diff options
| author | Guy Harris <guy@alum.mit.edu> | 2016-01-05 13:54:02 -0800 |
|---|---|---|
| committer | Guy Harris <guy@alum.mit.edu> | 2016-01-07 04:38:39 +0000 |
| commit | ba3aa03dcfb49a3bb2b090b864f1311fa4ecbc0e (patch) | |
| tree | 334369b53be04c07bbd6269e316c93fc3dba6d03 /dumpcap.c | |
| parent | 97378a5bad8c20f4364b7fe86d96d9d14a192d48 (diff) | |
Move more capture device handling to the caputils library.
Move the code to open capture devices and get properties of capture
devices there, joining the code to get a list of capture devices.
This lets us do a better job of handling pcap_create() in WinPcap,
including handling both WinPcap with pcap_create() and WinPcap without
pcap_create() at run time, just in case somebody tries using WinPcap 3.x
with a Wireshark built with WinPcap 4.x.
It also could make it easier to use libpcap/WinPcap directly in
Wireshark and TShark, if we have versions of libpcap/WinPcap that run
small helper utilities to do privileged functions, allowing programs
using them never to need elevated privileges themselves. That might
make it easier to fix some issues with running TShark when not saving to
a file (we could avoid the file entirely) and with delays when stopping
a capture in Wireshark (Wireshark could stop writing to the file as soon
as you click the stop button, rather than letting dumpcap do so when the
signal gets to it).
It might also make it easier to handle future versions of
libpcap/WinPcap that support using pcap_create()/pcap_activate() for
remote captures, and other future extensions to libpcap/WinPcap.
Rename some XXX_linktype routines to XXX_datalink to indicate that they
work with DLT_ values rather than LINKTYPE_ values; future versions of
libpcap might use LINKTYPE_ values in newer APIs.
Check for pcap_create() on all platforms in CMake.
Change-Id: Ia12e1692c96ec945c07a135d246958771a29c817
Reviewed-on: https://code.wireshark.org/review/13062
Petri-Dish: Guy Harris <guy@alum.mit.edu>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Diffstat (limited to 'dumpcap.c')
| -rw-r--r-- | dumpcap.c | 609 |
1 files changed, 8 insertions, 601 deletions
@@ -51,39 +51,6 @@ #include <sys/utsname.h> #endif -/* - * Linux bonding devices mishandle unknown ioctls; they fail - * with ENODEV rather than ENOTSUP, EOPNOTSUPP, or ENOTTY, - * so pcap_can_set_rfmon() returns a "no such device" indication - * if we try to do SIOCGIWMODE on them. - * - * So, on Linux, we check for bonding devices, if we can, before - * trying pcap_can_set_rfmon(), as pcap_can_set_rfmon() will - * end up trying SIOCGIWMODE on the device if that ioctl exists. - */ -#if defined(HAVE_PCAP_CREATE) && defined(__linux__) - -#include <sys/ioctl.h> - -/* - * If we're building for a Linux version that supports bonding, - * HAVE_BONDING will be defined. - */ - -#ifdef HAVE_LINUX_SOCKIOS_H -#include <linux/sockios.h> -#endif - -#ifdef HAVE_LINUX_IF_BONDING_H -#include <linux/if_bonding.h> -#endif - -#if defined(BOND_INFO_QUERY_OLD) || defined(SIOCBONDINFOQUERY) -#define HAVE_BONDING -#endif - -#endif /* defined(HAVE_PCAP_CREATE) && defined(__linux__) */ - #include <signal.h> #include <errno.h> @@ -383,7 +350,6 @@ static const char please_report[] = */ static loop_data global_ld; - /* * Timeout, in milliseconds, for reads from the stream of captured packets * from a capture device. @@ -650,155 +616,6 @@ relinquish_all_capabilities(void) } #endif -static pcap_t * -open_capture_device(capture_options *capture_opts -#ifndef HAVE_PCAP_SET_TSTAMP_PRECISION - _U_ -#endif - , - interface_options *interface_opts, - char (*open_err_str)[PCAP_ERRBUF_SIZE]) -{ - pcap_t *pcap_h; -#ifdef HAVE_PCAP_CREATE - int err; -#endif -#if defined(HAVE_PCAP_OPEN) && defined(HAVE_PCAP_REMOTE) - struct pcap_rmtauth auth; -#endif - - /* Open the network interface to capture from it. - Some versions of libpcap may put warnings into the error