1 /*
2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
16 * written permission.
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
20 */
21
22 #ifndef lint
23 static const char copyright[] _U_ =
24 "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
25 The Regents of the University of California. All rights reserved.\n";
26 #endif
27
28 #ifdef HAVE_CONFIG_H
29 #include "config.h"
30 #endif
31
32 #include <pcap.h>
33 #include <stdio.h>
34 #include <stdlib.h>
35 #include <string.h>
36 #include <stdarg.h>
37 #ifdef _WIN32
38 #include "getopt.h"
39 #else
40 #include <unistd.h>
41 #endif
42 #include <fcntl.h>
43 #include <errno.h>
44 #ifdef _WIN32
45 #include <winsock2.h>
46 typedef unsigned __int32 in_addr_t;
47 #else
48 #include <arpa/inet.h>
49 #endif
50 #include <sys/types.h>
51 #include <sys/stat.h>
52
53 /*
54 * This was introduced by Clang:
55 *
56 * http://clang.llvm.org/docs/LanguageExtensions.html#has-attribute
57 *
58 * in some version (which version?); it has been picked up by GCC 5.0.
59 */
60 #ifndef __has_attribute
61 /*
62 * It's a macro, so you can check whether it's defined to check
63 * whether it's supported.
64 *
65 * If it's not, define it to always return 0, so that we move on to
66 * the fallback checks.
67 */
68 #define __has_attribute(x) 0
69 #endif
70
71 #if __has_attribute(noreturn) \
72 || (defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 205)) \
73 || (defined(__SUNPRO_C) && (__SUNPRO_C >= 0x590)) \
74 || (defined(__xlC__) && __xlC__ >= 0x0A01) \
75 || (defined(__HP_aCC) && __HP_aCC >= 61000)
76 /*
77 * Compiler with support for it, or GCC 2.5 and later, or Solaris Studio 12
78 * (Sun C 5.9) and later, or IBM XL C 10.1 and later (do any earlier
79 * versions of XL C support this?), or HP aCC A.06.10 and later.
80 */
81 #define PCAP_NORETURN __attribute((noreturn))
82 #elif defined( _MSC_VER )
83 #define PCAP_NORETURN __declspec(noreturn)
84 #else
85 #define PCAP_NORETURN
86 #endif
87
88 #if __has_attribute(__format__) \
89 || (defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 203)) \
90 || (defined(__xlC__) && __xlC__ >= 0x0A01) \
91 || (defined(__HP_aCC) && __HP_aCC >= 61000)
92 /*
93 * Compiler with support for it, or GCC 2.3 and later, or IBM XL C 10.1
94 * and later (do any earlier versions of XL C support this?),
95 * or HP aCC A.06.10 and later.
96 */
97 #define PCAP_PRINTFLIKE(x,y) __attribute__((__format__(__printf__,x,y)))
98 #else
99 #define PCAP_PRINTFLIKE(x,y)
100 #endif
101
102 static char *program_name;
103
104 /* Forwards */
105 static void PCAP_NORETURN usage(void);
106 static void PCAP_NORETURN error(const char *, ...) PCAP_PRINTFLIKE(1, 2);
107 static void warn(const char *, ...) PCAP_PRINTFLIKE(1, 2);
108
109 #ifdef BDEBUG
110 int dflag;
111 #endif
112
113 /*
114 * On Windows, we need to open the file in binary mode, so that
115 * we get all the bytes specified by the size we get from "fstat()".
116 * On UNIX, that's not necessary. O_BINARY is defined on Windows;
117 * we define it as 0 if it's not defined, so it does nothing.
118 */
119 #ifndef O_BINARY
120 #define O_BINARY 0
121 #endif
122
123 static char *
read_infile(char * fname)124 read_infile(char *fname)
125 {
126 register int i, fd, cc;
127 register char *cp;
128 struct stat buf;
129
130 fd = open(fname, O_RDONLY|O_BINARY);
131 if (fd < 0)
132 error("can't open %s: %s", fname, pcap_strerror(errno));
133
134 if (fstat(fd, &buf) < 0)
135 error("can't stat %s: %s", fname, pcap_strerror(errno));
136
137 cp = malloc((u_int)buf.st_size + 1);
138 if (cp == NULL)
139 error("malloc(%d) for %s: %s", (u_int)buf.st_size + 1,
140 fname, pcap_strerror(errno));
141 cc = read(fd, cp, (u_int)buf.st_size);
142 if (cc < 0)
143 error("read %s: %s", fname, pcap_strerror(errno));
144 if (cc != buf.st_size)
145 error("short read %s (%d != %d)", fname, cc, (int)buf.st_size);
146
147 close(fd);
148 /* replace "# comment" with spaces */
149 for (i = 0; i < cc; i++) {
150 if (cp[i] == '#')
151 while (i < cc && cp[i] != '\n')
152 cp[i++] = ' ';
153 }
154 cp[cc] = '\0';
155 return (cp);
156 }
157
158 /* VARARGS */
159 static void
error(const char * fmt,...)160 error(const char *fmt, ...)
161 {
162 va_list ap;
163
164 (void)fprintf(stderr, "%s: ", program_name);
165 va_start(ap, fmt);
166 (void)vfprintf(stderr, fmt, ap);
167 va_end(ap);
168 if (*fmt) {
169 fmt += strlen(fmt);
170 if (fmt[-1] != '\n')
171 (void)fputc('\n', stderr);
172 }
173 exit(1);
174 /* NOTREACHED */
175 }
176
177 /* VARARGS */
178 static void
warn(const char * fmt,...)179 warn(const char *fmt, ...)
