTLE_ENDIAN:
753 info->hexdump.little_endian = true;
754 break;
755
756 case '?':
757 switch(ws_optopt) {
758 case 'E':
759 list_encap_types();
760 return WS_EXIT_INVALID_OPTION;
761 case 'F':
762 list_capture_types();
763 return WS_EXIT_INVALID_OPTION;
764 case LONGOPT_COMPRESS:
765 list_output_compression_types();
766 return WS_EXIT_INVALID_OPTION;
767 }
768 /* FALLTHROUGH */
769
770 default:
771 print_usage(stderr);
772 return WS_EXIT_INVALID_OPTION;
773 }
774 }
775
776 if (ws_optind >= argc || argc-ws_optind < 2) {
777 cmdarg_err("Must specify input and output filename");
778 print_usage(stderr);
779 return WS_EXIT_INVALID_OPTION;
780 }
781
782 if (max_offset > WTAP_MAX_PACKET_SIZE_STANDARD) {
783 cmdarg_err("Maximum packet length cannot be more than %d bytes",
784 WTAP_MAX_PACKET_SIZE_STANDARD);
785 return WS_EXIT_INVALID_OPTION;
786 }
787
788 /* Some validation */
789
790 if (info->mode == TEXT_IMPORT_REGEX) {
791 info->regex.format = regex;
792 /* need option for data encoding */
793 if (g_regex_get_string_number(regex, "dir") > -1) {
794 /* XXX: Add parameter(s?) to specify these? */
795 info->regex.in_indication = "iI<";
796 info->regex.out_indication = "oO>";
797 }
798 if (g_regex_get_string_number(regex, "time") > -1 && info->timestamp_format == NULL) {
799 cmdarg_err("Regex with <time> capturing group requires time format (-t)");
800 return WS_EXIT_INVALID_OPTION;
801 }
802 }
803
804 if (have_hdr_ip_proto && !(hdr_ip || hdr_ipv6)) {
805 /*
806 * If we have an IP protocol to add to the header, but neither an
807 * IPv4 nor an IPv6 header was specified, add an IPv4 header.
808 */
809 hdr_ip = true;
810 }
811
812 if (!have_hdr_ip_proto && (hdr_ip || hdr_ipv6)) {
813 /* if -4 or -6 option is specified without an IP protocol then fail */
814 cmdarg_err("IP protocol requires a next layer protocol number");
815 return WS_EXIT_INVALID_OPTION;
816 }
817
818 if ((hdr_tcp || hdr_udp || hdr_sctp) && !(hdr_ip || hdr_ipv6)) {
819 /*
820 * If TCP (-T), UDP (-u) or SCTP (-s/-S) header options are specified
821 * but none of IPv4 (-4) or IPv6 (-6) options then add an IPv4 header
822 */
823 hdr_ip = true;
824 }
825
826 if (hdr_export_pdu && wtap_encap_type != WTAP_ENCAP_WIRESHARK_UPPER_PDU) {
827 cmdarg_err("Export PDU (-P) requires WIRESHARK_UPPER_PDU link type (252)");
828 return WS_EXIT_INVALID_OPTION;
829 }
830
831 /* The other dummy headers require a IPv4 or IPv6 header. Allow
832 * encapsulation types of Ethernet (and add a Ethernet header in that
833 * case if we haven't already), or the appropriate raw IP types.
