search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
epan/dissectors/pidl/drsuapi/drsuapi.cnf init/free_ndr_pointer_list
[wireshark-sm.git] / capture_opts.c
blob5bb525cdf65ee48311a2b92068fc9471a7c6b757
1 /* capture_opts.c
2 * Routines for capture options setting
3 *
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
7 *
8 * SPDX-License-Identifier: GPL-2.0-or-later
9 */
10
11 #include <config.h>
12
13 #include <wireshark.h>
14
15 #include <stdio.h>
16 #include <stdlib.h>
17
18 #include <sys/types.h>
19 #include <sys/stat.h>
20 #include <fcntl.h>
21
22 #ifdef HAVE_LIBPCAP
23
24 #include <errno.h>
25
26 #include <ws_exit_codes.h>
27
28 #include "capture_opts.h"
29 #include "ringbuffer.h"
30
31 #include <wsutil/clopts_common.h>
32 #include <wsutil/cmdarg_err.h>
33 #include <wsutil/file_util.h>
34 #include <wsutil/ws_pipe.h>
35 #include <wsutil/ws_assert.h>
36
37 #ifdef _WIN32
38 #include <wsutil/win32-utils.h>
39 #endif
40
41 #include "capture/capture_ifinfo.h"
42 #include "capture/capture-pcap-util.h"
43
44 static bool capture_opts_output_to_pipe(const char *save_file, bool *is_pipe);
45
46
47 void
48 capture_opts_init(capture_options *capture_opts, GList *(*get_iface_list)(int *, char **))
49 {
50 capture_opts->get_iface_list = get_iface_list;
51 capture_opts->ifaces = g_array_new(FALSE, FALSE, sizeof(interface_options));
52 capture_opts->all_ifaces = g_array_new(FALSE, FALSE, sizeof(interface_t));
53 capture_opts->num_selected = 0;
54 capture_opts->default_options.name = NULL;
55 capture_opts->default_options.descr = NULL;
56 capture_opts->default_options.ifname = NULL;
57 capture_opts->default_options.hardware = NULL;
58 capture_opts->default_options.display_name = NULL;
59 capture_opts->default_options.cfilter = NULL;
60 capture_opts->default_options.has_snaplen = false;
61 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
62 capture_opts->default_options.linktype = -1; /* use interface default */
63 capture_opts->default_options.promisc_mode = true;
64 capture_opts->default_options.if_type = IF_WIRED;
65 capture_opts->default_options.extcap = NULL;
66 capture_opts->default_options.extcap_fifo = NULL;
67 capture_opts->default_options.extcap_args = NULL;
68 capture_opts->default_options.extcap_pid = WS_INVALID_PID;
69 capture_opts->default_options.extcap_pipedata = NULL;
70 capture_opts->default_options.extcap_stderr = NULL;
71 capture_opts->default_options.extcap_stdout_watch = 0;
72 capture_opts->default_options.extcap_stderr_watch = 0;
73 #ifdef _WIN32
74 capture_opts->default_options.extcap_pipe_h = INVALID_HANDLE_VALUE;
75 capture_opts->default_options.extcap_control_in_h = INVALID_HANDLE_VALUE;
76 capture_opts->default_options.extcap_control_out_h = INVALID_HANDLE_VALUE;
77 #endif
78 capture_opts->default_options.extcap_control_in = NULL;
79 capture_opts->default_options.extcap_control_out = NULL;
80 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
81 capture_opts->default_options.buffer_size = DEFAULT_CAPTURE_BUFFER_SIZE;
82 #endif
83 capture_opts->default_options.monitor_mode = false;
84 #ifdef HAVE_PCAP_REMOTE
85 capture_opts->default_options.src_type = CAPTURE_IFLOCAL;
86 capture_opts->default_options.remote_host = NULL;
87 capture_opts->default_options.remote_port = NULL;
88 capture_opts->default_options.auth_type = CAPTURE_AUTH_NULL;
89 capture_opts->default_options.auth_username = NULL;
90 capture_opts->default_options.auth_password = NULL;
91 capture_opts->default_options.datatx_udp = false;
92 capture_opts->default_options.nocap_rpcap = true;
93 capture_opts->default_options.nocap_local = false;
94 #endif
95 #ifdef HAVE_PCAP_SETSAMPLING
96 capture_opts->default_options.sampling_method = CAPTURE_SAMP_NONE;
97 capture_opts->default_options.sampling_param = 0;
98 #endif
99 capture_opts->default_options.timestamp_type = NULL;
100 capture_opts->saving_to_file = false;
101 capture_opts->save_file = NULL;
102 capture_opts->group_read_access = false;
103 capture_opts->use_pcapng = true; /* Save as pcapng by default */
104 capture_opts->update_interval = DEFAULT_UPDATE_INTERVAL; /* 100 ms */
105 capture_opts->real_time_mode = true;
106 capture_opts->show_info = true;
107 capture_opts->restart = false;
108 capture_opts->orig_save_file = NULL;
109
110 capture_opts->multi_files_on = false;
111 capture_opts->has_file_duration = false;
112 capture_opts->file_duration = 60.0; /* 1 min */
113 capture_opts->has_file_interval = false;
114 capture_opts->has_nametimenum = false;
115 capture_opts->file_interval = 60; /* 1 min */
116 capture_opts->has_file_packets = false;
117 capture_opts->file_packets = 0;
118 capture_opts->has_ring_num_files = false;
119 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
120
121 capture_opts->has_autostop_files = false;
122 capture_opts->autostop_files = 1;
123 capture_opts->has_autostop_packets = false;
124 capture_opts->autostop_packets = 0;
125 capture_opts->has_autostop_written_packets = false;
126 capture_opts->autostop_written_packets = 0;
127 capture_opts->has_autostop_filesize = false;
128 capture_opts->autostop_filesize = 1000; /* 1 MB */
129 capture_opts->has_autostop_duration = false;
130 capture_opts->autostop_duration = 60.0; /* 1 min */
131
132 capture_opts->output_to_pipe = false;
133 capture_opts->capture_child = false;
134 capture_opts->stop_after_extcaps = false;
135 capture_opts->wait_for_extcap_cbs = false;
136 capture_opts->print_file_names = false;
137 capture_opts->print_name_to = NULL;
138 capture_opts->temp_dir = NULL;
139 capture_opts->compress_type = NULL;
140 capture_opts->closed_msg = NULL;
141 capture_opts->extcap_terminate_id = 0;
142 capture_opts->capture_filters_list = NULL;
143 }
144
145 void
146 capture_opts_cleanup(capture_options *capture_opts)
147 {
148 if (!capture_opts)
149 return;
150
151 if (capture_opts->ifaces) {
152 while (capture_opts->ifaces->len > 0) {
153 capture_opts_del_iface(capture_opts, 0);
154 }
155 g_array_free(capture_opts->ifaces, TRUE);
156 capture_opts->ifaces = NULL;
157 }
158 if (capture_opts->all_ifaces) {
159 while (capture_opts->all_ifaces->len > 0) {
160 interface_t *device = &g_array_index(capture_opts->all_ifaces, interface_t, 0);
161 capture_opts_free_interface_t(device);
162 capture_opts->all_ifaces = g_array_remove_index(capture_opts->all_ifaces, 0);
163 }
164 g_array_free(capture_opts->all_ifaces, TRUE);
165 capture_opts->all_ifaces = NULL;
166 }
167 g_free(capture_opts->save_file);
168 g_free(capture_opts->temp_dir);
169
170 if (capture_opts->closed_msg) {
171 g_free(capture_opts->closed_msg);
172 capture_opts->closed_msg = NULL;
173 }
174 if (capture_opts->extcap_terminate_id > 0) {
175 g_source_remove(capture_opts->extcap_terminate_id);
176 capture_opts->extcap_terminate_id = 0;
177 }
178
179 if (capture_opts->capture_filters_list) {
180 ws_filter_list_free(capture_opts->capture_filters_list);
181 capture_opts->capture_filters_list = NULL;
182 }
183 }
184
185 /* log content of capture_opts */
186 void
187 capture_opts_log(const char *log_domain, enum ws_log_level log_level, capture_options *capture_opts) {
188 unsigned i;
189
190 ws_log(log_domain, log_level, "CAPTURE OPTIONS :");
191
192 for (i = 0; i < capture_opts->ifaces->len; i++) {
193 interface_options *interface_opts;
194
195 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, i);
196 ws_log(log_domain, log_level, "Interface name[%02d] : %s", i, interface_opts->name ? interface_opts->name : "(unspecified)");
197 ws_log(log_domain, log_level, "Interface description[%02d] : %s", i, interface_opts->descr ? interface_opts->descr : "(unspecified)");
198 ws_log(log_domain, log_level, "Interface vendor description[%02d] : %s", i, interface_opts->hardware ? interface_opts->hardware : "(unspecified)");
