d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Import of libpcap v0.9.8

Browse Source
This commit is contained in:
Max Laier 2007-10-16 02:02:02 +00:00
parent 5d18909f05
commit ef96d74f8a
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor/libpcap/dist/; revision=172677
34 changed files with 5951 additions and 3537 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
contrib/libpcap/CHANGES
View File

@ -1,4 +1,88 @@
@(#) $Header: /tcpdump/master/libpcap/CHANGES,v 1.59.2.8 2005/09/05 09:17:47 guy Exp $ (LBL)
@(#) $Header: /tcpdump/master/libpcap/CHANGES,v 1.59.2.13 2007/09/12 22:40:04 ken Exp $ (LBL)
Mon. September 10, 2007. ken@xelerance.com. Summary for 0.9.8 libpcap release
Change build process to put public libpcap headers into pcap subir
DLT: Add value for IPMI IPMB packets
DLT: Add value for u10 Networks boards
Require <net/pfvar.h> for pf definitions - allows reading of pflog formatted
libpcap files on an OS other than where the file was generated
Wed. July 23, 2007. mcr@xelerance.com. Summary for 0.9.7 libpcap release
FIXED version file to be 0.9.7 instead of 0.9.5.
added flags/configuration for cloning bpf device.
added DLT_MTP2_WITH_PHDR support (PPI)
"fix" the "memory leak" in icode_to_fcode() -- documentation bug
Various link-layer types, with a pseudo-header, for SITA http://www.sita.aero/
introduces support for the DAG ERF type TYPE_COLOR_MC_HDLC_POS.
Basic BPF filtering support for DLT_MTP2_WITH_PHDR is also added.
check for IPv4 and IPv6, even for DLT_RAW
add support for DLT_JUNIPER_ISM
Pick up changes from NetBSD: many from tron, christos, drochner
Allocate DLT_ for 802.15.4 without any header munging, for Mikko Saarnivala.
Header for 802.16 MAC Common Part Sublayer plus a radiotap radio header
Wed. April 25, 2007. ken@xelerance.com. Summary for 0.9.6 libpcap release
Put the public libpcap headers into a pcap subdirectory in both the
source directory and the target include directory, and have include
files at the top-level directory to include those headers, for
backwards compatibility.
Add Bluetooth support
Add USB capturing support on Linux
Add support for the binary USB sniffing interface in Linux
Add support for new FreeBSD BIOCSDIRECTION ioctl
Add additional filter operations for 802.11 frame types
Add support for filtering on MTP2 frame types
Propagate some changes from the main branch, so the x.9 branch has
all the DLT_ and LINKTYPE_ values that the main branch does
Reserved a DLT_ and SAVEFILE_ value for PPI (Per Packet Info)
encapsulated packets
Add LINKTYPE_ for IEEE 802.15.4, with address fields padded as done
by Linux drivers
Add LINKTYPE_ value corresponding to DLT_IEEE802_16_MAC_CPS.
Add DLT for IEEE 802.16 (WiMAX) MAC Common Part Sublayer
Add DLT for Bluetooth HCI UART transport layer
When building a shared library, build with "-fPIC" on Linux to support x86_64
Link with "$(CC) -shared" rather than "ld -shared" when building a
".so" shared library
Add support for autoconf 2.60
Fixes to discard unread packets when changing filters
Changes to handle name changes in the DAG library resulting from
switching to libtool.
Add support for new DAG ERF types.
Add an explicit "-ldag" when building the shared library, so the DAG
library dependency is explicit.
Mac OSX fixes for dealing with "wlt" devices
Fixes in add_or_find_if() & pcap_findalldevs() to optimize generating
device lists
Fixed a bug in pcap_open_live(). The return value of PacketSetHwFilter
was not checked.
Tue. September 19, 2006. ken@xelerance.com. Summary for 0.9.5 libpcap release
Support for LAPD frames with vISDN
Support for ERF on channelized T1/E1 cards via DAG API
Fix capitalization that caused issues crossc compiling on Linux
Better failure detection on PacketGetAdapterNames()
Fixes for MPLS packet generation (link layer)
OP_PACKET now matches the beginning of the packet, instead of
beginning+link-layer
Add DLT/LINKTYPE for carrying FRF.16 Multi-link Frame Relay
Fix allocation of buffer for list of link-layer types
Added a new DLT and LINKTYPE value for ARINC 653 Interpartition Communcation Messages
Fixed a typo in a DLT value: it should start with DLT_ and not LINKTYPE_
Redefined DLT_CAN20B and LINKTYPE_CAN20B as #190 (as this is the right value for CAN).
Added definition for DLT_A429 and LINKTYPE_A429 as #184.
Added a new DLT and LINKTYPE value for CAN v2.0B frames.
Add support for DLT_JUNIPER_VP.
Don't double-count received packets on Linux systems that
support the PACKET_STATISTICS getsockopt() argument on
PF_PACKET sockets.
Add support for DLT_IEEE802_11 and DLT_IEEE802_11_RADIO link
layers in Windows
Add support to build libpcap.lib and wpcap.dll under Cygnus and
MingW32.
Mon. September 5, 2005. ken@xelerance.com. Summary for 0.9.4 libpcap release

7
contrib/libpcap/CREDITS
View File

@ -23,6 +23,7 @@ Additional people who have contributed patches:
Chris G. Demetriou <cgd@netbsd.org>
Chris Lightfoot <cwrl@users.sourceforge.net>
Chris Pepper <pepper@mail.reppep.com>
Daniele Orlandi <daniele@orlandi.com>
Darren Reed <darrenr@reed.wattle.id.au>
David Kaelbling <drk@sgi.com>
David Young <dyoung@ojctech.com>
@ -31,6 +32,7 @@ Additional people who have contributed patches:
Dug Song <dugsong@monkey.org>
Eric Anderson <anderse@hpl.hp.com>
Erik de Castro Lopo <erik.de.castro.lopo@sensorynetworks.com>
Florent Drouin <Florent.Drouin@alcatel-lucent.fr>
Franz Schaefer <schaefer@mond.at>
Gianluca Varenni <varenni@netgroup-serv.polito.it>
Gilbert Hoyek <gil_hoyek@hotmail.com>
@ -50,6 +52,7 @@ Additional people who have contributed patches:
John Bankier <jbankier@rainfinity.com>
Jon Lindgren <jonl@yubyub.net>
Juergen Schoenwaelder <schoenw@ibr.cs.tu-bs.de>
Jung-uk Kim <jkim@FreeBSD.org>
Kazushi Sugyo <sugyo@pb.jp.nec.com>
Klaus Klein <kleink@netbsd.org>
Koryn Grant <koryn@endace.com>
@ -63,12 +66,14 @@ Additional people who have contributed patches:
Mark Pizzolato <List-tcpdump-workers@subscriptions.pizzolato.net>
Martin Husemann <martin@netbsd.org>
Matthew Luckie <mjl@luckie.org.nz>
Max Laier <max@love2party.net>
Mike Kershaw <dragorn@kismetwireless.net>
Mike Wiacek <mike@iroot.net>
Monroe Williams <monroe@pobox.com>
Nicolas Dade <ndade@nsd.dyndns.org>
Octavian Cerna <tavy@ylabs.com>
Olaf Kirch <okir@caldera.de>
Ollie Wild <aaw@users.sourceforge.net>
Onno van der Linden <onno@simplex.nl>
Patrick Marie <mycroft@virgaria.org>
Paul Mundt <lethal@linux-sh.org>
@ -78,6 +83,7 @@ Additional people who have contributed patches:
Peter Jeremy <peter.jeremy@alcatel.com.au>
Phil Wood <cpw@lanl.gov>
Rafal Maszkowski <rzm@icm.edu.pl>
<rcb-isis@users.sourceforge.net>
Rick Jones <raj@cup.hp.com>
Scott Barron <sb125499@ohiou.edu>
Scott Gifford <sgifford@tir.com>
@ -85,6 +91,7 @@ Additional people who have contributed patches:
Shaun Clowes <delius@progsoc.uts.edu.au>
Solomon Peachy <pizza@shaftnet.org>
Stefan Hudson <hudson@mbay.net>
Stephen Donnelly <stephen@endace.com>
Takashi Yamamoto <yamt@mwd.biglobe.ne.jp>
Tanaka Shin-ya <zstanaka@archer.livedoor.com>
Tony Li <tli@procket.com>

1
contrib/libpcap/FILES
View File

@ -97,7 +97,6 @@ pcap-win32.c
pcap.3
pcap.c
pcap.h
pf.h
ppp.h
savefile.c
scanner.l

3
contrib/libpcap/INSTALL.txt
View File

@ -1,4 +1,4 @@
@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.12.2.1 2005/06/20 21:30:14 guy Exp $ (LBL)
@(#) $Header: /tcpdump/master/libpcap/INSTALL.txt,v 1.12.2.2 2007/09/12 19:17:24 guy Exp $ (LBL)
To build libpcap, run "./configure" (a shell script). The configure
script will determine your system attributes and generate an
@ -373,7 +373,6 @@ pcap-win32.c - WinPcap capture support
pcap.3 - manual entry
pcap.c - pcap utility routines
pcap.h - public libpcap definitions
pf.h - OpenBSD DLT_PFLOG definitions
ppp.h - Point to Point Protocol definitions
rawss7.h - information on DLT_ types for SS7
savefile.c - offline support

23
contrib/libpcap/Makefile.in
View File

@ -17,7 +17,7 @@
# WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
# @(#) $Header: /tcpdump/master/libpcap/Makefile.in,v 1.99 2003/12/15 01:35:03 guy Exp $ (LBL)
# @(#) $Header: /tcpdump/master/libpcap/Makefile.in,v 1.99.2.2 2007/07/24 02:35:15 mcr Exp $ (LBL)
#
# Various configurable paths (remember to edit Makefile.in, not Makefile)
@ -46,7 +46,9 @@ CCOPT = @V_CCOPT@
INCLS = -I. @V_INCLS@
DEFS = @DEFS@ @V_DEFS@
LIBS = @V_LIBS@
DAGLIBS = @DAGLIBS@
DYEXT = @DYEXT@
PROG=libpcap
# Standard CFLAGS
CFLAGS = $(CCOPT) $(INCLS) $(DEFS)
@ -112,7 +114,7 @@ shared: libpcap.$(DYEXT)
#
libpcap.so: $(OBJ)
@rm -f $@
ld -shared -o $@.`cat VERSION` $(OBJ)
$(CC) -shared -o $@.`cat VERSION` $(OBJ) $(DAGLIBS)
# the following rule succeeds, but the result is untested.
libpcap.dylib: $(OBJ)
@ -216,19 +218,10 @@ packaging/pcap.spec: packaging/pcap.spec.in VERSION
RPMVERSION=`cat VERSION | sed s/-.*//g`; \
sed -e s/@VERSION@/$$RPMVERSION/ -e s/@NAME@/libpcap-`cat VERSION`/ $< > $@
tar: Makefile packaging/pcap.spec
@cwd=`pwd` ; dir=`basename $$cwd` ; name=libpcap-`cat VERSION` ; \
list="" ; tar="tar chf" ; \
for i in `cat FILES` ; do list="$$list $$name/$$i" ; done; \
echo \
"rm -f ../$$name; ln -s $$dir ../$$name" ; \
rm -f ../$$name; ln -s $$dir ../$$name ; \
echo \
"(cd .. ; $$tar - [lots of files]) | gzip -c > /tmp/$$name.tar.gz" ; \
(cd .. ; $$tar - $$list) | gzip -c > /tmp/$$name.tar.gz ; \
echo \
"rm -f ../$$name" ; \
rm -f ../$$name
releasetar:
@cwd=`pwd` ; dir=`basename $$cwd` ; name=$(PROG)-`cat VERSION` ; \
list="" ; make distclean; cd ..; mkdir -p n; cd n; ln -s ../$$dir $$name; \
tar -c -z -f $$name.tar.gz $$name/. ;
depend: $(GENSRC) $(GENHDR) bpf_filter.c
./mkdep -c $(CC) $(DEFS) $(INCLS) $(SRC)

23
contrib/libpcap/README.dag
View File

@ -77,11 +77,32 @@ RX stream buffer overflow, this count is before filters are applied (it will
include packets that would have been dropped by the filter). The RX stream
buffer size is user configurable outside libpcap, typically 16-512MB.
pcap_get_selectable_fd() is not supported, DAG cards do not support
pcap_get_selectable_fd() is not supported, as DAG cards do not support
poll/select methods.
pcap_inject() and pcap_sendpacket() are not supported.
Some DAG cards now support capturing to multiple virtual interfaces, called
streams. Capture streams have even numbers. These are available via libpcap
as separate interfaces, e.g. dag0:0, dag0:2, dag0:4 etc. dag0:0 is the same
as dag0. These are visible via pcap_findalldevs().
libpcap now does NOT set the card's hardware snaplen (slen). This must now be
set using the appropriate DAG coniguration program, e.g. dagthree, dagfour,
dagsix, dagconfig. This is because the snaplen is currently shared between
all of the streams. In future this may change if per-stream slen is
implemented.
DAG cards by default capture entire packets including the L2
CRC/FCS. If the card is not configured to discard the CRC/FCS, this
can confuse applications that use libpcap if they're not prepared for
packets to have an FCS. Libpcap now reads the environment variable
ERF_FCS_BITS to determine how many bits of CRC/FCS to strip from the
end of the captured frame. This defaults to 32 for use with
Ethernet. If the card is configured to strip the CRC/FCS, then set
ERF_FCS_BITS=0. If used with a HDLC/PoS/PPP/Frame Relay link with 16
bit CRC/FCS, then set ERF_FCS_BITS=16.
----------------------------------------------------------------------
Please submit bug reports via <support@endace.com>.

