diff options
author | Michael Mann <mmann78@netscape.net> | 2017-09-21 23:20:03 -0400 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2017-09-22 04:49:48 +0000 |
commit | 5f667694d3bbd57f13c26d3588d5671dfd30d09a (patch) | |
tree | e3dbdd8cf9c62acc73b51bc3895ed8b6f3f14ca8 /ui/cli | |
parent | 620d54b1e3a4fcad1994409013f6a5b2b76913b4 (diff) |
Add Flow Graph functionality to TShark
Add flow graph functionality to tshark through -z option.
Output is same as ASCII format saved from GUI.
Change-Id: Iee0bfea7215858e6488b4728581be28287e9ea1a
Reviewed-on: https://code.wireshark.org/review/23652
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'ui/cli')
-rw-r--r-- | ui/cli/Makefile.am | 1 | ||||
-rw-r--r-- | ui/cli/tap-flow.c | 159 |
2 files changed, 160 insertions, 0 deletions
diff --git a/ui/cli/Makefile.am b/ui/cli/Makefile.am index 472be96ebe..d357a76c4d 100644 --- a/ui/cli/Makefile.am +++ b/ui/cli/Makefile.am @@ -50,6 +50,7 @@ TSHARK_TAP_SRC = \ tap-endpoints.c \ tap-expert.c \ tap-exportobject.c \ + tap-flow.c \ tap-follow.c \ tap-funnel.c \ tap-gsm_astat.c \ diff --git a/ui/cli/tap-flow.c b/ui/cli/tap-flow.c new file mode 100644 index 0000000000..8915df15af --- /dev/null +++ b/ui/cli/tap-flow.c @@ -0,0 +1,159 @@ +/* tap-flow.c + * + * Wireshark - Network traffic analyzer + * By Gerald Combs <gerald@wireshark.org> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +/* This module provides udp and tcp follow stream capabilities to tshark. + * It is only used by tshark and not wireshark. + */ + +#include "config.h" + +#include <stdio.h> +#include <stdlib.h> + +#include <epan/sequence_analysis.h> +#include <epan/stat_tap_ui.h> +#include <epan/tap.h> + +void register_tap_listener_follow(void); + +#define STR_FLOW "flow," +#define STR_STANDARD ",standard" +#define STR_NETWORK ",network" + +WS_NORETURN static void flow_exit(const char *strp) +{ + fprintf(stderr, "tshark: flow - %s\n", strp); + exit(1); +} + +static void +flow_draw(void *arg) +{ + seq_analysis_info_t* flow_info = (seq_analysis_info_t*)arg; + + sequence_analysis_get_nodes(flow_info); + + sequence_analysis_dump_to_file(stdout, flow_info, 0); + + //clean up the data + sequence_analysis_list_free(flow_info); + sequence_analysis_info_free(flow_info); +} + +static gboolean flow_arg_strncmp(const char **opt_argp, const char *strp) +{ + size_t len = strlen(strp); + + if (strncmp(*opt_argp, strp, len) == 0) + { + *opt_argp += len; + return TRUE; + } + return FALSE; +} + +static void +flow_arg_mode(const char **opt_argp, seq_analysis_info_t *flow_info) +{ + if (flow_arg_strncmp(opt_argp, STR_STANDARD)) + { + flow_info->any_addr = 1; + } + else if (flow_arg_strncmp(opt_argp, STR_NETWORK)) + { + flow_info->any_addr = 0; + } + else + { + flow_exit("Invalid address type."); + } +} + +static void +flow_init(const char *opt_argp, void *userdata) +{ + seq_analysis_info_t *flow_info = g_new0(seq_analysis_info_t, 1); + GString *errp; + register_analysis_t* analysis = (register_analysis_t*)userdata; + const char *filter=NULL; + + opt_argp += strlen(STR_FLOW); + opt_argp += strlen(sequence_analysis_get_name(analysis)); + + flow_arg_mode(&opt_argp, flow_info); + if (*opt_argp == ',') { + filter = opt_argp + 1; + } + + flow_info->all_packets = TRUE; + + sequence_analysis_list_free(flow_info); + + errp = register_tap_listener(sequence_analysis_get_tap_listener_name(analysis), flow_info, filter, sequence_analysis_get_tap_flags(analysis), + NULL, sequence_analysis_get_packet_func(analysis), flow_draw); + + if (errp != NULL) + { + sequence_analysis_list_free(flow_info); + sequence_analysis_info_free(flow_info); + g_string_free(errp, TRUE); + flow_exit("Error registering tap listener."); + } +} + +static gboolean +flow_register(const void *key _U_, void *value, void *userdata _U_) +{ + register_analysis_t* analysis = (register_analysis_t*)value; + stat_tap_ui flow_ui; + GString *cmd_str = g_string_new(STR_FLOW); + + g_string_append(cmd_str, sequence_analysis_get_name(analysis)); + + flow_ui.group = REGISTER_STAT_GROUP_GENERIC; + flow_ui.title = NULL; /* construct this from the protocol info? */ + flow_ui.cli_string = g_string_free(cmd_str, FALSE); + flow_ui.tap_init_cb = flow_init; + flow_ui.nparams = 0; + flow_ui.params = NULL; + register_stat_tap_ui(&flow_ui, analysis); + g_free((char*)flow_ui.cli_string); + return FALSE; +} + +void +register_tap_listener_flow(void) +{ + sequence_analysis_table_iterate_tables(flow_register, NULL); +} + +/* + * Editor modelines - http://www.wireshark.org/tools/modelines.html + * + * Local Variables: + * c-basic-offset: 4 + * tab-width: 8 + * indent-tabs-mode: nil + * End: + * + * ex: set shiftwidth=2 tabstop=8 expandtab: + * :indentSize=2:tabSize=8:noTabs=true: + */ |