search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert "TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags"
[wireshark-sm.git] / ui / capture_opts.c
blob40c75488095295cf6ad9799d1bac8dec1fdd2e21
1 /* capture_opts.c
2 * Routines for capture options setting
3 *
4 * Wireshark - Network traffic analyzer
5 * By Gerald Combs <gerald@wireshark.org>
6 * Copyright 1998 Gerald Combs
7 *
8 * SPDX-License-Identifier: GPL-2.0-or-later
9 */
10
11 #include <config.h>
12
13 #include <wireshark.h>
14
15 #include <stdio.h>
16 #include <stdlib.h>
17
18 #include <sys/types.h>
19 #include <sys/stat.h>
20 #include <fcntl.h>
21
22 #ifdef HAVE_LIBPCAP
23
24 #include <errno.h>
25
26 #include <ws_exit_codes.h>
27
28 #include "capture_opts.h"
29 #include "ringbuffer.h"
30
31 #include <wsutil/clopts_common.h>
32 #include <wsutil/cmdarg_err.h>
33 #include <wsutil/file_util.h>
34 #include <wsutil/ws_pipe.h>
35 #include <wsutil/ws_assert.h>
36
37 #ifdef _WIN32
38 #include <wsutil/win32-utils.h>
39 #endif
40
41 #include "capture/capture_ifinfo.h"
42 #include "capture/capture-pcap-util.h"
43
44 static bool capture_opts_output_to_pipe(const char *save_file, bool *is_pipe);
45
46
47 void
48 capture_opts_init(capture_options *capture_opts, GList *(*get_iface_list)(int *, char **))
49 {
50 capture_opts->get_iface_list = get_iface_list;
51 capture_opts->ifaces = g_array_new(FALSE, FALSE, sizeof(interface_options));
52 capture_opts->all_ifaces = g_array_new(FALSE, FALSE, sizeof(interface_t));
53 capture_opts->num_selected = 0;
54 capture_opts->default_options.name = NULL;
55 capture_opts->default_options.descr = NULL;
56 capture_opts->default_options.ifname = NULL;
57 capture_opts->default_options.hardware = NULL;
58 capture_opts->default_options.display_name = NULL;
59 capture_opts->default_options.cfilter = NULL;
60 capture_opts->default_options.has_snaplen = false;
61 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
62 capture_opts->default_options.linktype = -1; /* use interface default */
63 capture_opts->default_options.promisc_mode = true;
64 capture_opts->default_options.if_type = IF_WIRED;
65 capture_opts->default_options.extcap = NULL;
66 capture_opts->default_options.extcap_fifo = NULL;
67 capture_opts->default_options.extcap_args = NULL;
68 capture_opts->default_options.extcap_pid = WS_INVALID_PID;
69 capture_opts->default_options.extcap_pipedata = NULL;
70 capture_opts->default_options.extcap_stderr = NULL;
71 capture_opts->default_options.extcap_stdout_watch = 0;
72 capture_opts->default_options.extcap_stderr_watch = 0;
73 #ifdef _WIN32
74 capture_opts->default_options.extcap_pipe_h = INVALID_HANDLE_VALUE;
75 capture_opts->default_options.extcap_control_in_h = INVALID_HANDLE_VALUE;
76 capture_opts->default_options.extcap_control_out_h = INVALID_HANDLE_VALUE;
77 #endif
78 capture_opts->default_options.extcap_control_in = NULL;
79 capture_opts->default_options.extcap_control_out = NULL;
80 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
81 capture_opts->default_options.buffer_size = DEFAULT_CAPTURE_BUFFER_SIZE;
82 #endif
83 capture_opts->default_options.monitor_mode = false;
84 #ifdef HAVE_PCAP_REMOTE
85 capture_opts->default_options.src_type = CAPTURE_IFLOCAL;
86 capture_opts->default_options.remote_host = NULL;
87 capture_opts->default_options.remote_port = NULL;
88 capture_opts->default_options.auth_type = CAPTURE_AUTH_NULL;
89 capture_opts->default_options.auth_username = NULL;
90 capture_opts->default_options.auth_password = NULL;
91 capture_opts->default_options.datatx_udp = false;
92 capture_opts->default_options.nocap_rpcap = true;
93 capture_opts->default_options.nocap_local = false;
94 #endif
95 #ifdef HAVE_PCAP_SETSAMPLING
96 capture_opts->default_options.sampling_method = CAPTURE_SAMP_NONE;
97 capture_opts->default_options.sampling_param = 0;
98 #endif
99 capture_opts->default_options.timestamp_type = NULL;
100 capture_opts->saving_to_file = false;
101 capture_opts->save_file = NULL;
102 capture_opts->group_read_access = false;
103 capture_opts->use_pcapng = true; /* Save as pcapng by default */
104 capture_opts->update_interval = DEFAULT_UPDATE_INTERVAL; /* 100 ms */
105 capture_opts->real_time_mode = true;
106 capture_opts->show_info = true;
107 capture_opts->restart = false;
108 capture_opts->orig_save_file = NULL;
109
110 capture_opts->multi_files_on = false;
111 capture_opts->has_file_duration = false;
112 capture_opts->file_duration = 60.0; /* 1 min */
113 capture_opts->has_file_interval = false;
114 capture_opts->has_nametimenum = false;
115 capture_opts->file_interval = 60; /* 1 min */
116 capture_opts->has_file_packets = false;
117 capture_opts->file_packets = 0;
118 capture_opts->has_ring_num_files = false;
119 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
120
121 capture_opts->has_autostop_files = false;
122 capture_opts->autostop_files = 1;
123 capture_opts->has_autostop_packets = false;
124 capture_opts->autostop_packets = 0;
125 capture_opts->has_autostop_written_packets = false;
126 capture_opts->autostop_written_packets = 0;
127 capture_opts->has_autostop_filesize = false;
128 capture_opts->autostop_filesize = 1000; /* 1 MB */
129 capture_opts->has_autostop_duration = false;
130 capture_opts->autostop_duration = 60.0; /* 1 min */
131
132 capture_opts->output_to_pipe = false;
133 capture_opts->capture_child = false;
134 capture_opts->stop_after_extcaps = false;
135 capture_opts->wait_for_extcap_cbs = false;
136 capture_opts->print_file_names = false;
137 capture_opts->print_name_to = NULL;
138 capture_opts->temp_dir = NULL;
139 capture_opts->compress_type = NULL;
140 capture_opts->closed_msg = NULL;
141 capture_opts->extcap_terminate_id = 0;
142 capture_opts->capture_filters_list = NULL;
143 }
144
145 void
146 capture_opts_cleanup(capture_options *capture_opts)
147 {
148 if (!capture_opts)
149 return;
150
151 if (capture_opts->ifaces) {
152 while (capture_opts->ifaces->len > 0) {
153 capture_opts_del_iface(capture_opts, 0);
154 }
155 g_array_free(capture_opts->ifaces, TRUE);
156 capture_opts->ifaces = NULL;
157 }
158 if (capture_opts->all_ifaces) {
159 while (capture_opts->all_ifaces->len > 0) {
160 interface_t *device = &g_array_index(capture_opts->all_ifaces, interface_t, 0);
161 capture_opts_free_interface_t(device);
162 capture_opts->all_ifaces = g_array_remove_index(capture_opts->all_ifaces, 0);
163 }
164 g_array_free(capture_opts->all_ifaces, TRUE);
165 capture_opts->all_ifaces = NULL;
166 }
167 g_free(capture_opts->save_file);
168 g_free(capture_opts->temp_dir);
169
170 if (capture_opts->closed_msg) {
171 g_free(capture_opts->closed_msg);
172 capture_opts->closed_msg = NULL;
173 }
174 if (capture_opts->extcap_terminate_id > 0) {
175 g_source_remove(capture_opts->extcap_terminate_id);
176 capture_opts->extcap_terminate_id = 0;
177 }
178
179 if (capture_opts->capture_filters_list) {
180 ws_filter_list_free(capture_opts->capture_filters_list);
181 capture_opts->capture_filters_list = NULL;
182 }
183 }
184
185 /* log content of capture_opts */
186 void
187 capture_opts_log(const char *log_domain, enum ws_log_level log_level, capture_options *capture_opts) {
188 unsigned i;
189
190 ws_log(log_domain, log_level, "CAPTURE OPTIONS :");
191
192 for (i = 0; i < capture_opts->ifaces->len; i++) {
193 interface_options *interface_opts;
194
195 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, i);
196 ws_log(log_domain, log_level, "Interface name[%02d] : %s", i, interface_opts->name ? interface_opts->name : "(unspecified)");
197 ws_log(log_domain, log_level, "Interface description[%02d] : %s", i, interface_opts->descr ? interface_opts->descr : "(unspecified)");
198 ws_log(log_domain, log_level, "Interface vendor description[%02d] : %s", i, interface_opts->hardware ? interface_opts->hardware : "(unspecified)");
199 ws_log(log_domain, log_level, "Display name[%02d]: %s", i, interface_opts->display_name ? interface_opts->display_name : "(unspecified)");
200 ws_log(log_domain, log_level, "Capture filter[%02d] : %s", i, interface_opts->cfilter ? interface_opts->cfilter : "(unspecified)");
201 ws_log(log_domain, log_level, "Snap length[%02d] (%u) : %d", i, interface_opts->has_snaplen, interface_opts->snaplen);
202 ws_log(log_domain, log_level, "Link Type[%02d] : %d", i, interface_opts->linktype);
203 ws_log(log_domain, log_level, "Promiscuous Mode[%02d]: %s", i, interface_opts->promisc_mode?"TRUE":"FALSE");
204 ws_log(log_domain, log_level, "Extcap[%02d] : %s", i, interface_opts->extcap ? interface_opts->extcap : "(unspecified)");
205 ws_log(log_domain, log_level, "Extcap FIFO[%02d] : %s", i, interface_opts->extcap_fifo ? interface_opts->extcap_fifo : "(unspecified)");
