diff options
| author | Stephen Fisher <steve@stephen-fisher.com> | 2006-12-05 03:19:51 +0000 |
|---|---|---|
| committer | Stephen Fisher <steve@stephen-fisher.com> | 2006-12-05 03:19:51 +0000 |
| commit | 75acf34518617ddb64be049e13393f477a15d0dd (patch) | |
| tree | 66912a037dc8a2b4910cfa0fdc8b9d85f01e1c2b | |
| parent | d11958ec6fdafc3305b9e3239783db00078e03ba (diff) | |
From Douglas Pratley with trivial changes and documentation changes
by myself:
Corrected patch; epan/column.c and epan/column_utils.c were not included. This
one has now been properly tested against a clean checkout of today's code.
- New menu option available under view\time display format
- New sub-option (e) to -t switch for both wireshark and tshark
- Extended recent settings code to handle new value
- Did NOT add new explicit epoch time column
svn path=/trunk/; revision=20040
| -rw-r--r-- | AUTHORS | 4 | ||||
| -rw-r--r-- | doc/tshark.pod | 6 | ||||
| -rw-r--r-- | doc/wireshark.pod | 6 | ||||
| -rw-r--r-- | docbook/wsug_src/WSUG_chapter_customize.xml | 6 | ||||
| -rw-r--r-- | epan/column-utils.c | 47 | ||||
| -rw-r--r-- | epan/column.c | 31 | ||||
| -rw-r--r-- | epan/timestamp.h | 6 | ||||
| -rw-r--r-- | epan/to_str.c | 50 | ||||
| -rw-r--r-- | epan/to_str.h | 2 | ||||
| -rw-r--r-- | gtk/main.c | 4 | ||||
| -rw-r--r-- | gtk/menu.c | 19 | ||||
| -rw-r--r-- | gtk/packet_list.c | 1 | ||||
| -rw-r--r-- | gtk/recent.c | 4 | ||||
| -rw-r--r-- | tshark.c | 4 |
14 files changed, 180 insertions, 10 deletions
@@ -2538,6 +2538,10 @@ Alex Burlyga <Alex.Burlyga [AT] netapp.com> { NetApp NFS filehandle dissectors } +Douglas Pratley <Douglas.pratley [AT] detica.com> { + Epoch timestamps +} + and by: Pavel Roskin <proski [AT] gnu.org> diff --git a/doc/tshark.pod b/doc/tshark.pod index ed0d7e70a8..b3474b4e77 100644 --- a/doc/tshark.pod +++ b/doc/tshark.pod @@ -27,7 +27,7 @@ S<[ B<-r> E<lt>infileE<gt> ]> S<[ B<-R> E<lt>read (display) filterE<gt> ]> S<[ B<-s> E<lt>capture snaplenE<gt> ]> S<[ B<-S> ]> -S<[ B<-t> ad|a|r|d ]> +S<[ B<-t> ad|a|r|d|e ]> S<[ B<-T> pdml|psml|ps|text ]> S<[ B<-v> ]> S<[ B<-V> ]> @@ -349,7 +349,7 @@ memory, or saved to disk. Decode and display packets even while writing raw packet data using the B<-w> option. -=item -t ad|a|r|d +=item -t ad|a|r|d|e Set the format of the packet timestamp printed in summary lines, the default is relative. The format can be one of: @@ -366,6 +366,8 @@ and the current packet B<d> delta: The delta time is the time since the previous packet was captured +B<e> epoch: The time in seconds since epoch (Jan 1, 1970 00:00:00) + =item -T pdml|psml|ps|text Set the format of the output when viewing decoded packet data. The diff --git a/doc/wireshark.pod b/doc/wireshark.pod index 6fa570edb2..ea350a6816 100644 --- a/doc/wireshark.pod +++ b/doc/wireshark.pod @@ -30,7 +30,7 @@ S<[ B<-r> E<lt>infileE<gt> ]> S<[ B<-R> E<lt>read (display) filterE<gt> ]> S<[ B<-S> ]> S<[ B<-s> E<lt>capture snaplenE<gt> ]> -S<[ B<-t> ad|a|r|d ]> +S<[ B<-t> ad|a|r|d|e ]> S<[ B<-v> ]> S<[ B<-w> E<lt>outfileE<gt> ]> S<[ B<-y> E<lt>capture link typeE<gt> ]> @@ -390,7 +390,7 @@ Set