199 ws_log(log_domain, log_level, "Display name[%02d]: %s", i, interface_opts->display_name ? interface_opts->display_name : "(unspecified)");
200 ws_log(log_domain, log_level, "Capture filter[%02d] : %s", i, interface_opts->cfilter ? interface_opts->cfilter : "(unspecified)");
201 ws_log(log_domain, log_level, "Snap length[%02d] (%u) : %d", i, interface_opts->has_snaplen, interface_opts->snaplen);
202 ws_log(log_domain, log_level, "Link Type[%02d] : %d", i, interface_opts->linktype);
203 ws_log(log_domain, log_level, "Promiscuous Mode[%02d]: %s", i, interface_opts->promisc_mode?"TRUE":"FALSE");
204 ws_log(log_domain, log_level, "Extcap[%02d] : %s", i, interface_opts->extcap ? interface_opts->extcap : "(unspecified)");
205 ws_log(log_domain, log_level, "Extcap FIFO[%02d] : %s", i, interface_opts->extcap_fifo ? interface_opts->extcap_fifo : "(unspecified)");
206 ws_log(log_domain, log_level, "Extcap PID[%02d] : %"PRIdMAX, i, (intmax_t)interface_opts->extcap_pid);
207 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
208 ws_log(log_domain, log_level, "Buffer size[%02d] : %d (MB)", i, interface_opts->buffer_size);
209 #endif
210 ws_log(log_domain, log_level, "Monitor Mode[%02d] : %s", i, interface_opts->monitor_mode?"TRUE":"FALSE");
211 #ifdef HAVE_PCAP_REMOTE
212 ws_log(log_domain, log_level, "Capture source[%02d] : %s", i,
213 interface_opts->src_type == CAPTURE_IFLOCAL ? "Local interface" :
214 interface_opts->src_type == CAPTURE_IFREMOTE ? "Remote interface" :
215 "Unknown");
216 if (interface_opts->src_type == CAPTURE_IFREMOTE) {
217 ws_log(log_domain, log_level, "Remote host[%02d] : %s", i, interface_opts->remote_host ? interface_opts->remote_host : "(unspecified)");
218 ws_log(log_domain, log_level, "Remote port[%02d] : %s", i, interface_opts->remote_port ? interface_opts->remote_port : "(unspecified)");
219 }
220 ws_log(log_domain, log_level, "Authentication[%02d] : %s", i,
221 interface_opts->auth_type == CAPTURE_AUTH_NULL ? "Null" :
222 interface_opts->auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
223 "Unknown");
224 if (interface_opts->auth_type == CAPTURE_AUTH_PWD) {
225 ws_log(log_domain, log_level, "Auth username[%02d] : %s", i, interface_opts->auth_username ? interface_opts->auth_username : "(unspecified)");
226 ws_log(log_domain, log_level, "Auth password[%02d] : <hidden>", i);
227 }
228 ws_log(log_domain, log_level, "UDP data tfer[%02d] : %u", i, interface_opts->datatx_udp);
229 ws_log(log_domain, log_level, "No cap. RPCAP[%02d] : %u", i, interface_opts->nocap_rpcap);
230 ws_log(log_domain, log_level, "No cap. local[%02d] : %u", i, interface_opts->nocap_local);
231 #endif
232 #ifdef HAVE_PCAP_SETSAMPLING
233 ws_log(log_domain, log_level, "Sampling meth.[%02d] : %d", i, interface_opts->sampling_method);
234 ws_log(log_domain, log_level, "Sampling param.[%02d] : %d", i, interface_opts->sampling_param);
235 #endif
236 ws_log(log_domain, log_level, "Timestamp type [%02d] : %s", i, interface_opts->timestamp_type);
237 }
238 ws_log(log_domain, log_level, "Interface name[df] : %s", capture_opts->default_options.name ? capture_opts->default_options.name : "(unspecified)");
239 ws_log(log_domain, log_level, "Interface Descr[df] : %s", capture_opts->default_options.descr ? capture_opts->default_options.descr : "(unspecified)");
240 ws_log(log_domain, log_level, "Interface Hardware Descr[df] : %s", capture_opts->default_options.hardware ? capture_opts->default_options.hardware : "(unspecified)");
241 ws_log(log_domain, log_level, "Interface display name[df] : %s", capture_opts->default_options.display_name ? capture_opts->default_options.display_name : "(unspecified)");
242 ws_log(log_domain, log_level, "Capture filter[df] : %s", capture_opts->default_options.cfilter ? capture_opts->default_options.cfilter : "(unspecified)");
243 ws_log(log_domain, log_level, "Snap length[df] (%u) : %d", capture_opts->default_options.has_snaplen, capture_opts->default_options.snaplen);
244 ws_log(log_domain, log_level, "Link Type[df] : %d", capture_opts->default_options.linktype);
245 ws_log(log_domain, log_level, "Promiscuous Mode[df]: %s", capture_opts->default_options.promisc_mode?"TRUE":"FALSE");
246 ws_log(log_domain, log_level, "Extcap[df] : %s", capture_opts->default_options.extcap ? capture_opts->default_options.extcap : "(unspecified)");
247 ws_log(log_domain, log_level, "Extcap FIFO[df] : %s", capture_opts->default_options.extcap_fifo ? capture_opts->default_options.extcap_fifo : "(unspecified)");
248 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
249 ws_log(log_domain, log_level, "Buffer size[df] : %d (MB)", capture_opts->default_options.buffer_size);
250 #endif
251 ws_log(log_domain, log_level, "Monitor Mode[df] : %s", capture_opts->default_options.monitor_mode?"TRUE":"FALSE");
252 #ifdef HAVE_PCAP_REMOTE
253 ws_log(log_domain, log_level, "Capture source[df] : %s",
254 capture_opts->default_options.src_type == CAPTURE_IFLOCAL ? "Local interface" :
255 capture_opts->default_options.src_type == CAPTURE_IFREMOTE ? "Remote interface" :
256 "Unknown");
257 if (capture_opts->default_options.src_type == CAPTURE_IFREMOTE) {
258 ws_log(log_domain, log_level, "Remote host[df] : %s", capture_opts->default_options.remote_host ? capture_opts->default_options.remote_host : "(unspecified)");
259 ws_log(log_domain, log_level, "Remote port[df] : %s", capture_opts->default_options.remote_port ? capture_opts->default_options.remote_port : "(unspecified)");
260 }
261 ws_log(log_domain, log_level, "Authentication[df] : %s",
262 capture_opts->default_options.auth_type == CAPTURE_AUTH_NULL ? "Null" :
263 capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
264 "Unknown");
265 if (capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD) {
266 ws_log(log_domain, log_level, "Auth username[df] : %s", capture_opts->default_options.auth_username ? capture_opts->default_options.auth_username : "(unspecified)");
267 ws_log(log_domain, log_level, "Auth password[df] : <hidden>");
268 }
269 ws_log(log_domain, log_level, "UDP data tfer[df] : %u", capture_opts->default_options.datatx_udp);
270 ws_log(log_domain, log_level, "No cap. RPCAP[df] : %u", capture_opts->default_options.nocap_rpcap);
271 ws_log(log_domain, log_level, "No cap. local[df] : %u", capture_opts->default_options.nocap_local);
272 #endif
273 #ifdef HAVE_PCAP_SETSAMPLING
274 ws_log(log_domain, log_level, "Sampling meth. [df] : %d", capture_opts->default_options.sampling_method);
275 ws_log(log_domain, log_level, "Sampling param.[df] : %d", capture_opts->default_options.sampling_param);
276 #endif
277 ws_log(log_domain, log_level, "Timestamp type [df] : %s", capture_opts->default_options.timestamp_type ? capture_opts->default_options.timestamp_type : "(unspecified)");
278 ws_log(log_domain, log_level, "SavingToFile : %u", capture_opts->saving_to_file);
279 ws_log(log_domain, log_level, "SaveFile : %s", (capture_opts->save_file) ? capture_opts->save_file : "");
280 ws_log(log_domain, log_level, "GroupReadAccess : %u", capture_opts->group_read_access);
281 ws_log(log_domain, log_level, "Fileformat : %s", (capture_opts->use_pcapng) ? "PCAPNG" : "PCAP");
282 ws_log(log_domain, log_level, "UpdateInterval : %u (ms)", capture_opts->update_interval);
283 ws_log(log_domain, log_level, "RealTimeMode : %u", capture_opts->real_time_mode);
284 ws_log(log_domain, log_level, "ShowInfo : %u", capture_opts->show_info);
285
286 ws_log(log_domain, log_level, "MultiFilesOn : %u", capture_opts->multi_files_on);
287 ws_log(log_domain, log_level, "FileDuration (%u) : %.3f", capture_opts->has_file_duration, capture_opts->file_duration);