206 ws_log(log_domain, log_level, "Extcap PID[%02d] : %"PRIdMAX, i, (intmax_t)interface_opts->extcap_pid);
207 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
208 ws_log(log_domain, log_level, "Buffer size[%02d] : %d (MB)", i, interface_opts->buffer_size);
209 #endif
210 ws_log(log_domain, log_level, "Monitor Mode[%02d] : %s", i, interface_opts->monitor_mode?"TRUE":"FALSE");
211 #ifdef HAVE_PCAP_REMOTE
212 ws_log(log_domain, log_level, "Capture source[%02d] : %s", i,
213 interface_opts->src_type == CAPTURE_IFLOCAL ? "Local interface" :
214 interface_opts->src_type == CAPTURE_IFREMOTE ? "Remote interface" :
215 "Unknown");
216 if (interface_opts->src_type == CAPTURE_IFREMOTE) {
217 ws_log(log_domain, log_level, "Remote host[%02d] : %s", i, interface_opts->remote_host ? interface_opts->remote_host : "(unspecified)");
218 ws_log(log_domain, log_level, "Remote port[%02d] : %s", i, interface_opts->remote_port ? interface_opts->remote_port : "(unspecified)");
219 }
220 ws_log(log_domain, log_level, "Authentication[%02d] : %s", i,
221 interface_opts->auth_type == CAPTURE_AUTH_NULL ? "Null" :
222 interface_opts->auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
223 "Unknown");
224 if (interface_opts->auth_type == CAPTURE_AUTH_PWD) {
225 ws_log(log_domain, log_level, "Auth username[%02d] : %s", i, interface_opts->auth_username ? interface_opts->auth_username : "(unspecified)");
226 ws_log(log_domain, log_level, "Auth password[%02d] : <hidden>", i);
227 }
228 ws_log(log_domain, log_level, "UDP data tfer[%02d] : %u", i, interface_opts->datatx_udp);
229 ws_log(log_domain, log_level, "No cap. RPCAP[%02d] : %u", i, interface_opts->nocap_rpcap);
230 ws_log(log_domain, log_level, "No cap. local[%02d] : %u", i, interface_opts->nocap_local);
231 #endif
232 #ifdef HAVE_PCAP_SETSAMPLING
233 ws_log(log_domain, log_level, "Sampling meth.[%02d] : %d", i, interface_opts->sampling_method);
234 ws_log(log_domain, log_level, "Sampling param.[%02d] : %d", i, interface_opts->sampling_param);
235 #endif
236 ws_log(log_domain, log_level, "Timestamp type [%02d] : %s", i, interface_opts->timestamp_type);
237 }
238 ws_log(log_domain, log_level, "Interface name[df] : %s", capture_opts->default_options.name ? capture_opts->default_options.name : "(unspecified)");
239 ws_log(log_domain, log_level, "Interface Descr[df] : %s", capture_opts->default_options.descr ? capture_opts->default_options.descr : "(unspecified)");
240 ws_log(log_domain, log_level, "Interface Hardware Descr[df] : %s", capture_opts->default_options.hardware ? capture_opts->default_options.hardware : "(unspecified)");
241 ws_log(log_domain, log_level, "Interface display name[df] : %s", capture_opts->default_options.display_name ? capture_opts->default_options.display_name : "(unspecified)");
242 ws_log(log_domain, log_level, "Capture filter[df] : %s", capture_opts->default_options.cfilter ? capture_opts->default_options.cfilter : "(unspecified)");
243 ws_log(log_domain, log_level, "Snap length[df] (%u) : %d", capture_opts->default_options.has_snaplen, capture_opts->default_options.snaplen);
244 ws_log(log_domain, log_level, "Link Type[df] : %d", capture_opts->default_options.linktype);
245 ws_log(log_domain, log_level, "Promiscuous Mode[df]: %s", capture_opts->default_options.promisc_mode?"TRUE":"FALSE");
246 ws_log(log_domain, log_level, "Extcap[df] : %s", capture_opts->default_options.extcap ? capture_opts->default_options.extcap : "(unspecified)");
247 ws_log(log_domain, log_level, "Extcap FIFO[df] : %s", capture_opts->default_options.extcap_fifo ? capture_opts->default_options.extcap_fifo : "(unspecified)");
248 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
249 ws_log(log_domain, log_level, "Buffer size[df] : %d (MB)", capture_opts->default_options.buffer_size);
250 #endif
251 ws_log(log_domain, log_level, "Monitor Mode[df] : %s", capture_opts->default_options.monitor_mode?"TRUE":"FALSE");
252 #ifdef HAVE_PCAP_REMOTE
253 ws_log(log_domain, log_level, "Capture source[df] : %s",
254 capture_opts->default_options.src_type == CAPTURE_IFLOCAL ? "Local interface" :
255 capture_opts->default_options.src_type == CAPTURE_IFREMOTE ? "Remote interface" :
256 "Unknown");
257 if (capture_opts->default_options.src_type == CAPTURE_IFREMOTE) {
258 ws_log(log_domain, log_level, "Remote host[df] : %s", capture_opts->default_options.remote_host ? capture_opts->default_options.remote_host : "(unspecified)");
259 ws_log(log_domain, log_level, "Remote port[df] : %s", capture_opts->default_options.remote_port ? capture_opts->default_options.remote_port : "(unspecified)");
260 }
261 ws_log(log_domain, log_level, "Authentication[df] : %s",
262 capture_opts->default_options.auth_type == CAPTURE_AUTH_NULL ? "Null" :
263 capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD ? "By username/password" :
264 "Unknown");
265 if (capture_opts->default_options.auth_type == CAPTURE_AUTH_PWD) {
266 ws_log(log_domain, log_level, "Auth username[df] : %s", capture_opts->default_options.auth_username ? capture_opts->default_options.auth_username : "(unspecified)");
267 ws_log(log_domain, log_level, "Auth password[df] : <hidden>");
268 }
269 ws_log(log_domain, log_level, "UDP data tfer[df] : %u", capture_opts->default_options.datatx_udp);
270 ws_log(log_domain, log_level, "No cap. RPCAP[df] : %u", capture_opts->default_options.nocap_rpcap);
271 ws_log(log_domain, log_level, "No cap. local[df] : %u", capture_opts->default_options.nocap_local);
272 #endif
273 #ifdef HAVE_PCAP_SETSAMPLING
274 ws_log(log_domain, log_level, "Sampling meth. [df] : %d", capture_opts->default_options.sampling_method);
275 ws_log(log_domain, log_level, "Sampling param.[df] : %d", capture_opts->default_options.sampling_param);
276 #endif
277 ws_log(log_domain, log_level, "Timestamp type [df] : %s", capture_opts->default_options.timestamp_type ? capture_opts->default_options.timestamp_type : "(unspecified)");
278 ws_log(log_domain, log_level, "SavingToFile : %u", capture_opts->saving_to_file);
279 ws_log(log_domain, log_level, "SaveFile : %s", (capture_opts->save_file) ? capture_opts->save_file : "");
280 ws_log(log_domain, log_level, "GroupReadAccess : %u", capture_opts->group_read_access);
281 ws_log(log_domain, log_level, "Fileformat : %s", (capture_opts->use_pcapng) ? "PCAPNG" : "PCAP");
282 ws_log(log_domain, log_level, "UpdateInterval : %u (ms)", capture_opts->update_interval);
283 ws_log(log_domain, log_level, "RealTimeMode : %u", capture_opts->real_time_mode);
284 ws_log(log_domain, log_level, "ShowInfo : %u", capture_opts->show_info);
285
286 ws_log(log_domain, log_level, "MultiFilesOn : %u", capture_opts->multi_files_on);
287 ws_log(log_domain, log_level, "FileDuration (%u) : %.3f", capture_opts->has_file_duration, capture_opts->file_duration);
288 ws_log(log_domain, log_level, "FileInterval (%u) : %u", capture_opts->has_file_interval, capture_opts->file_interval);
289 ws_log(log_domain, log_level, "FilePackets (%u) : %u", capture_opts->has_file_packets, capture_opts->file_packets);
290 ws_log(log_domain, log_level, "FileNameType : %s", (capture_opts->has_nametimenum) ? "prefix_time_num.suffix" : "prefix_num_time.suffix");
291 ws_log(log_domain, log_level, "RingNumFiles (%u) : %u", capture_opts->has_ring_num_files, capture_opts->ring_num_files);
292 ws_log(log_domain, log_level, "RingPrintFiles (%u) : %s", capture_opts->print_file_names, (capture_opts->print_file_names ? capture_opts->print_name_to : ""));
293
294 ws_log(log_domain, log_level, "AutostopFiles (%u) : %u", capture_opts->has_autostop_files, capture_opts->autostop_files);
295 ws_log(log_domain, log_level, "AutostopPackets (%u) : %u", capture_opts->has_autostop_packets, capture_opts->autostop_packets);
296 ws_log(log_domain, log_level, "AutostopWrittenPackets (%u) : %u", capture_opts->has_autostop_written_packets, capture_opts->autostop_written_packets);
297 ws_log(log_domain, log_level, "AutostopFilesize(%u) : %u (KB)", capture_opts->has_autostop_filesize, capture_opts->autostop_filesize);
298 ws_log(log_domain, log_level, "AutostopDuration(%u) : %.3f", capture_opts->has_autostop_duration, capture_opts->autostop_duration);
299 ws_log(log_domain, log_level, "Temporary Directory : %s", capture_opts->temp_dir && capture_opts->temp_dir[0] ? capture_opts->temp_dir : g_get_tmp_dir());
300 }
301
302 /*
303 * Given a string of the form "<autostop criterion>:<value>", as might appear
304 * as an argument to a "-a" option, parse it and set the criterion in
305 * question. Return an indication of whether it succeeded or failed
306 * in some fashion.