834 */
835 if (hdr_ip) {
836 switch (wtap_encap_type) {
837
838 case (WTAP_ENCAP_ETHERNET):
839 hdr_ethernet = true;
840 hdr_ethernet_proto = 0x0800;
841 break;
842
843 case (WTAP_ENCAP_RAW_IP):
844 case (WTAP_ENCAP_RAW_IP4):
845 break;
846
847 default:
848 cmdarg_err("Dummy IPv4 header not supported with encapsulation %s (%s)", wtap_encap_description(wtap_encap_type), wtap_encap_name(wtap_encap_type));
849 return WS_EXIT_INVALID_OPTION;
850 }
851 } else if (hdr_ipv6) {
852 switch (wtap_encap_type) {
853
854 case (WTAP_ENCAP_ETHERNET):
855 hdr_ethernet = true;
856 hdr_ethernet_proto = 0x86DD;
857 break;
858
859 case (WTAP_ENCAP_RAW_IP):
860 case (WTAP_ENCAP_RAW_IP6):
861 break;
862
863 default:
864 cmdarg_err("Dummy IPv6 header not supported with encapsulation %s (%s)", wtap_encap_description(wtap_encap_type), wtap_encap_name(wtap_encap_type));
865 return WS_EXIT_INVALID_OPTION;
866 }
867 }
868
869 if (compression_type == WTAP_UNKNOWN_COMPRESSION) {
870 /* An explicitly specified compression type overrides filename
871 * magic. (Should we allow specifying "no" compression with, e.g.
872 * a ".gz" extension?) */
873 const char *sfx = strrchr(argv[ws_optind+1], '.');
874 if (sfx) {
875 compression_type = wtap_extension_to_compression_type(sfx + 1);
876 }
877 }
878
879 if (compression_type == WTAP_UNKNOWN_COMPRESSION) {
880 compression_type = WTAP_UNCOMPRESSED;
881 }
882
883 if (!wtap_can_write_compression_type(compression_type)) {
884 cmdarg_err("Output files can't be written as %s",
885 wtap_compression_type_description(compression_type));
886 return WS_EXIT_INVALID_OPTION;
887 }
888
889 if (compression_type != WTAP_UNCOMPRESSED && !wtap_dump_can_compress(file_type_subtype)) {
890 cmdarg_err("The file format %s can't be written to output compressed format",
891 wtap_file_type_subtype_name(file_type_subtype));
892 return WS_EXIT_INVALID_OPTION;
893 }
894
895 if (strcmp(argv[ws_optind], "-") != 0) {
896 input_filename = argv[ws_optind];
897 if (info->mode == TEXT_IMPORT_REGEX) {
898 info->regex.import_text_GMappedFile = g_mapped_file_new(input_filename, TRUE, &gerror);
899 if (gerror) {
900 cmdarg_err("%s", gerror->message);
901 g_error_free(gerror);
902 return WS_EXIT_OPEN_ERROR;
903 }
904 } else {
905 input_file = ws_fopen(input_filename, "rb");
906 if (!input_file) {
907 open_failure_message(input_filename, errno, false);
908 return WS_EXIT_OPEN_ERROR;
909 }
910 }
911 } else {
912 if (info->mode == TEXT_IMPORT_REGEX) {
913 /* text_import_regex requires a memory mapped file, so this likely
914 * won't work, unless the user has redirected a file (not a FIFO)
915 * to stdin, though that's pretty silly and unnecessary.
916 * XXX: We could read until EOF, write it to a temp file, and then
917 * mmap that (ugh)?
918 */
919 info->regex.import_text_GMappedFile = g_mapped_file_new_from_fd(0, TRUE, &gerror);
920 if (gerror) {
921 cmdarg_err("%s", gerror->message);
922 cmdarg_err("regex import requires memory-mapped I/O and cannot be used with terminals or pipes");
923 g_error_free(gerror);
924 return WS_EXIT_INVALID_OPTION;
925 }
926 }
927 input_filename = "Standard input";
928 input_file = stdin;
929 }
930
931 params->encap = wtap_encap_type;
932 params->snaplen = max_offset;
933 if (file_type_subtype == WTAP_FILE_TYPE_SUBTYPE_UNKNOWN) {
934 file_type_subtype = wtap_pcapng_file_type_subtype();
935 }
936 /* Request nanosecond precision. Most file formats only support one time
937 * precision and ignore this parameter (and the related options in the
938 * generated IDB), but it affects pcapng.
