aboutsummaryrefslogtreecommitdiffstats
path: root/dumpcap.c
AgeCommit message (Collapse)AuthorFilesLines
2008-05-22Move the file utility functions from wiretap to libwsutil so thatJeff Morriss1-8/+8
libwireshark (and the plugins using those functions) do not depend on wiretap on Windows. While doing that, rename the eth_* functions to ws_*. svn path=/trunk/; revision=25354
2008-03-24Fix a few typos.Bill Meier1-6/+6
svn path=/trunk/; revision=24724
2008-03-24dumpcap.c: Fix a typo.Gerald Combs1-3/+3
INSTALL: Add entries for libcap. svn path=/trunk/; revision=24722
2008-03-22Fix (aka workaround) for bug #2228.Bill Meier1-50/+160
Essentially: if using libcap, drop capabilities after doing pcap_open_live. See comment in main() for details. svn path=/trunk/; revision=24716
2008-03-20Don't call cap_set_proc() unless we were started with elevatedGerald Combs1-5/+8
privileges. Otherwise, we might print dumpcap: cap_set_proc() fail return: Operation not permitted to stderr. svn path=/trunk/; revision=24704
2008-02-29Fix for handling dumpcap errmsgs when wireshark does 'dumpcap -D -M', etc Bill Meier1-8/+14
svn path=/trunk/; revision=24507
2008-02-25Use plain old strcmp() instead of g_ascii_strcasecmp() when searching for -Z.Jeff Morriss1-12/+8
On glib-1.2 systems g_ascii_strcasecmp() is in libwireshark (which we don't want to include in dumpcap) and anyway our code should be the only thing calling dumpcap with "-Z"--so hopefully there's no need for doing a case-insensitive comparison. (This is another argument for adding a "utils" library.) svn path=/trunk/; revision=24462
2008-02-23Ensure tshark/wireshark always get good err msgs from dumpcap:Bill Meier1-38/+108
1. Clean up dumpcap 'as a child' err msg handling so that: - all err msgs are properly formatted when being sent back to the parent. - any log Critical, Warning, etc messages are sent back to parent and are properly formatted. 2. Change handling of -w <...> slightly in capture_opts.c so that wireshark provides a good error message if there is a 'write permissions' issue on the file. (Previously the error popup said only "Child exited with status 2"). This fixes bug #2288. Add some conditionalized DEBUG_CHILD_DUMPCAP code for dumpcap debug logging to a file. svn path=/trunk/; revision=24446
2008-02-16dumpcap doesn't need stuff declared in capture.h; it just needs what'sGuy Harris1-1/+1
declared in capture_opts.h. svn path=/trunk/; revision=24352
2008-02-16One include of epan/unicode-utils.h suffices - and the routines itGuy Harris1-2/+0
declares are called only on Windows. svn path=/trunk/; revision=24351
2008-02-16Directly call capture_loop_packet_cb(), rather than making a pointer toGuy Harris1-11/+6
the callback function part of the loop_data structure - we always call capture_loop_packet_cb(). svn path=/trunk/; revision=24350
2008-02-16If we don't have libcap, relinquish special privileges just afterGuy Harris1-3/+5
opening the capture device. That somewhat fixes bug 2273, although the second and subsequent files don't have the right group ownership, probably because of the problem described in the comment before relinquish_special_privs_perm(). We should also relinquish special privileges *before* trying to open the capture pipe, so that we can't open a pipe to which the real user doesn't have access. svn path=/trunk/; revision=24347
2008-02-16Pull capture_loop.c into dumpcap.c, as dumpcap is the only program thatGuy Harris1-14/+1844
does capturing any more. (We will be inserting a call to give up privileges after the pcap_open_live(), which should fix 2273; we're currently only giving up privileges on platforms with libcap.) svn path=/trunk/; revision=24345
2008-01-20Fix typo in help textBill Meier1-1/+1
svn path=/trunk/; revision=24148
2007-12-04Support for RPCAP features in GUI (from Boris Misenov, see Bug 1366)Tomas Kukosa1-0/+23
- retrieving the list of remote PCAP interfaces - password authentication support - UDP data fransfer - packet sampling (available in WinPcap 4.x) etc. fix problem if non-default rpcap port is used svn path=/trunk/; revision=23750
2007-11-22Rename Windows ConsoleCtrHandlerRoutine --> capture_cleanup to match SVN ↵Bill Meier1-1/+1
#23537 change svn path=/trunk/; revision=23540
2007-11-21Catch SIGINT, SIGHUP, and SIGTERM on UN*X, so we cleanly exit if, forGuy Harris1-1/+48
example, we're ^C'ed. This should fix bug 2003. svn path=/trunk/; revision=23538
2007-11-20If libcap is present, have dumpcap use it to drop privileges whileGerald Combs1-0/+70
retaining CAP_NET_ADMIN and CAP_NET_RAW. Update some Makefile dependencies for dumpcap. svn path=/trunk/; revision=23511
2007-10-26For the Wireshark/TShark -> dumpcap signal pipe on Windows, use a namedGerald Combs1-8/+44