7
contrib/libpcap/TODO
View File

@ -15,13 +15,6 @@ General
style (okay, you can guess that by looking at the code) and a guide for
what needs to be documented.
Linux kernel interface
- Currently there is a race condition in that a socket is activated at the
same time it is opened - before applying a filter. This has to
be corrected so that capture starts when pcap_read is called for the
first time.
Less urgent items
-----------------

2
contrib/libpcap/VERSION
View File

@ -1 +1 @@
0.9.4
0.9.8

4
contrib/libpcap/bpf_image.c
View File

@ -21,7 +21,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/bpf_image.c,v 1.26 2003/11/15 23:23:57 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/bpf_image.c,v 1.26.2.1 2007/06/11 09:52:04 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -43,7 +43,7 @@ bpf_image(p, n)
int n;
{
int v;
char *fmt, *op;
const char *fmt, *op;
static char image[256];
char operand[64];

12
contrib/libpcap/config.h.in
View File

@ -10,9 +10,15 @@
/* Enable optimizer debugging */
#undef BDEBUG
/* define if you have a cloning BPF device */
#undef HAVE_CLONING_BPF
/* define if you have the DAG API */
#undef HAVE_DAG_API
/* define if you have dag_get_erf_types() */
#undef HAVE_DAG_GET_ERF_TYPES
/* define if you have streams capable DAG API */
#undef HAVE_DAG_STREAMS_API
@ -50,9 +56,15 @@
/* Define to 1 if you have the <netinet/if_ether.h> header file. */
#undef HAVE_NETINET_IF_ETHER_H
/* Define to 1 if you have the <net/pfvar.h> header file. */
#undef HAVE_NET_PFVAR_H
/* if there's an os_proto.h */
#undef HAVE_OS_PROTO_H
/* Define to 1 if you have the <paths.h> header file. */
#undef HAVE_PATHS_H
/* define if you have a /proc/net/dev */
#undef HAVE_PROC_NET_DEV

6627
contrib/libpcap/configure vendored
View File

File diff suppressed because it is too large Load Diff

40
contrib/libpcap/configure.in
View File

@ -1,4 +1,4 @@
dnl @(#) $Header: /tcpdump/master/libpcap/configure.in,v 1.120.2.7 2005/07/07 06:56:03 guy Exp $ (LBL)
dnl @(#) $Header: /tcpdump/master/libpcap/configure.in,v 1.120.2.13 2007/09/12 19:17:24 guy Exp $ (LBL)
dnl
dnl Copyright (c) 1994, 1995, 1996, 1997
dnl The Regents of the University of California. All rights reserved.
@ -6,7 +6,7 @@ dnl
dnl Process this file with autoconf to produce a configure script.
dnl
AC_REVISION($Revision: 1.120.2.7 $)
AC_REVISION($Revision: 1.120.2.13 $)
AC_PREREQ(2.50)
AC_INIT(pcap.c)
@ -26,7 +26,10 @@ dnl in "AC_LBL_FIXINCLUDES" in "aclocal.m4" uses it, so we have to
dnl test for it and set "HAVE_SYS_IOCCOM_H" if we have it, otherwise
dnl "AC_LBL_FIXINCLUDES" won't work on some platforms such as Solaris.
dnl
AC_CHECK_HEADERS(sys/ioccom.h sys/sockio.h limits.h)
AC_CHECK_HEADERS(sys/ioccom.h sys/sockio.h limits.h paths.h)
AC_CHECK_HEADERS(net/pfvar.h, , , [#include <sys/types.h>
#include <sys/socket.h>
#include <net/if.h>])
AC_CHECK_HEADERS(netinet/if_ether.h, , , [#include <sys/types.h>
#include <sys/socket.h>])
if test "$ac_cv_header_netinet_if_ether_h" != yes; then
@ -184,6 +187,12 @@ AC_ARG_WITH(pcap, [ --with-pcap=TYPE use packet capture TYPE])
AC_MSG_CHECKING(packet capture type)
if test ! -z "$with_pcap" ; then
V_PCAP="$withval"
elif test -r /dev/bpf ; then
#
# Cloning BPF device.
#
V_PCAP=bpf
AC_DEFINE(HAVE_CLONING_BPF,1,[define if you have a cloning BPF device])
elif test -r /dev/bpf0 ; then
V_PCAP=bpf
elif test -r /usr/include/net/pfilt.h ; then
@ -492,6 +501,11 @@ if test $ac_cv_lbl_dag_api = yes; then
ar x $dag_lib_dir/libdag.a dagapi.o
if test -r ./dagapi.o; then
dagapi_obj=./dagapi.o
else
ar x $dag_lib_dir/libdag.a libdag_la-dagapi.o
if test -r ./libdag_la-dagapi.o; then
dagapi_obj=./libdag_la-dagapi.o
fi
fi
fi
@ -518,6 +532,11 @@ if test $ac_cv_lbl_dag_api = yes; then
ar x $dag_lib_dir/libdag.a dagopts.o
if test -r ./dagopts.o; then
dagopts_obj=./dagopts.o
else
ar x $dag_lib_dir/libdag.a libdag_la-dagopts.o
if test -r ./libdag_la-dagopts.o; then
dagopts_obj=./libdag_la-dagopts.o
fi
fi
fi
@ -542,6 +561,11 @@ if test $ac_cv_lbl_dag_api = yes; then
ar x $dag_lib_dir/libdag.a dagreg.o
if test -r ./dagreg.o; then
dagreg_obj=./dagreg.o
else
ar x $dag_lib_dir/libdag.a libdag_la-dagreg.o
if test -r ./libdag_la-dagreg.o; then
dagreg_obj=./libdag_la-dagreg.o
fi
fi
fi
@ -567,10 +591,14 @@ if test $ac_cv_lbl_dag_api = yes; then
saved_ldflags=$LDFLAGS
LDFLAGS="-L$dag_lib_dir"
AC_CHECK_LIB([dag], [dag_attach_stream], [dag_version="2.5.x"], [dag_version="2.4.x"])
AC_CHECK_LIB([dag],[dag_get_erf_types], [
AC_DEFINE(HAVE_DAG_GET_ERF_TYPES, 1, [define if you have dag_get_erf_types()])]
)
LDFLAGS=$saved_ldflags
if test "$dag_version" = 2.5.x; then
AC_DEFINE(HAVE_DAG_STREAMS_API, 1, [define if you have streams capable DAG API])
DAGLIBS="-ldag"
fi
# See if we can find a specific version string.
@ -746,6 +774,11 @@ darwin*)
DYEXT="dylib"
V_CCOPT="$V_CCOPT -fno-common"
;;
linux*)
V_CCOPT="$V_CCOPT -fPIC"
;;
esac
AC_PROG_RANLIB
@ -780,6 +813,7 @@ AC_SUBST(V_RANLIB)
AC_SUBST(V_YACC)
AC_SUBST(SSRC)
AC_SUBST(DYEXT)
AC_SUBST(DAGLIBS)
AC_PROG_INSTALL

8
contrib/libpcap/fad-getad.c
View File

@ -34,7 +34,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/fad-getad.c,v 1.10.2.1 2005/04/10 18:04:49 hannes Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/fad-getad.c,v 1.10.2.2 2007/09/14 00:45:17 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -61,7 +61,11 @@ static const char rcsid[] _U_ =
#endif
#ifdef AF_PACKET
# include <linux/if_packet.h>
# ifdef __Lynx__
# include <netpacket/if_packet.h> /* LynxOS */
# else
# include <linux/if_packet.h> /* Linux */
# endif
#endif
/*

34
contrib/libpcap/fad-win32.c
View File

@ -1,6 +1,6 @@
/*
* Copyright (c) 2002 - 2003
* NetGroup, Politecnico di Torino (Italy)
* Copyright (c) 2002 - 2005 NetGroup, Politecnico di Torino (Italy)
* Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -12,9 +12,10 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the Politecnico di Torino nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
* 3. Neither the name of the Politecnico di Torino, CACE Technologies
* nor the names of its contributors may be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
@ -32,7 +33,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/fad-win32.c,v 1.11.2.1 2005/09/01 22:07:41 risso Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/fad-win32.c,v 1.11.2.3 2006/02/22 17:09:32 gianluca Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -41,7 +42,7 @@ static const char rcsid[] _U_ =
#include <pcap.h>
#include <pcap-int.h>
#include <packet32.h>
#include <Packet32.h>
#include <errno.h>
@ -224,22 +225,23 @@ pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
ULONG NameLength;
char *name;
if(!PacketGetAdapterNames(NULL, &NameLength) && NameLength == 0)
if (!PacketGetAdapterNames(NULL, &NameLength))
{
/*
* If PacketGetAdapterNames *and* sets the lenght of the buffer to zero,
* it means there was an error.
*/
snprintf(errbuf, PCAP_ERRBUF_SIZE, "PacketGetAdapterNames failed: %s", pcap_win32strerror());
*alldevsp = NULL;
return -1;
DWORD last_error = GetLastError();
if (last_error != ERROR_INSUFFICIENT_BUFFER)
{
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"PacketGetAdapterNames: %s",
pcap_win32strerror());
return (-1);
}
}
if (NameLength > 0)
AdaptersName = (char*) malloc(NameLength);
else
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, "no adapters found.");
*alldevsp = NULL;
return 0;
}

1161
contrib/libpcap/gencode.c
View File

File diff suppressed because it is too large Load Diff

20
contrib/libpcap/gencode.h
View File

@ -18,7 +18,7 @@
* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
*
* @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.60.2.6 2005/09/05 09:08:06 guy Exp $ (LBL)
* @(#) $Header: /tcpdump/master/libpcap/gencode.h,v 1.60.2.11 2007/06/11 09:52:04 guy Exp $ (LBL)
*/
/*
@ -173,11 +173,16 @@
end-to-end circuits, ILMI circuits or
connection signalling circuit. */
/*MTP3 field types */
#define M_SIO 1
#define M_OPC 2
#define M_DPC 3
#define M_SLS 4
/* MTP2 types */
#define M_FISU 22 /* FISU */
#define M_LSSU 23 /* LSSU */
#define M_MSU 24 /* MSU */
/* MTP3 field types */
#define M_SIO 1
#define M_OPC 2
#define M_DPC 3
#define M_SLS 4
struct slist;
@ -296,6 +301,7 @@ struct block *gen_atmfield_code(int atmfield, bpf_int32 jvalue, bpf_u_int32 jtyp
struct block *gen_atmtype_abbrev(int type);
struct block *gen_atmmulti_abbrev(int type);
struct block *gen_mtp2type_abbrev(int type);
struct block *gen_mtp3field_code(int mtp3field, bpf_u_int32 jvalue, bpf_u_int32 jtype, int reverse);
struct block *gen_pf_ifname(const char *);
@ -315,7 +321,7 @@ char *sdup(const char *);
struct bpf_insn *icode_to_fcode(struct block *, int *);
int pcap_parse(void);
void lex_init(char *);
void lex_init(const char *);
void lex_cleanup(void);
void sappend(struct slist *, struct slist *);