307 */
308 static bool
309 set_autostop_criterion(capture_options *capture_opts, const char *autostoparg)
310 {
311 char *p, *colonp;
312
313 colonp = strchr(autostoparg, ':');
314 if (colonp == NULL)
315 return false;
316
317 p = colonp;
318 *p++ = '\0';
319
320 /*
321 * Skip over any white space (there probably won't be any, but
322 * as we allow it in the preferences file, we might as well
323 * allow it here).
324 */
325 while (g_ascii_isspace(*p))
326 p++;
327 if (*p == '\0') {
328 /*
329 * Put the colon back, so if our caller uses, in an
330 * error message, the string they passed us, the message
331 * looks correct.
332 */
333 *colonp = ':';
334 return false;
335 }
336 if (strcmp(autostoparg,"duration") == 0) {
337 capture_opts->has_autostop_duration = true;
338 capture_opts->autostop_duration = get_positive_double(p,"autostop duration");
339 } else if (strcmp(autostoparg,"filesize") == 0) {
340 capture_opts->has_autostop_filesize = true;
341 capture_opts->autostop_filesize = get_nonzero_uint32(p,"autostop filesize");
342 } else if (strcmp(autostoparg,"files") == 0) {
343 capture_opts->multi_files_on = true;
344 capture_opts->has_autostop_files = true;
345 capture_opts->autostop_files = get_positive_int(p,"autostop files");
346 } else if (strcmp(autostoparg,"packets") == 0) {
347 capture_opts->has_autostop_written_packets = true;
348 capture_opts->autostop_written_packets = get_positive_int(p,"packet write count");
349 } else if (strcmp(autostoparg,"events") == 0) {
350 capture_opts->has_autostop_written_packets = true;
351 capture_opts->autostop_written_packets = get_positive_int(p,"event write count");
352 } else {
353 return false;
354 }
355 *colonp = ':'; /* put the colon back */
356 return true;
357 }
358
359 static bool get_filter_arguments(capture_options* capture_opts, const char* arg)
360 {
361 char* colonp = NULL;
362 char* val;
363 char* filter_exp = NULL;
364
365 /* In capture child mode, any named filter given by "predef:<name>" should
366 already have been replaced with the filter text by the calling program. */
367 if (!capture_opts->capture_child) {
368 colonp = strchr(arg, ':');
369 if (colonp) {
370 val = colonp;
371 *val = '\0';
372 val++;
373 if (strcmp(arg, "predef") == 0) {
374 GList* filterItem;
375
376 if (capture_opts->capture_filters_list == NULL)
377 capture_opts->capture_filters_list = ws_filter_list_read(CFILTER_LIST);
378 filterItem = capture_opts->capture_filters_list->list;
379 while (filterItem != NULL) {
380 filter_def* filterDef;
381
382 filterDef = (filter_def*)filterItem->data;
383 if (g_ascii_strcasecmp(val, filterDef->name) == 0) {
384 filter_exp = g_strdup(filterDef->strval);
385 break;
386 }
387 filterItem = filterItem->next;
388 }
389 }
390 }
391 }
392
393 if (filter_exp == NULL) {
394 /* No filter expression found yet; fallback to previous implementation
395 and assume the arg contains a filter expression */
396 if (colonp) {
397 *colonp = ':'; /* restore colon */
398 }
399 filter_exp = g_strdup(arg);
400 }
401
402 if (capture_opts->ifaces->len > 0) {
403 interface_options *interface_opts;
404
405 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
406 g_free(interface_opts->cfilter);
407 interface_opts->cfilter = filter_exp;
408 return true;
409 }
410 else {
411 g_free(capture_opts->default_options.cfilter);
412 capture_opts->default_options.cfilter = filter_exp;
413 return true;
414 }
415 }
416
417 void
418 capture_opts_list_file_types(void) {
419
420 cmdarg_err("The available capture file types for the \"-F\" flag are:\n");
421 cmdarg_err_cont("%s", " pcap - Wireshark/tcpdump/... - pcap");
422 cmdarg_err_cont("%s", " pcapng - Wireshark/... - pcapng");
423 }
424
425 static bool get_file_type_argument(capture_options* capture_opts _U_, const
426 char* arg)
427 {
428 if (strcmp(arg, "pcapng") == 0) {
429 capture_opts->use_pcapng = true;
430 } else if (strcmp(arg, "pcap") == 0) {
431 capture_opts->use_pcapng = false;
432 } else {
433 return false;
434 }
435 return true;
436 }
437
438 /*
439 * Given a string of the form "<ring buffer file>:<duration>", as might appear
440 * as an argument to a "-b" option, parse it and set the arguments in
441 * question. Return an indication of whether it succeeded or failed
442 * in some fashion.
443 */
444 static bool
445 get_ring_arguments(capture_options *capture_opts, const char *arg)
446 {
447 char *p = NULL, *colonp;
448
449 colonp = strchr(arg, ':');
450 if (colonp == NULL)
451 return false;
452
453 p = colonp;
454 *p++ = '\0';
455
456 /*
457 * Skip over any white space (there probably won't be any, but
458 * as we allow it in the preferences file, we might as well
459 * allow it here).
460 */
461 while (g_ascii_isspace(*p))
462 p++;
463 if (*p == '\0') {
464 /*
465 * Put the colon back, so if our caller uses, in an
466 * error message, the string they passed us, the message
467 * looks correct.
468 */
469 *colonp = ':';
470 return false;
471 }
472
473 if (strcmp(arg,"files") == 0) {
474 capture_opts->has_ring_num_files = true;
475 capture_opts->ring_num_files = get_nonzero_uint32(p, "number of ring buffer files");
476 } else if (strcmp(arg,"filesize") == 0) {
477 capture_opts->has_autostop_filesize = true;
478 capture_opts->autostop_filesize = get_nonzero_uint32(p, "ring buffer filesize");
479 } else if (strcmp(arg,"duration") == 0) {
480 capture_opts->has_file_duration = true;
481 capture_opts->file_duration = get_positive_double(p, "ring buffer duration");
482 } else if (strcmp(arg,"interval") == 0) {
483 capture_opts->has_file_interval = true;
484 capture_opts->file_interval = get_positive_int(p, "ring buffer interval");
485 } else if (strcmp(arg,"nametimenum") == 0) {
486 int val = get_positive_int(p, "file name: time before num");
487 capture_opts->has_nametimenum = (val > 1);
488 } else if (strcmp(arg,"packets") == 0) {
489 capture_opts->has_file_packets = true;
490 capture_opts->file_packets = get_positive_int(p, "ring buffer packet count");
491 } else if (strcmp(arg,"printname") == 0) {
492 capture_opts->print_file_names = true;
493 capture_opts->print_name_to = g_strdup(p);
494 }
495 else {
496 return false;
497 }
498 *colonp = ':'; /* put the colon back */
499 return true;
500 }
501
502 #ifdef HAVE_PCAP_SETSAMPLING
503 /*
504 * Given a string of the form "<sampling type>:<value>", as might appear
505 * as an argument to a "-m" option, parse it and set the arguments in
506 * question. Return an indication of whether it succeeded or failed
507 * in some fashion.