288 ws_log(log_domain, log_level, "FileInterval (%u) : %u", capture_opts->has_file_interval, capture_opts->file_interval);
289 ws_log(log_domain, log_level, "FilePackets (%u) : %u", capture_opts->has_file_packets, capture_opts->file_packets);
290 ws_log(log_domain, log_level, "FileNameType : %s", (capture_opts->has_nametimenum) ? "prefix_time_num.suffix" : "prefix_num_time.suffix");
291 ws_log(log_domain, log_level, "RingNumFiles (%u) : %u", capture_opts->has_ring_num_files, capture_opts->ring_num_files);
292 ws_log(log_domain, log_level, "RingPrintFiles (%u) : %s", capture_opts->print_file_names, (capture_opts->print_file_names ? capture_opts->print_name_to : ""));
293
294 ws_log(log_domain, log_level, "AutostopFiles (%u) : %u", capture_opts->has_autostop_files, capture_opts->autostop_files);
295 ws_log(log_domain, log_level, "AutostopPackets (%u) : %u", capture_opts->has_autostop_packets, capture_opts->autostop_packets);
296 ws_log(log_domain, log_level, "AutostopWrittenPackets (%u) : %u", capture_opts->has_autostop_written_packets, capture_opts->autostop_written_packets);
297 ws_log(log_domain, log_level, "AutostopFilesize(%u) : %u (KB)", capture_opts->has_autostop_filesize, capture_opts->autostop_filesize);
298 ws_log(log_domain, log_level, "AutostopDuration(%u) : %.3f", capture_opts->has_autostop_duration, capture_opts->autostop_duration);
299 ws_log(log_domain, log_level, "Temporary Directory : %s", capture_opts->temp_dir && capture_opts->temp_dir[0] ? capture_opts->temp_dir : g_get_tmp_dir());
300 }
301
302 /*
303 * Given a string of the form "<autostop criterion>:<value>", as might appear
304 * as an argument to a "-a" option, parse it and set the criterion in
305 * question. Return an indication of whether it succeeded or failed
306 * in some fashion.
307 */
308 static bool
309 set_autostop_criterion(capture_options *capture_opts, const char *autostoparg)
310 {
311 char *p, *colonp;
312
313 colonp = strchr(autostoparg, ':');
314 if (colonp == NULL)
315 return false;
316
317 p = colonp;
318 *p++ = '\0';
319
320 /*
321 * Skip over any white space (there probably won't be any, but
322 * as we allow it in the preferences file, we might as well
323 * allow it here).
324 */
325 while (g_ascii_isspace(*p))
326 p++;
327 if (*p == '\0') {
328 /*
329 * Put the colon back, so if our caller uses, in an
330 * error message, the string they passed us, the message
331 * looks correct.
332 */
333 *colonp = ':';
334 return false;
335 }
336 if (strcmp(autostoparg,"duration") == 0) {
337 capture_opts->has_autostop_duration = true;
338 capture_opts->autostop_duration = get_positive_double(p,"autostop duration");
339 } else if (strcmp(autostoparg,"filesize") == 0) {
340 capture_opts->has_autostop_filesize = true;
341 capture_opts->autostop_filesize = get_nonzero_uint32(p,"autostop filesize");
342 } else if (strcmp(autostoparg,"files") == 0) {
343 capture_opts->multi_files_on = true;
344 capture_opts->has_autostop_files = true;
345 capture_opts->autostop_files = get_positive_int(p,"autostop files");
346 } else if (strcmp(autostoparg,"packets") == 0) {
347 capture_opts->has_autostop_written_packets = true;
348 capture_opts->autostop_written_packets = get_positive_int(p,"packet write count");
349 } else {
350 return false;
351 }
352 *colonp = ':'; /* put the colon back */
353 return true;
354 }
355
356 static bool get_filter_arguments(capture_options* capture_opts, const char* arg)
357 {
358 char* colonp;
359 char* val;
360 char* filter_exp = NULL;
361
362 colonp = strchr(arg, ':');
363 if (colonp) {
364 val = colonp;
365 *val = '\0';
366 val++;
367 if (strcmp(arg, "predef") == 0) {
368 GList* filterItem;
369
370 filterItem = capture_opts->capture_filters_list->list;
371 while (filterItem != NULL) {
372 filter_def *filterDef;
373
374 filterDef = (filter_def*)filterItem->data;
375 if (g_ascii_strcasecmp(val, filterDef->name) == 0) {
376 filter_exp = g_strdup(filterDef->strval);
377 break;
378 }
379 filterItem = filterItem->next;
380 }
381 }
382 }
383
384 if (filter_exp == NULL) {
385 /* No filter expression found yet; fallback to previous implementation
386 and assume the arg contains a filter expression */
387 if (colonp) {
388 *colonp = ':'; /* restore colon */
389 }
390 filter_exp = g_strdup(arg);
391 }
392
393 if (capture_opts->ifaces->len > 0) {
394 interface_options *interface_opts;
395
396 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
397 g_free(interface_opts->cfilter);
398 interface_opts->cfilter = filter_exp;
399 return true;
400 }
401 else {
402 g_free(capture_opts->default_options.cfilter);
403 capture_opts->default_options.cfilter = filter_exp;
404 return true;
405 }
406 }
407
408 void
409 capture_opts_list_file_types(void) {
410
411 cmdarg_err("The available capture file types for the \"-F\" flag are:\n");
412 cmdarg_err_cont("%s", " pcap - Wireshark/tcpdump/... - pcap");
413 cmdarg_err_cont("%s", " pcapng - Wireshark/... - pcapng");
414 }
415
416 static bool get_file_type_argument(capture_options* capture_opts _U_, const
417 char* arg)
418 {
419 if (strcmp(arg, "pcapng") == 0) {
420 capture_opts->use_pcapng = true;
421 } else if (strcmp(arg, "pcap") == 0) {
422 capture_opts->use_pcapng = false;
423 } else {
424 return false;
425 }
426 return true;
427 }
428
429 /*
430 * Given a string of the form "<ring buffer file>:<duration>", as might appear
431 * as an argument to a "-b" option, parse it and set the arguments in
432 * question. Return an indication of whether it succeeded or failed
433 * in some fashion.
434 */
435 static bool
436 get_ring_arguments(capture_options *capture_opts, const char *arg)
437 {
438 char *p = NULL, *colonp;
439
440 colonp = strchr(arg, ':');
441 if (colonp == NULL)
442 return false;
443
444 p = colonp;
445 *p++ = '\0';
446
447 /*
448 * Skip over any white space (there probably won't be any, but
449 * as we allow it in the preferences file, we might as well
450 * allow it here).
451 */
452 while (g_ascii_isspace(*p))
453 p++;
454 if (*p == '\0') {
455 /*
456 * Put the colon back, so if our caller uses, in an
457 * error message, the string they passed us, the message
458 * looks correct.
459 */
460 *colonp = ':';
461 return false;
462 }
463
464 if (strcmp(arg,"files") == 0) {
465 capture_opts->has_ring_num_files = true;
466 capture_opts->ring_num_files = get_nonzero_uint32(p, "number of ring buffer files");
467 } else if (strcmp(arg,"filesize") == 0) {
468 capture_opts->has_autostop_filesize = true;
469 capture_opts->autostop_filesize = get_nonzero_uint32(p, "ring buffer filesize");
470 } else if (strcmp(arg,"duration") == 0) {
471 capture_opts->has_file_duration = true;
472 capture_opts->file_duration = get_positive_double(p, "ring buffer duration");
473 } else if (strcmp(arg,"interval") == 0) {
474 capture_opts->has_file_interval = true;
475 capture_opts->file_interval = get_positive_int(p, "ring buffer interval");
476 } else if (strcmp(arg,"nametimenum") == 0) {
477 int val = get_positive_int(p, "file name: time before num");
478 capture_opts->has_nametimenum = (val > 1);
479 } else if (strcmp(arg,"packets") == 0) {
480 capture_opts->has_file_packets = true;
481 capture_opts->file_packets = get_positive_int(p, "ring buffer packet count");
482 } else if (strcmp(arg,"printname") == 0) {
483 capture_opts->print_file_names = true;
484 capture_opts->print_name_to = g_strdup(p);
485 }
486 else {
487 return false;
488 }
489 *colonp = ':'; /* put the colon back */
490 return true;
491 }
492
493 #ifdef HAVE_PCAP_SETSAMPLING
494 /*
495 * Given a string of the form "<sampling type>:<value>", as might appear
496 * as an argument to a "-m" option, parse it and set the arguments in
497 * question. Return an indication of whether it succeeded or failed
498 * in some fashion.
