Lines Matching +full:print +full:- +full:flags +full:. +full:pcap
3 * The Regents of the University of California. All rights reserved.
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
16 * written permission.
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
25 * Seth Webster <swebster@sst.ll.mit.edu>
31 The Regents of the University of California. All rights reserved.\n";
33 "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.253.2.13 2007/09/12 19:48:51 guy Exp $ (LBL)";
37 * tcpdump - monitor tcp/ip traffic on an ethernet.
39 * First written in 1987 by Van Jacobson, Lawrence Berkeley Laboratory.
41 * combined efforts of Van, Steve McCanne and Craig Leres of LBL.
45 #include "config.h"
48 #include <tcpdump-stdinc.h>
51 #include "getopt.h"
52 #include "w32_fzs.h"
60 #include <smi.h>
63 #include <pcap.h>
64 #include <signal.h>
65 #include <stdio.h>
66 #include <stdlib.h>
67 #include <string.h>
69 #include <pwd.h>
70 #include <grp.h>
71 #include <errno.h>
74 #include "netdissect.h"
75 #include "interface.h"
76 #include "addrtoname.h"
77 #include "machdep.h"
78 #include "setsignal.h"
79 #include "gmt2local.h"
80 #include "pcap-missing.h"
86 * Define the maximum number of files for the -C flag, and how many
87 * characters can be added to a filename for the -C flag (which
88 * should be enough to handle MAX_CFLAG - 1).
93 int dflag; /* print filter code */
113 static void ndo_error(netdissect_options *ndo, const char *fmt, ...);
114 static void ndo_warning(netdissect_options *ndo, const char *fmt, ...);
121 #include <MMsystem.h>
279 for (p = printers; p->f; ++p)
280 if (type == p->type)
281 return p->f;
314 error("No data link types.");
316 (void) fprintf(stderr, "Data link types (use option -y to set):\n");
318 while (--n_dlts >= 0) {
340 * Set up flags that might or might not be supported depending on the
341 * version of libpcap we're using.
345 #define B_FLAG_USAGE " [ -B size ]"
387 fprintf(stderr, "tcpdump: Couldn't chroot/chdir to '%.64s': %s\n",
392 if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
393 setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) {
394 fprintf(stderr, "tcpdump: Couldn't change to '%.32s' uid=%lu gid=%lu: %s\n",
396 (unsigned long)pw->pw_uid,
397 (unsigned long)pw->pw_gid,
403 fprintf(stderr, "tcpdump: Couldn't find user '%.32s'\n",
415 x -= 1;
435 const char *fmt, ...)
476 gndo->ndo_Oflag=1;
477 gndo->ndo_Rflag=1;
478 gndo->ndo_dlt=-1;
479 gndo->ndo_default_print=ndo_default_print;
480 gndo->ndo_printf=tcpdump_printf;
481 gndo->ndo_error=ndo_error;
482 gndo->ndo_warning=ndo_warning;
483 gndo->ndo_snaplen = DEFAULT_SNAPLEN;
485 cnt = -1;
504 (op = getopt(argc, argv, "aA" B_FLAG "c:C:d" D_FLAG "eE:fF:i:lLm:M:nNOpqr:Rs:StT:u" U_FLAG "vw:W:xXy:YZ:")) != -1)
508 /* compatibility for old -a */
545 printf("%d.%s", i+1, devpointer->name);
546 if (devpointer->description != NULL)
547 printf(" (%s)", devpointer->description);
549 devpointer = devpointer->next;
567 gndo->ndo_espsecret = optarg;
586 * printed by "tcpdump -D".
589 * shouldn't have names that begin with digits.
591 * one interface can have the same name.
600 for (i = 0; i < devnum-1; i++){
601 devpointer = devpointer->next;
606 device = devpointer->name;
618 * is _IONBF.
620 * XXX - this should really be checking for MSVC++,
622 * C library that is more UNIX-compatible.
649 (void)fprintf(stderr, "%s: ignoring option `-m %s' ",
656 /* TCP-MD5 shared secret */
763 gndo->ndo_dltname = optarg;
764 gndo->ndo_dlt =
765 pcap_datalink_name_to_val(gndo->ndo_dltname);
766 if (gndo->ndo_dlt < 0)
767 error("invalid data link type %s", gndo->ndo_dltname);
812 error("only -t, -tt, -ttt, and -tttt are supported");
819 /* future extensibility for cmd-line arguments */
828 /* Run with '-Z root' to restore old behaviour */
840 * We don't need network access, so relinquish any set-UID
841 * or set-GID privileges we have (if any).
843 * We do *not* want set-UID privileges when opening a
845 * people's trace files (especially if we're set-UID
846 * root).
857 fprintf(stderr, "reading from file %s, link-type %u\n",
861 "reading from file %s, link-type %s (%s)\n",
868 error("-f and -r options are incompatible");
894 * Let user own process after socket has been opened.
902 if(pcap_setbuff(pd, UserBufferSize)==-1){
908 if (gndo->ndo_dlt >= 0) {
910 if (pcap_set_datalink(pd, gndo->ndo_dlt) < 0)
916 * set it to what it already is.