508 */
509 static bool
510 get_sampling_arguments(capture_options *capture_opts, const char *arg)
511 {
512 char *p = NULL, *colonp;
513
514 colonp = strchr(arg, ':');
515 if (colonp == NULL)
516 return false;
517
518 p = colonp;
519 *p++ = '\0';
520
521 while (g_ascii_isspace(*p))
522 p++;
523 if (*p == '\0') {
524 *colonp = ':';
525 return false;
526 }
527
528 if (strcmp(arg, "count") == 0) {
529 if (capture_opts->ifaces->len > 0) {
530 interface_options *interface_opts;
531
532 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
533 interface_opts->sampling_method = CAPTURE_SAMP_BY_COUNT;
534 interface_opts->sampling_param = get_positive_int(p, "sampling count");
535 } else {
536 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_COUNT;
537 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling count");
538 }
539 } else if (strcmp(arg, "timer") == 0) {
540 if (capture_opts->ifaces->len > 0) {
541 interface_options *interface_opts;
542
543 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
544 interface_opts->sampling_method = CAPTURE_SAMP_BY_TIMER;
545 interface_opts->sampling_param = get_positive_int(p, "sampling timer");
546 } else {
547 capture_opts->default_options.sampling_method = CAPTURE_SAMP_BY_TIMER;
548 capture_opts->default_options.sampling_param = get_positive_int(p, "sampling timer");
549 }
550 }
551 *colonp = ':';
552 return true;
553 }
554 #endif
555
556 #ifdef HAVE_PCAP_REMOTE
557 /*
558 * Given a string of the form "<username>:<password>", as might appear
559 * as an argument to a "-A" option, parse it and set the arguments in
560 * question. Return an indication of whether it succeeded or failed
561 * in some fashion.
562 */
563 static bool
564 get_auth_arguments(capture_options *capture_opts, const char *arg)
565 {
566 char *p = NULL, *colonp;
567
568 colonp = strchr(arg, ':');
569 if (colonp == NULL)
570 return false;
571
572 p = colonp;
573 *p++ = '\0';
574
575 while (g_ascii_isspace(*p))
576 p++;
577
578 if (capture_opts->ifaces->len > 0) {
579 interface_options *interface_opts;
580
581 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
582 interface_opts->auth_type = CAPTURE_AUTH_PWD;
583 interface_opts->auth_username = g_strdup(arg);
584 interface_opts->auth_password = g_strdup(p);
585 } else {
586 capture_opts->default_options.auth_type = CAPTURE_AUTH_PWD;
587 capture_opts->default_options.auth_username = g_strdup(arg);
588 capture_opts->default_options.auth_password = g_strdup(p);
589 }
590 *colonp = ':';
591 return true;
592 }
593 #endif
594
595 #ifdef _WIN32
596 static char *
597 capture_opts_generate_display_name(const char *friendly_name,
598 const char *name _U_)
599 {
600 /*
601 * Display the friendly name rather than the not-so-friendly
602 * GUID-based interface name.
603 */
604 return g_strdup(friendly_name);
605 }
606 #else
607 static char *
608 capture_opts_generate_display_name(const char *friendly_name,
609 const char *name)
610 {
611 /*
612 * On UN*X, however, users are more used to interface names,
613 * and may find it helpful to see them.
614 */
615 return ws_strdup_printf("%s: %s", friendly_name, name);
616 }
617 #endif
618
619 static void
620 fill_in_interface_opts_defaults(interface_options *interface_opts, const capture_options *capture_opts)
621 {
622
623 interface_opts->cfilter = g_strdup(capture_opts->default_options.cfilter);
624 interface_opts->snaplen = capture_opts->default_options.snaplen;
625 interface_opts->has_snaplen = capture_opts->default_options.has_snaplen;
626 interface_opts->linktype = capture_opts->default_options.linktype;
627 interface_opts->promisc_mode = capture_opts->default_options.promisc_mode;
628 interface_opts->extcap_fifo = g_strdup(capture_opts->default_options.extcap_fifo);
629 interface_opts->extcap_args = NULL;
630 interface_opts->extcap_pid = WS_INVALID_PID;
631 interface_opts->extcap_pipedata = NULL;
632 interface_opts->extcap_stderr = NULL;
633 interface_opts->extcap_stdout_watch = 0;
634 interface_opts->extcap_stderr_watch = 0;
635 #ifdef _WIN32
636 interface_opts->extcap_pipe_h = INVALID_HANDLE_VALUE;
637 interface_opts->extcap_control_in_h = INVALID_HANDLE_VALUE;
638 interface_opts->extcap_control_out_h = INVALID_HANDLE_VALUE;
639 #endif
640 interface_opts->extcap_control_in = g_strdup(capture_opts->default_options.extcap_control_in);
641 interface_opts->extcap_control_out = g_strdup(capture_opts->default_options.extcap_control_out);
642 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
643 interface_opts->buffer_size = capture_opts->default_options.buffer_size;
644 #endif
645 interface_opts->monitor_mode = capture_opts->default_options.monitor_mode;
646 #ifdef HAVE_PCAP_REMOTE
647 interface_opts->src_type = capture_opts->default_options.src_type;
648 interface_opts->remote_host = g_strdup(capture_opts->default_options.remote_host);
649 interface_opts->remote_port = g_strdup(capture_opts->default_options.remote_port);
650 interface_opts->auth_type = capture_opts->default_options.auth_type;
651 interface_opts->auth_username = g_strdup(capture_opts->default_options.auth_username);
652 interface_opts->auth_password = g_strdup(capture_opts->default_options.auth_password);
653 interface_opts->datatx_udp = capture_opts->default_options.datatx_udp;
654 interface_opts->nocap_rpcap = capture_opts->default_options.nocap_rpcap;
655 interface_opts->nocap_local = capture_opts->default_options.nocap_local;
656 #endif
657 #ifdef HAVE_PCAP_SETSAMPLING
658 interface_opts->sampling_method = capture_opts->default_options.sampling_method;
659 interface_opts->sampling_param = capture_opts->default_options.sampling_param;
660 #endif
661 interface_opts->timestamp_type = capture_opts->default_options.timestamp_type;
662 }
663
664 static void
665 fill_in_interface_opts_from_ifinfo(interface_options *interface_opts,
666 const if_info_t *if_info)
667 {
668 interface_opts->name = g_strdup(if_info->name);
669
670 interface_opts->hardware = g_strdup(if_info->vendor_description);
671 /* XXX: ui/capture_ui_utils.c get_interface_descriptive_name()
672 * does several things different in setting descr (and thus
673 * display name):
674 * 1. It checks for a user-supplied description via
675 * capture_dev_user_descr_find(if_info->name), including a
676 * long-standing -X option of "stdin_descr" that dates back to 1.0
677 * 2. If we don't have a friendly name, but do have a vendor
678 * description (set to hardware above), that is used as the
679 * description.
680 *
681 * Perhaps we don't want to introduce a dependency on the prefs
682 * and ex-opts here. We could do 2 here, though.
683 *
684 * Because we always set interface_opts->display_name here, it is
685 * never NULL when get_iface_list_string is called, so that never
686 * calls get_interface_descriptive_name(). (And thus, we never
687 * actually use the vendor description in the display name/descr
688 * as a fallback.)
689 */
690 if (if_info->friendly_name != NULL) {
691 /*
692 * We have a friendly name; remember it as the
693 * description...
694 */
695 interface_opts->descr = g_strdup(if_info->friendly_name);
696 /*
697 * ...and use it in the console display name.
698 */
699 interface_opts->display_name = capture_opts_generate_display_name(if_info->friendly_name, if_info->name);
700 } else {
701 /* fallback to the interface name */
702 interface_opts->descr = NULL;
703 interface_opts->display_name = g_strdup(if_info->name);
704 }
705 interface_opts->ifname = NULL;
706 interface_opts->if_type = if_info->type;
707 interface_opts->extcap = g_strdup(if_info->extcap);
708 }
709
710 static if_info_t*
711 find_ifinfo_by_name(GList *if_list, const char *name)
712 {
713 GList *if_entry;
714 if_info_t *matched_if_info;
715 size_t prefix_length;
716
717 matched_if_info = NULL;
718 if (if_list != NULL) {
719 /*
720 * Try and do an exact match (case insensitive) on the
721 * interface name, the interface description, and the
722 * hardware description.