buffer - if they succeed; to tell if that's happened, we have to clear - the error buffer, and check if it's still a null string. */ - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "Entering open_capture_device()."); - (*open_err_str)[0] = '\0'; -#if defined(HAVE_PCAP_OPEN) && defined(HAVE_PCAP_REMOTE) - /* - * If we're opening a remote device, use pcap_open(); that's currently - * the only open routine that supports remote devices. - */ - if (strncmp (interface_opts->name, "rpcap://", 8) == 0) { - auth.type = interface_opts->auth_type == CAPTURE_AUTH_PWD ? - RPCAP_RMTAUTH_PWD : RPCAP_RMTAUTH_NULL; - auth.username = interface_opts->auth_username; - auth.password = interface_opts->auth_password; - - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "Calling pcap_open() using name %s, snaplen %d, promisc_mode %d, datatx_udp %d, nocap_rpcap %d.", - interface_opts->name, interface_opts->snaplen, interface_opts->promisc_mode, - interface_opts->datatx_udp, interface_opts->nocap_rpcap); - pcap_h = pcap_open(interface_opts->name, interface_opts->snaplen, - /* flags */ - (interface_opts->promisc_mode ? PCAP_OPENFLAG_PROMISCUOUS : 0) | - (interface_opts->datatx_udp ? PCAP_OPENFLAG_DATATX_UDP : 0) | - (interface_opts->nocap_rpcap ? PCAP_OPENFLAG_NOCAPTURE_RPCAP : 0), - CAP_READ_TIMEOUT, &auth, *open_err_str); - if (pcap_h == NULL) { - /* Error - did pcap actually supply an error message? */ - if ((*open_err_str)[0] == '\0') { - /* Work around known WinPcap bug wherein no error message is - filled in on a failure to open an rpcap: URL. */ - g_strlcpy(*open_err_str, - "Unknown error (pcap bug; actual error cause not reported)", - sizeof *open_err_str); - } - } - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "pcap_open() returned %p.", (void *)pcap_h); - } else -#endif - { - /* - * If we're not opening a remote device, use pcap_create() and - * pcap_activate() if we have them, so that we can set the buffer - * size, otherwise use pcap_open_live(). - */ -#ifdef HAVE_PCAP_CREATE - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "Calling pcap_create() using %s.", interface_opts->name); - pcap_h = pcap_create(interface_opts->name, *open_err_str); - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "pcap_create() returned %p.", (void *)pcap_h); - if (pcap_h != NULL) { - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "Calling pcap_set_snaplen() with snaplen %d.", interface_opts->snaplen); - pcap_set_snaplen(pcap_h, interface_opts->snaplen); - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "Calling pcap_set_promisc() with promisc_mode %d.", interface_opts->promisc_mode); - pcap_set_promisc(pcap_h, interface_opts->promisc_mode); - pcap_set_timeout(pcap_h, CAP_READ_TIMEOUT); - -#ifdef HAVE_PCAP_SET_TSTAMP_PRECISION - /* - * If we're writing pcap-ng files, try to enable - * nanosecond-resolution capture; any code that - * can read pcap-ng files must be able to handle - * nanosecond-resolution time stamps. - * - * If we're writing pcap files, don't try to enable - * nanosecond-resolution capture, as not all code - * that reads pcap files recognizes the nanosecond- - * resolution pcap file magic number. - */ - if (capture_opts->use_pcapng) - request_high_resolution_timestamp(pcap_h); -#endif /* HAVE_PCAP_SET_TSTAMP_PRECISION */ - - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "buffersize %d.", interface_opts->buffer_size); - if (interface_opts->buffer_size != 0) { - pcap_set_buffer_size(pcap_h, interface_opts->buffer_size * 1024 * 1024); - } - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "monitor_mode %d.", interface_opts->monitor_mode); - if (interface_opts->monitor_mode) - pcap_set_rfmon(pcap_h, 1); - err = pcap_activate(pcap_h); - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "pcap_activate() returned %d.", err); - if (err < 0) { - /* Failed to activate, set to NULL */ - if (err == PCAP_ERROR) - g_strlcpy(*open_err_str, pcap_geterr(pcap_h), sizeof *open_err_str); - else - g_strlcpy(*open_err_str, pcap_statustostr(err), sizeof *open_err_str); - pcap_close(pcap_h); - pcap_h = NULL; - } - } -#else - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "pcap_open_live() calling using name %s, snaplen %d, promisc_mode %d.", - interface_opts->name, interface_opts->snaplen, interface_opts->promisc_mode); - pcap_h = pcap_open_live(interface_opts->name, interface_opts->snaplen, - interface_opts->promisc_mode, CAP_READ_TIMEOUT, - *open_err_str); - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, - "pcap_open_live() returned %p.", (void *)pcap_h); - -/* Windows doesn't have pcap_create() yet */ -#ifdef _WIN32 - /* try to set the capture buffer size -- but not for remote devices */ - if (pcap_h && interface_opts->buffer_size > 1 && - pcap_setbuff(pcap_h, interface_opts->buffer_size * 1024 * 1024) != 0) { - gchar *sync_secondary_msg_str; - - sync_secondary_msg_str = g_strdup_printf( - "Unable to set a capture buffer size of %d MiB.\n" - "Capturing using the default size of %d MiB instead.", - interface_opts->buffer_size, DEFAULT_CAPTURE_BUFFER_SIZE); - report_capture_error("Couldn't set the capture buffer size.", - sync_secondary_msg_str); - g_free(sync_secondary_msg_str); - } -#endif -#endif - } - g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "open_capture_device %s : %s", pcap_h ? "SUCCESS" : "FAILURE", interface_opts->name); - return pcap_h; -} - static void get_capture_device_open_failure_messages(const char *open_err_str, const char *iface, @@ -863,40 +680,6 @@ get_capture_device_open_failure_messages(const char *open_err_str, #endif /* _WIN32 */ } -/* Set the data link type on a pcap. */ -static gboolean -set_pcap_linktype(pcap_t *pcap_h, int linktype, char *name, - char *errmsg, size_t errmsg_len, - char *secondary_errmsg, size_t secondary_errmsg_len) -{ - char *set_linktype_err_str; - - if (linktype == -1) - return TRUE; /* just use the default */ -#ifdef HAVE_PCAP_SET_DATALINK - if (pcap_set_datalink(pcap_h, linktype) == 0) - return TRUE; /* no error */ - set_linktype_err_str = pcap_geterr(pcap_h); -#else - /* Let them set it to the type it is; reject any other request. */ - if (get_pcap_linktype(pcap_h, name) == linktype) - return TRUE; /* no error */ - set_linktype_err_str = - "That DLT isn't one of the DLTs supported by this device"; -#endif - g_snprintf(errmsg, (gulong) errmsg_len, "Unable to set data link type on interface '%s' (%s).", - name, set_linktype_err_str); - /* - * If the error isn't "XXX is not one of the DLTs supported by this device", - * tell the user to tell the Wireshark developers about it. - */ - if (strstr(set_linktype_err_str, "is not one of the DLTs supported by this device") == NULL) - g_snprintf(secondary_errmsg, (gulong) secondary_errmsg_len, please_report); - else - secondary_errmsg[0] = '\0'; - return FALSE; -} - static gboolean compile_capture_filter(const char *iface, pcap_t *pcap_h, struct bpf_program *fcode, const char *cfilter) @@ -947,7 +730,8 @@ show_filter_code(capture_options *capture_opts) for (j = 0; j < capture_opts->ifaces->len; j++) { interface_opts = g_array_index(capture_opts->ifaces, interface_options, j); - pcap_h = open_capture_device(capture_opts, &interface_opts, &open_err_str); + pcap_h = open_capture_device(capture_opts, &interface_opts, + CAP_READ_TIMEOUT, &open_err_str); if (pcap_h == NULL) { /* Open failed; get messages */ get_capture_device_open_failure_messages(open_err_str, @@ -961,7 +745,7 @@ show_filter_code(capture_options *capture_opts) } /* Set the link-layer type. */ - if (!set_pcap_linktype(pcap_h, interface_opts.linktype, interface_opts.name, + if (!set_pcap_datalink(pcap_h, interface_opts.linktype, interface_opts.name, errmsg, sizeof errmsg, secondary_errmsg, sizeof secondary_errmsg)) { pcap_close(pcap_h); @@ -1021,381 +805,6 @@ capture_interface_list(int *err, char **err_str, void(*update_cb)(void) _U_) return get_interface_list(err, err_str); } -/* - * Get the data-link type for a libpcap device. - * This works around AIX 5.x's non-standard and incompatible-with-the- - * rest-of-the-universe libpcap. - */ -static int -get_pcap_linktype(pcap_t *pch, const char *devicename -#ifndef _AIX - _U_ -#endif -) -{ - int linktype; -#ifdef _AIX - const char *ifacename; -#endif - - linktype = pcap_datalink(pch); -#ifdef _AIX - - /* - * The libpcap that comes with AIX 5.x uses RFC 1573 ifType values - * rather than DLT_ values for link-layer types; the ifType values - * for LAN devices are: - * - * Ethernet 6 - * 802.3 7 - * Token Ring 9 - * FDDI 15 - * - * and the ifType value for a loopback device is 24. - * - * The AIX names for LAN devices begin with: - * - * Ethernet en - * 802.3 et - * Token Ring tr - * FDDI fi - * - * and the AIX names for loopback devices begin with "lo". - * - * (The difference between "Ethernet" and "802.3" is presumably - * whether packets have an Ethernet header, with a packet type, - * or an 802.3 header, with a packet length, followed by an 802.2 - * header and possibly a SNAP header.) - * - * If the device name matches "linktype" interpreted as an ifType - * value, rather than as a DLT_ value, we will assume this is AIX's - * non-standard, incompatible libpcap, rather than a standard libpcap, - * and will map the link-layer type to the standard DLT_ value for - * that link-layer type, as that's what the rest of Wireshark expects. - * - * (This means the capture files won't be readable by a tcpdump - * linked with AIX's non-standard libpcap, but so it goes. They - * *will* be readable by standard versions of tcpdump, Wireshark, - * and so on.) - * - * XXX - if we conclude we're using AIX libpcap, should we also - * set a flag to cause us to assume the time stamps are in - * seconds-and-nanoseconds form, and to convert them to - * seconds-and-microseconds form before processing them and - * writing them out? - */ - - /* - * Find the last component of the device name, which is the - * interface name. - */ - ifacename = strchr(devicename, '/'); - if (ifacename == NULL) - ifacename = devicename; - - /* See if it matches any of the LAN device names. */ - if (strncmp(ifacename, "en", 2) == 0) { - if (linktype == 6) { - /* - * That's the RFC 1573 value for Ethernet; map it to DLT_EN10MB. - */ - linktype = 1; - } - } else if (strncmp(ifacename, "et", 2) == 0) { - if (linktype == 7) { - /* - * That's the RFC 1573 value for 802.3; map it to DLT_EN10MB. - * (libpcap, tcpdump, Wireshark, etc. don't care if it's Ethernet - * or 802.3.) - */ - linktype = 1; - } - } else if (strncmp(ifacename, "tr", 2) == 0) { - if (linktype == 9) { - /* - * That's the RFC 1573 value for 802.5 (Token Ring); map it to - * DLT_IEEE802, which is what's used for Token Ring. - */ - linktype = 6; - } - } else if (strncmp(ifacename, "fi", 2) == 0) { - if (linktype == 15) { - /* - * That's the RFC 1573 value for FDDI; map it to DLT_FDDI. - */ - linktype = 10; - } - } else if (strncmp(ifacename, "lo", 2) == 0) { - if (linktype == 24) { - /* - * That's the RFC 1573 value for "software loopback" devices; map it - * to DLT_NULL, which is what's used for loopback devices on BSD. - */ - linktype = 0; - } - } -#endif - - return linktype; -} - -static data_link_info_t * -create_data_link_info(int dlt) -{ - data_link_info_t *data_link_info; - const char *text; - - data_link_info = (data_link_info_t *)g_malloc(sizeof (data_link_info_t)); - data_link_info->dlt = dlt; - text = pcap_datalink_val_to_name(dlt); - if (text != NULL) - data_link_info->name = g_strdup(text); - else - data_link_info->name = g_strdup_printf("DLT %d", dlt); - text = pcap_datalink_val_to_description(dlt); - if (text != NULL) - data_link_info->description = g_strdup(text); - else - data_link_info->description = NULL; - return data_link_info; -} - -#if defined(HAVE_BONDING) && defined(HAVE_PCAP_CREATE) -static gboolean -is_linux_bonding_device(const char *ifname) -{ - int fd; - struct ifreq ifr; - ifbond ifb; - - fd = socket(PF_INET, SOCK_DGRAM, 0); - if (fd == -1) - return FALSE; - - memset(&ifr, 0, sizeof ifr); - g_strlcpy(ifr.ifr_name, ifname, sizeof ifr.ifr_name); - memset(&ifb, 0, sizeof ifb); - ifr.ifr_data = (caddr_t)&ifb; -#if defined(SIOCBONDINFOQUERY) - if (ioctl(fd, SIOCBONDINFOQUERY, &ifr) == 0) { - close(fd); - return TRUE; - } -#else - if (ioctl(fd, BOND_INFO_QUERY_OLD, &ifr) == 0) { - close(fd); - return TRUE; - } -#endif - - close(fd); - return FALSE; -} -#elif defined(HAVE_PCAP_CREATE) -static gboolean -is_linux_bonding_device(const char *ifname _U_) -{ - return FALSE; -} -#endif - -/* - * Get the capabilities of a network device. - */ -static if_capabilities_t * -get_if_capabilities(interface_options *interface_opts, char **err_str) -{ - if_capabilities_t *caps; - char errbuf[PCAP_ERRBUF_SIZE]; - pcap_t *pch; -#ifdef HAVE_PCAP_CREATE - int status; -#endif - int deflt; -#ifdef HAVE_PCAP_LIST_DATALINKS - int *linktypes; - int i, nlt; -#endif - data_link_info_t *data_link_info; - - /* - * Allocate the interface capabilities structure. - */ - caps = (if_capabilities_t *)g_malloc(sizeof *caps); - - /* - * WinPcap 4.1.2, and possibly earlier versions, have a bug - * wherein, when an open with an rpcap: URL fails, the error - * message for the error is not copied to errbuf and whatever - * on-the-stack junk is in errbuf is treated as the error - * message. - * - * To work around that (and any other bugs of that sort, we - * initialize errbuf to an empty string. If we get an error - * and the string is empty, we report it as an unknown error. - * (If we *don't* get an error, and the string is *non*-empty, - * that could be a warning returned, such as "can't turn - * promiscuous mode on"; we currently don't do so.) - */ - errbuf[0] = '\0'; -#ifdef HAVE_PCAP_OPEN -#ifdef HAVE_PCAP_REMOTE - if (strncmp (interface_opts->name, "rpcap://", 8) == 0) { - struct pcap_rmtauth auth; - - auth.type = interface_opts->auth_type == CAPTURE_AUTH_PWD ? - RPCAP_RMTAUTH_PWD : RPCAP_RMTAUTH_NULL; - auth.username = interface_opts->auth_username; - auth.password = interface_opts->auth_password; - - pch = pcap_open(interface_opts->name, MIN_PACKET_SIZE, 0, 0, &auth, errbuf); - } else -#endif - pch = pcap_open(interface_opts->name, MIN_PACKET_SIZE, 0, 0, NULL, errbuf); - caps->can_set_rfmon = FALSE; - if (pch == NULL) { - if (err_str != NULL) - *err_str = g_strdup(errbuf[0] == '\0' ? "Unknown error (pcap bug; actual error cause not reported)" : errbuf); - g_free(caps); - return NULL; - } -#elif defined(HAVE_PCAP_CREATE) - pch = pcap_create(interface_opts->name, errbuf); - if (pch == NULL) { - if (err_str != NULL) - *err_str = g_strdup(errbuf); - g_free(caps); - return NULL; - } - if (is_linux_bonding_device(interface_opts->name)) { - /* - * Linux bonding device; not Wi-Fi, so no monitor mode, and - * calling pcap_can_set_rfmon() might get a "no such device" - * error. - */ - status = 0; - } else { - /* - * Not a Linux bonding device, so go ahead. - */ - status = pcap_can_set_rfmon(pch); - } - if (status < 0) { - /* Error. */ - if (status == PCAP_ERROR) - *err_str = g_strdup_printf("pcap_can_set_rfmon() failed: %s", - pcap_geterr(pch)); - else - *err_str = g_strdup(pcap_statustostr(status)); - pcap_close(pch); - g_free(caps); - return NULL; - } - if (status == 0) - caps->can_set_rfmon = FALSE; - else if (status == 1) { - caps->can_set_rfmon = TRUE; - if (interface_opts->monitor_mode) - pcap_set_rfmon(pch, 1); - } else { - if (err_str != NULL) { - *err_str = g_strdup_printf("pcap_can_set_rfmon() returned %d", - status); - } - pcap_close(pch); - g_free(caps); - return NULL; - } - - status = pcap_activate(pch); - if (status < 