90
contrib/libpcap/grammar.y
View File

@ -22,7 +22,7 @@
*/
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.86.2.5 2005/09/05 09:08:06 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/grammar.y,v 1.86.2.9 2007/09/12 19:17:25 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -52,7 +52,11 @@ struct rtentry;
#include "pcap-int.h"
#include "gencode.h"
#include "pf.h"
#ifdef HAVE_NET_PFVAR_H
#include <net/if.h>
#include <net/pfvar.h>
#include <net/if_pflog.h>
#endif
#include <pcap-namedb.h>
#ifdef HAVE_OS_PROTO_H
@ -68,7 +72,7 @@ int n_errors = 0;
static struct qual qerr = { Q_UNDEF, Q_UNDEF, Q_UNDEF, Q_UNDEF };
static void
yyerror(char *msg)
yyerror(const char *msg)
{
++n_errors;
bpf_error("%s", msg);
@ -85,6 +89,50 @@ pcap_parse()
}
#endif
#ifdef HAVE_NET_PFVAR_H
static int
pfreason_to_num(const char *reason)
{
const char *reasons[] = PFRES_NAMES;
int i;
for (i = 0; reasons[i]; i++) {
if (pcap_strcasecmp(reason, reasons[i]) == 0)
return (i);
}
bpf_error("unknown PF reason");
/*NOTREACHED*/
}
static int
pfaction_to_num(const char *action)
{
if (pcap_strcasecmp(action, "pass") == 0 ||
pcap_strcasecmp(action, "accept") == 0)
return (PF_PASS);
else if (pcap_strcasecmp(action, "drop") == 0 ||
pcap_strcasecmp(action, "block") == 0)
return (PF_DROP);
else {
bpf_error("unknown PF action");
/*NOTREACHED*/
}
}
#else /* !HAVE_NET_PFVAR_H */
static int
pfreason_to_num(const char *reason)
{
bpf_error("libpcap was compiled on a machine without pf support");
/*NOTREACHED*/
}
static int
pfaction_to_num(const char *action)
{
bpf_error("libpcap was compiled on a machine without pf support");
/*NOTREACHED*/
}
#endif /* HAVE_NET_PFVAR_H */
%}
%union {
@ -113,8 +161,9 @@ pcap_parse()
%type <i> atmtype atmmultitype
%type <blk> atmfield
%type <blk> atmfieldvalue atmvalue atmlistvalue
%type <blk> mtp3field
%type <blk> mtp3fieldvalue mtp3value mtp3listvalue
%type <i> mtp2type
%type <blk> mtp3field
%type <blk> mtp3fieldvalue mtp3value mtp3listvalue
%token DST SRC HOST GATEWAY
@ -140,7 +189,8 @@ pcap_parse()
%token OAM OAMF4 CONNECTMSG METACONNECT
%token VPI VCI
%token RADIO
%token SIO OPC DPC SLS
%token FISU LSSU MSU
%token SIO OPC DPC SLS
%type <s> ID
%type <e> EID
@ -261,6 +311,7 @@ rterm: head id { $$ = $2; }
| atmtype { $$.b = gen_atmtype_abbrev($1); $$.q = qerr; }
| atmmultitype { $$.b = gen_atmmulti_abbrev($1); $$.q = qerr; }
| atmfield atmvalue { $$.b = $2.b; $$.q = qerr; }
| mtp2type { $$.b = gen_mtp2type_abbrev($1); $$.q = qerr; }
| mtp3field mtp3value { $$.b = $2.b; $$.q = qerr; }
;
/* protocol level qualifiers */
@ -348,28 +399,10 @@ pfvar: PF_IFNAME ID { $$ = gen_pf_ifname($2); }
;
reason: NUM { $$ = $1; }
| ID { const char *reasons[] = PFRES_NAMES;
int i;
for (i = 0; reasons[i]; i++) {
if (pcap_strcasecmp($1, reasons[i]) == 0) {
$$ = i;
break;
}
}
if (reasons[i] == NULL)
bpf_error("unknown PF reason");
}
| ID { $$ = pfreason_to_num($1); }
;
action: ID { if (pcap_strcasecmp($1, "pass") == 0 ||
pcap_strcasecmp($1, "accept") == 0)
$$ = PF_PASS;
else if (pcap_strcasecmp($1, "drop") == 0 ||
pcap_strcasecmp($1, "block") == 0)
$$ = PF_DROP;
else
bpf_error("unknown PF action");
}
action: ID { $$ = pfaction_to_num($1); }
;
relop: '>' { $$ = BPF_JGT; }
@ -439,6 +472,11 @@ atmfieldvalue: NUM {
atmlistvalue: atmfieldvalue
| atmlistvalue or atmfieldvalue { gen_or($1.b, $3.b); $$ = $3; }
;
/* MTP2 types quantifier */
mtp2type: FISU { $$ = M_FISU; }
| LSSU { $$ = M_LSSU; }
| MSU { $$ = M_MSU; }
;
/* MTP3 field types quantifier */
mtp3field: SIO { $$.mtp3fieldtype = M_SIO; }
| OPC { $$.mtp3fieldtype = M_OPC; }

128
contrib/libpcap/inet.c
View File

@ -34,7 +34,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/inet.c,v 1.66.2.1 2005/06/20 21:30:17 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/inet.c,v 1.66.2.6 2007/06/11 09:52:04 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -134,28 +134,6 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
pcap_if_t *curdev, *prevdev, *nextdev;
int this_instance;
/*
* Can we open this interface for live capture?
*
* We do this check so that interfaces that ae supplied
* by the interface enumeration mechanism we're using
* but that don't support packet capture aren't included
* in the list. An example of this is loopback interfaces
* on Solaris; we don't just omit loopback interfaces
* becaue you *can* capture on loopback interfaces on some
* OSes.
*/
p = pcap_open_live(name, 68, 0, 0, errbuf);
if (p == NULL) {
/*
* No. Don't bother including it.
* Don't treat this as an error, though.
*/
*curdev_ret = NULL;
return (0);
}
pcap_close(p);
/*
* Is there already an entry in the list for this interface?
*/
@ -163,9 +141,74 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
if (strcmp(name, curdev->name) == 0)
break; /* yes, we found it */
}
if (curdev == NULL) {
/*
* No, we didn't find it.
*
* Can we open this interface for live capture?
*
* We do this check so that interfaces that are
* supplied by the interface enumeration mechanism
* we're using but that don't support packet capture
* aren't included in the list. Loopback interfaces
* on Solaris are an example of this; we don't just
* omit loopback interfaces on all platforms because
* you *can* capture on loopback interfaces on some
* OSes.
*
* On OS X, we don't do this check if the device
* name begins with "wlt"; at least some versions
* of OS X offer monitor mode capturing by having
* a separate "monitor mode" device for each wireless
* adapter, rather than by implementing the ioctls
* that {Free,Net,Open,DragonFly}BSD provide.
* Opening that device puts the adapter into monitor
* mode, which, at least for some adapters, causes
* them to deassociate from the network with which
* they're associated.
*
* Instead, we try to open the corresponding "en"
* device (so that we don't end up with, for users
* without sufficient privilege to open capture
* devices, a list of adapters that only includes
* the wlt devices).
*/
#ifdef __APPLE__
if (strncmp(name, "wlt", 3) == 0) {
char *en_name;
size_t en_name_len;
/*
* Try to allocate a buffer for the "en"
* device's name.
*/
en_name_len = strlen(name) - 1;
en_name = malloc(en_name_len + 1);
if (en_name == NULL) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"malloc: %s", pcap_strerror(errno));
return (-1);
}
strcpy(en_name, "en");
strcat(en_name, name + 3);
p = pcap_open_live(en_name, 68, 0, 0, errbuf);
free(en_name);
} else
#endif /* __APPLE */
p = pcap_open_live(name, 68, 0, 0, errbuf);
if (p == NULL) {
/*
* No. Don't bother including it.
* Don't treat this as an error, though.
*/
*curdev_ret = NULL;
return (0);
}
pcap_close(p);
/*
* Yes, we can open it.
* Allocate a new entry.
*/
curdev = malloc(sizeof(pcap_if_t));
@ -179,14 +222,25 @@ add_or_find_if(pcap_if_t **curdev_ret, pcap_if_t **alldevs, const char *name,
* Fill in the entry.
*/
curdev->next = NULL;
curdev->name = malloc(strlen(name) + 1);
strcpy(curdev->name, name);
curdev->name = strdup(name);
if (curdev->name == NULL) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"malloc: %s", pcap_strerror(errno));
free(curdev);
return (-1);
}
if (description != NULL) {
/*
* We have a description for this interface.
*/
curdev->description = malloc(strlen(description) + 1);
strcpy(curdev->description, description);
curdev->description = strdup(description);
if (curdev->description == NULL) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"malloc: %s", pcap_strerror(errno));
free(curdev->name);
free(curdev);
return (-1);
}
} else {
/*
* We don't.
@ -357,6 +411,8 @@ add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
if (curaddr->netmask == NULL) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"malloc: %s", pcap_strerror(errno));
if (curaddr->addr != NULL)
free(curaddr->addr);
free(curaddr);
return (-1);
}
@ -368,6 +424,10 @@ add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
if (curaddr->broadaddr == NULL) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"malloc: %s", pcap_strerror(errno));
if (curaddr->netmask != NULL)
free(curaddr->netmask);
if (curaddr->addr != NULL)
free(curaddr->addr);
free(curaddr);
return (-1);
}
@ -379,6 +439,12 @@ add_addr_to_iflist(pcap_if_t **alldevs, const char *name, u_int flags,
if (curaddr->dstaddr == NULL) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"malloc: %s", pcap_strerror(errno));
if (curaddr->broadaddr != NULL)
free(curaddr->broadaddr);
if (curaddr->netmask != NULL)
free(curaddr->netmask);
if (curaddr->addr != NULL)
free(curaddr->addr);
free(curaddr);
return (-1);
}
@ -527,7 +593,7 @@ pcap_lookupnet(device, netp, maskp, errbuf)
register char *errbuf;
{
register int fd;
register struct sockaddr_in *sin;
register struct sockaddr_in *sin4;
struct ifreq ifr;
/*
@ -571,8 +637,8 @@ pcap_lookupnet(device, netp, maskp, errbuf)
(void)close(fd);
return (-1);
}
sin = (struct sockaddr_in *)&ifr.ifr_addr;
*netp = sin->sin_addr.s_addr;
sin4 = (struct sockaddr_in *)&ifr.ifr_addr;
*netp = sin4->sin_addr.s_addr;
if (ioctl(fd, SIOCGIFNETMASK, (char *)&ifr) < 0) {
(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
"SIOCGIFNETMASK: %s: %s", device, pcap_strerror(errno));
@ -580,7 +646,7 @@ pcap_lookupnet(device, netp, maskp, errbuf)
return (-1);
}
(void)close(fd);
*maskp = sin->sin_addr.s_addr;
*maskp = sin4->sin_addr.s_addr;
if (*maskp == 0) {
if (IN_CLASSA(*netp))
*maskp = IN_CLASSA_NET;

8
contrib/libpcap/nametoaddr.c
View File

@ -24,7 +24,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/nametoaddr.c,v 1.77.2.3 2005/04/20 11:13:51 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/nametoaddr.c,v 1.77.2.4 2007/06/11 09:52:05 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -276,7 +276,7 @@ pcap_nametoproto(const char *str)
#include "ethertype.h"
struct eproto {
char *s;
const char *s;
u_short p;
};
@ -388,7 +388,7 @@ __pcap_atodn(const char *s, bpf_u_int32 *addr)
u_int node, area;
if (sscanf((char *)s, "%d.%d", &area, &node) != 2)
if (sscanf(s, "%d.%d", &area, &node) != 2)
bpf_error("malformed decnet address '%s'", s);
*addr = (area << AREASHIFT) & AREAMASK;
@ -474,7 +474,7 @@ pcap_ether_hostton(const char *name)
u_char a[6];
ap = NULL;
if (ether_hostton((char *)name, (struct ether_addr *)a) == 0) {
if (ether_hostton(name, (struct ether_addr *)a) == 0) {
ap = (u_char *)malloc(6);
if (ap != NULL)
memcpy((char *)ap, (char *)a, 6);

40
contrib/libpcap/optimize.c
View File

@ -22,7 +22,7 @@
*/
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/optimize.c,v 1.85 2005/04/04 08:42:18 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/optimize.c,v 1.85.2.3 2007/09/12 21:29:45 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -624,7 +624,7 @@ fold_op(s, v0, v1)
struct stmt *s;
int v0, v1;
{
bpf_int32 a, b;
bpf_u_int32 a, b;
a = vmap[v0].const_val;
b = vmap[v1].const_val;
@ -1823,9 +1823,9 @@ intern_blocks(root)
{
struct block *p;
int i, j;
int done;
int done1; /* don't shadow global */
top:
done = 1;
done1 = 1;
for (i = 0; i < n_blocks; ++i)
blocks[i]->link = 0;
@ -1849,15 +1849,15 @@ intern_blocks(root)
if (JT(p) == 0)
continue;
if (JT(p)->link) {
done = 0;
done1 = 0;
JT(p) = JT(p)->link;
}
if (JF(p)->link) {
done = 0;
done1 = 0;
JF(p) = JF(p)->link;
}
}
if (!done)
if (!done1)
goto top;
}
@ -1972,7 +1972,7 @@ opt_init(root)
*/
unMarkAll();
n = count_blocks(root);
blocks = (struct block **)malloc(n * sizeof(*blocks));
blocks = (struct block **)calloc(n, sizeof(*blocks));
if (blocks == NULL)
bpf_error("malloc");
unMarkAll();
@ -1980,14 +1980,14 @@ opt_init(root)
number_blks_r(root);
n_edges = 2 * n_blocks;
edges = (struct edge **)malloc(n_edges * sizeof(*edges));
edges = (struct edge **)calloc(n_edges, sizeof(*edges));
if (edges == NULL)
bpf_error("malloc");
/*
* The number of levels is bounded by the number of nodes.
*/
levels = (struct block **)malloc(n_blocks * sizeof(*levels));
levels = (struct block **)calloc(n_blocks, sizeof(*levels));
if (levels == NULL)
bpf_error("malloc");
@ -2034,8 +2034,8 @@ opt_init(root)
* we'll need.
*/
maxval = 3 * max_stmts;
vmap = (struct vmapinfo *)malloc(maxval * sizeof(*vmap));
vnode_base = (struct valnode *)malloc(maxval * sizeof(*vnode_base));
vmap = (struct vmapinfo *)calloc(maxval, sizeof(*vmap));
vnode_base = (struct valnode *)calloc(maxval, sizeof(*vnode_base));
if (vmap == NULL || vnode_base == NULL)
bpf_error("malloc");
}
@ -2124,7 +2124,7 @@ convert_code_r(p)
{
int i;
int jt, jf;
char *ljerr = "%s for block-local relative jump: off=%d";
const char *ljerr = "%s for block-local relative jump: off=%d";
#if 0
printf("code=%x off=%d %x %x\n", src->s.code,
@ -2216,6 +2216,20 @@ convert_code_r(p)
/*
* Convert flowgraph intermediate representation to the
* BPF array representation. Set *lenp to the number of instructions.
*
* This routine does *NOT* leak the memory pointed to by fp. It *must
* not* do free(fp) before returning fp; doing so would make no sense,
* as the BPF array pointed to by the return value of icode_to_fcode()
* must be valid - it's being returned for use in a bpf_program structure.
*
* If it appears that icode_to_fcode() is leaking, the problem is that
* the program using pcap_compile() is failing to free the memory in
* the BPF program when it's done - the leak is in the program, not in
* the routine that happens to be allocating the memory. (By analogy, if
* a program calls fopen() without ever calling fclose() on the FILE *,
* it will leak the FILE structure; the leak is not in fopen(), it's in
* the program.) Change the program to use pcap_freecode() when it's
* done with the filter program. See the pcap man page.
*/
struct bpf_insn *
icode_to_fcode(root, lenp)

