diff options
| -rw-r--r-- | wiretap/file.c | 4 | ||||
| -rw-r--r-- | wiretap/netxray.c | 149 | ||||
| -rw-r--r-- | wiretap/netxray.h | 4 | ||||
| -rw-r--r-- | wiretap/wtap.h | 8 |
4 files changed, 160 insertions, 5 deletions
diff --git a/wiretap/file.c b/wiretap/file.c index 4335f955bd..c65db2a07b 100644 --- a/wiretap/file.c +++ b/wiretap/file.c @@ -1,6 +1,6 @@ /* file.c * - * $Id: file.c,v 1.41 1999/12/12 22:40:08 gram Exp $ + * $Id: file.c,v 1.42 1999/12/14 01:12:58 nneul Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -234,7 +234,7 @@ const static struct file_type_info { /* WTAP_FILE_NETXRAY_1_1 */ { "Network Associates Sniffer (Windows-based) 1.1", NULL, - NULL, NULL }, + netxray_dump_can_write_encap, netxray_dump_open_1_1 }, /* WTAP_FILE_NETXRAY_2_001 */ { "Network Associates Sniffer (Windows-based) 2.001", NULL, diff --git a/wiretap/netxray.c b/wiretap/netxray.c index 926dc32045..961ab218a1 100644 --- a/wiretap/netxray.c +++ b/wiretap/netxray.c @@ -1,6 +1,6 @@ /* netxray.c * - * $Id: netxray.c,v 1.16 1999/10/05 07:06:06 guy Exp $ + * $Id: netxray.c,v 1.17 1999/12/14 01:12:59 nneul Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -89,6 +89,9 @@ struct netxrayrec_2_x_hdr { }; static int netxray_read(wtap *wth, int *err); +static gboolean netxray_dump_1_1(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, + const u_char *pd, int *err); +static gboolean netxray_dump_close_1_1(wtap_dumper *wdh, int *err); int netxray_open(wtap *wth, int *err) { @@ -289,3 +292,147 @@ reread: return data_offset; } + +static const int wtap_encap[] = { + -1, /* WTAP_ENCAP_UNKNOWN -> unsupported */ + 0, /* WTAP_ENCAP_ETHERNET */ + -1, /* WTAP_ENCAP_TR */ + -1, /* WTAP_ENCAP_SLIP -> unsupported */ + -1, /* WTAP_ENCAP_PPP -> Internetwork analyzer (synchronous) FIXME ! */ + -1, /* WTAP_ENCAP_FDDI -> unsupported */ + -1, /* WTAP_ENCAP_FDDI_BITSWAPPED */ + -1, /* WTAP_ENCAP_RAW_IP -> unsupported */ + -1, /* WTAP_ENCAP_ARCNET */ + -1, /* WTAP_ENCAP_ATM_RFC1483 */ + -1, /* WTAP_ENCAP_LINUX_ATM_CLIP */ + -1, /* WTAP_ENCAP_LAPB -> Internetwork analyzer (synchronous) */ + -1, /* WTAP_ENCAP_ATM_SNIFFER */ + -1 /* WTAP_ENCAP_NULL -> unsupported */ +}; +#define NUM_WTAP_ENCAPS (sizeof wtap_encap / sizeof wtap_encap[0]) + +/* Returns 0 if we could write the specified encapsulation type, + an error indication otherwise. */ +int netxray_dump_can_write_encap(int filetype, int encap) +{ + /* Per-packet encapsulations aren't supported. */ + if (encap == WTAP_ENCAP_PER_PACKET) + return WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED; + + if (encap < 0 || encap >= NUM_WTAP_ENCAPS || wtap_encap[encap] == -1) + return WTAP_ERR_UNSUPPORTED_ENCAP; + + return 0; +} + +/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on + failure */ +gboolean netxray_dump_open_1_1(wtap_dumper *wdh, int *err) +{ + int nwritten; + + /* This is a sniffer file */ + wdh->subtype_write = netxray_dump_1_1; + wdh->subtype_close = netxray_dump_close_1_1; + + wdh->private.netxray = g_malloc(sizeof(netxray_dump_t)); + wdh->private.netxray->first_frame = TRUE; + wdh->private.netxray->start = 0; + + /* Write the file header. */ + nwritten = fwrite(netxray_magic, 1, sizeof netxray_magic, wdh->fh); + if (nwritten != sizeof netxray_magic) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + + return TRUE; +} + +/* Write a record for a