723 */
724 for (if_entry = g_list_first(if_list); if_entry != NULL;
725 if_entry = g_list_next(if_entry))
726 {
727 if_info_t *if_info = (if_info_t *)if_entry->data;
728
729 /*
730 * Does the specified name match the interface name
731 * with a case-insensitive match?
732 */
733 if (g_ascii_strcasecmp(if_info->name, name) == 0) {
734 /*
735 * Yes.
736 */
737 matched_if_info = if_info;
738 break;
739 }
740
741 /*
742 * Does this interface have a friendly name and, if so,
743 * does the specified name match the friendly name with
744 * a case-insensitive match?
745 */
746 if (if_info->friendly_name != NULL &&
747 g_ascii_strcasecmp(if_info->friendly_name, name) == 0) {
748 /*
749 * Yes.
750 */
751 matched_if_info = if_info;
752 break;
753 }
754
755 #ifdef _WIN32
756 /*
757 * On Windows, we store interface names in preferences as:
758 * friendlyname (name)
759 * Do we have a case-insensitive match for that?
760 */
761 if (if_info->friendly_name != NULL) {
762 GString* combined_name = g_string_new(if_info->friendly_name);
763 g_string_append_printf(combined_name, " (%s)", if_info->name);
764 if (g_ascii_strcasecmp(combined_name->str, name) == 0) {
765 /*
766 * Yes.
767 */
768 matched_if_info = if_info;
769 }
770 g_string_free(combined_name, TRUE);
771 if (matched_if_info != NULL) {
772 break;
773 }
774 }
775 #endif
776 }
777
778 if (matched_if_info == NULL) {
779 /*
780 * We didn't find it; attempt a case-insensitive prefix match
781 * of the friendly name.
782 */
783 prefix_length = strlen(name);
784 for (if_entry = g_list_first(if_list); if_entry != NULL;
785 if_entry = g_list_next(if_entry))
786 {
787 if_info_t *if_info = (if_info_t *)if_entry->data;
788
789 if (if_info->friendly_name != NULL &&
790 g_ascii_strncasecmp(if_info->friendly_name, name, prefix_length) == 0) {
791 /*
792 * We found an interface whose friendly name matches
793 * with a case-insensitive prefix match.
794 */
795 matched_if_info = if_info;
796 break;
797 }
798 }
799 }
800 }
801
802 return matched_if_info;
803 }
804
805 static int
806 capture_opts_add_iface_opt(capture_options *capture_opts, const char *optarg_str_p)
807 {
808 long adapter_index;
809 char *p;
810 GList *if_list;
811 if_info_t *if_info;
812 int err;
813 char *err_str;
814 interface_options interface_opts;
815
816 /*
817 * If the argument is a number, treat it as an index into the list
818 * of adapters, as printed by "tshark -D".
819 *
820 * This should be OK on UN*X systems, as interfaces shouldn't have
821 * names that begin with digits. It can be useful on Windows, where
822 * more than one interface can have the same name.
823 *
824 * XXX - "shouldn't have names that begin with digits" is not true
825 * on Linux; see
826 *
827 * https://github.com/the-tcpdump-group/tcpdump/issues/522
828 *
829 * tcpdump handles that by trying to open the device by name and,
830 * if that fails *and* the name is a syntactically valid number
831 * (optional sign, followed by decimal digits), reports an error
832 * if it's not a valid interface index, and otherwise uses it as
833 * an interface index.
834 */
835 adapter_index = strtol(optarg_str_p, &p, 10);
836 if (p != NULL && *p == '\0') {
837 if (adapter_index < 0) {
838 cmdarg_err("The specified adapter index is a negative number");
839 return 1;
840 }
841 if (adapter_index > INT_MAX) {
842 cmdarg_err("The specified adapter index is too large (greater than %d)",
843 INT_MAX);
844 return 1;
845 }
846 if (adapter_index == 0) {
847 cmdarg_err("There is no interface with that adapter index");
848 return 1;
849 }
850 if_list = capture_opts->get_iface_list(&err, &err_str);
851 if (if_list == NULL) {
852 if (err == 0)
853 cmdarg_err("There are no interfaces on which a capture can be done");
854 else {
855 cmdarg_err("%s", err_str);
856 g_free(err_str);
857 }
858 return 2;
859 }
860 if_info = (if_info_t *)g_list_nth_data(if_list, (int)(adapter_index - 1));
861 if (if_info == NULL) {
862 cmdarg_err("There is no interface with that adapter index");
863 free_interface_list(if_list);
864 return 1;
865 }
866 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
867 free_interface_list(if_list);
868 } else if (capture_opts->capture_child) {
869 /*
870 * In Wireshark capture child mode, so the exact interface name
871 * is supplied, and we don't need to look it up.
872 */
873 if_info = if_info_get(optarg_str_p);
874 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
875 if_info_free(if_info);
876 } else if (g_strcmp0(optarg_str_p, "-") == 0) {
877 /*
878 * Standard input. Don't bother to retrieve the interface_list;
879 * assume that there isn't a device named "-". (Retrieving the
880 * interface list involves spawning a privileged dumpcap process.)
881 */
882 interface_opts.name = g_strdup(optarg_str_p);
883 interface_opts.descr = g_strdup("Standard input");
884 interface_opts.hardware = NULL;
885 interface_opts.display_name = g_strdup(interface_opts.descr);
886 interface_opts.ifname = NULL;
887 interface_opts.if_type = IF_STDIN;
888 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
889 #ifdef _WIN32
890 } else if (win32_is_pipe_name(optarg_str_p)) {
891 /*
892 * Special named pipe name on Windows.
893 * https://learn.microsoft.com/en-us/windows/win32/ipc/pipe-names
894 * Don't bother retrieving the interface list.
895 */
896 interface_opts.name = g_strdup(optarg_str_p);
897 interface_opts.descr = NULL;
898 interface_opts.hardware = NULL;
899 interface_opts.display_name = g_strdup(optarg_str_p);
900 interface_opts.ifname = NULL;
901 interface_opts.if_type = IF_PIPE;
902 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
903 #endif
904 } else {
905 /*
906 * Search for that name in the interface list and, if we found
907 * it, fill in fields in the interface_opts structure.
908 *
909 * XXX - if we can't get the interface list, we don't report
910 * an error, as, on Windows, that might be due to WinPcap or
911 * Npcap not being installed, but the specified "interface"
912 * might be the standard input ("-") or a pipe, and dumpcap
913 * should support capturing from the standard input or from
914 * a pipe even if there's no capture support from *pcap.
915 *
916 * Perhaps doing something similar to what was suggested
917 * for numerical interfaces should be done.
918 *
919 * XXX: If we ever save pipe settings permanently, it should be
920 * capture_interface_list that tries to check saved pipes (or
921 * extcaps), possibly before retrieving the list.
922 */
923 if_list = capture_opts->get_iface_list(&err, &err_str);
924 if_info = find_ifinfo_by_name(if_list, optarg_str_p);
925 if (if_info != NULL) {
926 /*
927 * We found the interface in the list; fill in the
928 * interface_opts structure from its if_info.
929 */
930 fill_in_interface_opts_from_ifinfo(&interface_opts, if_info);
931 } else {
932 /*
933 * We didn't find the interface in the list; just use
934 * the specified name, so that, for example, if an
935 * interface doesn't show up in the list for some
936 * reason, the user can try specifying it explicitly
937 * for testing purposes.