499 */
500 static bool
501 get_sampling_arguments(capture_options *capture_opts, const char *arg)
502 {
503 char *p = NULL, *colonp;
504
505 colonp = strchr(arg, ':');
506 if (colonp == NULL)
507 return false;
508
509 p = colonp;
510 *p++ = '\0';
511
512 while (g_ascii_isspace(*p))
513 p++;
514 if (*p == '\0') {
515 *colonp = ':';
516 return false;
517 }
518
519 if (strcmp(arg, "count") == 0) {
520 if (capture_opts->ifaces->len > 0) {
521 interface_options *interface_opts;
522
523 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
524 interface_opts->sampling_method = CAPTURE_SAMP_BY_COUNT;
525 interface_opts->sampling_param = get_positive_int(p, "sampling count");
526 } else {
527 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_COUNT;
528 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling count");
529 }
530 } else if (strcmp(arg, "timer") == 0) {
531 if (capture_opts->ifaces->len > 0) {
532 interface_options *interface_opts;
533
534 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
535 interface_opts->sampling_method = CAPTURE_SAMP_BY_TIMER;
536 interface_opts->sampling_param = get_positive_int(p, "sampling timer");
537 } else {
538 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_TIMER;
539 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling timer");
540 }
541 }
542 *colonp = ':';
543 return true;
544 }
545 #endif
546
547 #ifdef HAVE_PCAP_REMOTE
548 /*
549 * Given a string of the form "<username>:<password>", as might appear
550 * as an argument to a "-A" option, parse it and set the arguments in
551 * question. Return an indication of whether it succeeded or failed
552 * in some fashion.
553 */
554 static bool
555 get_auth_arguments(capture_options *capture_opts, const char *arg)
556 {
557 char *p = NULL, *colonp;
558
559 colonp = strchr(arg, ':');
560 if (colonp == NULL)
561 return false;
562
563 p = colonp;
564 *p++ = '\0';
565
566 while (g_ascii_isspace(*p))
567 p++;
568
569 if (capture_opts->ifaces->len > 0) {
570 interface_options *interface_opts;
571
572 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
573 interface_opts->auth_type = CAPTURE_AUTH_PWD;
574 interface_opts->auth_username = g_strdup(arg);
575 interface_opts->auth_password = g_strdup(p);
576 } else {
577 capture_opts->default_options.auth_type = CAPTURE_AUTH_PWD;
578 capture_opts->default_options.auth_username = g_strdup(arg);
579 capture_opts->default_options.auth_password = g_strdup(p);
580 }
581 *colonp = ':';
582 return true;
583 }
584 #endif
585
586 #ifdef _WIN32
587 static char *
588 capture_opts_generate_display_name(const char *friendly_name,
589 const char *name _U_)
590 {
591 /*
592 * Display the friendly name rather than the not-so-friendly
593 * GUID-based interface name.
594 */
595 return g_strdup(friendly_name);
596 }
597 #else
598 static char *
599 capture_opts_generate_display_name(const char *friendly_name,
600 const char *name)
601 {
602 /*
603 * On UN*X, however, users are more used to interface names,
604 * and may find it helpful to see them.
605 */
606 return ws_strdup_printf("%s: %s", friendly_name, name);
607 }
608 #endif
609
610 static void
611 fill_in_interface_opts_defaults(interface_options *interface_opts, const capture_options *capture_opts)
612 {
613
614 interface_opts->cfilter = g_strdup(capture_opts->default_options.cfilter);
615 interface_opts->snaplen = capture_opts->default_options.snaplen;
616 interface_opts->has_snaplen = capture_opts->default_options.has_snaplen;
617 interface_opts->linktype = capture_opts->default_options.linktype;
618 interface_opts->promisc_mode = capture_opts->default_options.promisc_mode;
619 interface_opts->extcap_fifo = g_strdup(capture_opts->default_options.extcap_fifo);
620 interface_opts->extcap_args = NULL;
621 interface_opts->extcap_pid = WS_INVALID_PID;
622 interface_opts->extcap_pipedata = NULL;
623 interface_opts->extcap_stderr = NULL;
624 interface_opts->extcap_stdout_watch = 0;
625 interface_opts->extcap_stderr_watch = 0;
626 #ifdef _WIN32
627 interface_opts->extcap_pipe_h = INVALID_HANDLE_VALUE;
628 interface_opts->extcap_control_in_h = INVALID_HANDLE_VALUE;
629 interface_opts->extcap_control_out_h = INVALID_HANDLE_VALUE;
630 #endif
631 interface_opts->extcap_control_in = g_strdup(capture_opts->default_options.extcap_control_in);
632 interface_opts->extcap_control_out = g_strdup(capture_opts->default_options.extcap_control_out);
633 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
634 interface_opts->buffer_size = capture_opts->default_options.buffer_size;
635 #endif
636 interface_opts->monitor_mode = capture_opts->default_options.monitor_mode;
637 #ifdef HAVE_PCAP_REMOTE
638 interface_opts->src_type = capture_opts->default_options.src_type;
639 interface_opts->remote_host = g_strdup(capture_opts->default_options.remote_host);
640 interface_opts->remote_port = g_strdup(capture_opts->default_options.remote_port);
641 interface_opts->auth_type = capture_opts->default_options.auth_type;
642 interface_opts->auth_username = g_strdup(capture_opts->default_options.auth_username);
643 interface_opts->auth_password = g_strdup(capture_opts->default_options.auth_password);
644 interface_opts->datatx_udp = capture_opts->default_options.datatx_udp;
645 interface_opts->nocap_rpcap = capture_opts->default_options.nocap_rpcap;
646 interface_opts->nocap_local = capture_opts->default_options.nocap_local;
647 #endif
648 #ifdef HAVE_PCAP_SETSAMPLING
649 interface_opts->sampling_method = capture_opts->default_options.sampling_method;
650 interface_opts->sampling_param = capture_opts->default_options.sampling_param;
651 #endif
652 interface_opts->timestamp_type = capture_opts->default_options.timestamp_type;
653 }
654
655 static void
656 fill_in_interface_opts_from_ifinfo(interface_options *interface_opts,
657 const if_info_t *if_info)
658 {
659 interface_opts->name = g_strdup(if_info->name);
660
661 interface_opts->hardware = g_strdup(if_info->vendor_description);
662 /* XXX: ui/capture_ui_utils.c get_interface_descriptive_name()
663 * does several things different in setting descr (and thus
664 * display name):
665 * 1. It checks for a user-supplied description via
666 * capture_dev_user_descr_find(if_info->name), including a
667 * long-standing -X option of "stdin_descr" that dates back to 1.0
668 * 2. If we don't have a friendly name, but do have a vendor
669 * description (set to hardware above), that is used as the
670 * description.
671 *
672 * Perhaps we don't want to introduce a dependency on the prefs
673 * and ex-opts here. We could do 2 here, though.
674 *
675 * Because we always set interface_opts->display_name here, it is
676 * never NULL when get_iface_list_string is called, so that never
677 * calls get_interface_descriptive_name(). (And thus, we never
678 * actually use the vendor description in the display name/descr
679 * as a fallback.)
680 */
681 if (if_info->friendly_name != NULL) {
682 /*
683 * We have a friendly name; remember it as the
684 * description...
685 */
686 interface_opts->descr = g_strdup(if_info->friendly_name);
687 /*
688 * ...and use it in the console display name.
689 */
690 interface_opts->display_name = capture_opts_generate_display_name(if_info->friendly_name, if_info->name);
691 } else {
692 /* fallback to the interface name */
693 interface_opts->descr = NULL;
694 interface_opts->display_name = g_strdup(if_info->name);
695 }
696 interface_opts->ifname = NULL;
697 interface_opts->if_type = if_info->type;
698 interface_opts->extcap = g_strdup(if_info->extcap);
699 }
700
701 static if_info_t*
702 find_ifinfo_by_name(GList *if_list, const char *name)
703 {
704 GList *if_entry;
705 if_info_t *matched_if_info;
706 size_t prefix_length;
707
708 matched_if_info = NULL;
709 if (if_list != NULL) {
710 /*
711 * Try and do an exact match (case insensitive) on the
712 * interface name, the interface description, and the
713 * hardware description.
