diff options
| -rw-r--r-- | wiretap/Makefile | 10 | ||||
| -rw-r--r-- | wiretap/Makefile.in | 8 | ||||
| -rw-r--r-- | wiretap/ngsniffer.c | 157 | ||||
| -rw-r--r-- | wiretap/ngsniffer.h | 13 | ||||
| -rw-r--r-- | wiretap/wtap.h | 8 |
5 files changed, 134 insertions, 62 deletions
diff --git a/wiretap/Makefile b/wiretap/Makefile index 0fc2722ab0..2b53870591 100644 --- a/wiretap/Makefile +++ b/wiretap/Makefile @@ -88,17 +88,17 @@ LIBS = -lpcap -L/usr/local/lib -L/usr/X11R6/lib -lgtk -lgdk -lglib -lXext -lX11 libwiretap_a_LIBADD = libwiretap_a_OBJECTS = buffer.o file.o lanalyzer.o ngsniffer.o wtap.o AR = ar -CFLAGS = -g -O2 -I/usr/local/lib/glib/include -I/usr/local/include +CFLAGS = -g -O2 -I/usr/local/lib/glib/include -I/usr/local/include -Iwiretap COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) LINK = $(CC) $(CFLAGS) $(LDFLAGS) -o $@ DIST_COMMON = README AUTHORS COPYING ChangeLog INSTALL Makefile.am \ -Makefile.in NEWS aclocal.m4 config.h.in configure configure.in \ -stamp-h.in +Makefile.in NEWS acconfig.h aclocal.m4 config.h.in configure \ +configure.in stamp-h.in DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) -TAR = gtar +TAR = tar GZIP = --best DEP_FILES = .deps/buffer.P .deps/file.P .deps/lanalyzer.P \ .deps/ngsniffer.P .deps/wtap.P @@ -132,7 +132,7 @@ stamp-h: $(srcdir)/config.h.in $(top_builddir)/config.status $(SHELL) ./config.status @echo timestamp > stamp-h $(srcdir)/config.h.in: $(srcdir)/stamp-h.in -$(srcdir)/stamp-h.in: $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/stamp-h.in: $(top_srcdir)/configure.in $(ACLOCAL_M4) acconfig.h cd $(top_srcdir) && $(AUTOHEADER) @echo timestamp > $(srcdir)/stamp-h.in diff --git a/wiretap/Makefile.in b/wiretap/Makefile.in index adc5ad61ef..8faf818bb2 100644 --- a/wiretap/Makefile.in +++ b/wiretap/Makefile.in @@ -92,13 +92,13 @@ CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) LINK = $(CC) $(CFLAGS) $(LDFLAGS) -o $@ DIST_COMMON = README AUTHORS COPYING ChangeLog INSTALL Makefile.am \ -Makefile.in NEWS aclocal.m4 config.h.in configure configure.in \ -stamp-h.in +Makefile.in NEWS acconfig.h aclocal.m4 config.h.in configure \ +configure.in stamp-h.in DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) -TAR = gtar +TAR = tar GZIP = --best DEP_FILES = .deps/buffer.P .deps/file.P .deps/lanalyzer.P \ .deps/ngsniffer.P .deps/wtap.P @@ -132,7 +132,7 @@ stamp-h: $(srcdir)/config.h.in $(top_builddir)/config.status $(SHELL) ./config.status @echo timestamp > stamp-h $(srcdir)/config.h.in: $(srcdir)/stamp-h.in -$(srcdir)/stamp-h.in: $(top_srcdir)/configure.in $(ACLOCAL_M4) +$(srcdir)/stamp-h.in: $(top_srcdir)/configure.in $(ACLOCAL_M4) acconfig.h cd $(top_srcdir) && $(AUTOHEADER) @echo timestamp > $(srcdir)/stamp-h.in diff --git a/wiretap/ngsniffer.c b/wiretap/ngsniffer.c index 9c292cb5ea..26fd0508e5 100644 --- a/wiretap/ngsniffer.c +++ b/wiretap/ngsniffer.c @@ -1,6 +1,6 @@ /* ngsniffer.c * - * $Id: ngsniffer.c,v 1.2 1998/11/12 06:01:24 gram Exp $ + * $Id: ngsniffer.c,v 1.3 1998/11/13 05:57:38 gram Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -27,75 +27,146 @@ int ngsniffer_open(wtap *wth) { int bytes_read; - char magic[33]; - + char