12
contrib/libpcap/packaging/pcap.spec
View File

@ -1,5 +1,5 @@
%define prefix /usr
%define version 0.8
%define version 0.9.4
Summary: packet capture library
Name: libpcap
@ -7,12 +7,12 @@ Version: %version
Release: 1
Group: Development/Libraries
Copyright: BSD
Source: libpcap-0.8.tar.gz
Source: libpcap-0.9.4.tar.gz
BuildRoot: /tmp/%{name}-buildroot
URL: http://www.tcpdump.org
%description
Packet-capture library LIBPCAP 0.8
Packet-capture library LIBPCAP 0.9.4
Now maintained by "The Tcpdump Group"
See http://www.tcpdump.org
Please send inquiries/comments/reports to tcpdump-workers@tcpdump.org
@ -35,9 +35,9 @@ mkdir -p $RPM_BUILD_ROOT/usr/include/net
mkdir -p $RPM_BUILD_ROOT/usr/man/man3
make install DESTDIR=$RPM_BUILD_ROOT mandir=/usr/share/man
cd $RPM_BUILD_ROOT/usr/lib
V1=`echo 0.8 | sed 's/\\.[^\.]*$//g'`
V2=`echo 0.8 | sed 's/\\.[^\.]*\.[^\.]*$//g'`
ln -sf libpcap.so.0.8 libpcap.so.$V1
V1=`echo 0.9.4 | sed 's/\\.[^\.]*$//g'`
V2=`echo 0.9.4 | sed 's/\\.[^\.]*\.[^\.]*$//g'`
ln -sf libpcap.so.0.9.4 libpcap.so.$V1
if test "$V2" -ne "$V1"; then
ln -sf libpcap.so.$V1 libpcap.so.$V2
ln -sf libpcap.so.$V2 libpcap.so

65
contrib/libpcap/packaging/pcap.spec.in Normal file
View File

@ -0,0 +1,65 @@
%define prefix /usr
%define version @VERSION@
Summary: packet capture library
Name: libpcap
Version: %version
Release: 1
Group: Development/Libraries
Copyright: BSD
Source: @NAME@.tar.gz
BuildRoot: /tmp/%{name}-buildroot
URL: http://www.tcpdump.org
%description
Packet-capture library LIBPCAP @VERSION@
Now maintained by "The Tcpdump Group"
See http://www.tcpdump.org
Please send inquiries/comments/reports to tcpdump-workers@tcpdump.org
%prep
%setup
%post
ldconfig
%build
CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%prefix
make
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/usr/{lib,include}
mkdir -p $RPM_BUILD_ROOT/usr/share/man
mkdir -p $RPM_BUILD_ROOT/usr/include/net
mkdir -p $RPM_BUILD_ROOT/usr/man/man3
make install DESTDIR=$RPM_BUILD_ROOT mandir=/usr/share/man
cd $RPM_BUILD_ROOT/usr/lib
V1=`echo @VERSION@ | sed 's/\\.[^\.]*$//g'`
V2=`echo @VERSION@ | sed 's/\\.[^\.]*\.[^\.]*$//g'`
ln -sf libpcap.so.@VERSION@ libpcap.so.$V1
if test "$V2" -ne "$V1"; then
ln -sf libpcap.so.$V1 libpcap.so.$V2
ln -sf libpcap.so.$V2 libpcap.so
else
ln -sf libpcap.so.$V1 libpcap.so
fi
#install -m 755 -o root libpcap.a $RPM_BUILD_ROOT/usr/lib
#install -m 644 -o root pcap.3 $RPM_BUILD_ROOT/usr/man/man3
#install -m 644 -o root pcap.h $RPM_BUILD_ROOT/usr/include
#install -m 644 -o root pcap-bpf.h $RPM_BUILD_ROOT/usr/include/net
#install -m 644 -o root pcap-namedb.h $RPM_BUILD_ROOT/usr/include
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%doc LICENSE CHANGES INSTALL.txt README.linux TODO VERSION CREDITS packaging/pcap.spec
/usr/lib/libpcap.a
/usr/share/man/man3/*
/usr/include/pcap.h
/usr/include/pcap-bpf.h
/usr/include/pcap-namedb.h
/usr/lib/libpcap.so*

34
contrib/libpcap/pcap-bpf.c
View File

@ -20,7 +20,7 @@
*/
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap-bpf.c,v 1.86.2.8 2005/07/10 10:55:31 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/pcap-bpf.c,v 1.86.2.12 2007/06/15 17:57:27 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -523,8 +523,12 @@ static inline int
bpf_open(pcap_t *p, char *errbuf)
{
int fd;
#ifdef HAVE_CLONING_BPF
static const char device[] = "/dev/bpf";
#else
int n = 0;
char device[sizeof "/dev/bpf0000000000"];
#endif
#ifdef _AIX
/*
@ -536,6 +540,12 @@ bpf_open(pcap_t *p, char *errbuf)
return (-1);
#endif
#ifdef HAVE_CLONING_BPF
if ((fd = open(device, O_RDWR)) == -1 &&
(errno != EACCES || (fd = open(device, O_RDONLY)) == -1))
snprintf(errbuf, PCAP_ERRBUF_SIZE,
"(cannot open device) %s: %s", device, pcap_strerror(errno));
#else
/*
* Go through all the minors and find one that isn't in use.
*/
@ -566,6 +576,7 @@ bpf_open(pcap_t *p, char *errbuf)
if (fd < 0)
snprintf(errbuf, PCAP_ERRBUF_SIZE, "(no devices found) %s: %s",
device, pcap_strerror(errno));
#endif
return (fd);
}
@ -746,7 +757,7 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
u_int i;
int is_ethernet;
bdl.bfl_list = (u_int *) malloc(sizeof(u_int) * bdl.bfl_len + 1);
bdl.bfl_list = (u_int *) malloc(sizeof(u_int) * (bdl.bfl_len + 1));
if (bdl.bfl_list == NULL) {
(void)snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s",
pcap_strerror(errno));
@ -1091,9 +1102,22 @@ pcap_setfilter_bpf(pcap_t *p, struct bpf_program *fp)
static int
pcap_setdirection_bpf(pcap_t *p, pcap_direction_t d)
{
#ifdef BIOCSSEESENT
#if defined(BIOCSDIRECTION)
u_int direction;
direction = (d == PCAP_D_IN) ? BPF_D_IN :
((d == PCAP_D_OUT) ? BPF_D_OUT : BPF_D_INOUT);
if (ioctl(p->fd, BIOCSDIRECTION, &direction) == -1) {
(void) snprintf(p->errbuf, sizeof(p->errbuf),
"Cannot set direction to %s: %s",
(d == PCAP_D_IN) ? "PCAP_D_IN" :
((d == PCAP_D_OUT) ? "PCAP_D_OUT" : "PCAP_D_INOUT"),
strerror(errno));
return (-1);
}
return (0);
#elif defined(BIOCSSEESENT)
u_int seesent;
#endif
/*
* We don't support PCAP_D_OUT.
@ -1103,7 +1127,7 @@ pcap_setdirection_bpf(pcap_t *p, pcap_direction_t d)
"Setting direction to PCAP_D_OUT is not supported on BPF");
return -1;
}
#ifdef BIOCSSEESENT
seesent = (d == PCAP_D_INOUT);
if (ioctl(p->fd, BIOCSSEESENT, &seesent) == -1) {
(void) snprintf(p->errbuf, sizeof(p->errbuf),

149
contrib/libpcap/pcap-bpf.h
View File

@ -37,7 +37,7 @@
*
* @(#)bpf.h 7.1 (Berkeley) 5/7/91
*
* @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.34.2.6 2005/08/13 22:29:47 hannes Exp $ (LBL)
* @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.34.2.24 2007/09/19 02:52:12 guy Exp $ (LBL)
*/
/*
@ -132,7 +132,7 @@ struct bpf_version {
#define DLT_AX25 3 /* Amateur Radio AX.25 */
#define DLT_PRONET 4 /* Proteon ProNET Token Ring */
#define DLT_CHAOS 5 /* Chaos */
#define DLT_IEEE802 6 /* IEEE 802 Networks */
#define DLT_IEEE802 6 /* 802.5 Token Ring */
#define DLT_ARCNET 7 /* ARCNET, with BSD-style header */
#define DLT_SLIP 8 /* Serial Line IP */
#define DLT_PPP 9 /* Point-to-point Protocol */
@ -246,12 +246,14 @@ struct bpf_version {
* OpenBSD DLT_LOOP, for loopback devices; it's like DLT_NULL, except
* that the AF_ type in the link-layer header is in network byte order.
*
* OpenBSD defines it as 12, but that collides with DLT_RAW, so we
* define it as 108 here. If OpenBSD picks up this file, it should
* define DLT_LOOP as 12 in its version, as per the comment above -
* and should not use 108 as a DLT_ value.
* DLT_LOOP is 12 in OpenBSD, but that's DLT_RAW in other OSes, so
* we don't use 12 for it in OSes other than OpenBSD.
*/
#ifdef __OpenBSD__
#define DLT_LOOP 12
#else
#define DLT_LOOP 108
#endif
/*
* Encapsulated packets for IPsec; DLT_ENC is 13 in OpenBSD, but that's
@ -605,6 +607,141 @@ struct bpf_version {
#define DLT_JUNIPER_FRELAY 180
#define DLT_JUNIPER_CHDLC 181
/*
* Multi Link Frame Relay (FRF.16)
*/
#define DLT_MFR 182
/*
* Juniper-private data link type, as per request from
* Hannes Gredler <hannes@juniper.net>.
* The DLT_ is used for internal communication with a
* voice Adapter Card (PIC)
*/
#define DLT_JUNIPER_VP 183
/*
* Arinc 429 frames.
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Every frame contains a 32bit A429 label.
* More documentation on Arinc 429 can be found at
* http://www.condoreng.com/support/downloads/tutorials/ARINCTutorial.pdf
*/
#define DLT_A429 184
/*
* Arinc 653 Interpartition Communication messages.
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Please refer to the A653-1 standard for more information.
*/
#define DLT_A653_ICM 185
/*
* USB packets, beginning with a USB setup header; requested by
* Paolo Abeni <paolo.abeni@email.it>.
*/
#define DLT_USB 186
/*
* Bluetooth HCI UART transport layer (part H:4); requested by
* Paolo Abeni.
*/
#define DLT_BLUETOOTH_HCI_H4 187
/*
* IEEE 802.16 MAC Common Part Sublayer; requested by Maria Cruz
* <cruz_petagay@bah.com>.
*/
#define DLT_IEEE802_16_MAC_CPS 188
/*
* USB packets, beginning with a Linux USB header; requested by
* Paolo Abeni <paolo.abeni@email.it>.
*/
#define DLT_USB_LINUX 189
/*
* Controller Area Network (CAN) v. 2.0B packets.
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Used to dump CAN packets coming from a CAN Vector board.
* More documentation on the CAN v2.0B frames can be found at
* http://www.can-cia.org/downloads/?269
*/
#define DLT_CAN20B 190
/*
* IEEE 802.15.4, with address fields padded, as is done by Linux
* drivers; requested by Juergen Schimmer.
*/
#define DLT_IEEE802_15_4_LINUX 191
/*
* Per Packet Information encapsulated packets.
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
*/
#define DLT_PPI 192
/*
* Header for 802.16 MAC Common Part Sublayer plus a radiotap radio header;
* requested by Charles Clancy.
*/
#define DLT_IEEE802_16_MAC_CPS_RADIO 193
/*
* Juniper-private data link type, as per request from
* Hannes Gredler <hannes@juniper.net>.
* The DLT_ is used for internal communication with a
* integrated service module (ISM).
*/
#define DLT_JUNIPER_ISM 194
/*
* IEEE 802.15.4, exactly as it appears in the spec (no padding, no
* nothing); requested by Mikko Saarnivala <mikko.saarnivala@sensinode.com>.
*/
#define DLT_IEEE802_15_4 195
/*
* Various link-layer types, with a pseudo-header, for SITA
* (http://www.sita.aero/); requested by Fulko Hew (fulko.hew@gmail.com).
*/
#define DLT_SITA 196
/*
* Various link-layer types, with a pseudo-header, for Endace DAG cards;
* encapsulates Endace ERF records. Requested by Stephen Donnelly
* <stephen@endace.com>.
*/
#define DLT_ERF 197
/*
* Special header prepended to Ethernet packets when capturing from a
* u10 Networks board. Requested by Phil Mulholland
* <phil@u10networks.com>.
*/
#define DLT_RAIF1 198
/*
* IPMB packet for IPMI, beginning with the I2C slave address, followed
* by the netFn and LUN, etc.. Requested by Chanthy Toeung
* <chanthy.toeung@ca.kontron.com>.
*/
#define DLT_IPMB 199
/*
* Juniper-private data link type, as per request from
* Hannes Gredler <hannes@juniper.net>.
* The DLT_ is used for capturing data on a secure tunnel interface.
*/
#define DLT_JUNIPER_ST 200
/*
* Bluetooth HCI UART transport layer (part H:4), with pseudo-header
* that includes direction information; requested by Paolo Abeni.
*/
#define DLT_BLUETOOTH_HCI_H4_WITH_PHDR 201
/*
* The instruction encodings.
*/