714 */
715 for (if_entry = g_list_first(if_list); if_entry != NULL;
716 if_entry = g_list_next(if_entry))
717 {
718 if_info_t *if_info = (if_info_t *)if_entry->data;
719
720 /*
721 * Does the specified name match the interface name
722 * with a case-insensitive match?
723 */
724 if (g_ascii_strcasecmp(if_info->name, name) == 0) {
725 /*
726 * Yes.
727 */
728 matched_if_info = if_info;
729 break;
730 }
731
732 /*
733 * Does this interface have a friendly name and, if so,
734 * does the specified name match the friendly name with
735 * a case-insensitive match?
736 */
737 if (if_info->friendly_name != NULL &&
738 g_ascii_strcasecmp(if_info->friendly_name, name) == 0) {
739 /*
740 * Yes.
741 */
742 matched_if_info = if_info;
743 break;
744 }
745
746 #ifdef _WIN32
747 /*
748 * On Windows, we store interface names in preferences as:
749 * friendlyname (name)
750 * Do we have a case-insensitive match for that?
751 */
752 if (if_info->friendly_name != NULL) {
753 GString* combined_name = g_string_new(if_info->friendly_name);
754 g_string_append_printf(combined_name, " (%s)", if_info->name);
755 if (g_ascii_strcasecmp(combined_name->str, name) == 0) {
756 /*
757 * Yes.
758 */
759 matched_if_info = if_info;
760 }
761 g_string_free(combined_name, TRUE);
762 if (matched_if_info != NULL) {
763 break;
764 }
765 }
766 #endif
767 }
768
769 if (matched_if_info == NULL) {
770 /*
771 * We didn't find it; attempt a case-insensitive prefix match
772 * of the friendly name.
773 */
774 prefix_length = strlen(name);
775 for (if_entry = g_list_first(if_list); if_entry != NULL;
776 if_entry = g_list_next(if_entry))
777 {
778 if_info_t *if_info = (if_info_t *)if_entry->data;
779
780 if (if_info->friendly_name != NULL &&
781 g_ascii_strncasecmp(if_info->friendly_name, name, prefix_length) == 0) {
782 /*
783 * We found an interface whose friendly name matches
784 * with a case-insensitive prefix match.
785 */
786 matched_if_info = if_info;
787 break;
788 }
789 }
790 }
791 }
792
793 return matched_if_info;
794 }
795
796 static int
797 capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
798 {
799 long adapter_index;
800 char *p;
801 GList *if_list;
802 if_info_t *if_info;
803 int err;
804 char *err_str;
805 interface_options interface_opts;
806
807 /*
808 * If the argument is a number, treat it as an index into the list
809 * of adapters, as printed by "tshark -D".
810 *
811 * This should be OK on UN*X systems, as interfaces shouldn't have
812 * names that begin with digits. It can be useful on Windows, where
813 * more than one interface can have the same name.
814 *
815 * XXX - "shouldn't have names that begin with digits" is not true
816 * on Linux; see
817 *
818 * https://github.com/the-tcpdump-group/tcpdump/issues/522
819 *
820 * tcpdump handles that by trying to open the device by name and,
821 * if that fails *and* the name is a syntactically valid number
822 * (optional sign, followed by decimal digits), reports an error
823 * if it's not a valid interface index, and otherwise uses it as
824 * an interface index.
825 */
826 adapter_index = strtol(optarg_str_p, &p, 10);
827 if (p != NULL && *p == '\0') {
828 if (adapter_index < 0) {
829 cmdarg_err("The specified adapter index is a negative number");
830 return 1;
831 }
832 if (adapter_index > INT_MAX) {
833 cmdarg_err("The specified adapter index is too large (greater than %d)",
834 INT_MAX);
835 return 1;
836 }
837 if (adapter_index == 0) {
838 cmdarg_err("There is no interface with that adapter index");
839 return 1;
840 }
841 if_list = capture_opts->get_iface_list(&err, &err_str);
842 if (if_list == NULL) {
843 if (err == 0)
844 cmdarg_err("There are no interfaces on which a capture can be done");
845 else {
846 cmdarg_err("%s", err_str);
847 g_free(err_str);
848 }
849 return 2;
850 }
851 if_info = (if_info_t *)g_list_nth_data(if_list, (int)(adapter_index - 1));
852 if (if_info == NULL) {
853 cmdarg_err("There is no interface with that adapter index");
854 free_interface_list(if_list);
855 return 1;
856 }
857 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
858 free_interface_list(if_list);
859 } else if (capture_opts->capture_child) {
860 /*
861 * In Wireshark capture child mode, so the exact interface name
862 * is supplied, and we don't need to look it up.
863 */
864 if_info = if_info_get(optarg_str_p);
865 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
866 if_info_free(if_info);
867 } else if (g_strcmp0(optarg_str_p, "-") == 0) {
868 /*
869 * Standard input. Don't bother to retrieve the interface_list;
870 * assume that there isn't a device named "-". (Retrieving the
871 * interface list involves spawning a privileged dumpcap process.)
872 */
873 interface_opts.name = g_strdup(optarg_str_p);
874 interface_opts.descr = g_strdup("Standard input");
875 interface_opts.hardware = NULL;
876 interface_opts.display_name = g_strdup(interface_opts.descr);
877 interface_opts.ifname = NULL;
878 interface_opts.if_type = IF_STDIN;
879 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
880 #ifdef _WIN32
881 } else if (win32_is_pipe_name(optarg_str_p)) {
882 /*
883 * Special named pipe name on Windows.
884 * https://learn.microsoft.com/en-us/windows/win32/ipc/pipe-names
885 * Don't bother retrieving the interface list.
886 */
887 interface_opts.name = g_strdup(optarg_str_p);
888 interface_opts.descr = NULL;
889 interface_opts.hardware = NULL;
890 interface_opts.display_name = g_strdup(optarg_str_p);
891 interface_opts.ifname = NULL;
892 interface_opts.if_type = IF_PIPE;
893 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
894 #endif
895 } else {
896 /*
897 * Search for that name in the interface list and, if we found
898 * it, fill in fields in the interface_opts structure.
899 *
900 * XXX - if we can't get the interface list, we don't report
901 * an error, as, on Windows, that might be due to WinPcap or
902 * Npcap not being installed, but the specified "interface"
903 * might be the standard input ("-") or a pipe, and dumpcap
904 * should support capturing from the standard input or from
905 * a pipe even if there's no capture support from *pcap.
906 *
907 * Perhaps doing something similar to what was suggested
908 * for numerical interfaces should be done.
909 *
910 * XXX: If we ever save pipe settings permanently, it should be
911 * capture_interface_list that tries to check saved pipes (or
912 * extcaps), possibly before retrieving the list.
913 */
914 if_list = capture_opts->get_iface_list(&err, &err_str);
915 if_info = find_ifinfo_by_name(if_list, optarg_str_p);
916 if (if_info != NULL) {
917 /*
918 * We found the interface in the list; fill in the
919 * interface_opts structure from its if_info.
920 */
921 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
922 } else {
923 /*
924 * We didn't find the interface in the list; just use
925 * the specified name, so that, for example, if an
926 * interface doesn't show up in the list for some
927 * reason, the user can try specifying it explicitly
928 * for testing purposes.