magic[18]; + char record_type[2]; + char record_length[4]; /* only the first 2 bytes are length, + the last 2 are "reserved" and are thrown away */ + guint16 type, length = 0; + char network; + char version[18]; /* to hold the entire version record */ + + #define NUM_NGSNIFF_ENCAPS 10 + int sniffer_encap[] = { + WTAP_ENCAP_TR, + WTAP_ENCAP_ETHERNET, + WTAP_ENCAP_ARCNET, + WTAP_ENCAP_NONE, /* StarLAN */ + WTAP_ENCAP_NONE, /* PC Network broadband */ + WTAP_ENCAP_NONE, /* LocalTalk */ + WTAP_ENCAP_NONE, /* type 6 not defined in Sniffer */ + WTAP_ENCAP_NONE, /* Internetwork analyzer */ + WTAP_ENCAP_NONE, /* type 8 not defined in Sniffer */ + WTAP_ENCAP_FDDI + }; + + /* Read in the string that should be at the start of a Sniffer file */ fseek(wth->fh, 0, SEEK_SET); - bytes_read = fread(magic, 1, 32, wth->fh); + bytes_read = fread(magic, 1, 17, wth->fh); - if (bytes_read != 32) { + if (bytes_read != 17) { return WTAP_FILE_UNKNOWN; } - magic[16] = 0; + magic[17] = 0; - if (strcmp(magic, "TRSNIFF data ")) { + if (strcmp(magic, "TRSNIFF data \x1a")) { return WTAP_FILE_UNKNOWN; } /* This is a ngsniffer file */ - wth->frame_number = 0; - wth->file_byte_offset = 0x10b; + wth->capture.ngsniffer = g_malloc(sizeof(ngsniffer_t)); wth->subtype_read = ngsniffer_read; + /*wth->frame_number = 0;*/ + /*wth->file_byte_offset = 0x10b;*/ + + /* Read records until we find the start of packets */ + while (1) { + fseek(wth->fh, length, SEEK_CUR); + bytes_read = fread(record_type, 1, 2, wth->fh); + bytes_read += fread(record_length, 1, 4, wth->fh); + if (bytes_read != 6) { + return WTAP_FILE_UNKNOWN; + } - /* I think this is link type */ - if (magic[30] == 0x25) { - wth->encapsulation = WTAP_ENCAP_ETHERNET; - } - else if (magic[30] == 0x24) { - wth->encapsulation = WTAP_ENCAP_TR; - } - else { - g_error("The magic byte that I think tells DLT is 0x%02X\n", magic[30]); - exit(-1); + type = pletohs(record_type); + length = pletohs(record_length); + + switch (type) { + /* Version Record */ + case REC_VERS: + fread(version, 1, 18, wth->fh); + length = 0; /* to fake the next iteration of while() */ + network = version[9]; + if (network >= NUM_NGSNIFF_ENCAPS) { + g_error("ngsniffer: network type %d unknown", network); + return WTAP_FILE_UNKNOWN; + } + else { + wth->encapsulation = sniffer_encap[network]; + } + break; + + case REC_FRAME2: + wth->capture.ngsniffer->pkt_len = length - 14; + return WTAP_FILE_NGSNIFFER; + + default: + /* Continue with while() loop */ + } } - if (fseek(wth->fh, 0x10b, SEEK_SET) < 0) { - return WTAP_FILE_UNKNOWN; /* I should exit(-1) here */ - } + /* never gets here */ return WTAP_FILE_NGSNIFFER; } /* Read the next packet */ int ngsniffer_read(wtap *wth) { - struct ngsniffer_hdr frame_hdr; - int bytes_read, packet_size; - - bytes_read = fread(&frame_hdr, 1, sizeof(struct ngsniffer_hdr), wth->fh); - - if (bytes_read == sizeof(struct ngsniffer_hdr)) { - wth->frame_number++; - packet_size = frame_hdr.bytes; - buffer_assure_space(&wth->frame_buffer, packet_size); + int packet_size = wth->capture.ngsniffer->pkt_len; + int bytes_read; + char record_type[2]; + char record_length[4]; /* only 1st 2 bytes are length */ + guint16 