diff options
author | AndersBroman <anders.broman@ericsson.com> | 2016-04-29 15:23:28 +0200 |
---|---|---|
committer | Anders Broman <a.broman58@gmail.com> | 2016-05-03 10:17:46 +0000 |
commit | 6d2ea733ddedf9850883a2dbec43069b92e129bf (patch) | |
tree | d72fb4c216433f40fad65b22dc54a7dbac69f62c /ui/export_pdu_ui_utils.c | |
parent | 1489c9e6ff1b98bee792c0cb98eb9e1dc1c1e875 (diff) |
Implement Export PDU for tshark
This patch introduces the "-U tap_name[,filter]" tshark option and
is similar to the "Export PDUs as file" option in Wireshark.
Wireshark implements this feature by reopening a capture file, applying
a tap and finally opening the temporary file. Since tshark knows
in advance that a PDU export is needed, it can optimize by not creating
the temporary file and perform the export at the first opportunity.
This patch splits the opening/tapping functionality from error reporting
since tshark does not need a temp file and has no dialogs.
The capture file comment is now specified explicitly as there is no
"current file" anymore if the tap is running without active file.
TODO:
- Review whether it is acceptable to overwrite save_file in tshark.
- Add documentation (tshark manpage).
Bug: 3444
Change-Id: Ie159495d42c32c2ba7400f2991b7b8185b3fda09
Reviewed-on: https://code.wireshark.org/review/5890
Petri-Dish: Anders Broman <a.broman58@gmail.com>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Anders Broman <a.broman58@gmail.com>
Diffstat (limited to 'ui/export_pdu_ui_utils.c')
-rw-r--r-- | ui/export_pdu_ui_utils.c | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/ui/export_pdu_ui_utils.c b/ui/export_pdu_ui_utils.c new file mode 100644 index 0000000000..1a907ab8df --- /dev/null +++ b/ui/export_pdu_ui_utils.c @@ -0,0 +1,112 @@ +/* +* export_pdu_ui_utils.c +* Routines for exported_pdu dissection +* Copyright 2013, Anders Broman <anders-broman@ericsson.com> +* +* Wireshark - Network traffic analyzer +* By Gerald Combs <gerald@wireshark.org> +* Copyright 1998 Gerald Combs +* +* This program is free software; you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published by +* the Free Software Foundation; either version 2 of the License, or +* (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License along +* with this program; if not, write to the Free Software Foundation, Inc., +* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "config.h" + +#include "globals.h" +#include "wiretap/pcap-encap.h" +#include "wsutil/os_version_info.h" +#include "wsutil/tempfile.h" +#include "ws_version_info.h" + +#include <epan/tap.h> +#include <epan/exported_pdu.h> +#include <epan/epan_dissect.h> +#include <wiretap/wtap.h> +#include <wiretap/wtap_opttypes.h> +#include <wiretap/pcapng.h> + +#include "ui/alert_box.h" +#include "ui/simple_dialog.h" +#include "tap_export_pdu.h" +#include "export_pdu_ui_utils.h" + +static void +exp_pdu_file_open(exp_pdu_t *exp_pdu_tap_data) +{ + int import_file_fd; + char *tmpname, *capfile_name; + int err; + + /* Choose a random name for the temporary import buffer */ + import_file_fd = create_tempfile(&tmpname, "Wireshark_PDU_"); + capfile_name = g_strdup(tmpname); + + err = exp_pdu_open(exp_pdu_tap_data, import_file_fd, + g_strdup_printf("Dump of PDUs from %s", cfile.filename)); + if (err != 0) { + open_failure_alert_box(capfile_name ? capfile_name : "temporary file", err, TRUE); + goto end; + } + + /* Run the tap */ + cf_retap_packets(&cfile); + + err = exp_pdu_close(exp_pdu_tap_data); + if (err!= 0) { + write_failure_alert_box(capfile_name, err); + } + + /* XXX: should this use the open_routine type in the cfile instead of WTAP_TYPE_AUTO? */ + if (cf_open(&cfile, capfile_name, WTAP_TYPE_AUTO, TRUE /* temporary file */, &err) != CF_OK) { + open_failure_alert_box(capfile_name, err, FALSE); + goto end; + } + + switch (cf_read(&cfile, FALSE)) { + case CF_READ_OK: + case CF_READ_ERROR: + /* Just because we got an error, that doesn't mean we were unable + to read any of the file; we handle what we could get from the + file. */ + break; + + case CF_READ_ABORTED: + /* The user bailed out of re-reading the capture file; the + capture file has been closed - just free the capture file name + string and return (without changing the last containing + directory). */ + break; + } + +end: + g_free(capfile_name); +} + +gboolean +do_export_pdu(const char *filter, gchar *tap_name, exp_pdu_t *exp_pdu_tap_data) +{ + char *error; + error = exp_pdu_pre_open(tap_name, filter, exp_pdu_tap_data); + if (error) { + /* Error. We failed to attach to the tap. Clean up */ + simple_dialog(ESD_TYPE_ERROR, ESD_BTN_OK, "%s", error); + g_free(error); + return FALSE; + } + + exp_pdu_file_open(exp_pdu_tap_data); + + return TRUE; +}
\ No newline at end of file |