diff options
author | Dario Lombardo <lomato@gmail.com> | 2016-10-03 12:02:21 +0200 |
---|---|---|
committer | Dario Lombardo <lomato@gmail.com> | 2016-10-04 09:58:25 +0000 |
commit | d8fdf5454a457abe0109ad5615d5d4c4bfca4222 (patch) | |
tree | 53c5bbf54c3bf7d5770b5e05aaeebee16c875586 /extcap | |
parent | 99367fc51303224ec9e95e29a8407cd0d0b5d9f6 (diff) | |
download | wireshark-d8fdf5454a457abe0109ad5615d5d4c4bfca4222.tar.gz |
sshdump: add remote capture command.
This new option adds the chance to use a custom capture command.
It must produce a PCAP stream that will be read by Wireshark,
written to STDOUT.
Change-Id: I34a72465eb369194f24ecf0594df143b8ad6555f
Reviewed-on: https://code.wireshark.org/review/18037
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Dario Lombardo <lomato@gmail.com>
Diffstat (limited to 'extcap')
-rw-r--r-- | extcap/sshdump.c | 55 |
1 files changed, 37 insertions, 18 deletions
diff --git a/extcap/sshdump.c b/extcap/sshdump.c index 14cd0989c8..bda8c81a7a 100644 --- a/extcap/sshdump.c +++ b/extcap/sshdump.c @@ -50,6 +50,7 @@ enum { OPT_REMOTE_USERNAME, OPT_REMOTE_PASSWORD, OPT_REMOTE_INTERFACE, + OPT_REMOTE_CAPTURE_COMMAND, OPT_REMOTE_FILTER, OPT_SSHKEY, OPT_SSHKEY_PASSPHRASE, @@ -61,6 +62,7 @@ static struct option longopts[] = { { "help", no_argument, NULL, OPT_HELP}, { "version", no_argument, NULL, OPT_VERSION}, SSH_BASE_OPTIONS, + { "remote-capture-command", required_argument, NULL, OPT_REMOTE_CAPTURE_COMMAND}, { 0, 0, 0, 0} }; @@ -119,14 +121,14 @@ static char* local_interfaces_to_filter(const guint16 remote_port) return filter; } -static ssh_channel run_ssh_command(ssh_session sshs, const char* iface, const char* cfilter, +static ssh_channel run_ssh_command(ssh_session sshs, const char* capture_command, const char* iface, const char* cfilter, const guint32 count) { gchar* cmdline; ssh_channel channel; - char* quoted_iface; - char* default_filter; - char* quoted_filter; + char* quoted_iface = NULL; + char* default_filter = NULL; + char* quoted_filter = NULL; char* count_str = NULL; unsigned int remote_port = 22; @@ -148,16 +150,21 @@ static ssh_channel run_ssh_command(ssh_session sshs, const char* iface, const ch ssh_options_get_port(sshs, &remote_port); /* escape parameters to go save with the shell */ - quoted_iface = g_shell_quote(iface); - default_filter = local_interfaces_to_filter(remote_port); - if (!cfilter) - cfilter = default_filter; - quoted_filter = g_shell_quote(cfilter); - if (count > 0) - count_str = g_strdup_printf("-c %u", count); - - cmdline = g_strdup_printf("tcpdump -U -i %s -w - %s %s", quoted_iface, count_str ? count_str : "", - quoted_filter); + if (capture_command && *capture_command) { + cmdline = g_strdup(capture_command); + g_debug("Remote capture command has disabled other options"); + } else { + quoted_iface = g_shell_quote(iface); + default_filter = local_interfaces_to_filter(remote_port); + if (!cfilter) + cfilter = default_filter; + quoted_filter = g_shell_quote(cfilter); + if (count > 0) + count_str = g_strdup_printf("-c %u", count); + + cmdline = g_strdup_printf("tcpdump -U -i %s -w - %s %s", quoted_iface, count_str ? count_str : "", + quoted_filter); + } g_debug("Running: %s", cmdline); if (ssh_channel_request_exec(channel, cmdline) != SSH_OK) { @@ -178,7 +185,8 @@ static ssh_channel run_ssh_command(ssh_session sshs, const char* iface, const ch } static int ssh_open_remote_connection(const char* hostname, const unsigned int port, const char* username, const char* password, - const char* sshkey, const char* sshkey_passphrase, const char* iface, const char* cfilter, const guint32 count, const char* fifo) + const