pipe instead of stdin. Add an argument (currently the parent PID) back to the "-Z" flag and use it to construct the pipe name. This lets us pass the parent's stdin handle to dumpcap, which lets us capture from stdin on Windows. Add a comment about checking for the parent process. In capture_loop.c, remove the wait_forever argument from cap_pipe_select() since it was always FALSE. Set the timeout under Windows to 250 ms instead of 250000 ms. svn path=/trunk/; revision=23279
2007-10-10Make the sync pipe the standard error, not the standard output, ofGuy Harris1-10/+7
dumpcap, when using it as a capture child; leave the standard output alone, in case tshark was told to write the capture to the standard error. Get rid of the argument to the "-Z" option to dumpcap; it might not work on Windows. svn path=/trunk/; revision=23124
2007-09-30"get_compiled_version_info()" appends to the string text starting withGuy Harris1-1/+1
"with", so we shouldn't put our own "with" in there. svn path=/trunk/; revision=23037
2007-09-29Make the "-Z" argument to dumpcap take an argument that's the fileGuy Harris1-7/+10
descriptor to use as the sync pipe. For now, always pass 1, so the sync pipe is the standard output of dumpcap. svn path=/trunk/; revision=23025
2007-09-29Don't hardcode the notion that the sync pipe is the standard output intoGuy Harris1-1/+1
sync_pipe_errmsg_to_parent(); have it take the FD for the sync pipe as an argument. svn path=/trunk/; revision=23024
2007-09-29We don't use NetSNMP any more.Guy Harris1-8/+0
svn path=/trunk/; revision=23022
2007-08-02Add a "-S" flag to dumpcap, which prints out interface statistics. UseGerald Combs1-5/+16
this in the GUI rather than calling pcap_stats() directly. This gets rid of the last pcap_open_live() call in the GUI code. Update README.packaging. svn path=/trunk/; revision=22443
2007-07-20Remove the "-I" flag from dumpcap, and add a "-M" flag used to specifyGerald Combs1-13/+17
that "-D" and "-L" should produce machine-readable output. Use this to move an indirect get_pcap_linktype() call from the GUI to dumpcap. svn path=/trunk/; revision=22367
2007-06-11One more step in privilege separation.Gerald Combs1-10/+20
Add a capture_interface_list(), which works similar to get_interface_list() except that it forks dumpcap instead of calling the pcap routines directly. Use it in the GUI. Add a "-I" flag to dumpcap, which prints out verbose interface information. Tested under Windows and Linux. svn path=/trunk/; revision=22071
2007-02-19Output error msgs when using dumpcap from cmd-line (stand-alone);Bill Meier1-16/+25
Also: minor cleanup for capture_loop.c svn path=/trunk/; revision=20864
2007-02-06From Eric Hall to fix bug 1289:Jeff Morriss1-2/+2
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1289 Rename 'svnversion' to 'wireshark_svnversion' to resolve a symbol conflict with GTK 2.10.6 (hmm, shouldn't GTK not be exporting that symbol or at least naming it so as to prevent such collisions? Well, so should we, so...) From Andreas Fink: change #ifdef for size_t in airdcap_interop.h to fix compile on MacOS X. svn path=/trunk/; revision=20726
2006-11-02Frederic Heem:Jörg Mayer1-9/+14
Fix some memleaks and overflows. I haven't committed the changes that are not bug fixes. svn path=/trunk/; revision=19777
2006-10-20Make dumpcap complile again and other minor improvements.Jaap Keuter1-6/+10
svn path=/trunk/; revision=19624
2006-10-19Fix up the changes to put the Portaudio information at the end of theGuy Harris1-2/+1
version string, so the information comes out right for applications that don't use Portaudio. Get rid of an extra "with" in the version string for dumpcap. Get rid of an extra blank after the libpcap version string, and get rid of an extra newline before it. Attempt to add more compiler version information and to prettify the MSVC++ version information (both untested). svn path=/trunk/; revision=19613
2006-09-22Add support for reading from stdin under Windows. Based on a patch sentGerald Combs1-46/+0
in last year by Gianluca Varenni. Add partial support for reading from named pipes (currently disabled). Move utf_8to16() and utf_16to8() to a separate module (unicode-utils.[ch]) so that we don't have to cut and paste code in dumpcap.c. Fix up whitespace. svn path=/trunk/; revision=19291
2006-08-21Add to a comment.Guy Harris1-0/+1
svn path=/trunk/; revision=18987
2006-08-13put utf_16to8 under #ifdef _WIN32, thanks ToralfUlf Lamping1-0/+4
svn path=/trunk/; revision=18892
2006-08-13another place missing a call to utf_16to8(), the about box was showing ↵Ulf Lamping1-0/+43
"Windows XP S", where it should be "Windows XP Service Pack 2" dumpcap uses this too, so I had to duplicate utf_16to8 there :-( svn path=/trunk/; revision=18891