type, length; + char frame2[14]; + + /* if this is the very first packet, then the fh cursor will be at the + * start of a f_frame2_struct instead of at the start of the record. + * Check for this */ + if (!packet_size) { + + /* Read record info */ + bytes_read = fread(record_type, 1, 2, wth->fh); + bytes_read += fread(record_length, 1, 4, wth->fh); + if (bytes_read != 6) { + return 0; + } - bytes_read = fread(buffer_start_ptr(&wth->frame_buffer), 1, - frame_hdr.bytes, wth->fh); + type = pletohs(record_type); + length = pletohs(record_length); - if (bytes_read != packet_size) { - g_error("ngsniffer_read: fread for data: %d bytes out of %d read\n", - bytes_read, packet_size); + if (type != REC_FRAME2) { return 0; } + else { + packet_size = length - 14; + } + } + else { + wth->capture.ngsniffer->pkt_len = 0; + } - wth->file_byte_offset += sizeof(struct ngsniffer_hdr) + packet_size; + /* Read the f_frame2_struct */ + bytes_read = fread(frame2, 1, 14, wth->fh); + if (bytes_read != 14) { + g_error("ngsniffer_read: not enough frame2 data (%d bytes)", + bytes_read); + return 0; + } - wth->phdr.ts.tv_sec = 0; - wth->phdr.ts.tv_usec = 0; - wth->phdr.caplen = packet_size; - wth->phdr.len = packet_size; + buffer_assure_space(&wth->frame_buffer, packet_size); + bytes_read = fread(buffer_start_ptr(&wth->frame_buffer), 1, + packet_size, wth->fh); - return 1; + if (bytes_read != packet_size) { + g_error("ngsniffer_read: fread for data: %d bytes out of %d", + bytes_read, packet_size); + return 0; } - return 0; + wth->phdr.ts.tv_sec = 0; + wth->phdr.ts.tv_usec = 0; + wth->phdr.caplen = packet_size; + wth->phdr.len = packet_size; + + return 1; } diff --git a/wiretap/ngsniffer.h b/wiretap/ngsniffer.h index f6c7668404..3fc1626392 100644 --- a/wiretap/ngsniffer.h +++ b/wiretap/ngsniffer.h @@ -1,6 +1,6 @@ /* ngsniffer.h * - * $Id: ngsniffer.h,v 1.2 1998/11/12 06:01:25 gram Exp $ + * $Id: ngsniffer.h,v 1.3 1998/11/13 05:57:39 gram Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -20,15 +20,10 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * */ -struct ngsniffer_hdr { - guint32 junk1; - guint32 junk2; - guint32 junk3; - guint16 bytes; - guint16 junk4; - guint32 junk5; -}; +#define REC_VERS 1 /* Version record (f_vers) */ +#define REC_FRAME2 4 /* Frame data (f_frame2) */ +#define REC_EOF 3 /* End-of-file record (no data follows) */ int ngsniffer_open(wtap *wth); int ngsniffer_read(wtap *wth); diff --git a/wiretap/wtap.h b/wiretap/wtap.h index e3ffff4bb7..24fb0ae949 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.2 1998/11/12 06:01:27 gram Exp $ + * $Id: wtap.h,v 1.3 1998/11/13 05:57:39 gram Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -29,6 +29,7 @@ #define WTAP_ENCAP_PPP 4 #define WTAP_ENCAP_FDDI 5 #define WTAP_ENCAP_RAW_IP 6 +#define WTAP_ENCAP_ARCNET 7 /* File types that can be read by wiretap */ #define WTAP_FILE_UNKNOWN 0 @@ -47,6 +48,10 @@ typedef struct { guint16 pkt_len; +} ngsniffer_t; + +typedef struct { + guint16 pkt_len; guint32 totpktt; } lanalyzer_t; @@ -72,6 +77,7 @@ typedef struct wtap { union { pcap_t *pcap; lanalyzer_t *lanalyzer; + ngsniffer_t *ngsniffer; } capture; subtype_func subtype_read; |