929 */
930 interface_opts.name = g_strdup(optarg_str_p);
931 interface_opts.descr = NULL;
932 interface_opts.hardware = NULL;
933 interface_opts.display_name = g_strdup(optarg_str_p);
934 interface_opts.ifname = NULL;
935 interface_opts.if_type = capture_opts->default_options.if_type;
936 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
937 }
938 free_interface_list(if_list);
939 }
940
941 fill_in_interface_opts_defaults(&interface_opts, capture_opts);
942
943 g_array_append_val(capture_opts->ifaces, interface_opts);
944
945 return 0;
946 }
947
948
949 int
950 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p)
951 {
952 int status, snaplen;
953 ws_statb64 fstat;
954
955 switch(opt) {
956 case 'a': /* autostop criteria */
957 if (set_autostop_criterion(capture_opts, optarg_str_p) == false) {
958 cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
959 return 1;
960 }
961 break;
962 #ifdef HAVE_PCAP_REMOTE
963 case 'A':
964 if (get_auth_arguments(capture_opts, optarg_str_p) == false) {
965 cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
966 return 1;
967 }
968 break;
969 #endif
970 case 'b': /* Ringbuffer option */
971 capture_opts->multi_files_on = true;
972 if (get_ring_arguments(capture_opts, optarg_str_p) == false) {
973 cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
974 return 1;
975 }
976 break;
977 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
978 case 'B': /* Buffer size */
979 if (capture_opts->ifaces->len > 0) {
980 interface_options *interface_opts;
981
982 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
983 interface_opts->buffer_size = get_positive_int(optarg_str_p, "buffer size");
984 } else {
985 capture_opts->default_options.buffer_size = get_positive_int(optarg_str_p, "buffer size");
986 }
987 break;
988 #endif
989 case 'c': /* Capture n packets */
990 /* XXX Use set_autostop_criterion instead? */
991 capture_opts->has_autostop_packets = true;
992 capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
993 break;
994 case 'f': /* capture filter */
995 if (capture_opts->capture_filters_list == NULL)
996 capture_opts->capture_filters_list = ws_filter_list_read(CFILTER_LIST);
997 get_filter_arguments(capture_opts, optarg_str_p);
998 break;
999 case 'F': /* capture file type */
1000 if (get_file_type_argument(capture_opts, optarg_str_p) == false) {
1001 capture_opts_list_file_types();
1002 return 1;
1003 }
1004 break;
1005 case 'g': /* enable group read access on the capture file(s) */
1006 capture_opts->group_read_access = true;
1007 break;
1008 case 'H': /* Hide capture info dialog box */
1009 capture_opts->show_info = false;
1010 break;
1011 case LONGOPT_SET_TSTAMP_TYPE: /* Set capture time stamp type */
1012 if (capture_opts->ifaces->len > 0) {
1013 interface_options *interface_opts;
1014
1015 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1016 g_free(interface_opts->timestamp_type);
1017 interface_opts->timestamp_type = g_strdup(optarg_str_p);
1018 } else {
1019 g_free(capture_opts->default_options.timestamp_type);
1020 capture_opts->default_options.timestamp_type = g_strdup(optarg_str_p);
1021 }
1022 break;
1023 case 'i': /* Use interface x */
1024 status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
1025 if (status != 0) {
1026 return status;
1027 }
1028 break;
1029 #ifdef HAVE_PCAP_CREATE
1030 case 'I': /* Capture in monitor mode */
1031 if (capture_opts->ifaces->len > 0) {
1032 interface_options *interface_opts;
1033
1034 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1035 interface_opts->monitor_mode = true;
1036 } else {
1037 capture_opts->default_options.monitor_mode = true;
1038 }
1039 break;
1040 #endif
1041 case 'l': /* tshark "Line-buffer" standard output */
1042 capture_opts->update_interval = 0;
1043 /* Wireshark uses 'l' for Automatic scrolling in live capture mode,
1044 * but ui/commandline.c should not and does not call this function
1045 * for 'l'.
1046 */
1047 break;
1048 #ifdef HAVE_PCAP_SETSAMPLING
1049 case 'm':
1050 if (get_sampling_arguments(capture_opts, optarg_str_p) == false) {
1051 cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
1052 return 1;
1053 }
1054 break;
1055 #endif
1056 case 'n': /* Use pcapng format */
1057 cmdarg_err("'-n' is deprecated; use '-F pcapng' to set the output format to pcapng.");
1058 capture_opts->use_pcapng = true;
1059 break;
1060 case 'p': /* Don't capture in promiscuous mode */
1061 if (capture_opts->ifaces->len > 0) {
1062 interface_options *interface_opts;
1063
1064 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1065 interface_opts->promisc_mode = false;
1066 } else {
1067 capture_opts->default_options.promisc_mode = false;
1068 }
1069 break;
1070 case 'P': /* Use pcap format */
1071 cmdarg_err("'-P' is deprecated; use '-F pcap' to set the output format to pcap.");
1072 capture_opts->use_pcapng = false;
1073 break;
1074 #ifdef HAVE_PCAP_REMOTE
1075 case 'r':
1076 if (capture_opts->ifaces->len > 0) {
1077 interface_options *interface_opts;
1078
1079 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1080 interface_opts->nocap_rpcap = false;
1081 } else {
1082 capture_opts->default_options.nocap_rpcap = false;
1083 }
1084 break;
1085 #endif
1086 case 's': /* Set the snapshot (capture) length */
1087 snaplen = get_natural_int(optarg_str_p, "snapshot length");
1088 /*
1089 * Make a snapshot length of 0 equivalent to the maximum packet
1090 * length, mirroring what tcpdump does.
1091 */
1092 if (snaplen == 0)
1093 snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1094 if (capture_opts->ifaces->len > 0) {
1095 interface_options *interface_opts;
1096
1097 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1098 interface_opts->has_snaplen = true;
1099 interface_opts->snaplen = snaplen;
1100 } else {
1101 capture_opts->default_options.snaplen = snaplen;
1102 capture_opts->default_options.has_snaplen = true;
1103 }
1104 break;
1105 case 'S': /* "Real-Time" mode: used for following file ala tail -f */
1106 capture_opts->real_time_mode = true;
1107 break;
1108 #ifdef HAVE_PCAP_REMOTE
1109 case 'u':
1110 if (capture_opts->ifaces->len > 0) {
1111 interface_options *interface_opts;
1112
1113 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1114 interface_opts->datatx_udp = true;
1115 } else {
1116 capture_opts->default_options.datatx_udp = true;
1117 }
1118 break;
1119 #endif
1120 case 'w': /* Write to capture file x */
1121 capture_opts->saving_to_file = true;
1122 g_free(capture_opts->save_file);
1123 capture_opts->save_file = g_strdup(optarg_str_p);
1124 capture_opts->orig_save_file = g_strdup(optarg_str_p);
1125 status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
1126 return status;
1127 case 'y': /* Set the pcap data link type */
1128 if (capture_opts->ifaces->len > 0) {
1129 interface_options *interface_opts;
1130
1131 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1132 interface_opts->linktype = linktype_name_to_val(optarg_str_p);
1133 if (interface_opts->linktype == -1) {
1134 cmdarg_err("The specified data link type \"%s\" isn't valid",