938 */
939 interface_opts.name = g_strdup(optarg_str_p);
940 interface_opts.descr = NULL;
941 interface_opts.hardware = NULL;
942 interface_opts.display_name = g_strdup(optarg_str_p);
943 interface_opts.ifname = NULL;
944 interface_opts.if_type = capture_opts->default_options.if_type;
945 interface_opts.extcap = g_strdup(capture_opts->default_options.extcap);
946 }
947 free_interface_list(if_list);
948 }
949
950 fill_in_interface_opts_defaults(&interface_opts, capture_opts);
951
952 g_array_append_val(capture_opts->ifaces, interface_opts);
953
954 return 0;
955 }
956
957
958 int
959 capture_opts_add_opt(capture_options *capture_opts, int opt, const char *optarg_str_p)
960 {
961 int status, snaplen;
962 ws_statb64 fstat;
963
964 switch(opt) {
965 case 'a': /* autostop criteria */
966 if (set_autostop_criterion(capture_opts, optarg_str_p) == false) {
967 cmdarg_err("Invalid or unknown -a flag \"%s\"", optarg_str_p);
968 return 1;
969 }
970 break;
971 #ifdef HAVE_PCAP_REMOTE
972 case 'A':
973 if (get_auth_arguments(capture_opts, optarg_str_p) == false) {
974 cmdarg_err("Invalid or unknown -A arg \"%s\"", optarg_str_p);
975 return 1;
976 }
977 break;
978 #endif
979 case 'b': /* Ringbuffer option */
980 capture_opts->multi_files_on = true;
981 if (get_ring_arguments(capture_opts, optarg_str_p) == false) {
982 cmdarg_err("Invalid or unknown -b arg \"%s\"", optarg_str_p);
983 return 1;
984 }
985 break;
986 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
987 case 'B': /* Buffer size */
988 if (capture_opts->ifaces->len > 0) {
989 interface_options *interface_opts;
990
991 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
992 interface_opts->buffer_size = get_positive_int(optarg_str_p, "buffer size");
993 } else {
994 capture_opts->default_options.buffer_size = get_positive_int(optarg_str_p, "buffer size");
995 }
996 break;
997 #endif
998 case 'c': /* Capture n packets */
999 /* XXX Use set_autostop_criterion instead? */
1000 capture_opts->has_autostop_packets = true;
1001 capture_opts->autostop_packets = get_positive_int(optarg_str_p, "packet count");
1002 break;
1003 case 'f': /* capture filter */
1004 get_filter_arguments(capture_opts, optarg_str_p);
1005 break;
1006 case 'F': /* capture file type */
1007 if (get_file_type_argument(capture_opts, optarg_str_p) == false) {
1008 capture_opts_list_file_types();
1009 return 1;
1010 }
1011 break;
1012 case 'g': /* enable group read access on the capture file(s) */
1013 capture_opts->group_read_access = true;
1014 break;
1015 case 'H': /* Hide capture info dialog box */
1016 capture_opts->show_info = false;
1017 break;
1018 case LONGOPT_SET_TSTAMP_TYPE: /* Set capture time stamp type */
1019 if (capture_opts->ifaces->len > 0) {
1020 interface_options *interface_opts;
1021
1022 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1023 g_free(interface_opts->timestamp_type);
1024 interface_opts->timestamp_type = g_strdup(optarg_str_p);
1025 } else {
1026 g_free(capture_opts->default_options.timestamp_type);
1027 capture_opts->default_options.timestamp_type = g_strdup(optarg_str_p);
1028 }
1029 break;
1030 case 'i': /* Use interface x */
1031 status = capture_opts_add_iface_opt(capture_opts, optarg_str_p);
1032 if (status != 0) {
1033 return status;
1034 }
1035 break;
1036 #ifdef HAVE_PCAP_CREATE
1037 case 'I': /* Capture in monitor mode */
1038 if (capture_opts->ifaces->len > 0) {
1039 interface_options *interface_opts;
1040
1041 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1042 interface_opts->monitor_mode = true;
1043 } else {
1044 capture_opts->default_options.monitor_mode = true;
1045 }
1046 break;
1047 #endif
1048 case 'l': /* tshark "Line-buffer" standard output */
1049 capture_opts->update_interval = 0;
1050 /* Wireshark uses 'l' for Automatic scrolling in live capture mode,
1051 * but ui/commandline.c should not and does not call this function
1052 * for 'l'.
1053 */
1054 break;
1055 #ifdef HAVE_PCAP_SETSAMPLING
1056 case 'm':
1057 if (get_sampling_arguments(capture_opts, optarg_str_p) == false) {
1058 cmdarg_err("Invalid or unknown -m arg \"%s\"", optarg_str_p);
1059 return 1;
1060 }
1061 break;
1062 #endif
1063 case 'n': /* Use pcapng format */
1064 cmdarg_err("'-n' is deprecated; use '-F pcapng' to set the output format to pcapng.");
1065 capture_opts->use_pcapng = true;
1066 break;
1067 case 'p': /* Don't capture in promiscuous mode */
1068 if (capture_opts->ifaces->len > 0) {
1069 interface_options *interface_opts;
1070
1071 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1072 interface_opts->promisc_mode = false;
1073 } else {
1074 capture_opts->default_options.promisc_mode = false;
1075 }
1076 break;
1077 case 'P': /* Use pcap format */
1078 cmdarg_err("'-P' is deprecated; use '-F pcap' to set the output format to pcap.");
1079 capture_opts->use_pcapng = false;
1080 break;
1081 #ifdef HAVE_PCAP_REMOTE
1082 case 'r':
1083 if (capture_opts->ifaces->len > 0) {
1084 interface_options *interface_opts;
1085
1086 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1087 interface_opts->nocap_rpcap = false;
1088 } else {
1089 capture_opts->default_options.nocap_rpcap = false;
1090 }
1091 break;
1092 #endif
1093 case 's': /* Set the snapshot (capture) length */
1094 snaplen = get_natural_int(optarg_str_p, "snapshot length");
1095 /*
1096 * Make a snapshot length of 0 equivalent to the maximum packet
1097 * length, mirroring what tcpdump does.
1098 */
1099 if (snaplen == 0)
1100 snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1101 if (capture_opts->ifaces->len > 0) {
1102 interface_options *interface_opts;
1103
1104 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1105 interface_opts->has_snaplen = true;
1106 interface_opts->snaplen = snaplen;
1107 } else {
1108 capture_opts->default_options.snaplen = snaplen;
1109 capture_opts->default_options.has_snaplen = true;
1110 }
1111 break;
1112 case 'S': /* "Real-Time" mode: used for following file ala tail -f */
1113 capture_opts->real_time_mode = true;
1114 break;
1115 #ifdef HAVE_PCAP_REMOTE
1116 case 'u':
1117 if (capture_opts->ifaces->len > 0) {
1118 interface_options *interface_opts;
1119
1120 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1121 interface_opts->datatx_udp = true;
1122 } else {
1123 capture_opts->default_options.datatx_udp = true;
1124 }
1125 break;
1126 #endif
1127 case 'w': /* Write to capture file x */
1128 capture_opts->saving_to_file = true;
1129 g_free(capture_opts->save_file);
1130 capture_opts->save_file = g_strdup(optarg_str_p);
1131 capture_opts->orig_save_file = g_strdup(optarg_str_p);
1132 status = capture_opts_output_to_pipe(capture_opts->save_file, &capture_opts->output_to_pipe);
1133 return status;
1134 case 'y': /* Set the pcap data link type */
1135 if (capture_opts->ifaces->len > 0) {
1136 interface_options *interface_opts;
1137
1138 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, capture_opts->ifaces->len - 1);
1139 interface_opts->linktype = linktype_name_to_val(optarg_str_p);
1140 if (interface_opts->linktype == -1) {
1141 cmdarg_err("The specified data link type \"%s\" isn't valid",
