summary.c

   1 /* summary.c
   2  * Routines for capture file summary info
   3  *
   4  * $Id$
   5  *
   6  * Wireshark - Network traffic analyzer
   7  * By Gerald Combs <gerald@wireshark.org>
   8  * Copyright 1998 Gerald Combs
   9  *
  10  * This program is free software; you can redistribute it and/or
  11  * modify it under the terms of the GNU General Public License
  12  * as published by the Free Software Foundation; either version 2
  13  * of the License, or (at your option) any later version.
  14  *
  15  * This program is distributed in the hope that it will be useful,
  16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  * GNU General Public License for more details.
  19  *
  20  * You should have received a copy of the GNU General Public License
  21  * along with this program; if not, write to the Free Software
  22  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  23  */
  24
  25 #include "config.h"
  26
  27 #include <wiretap/pcap-encap.h>
  28
  29 #include <epan/packet.h>
  30 #include "cfile.h"
  31 #include "summary.h"
  32 #ifdef HAVE_LIBPCAP
  33 #include "capture_ui_utils.h"
  34 #endif
  35
  36
  37 static void
  38 tally_frame_data(frame_data *cur_frame, summary_tally *sum_tally)
  39 {
  40   double cur_time;
  41
  42   sum_tally->bytes += cur_frame->pkt_len;
  43   if (cur_frame->flags.passed_dfilter){
  44     sum_tally->filtered_count++;
  45     sum_tally->filtered_bytes += cur_frame->pkt_len;
  46   }
  47   if (cur_frame->flags.marked){
  48     sum_tally->marked_count++;
  49     sum_tally->marked_bytes += cur_frame->pkt_len;
  50   }
  51   if (cur_frame->flags.ignored){
  52     sum_tally->ignored_count++;
  53   }
  54
  55   if (cur_frame->flags.has_ts) {
  56     /* This packet has a time stamp. */
  57     cur_time = nstime_to_sec(&cur_frame->abs_ts);
  58
  59     sum_tally->packet_count_ts++;
  60     if (cur_time < sum_tally->start_time) {
  61       sum_tally->start_time = cur_time;
  62     }
  63     if (cur_time > sum_tally->stop_time){
  64       sum_tally->stop_time = cur_time;
  65     }
  66     if (cur_frame->flags.passed_dfilter){
  67       sum_tally->filtered_count_ts++;
  68       /*
  69        * If we've seen one filtered packet, this is the first
  70        * one.
  71        */
  72       if (sum_tally->filtered_count == 1){
  73         sum_tally->filtered_start= cur_time;
  74         sum_tally->filtered_stop = cur_time;
  75       } else {
  76         if (cur_time < sum_tally->filtered_start) {
  77           sum_tally->filtered_start = cur_time;
  78         }
  79         if (cur_time > sum_tally->filtered_stop) {
  80           sum_tally->filtered_stop = cur_time;
  81         }
  82       }
  83     }
  84     if (cur_frame->flags.marked){
  85       sum_tally->marked_count_ts++;
  86       /*
  87        * If we've seen one marked packet, this is the first
  88        * one.
  89        */
  90       if (sum_tally->marked_count == 1){
  91         sum_tally->marked_start= cur_time;
  92         sum_tally->marked_stop = cur_time;
  93       } else {
  94         if (cur_time < sum_tally->marked_start) {
  95           sum_tally->marked_start = cur_time;
  96         }
  97         if (cur_time > sum_tally->marked_stop) {
  98           sum_tally->marked_stop = cur_time;
  99         }
 100       }
 101     }
 102   }
 103 }
 104
 105 void
 106 summary_fill_in(capture_file *cf, summary_tally *st)
 107 {
 108   frame_data    *first_frame, *cur_frame;
 109   guint32        framenum;
 110   wtapng_section_t* shb_inf;
 111   iface_options iface;
 112   guint i;
 113   wtapng_iface_descriptions_t* idb_info;
 114   wtapng_if_descr_t wtapng_if_descr;
 115   wtapng_if_stats_t *if_stats;
 116
 117   st->packet_count_ts = 0;
 118   st->start_time = 0;
 119   st->stop_time = 0;
 120   st->bytes = 0;
 121   st->filtered_count = 0;
 122   st->filtered_count_ts = 0;
 123   st->filtered_start = 0;