375
contrib/libpcap/pcap-dag.c
View File

@ -17,7 +17,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap-dag.c,v 1.21.2.3 2005/07/10 22:09:34 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/pcap-dag.c,v 1.21.2.7 2007/06/22 06:43:58 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -46,11 +46,21 @@ struct rtentry; /* declarations in <net/if.h> */
#include "dagnew.h"
#include "dagapi.h"
#define MIN_DAG_SNAPLEN 12
#define MAX_DAG_SNAPLEN 2040
#define ATM_CELL_SIZE 52
#define ATM_HDR_SIZE 4
/*
* A header containing additional MTP information.
*/
#define MTP2_SENT_OFFSET 0 /* 1 byte */
#define MTP2_ANNEX_A_USED_OFFSET 1 /* 1 byte */
#define MTP2_LINK_NUMBER_OFFSET 2 /* 2 bytes */
#define MTP2_HDR_LEN 4 /* length of the header */
#define MTP2_ANNEX_A_NOT_USED 0
#define MTP2_ANNEX_A_USED 1
#define MTP2_ANNEX_A_USED_UNKNOWN 2
/* SunATM pseudo header */
struct sunatm_hdr {
unsigned char flags; /* destination and traffic type */
@ -70,19 +80,6 @@ static const unsigned short endian_test_word = 0x0100;
#define IS_BIGENDIAN() (*((unsigned char *)&endian_test_word))
/*
* Swap byte ordering of unsigned long long timestamp on a big endian
* machine.
*/
#define SWAP_TS(ull) ((ull & 0xff00000000000000LL) >> 56) | \
((ull & 0x00ff000000000000LL) >> 40) | \
((ull & 0x0000ff0000000000LL) >> 24) | \
((ull & 0x000000ff00000000LL) >> 8) | \
((ull & 0x00000000ff000000LL) << 8) | \
((ull & 0x0000000000ff0000LL) << 24) | \
((ull & 0x000000000000ff00LL) << 40) | \
((ull & 0x00000000000000ffLL) << 56)
#ifdef DAG_ONLY
/* This code is required when compiling for a DAG device only. */
@ -93,6 +90,10 @@ static const unsigned short endian_test_word = 0x0100;
#define dag_platform_finddevs pcap_platform_finddevs
#endif /* DAG_ONLY */
#define MAX_DAG_PACKET 65536
static unsigned char TempPkt[MAX_DAG_PACKET];
static int dag_setfilter(pcap_t *p, struct bpf_program *fp);
static int dag_stats(pcap_t *p, struct pcap_stat *ps);
static int dag_set_datalink(pcap_t *p, int dlt);
@ -139,9 +140,6 @@ dag_platform_close(pcap_t *p)
#endif /* HAVE_DAG_STREAMS_API */
if(dag_close(p->fd) < 0)
fprintf(stderr,"dag_close: %s\n", strerror(errno));
#ifdef linux
free(p->md.device);
#endif
}
delete_pcap_dag(p);
/* Note: don't need to call close(p->fd) here as dag_close(p->fd) does this. */
@ -222,7 +220,7 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
* If non-block is specified it will return immediately. The user
* is then responsible for efficiency.
*/
p->md.dag_mem_top = dag_advance_stream(p->fd, p->md.dag_stream, (void**)&(p->md.dag_mem_bottom));
p->md.dag_mem_top = dag_advance_stream(p->fd, p->md.dag_stream, &(p->md.dag_mem_bottom));
#else
/* dag_offset does not support timeouts */
p->md.dag_mem_top = dag_offset(p->fd, &(p->md.dag_mem_bottom), flags);
@ -282,8 +280,14 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
p->md.dag_mem_bottom += rlen;
switch(header->type) {
case TYPE_AAL5:
case TYPE_ATM:
#ifdef TYPE_AAL5
case TYPE_AAL5:
if (header->type == TYPE_AAL5) {
packet_len = ntohs(header->wlen);
caplen = rlen - dag_record_size;
}
#endif
#ifdef TYPE_MC_ATM
case TYPE_MC_ATM:
if (header->type == TYPE_MC_ATM) {
@ -299,10 +303,7 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
dp+=4;
}
#endif
if (header->type == TYPE_AAL5) {
packet_len = ntohs(header->wlen);
caplen = rlen - dag_record_size;
} else if(header->type == TYPE_ATM) {
if (header->type == TYPE_ATM) {
caplen = packet_len = ATM_CELL_SIZE;
}
if (p->linktype == DLT_SUNATM) {
@ -326,6 +327,9 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
}
break;
#ifdef TYPE_DSM_COLOR_ETH
case TYPE_DSM_COLOR_ETH:
#endif
#ifdef TYPE_COLOR_ETH
case TYPE_COLOR_ETH:
#endif
@ -338,6 +342,9 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
}
dp += 2;
break;
#ifdef TYPE_DSM_COLOR_HDLC_POS
case TYPE_DSM_COLOR_HDLC_POS:
#endif
#ifdef TYPE_COLOR_HDLC_POS
case TYPE_COLOR_HDLC_POS:
#endif
@ -349,6 +356,9 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
caplen = packet_len;
}
break;
#ifdef TYPE_COLOR_MC_HDLC_POS
case TYPE_COLOR_MC_HDLC_POS:
#endif
#ifdef TYPE_MC_HDLC
case TYPE_MC_HDLC:
packet_len = ntohs(header->wlen);
@ -357,9 +367,27 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
if (caplen > packet_len) {
caplen = packet_len;
}
/* jump the MC_HDLC_HEADER */
dp += 4;
if (p->linktype == DLT_MTP2_WITH_PHDR) {
/* Add the MTP2 Pseudo Header */
caplen += MTP2_HDR_LEN;
packet_len += MTP2_HDR_LEN;
TempPkt[MTP2_SENT_OFFSET] = 0;
TempPkt[MTP2_ANNEX_A_USED_OFFSET] = MTP2_ANNEX_A_USED_UNKNOWN;
*(TempPkt+MTP2_LINK_NUMBER_OFFSET) = ((header->rec.mc_hdlc.mc_header>>16)&0x01);
*(TempPkt+MTP2_LINK_NUMBER_OFFSET+1) = ((header->rec.mc_hdlc.mc_header>>24)&0xff);
memcpy(TempPkt+MTP2_HDR_LEN, dp, caplen);
dp = TempPkt;
}
break;
#endif
default:
/* Unhandled ERF type.
* Ignore rather than generating error
*/
continue;
}
if (caplen > p->snapshot)
@ -377,6 +405,21 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
case TYPE_COLOR_ETH:
break;
#endif
#ifdef TYPE_DSM_COLOR_HDLC_POS
/* in this type the color value overwrites the lctr */
case TYPE_DSM_COLOR_HDLC_POS:
break;
#endif
#ifdef TYPE_DSM_COLOR_ETH
/* in this type the color value overwrites the lctr */
case TYPE_DSM_COLOR_ETH:
break;
#endif
#ifdef TYPE_COLOR_MC_HDLC_POS
case TYPE_COLOR_MC_HDLC_POS:
break;
#endif
default:
if (header->lctr) {
if (p->md.stat.ps_drop > (UINT_MAX - ntohs(header->lctr))) {
@ -394,7 +437,7 @@ dag_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
register unsigned long long ts;
if (IS_BIGENDIAN()) {
ts = SWAP_TS(header->ts);
ts = SWAPLL(header->ts);
} else {
ts = header->ts;
}
@ -445,6 +488,9 @@ dag_inject(pcap_t *p, const void *buf _U_, size_t size _U_)
* cards are always promiscuous. The to_ms parameter is also ignored as it is
* not supported in hardware.
*
* snaplen is now also ignored, until we get per-stream slen support. Set
* slen with approprite DAG tool BEFORE pcap_open_live().
*
* See also pcap(3).
*/
pcap_t *
@ -455,7 +501,7 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
char *s;
int n;
daginf_t* daginf;
char * newDev;
char * newDev = NULL;
#ifdef HAVE_DAG_STREAMS_API
uint32_t mindata;
struct timeval maxwait;
@ -478,9 +524,12 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
memset(handle, 0, sizeof(*handle));
newDev = (char *)malloc(strlen(device) + 16);
#ifdef HAVE_DAG_STREAMS_API
newDev = (char *)malloc(strlen(device) + 16);
if (newDev == NULL) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "Can't allocate string for device name: %s\n", pcap_strerror(errno));
goto fail;
}
/* Parse input name to get dag device and stream number if provided */
if (dag_parse_name(device, newDev, strlen(device) + 16, &handle->md.dag_stream) < 0) {
@ -494,18 +543,15 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
goto fail;
}
#else
if (strstr(device, "/dev") == NULL) {
newDev[0] = '\0';
strcat(newDev, "/dev/");
strcat(newDev,device);
if (strncmp(device, "/dev/", 5) != 0) {
newDev = (char *)malloc(strlen(device) + 5);
if (newDev == NULL) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "Can't allocate string for device name: %s\n", pcap_strerror(errno));
goto fail;
}
strcpy(newDev, "/dev/");
strcat(newDev, device);
device = newDev;
} else {
device = strdup(device);
}
if (device == NULL) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "str_dup: %s\n", pcap_strerror(errno));
goto fail;
}
#endif /* HAVE_DAG_STREAMS_API */
@ -519,7 +565,7 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
/* Open requested stream. Can fail if already locked or on error */
if (dag_attach_stream(handle->fd, handle->md.dag_stream, 0, 0) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_attach_stream: %s\n", pcap_strerror(errno));
goto fail;
goto failclose;
}
/* Set up default poll parameters for stream
@ -528,7 +574,7 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
if (dag_get_stream_poll(handle->fd, handle->md.dag_stream,
&mindata, &maxwait, &poll) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_get_stream_poll: %s\n", pcap_strerror(errno));
goto fail;
goto faildetach;
}
/* Amount of data to collect in Bytes before calling callbacks.
@ -546,18 +592,25 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
if (dag_set_stream_poll(handle->fd, handle->md.dag_stream,
mindata, &maxwait, &poll) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_set_stream_poll: %s\n", pcap_strerror(errno));
goto fail;
goto faildetach;
}
#else
if((handle->md.dag_mem_base = dag_mmap(handle->fd)) == MAP_FAILED) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,"dag_mmap %s: %s\n", device, pcap_strerror(errno));
goto fail;
goto failclose;
}
#endif /* HAVE_DAG_STREAMS_API */
/* XXX Not calling dag_configure() to set slen; this is unsafe in
* multi-stream environments as the gpp config is global.
* Once the firmware provides 'per-stream slen' this can be supported
* again via the Config API without side-effects */
#if 0
/* set the card snap length to the specified snaplen parameter */
/* This is a really bad idea, as different cards have different
* valid slen ranges. Should fix in Config API. */
if (snaplen == 0 || snaplen > MAX_DAG_SNAPLEN) {
snaplen = MAX_DAG_SNAPLEN;
} else if (snaplen < MIN_DAG_SNAPLEN) {
@ -568,18 +621,19 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
if(dag_configure(handle->fd, conf) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,"dag_configure %s: %s\n", device, pcap_strerror(errno));
goto fail;
goto faildetach;
}
#endif
#ifdef HAVE_DAG_STREAMS_API
if(dag_start_stream(handle->fd, handle->md.dag_stream) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_start_stream %s: %s\n", device, pcap_strerror(errno));
goto fail;
goto faildetach;
}
#else
if(dag_start(handle->fd) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "dag_start %s: %s\n", device, pcap_strerror(errno));
goto fail;
goto failclose;
}
#endif /* HAVE_DAG_STREAMS_API */
@ -607,7 +661,7 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
} else {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"pcap_open_live %s: bad ERF_FCS_BITS value (%d) in environment\n", device, n);
goto fail;
goto failstop;
}
}
@ -617,14 +671,14 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
handle->linktype = -1;
if (dag_get_datalink(handle) < 0) {
strcpy(ebuf, handle->errbuf);
goto fail;
goto failstop;
}
handle->bufsize = 0;
if (new_pcap_dag(handle) < 0) {
snprintf(ebuf, PCAP_ERRBUF_SIZE, "new_pcap_dag %s: %s\n", device, pcap_strerror(errno));
goto fail;
goto failstop;
}
/*
@ -632,13 +686,9 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
*/
handle->selectable_fd = -1;
#ifdef linux
handle->md.device = (char *)device;
handle->md.timeout = to_ms;
#else
free((char *)device);
device = NULL;
#endif
if (newDev != NULL) {
free((char *)newDev);
}
handle->read_op = dag_read;
handle->inject_op = dag_inject;
@ -649,9 +699,38 @@ dag_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebu
handle->setnonblock_op = dag_setnonblock;
handle->stats_op = dag_stats;
handle->close_op = dag_platform_close;
handle->md.stat.ps_drop = 0;
handle->md.stat.ps_recv = 0;
return handle;
#ifdef HAVE_DAG_STREAMS_API
failstop:
if (handle != NULL) {
if (dag_stop_stream(handle->fd, handle->md.dag_stream) < 0)
fprintf(stderr,"dag_stop_stream: %s\n", strerror(errno));
}
faildetach:
if (handle != NULL) {
if (dag_detach_stream(handle->fd, handle->md.dag_stream) < 0)
fprintf(stderr,"dag_detach_stream: %s\n", strerror(errno));
}
#else
failstop:
if (handle != NULL) {
if (dag_stop(p->fd) < 0)
fprintf(stderr,"dag_stop: %s\n", strerror(errno));
}
#endif /* HAVE_DAG_STREAMS_API */
failclose:
if (handle != NULL) {
if (dag_close(handle->fd) < 0)
fprintf(stderr,"dag_close: %s\n", strerror(errno));
}
if (handle != NULL)
delete_pcap_dag(handle);
fail:
if (newDev != NULL) {
free((char *)newDev);
@ -806,81 +885,123 @@ dag_setnonblock(pcap_t *p, int nonblock, char *errbuf)
static int
dag_get_datalink(pcap_t *p)
{
int daglinktype;
int index=0;
uint8_t types[255];
if (p->dlt_list == NULL && (p->dlt_list = malloc(2*sizeof(*(p->dlt_list)))) == NULL) {
memset(types, 0, 255);
if (p->dlt_list == NULL && (p->dlt_list = malloc(255*sizeof(*(p->dlt_list)))) == NULL) {
(void)snprintf(p->errbuf, sizeof(p->errbuf), "malloc: %s", pcap_strerror(errno));
return (-1);
}
/* Check the type through a dagapi call. */
daglinktype = dag_linktype(p->fd);
switch(daglinktype) {
case TYPE_HDLC_POS:
case TYPE_COLOR_HDLC_POS:
if (p->dlt_list != NULL) {
p->dlt_count = 2;
p->dlt_list[0] = DLT_CHDLC;
p->dlt_list[1] = DLT_PPP_SERIAL;
p->dlt_list[2] = DLT_FRELAY;
}
p->linktype = DLT_CHDLC;
break;
case TYPE_ETH:
case TYPE_COLOR_ETH:
/*
* This is (presumably) a real Ethernet capture; give it a
* link-layer-type list with DLT_EN10MB and DLT_DOCSIS, so
* that an application can let you choose it, in case you're
* capturing DOCSIS traffic that a Cisco Cable Modem
* Termination System is putting out onto an Ethernet (it
* doesn't put an Ethernet header onto the wire, it puts raw
* DOCSIS frames out on the wire inside the low-level
* Ethernet framing).
*/
if (p->dlt_list != NULL) {
p->dlt_count = 2;
p->dlt_list[0] = DLT_EN10MB;
p->dlt_list[1] = DLT_DOCSIS;
}
p->linktype = DLT_EN10MB;
break;
case TYPE_AAL5:
case TYPE_ATM:
case TYPE_MC_ATM:
case TYPE_MC_AAL5:
if (p->dlt_list != NULL) {
p->dlt_count = 2;
p->dlt_list[0] = DLT_ATM_RFC1483;
p->dlt_list[1] = DLT_SUNATM;
}
p->linktype = DLT_ATM_RFC1483;
break;
case TYPE_MC_HDLC:
if (p->dlt_list != NULL) {
p->dlt_count = 4;
p->dlt_list[0] = DLT_CHDLC;
p->dlt_list[1] = DLT_PPP_SERIAL;
p->dlt_list[2] = DLT_FRELAY;
p->dlt_list[3] = DLT_MTP2;
}
p->linktype = DLT_CHDLC;
break;
case TYPE_LEGACY:
p->linktype = DLT_NULL;
break;
default:
snprintf(p->errbuf, sizeof(p->errbuf), "unknown DAG linktype %d\n", daglinktype);
return (-1);
p->linktype = 0;
#ifdef HAVE_DAG_GET_ERF_TYPES
/* Get list of possible ERF types for this card */
if (dag_get_erf_types(p->fd, types, 255) < 0) {
snprintf(p->errbuf, sizeof(p->errbuf), "dag_get_erf_types: %s", pcap_strerror(errno));
return (-1);
}
while (types[index]) {
#else
/* Check the type through a dagapi call. */
types[index] = dag_linktype(p->fd);
{
#endif
switch(types[index]) {
case TYPE_HDLC_POS:
#ifdef TYPE_COLOR_HDLC_POS
case TYPE_COLOR_HDLC_POS:
#endif
#ifdef TYPE_DSM_COLOR_HDLC_POS
case TYPE_DSM_COLOR_HDLC_POS:
#endif
if (p->dlt_list != NULL) {
p->dlt_list[index++] = DLT_CHDLC;
p->dlt_list[index++] = DLT_PPP_SERIAL;
p->dlt_list[index++] = DLT_FRELAY;
}
if(!p->linktype)
p->linktype = DLT_CHDLC;
break;
case TYPE_ETH:
#ifdef TYPE_COLOR_ETH
case TYPE_COLOR_ETH:
#endif
#ifdef TYPE_DSM_COLOR_ETH
case TYPE_DSM_COLOR_ETH:
#endif
/*
* This is (presumably) a real Ethernet capture; give it a
* link-layer-type list with DLT_EN10MB and DLT_DOCSIS, so
* that an application can let you choose it, in case you're
* capturing DOCSIS traffic that a Cisco Cable Modem
* Termination System is putting out onto an Ethernet (it
* doesn't put an Ethernet header onto the wire, it puts raw
* DOCSIS frames out on the wire inside the low-level
* Ethernet framing).
*/
if (p->dlt_list != NULL) {
p->dlt_list[index++] = DLT_EN10MB;
p->dlt_list[index++] = DLT_DOCSIS;
}
if(!p->linktype)
p->linktype = DLT_EN10MB;
break;
case TYPE_ATM:
#ifdef TYPE_AAL5
case TYPE_AAL5:
#endif
#ifdef TYPE_MC_ATM
case TYPE_MC_ATM:
#endif
#ifdef TYPE_MC_AAL5
case TYPE_MC_AAL5:
#endif
if (p->dlt_list != NULL) {
p->dlt_list[index++] = DLT_ATM_RFC1483;
p->dlt_list[index++] = DLT_SUNATM;
}
if(!p->linktype)
p->linktype = DLT_ATM_RFC1483;
break;
#ifdef TYPE_COLOR_MC_HDLC_POS
case TYPE_COLOR_MC_HDLC_POS:
#endif
#ifdef TYPE_MC_HDLC
case TYPE_MC_HDLC:
if (p->dlt_list != NULL) {
p->dlt_list[index++] = DLT_CHDLC;
p->dlt_list[index++] = DLT_PPP_SERIAL;
p->dlt_list[index++] = DLT_FRELAY;
p->dlt_list[index++] = DLT_MTP2;
p->dlt_list[index++] = DLT_MTP2_WITH_PHDR;
}
if(!p->linktype)
p->linktype = DLT_CHDLC;
break;
#endif
case TYPE_LEGACY:
if(!p->linktype)
p->linktype = DLT_NULL;
break;
default:
snprintf(p->errbuf, sizeof(p->errbuf), "unknown DAG linktype %d", types[index]);
return (-1);
} /* switch */
}
p->dlt_count = index;
return p->linktype;
}