0) { - /* Error. We ignore warnings (status > 0). */ - if (err_str != NULL) { - if (status == PCAP_ERROR) - *err_str = g_strdup_printf("pcap_activate() failed: %s", - pcap_geterr(pch)); - else - *err_str = g_strdup(pcap_statustostr(status)); - } - pcap_close(pch); - g_free(caps); - return NULL; - } -#else - pch = pcap_open_live(interface_opts->name, MIN_PACKET_SIZE, 0, 0, errbuf); - caps->can_set_rfmon = FALSE; - if (pch == NULL) { - if (err_str != NULL) - *err_str = g_strdup(errbuf[0] == '\0' ? "Unknown error (pcap bug; actual error cause not reported)" : errbuf); - g_free(caps); - return NULL; - } -#endif - deflt = get_pcap_linktype(pch, interface_opts->name); -#ifdef HAVE_PCAP_LIST_DATALINKS - nlt = pcap_list_datalinks(pch, &linktypes); - if (nlt == 0 || linktypes == NULL) { - pcap_close(pch); - if (err_str != NULL) - *err_str = NULL; /* an empty list doesn't mean an error */ - g_free(caps); - return NULL; - } - caps->data_link_types = NULL; - for (i = 0; i < nlt; i++) { - data_link_info = create_data_link_info(linktypes[i]); - - /* - * XXX - for 802.11, make the most detailed 802.11 - * version the default, rather than the one the - * device has as the default? - */ - if (linktypes[i] == deflt) - caps->data_link_types = g_list_prepend(caps->data_link_types, - data_link_info); - else - caps->data_link_types = g_list_append(caps->data_link_types, - data_link_info); - } -#ifdef HAVE_PCAP_FREE_DATALINKS - pcap_free_datalinks(linktypes); -#else - /* - * In Windows, there's no guarantee that if you have a library - * built with one version of the MSVC++ run-time library, and - * it returns a pointer to allocated data, you can free that - * data from a program linked with another version of the - * MSVC++ run-time library. - * - * This is not an issue on UN*X. - * - * See the mail threads starting at - * - * https://www.winpcap.org/pipermail/winpcap-users/2006-September/001421.html - * - * and - * - * https://www.winpcap.org/pipermail/winpcap-users/2008-May/002498.html - */ -#ifndef _WIN32 -#define xx_free free /* hack so checkAPIs doesn't complain */ - xx_free(linktypes); -#endif /* _WIN32 */ -#endif /* HAVE_PCAP_FREE_DATALINKS */ -#else /* HAVE_PCAP_LIST_DATALINKS */ - - data_link_info = create_data_link_info(deflt); - caps->data_link_types = g_list_append(caps->data_link_types, - data_link_info); -#endif /* HAVE_PCAP_LIST_DATALINKS */ - - pcap_close(pch); - - if (err_str != NULL) - *err_str = NULL; - return caps; -} - #define ADDRSTRLEN 46 /* Covers IPv4 & IPv6 */ /* * Output a machine readable list of the interfaces @@ -2758,7 +2167,8 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld, g_array_append_val(ld->pcaps, pcap_opts); g_log(LOG_DOMAIN_CAPTURE_CHILD, G_LOG_LEVEL_DEBUG, "capture_loop_open_input : %s", interface_opts.name); - pcap_opts->pcap_h = open_capture_device(capture_opts, &interface_opts, &open_err_str); + pcap_opts->pcap_h = open_capture_device(capture_opts, &interface_opts, + CAP_READ_TIMEOUT, &open_err_str); if (pcap_opts->pcap_h != NULL) { /* we've opened "iface" as a network device */ @@ -2800,12 +2210,13 @@ capture_loop_open_input(capture_options *capture_opts, loop_data *ld, #endif /* setting the data link type only works on real interfaces */ - if (!set_pcap_linktype(pcap_opts->pcap_h, interface_opts.linktype, interface_opts.name, + if (!set_pcap_datalink(pcap_opts->pcap_h, interface_opts.linktype, + interface_opts.name, errmsg, errmsg_len, secondary_errmsg, secondary_errmsg_len)) { return FALSE; } - pcap_opts->linktype = get_pcap_linktype(pcap_opts->pcap_h, interface_opts.name); + pcap_opts->linktype = get_pcap_datalink(pcap_opts->pcap_h, interface_opts.name); } else { /* We couldn't open "iface" as a network device. */ /* Try to open it as a pipe */ @@ -5307,10 +4718,6 @@ signal_pipe_check_running(void) } #endif - - - - /* * Editor modelines - https://www.wireshark.org/tools/modelines.html * |