 124   st->filtered_stop = 0;
 125   st->filtered_bytes = 0;
 126   st->marked_count = 0;
 127   st->marked_count_ts = 0;
 128   st->marked_start = 0;
 129   st->marked_stop = 0;
 130   st->marked_bytes = 0;
 131   st->ignored_count = 0;
 132
 133   /* initialize the tally */
 134   if (cf->count != 0) {
 135     first_frame = frame_data_sequence_find(cf->frames, 1);
 136     st->start_time = nstime_to_sec(&first_frame->abs_ts);
 137     st->stop_time = nstime_to_sec(&first_frame->abs_ts);
 138
 139     for (framenum = 1; framenum <= cf->count; framenum++) {
 140       cur_frame = frame_data_sequence_find(cf->frames, framenum);
 141       tally_frame_data(cur_frame, st);
 142     }
 143   }
 144
 145   st->filename = cf->filename;
 146   st->file_length = cf->f_datalen;
 147   st->file_type = cf->cd_t;
 148   st->iscompressed = cf->iscompressed;
 149   st->is_tempfile = cf->is_tempfile;
 150   st->file_encap_type = cf->lnk_t;
 151   st->packet_encap_types = cf->linktypes;
 152   st->has_snap = cf->has_snap;
 153   st->snap = cf->snap;
 154   st->elapsed_time = nstime_to_sec(&cf->elapsed_time);
 155   st->packet_count = cf->count;
 156   st->drops_known = cf->drops_known;
 157   st->drops = cf->drops;
 158   st->dfilter = cf->dfilter;
 159
 160   /* Get info from SHB */
 161   shb_inf = wtap_file_get_shb_info(cf->wth);
 162   if(shb_inf == NULL){
 163     st->opt_comment    = NULL;
 164     st->shb_hardware   = NULL;
 165     st->shb_os         = NULL;
 166     st->shb_user_appl  = NULL;
 167   }else{
 168     st->opt_comment    = shb_inf->opt_comment;
 169     st->shb_hardware   = shb_inf->shb_hardware;
 170     st->shb_os         = shb_inf->shb_os;
 171     st->shb_user_appl  = shb_inf->shb_user_appl;
 172     g_free(shb_inf);
 173   }
 174
 175   st->ifaces  = g_array_new(FALSE, FALSE, sizeof(iface_options));
 176   idb_info = wtap_file_get_idb_info(cf->wth);
 177   for (i = 0; i < idb_info->number_of_interfaces; i++) {
 178     wtapng_if_descr = g_array_index(idb_info->interface_data, wtapng_if_descr_t, i);
 179     iface.cfilter = g_strdup(wtapng_if_descr.if_filter_str);
 180     iface.name = g_strdup(wtapng_if_descr.if_name);
 181     iface.descr = g_strdup(wtapng_if_descr.if_description);
 182     iface.drops_known = FALSE;
 183     iface.drops = 0;
 184     iface.snap = wtapng_if_descr.snap_len;
 185     iface.has_snap = (iface.snap != 65535);
 186     iface.encap_type = wtapng_if_descr.wtap_encap;
 187     if(wtapng_if_descr.num_stat_entries == 1){
 188       /* dumpcap only writes one ISB, only handle that for now */
 189       if_stats = &g_array_index(wtapng_if_descr.interface_statistics, wtapng_if_stats_t, 0);
 190       iface.drops_known = TRUE;
 191       iface.drops = if_stats->isb_ifdrop;
 192       iface.isb_comment = if_stats->opt_comment;
 193     }
 194     g_array_append_val(st->ifaces, iface);
 195   }
 196   g_free(idb_info);
 197 }
 198
 199 #ifdef HAVE_LIBPCAP
 200 void
 201 summary_fill_in_capture(capture_file *cf,capture_options *capture_opts, summary_tally *st)
 202 {
 203   iface_options iface;
 204   interface_t device;
 205   guint i;
 206
 207   if (st->ifaces->len == 0) {
 208     /*
 209      * XXX - do this only if we have a live capture.
 210      */
 211     for (i = 0; i < capture_opts->all_ifaces->len; i++) {
 212       device = g_array_index(capture_opts->all_ifaces, interface_t, i);
 213       if (!device.selected) {
 214         continue;
 215       }
 216       iface.cfilter = g_strdup(device.cfilter);
 217       iface.name = g_strdup(device.name);
 218       iface.descr = g_strdup(device.display_name);
 219       iface.drops_known = cf->drops_known;
 220       iface.drops = cf->drops;
 221       iface.has_snap = device.has_snaplen;
 222       iface.snap = device.snaplen;
 223       iface.encap_type = wtap_pcap_encap_to_wtap_encap(device.active_dlt);
 224       g_array_append_val(st->ifaces, iface);
 225     }
 226   }
 227 }
 228 #endif