1142 optarg_str_p);
1143 return 1;
1144 }
1145 } else {
1146 capture_opts->default_options.linktype = linktype_name_to_val(optarg_str_p);
1147 if (capture_opts->default_options.linktype == -1) {
1148 cmdarg_err("The specified data link type \"%s\" isn't valid",
1149 optarg_str_p);
1150 return 1;
1151 }
1152 }
1153 break;
1154 case LONGOPT_COMPRESS_TYPE: /* compress type */
1155 if (capture_opts->compress_type) {
1156 cmdarg_err("--compress-type can be set only once");
1157 return 1;
1158 }
1159 if (strcmp(optarg_str_p, "none") == 0) {
1160 ;
1161 } else if (strcmp(optarg_str_p, "gzip") == 0) {
1162 #if defined (HAVE_ZLIB) || defined (HAVE_ZLIBNG)
1163 ;
1164 #else
1165 cmdarg_err("'gzip' compression is not supported");
1166 return 1;
1167 #endif
1168 } else {
1169 #if defined (HAVE_ZLIB) || defined (HAVE_ZLIBNG)
1170 cmdarg_err("parameter of --compress-type can be 'none' or 'gzip'");
1171 #else
1172 cmdarg_err("parameter of --compress-type can only be 'none'");
1173 #endif
1174 return 1;
1175 }
1176 capture_opts->compress_type = g_strdup(optarg_str_p);
1177 break;
1178 case LONGOPT_CAPTURE_TMPDIR: /* capture temporary directory */
1179 if (capture_opts->temp_dir) {
1180 cmdarg_err("--temp-dir can be set only once");
1181 return 1;
1182 }
1183 if (ws_stat64(optarg_str_p, &fstat) < 0) {
1184 cmdarg_err("Can't set temporary directory %s: %s",
1185 optarg_str_p, g_strerror(errno));
1186 return 1;
1187 }
1188 if (!S_ISDIR(fstat.st_mode)) {
1189 cmdarg_err("Can't set temporary directory %s: not a directory",
1190 optarg_str_p);
1191 return 1;
1192 }
1193 #ifdef S_IRWXU
1194 if ((fstat.st_mode & S_IRWXU) != S_IRWXU) {
1195 cmdarg_err("Can't set temporary directory %s: not a writable directory",
1196 optarg_str_p);
1197 return 1;
1198 }
1199 #endif /* S_IRWXU */
1200 capture_opts->temp_dir = g_strdup(optarg_str_p);
1201 break;
1202 case LONGOPT_UPDATE_INTERVAL: /* capture update interval */
1203 capture_opts->update_interval = get_natural_int(optarg_str_p, "update interval");
1204 break;
1205 default:
1206 /* the caller is responsible to send us only the right opt's */
1207 ws_assert_not_reached();
1208 }
1209
1210 return 0;
1211 }
1212
1213 int
1214 capture_opts_print_if_capabilities(if_capabilities_t *caps,
1215 const interface_options *interface_opts,
1216 int queries)
1217 {
1218 GList *lt_entry, *ts_entry;
1219
1220 if (caps->primary_msg) {
1221 cmdarg_err("The capabilities of the capture device "
1222 "\"%s\" could not be obtained (%s).%s%s",
1223 interface_opts->name, caps->primary_msg,
1224 caps->secondary_msg ? "\n" : "",
1225 caps->secondary_msg ? caps->secondary_msg : "");
1226 return WS_EXIT_INVALID_CAPABILITY;
1227 }
1228
1229 if (queries & CAPS_QUERY_LINK_TYPES) {
1230 if (interface_opts->monitor_mode && caps->can_set_rfmon) {
1231 lt_entry = caps->data_link_types_rfmon;
1232 } else {
1233 lt_entry = caps->data_link_types;
1234 }
1235 if (lt_entry == NULL) {
1236 cmdarg_err("The capture device \"%s\" has no data link types.",
1237 interface_opts->name);
1238 return WS_EXIT_IFACE_HAS_NO_LINK_TYPES;
1239 }
1240 if (caps->can_set_rfmon)
1241 printf("Data link types of interface %s when %sin monitor mode (use option -y to set):\n",
1242 interface_opts->name,
1243 (interface_opts->monitor_mode) ? "" : "not ");
1244 else
1245 printf("Data link types of interface %s (use option -y to set):\n",
1246 interface_opts->name);
1247 for (; lt_entry != NULL;
1248 lt_entry = g_list_next(lt_entry)) {
1249 data_link_info_t *data_link_info = (data_link_info_t *)lt_entry->data;
1250 printf(" %s", data_link_info->name);
1251 if (data_link_info->description != NULL)
1252 printf(" (%s)", data_link_info->description);
1253 else
1254 printf(" (not supported)");
1255 printf("\n");
1256 }
1257 }
1258
1259 if (queries & CAPS_QUERY_TIMESTAMP_TYPES) {
1260 if (caps->timestamp_types == NULL) {
1261 cmdarg_err("The capture device \"%s\" has no timestamp types.",
1262 interface_opts->name);
1263 return WS_EXIT_IFACE_HAS_NO_TIMESTAMP_TYPES;
1264 }
1265 printf("Timestamp types of the interface (use option --time-stamp-type to set):\n");
1266 for (ts_entry = caps->timestamp_types; ts_entry != NULL;
1267 ts_entry = g_list_next(ts_entry)) {
1268 timestamp_info_t *timestamp = (timestamp_info_t *)ts_entry->data;
1269 printf(" %s", timestamp->name);
1270 if (timestamp->description != NULL)
1271 printf(" (%s)", timestamp->description);
1272 else
1273 printf(" (none)");
1274 printf("\n");
1275 }
1276 }
1277 return EXIT_SUCCESS;
1278 }
1279
1280 /* Print an ASCII-formatted list of interfaces. */
1281 void
1282 capture_opts_print_interfaces(GList *if_list)
1283 {
1284 int i;
1285 GList *if_entry;
1286 if_info_t *if_info;
1287
1288 i = 1; /* Interface id number */
1289 for (if_entry = g_list_first(if_list); if_entry != NULL;
1290 if_entry = g_list_next(if_entry)) {
1291 if_info = (if_info_t *)if_entry->data;
1292 printf("%d. %s", i++, if_info->name);
1293
1294 /* Print the interface friendly name, if it exists;
1295 if not, fall back to the vendor description, if it exists. */
1296 if (if_info->friendly_name != NULL){
1297 printf(" (%s)", if_info->friendly_name);
1298 } else {
1299 if (if_info->vendor_description != NULL)
1300 printf(" (%s)", if_info->vendor_description);
1301 }
1302 printf("\n");
1303 }
1304 }
1305
1306
1307 void
1308 capture_opts_trim_snaplen(capture_options *capture_opts, int snaplen_min)
1309 {
1310 unsigned i;
1311 interface_options *interface_opts;
1312
1313 if (capture_opts->ifaces->len > 0) {
1314 for (i = 0; i < capture_opts->ifaces->len; i++) {
1315 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, 0);
1316 if (interface_opts->snaplen < 1)
1317 interface_opts->snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1318 else if (interface_opts->snaplen < snaplen_min)
1319 interface_opts->snaplen = snaplen_min;
1320 }
1321 } else {
1322 if (capture_opts->default_options.snaplen < 1)
1323 capture_opts->default_options.snaplen = WTAP_MAX_PACKET_SIZE_STANDARD;
1324 else if (capture_opts->default_options.snaplen < snaplen_min)
1325 capture_opts->default_options.snaplen = snaplen_min;
1326 }
1327 }
1328
1329
1330 void
1331 capture_opts_trim_ring_num_files(capture_options *capture_opts)
1332 {
1333 /* Check the value range of the ring_num_files parameter */
1334 if (capture_opts->ring_num_files > RINGBUFFER_MAX_NUM_FILES) {
1335 cmdarg_err("Too many ring buffer files (%u). Reducing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MAX_NUM_FILES);
1336 capture_opts->ring_num_files = RINGBUFFER_MAX_NUM_FILES;
1337 } else if (capture_opts->ring_num_files > RINGBUFFER_WARN_NUM_FILES) {
1338 cmdarg_err("%u is a lot of ring buffer files.\n", capture_opts->ring_num_files);
1339 }
1340 #if RINGBUFFER_MIN_NUM_FILES > 0
1341 else if (capture_opts->ring_num_files < RINGBUFFER_MIN_NUM_FILES) {
1342 cmdarg_err("Too few ring buffer files (%u). Increasing to %u.\n", capture_opts->ring_num_files, RINGBUFFER_MIN_NUM_FILES);
1343 capture_opts->ring_num_files = RINGBUFFER_MIN_NUM_FILES;
1344 }
1345 #endif
1346 }
1347
1348 /*
1349 * If no interface was specified explicitly, pick a default.