10
contrib/libpcap/pcap-dlpi.c
View File

@ -70,7 +70,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap-dlpi.c,v 1.108.2.6 2005/08/13 23:15:58 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/pcap-dlpi.c,v 1.108.2.7 2006/04/04 05:33:02 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -396,6 +396,14 @@ pcap_inject_dlpi(pcap_t *p, const void *buf, size_t size)
pcap_strerror(errno));
return (-1);
}
/*
* putmsg() returns either 0 or -1; it doesn't indicate how
* many bytes were written (presumably they were all written
* or none of them were written). OpenBSD's pcap_inject()
* returns the number of bytes written, so, for API compatibility,
* we return the number of bytes we were told to write.
*/
ret = size;
#else /* no raw mode */
/*
* XXX - this is a pain, because you might have to extract

37
contrib/libpcap/pcap-int.h
View File

@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#) $Header: /tcpdump/master/libpcap/pcap-int.h,v 1.68.2.6 2005/07/07 06:56:04 guy Exp $ (LBL)
* @(#) $Header: /tcpdump/master/libpcap/pcap-int.h,v 1.68.2.11 2007/06/22 06:43:58 guy Exp $ (LBL)
*/
#ifndef pcap_int_h
@ -43,7 +43,7 @@ extern "C" {
#include <pcap.h>
#ifdef WIN32
#include <packet32.h>
#include <Packet32.h>
#endif /* WIN32 */
#ifdef MSDOS
@ -51,6 +51,19 @@ extern "C" {
#include <io.h>
#endif
/*
* Swap byte ordering of unsigned long long timestamp on a big endian
* machine.
*/
#define SWAPLL(ull) ((ull & 0xff00000000000000LL) >> 56) | \
((ull & 0x00ff000000000000LL) >> 40) | \
((ull & 0x0000ff0000000000LL) >> 24) | \
((ull & 0x000000ff00000000LL) >> 8) | \
((ull & 0x00000000ff000000LL) << 8) | \
((ull & 0x0000000000ff0000LL) << 24) | \
((ull & 0x000000000000ff00LL) << 40) | \
((ull & 0x00000000000000ffLL) << 56)
/*
* Savefile
*/
@ -88,6 +101,7 @@ struct pcap_md {
int ifindex; /* interface index of device we're bound to */
int lo_ifindex; /* interface index of the loopback device */
struct pcap *next; /* list of open promiscuous sock_packet pcaps */
u_int packets_read; /* count of packets read with recvfrom() */
#endif
#ifdef HAVE_DAG_API
@ -110,8 +124,13 @@ struct pcap_md {
/*
* Ultrix, DEC OSF/1^H^H^H^H^H^H^H^H^HDigital UNIX^H^H^H^H^H^H^H^H^H^H^H^H
* Tru64 UNIX, and NetBSD pad to make everything line up on a nice boundary.
* Tru64 UNIX, and some versions of NetBSD pad FDDI packets to make everything
* line up on a nice boundary.
*/
#ifdef __NetBSD__
#include <sys/param.h> /* needed to declare __NetBSD_Version__ */
#endif
#if defined(ultrix) || defined(__osf__) || (defined(__NetBSD__) && __NetBSD_Version__ > 106000000)
#define PCAP_FDDIPAD 3
#endif
@ -188,9 +207,13 @@ struct pcap {
};
/*
* This is a timeval as stored in disk in a dumpfile.
* This is a timeval as stored in a savefile.
* It has to use the same types everywhere, independent of the actual
* `struct timeval'
* `struct timeval'; `struct timeval' has 32-bit tv_sec values on some
* platforms and 64-bit tv_sec values on other platforms, and writing
* out native `struct timeval' values would mean files could only be
* read on systems with the same tv_sec size as the system on which
* the file was written.
*/
struct pcap_timeval {
@ -199,7 +222,7 @@ struct pcap_timeval {
};
/*
* How a `pcap_pkthdr' is actually stored in the dumpfile.
* This is a `pcap_pkthdr' as actually stored in a savefile.
*
* Do not change the format of this structure, in any way (this includes
* changes that only affect the length of fields in this structure),
@ -231,7 +254,7 @@ struct pcap_sf_pkthdr {
};
/*
* How a `pcap_pkthdr' is actually stored in dumpfiles written
* How a `pcap_pkthdr' is actually stored in savefiles written
* by some patched versions of libpcap (e.g. the ones in Red
* Hat Linux 6.1 and 6.2).
*