the default snapshot length to use when capturing live data. No more than I<snaplen> bytes of each network packet will be read into memory, or saved to disk. -=item -t ad|a|r|d +=item -t ad|a|r|d|e Set the format of the packet timestamp displayed in the packet list window, the default is relative. The format can be one of: @@ -407,6 +407,8 @@ and the current packet B<d> delta: The delta time is the time since the previous packet was captured +B<e> epoch: The time in seconds since epoch (Jan 1, 1970 00:00:00) + =item -v Print the version and exit. diff --git a/docbook/wsug_src/WSUG_chapter_customize.xml b/docbook/wsug_src/WSUG_chapter_customize.xml index e414b45ddc..ddcb702fec 100644 --- a/docbook/wsug_src/WSUG_chapter_customize.xml +++ b/docbook/wsug_src/WSUG_chapter_customize.xml @@ -435,6 +435,12 @@ standard libpcap format. are relative to the previous packet. </para> </listitem> + <listitem> + <para> + <command>e</command> epoch, which specifies that timestamps + are seconds since epoch (Jan 1, 1970 00:00:00) + </para> + </listitem> </itemizedlist> </para> </listitem> diff --git a/epan/column-utils.c b/epan/column-utils.c index 550302b658..a2fb69f11e 100644 --- a/epan/column-utils.c +++ b/epan/column-utils.c @@ -779,6 +779,50 @@ col_set_abs_time(frame_data *fd, column_info *cinfo, int col) strcpy(cinfo->col_expr_val[col],cinfo->col_buf[col]); } +static void +col_set_epoch_time(frame_data *fd, column_info *cinfo, int col) +{ + + COL_CHECK_REF_TIME(fd, cinfo, col); + + switch(timestamp_get_precision()) { + case(TS_PREC_FIXED_SEC): + case(TS_PREC_AUTO_SEC): + display_epoch_time(cinfo->col_buf[col], COL_MAX_LEN, + fd->abs_ts.secs, fd->abs_ts.nsecs / 1000000000, SECS); + break; + case(TS_PREC_FIXED_DSEC): + case(TS_PREC_AUTO_DSEC): + display_epoch_time(cinfo->col_buf[col], COL_MAX_LEN, + fd->abs_ts.secs, fd->abs_ts.nsecs / 100000000, DSECS); + break; + case(TS_PREC_FIXED_CSEC): + case(TS_PREC_AUTO_CSEC): + display_epoch_time(cinfo->col_buf[col], COL_MAX_LEN, + fd->abs_ts.secs, fd->abs_ts.nsecs / 10000000, CSECS); + break; + case(TS_PREC_FIXED_MSEC): + case(TS_PREC_AUTO_MSEC): + display_epoch_time(cinfo->col_buf[col], COL_MAX_LEN, + fd->abs_ts.secs, fd->abs_ts.nsecs / 1000000, MSECS); + break; + case(TS_PREC_FIXED_USEC): + case(TS_PREC_AUTO_USEC): + display_epoch_time(cinfo->col_buf[col], COL_MAX_LEN, + fd->abs_ts.secs, fd->abs_ts.nsecs / 1000, USECS); + break; + case(TS_PREC_FIXED_NSEC): + case(TS_PREC_AUTO_NSEC): + display_epoch_time(cinfo->col_buf[col], COL_MAX_LEN, + fd->abs_ts.secs, fd->abs_ts.nsecs, NSECS); + break; + default: + g_assert_not_reached(); + } + cinfo->col_data[col] = cinfo->col_buf[col]; + strcpy(cinfo->col_expr[col],"frame.time_delta"); + strcpy(cinfo->col_expr_val[col],cinfo->col_buf[col]); +} /* Set the format of the variable time format. XXX - this is called from "file.c" when the user changes the time format they want for "command-line-specified" time; it's a bit ugly @@ -805,6 +849,9 @@ col_set_cls_time(frame_data *fd, column_info *cinfo, gint col) case TS_DELTA: col_set_delta_time(fd, cinfo, col); break; + case TS_EPOCH: + col_set_epoch_time(fd, cinfo, col); + break; case TS_NOT_SET: /* code is missing for this case, but I don't know which [jmayer20051219] */ g_assert(FALSE); diff --git a/epan/column.c b/epan/column.c index dc56cd0a2e..789f3ecc54 100644 --- a/epan/column.c +++ b/epan/column.c @@ -373,6 +373,37 @@ get_timestamp_column_longest_string(gint type, gint precision) g_assert_not_reached(); } break; + case(TS_EPOCH): + /* This is enough to represent 2^63 (signed 64-bit integer) + fractions */ + switch(precision) { + case(TS_PREC_AUTO_SEC): + case(TS_PREC_FIXED_SEC): + return "0000000000000000000"; + break; + case(TS_PREC_AUTO_DSEC): + case(TS_PREC_FIXED_DSEC): + return "0000000000000000000.0"; + break; + case(TS_PREC_AUTO_CSEC): + case(TS_PREC_FIXED_CSEC): + return "0000000000000000000.00"; + break; + case(TS_PREC_AUTO_MSEC): + case(TS_PREC_FIXED_MSEC): + return "0000000000000000000.000"; + break; + case(TS_PREC_AUTO_USEC): + case(TS_PREC_FIXED_USEC): + return "0000000000000000000.000000"; + break; + case(TS_PREC_AUTO_NSEC): + case(TS_PREC_FIXED_NSEC): + return "0000000000000000000.000000000"; + break; + default: + g_assert_not_reached(); + } + break; case(TS_NOT_SET): return "0000.000000"; break; diff --git a/epan/timestamp.h b/epan/timestamp.h index 03dbf70403..3e22c6222e 100644 --- a/epan/timestamp.h +++ b/epan/timestamp.h @@ -29,10 +29,12 @@ * Type of time-stamp shown in the summary display. */ typedef enum { - TS_RELATIVE, + TS_RELATIVE, /* Since start of capture */ TS_ABSOLUTE, TS_ABSOLUTE_WITH_DATE, - TS_DELTA, + TS_DELTA, /* Since previous packet */ + TS_EPOCH, /* Seconds (and fractions) since epoch */ + /* * Special value used for the command-line setting in Wireshark, to indicate * that no value has been set from the command line. diff --git a/epan/to_str.c b/epan/to_str.c index a0f89a899a..0269bc03aa 100644 --- a/epan/to_str.c +++ b/epan/to_str.c @@ -546,6 +546,56 @@ display_signed_time(gchar *buf, int buflen, gint32 sec, gint32 frac, } } + +void +display_epoch_time(gchar *buf, int buflen, time_t sec, gint32 frac, + time_res_t units) +{ + const char *sign; + double elapsed_secs; + + elapsed_secs = difftime(sec,(time_t)0); + + /* This code copied from display_signed_time; keep it in case anyone + is looking at captures from before 1970 (???). + If the fractional part of the time stamp is negative, + print its absolute value and, if the seconds part isn't + (the seconds part should be zero in that case), stick + a "-" in front of the entire time stamp. */ + sign = ""; + if (frac < 0) { + frac = -frac; + if (elapsed_secs >= 0) + sign = "-"; + } + switch (units) { + + case SECS: + g_snprintf(buf, buflen, "%s%0.0f", sign, elapsed_secs); + break; + + case DSECS: + g_snprintf(buf, buflen, "%s%0.0f.%01d", sign, elapsed_secs, frac); + break; + + case CSECS: + g_snprintf(buf, buflen, "%s%0.0f.%02d", sign, elapsed_secs, frac); + break; + + case MSECS: + g_snprintf(buf, buflen, "%s%0.0f.%03d", sign, elapsed_secs, frac); + break; + + case USECS: + g_snprintf(buf, buflen, "%s%0.0f.%06d", sign, elapsed_secs, frac); + break; + + case NSECS: + g_snprintf(buf, buflen, "%s%0.0f.