918 if (gndo->ndo_dlt != pcap_datalink(pd)) {
920 gndo->ndo_dltname);
924 program_name, gndo->ndo_dltname);
977 dumpinfo.WFileName = WFileName;
978 dumpinfo.pd = pd;
979 dumpinfo.p = p;
987 printinfo.printer = lookup_printer(type);
988 if (printinfo.printer == NULL) {
989 gndo->ndo_dltname = pcap_datalink_val_to_name(type);
990 if (gndo->ndo_dltname != NULL)
992 gndo->ndo_dltname);
1002 * the file (if done) for writing before giving up permissions.
1015 * When capturing to a file, "-v" means tcpdump should,
1017 * packets captured.
1020 /* call verbose_stats_dump() each 1000 +/-100msec */
1036 "%s: verbose output suppressed, use -v or -vv for full protocol decode\n",
1043 (void)fprintf(stderr, "listening on %s, link-type %u, capture size %u bytes\n",
1046 (void)fprintf(stderr, "listening on %s, link-type %s (%s), capture size %u bytes\n",
1056 * We're printing packets. Flush the printed output,
1057 * so it doesn't get intermingled with error output.
1059 if (status == -2) {
1062 * manage to finish a line we were printing.
1063 * Print an extra newline, just in case.
1069 if (status == -1) {
1071 * Error. Report it.
1078 * We're doing a live capture. Report the capture
1079 * statistics.
1084 exit(status == -1 ? 1 : 0);
1103 * to do anything with standard I/O streams in a signal handler -
1104 * the ANSI C standard doesn't say it is).
1110 * it's the best we can do. Print the summary if we're
1111 * not reading from a savefile - i.e., if we're doing a
1112 * live capture - and exit.
1117 * manage to finish a line we were printing.
1118 * Print an extra newline, just in case.
1146 (void)fprintf(stderr, "%d packets received by filter", stat.ps_recv);
1151 (void)fprintf(stderr, "%d packets dropped by kernel\n", stat.ps_drop);
1168 * XXX - this won't prevent capture files from getting
1169 * larger than Cflag - the last packet written to the
1170 * file could put it over Cflag.
1172 if (pcap_dump_ftell(dump_info->p) > Cflag) {
1174 * Close the current file and open a new one.
1176 pcap_dump_close(dump_info->p);
1185 name = (char *)malloc(strlen(dump_info->WFileName) + MAX_CFLAG_CHARS + 1);
1188 MakeFilename(name, dump_info->WFileName, Cflag_count, WflagChars);
1189 dump_info->p = pcap_dump_open(dump_info->pd, name);
1191 if (dump_info->p == NULL)
1195 pcap_dump((u_char *)dump_info->p, h, sp);
1198 pcap_dump_flush(dump_info->p);
1201 --infodelay;
1219 --infodelay;
1233 ts_print(&h->ts);
1239 * end of the packet.
1240 * Rather than pass it all the way down, we set this global.
1242 snapend = sp + h->caplen;
1244 hdrlen = (*print_info->printer)(h, sp);
1247 * Print the raw packet data in hex and ASCII.
1251 * Include the link-layer header.
1253 hex_and_ascii_print("\n\t", sp, h->caplen);
1256 * Don't include the link-layer header - and if
1257 * we have nothing past the link-layer header,
1258 * print nothing.
1260 if (h->caplen > hdrlen)
1262 h->caplen - hdrlen);
1266 * Print the raw packet data in hex.
1270 * Include the link-layer header.
1272 hex_print("\n\t", sp, h->caplen);
1275 * Don't include the link-layer header - and if
1276 * we have nothing past the link-layer header,
1277 * print nothing.
1279 if (h->caplen > hdrlen)
1281 h->caplen - hdrlen);
1285 * Print the raw packet data in ASCII.
1289 * Include the link-layer header.
1291 ascii_print(sp, h->caplen);
1294 * Don't include the link-layer header - and if
1295 * we have nothing past the link-layer header,
1296 * print nothing.
1298 if (h->caplen > hdrlen)
1299 ascii_print(sp + hdrlen, h->caplen - hdrlen);
1305 --infodelay;
1312 * XXX - there should really be libpcap calls to get the version
1319 * *running*.
1323 * don't omit it (as a couple of vendors have...).
1325 * Packet.dll should perhaps also export a routine to return the
1326 * version number of the Packet.dll code, to supply the
1327 * "Wpcap_version" information on Windows.
1329 char WDversion[]="current-cvs.tcpdump.org";
1331 char version[]="current-cvs.tcpdump.org";
1333 char pcap_version[]="current-cvs.tcpdump.org";
1338 * By default, print the specified data out in hex and ASCII.
1414 "Usage: %s [-aAd" D_FLAG "eflLnNOpqRStu" U_FLAG "vxX]" B_FLAG_USAGE " [-c count] [ -C file_size ]\n", program_name);
1416 "\t\t[ -E algo:secret ] [ -F file ] [ -i interface ] [ -M secret ]\n");
1418 "\t\t[ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]\n");
1420 "\t\t[ -W filecount ] [ -y datalinktype ] [ -Z user ]\n");
1430 ndo_error(netdissect_options *ndo _U_, const char *fmt, ...)
1440 if (fmt[-1] != '\n')
1449 ndo_warning(netdissect_options *ndo _U_, const char *fmt, ...)
1459 if (fmt[-1] != '\n')