2006-05-28Ethereal->WiresharkAnders Broman1-4/+4
svn path=/trunk/; revision=18235
2006-05-21name changeRonnie Sahlberg1-2/+2
svn path=/trunk/; revision=18197
2006-04-03Don't report the interface name unconditionally.Guy Harris1-1/+1
svn path=/trunk/; revision=17793
2006-04-03Put the low-level sync routines into a common file so they can be sharedGuy Harris1-73/+13
by dumpcap and Ethereal (so that, on UN*X, the child process can report a detailed "can't exec dumpcap" error). Rename most of the "sync_pipe_XXX_to_parent()" routines, as they're also in Tethereal, which doesn't have a sync pipe. svn path=/trunk/; revision=17789
2006-04-03In Tethereal, don't save to a temporary file if "-w" isn't specified,Guy Harris1-43/+45
even if doing a live capture; just print the packets without saving them. In dumpcap: default to the capturing the entire packet; don't do the "Press any key" stuff when debugging on UN*X; do console logging (to the standard error) even when we're running as the capture child (the sync pipe should only be the standard output, not the standard error). svn path=/trunk/; revision=17786
2006-03-24Various code cleanup in the capture pipe stuffUlf Lamping1-11/+2
svn path=/trunk/; revision=17714
2006-03-13fix bug #803: sync pipe on Win32 wasn't set to binary mode, so error message ↵Ulf Lamping1-39/+42
transport failed between Ethereal and dumpcap. I've also changed the way the secondary error message is transported from former "header message 0 secondary 0" to "header header message 0 header secondary 0" as that might be a bit more clearer, and I'll need it for further development anyway. I was using this while debugging and not recognizing the real problem - for about four hours :-(. I'll need this feature when doing the interface (and link layer type) browsing later (transferring this data from dumpcap to Ethereal) to get a full blown privilege seperation. svn path=/trunk/; revision=17608
2006-03-05Pass two strings in capture child messages, so the child can sendGuy Harris1-49/+49
primary and secondary error messages and let the parent worry about how to display them. This means dumpcap doesn't need stub routines for generating the formatting tags for the primary and secondary messages. Have a separate message for capture filter errors, so that the parent can check whether the capture filter looks like a display filter and report the appropriate message. This means that dumpcap doesn't need a stub routine for compiling display filters (a stub routine also means that Ethereal won't do the check for capture filters that look like display filters!). svn path=/trunk/; revision=17465
2006-02-25update some comments, as dumpcap no longer uses console window stuffUlf Lamping1-21/+2
svn path=/trunk/; revision=17403
2006-02-17remove dependencies to pcap.h, so getting an idea what needs to be done by ↵Ulf Lamping1-55/+101
dumpcap in addition to the things already done now various dumpcap related code cleanup: mainly #include's and capture engine related stuff svn path=/trunk/; revision=17327
2006-02-12Move create_tempfile() to tempfile.c out of util.c. This means dumpcapGuy Harris1-26/+0
no longer needs util.c, so it no longer includes routines that use host_ip_af(), so it no longer needs to define its own host_ip_af(). That also means dumpcap.c no longer needs to include <sys/socket.h>. svn path=/trunk/; revision=17278
2006-02-12freebsd needs to define AF_INET6, seems to need sys/socket.hUlf Lamping1-0/+4
svn path=/trunk/; revision=17269
2006-02-11the point of no return ...Ulf Lamping1-175/+16
using dumpcap as the capture child for Ethereal. dumpcap is a plain console application now, even for Win32 (so no WinMain, create_console and special piping stuff reguired). The undocumented command line option -Z will switch dumpcap into "child mode", using binary instead of plain text output messages to communicate with a parent Ethereal. Ethereal's main.c no longer needs to distinguish between child mode or not, so some simplifying here. capture_sync.c has to call dumpcap in a "hidden window" mode using CreateProcess instead of spawnvp, otherwise an uggly console window would appear. The handles created by _pipe doesn't seem to be inheritable for this function, using CreatePipe instead. The file capture_loop.c is only needed by dumpcap, removed from Ethereal link objects. Some debugging aid added and other minor cleanup done. svn path=/trunk/; revision=17256
2006-02-10remove all calls to exit() from the capture_opts.c and replace them by ↵Ulf Lamping1-5/+9
status return values (0,1 or 2). This way makes it much easier to debug, e.g. to set a common breakpoint if a command line parameter fails. svn path=/trunk/; revision=17240