1135 optarg_str_p);
1136 return 1;
1137 }
1138 } else {
1139 capture_opts->default_options.linktype = linktype_name_to_val(optarg_str_p);
1140 if (capture_opts->default_options.linktype == -1) {
1141 cmdarg_err("The specified data link type \"%s\" isn't valid",
1142 optarg_str_p);
1143 return 1;
1144 }
1145 }
1146 break;
1147 case LONGOPT_COMPRESS_TYPE: /* compress type */
1148 if (capture_opts->compress_type) {
1149 cmdarg_err("--compress-type can be set only once");
1150 return 1;
1151 }
1152 if (strcmp(optarg_str_p, "none") == 0) {
1153 ;
1154 } else if (strcmp(optarg_str_p, "gzip") == 0) {
1155 #if defined (HAVE_ZLIB) || defined (HAVE_ZLIBNG)
1156 ;
1157 #else
1158 cmdarg_err("'gzip' compression is not supported");
1159 return 1;
1160 #endif
1161 } else {
1162 #if defined (HAVE_ZLIB) || defined (HAVE_ZLIBNG)
1163 cmdarg_err("parameter of --compress-type can be 'none' or 'gzip'");
1164 #else
1165 cmdarg_err("parameter of --compress-type can only be 'none'");
1166 #endif
1167 return 1;
1168 }
1169 capture_opts->compress_type = g_strdup(optarg_str_p);
1170 break;
1171 case LONGOPT_CAPTURE_TMPDIR: /* capture temporary directory */
1172 if (capture_opts->temp_dir) {
1173 cmdarg_err("--temp-dir can be set only once");
1174 return 1;
1175 }
1176 if (ws_stat64(optarg_str_p, &fstat) < 0) {
1177 cmdarg_err("Can't set temporary directory %s: %s",
1178 optarg_str_p, g_strerror(errno));
1179 return 1;
1180 }
1181 if (!S_ISDIR(fstat.st_mode)) {
1182 cmdarg_err("Can't set temporary directory %s: not a directory",
1183 optarg_str_p);
1184 return 1;
1185 }
1186 #ifdef S_IRWXU
1187 if ((fstat.st_mode & S_IRWXU) != S_IRWXU) {
1188 cmdarg_err("Can't set temporary directory %s: not a writable directory",
1189 optarg_str_p);
1190 return 1;
1191 }
1192 #endif /* S_IRWXU */
1193 capture_opts->temp_dir = g_strdup(optarg_str_p);
1194 break;
1195 case LONGOPT_UPDATE_INTERVAL: /* capture update interval */
1196 capture_opts->update_interval = get_natural_int(optarg_str_p, "update interval");
1197 break;
1198 default:
1199 /* the caller is responsible to send us only the right opt's */
1200 ws_assert_not_reached();
1201 }
1202
1203 return 0;
1204 }
1205
1206 int
1207 capture_opts_print_if_capabilities(if_capabilities_t *caps,
1208 const interface_options *interface_opts,
1209 int queries)
1210 {
1211 GList *lt_entry, *ts_entry;
1212
1213 if (caps->primary_msg) {
1214 cmdarg_err("The capabilities of the capture device "
1215 "\"%s\" could not be obtained (%s).%s%s",
1216 interface_opts->name, caps->primary_msg,
1217 caps->secondary_msg ? "\n" : "",
1218 caps->secondary_msg ? caps->secondary_msg : "");
1219 return WS_EXIT_INVALID_CAPABILITY;
1220 }
1221
1222 if (queries & CAPS_QUERY_LINK_TYPES) {
1223 if (interface_opts->monitor_mode && caps->can_set_rfmon) {
1224 lt_entry = caps->data_link_types_rfmon;
1225 } else {
1226 lt_entry = caps->data_link_types;
1227 }
1228 if (lt_entry == NULL) {
1229 cmdarg_err("The capture device \"%s\" has no data link types.",
1230 interface_opts->name);
1231 return WS_EXIT_IFACE_HAS_NO_LINK_TYPES;
1232 }
1233 if (caps->can_set_rfmon)
1234 printf("Data link types of interface %s when %sin monitor mode (use option -y to set):\n",
1235 interface_opts->name,
1236 (interface_opts->monitor_mode) ? "" : "not ");
1237 else
1238 printf("Data link types of interface %s (use option -y to set):\n",
1239 interface_opts->name);
1240 for (; lt_entry != NULL;
1241 lt_entry = g_list_next(lt_entry)) {
1242 data_link_info_t *data_link_info = (data_link_info_t *)lt_entry->data;
1243 printf(" %s", data_link_info->name);
1244 if (data_link_info->description != NULL)
1245 printf(" (%s)", data_link_info->description);
1246 else
1247 printf(" (not supported)");
1248 printf("\n");
1249 }
1250 }
1251
1252 if (queries & CAPS_QUERY_TIMESTAMP_TYPES) {
1253 if (caps->timestamp_types == NULL) {
1254 cmdarg_err("The capture device \"%s\" has no timestamp types.",
1255 interface_opts->name);
1256 return WS_EXIT_IFACE_HAS_NO_TIMESTAMP_TYPES;
1257 }
1258 printf("Timestamp types of the interface (use option --time-stamp-type to set):\n");
1259 for (ts_entry = caps->timestamp_types; ts_entry != NULL;
1260 ts_entry = g_list_next(ts_entry)) {
1261 timestamp_info_t *timestamp = (timestamp_info_t *)ts_entry->data;
1262 printf(" %s", timestamp->name);
1263 if (timestamp->description != NULL)
1264 printf(" (%s)", timestamp->description);
1265 else
1266 printf(" (none)");
1267 printf("\n");
1268 }
1269 }
1270 return EXIT_SUCCESS;
1271 }
1272
1273 /* Print an ASCII-formatted list of interfaces. */
1274 void
1275 capture_opts_print_interfaces(GList *if_list)
1276 {
1277 int i;
1278 GList *if_entry;
1279 if_info_t *if_info;
1280
1281 i = 1; /* Interface id number */
1282 for (if_entry = g_list_first(if_list); if_entry != NULL;
1283 if_entry = g_list_next(if_entry)) {
1284 if_info = (if_info_t *)if_entry->data;
1285 printf("%d. %s", i++, if_info->name);
1286
1287 /* Print the interface friendly name, if it exists;
1288 if not, fall back to the vendor description, if it exists. */
1289 if (if_info->friendly_name != NULL){
1290 printf(" (%s)", if_info->friendly_name);
1291 } else {
1292 if (if_info->vendor_description != NULL)
1293 printf(" (%s)", if_info->vendor_description);
1294 }
1295 printf("\n");
1296 }
1297 }
1298
1299
1300 void
1301 capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min)
1302 {
1303 unsigned i;
1304 interface_options *interface_opts;
1305
1306 if (capture_opts->ifaces->len > 0) {
1307 for (i = 0; i < capture_opts->ifaces->len; i++) {
1308 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, 0);
1309 if (interface_opts->snaplen < 1)
1310 interface_opts->snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1311 else if (interface_opts->snaplen < snaplen_min)
1312 interface_opts->snaplen = snaplen_min;
1313 }
1314 } else {
1315 if (capture_opts->default_options.snaplen < 1)
1316 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1317 else if (capture_opts->default_options.snaplen < snaplen_min)
1318 capture_opts->default_options.snaplen = snaplen_min;
1319 }
1320 }
1321
1322
1323 void
1324 capture_opts_trim_ring_num_files(capture_options *capture_opts)
1325 {
1326 /* Check the value range of the ring_num_files parameter */
1327 if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES) {
1328 cmdarg_err("Too many ring buffer files (%u). Reducing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MAX_NUM_FILES);
1329 capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
1330 } else if (capture_opts->ring_num_files > RINGBUFFER_WARN_NUM_FILES) {
1331 cmdarg_err("%u is a lot of ring buffer files.\n", capture_opts->ring_num_files);
1332 }
1333 #if RINGBUFFER_MIN_NUM_FILES > 0
1334 else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES) {
1335 cmdarg_err("Too few ring buffer files (%u). Increasing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MIN_NUM_FILES);
1336 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
1337 }
1338 #endif
1339 }
1340
1341 /*
1342 * If no interface was specified explicitly, pick a default.
