aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Zawadzki <darkjames-ws@darkjames.pl>2017-10-04 22:41:19 +0200
committerAnders Broman <a.broman58@gmail.com>2017-10-05 04:18:27 +0000
commit3c9f440ac60ba83f155a89a851f9a1d3cc947f8d (patch)
treeb418c9e254efce75df8c15bda1db84a870c6dfb5
parent7219f6467feb8ce767689aa456fe8ff2f711e22a (diff)
sharkd: export field filter string.
This extra parameter allows to use wireshark functionality like: prepare as filter, and also apply quick filter in protocol tree (for instance show only TCP protocol fields: tcp.), Change-Id: I1f380b79e3802e6aaf646fdd4770c903ee9f3781 Reviewed-on: https://code.wireshark.org/review/23837 Petri-Dish: Jakub Zawadzki <darkjames-ws@darkjames.pl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Anders Broman <a.broman58@gmail.com>
-rw-r--r--sharkd.c4
-rw-r--r--sharkd.h2
-rw-r--r--sharkd_session.c24
3 files changed, 22 insertions, 8 deletions
diff --git a/sharkd.c b/sharkd.c
index c575224..671c238 100644
--- a/sharkd.c
+++ b/sharkd.c
@@ -548,7 +548,7 @@ sharkd_load_cap_file(void)
}
int
-sharkd_dissect_request(unsigned int framenum, void (*cb)(packet_info *, proto_tree *, struct epan_column_info *, const GSList *, void *), int dissect_bytes, int dissect_columns, int dissect_tree, void *data)
+sharkd_dissect_request(unsigned int framenum, void (*cb)(epan_dissect_t *, proto_tree *, struct epan_column_info *, const GSList *, void *), int dissect_bytes, int dissect_columns, int dissect_tree, void *data)
{
frame_data *fdata;
column_info *cinfo = (dissect_columns) ? &cfile.cinfo : NULL;
@@ -589,7 +589,7 @@ sharkd_dissect_request(unsigned int framenum, void (*cb)(packet_info *, proto_tr
epan_dissect_fill_in_columns(&edt, FALSE, TRUE/* fill_fd_columns */);
}
- cb(&edt.pi, dissect_tree ? edt.tree : NULL, cinfo, dissect_bytes ? edt.pi.data_src : NULL, data);
+ cb(&edt, dissect_tree ? edt.tree : NULL, cinfo, dissect_bytes ? edt.pi.data_src : NULL, data);
epan_dissect_cleanup(&edt);
wtap_phdr_cleanup(&phdr);
diff --git a/sharkd.h b/sharkd.h
index feef76a..2140487 100644
--- a/sharkd.h
+++ b/sharkd.h
@@ -33,7 +33,7 @@ int sharkd_load_cap_file(void);
int sharkd_retap(void);
int sharkd_filter(const char *dftext, guint8 **result);
int sharkd_dissect_columns(int framenum, column_info *cinfo, gboolean dissect_color);
-int sharkd_dissect_request(unsigned int framenum, void (*cb)(packet_info *, proto_tree *, struct epan_column_info *, const GSList *, void *), int dissect_bytes, int dissect_columns, int dissect_tree, void *data);
+int sharkd_dissect_request(unsigned int framenum, void (*cb)(epan_dissect_t *, proto_tree *, struct epan_column_info *, const GSList *, void *), int dissect_bytes, int dissect_columns, int dissect_tree, void *data);
const char *sharkd_version(void);
/* sharkd_daemon.c */
diff --git a/sharkd_session.c b/sharkd_session.c
index f7d6c5a..08cf739 100644
--- a/sharkd_session.c
+++ b/sharkd_session.c
@@ -34,6 +34,7 @@
#include <wsutil/ws_printf.h>
#include <file.h>
+#include <epan/epan_dissect.h>
#include <epan/exceptions.h>
#include <epan/color_filters.h>
#include <epan/prefs.h>
@@ -637,9 +638,10 @@ struct sharkd_analyse_data
};
static void
-sharkd_session_process_analyse_cb(packet_info *pi, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
+sharkd_session_process_analyse_cb(epan_dissect_t *edt, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
{
struct sharkd_analyse_data *analyser = (struct sharkd_analyse_data *) data;
+ packet_info *pi = &edt->pi;
frame_data *fdata = pi->fd;
(void) tree;
@@ -2632,7 +2634,7 @@ sharkd_session_process_follow(char *buf, const jsmntok_t *tokens, int count)
}
static void
-sharkd_session_process_frame_cb_tree(proto_tree *tree, tvbuff_t **tvbs)
+sharkd_session_process_frame_cb_tree(epan_dissect_t *edt, proto_tree *tree, tvbuff_t **tvbs)
{
proto_node *node;
const char *sepa = "";
@@ -2688,6 +2690,8 @@ sharkd_session_process_frame_cb_tree(proto_tree *tree, tvbuff_t **tvbs)
if (finfo->hfinfo)
{
+ char *filter;
+
if (finfo->hfinfo->type == FT_PROTOCOL)
{
printf(",\"t\":\"proto\"");
@@ -2704,6 +2708,14 @@ sharkd_session_process_frame_cb_tree(proto_tree *tree, tvbuff_t **tvbs)
json_puts_string(url);
wmem_free(NULL, url);
}
+
+ filter = proto_construct_match_selected_string(finfo, edt);
+ if (filter)
+ {
+ printf(",\"f\":");
+ json_puts_string(filter);
+ wmem_free(NULL, filter);
+ }
}
if (FI_GET_FLAG(finfo, PI_SEVERITY_MASK))
@@ -2719,7 +2731,7 @@ sharkd_session_process_frame_cb_tree(proto_tree *tree, tvbuff_t **tvbs)
if (finfo->tree_type != -1)
printf(",\"e\":%d", finfo->tree_type);
printf(",\"n\":");
- sharkd_session_process_frame_cb_tree((proto_tree *) node, tvbs);
+ sharkd_session_process_frame_cb_tree(edt, (proto_tree *) node, tvbs);
}
printf("}");
@@ -2756,8 +2768,9 @@ sharkd_follower_visit_layers_cb(const void *key _U_, void *value, void *user_dat
}
static void
-sharkd_session_process_frame_cb(packet_info *pi, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
+sharkd_session_process_frame_cb(epan_dissect_t *edt, proto_tree *tree, struct epan_column_info *cinfo, const GSList *data_src, void *data)
{
+ packet_info *pi = &edt->pi;
frame_data *fdata = pi->fd;
const char *pkt_comment = NULL;
@@ -2800,7 +2813,7 @@ sharkd_session_process_frame_cb(packet_info *pi, proto_tree *tree, struct epan_c
tvbs[count] = NULL;
}
- sharkd_session_process_frame_cb_tree(tree, tvbs);
+ sharkd_session_process_frame_cb_tree(edt, tree, tvbs);
g_free(tvbs);
}
@@ -3027,6 +3040,7 @@ sharkd_session_process_intervals(char *buf, const jsmntok_t *tokens, int count)
* (o) tree - array of frame nodes with attributes:
* l - label
* t: 'proto', 'framenum', 'url' - type of node
+ * f - filter string
* s - severity
* e - subtree ett index
* n - array of subtree nodes