%09d", sign, elapsed_secs, frac); + break; + } +} + /* * Display a relative time as days/hours/minutes/seconds. */ diff --git a/epan/to_str.h b/epan/to_str.h index d4cbb1145e..eed1522333 100644 --- a/epan/to_str.h +++ b/epan/to_str.h @@ -72,6 +72,8 @@ extern gchar* time_msecs_to_str(gint32); extern gchar* abs_time_to_str(nstime_t*); extern gchar* abs_time_secs_to_str(time_t); extern void display_signed_time(gchar *, int, gint32, gint32, time_res_t); +extern void display_epoch_time(gchar *, int, time_t, gint32, time_res_t); + extern gchar* rel_time_to_str(nstime_t*); extern gchar* rel_time_to_secs_str(nstime_t*); extern gchar* oid_to_str(const guint8*, gint); diff --git a/gtk/main.c b/gtk/main.c index 736a997a5e..08905fb5d2 100644 --- a/gtk/main.c +++ b/gtk/main.c @@ -1243,7 +1243,7 @@ print_usage(gboolean print_ver) { fprintf(output, "User interface:\n"); fprintf(output, " -g <packet number> go to specified packet number after \"-r\"\n"); fprintf(output, " -m <font> set the font name used for most text\n"); - fprintf(output, " -t ad|a|r|d output format of time stamps (def: r: rel. to first)\n"); + fprintf(output, " -t ad|a|r|d|e output format of time stamps (def: r: rel. to first)\n"); fprintf(output, " -X <key>:<value> eXtension options, see man page for details\n"); fprintf(output, " -z <statistics> show various statistics, see man page for details\n"); @@ -2622,6 +2622,8 @@ main(int argc, char *argv[]) timestamp_set_type(TS_ABSOLUTE_WITH_DATE); else if (strcmp(optarg, "d") == 0) timestamp_set_type(TS_DELTA); + else if (strcmp(optarg, "e") == 0) + timestamp_set_type(TS_EPOCH); else { cmdarg_err("Invalid time stamp type \"%s\"", optarg); cmdarg_err_cont("It must be \"r\" for relative, \"a\" for absolute,"); diff --git a/gtk/menu.c b/gtk/menu.c index 86e0e5a2b6..9558836d94 100644 --- a/gtk/menu.c +++ b/gtk/menu.c @@ -120,6 +120,7 @@ static void timestamp_absolute_cb(GtkWidget *w _U_, gpointer d _U_); static void timestamp_absolute_date_cb(GtkWidget *w _U_, gpointer d _U_); static void timestamp_relative_cb(GtkWidget *w _U_, gpointer d _U_); static void timestamp_delta_cb(GtkWidget *w _U_, gpointer d _U_); +static void timestamp_epoch_cb(GtkWidget *w _U_, gpointer d _U_); static void timestamp_auto_cb(GtkWidget *w _U_, gpointer d _U_); static void timestamp_sec_cb(GtkWidget *w _U_, gpointer d _U_); static void timestamp_dsec_cb(GtkWidget *w _U_, gpointer d _U_); @@ -475,6 +476,8 @@ static GtkItemFactoryEntry menu_items[] = 0, "/View/Time Display Format/Date and Time of Day: 1970-01-01 01:02:03.123456", NULL), ITEM_FACTORY_ENTRY("/View/Time Display Format/Seconds Since Previous Packet: 1.123456", NULL, timestamp_delta_cb, 0, "/View/Time Display Format/Date and Time of Day: 1970-01-01 01:02:03.123456", NULL), + ITEM_FACTORY_ENTRY("/View/Time Display Format/Seconds Since Epoch Time: 123.123456", NULL, timestamp_epoch_cb, + 0, "/View/Time Display Format/Date and Time of Day: 1970-01-01 01:02:03.123456", NULL), ITEM_FACTORY_ENTRY("/View/Time Display Format/<separator>", NULL, NULL, 0, "<Separator>", NULL), ITEM_FACTORY_ENTRY("/View/Time Display