packet to a dump file. + Returns TRUE on success, FALSE on failure. */ +static gboolean netxray_dump_1_1(wtap_dumper *wdh, const struct wtap_pkthdr *phdr, + const u_char *pd, int *err) +{ + char hdr_buf[CAPTUREFILE_HEADER_SIZE - sizeof(netxray_magic)]; + netxray_dump_t *priv = wdh->private.netxray; + struct netxrayrec_1_x_hdr rec_hdr; + int nwritten; + struct netxray_hdr file_hdr; + guint16 caplen, pktlen; + + /* Sniffer files have a capture start date in the file header, and + have times relative to the beginning of that day in the packet + headers; pick the date of the first packet as the capture start + date. */ + if (priv->first_frame) { + priv->first_frame=FALSE; + + /* "sniffer" version ? */ + memset(&file_hdr, '\0', sizeof file_hdr); + memcpy(file_hdr.version, vers_1_1, sizeof vers_1_1); + file_hdr.start_time = 0; + file_hdr.start_offset = CAPTUREFILE_HEADER_SIZE; + file_hdr.end_offset = 0; + file_hdr.network = wtap_encap[wdh->encap]; + + /* the time stuff is all muck to me, someone fill it in please */ + + file_hdr.timelo = 0; + file_hdr.timehi = 0; + + memset(hdr_buf, '\0', sizeof hdr_buf); + memcpy(hdr_buf, &file_hdr, sizeof(file_hdr)); + + nwritten = fwrite(hdr_buf, 1, sizeof hdr_buf, wdh->fh); + if (nwritten != sizeof hdr_buf) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + } + + /* build the header for each packet */ + memset(&rec_hdr, '\0', sizeof(rec_hdr)); + rec_hdr.timelo = 0; + rec_hdr.timehi = 0; + pktlen = phdr->len; + caplen = phdr->caplen; + rec_hdr.orig_len = pletohs(&pktlen); + rec_hdr.incl_len = pletohs(&caplen); + + nwritten = fwrite(&rec_hdr, 1, sizeof(rec_hdr), wdh->fh); + if (nwritten != sizeof(rec_hdr)) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + + /* write the packet data */ + nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh); + if (nwritten != phdr->caplen) { + if (nwritten < 0) + *err = errno; + else + *err = WTAP_ERR_SHORT_WRITE; + return FALSE; + } + + return TRUE; +} + + +/* Finish writing to a dump file. + Returns TRUE on success, FALSE on failure. */ +static gboolean netxray_dump_close_1_1(wtap_dumper *wdh, int *err) +{ + return TRUE; +} + diff --git a/wiretap/netxray.h b/wiretap/netxray.h index a21744b2ff..3e9fb1db42 100644 --- a/wiretap/netxray.h +++ b/wiretap/netxray.h @@ -1,6 +1,6 @@ /* netxray.h * - * $Id: netxray.h,v 1.2 1999/08/19 05:31:36 guy Exp $ + * $Id: netxray.h,v 1.3 1999/12/14 01:12:59 nneul Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -22,3 +22,5 @@ */ int netxray_open(wtap *wth, int *err); +gboolean netxray_dump_open_1_1(wtap_dumper *wdh, int *err); +int netxray_dump_can_write_encap(int filetype, int encap); diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 1c4850094b..ed8ea46dd8 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.58 1999/12/12 22:40:10 gram Exp $ + * $Id: wtap.h,v 1.59 1999/12/14 01:12:59 nneul Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu> @@ -359,6 +359,11 @@ typedef struct { } ngsniffer_dump_t; typedef struct { + gboolean first_frame; + time_t start; +} netxray_dump_t; + +typedef struct { gboolean got_first_record_time; struct timeval first_record_time; guint32 frame_table_offset; @@ -377,6 +382,7 @@ typedef struct wtap_dumper { void *opaque; ngsniffer_dump_t *ngsniffer; netmon_dump_t *netmon; + netxray_dump_t *netxray; } private; subtype_write_func subtype_write; |