117
contrib/libpcap/pcap-linux.c
View File

@ -27,7 +27,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap-linux.c,v 1.110.2.6 2005/08/16 04:25:26 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/pcap-linux.c,v 1.110.2.14 2006/10/12 17:26:58 guy Exp $ (LBL)";
#endif
/*
@ -394,7 +394,16 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
*
* We can safely pass "recvfrom()" a byte count
* based on the snapshot length.
*
* If we're in cooked mode, make the snapshot length
* large enough to hold a "cooked mode" header plus
* 1 byte of packet data (so we don't pass a byte
* count of 0 to "recvfrom()").
*/
if (handle->md.cooked) {
if (handle->snapshot < SLL_HDR_LEN + 1)
handle->snapshot = SLL_HDR_LEN + 1;
}
handle->bufsize = handle->snapshot;
}
@ -517,6 +526,22 @@ pcap_read_packet(pcap_t *handle, pcap_handler callback, u_char *userdata)
#ifdef HAVE_PF_PACKET_SOCKETS
if (!handle->md.sock_packet) {
/*
* Unfortunately, there is a window between socket() and
* bind() where the kernel may queue packets from any
* interface. If we're bound to a particular interface,
* discard packets not from that interface.
*
* (If socket filters are supported, we could do the
* same thing we do when changing the filter; however,
* that won't handle packet sockets without socket
* filter support, and it's a bit more complicated.
* It would save some instructions per packet, however.)
*/
if (handle->md.ifindex != -1 &&
from.sll_ifindex != handle->md.ifindex)
return 0;
/*
* Do checks based on packet direction.
* We can only do this if we're using PF_PACKET; the
@ -657,7 +682,7 @@ pcap_read_packet(pcap_t *handle, pcap_handler callback, u_char *userdata)
if (ioctl(handle->fd, SIOCGSTAMP, &pcap_header.ts) == -1) {
snprintf(handle->errbuf, sizeof(handle->errbuf),
"ioctl: %s", pcap_strerror(errno));
"SIOCGSTAMP: %s", pcap_strerror(errno));
return -1;
}
pcap_header.caplen = caplen;
@ -695,8 +720,18 @@ pcap_read_packet(pcap_t *handle, pcap_handler callback, u_char *userdata)
* here, but it's not clear that always incrementing
* the count is more expensive than always testing a flag
* in memory.
*
* We keep the count in "md.packets_read", and use that for
* "ps_recv" if we can't get the statistics from the kernel.
* We do that because, if we *can* get the statistics from
* the kernel, we use "md.stat.ps_recv" and "md.stat.ps_drop"
* as running counts, as reading the statistics from the
* kernel resets the kernel statistics, and if we directly
* increment "md.stat.ps_recv" here, that means it will
* count packets *twice* on systems where we can get kernel
* statistics - once here, and once in pcap_stats_linux().
*/
handle->md.stat.ps_recv++;
handle->md.packets_read++;
/* Call the user supplied callback function */
callback(userdata, &pcap_header, bp);
@ -770,6 +805,23 @@ pcap_stats_linux(pcap_t *handle, struct pcap_stat *stats)
if (getsockopt(handle->fd, SOL_PACKET, PACKET_STATISTICS,
&kstats, &len) > -1) {
/*
* On systems where the PACKET_STATISTICS "getsockopt()"
* argument is supported on PF_PACKET sockets:
*
* "ps_recv" counts only packets that *passed* the
* filter, not packets that didn't pass the filter.
* This includes packets later dropped because we
* ran out of buffer space.
*
* "ps_drop" counts packets dropped because we ran
* out of buffer space. It doesn't count packets
* dropped by the interface driver. It counts only
* packets that passed the filter.
*
* Both statistics include packets not yet read from
* the kernel by libpcap, and thus not yet seen by
* the application.
*
* In "linux/net/packet/af_packet.c", at least in the
* 2.4.9 kernel, "tp_packets" is incremented for every
* packet that passes the packet filter *and* is
@ -799,6 +851,8 @@ pcap_stats_linux(pcap_t *handle, struct pcap_stat *stats)
*/
handle->md.stat.ps_recv += kstats.tp_packets;
handle->md.stat.ps_drop += kstats.tp_drops;
*stats = handle->md.stat;
return 0;
}
else
{
@ -817,21 +871,6 @@ pcap_stats_linux(pcap_t *handle, struct pcap_stat *stats)
}
#endif
/*
* On systems where the PACKET_STATISTICS "getsockopt()" argument
* is supported on PF_PACKET sockets:
*
* "ps_recv" counts only packets that *passed* the filter,
* not packets that didn't pass the filter. This includes
* packets later dropped because we ran out of buffer space.
*
* "ps_drop" counts packets dropped because we ran out of
* buffer space. It doesn't count packets dropped by the
* interface driver. It counts only packets that passed
* the filter.
*
* Both statistics include packets not yet read from the
* kernel by libpcap, and thus not yet seen by the application.
*
* On systems where the PACKET_STATISTICS "getsockopt()" argument
* is not supported on PF_PACKET sockets:
*
@ -844,8 +883,14 @@ pcap_stats_linux(pcap_t *handle, struct pcap_stat *stats)
*
* "ps_recv" doesn't include packets not yet read from
* the kernel by libpcap.
*
* We maintain the count of packets processed by libpcap in
* "md.packets_read", for reasons described in the comment
* at the end of pcap_read_packet(). We have no idea how many
* packets were dropped.
*/
*stats = handle->md.stat;
stats->ps_recv = handle->md.packets_read;
stats->ps_drop = 0;
return 0;
}
@ -917,6 +962,7 @@ pcap_setfilter_linux(pcap_t *handle, struct bpf_program *filter)
* sake of correctness I added this check.
*/
fprintf(stderr, "Warning: Filter too complex for kernel\n");
fcode.len = 0;
fcode.filter = NULL;
can_filter_in_kernel = 0;
} else
@ -1315,6 +1361,16 @@ static void map_arphrd_to_dlt(pcap_t *handle, int arptype, int cooked_ok)
//handle->md.cooked = 1;
break;
/* ARPHRD_LAPD is unofficial and randomly allocated, if reallocation
* is needed, please report it to <daniele@orlandi.com> */
#ifndef ARPHRD_LAPD
#define ARPHRD_LAPD 8445
#endif
case ARPHRD_LAPD:
/* Don't expect IP packet out of this interfaces... */
handle->linktype = DLT_LINUX_LAPD;
break;
default:
handle->linktype = -1;
break;
@ -1396,6 +1452,7 @@ live_open_new(pcap_t *handle, const char *device, int promisc,
if (handle->linktype == -1 ||
handle->linktype == DLT_LINUX_SLL ||
handle->linktype == DLT_LINUX_IRDA ||
handle->linktype == DLT_LINUX_LAPD ||
(handle->linktype == DLT_EN10MB &&
(strncmp("isdn", device, 4) == 0 ||
strncmp("isdY", device, 4) == 0))) {
@ -1449,7 +1506,8 @@ live_open_new(pcap_t *handle, const char *device, int promisc,
}
/* IrDA capture is not a real "cooked" capture,
* it's IrLAP frames, not IP packets. */
if (handle->linktype != DLT_LINUX_IRDA)
if (handle->linktype != DLT_LINUX_IRDA &&
handle->linktype != DLT_LINUX_LAPD)
handle->linktype = DLT_LINUX_SLL;
}
@ -1557,7 +1615,7 @@ iface_get_id(int fd, const char *device, char *ebuf)
if (ioctl(fd, SIOCGIFINDEX, &ifr) == -1) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"ioctl: %s", pcap_strerror(errno));
"SIOCGIFINDEX: %s", pcap_strerror(errno));
return -1;
}
@ -1774,7 +1832,7 @@ live_open_old(pcap_t *handle, const char *device, int promisc,
strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name));
if (ioctl(handle->fd, SIOCGIFFLAGS, &ifr) == -1) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"ioctl: %s", pcap_strerror(errno));
"SIOCGIFFLAGS: %s", pcap_strerror(errno));
break;
}
if ((ifr.ifr_flags & IFF_PROMISC) == 0) {
@ -1808,7 +1866,7 @@ live_open_old(pcap_t *handle, const char *device, int promisc,
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl(handle->fd, SIOCSIFFLAGS, &ifr) == -1) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"ioctl: %s",
"SIOCSIFFLAGS: %s",
pcap_strerror(errno));
break;
}
@ -1892,7 +1950,7 @@ iface_get_mtu(int fd, const char *device, char *ebuf)
if (ioctl(fd, SIOCGIFMTU, &ifr) == -1) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"ioctl: %s", pcap_strerror(errno));
"SIOCGIFMTU: %s", pcap_strerror(errno));
return -1;
}
@ -1912,7 +1970,7 @@ iface_get_arptype(int fd, const char *device, char *ebuf)
if (ioctl(fd, SIOCGIFHWADDR, &ifr) == -1) {
snprintf(ebuf, PCAP_ERRBUF_SIZE,
"ioctl: %s", pcap_strerror(errno));
"SIOCGIFHWADDR: %s", pcap_strerror(errno));
return -1;
}
@ -2149,8 +2207,13 @@ set_kernel_filter(pcap_t *handle, struct sock_fprog *fcode)
static int
reset_kernel_filter(pcap_t *handle)
{
/* setsockopt() barfs unless it get a dummy parameter */
int dummy;
/*
* setsockopt() barfs unless it get a dummy parameter.
* valgrind whines unless the value is initialized,
* as it has no idea that setsockopt() ignores its
* parameter.
*/
int dummy = 0;
return setsockopt(handle->fd, SOL_SOCKET, SO_DETACH_FILTER,
&dummy, sizeof(dummy));

48
contrib/libpcap/pcap-win32.c
View File

@ -1,6 +1,6 @@
/*
* Copyright (c) 1999 - 2003
* NetGroup, Politecnico di Torino (Italy)
* Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)
* Copyright (c) 2005 - 2007 CACE Technologies, Davis (California)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -12,9 +12,10 @@
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the Politecnico di Torino nor the names of its
* contributors may be used to endorse or promote products derived from
* this software without specific prior written permission.
* 3. Neither the name of the Politecnico di Torino, CACE Technologies
* nor the names of its contributors may be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
@ -32,11 +33,11 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap-win32.c,v 1.25.2.3 2005/07/10 17:52:54 risso Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/pcap-win32.c,v 1.25.2.7 2007/06/14 22:07:14 gianluca Exp $ (LBL)";
#endif
#include <pcap-int.h>
#include <packet32.h>
#include <Packet32.h>
#include <Ntddndis.h>
#ifdef HAVE_DAG_API
#include <dagnew.h>
@ -486,14 +487,41 @@ pcap_open_live(const char *device, int snaplen, int promisc, int to_ms,
p->linktype = DLT_NULL;
break;
case NdisMediumBare80211:
p->linktype = DLT_IEEE802_11;
break;
case NdisMediumRadio80211:
p->linktype = DLT_IEEE802_11_RADIO;
break;
case NdisMediumPpi:
p->linktype = DLT_PPI;
break;
default:
p->linktype = DLT_EN10MB; /*an unknown adapter is assumed to be ethernet*/
break;
}
/* Set promisquous mode */
if (promisc) PacketSetHwFilter(p->adapter,NDIS_PACKET_TYPE_PROMISCUOUS);
else PacketSetHwFilter(p->adapter,NDIS_PACKET_TYPE_ALL_LOCAL);
/* Set promiscuous mode */
if (promisc)
{
if (PacketSetHwFilter(p->adapter,NDIS_PACKET_TYPE_PROMISCUOUS) == FALSE)
{
snprintf(ebuf, PCAP_ERRBUF_SIZE, "failed to set hardware filter to promiscuous mode");
goto bad;
}
}
else
{
if (PacketSetHwFilter(p->adapter,NDIS_PACKET_TYPE_ALL_LOCAL) == FALSE)
{
snprintf(ebuf, PCAP_ERRBUF_SIZE, "failed to set hardware filter to non-promiscuous mode");
goto bad;
}
}
/* Set the buffer size */
p->bufsize = PcapBufSize;

22
contrib/libpcap/pcap.3
View File

@ -1,4 +1,4 @@
.\" @(#) $Header: /tcpdump/master/libpcap/pcap.3,v 1.64.2.8 2005/09/07 08:29:17 guy Exp $
.\" @(#) $Header: /tcpdump/master/libpcap/pcap.3,v 1.64.2.11 2007/06/11 09:52:05 guy Exp $
.\"
.\" Copyright (c) 1994, 1996, 1997
.\" The Regents of the University of California. All rights reserved.
@ -77,7 +77,7 @@ u_char *sp)
.ft B
int pcap_compile(pcap_t *p, struct bpf_program *fp,
.ti +8
char *str, int optimize, bpf_u_int32 netmask)
const char *str, int optimize, bpf_u_int32 netmask)
int pcap_setfilter(pcap_t *p, struct bpf_program *fp)
void pcap_freecode(struct bpf_program *)
int pcap_setdirection(pcap_t *p, pcap_direction_t d)
@ -116,7 +116,7 @@ int pcap_fileno(pcap_t *p)
int pcap_get_selectable_fd(pcap_t *p);
void pcap_perror(pcap_t *p, char *prefix)
char *pcap_geterr(pcap_t *p)
char *pcap_strerror(int error)
const char *pcap_strerror(int error)
const char *pcap_lib_version(void)
.ft
.LP
@ -1079,6 +1079,11 @@ and type bytes.
Linux-IrDA packets, with a
.B DLT_LINUX_SLL
header followed by the IrLAP header.
.TP 5
.B DLT_LINUX_LAPD
LAPD (Q.921) frames, with a
.B DLT_LINUX_SLL
header captured via vISDN.
.RE
.PP
.B pcap_list_datalinks()
@ -1140,12 +1145,13 @@ or NULL, if a network device was opened with
.BR pcap_open_live() .
.PP
.B pcap_stats()
returns 0 and fills in a
returns 0 and fills in the
.B pcap_stat
struct. The values represent packet statistics from the start of the
run to the time of the call. If there is an error or the underlying
packet capture doesn't support packet statistics, \-1 is returned and
the error text can be obtained with
structure pointed to by its second argument. The values represent
packet statistics from the start of the run to the time of the call. If
there is an error or the underlying packet capture doesn't support
packet statistics, \-1 is returned and the error text can be obtained
with
.B pcap_perror()
or
.BR pcap_geterr() .