939 */
940 params->tsprec = WTAP_TSPREC_NSEC;
941 if ((ret = text_import_pre_open(params, file_type_subtype, input_filename, interface_name)) != EXIT_SUCCESS) {
942 cleanup_dump_params(params);
943 return ret;
944 }
945
946 if (strcmp(argv[ws_optind+1], "-") != 0) {
947 /* Write to a file. Open the file. */
948 output_filename = argv[ws_optind+1];
949 wdh = wtap_dump_open(output_filename, file_type_subtype, compression_type, params, &err, &err_info);
950 } else {
951 /* Write to the standard output. */
952 output_filename = "Standard output";
953 wdh = wtap_dump_open_stdout(file_type_subtype, compression_type, params, &err, &err_info);
954 }
955
956 if (!wdh) {
957 cfile_dump_open_failure_message(output_filename, err, err_info,
958 file_type_subtype);
959 cleanup_dump_params(params);
960 return WS_EXIT_OPEN_ERROR;
961 }
962
963 info->import_text_filename = input_filename;
964 info->output_filename = output_filename;
965 info->hexdump.import_text_FILE = input_file;
966
967 info->encapsulation = wtap_encap_type;
968 info->wdh = wdh;
969
970 if (hdr_export_pdu) {
971 info->dummy_header_type = HEADER_EXPORT_PDU;
972 } else if (hdr_data_chunk) {
973 info->dummy_header_type = HEADER_SCTP_DATA;
974 } else if (hdr_sctp) {
975 info->dummy_header_type = HEADER_SCTP;
976 } else if (hdr_tcp) {
977 info->dummy_header_type = HEADER_TCP;
978 } else if (hdr_udp) {
979 info->dummy_header_type = HEADER_UDP;
980 } else if (hdr_ip) {
981 info->dummy_header_type = HEADER_IPV4;
982 } else if (hdr_ipv6) {
983 info->dummy_header_type = HEADER_IPV4;
984 } else if (hdr_ethernet) {
985 info->dummy_header_type = HEADER_ETH;
986 } else {
987 info->dummy_header_type = HEADER_NONE;
988 }
989 info->pid = hdr_ethernet_proto;
990 if (hdr_ip) {
991 info->ip_src_addr.ipv4 = hdr_ip_src_addr;
992 info->ip_dest_addr.ipv4 = hdr_ip_dest_addr;
993 } else if (hdr_ipv6) {
994 info->ipv6 = true;
995 info->ip_src_addr.ipv6 = hdr_ipv6_src_addr;
996 info->ip_dest_addr.ipv6 = hdr_ipv6_dest_addr;
997 }
998 info->protocol = hdr_ip_proto;
999 if (hdr_sctp) {
1000 info->src_port = hdr_sctp_src;
1001 info->dst_port = hdr_sctp_dest;
1002 } else {
1003 info->src_port = hdr_src_port;
1004 info->dst_port = hdr_dest_port;
1005 }
1006 info->tag = hdr_sctp_tag;
1007 info->ppi = hdr_data_chunk_ppid;
1008
1009 info->max_frame_length = max_offset;
1010
1011 /* Display summary of our state */
1012 if (!quiet) {
1013 fprintf(stderr, "Input from: %s\n", input_filename);
1014 fprintf(stderr, "Output to: %s\n", output_filename);
1015 fprintf(stderr, "Output format: %s\n", wtap_file_type_subtype_name(file_type_subtype));
1016 if (hdr_ethernet) fprintf(stderr, "Generate dummy Ethernet header: Protocol: 0x%0X\n",
1017 hdr_ethernet_proto);
1018 if (hdr_ip) fprintf(stderr, "Generate dummy IP header: Protocol: %u\n",
1019 hdr_ip_proto);
1020 if (hdr_ipv6) fprintf(stderr, "Generate dummy IPv6 header: Protocol: %u\n",
1021 hdr_ip_proto);
1022 if (hdr_udp) fprintf(stderr, "Generate dummy UDP header: Source port: %u. Dest port: %u\n",
1023 hdr_src_port, hdr_dest_port);
1024 if (hdr_tcp) fprintf(stderr, "Generate dummy TCP header: Source port: %u. Dest port: %u\n",
1025 hdr_src_port, hdr_dest_port);
1026 if (hdr_sctp) fprintf(stderr, "Generate dummy SCTP header: Source port: %u. Dest port: %u. Tag: %u\n",