1350 */
1351 int
1352 capture_opts_default_iface_if_necessary(capture_options *capture_opts,
1353 const char *capture_device)
1354 {
1355 int status;
1356
1357 /* Did the user specify an interface to use? */
1358 if (capture_opts->num_selected != 0 || capture_opts->ifaces->len != 0) {
1359 /* yes they did, return immediately - nothing further to do here */
1360 return 0;
1361 }
1362
1363 /* No - is a default specified in the preferences file? */
1364 if (capture_device != NULL) {
1365 /* Yes - use it. */
1366 status = capture_opts_add_iface_opt(capture_opts, capture_device);
1367 return status;
1368 }
1369 /* No default in preferences file, just pick the first interface from the list of interfaces. */
1370 return capture_opts_add_iface_opt(capture_opts, "1");
1371 }
1372
1373 #ifndef S_IFIFO
1374 #define S_IFIFO _S_IFIFO
1375 #endif
1376 #ifndef S_ISFIFO
1377 #define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO)
1378 #endif
1379
1380 /* copied from filesystem.c */
1381 static int
1382 capture_opts_test_for_fifo(const char *path)
1383 {
1384 ws_statb64 statb;
1385
1386 if (ws_stat64(path, &statb) < 0)
1387 return errno;
1388
1389 if (S_ISFIFO(statb.st_mode))
1390 return ESPIPE;
1391 else
1392 return 0;
1393 }
1394
1395 static bool
1396 capture_opts_output_to_pipe(const char *save_file, bool *is_pipe)
1397 {
1398 int err;
1399
1400 *is_pipe = false;
1401
1402 if (save_file != NULL) {
1403 /* We're writing to a capture file. */
1404 if (strcmp(save_file, "-") == 0) {
1405 /* Writing to stdout. */
1406 /* XXX - should we check whether it's a pipe? It's arguably
1407 silly to do "-w - >output_file" rather than "-w output_file",
1408 but by not checking we might be violating the Principle Of
1409 Least Astonishment. */
1410 *is_pipe = true;
1411 } else {
1412 /* not writing to stdout, test for a FIFO (aka named pipe) */
1413 err = capture_opts_test_for_fifo(save_file);
1414 switch (err) {
1415
1416 case ENOENT: /* it doesn't exist, so we'll be creating it,
1417 and it won't be a FIFO */
1418 case 0: /* found it, but it's not a FIFO */
1419 break;
1420
1421 case ESPIPE: /* it is a FIFO */
1422 *is_pipe = true;
1423 break;
1424
1425 default: /* couldn't stat it */
1426 break; /* ignore: later attempt to open */
1427 /* will generate a nice msg */
1428 }
1429 }
1430 }
1431
1432 return 0;
1433 }
1434
1435 void
1436 interface_opts_free(interface_options *interface_opts)
1437 {
1438 if (interface_opts == NULL)
1439 return;
1440
1441 g_free(interface_opts->name);
1442 g_free(interface_opts->descr);
1443 g_free(interface_opts->hardware);
1444 g_free(interface_opts->display_name);
1445 g_free(interface_opts->ifname);
1446 g_free(interface_opts->cfilter);
1447 g_free(interface_opts->timestamp_type);
1448 g_free(interface_opts->extcap);
1449 g_free(interface_opts->extcap_fifo);
1450 if (interface_opts->extcap_args)
1451 g_hash_table_unref(interface_opts->extcap_args);
1452 if (interface_opts->extcap_pid != WS_INVALID_PID)
1453 ws_warning("Extcap still running during interface delete");
1454 g_free(interface_opts->extcap_pipedata);
1455 if (interface_opts->extcap_stderr)
1456 g_string_free(interface_opts->extcap_stderr, TRUE);
1457 g_free(interface_opts->extcap_control_in);
1458 g_free(interface_opts->extcap_control_out);
1459 #ifdef HAVE_PCAP_REMOTE
1460 if (interface_opts->src_type == CAPTURE_IFREMOTE) {
1461 g_free(interface_opts->remote_host);
1462 g_free(interface_opts->remote_port);
1463 g_free(interface_opts->auth_username);
1464 g_free(interface_opts->auth_password);
1465 }
1466 #endif
1467 }
1468
1469 void
1470 capture_opts_del_iface(capture_options *capture_opts, unsigned if_index)
1471 {
1472 interface_options *interface_opts;
1473
1474 interface_opts = &g_array_index(capture_opts->ifaces, interface_options, if_index);
1475 /* XXX - check if found? */
1476 interface_opts_free(interface_opts);
1477
1478 capture_opts->ifaces = g_array_remove_index(capture_opts->ifaces, if_index);
1479 }
1480
1481 interface_options*
1482 interface_opts_from_if_info(capture_options *capture_opts, const if_info_t *if_info)
1483 {
1484 interface_options *interface_opts = g_new(interface_options, 1);
1485
1486 fill_in_interface_opts_from_ifinfo(interface_opts, if_info);
1487 fill_in_interface_opts_defaults(interface_opts, capture_opts);
1488
1489 return interface_opts;
1490 }
1491
1492 /*
1493 * Add all non-hidden selected interfaces in the "all interfaces" list
1494 * to the list of interfaces for the capture.
1495 */
1496 void
1497 collect_ifaces(capture_options *capture_opts)
1498 {
1499 unsigned i;
1500 interface_t *device;
1501 interface_options interface_opts;
1502
1503 /* Empty out the existing list of interfaces. */
1504 for (i = capture_opts->ifaces->len; i != 0; i--)
1505 capture_opts_del_iface(capture_opts, i-1);
1506
1507 /* Now fill the list up again. */
1508 for (i = 0; i < capture_opts->all_ifaces->len; i++) {
1509 device = &g_array_index(capture_opts->all_ifaces, interface_t, i);
1510 if (device->selected) {
1511 interface_opts.name = g_strdup(device->name);
1512 interface_opts.descr = g_strdup(device->if_info.friendly_name);
1513 interface_opts.ifname = NULL;
1514 interface_opts.hardware = g_strdup(device->if_info.vendor_description);
1515 interface_opts.display_name = g_strdup(device->display_name);
1516 interface_opts.linktype = device->active_dlt;
1517 interface_opts.cfilter = g_strdup(device->cfilter);
1518 interface_opts.timestamp_type = g_strdup(device->timestamp_type);
1519 interface_opts.snaplen = device->snaplen;
1520 interface_opts.has_snaplen = device->has_snaplen;
1521 interface_opts.promisc_mode = device->pmode;
1522 interface_opts.if_type = device->if_info.type;
1523 interface_opts.extcap = g_strdup(device->if_info.extcap);
1524 interface_opts.extcap_fifo = NULL;
1525 interface_opts.extcap_pipedata = NULL;
1526 interface_opts.extcap_args = device->external_cap_args_settings;
1527 interface_opts.extcap_pid = WS_INVALID_PID;
1528 if (interface_opts.extcap_args)
1529 g_hash_table_ref(interface_opts.extcap_args);
1530 interface_opts.extcap_pipedata = NULL;
1531 interface_opts.extcap_stderr = NULL;
1532 #ifdef _WIN32
1533 interface_opts.extcap_pipe_h = INVALID_HANDLE_VALUE;
1534 interface_opts.extcap_control_in_h = INVALID_HANDLE_VALUE;
1535 interface_opts.extcap_control_out_h = INVALID_HANDLE_VALUE;
1536 #endif
1537 interface_opts.extcap_control_in = NULL;
1538 interface_opts.extcap_control_out = NULL;
1539 #ifdef CAN_SET_CAPTURE_BUFFER_SIZE
1540 interface_opts.buffer_size = device->buffer;
1541 #endif
1542 #ifdef HAVE_PCAP_CREATE
1543 interface_opts.monitor_mode = device->monitor_mode_enabled;
1544 #endif
1545 #ifdef HAVE_PCAP_REMOTE
1546 interface_opts.src_type = CAPTURE_IFREMOTE;
1547 interface_opts.remote_host = g_strdup(device->remote_opts.remote_host_opts.remote_host);
1548 interface_opts.remote_port = g_strdup(device->remote_opts.remote_host_opts.remote_port);
1549 interface_opts.auth_type = device->remote_opts.remote_host_opts.auth_type;
1550 interface_opts.auth_username = g_strdup(device->remote_opts.remote_host_opts.auth_username);
1551 interface_opts.auth_password = g_strdup(device->remote_opts.remote_host_opts.auth_password);
1552 interface_opts.datatx_udp = device->remote_opts.remote_host_opts.datatx_udp;
1553 interface_opts.nocap_rpcap = device->remote_opts.remote_host_opts.nocap_rpcap;
1554 interface_opts.nocap_local = device->remote_opts.remote_host_opts.nocap_local;
1555 #endif
1556 #ifdef HAVE_PCAP_SETSAMPLING
1557 interface_opts.sampling_method = device->remote_opts.sampling_method;
1558 interface_opts.sampling_param = device->remote_opts.sampling_param;
1559 #endif
1560 g_array_append_val(capture_opts->ifaces, interface_opts);
1561 } else {
1562 continue;
1563 }
1564 }
1565 }
1566
1567 void
1568 capture_opts_free_link_row(void *elem)
1569 {
1570 link_row* e = (link_row*)elem;
1571 if (e != NULL)
1572 g_free(e->name);
1573 g_free(elem);
1574 }
1575
1576 void
1577 capture_opts_free_interface_t(interface_t *device)
1578 {
1579 if (device != NULL) {
1580 g_free(device->name);
1581 g_free(device->display_name);
1582 g_free(device->addresses);
1583 g_free(device->cfilter);
1584 g_free(device->timestamp_type);
1585 g_list_free_full(device->links, capture_opts_free_link_row);
1586 #ifdef HAVE_PCAP_REMOTE
1587 g_free(device->remote_opts.remote_host_opts.remote_host);
1588 g_free(device->remote_opts.remote_host_opts.remote_port);
1589 g_free(device->remote_opts.remote_host_opts.auth_username);
1590 g_free(device->remote_opts.remote_host_opts.auth_password);
1591 #endif
1592 g_free(device->if_info.name);
1593 g_free(device->if_info.friendly_name);
1594 g_free(device->if_info.vendor_description);
1595 g_slist_free_full(device->if_info.addrs, g_free);
1596 g_free(device->if_info.extcap);
1597 if (device->if_info.caps) {
1598 free_if_capabilities(device->if_info.caps);
1599 }
1600 if (device->external_cap_args_settings) {
1601 g_hash_table_unref(device->external_cap_args_settings);
1602 }
1603 }
1604 }
1605
1606 #endif /* HAVE_LIBPCAP */
1607
1608 /*
1609 * Editor modelines - https://www.wireshark.org/tools/modelines.html
1610 *
1611 * Local variables:
1612 * c-basic-offset: 4
1613 * tab-width: 8
1614 * indent-tabs-mode: nil
1615 * End:
1616 *
1617 * vi: set shiftwidth=4 tabstop=8 expandtab:
1618 * :indentSize=4:tabSize=8:noTabs=true:
1619 */
Metzes wireshark repo