180 {
181 va_list ap;
182
183 (void)fprintf(stderr, "%s: WARNING: ", program_name);
184 va_start(ap, fmt);
185 (void)vfprintf(stderr, fmt, ap);
186 va_end(ap);
187 if (*fmt) {
188 fmt += strlen(fmt);
189 if (fmt[-1] != '\n')
190 (void)fputc('\n', stderr);
191 }
192 }
193
194 /*
195 * Copy arg vector into a new buffer, concatenating arguments with spaces.
196 */
197 static char *
copy_argv(register char ** argv)198 copy_argv(register char **argv)
199 {
200 register char **p;
201 register u_int len = 0;
202 char *buf;
203 char *src, *dst;
204
205 p = argv;
206 if (*p == 0)
207 return 0;
208
209 while (*p)
210 len += strlen(*p++) + 1;
211
212 buf = (char *)malloc(len);
213 if (buf == NULL)
214 error("copy_argv: malloc");
215
216 p = argv;
217 dst = buf;
218 while ((src = *p++) != NULL) {
219 while ((*dst++ = *src++) != '\0')
220 ;
221 dst[-1] = ' ';
222 }
223 dst[-1] = '\0';
224
225 return buf;
226 }
227
228 int
main(int argc,char ** argv)229 main(int argc, char **argv)
230 {
231 char *cp;
232 int op;
233 #ifndef BDEBUG
234 int dflag;
235 #endif
236 char *infile;
237 int Oflag;
238 long snaplen;
239 char *p;
240 int dlt;
241 bpf_u_int32 netmask = PCAP_NETMASK_UNKNOWN;
242 char *cmdbuf;
243 pcap_t *pd;
244 struct bpf_program fcode;
245
246 #ifdef _WIN32
247 if(wsockinit() != 0) return 1;
248 #endif /* _WIN32 */
249
250 #ifndef BDEBUG
251 dflag = 1;
252 #else
253 /* if optimizer debugging is enabled, output DOT graph
254 * `dflag=4' is equivalent to -dddd to follow -d/-dd/-ddd
255 * convention in tcpdump command line
256 */
257 dflag = 4;
258 #endif
259 infile = NULL;
260 Oflag = 1;
261 snaplen = 68;
262
263 if ((cp = strrchr(argv[0], '/')) != NULL)
264 program_name = cp + 1;
265 else
266 program_name = argv[0];
267
268 opterr = 0;
269 while ((op = getopt(argc, argv, "dF:m:Os:")) != -1) {
270 switch (op) {
271
272 case 'd':
273 ++dflag;
274 break;
275
276 case 'F':
277 infile = optarg;
278 break;
279
280 case 'O':
281 Oflag = 0;
282 break;
283
284 case 'm': {
285 in_addr_t addr;
286
287 addr = inet_addr(optarg);
288 if (addr == (in_addr_t)(-1))
289 error("invalid netmask %s", optarg);
290 netmask = addr;
291 break;
292 }
293
294 case 's': {
295 char *end;
296
297 snaplen = strtol(optarg, &end, 0);
298 if (optarg == end || *end != '\0'
299 || snaplen < 0 || snaplen > 65535)
300 error("invalid snaplen %s", optarg);
301 else if (snaplen == 0)
302 snaplen = 65535;
303 break;
304 }
305
306 default:
307 usage();
308 /* NOTREACHED */
309 }
310 }
311
312 if (optind >= argc) {
313 usage();
314 /* NOTREACHED */
315 }
316
317 dlt = pcap_datalink_name_to_val(argv[optind]);
318 if (dlt < 0) {
319 dlt = (int)strtol(argv[optind], &p, 10);
320 if (p == argv[optind] || *p != '\0')
321 error("invalid data link type %s", argv[optind]);
322 }
323
324 if (infile)
325 cmdbuf = read_infile(infile);
326 else
327 cmdbuf = copy_argv(&argv[optind+1]);
328
329 pd = pcap_open_dead(dlt, snaplen);
330 if (pd == NULL)
331 error("Can't open fake pcap_t");
332
333 if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0)
334 error("%s", pcap_geterr(pd));
335
336 if (!bpf_validate(fcode.bf_insns, fcode.bf_len))
337 warn("Filter doesn't pass validation");
338
339 #ifdef BDEBUG
340 // replace line feed with space
341 for (cp = cmdbuf; *cp != '\0'; ++cp) {
342 if (*cp == '\r' || *cp == '\n') {
343 *cp = ' ';
344 }
345 }
346 // only show machine code if BDEBUG defined, since dflag > 3
347 printf("machine codes for filter: %s\n", cmdbuf);
348 #endif
349
350 bpf_dump(&fcode, dflag);
351 pcap_close(pd);
352 exit(0);
353 }
354
355 static void
usage(void)356 usage(void)
357 {
358 (void)fprintf(stderr, "%s, with %s\n", program_name,
359 pcap_lib_version());
360 (void)fprintf(stderr,
361 "Usage: %s [-dO] [ -F file ] [ -m netmask] [ -s snaplen ] dlt [ expression ]\n",
362 program_name);
363 exit(1);
364 }
365