1343 */
1344 int
1345 capture_opts_default_iface_if_necessary(capture_options *capture_opts,
1346 const char *capture_device)
1347 {
1348 int status;
1349
1350 /* Did the user specify an interface to use? */
1351 if (capture_opts->num_selected != 0 || capture_opts->ifaces->len != 0) {
1352 /* yes they did, return immediately - nothing further to do here */
1353 return 0;
1354 }
1355
1356 /* No - is a default specified in the preferences file? */
1357 if (capture_device != NULL) {
1358 /* Yes - use it. */
1359 status = capture_opts_add_iface_opt(capture_opts, capture_device);
1360 return status;
1361 }
1362 /* No default in preferences file, just pick the first interface from the list of interfaces. */
1363 return capture_opts_add_iface_opt(capture_opts, "1");
1364 }
1365
1366 #ifndef S_IFIFO
1367 #define S_IFIFO _S_IFIFO
1368 #endif
1369 #ifndef S_ISFIFO
1370 #define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
1371 #endif
1372
1373 /* copied from filesystem.c */
1374 static int
1375 capture_opts_test_for_fifo(const char *path)
1376 {
1377 ws_statb64 statb;
1378
1379 if (ws_stat64(path, &statb) < 0)
1380 return errno;
1381
1382 if (S_ISFIFO(statb.st_mode))
1383 return ESPIPE;
1384 else
1385 return 0;
1386 }
1387
1388 static bool
1389 capture_opts_output_to_pipe(const char *save_file, bool *is_pipe)
1390 {
1391 int err;
1392
1393 *is_pipe = false;
1394
1395 if (save_file != NULL) {
1396 /* We're writing to a capture file. */
1397 if (strcmp(save_file, "-") == 0) {
1398 /* Writing to stdout. */
1399 /* XXX - should we check whether it's a pipe? It's arguably
1400 silly to do "-w - >output_file" rather than "-w output_file",
1401 but by not checking we might be violating the Principle Of
1402 Least Astonishment. */
1403 *is_pipe = true;
1404 } else {
1405 /* not writing to stdout, test for a FIFO (aka named pipe) */
1406 err = capture_opts_test_for_fifo(save_file);
1407 switch (err) {
1408
1409 case ENOENT: /* it doesn't exist, so we'll be creating it,
1410 and it won't be a FIFO */
1411 case 0: /* found it, but it's not a FIFO */
1412 break;
1413
1414 case ESPIPE: /* it is a FIFO */
1415 *is_pipe = true;
1416 break;
1417
1418 default: /* couldn't stat it */
1419 break; /* ignore: later attempt to open */
1420 /* will generate a nice msg */
1421 }
1422 }
1423 }
1424
1425 return 0;
1426 }
1427
1428 void
1429 interface_opts_free(interface_options *interface_opts)
1430 {
1431 if (interface_opts == NULL)
1432 return;
1433
1434 g_free(interface_opts->name);
1435 g_free(interface_opts->descr);
1436 g_free(interface_opts->hardware);
1437 g_free(interface_opts->display_name);
1438 g_free(interface_opts->ifname);
1439 g_free(interface_opts->cfilter);
1440 g_free(interface_opts->timestamp_type);
1441 g_free(interface_opts->extcap);
1442 g_free(interface_opts->extcap_fifo);
1443 if (interface_opts->extcap_args)
1444 g_hash_table_unref(interface_opts->extcap_args);
1445 if (interface_opts->extcap_pid != WS_INVALID_PID)
1446 ws_warning("Extcap still running during interface delete");
1447 g_free(interface_opts->extcap_pipedata);
1448 if (interface_opts->extcap_stderr)
1449 g_string_free(interface_opts->extcap_stderr, TRUE);
1450 g_free(interface_opts->extcap_control_in);
1451 g_free(interface_opts->extcap_control_out);
1452 #ifdef HAVE_PCAP_REMOTE
1453 if (interface_opts->src_type == CAPTURE_IFREMOTE) {
1454 g_free(interface_opts->remote_host);
1455 g_free(interface_opts->remote_port);
1456 g_free(interface_opts->auth_username);
1457 g_free(interface_opts->auth_password);
1458 }
1459 #endif
1460 }
1461
1462 void
1463 capture_opts_del_iface(capture_options *capture_opts, unsigned if_index)
1464 {
1465 interface_options *interface_opts;
1466
1467 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, if_index);
1468 /* XXX - check if found? */
1469 interface_opts_free(interface_opts);
1470
1471 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, if_index);
1472 }
1473
1474 interface_options*
1475 interface_opts_from_if_info(capture_options *capture_opts, const if_info_t *if_info)
1476 {
1477 interface_options *interface_opts = g_new(interface_options, 1);
1478
1479 fill_in_interface_opts_from_ifinfo(interface_opts, if_info);
1480 fill_in_interface_opts_defaults(interface_opts, capture_opts);
1481
1482 return interface_opts;
1483 }
1484
1485 /*
1486 * Add all non-hidden selected interfaces in the "all interfaces" list
1487 * to the list of interfaces for the capture.
1488 */
1489 void
1490 collect_ifaces(capture_options *capture_opts)
1491 {
1492 unsigned i;
1493 interface_t *device;
1494 interface_options interface_opts;
1495
1496 /* Empty out the existing list of interfaces. */
1497 for (i = capture_opts->ifaces->len; i != 0; i--)
1498 capture_opts_del_iface(capture_opts, i-1);
1499
1500 /* Now fill the list up again. */
1501 for (i = 0; i < capture_opts->all_ifaces->len; i++) {
1502 device = &g_array_index(capture_opts->all_ifaces, interface_t, i);
1503 if (device->selected) {
1504 interface_opts.name = g_strdup(device->name);
1505 interface_opts.descr = g_strdup(device->if_info.friendly_name);
1506 interface_opts.ifname = NULL;
1507 interface_opts.hardware = g_strdup(device->if_info.vendor_description);
1508 interface_opts.display_name = g_strdup(device->display_name);
1509 interface_opts.linktype = device->active_dlt;
1510 interface_opts.cfilter = g_strdup(device->cfilter);
1511 interface_opts.timestamp_type = g_strdup(device->timestamp_type);
1512 interface_opts.snaplen = device->snaplen;
1513 interface_opts.has_snaplen = device->has_snaplen;
1514 interface_opts.promisc_mode = device->pmode;
1515 interface_opts.if_type = device->if_info.type;
1516 interface_opts.extcap = g_strdup(device->if_info.extcap);
1517 interface_opts.extcap_fifo = NULL;
1518 interface_opts.extcap_pipedata = NULL;
1519 interface_opts.extcap_args = device->external_cap_args_settings;
1520 interface_opts.extcap_pid = WS_INVALID_PID;
1521 if (interface_opts.extcap_args)
1522 g_hash_table_ref(interface_opts.extcap_args);
1523 interface_opts.extcap_pipedata = NULL;
1524 interface_opts.extcap_stderr = NULL;
1525 #ifdef _WIN32
1526 interface_opts.extcap_pipe_h = INVALID_HANDLE_VALUE;
1527 interface_opts.extcap_control_in_h = INVALID_HANDLE_VALUE;
1528 interface_opts.extcap_control_out_h = INVALID_HANDLE_VALUE;
1529 #endif
1530 interface_opts.extcap_control_in = NULL;
1531 interface_opts.extcap_control_out = NULL;
1532 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
1533 interface_opts.buffer_size = device->buffer;
1534 #endif
1535 #ifdef HAVE_PCAP_CREATE
1536 interface_opts.monitor_mode = device->monitor_mode_enabled;
1537 #endif
1538 #ifdef HAVE_PCAP_REMOTE
1539 interface_opts.src_type = CAPTURE_IFREMOTE;
1540 interface_opts.remote_host = g_strdup(device->remote_opts.remote_host_opts.remote_host);
1541 interface_opts.remote_port = g_strdup(device->remote_opts.remote_host_opts.remote_port);
1542 interface_opts.auth_type = device->remote_opts.remote_host_opts.auth_type;
1543 interface_opts.auth_username = g_strdup(device->remote_opts.remote_host_opts.auth_username);
1544 interface_opts.auth_password = g_strdup(device->remote_opts.remote_host_opts.auth_password);
1545 interface_opts.datatx_udp = device->remote_opts.remote_host_opts.datatx_udp;
1546 interface_opts.nocap_rpcap = device->remote_opts.remote_host_opts.nocap_rpcap;
1547 interface_opts.nocap_local = device->remote_opts.remote_host_opts.nocap_local;
1548 #endif
1549 #ifdef HAVE_PCAP_SETSAMPLING
1550 interface_opts.sampling_method = device->remote_opts.sampling_method;
1551 interface_opts.sampling_param = device->remote_opts.sampling_param;
1552 #endif
1553 g_array_append_val(capture_opts->ifaces, interface_opts);
1554 } else {
1555 continue;
1556 }
1557 }
1558 }
1559
1560 void
1561 capture_opts_free_link_row(void *elem)
1562 {
1563 link_row* e = (link_row*)elem;
1564 if (e != NULL)
1565 g_free(e->name);
1566 g_free(elem);
1567 }
1568
1569 void
1570 capture_opts_free_interface_t(interface_t *device)
1571 {
1572 if (device != NULL) {
1573 g_free(device->name);
1574 g_free(device->display_name);
1575 g_free(device->addresses);
1576 g_free(device->cfilter);
1577 g_free(device->timestamp_type);
1578 g_list_free_full(device->links, capture_opts_free_link_row);
1579 #ifdef HAVE_PCAP_REMOTE
1580 g_free(device->remote_opts.remote_host_opts.remote_host);
1581 g_free(device->remote_opts.remote_host_opts.remote_port);
1582 g_free(device->remote_opts.remote_host_opts.auth_username);
1583 g_free(device->remote_opts.remote_host_opts.auth_password);
1584 #endif
1585 g_free(device->if_info.name);
1586 g_free(device->if_info.friendly_name);
1587 g_free(device->if_info.vendor_description);
1588 g_slist_free_full(device->if_info.addrs, g_free);
1589 g_free(device->if_info.extcap);
1590 if (device->if_info.caps) {
1591 free_if_capabilities(device->if_info.caps);
1592 }
1593 if (device->external_cap_args_settings) {
1594 g_hash_table_unref(device->external_cap_args_settings);
1595 }
1596 }
1597 }
1598
1599 #endif /* HAVE_LIBPCAP */
1600
1601 /*
1602 * Editor modelines - https://www.wireshark.org/tools/modelines.html
1603 *
1604 * Local variables:
1605 * c-basic-offset: 4
1606 * tab-width: 8
1607 * indent-tabs-mode: nil
1608 * End:
1609 *
1610 * vi: set shiftwidth=4 tabstop=8 expandtab:
1611 * :indentSize=4:tabSize=8:noTabs=true:
1612 */
Metzes wireshark repo