Format/Automatic (File Format Precision)", NULL, timestamp_auto_cb, 0, "<RadioItem>", NULL), @@ -1646,6 +1649,16 @@ timestamp_delta_cb(GtkWidget *w _U_, gpointer d _U_) } static void +timestamp_epoch_cb(GtkWidget *w _U_, gpointer d _U_) +{ + if (recent.gui_time_format != TS_EPOCH) { + timestamp_set_type(TS_EPOCH); + recent.gui_time_format = TS_EPOCH; + cf_change_time_formats(&cfile); + } +} + +static void timestamp_auto_cb(GtkWidget *w _U_, gpointer d _U_) { if (recent.gui_time_precision != TS_PREC_AUTO) { @@ -1893,6 +1906,12 @@ menu_recent_read_finished(void) { recent.gui_time_format = -1; gtk_check_menu_item_set_active(GTK_CHECK_MENU_ITEM(menu), TRUE); break; + case(TS_EPOCH): + menu = gtk_item_factory_get_widget(main_menu_factory, + "/View/Time Display Format/Seconds Since Epoch Time: 123.123456"); + recent.gui_time_format = -1; + gtk_check_menu_item_set_active(GTK_CHECK_MENU_ITEM(menu), TRUE); + break; default: g_assert_not_reached(); } diff --git a/gtk/packet_list.c b/gtk/packet_list.c index eee491639b..34c9725778 100644 --- a/gtk/packet_list.c +++ b/gtk/packet_list.c @@ -162,6 +162,7 @@ packet_list_compare(EthCList *clist, gconstpointer ptr1, gconstpointer ptr2) case TS_ABSOLUTE: case TS_ABSOLUTE_WITH_DATE: + case TS_EPOCH: return COMPARE_TS(abs_ts); case TS_RELATIVE: diff --git a/gtk/recent.c b/gtk/recent.c index ab0d25a5b8..0bfba44e7b 100644 --- a/gtk/recent.c +++ b/gtk/recent.c @@ -76,7 +76,7 @@ recent_settings_t recent; static const char *ts_type_text[] = - { "RELATIVE", "ABSOLUTE", "ABSOLUTE_WITH_DATE", "DELTA", NULL }; + { "RELATIVE", "ABSOLUTE", "ABSOLUTE_WITH_DATE", "DELTA", "EPOCH", NULL }; static const char *ts_precision_text[] = { "AUTO", "SEC", "DSEC", "CSEC", "MSEC", "USEC", "NSEC", NULL }; @@ -207,7 +207,7 @@ write_recent(void) recent.packet_list_colorize == TRUE ? "TRUE" : "FALSE"); fprintf(rf, "\n# Timestamp display format.\n"); - fprintf(rf, "# One of: RELATIVE, ABSOLUTE, ABSOLUTE_WITH_DATE, DELTA\n"); + fprintf(rf, "# One of: RELATIVE, ABSOLUTE, ABSOLUTE_WITH_DATE, DELTA, EPOCH\n"); fprintf(rf, RECENT_GUI_TIME_FORMAT ": %s\n", ts_type_text[recent.gui_time_format]); @@ -276,7 +276,7 @@ print_usage(gboolean print_ver) fprintf(output, " -S display packets even when writing to a file\n"); fprintf(output, " -x add output of hex and ASCII dump (Packet Bytes)\n"); fprintf(output, " -T pdml|ps|psml|text output format of text output (def: text)\n"); - fprintf(output, " -t ad|a|r|d output format of time stamps (def: r: rel. to first)\n"); + fprintf(output, " -t ad|a|r|d|e output format of time stamps (def: r: rel. to first)\n"); fprintf(output, " -l flush output after each packet\n"); fprintf(output, " -q be more quiet on stdout (e.g. when using statistics)\n"); fprintf(output, " -X <key>:<value> eXtension options, see the man page for details\n"); @@ -1011,6 +1011,8 @@ main(int argc, char *argv[]) timestamp_set_type(TS_ABSOLUTE_WITH_DATE); else if (strcmp(optarg, "d") == 0) timestamp_set_type(TS_DELTA); + else if (strcmp(optarg, "e") == 0) + timestamp_set_type(TS_EPOCH); else { cmdarg_err("Invalid time stamp type \"%s\"", optarg); |