1027 hdr_sctp_src, hdr_sctp_dest, hdr_sctp_tag);
1028 if (hdr_data_chunk) fprintf(stderr, "Generate dummy DATA chunk header: TSN: %u. SID: %u. SSN: %u. PPID: %u\n",
1029 hdr_data_chunk_tsn, hdr_data_chunk_sid, hdr_data_chunk_ssn, hdr_data_chunk_ppid);
1030 }
1031
1032 return EXIT_SUCCESS;
1033 }
1034
1035 int
1036 main(int argc, char *argv[])
1037 {
1038 char *configuration_init_error;
1039 int ret = EXIT_SUCCESS;
1040 text_import_info_t info;
1041 wtap_dump_params params;
1042 uint64_t bytes_written;
1043
1044 /* Set the program name. */
1045 g_set_prgname("text2pcap");
1046
1047 cmdarg_err_init(stderr_cmdarg_err, stderr_cmdarg_err_cont);
1048
1049 /* Initialize log handler early so we can have proper logging during startup. */
1050 ws_log_init(vcmdarg_err);
1051
1052 /* Early logging command-line initialization. */
1053 ws_log_parse_args(&argc, argv, vcmdarg_err, WS_EXIT_INVALID_OPTION);
1054
1055 ws_noisy("Finished log init and parsing command line log arguments");
1056
1057 #ifdef _WIN32
1058 create_app_running_mutex();
1059 #endif /* _WIN32 */
1060
1061 init_process_policies();
1062
1063 /*
1064 * Make sure our plugin path is initialized for wtap_init.
1065 */
1066 configuration_init_error = configuration_init(argv[0]);
1067 if (configuration_init_error != NULL) {
1068 cmdarg_err("Can't get pathname of directory containing the text2pcap program: %s.",
1069 configuration_init_error);
1070 g_free(configuration_init_error);
1071 }
1072
1073 init_report_failure_message("text2pcap");
1074 wtap_init(true);
1075
1076 memset(&info, 0, sizeof(info));
1077 wtap_dump_params_init(&params, NULL);
1078 if ((ret = parse_options(argc, argv, &info, &params)) != EXIT_SUCCESS) {
1079 goto clean_exit;
1080 }
1081
1082 ws_assert(input_file != NULL || info.regex.import_text_GMappedFile != NULL);
1083 ws_assert(wdh != NULL);
1084
1085 ret = text_import(&info);
1086
1087 if (ws_log_get_level() >= LOG_LEVEL_DEBUG)
1088 fprintf(stderr, "\n-------------------------\n");
1089 if (!quiet) {
1090 bytes_written = wtap_get_bytes_dumped(wdh);
1091 fprintf(stderr, "Read %u potential packet%s, wrote %u packet%s (%" PRIu64 " byte%s including overhead).\n",
1092 info.num_packets_read, plurality(info.num_packets_read, "", "s"),
1093 info.num_packets_written, plurality(info.num_packets_written, "", "s"),
1094 bytes_written, plurality(bytes_written, "", "s"));
1095 }
1096 clean_exit:
1097 if (input_file) {
1098 fclose(input_file);
1099 }
1100 if (info.regex.import_text_GMappedFile) {
1101 g_mapped_file_unref(info.regex.import_text_GMappedFile);
1102 }
1103 if (info.regex.format) {
1104 g_regex_unref(info.regex.format);
1105 }
1106 if (wdh) {
1107 int err;
1108 char *err_info;
1109 if (!wtap_dump_close(wdh, NULL, &err, &err_info)) {
1110 cfile_close_failure_message(output_filename, err, err_info);
1111 ret = 2;
1112 }
1113 }
1114 cleanup_dump_params(&params);
1115 return ret;
1116 }
1117
1118 /*
1119 * Editor modelines - https://www.wireshark.org/tools/modelines.html
1120 *
1121 * Local variables:
1122 * c-basic-offset: 4
1123 * tab-width: 8
1124 * indent-tabs-mode: nil
1125 * End:
1126 *
1127 * vi: set shiftwidth=4 tabstop=8 expandtab:
1128 * :indentSize=4:tabSize=8:noTabs=true:
1129 */
Metzes wireshark repo