char* sshkey, const char* sshkey_passphrase, const char* iface, const char* cfilter, const char* capture_command, + const guint32 count, const char* fifo) { ssh_session sshs = NULL; ssh_channel channel = NULL; @@ -202,7 +210,8 @@ static int ssh_open_remote_connection(const char* hostname, const unsigned int p goto cleanup; } - channel = run_ssh_command(sshs, iface, cfilter, count); + channel = run_ssh_command(sshs, capture_command, iface, cfilter, count); + if (!channel) { g_warning("Can't run ssh command"); goto cleanup; @@ -286,6 +295,8 @@ static int list_config(char *interface, unsigned int remote_port) printf("arg {number=%u}{call=--remote-interface}{display=Remote interface}" "{type=string}{default=eth0}{tooltip=The remote network interface used for capture" "}\n", inc++); + printf("arg {number=%u}{call=--remote-capture-command}{display=Remote capture command}" + "{type=string}{tooltip=The remote command used to capture.}\n", inc++); printf("arg {number=%u}{call=--remote-filter}{display=Remote capture filter}" "{type=string}{tooltip=The remote capture filter}", inc++); if (ipfilter) @@ -324,6 +335,7 @@ int main(int argc, char **argv) char* remote_username = NULL; char* remote_password = NULL; char* remote_interface = NULL; + char* remote_capture_command = NULL; char* sshkey = NULL; char* sshkey_passphrase = NULL; char* remote_filter = NULL; @@ -347,7 +359,7 @@ int main(int argc, char **argv) " %s --extcap-interface=%s --extcap-dlts\n" " %s --extcap-interface=%s --extcap-config\n" " %s --extcap-interface=%s --remote-host myhost --remote-port 22222 " - "--remote-username myuser --remote-interface eth2 --remote-capture-bin /bin/dumpcap " + "--remote-username myuser --remote-interface eth2 --remote-capture-command 'tcpdump -U -i eth0 -w -' " "--fifo=FILENAME --capture\n", argv[0], argv[0], SSH_EXTCAP_INTERFACE, argv[0], SSH_EXTCAP_INTERFACE, argv[0], SSH_EXTCAP_INTERFACE); extcap_help_add_header(extcap_conf, help_header); @@ -362,6 +374,7 @@ int main(int argc, char **argv) extcap_help_add_option(extcap_conf, "--sshkey <public key path>", "the path of the ssh key"); extcap_help_add_option(extcap_conf, "--sshkey-passphrase <public key passphrase>", "the passphrase to unlock public ssh"); extcap_help_add_option(extcap_conf, "--remote-interface <iface>", "the remote capture interface (default: eth0)"); + extcap_help_add_option(extcap_conf, "--remote-capture-command <capture command>", "the remote capture command"); extcap_help_add_option(extcap_conf, "--remote-filter <filter>", "a filter for remote capture (default: don't " "listen on local interfaces IPs)"); extcap_help_add_option(extcap_conf, "--remote-count <count>", "the number of packets to capture"); @@ -427,6 +440,11 @@ int main(int argc, char **argv) remote_interface = g_strdup(optarg); break; + case OPT_REMOTE_CAPTURE_COMMAND: + g_free(remote_capture_command); + remote_capture_command = g_strdup(optarg); + break; + case OPT_REMOTE_FILTER: g_free(remote_filter); remote_filter = g_strdup(optarg); @@ -488,7 +506,7 @@ int main(int argc, char **argv) filter = concat_filters(extcap_conf->capture_filter, remote_filter); ret = ssh_open_remote_connection(remote_host, remote_port, remote_username, remote_password, sshkey, sshkey_passphrase, remote_interface, - filter, count, extcap_conf->fifo); + filter, remote_capture_command, count, extcap_conf->fifo); g_free(filter); } else { g_debug("You should not come here... maybe some parameter missing?"); @@ -501,6 +519,7 @@ end: g_free(remote_username); g_free(remote_password); g_free(remote_interface); + g_free(remote_capture_command); g_free(sshkey); g_free(sshkey_passphrase); g_free(remote_filter); |