50
contrib/libpcap/pcap.c
View File

@ -33,7 +33,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/pcap.c,v 1.88.2.8 2005/08/13 22:29:46 hannes Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/pcap.c,v 1.88.2.19 2007/09/19 02:50:52 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -240,7 +240,7 @@ pcap_list_datalinks(pcap_t *p, int **dlt_buffer)
**dlt_buffer = p->linktype;
return (1);
} else {
*dlt_buffer = (int*)malloc(sizeof(**dlt_buffer) * p->dlt_count);
*dlt_buffer = (int*)calloc(sizeof(**dlt_buffer), p->dlt_count);
if (*dlt_buffer == NULL) {
(void)snprintf(p->errbuf, sizeof(p->errbuf),
"malloc: %s", pcap_strerror(errno));
@ -354,30 +354,40 @@ static struct dlt_choice dlt_choices[] = {
DLT_CHOICE(DLT_ARCNET_LINUX, "Linux ARCNET"),
DLT_CHOICE(DLT_DOCSIS, "DOCSIS"),
DLT_CHOICE(DLT_LINUX_IRDA, "Linux IrDA"),
DLT_CHOICE(DLT_LINUX_LAPD, "Linux vISDN LAPD"),
DLT_CHOICE(DLT_IEEE802_11_RADIO_AVS, "802.11 plus AVS radio information header"),
DLT_CHOICE(DLT_SYMANTEC_FIREWALL, "Symantec Firewall"),
DLT_CHOICE(DLT_JUNIPER_ATM1, "Juniper ATM1 PIC"),
DLT_CHOICE(DLT_JUNIPER_ATM2, "Juniper ATM2 PIC"),
DLT_CHOICE(DLT_JUNIPER_MLPPP, "Juniper Multi-Link PPP"),
DLT_CHOICE(DLT_PPP_PPPD, "PPP for pppd, with direction flag"),
DLT_CHOICE(DLT_JUNIPER_PPPOE, "Juniper PPPoE"),
DLT_CHOICE(DLT_JUNIPER_PPPOE_ATM, "Juniper PPPoE/ATM"),
DLT_CHOICE(DLT_GPRS_LLC, "GPRS LLC"),
DLT_CHOICE(DLT_GPF_T, "GPF-T"),
DLT_CHOICE(DLT_GPF_F, "GPF-F"),
DLT_CHOICE(DLT_JUNIPER_PIC_PEER, "Juniper PIC Peer"),
DLT_CHOICE(DLT_JUNIPER_MLFR, "Juniper Multi-Link Frame Relay"),
DLT_CHOICE(DLT_PPP_PPPD, "PPP for pppd, with direction flag"),
DLT_CHOICE(DLT_JUNIPER_PPPOE, "Juniper PPPoE"),
DLT_CHOICE(DLT_JUNIPER_PPPOE_ATM, "Juniper PPPoE/ATM"),
DLT_CHOICE(DLT_GPRS_LLC, "GPRS LLC"),
DLT_CHOICE(DLT_GPF_T, "GPF-T"),
DLT_CHOICE(DLT_GPF_F, "GPF-F"),
DLT_CHOICE(DLT_JUNIPER_PIC_PEER, "Juniper PIC Peer"),
DLT_CHOICE(DLT_JUNIPER_MLFR, "Juniper Multi-Link Frame Relay"),
DLT_CHOICE(DLT_ERF_ETH, "Ethernet with Endace ERF header"),
DLT_CHOICE(DLT_ERF_POS, "Packet-over-SONET with Endace ERF header"),
DLT_CHOICE(DLT_JUNIPER_GGSN, "Juniper GGSN PIC"),
DLT_CHOICE(DLT_JUNIPER_ES, "Juniper Encryption Services PIC"),
DLT_CHOICE(DLT_JUNIPER_MONITOR, "Juniper Passive Monitor PIC"),
DLT_CHOICE(DLT_JUNIPER_SERVICES, "Juniper Advanced Services PIC"),
DLT_CHOICE(DLT_JUNIPER_MFR, "Juniper FRF.16 Frame Relay"),
DLT_CHOICE(DLT_JUNIPER_ETHER, "Juniper Ethernet"),
DLT_CHOICE(DLT_JUNIPER_PPP, "Juniper PPP"),
DLT_CHOICE(DLT_JUNIPER_FRELAY, "Juniper Frame Relay"),
DLT_CHOICE(DLT_JUNIPER_CHDLC, "Juniper C-HDLC"),
DLT_CHOICE(DLT_JUNIPER_MFR, "Juniper FRF.16 Frame Relay"),
DLT_CHOICE(DLT_JUNIPER_ETHER, "Juniper Ethernet"),
DLT_CHOICE(DLT_JUNIPER_PPP, "Juniper PPP"),
DLT_CHOICE(DLT_JUNIPER_FRELAY, "Juniper Frame Relay"),
DLT_CHOICE(DLT_JUNIPER_CHDLC, "Juniper C-HDLC"),
DLT_CHOICE(DLT_MFR, "FRF.16 Frame Relay"),
DLT_CHOICE(DLT_JUNIPER_VP, "Juniper Voice PIC"),
DLT_CHOICE(DLT_MTP2, "SS7 MTP2"),
DLT_CHOICE(DLT_A429, "Arinc 429"),
DLT_CHOICE(DLT_A653_ICM, "Arinc 653 Interpartition Communication"),
DLT_CHOICE(DLT_USB, "USB"),
DLT_CHOICE(DLT_BLUETOOTH_HCI_H4, "Bluetooth HCI UART transport layer"),
DLT_CHOICE(DLT_CAN20B, "Controller Area Network (CAN) v. 2.0B"),
DLT_CHOICE(DLT_MTP2_WITH_PHDR, "SS7 MTP2 with Pseudo-header"),
DLT_CHOICE_SENTINEL
};
@ -457,8 +467,8 @@ int
pcap_strcasecmp(const char *s1, const char *s2)
{
register const u_char *cm = charmap,
*us1 = (u_char *)s1,
*us2 = (u_char *)s2;
*us1 = (const u_char *)s1,
*us2 = (const u_char *)s2;
while (cm[*us1] == cm[*us2++])
if (*us1++ == '\0')
@ -671,7 +681,7 @@ pcap_win32strerror(void)
/*
* Not all systems have strerror().
*/
char *
const char *
pcap_strerror(int errnum)
{
#ifdef HAVE_STRERROR
@ -807,7 +817,7 @@ pcap_close(pcap_t *p)
#ifdef HAVE_VERSION_H
#include "version.h"
#else
static const char pcap_version_string[] = "libpcap version 0.9[.x]";
static const char pcap_version_string[] = "libpcap version 0.9.8";
#endif
#ifdef WIN32
@ -816,7 +826,7 @@ static const char pcap_version_string[] = "libpcap version 0.9[.x]";
* version numbers when building WinPcap. (It'd be nice to do so for
* the packet.dll version number as well.)
*/
static const char wpcap_version_string[] = "3.1";
static const char wpcap_version_string[] = "4.0";
static const char pcap_version_string_fmt[] =
"WinPcap version %s, based on %s";
static const char pcap_version_string_packet_dll_fmt[] =

25
contrib/libpcap/pcap.h
View File

@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#) $Header: /tcpdump/master/libpcap/pcap.h,v 1.52.2.5 2005/07/07 02:04:36 guy Exp $ (LBL)
* @(#) $Header: /tcpdump/master/libpcap/pcap.h,v 1.52.2.7 2007/06/11 09:52:05 guy Exp $ (LBL)
*/
#ifndef lib_pcap_h
@ -47,7 +47,9 @@
#include <sys/time.h>
#endif /* WIN32/MSDOS/UN*X */
#include <net/bpf.h>
#ifndef PCAP_DONT_INCLUDE_PCAP_BPF_H
#include <pcap-bpf.h>
#endif
#include <stdio.h>
@ -125,9 +127,16 @@ typedef enum {
} pcap_direction_t;
/*
* Each packet in the dump file is prepended with this generic header.
* This gets around the problem of different headers for different
* packet interfaces.
* Generic per-packet information, as supplied by libpcap.
*
* The time stamp can and should be a "struct timeval", regardless of
* whether your system supports 32-bit tv_sec in "struct timeval",
* 64-bit tv_sec in "struct timeval", or both if it supports both 32-bit
* and 64-bit applications. The on-disk format of savefiles uses 32-bit
* tv_sec (and tv_usec); this structure is irrelevant to that. 32-bit
* and 64-bit versions of libpcap, even if they're on the same platform,
* should supply the appropriate version of "struct timeval", even if
* that's not what the underlying packet capture mechanism supplies.
*/
struct pcap_pkthdr {
struct timeval ts; /* time stamp */
@ -228,12 +237,12 @@ int pcap_setnonblock(pcap_t *, int, char *);
void pcap_perror(pcap_t *, char *);
int pcap_inject(pcap_t *, const void *, size_t);
int pcap_sendpacket(pcap_t *, const u_char *, int);
char *pcap_strerror(int);
const char *pcap_strerror(int);
char *pcap_geterr(pcap_t *);
int pcap_compile(pcap_t *, struct bpf_program *, char *, int,
int pcap_compile(pcap_t *, struct bpf_program *, const char *, int,
bpf_u_int32);
int pcap_compile_nopcap(int, int, struct bpf_program *,
char *, int, bpf_u_int32);
const char *, int, bpf_u_int32);
void pcap_freecode(struct bpf_program *);
int pcap_datalink(pcap_t *);
int pcap_list_datalinks(pcap_t *, int **);

201
contrib/libpcap/savefile.c
View File

@ -30,7 +30,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/savefile.c,v 1.126.2.13 2005/08/29 21:05:45 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/savefile.c,v 1.126.2.30 2007/08/14 20:57:49 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -430,6 +430,128 @@ static const char rcsid[] _U_ =
#define LINKTYPE_JUNIPER_FRELAY 180
#define LINKTYPE_JUNIPER_CHDLC 181
/*
* Multi Link Frame Relay (FRF.16)
*/
#define LINKTYPE_MFR 182
/*
* Juniper-private data link type, as per request from
* Hannes Gredler <hannes@juniper.net>.
* The DLT_ is used for internal communication with a
* voice Adapter Card (PIC)
*/
#define LINKTYPE_JUNIPER_VP 183
/*
* Arinc 429 frames.
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Every frame contains a 32bit A429 label.
* More documentation on Arinc 429 can be found at
* http://www.condoreng.com/support/downloads/tutorials/ARINCTutorial.pdf
*/
#define LINKTYPE_A429 184
/*
* Arinc 653 Interpartition Communication messages.
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Please refer to the A653-1 standard for more information.
*/
#define LINKTYPE_A653_ICM 185
/*
* USB packets, beginning with a USB setup header; requested by
* Paolo Abeni <paolo.abeni@email.it>.
*/
#define LINKTYPE_USB 186
/*
* Bluetooth HCI UART transport layer (part H:4); requested by
* Paolo Abeni.
*/
#define LINKTYPE_BLUETOOTH_HCI_H4 187
/*
* IEEE 802.16 MAC Common Part Sublayer; requested by Maria Cruz
* <cruz_petagay@bah.com>.
*/
#define LINKTYPE_IEEE802_16_MAC_CPS 188
/*
* USB packets, beginning with a Linux USB header; requested by
* Paolo Abeni <paolo.abeni@email.it>.
*/
#define LINKTYPE_USB_LINUX 189
/*
* Controller Area Network (CAN) v. 2.0B packets.
* DLT_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
* Used to dump CAN packets coming from a CAN Vector board.
* More documentation on the CAN v2.0B frames can be found at
* http://www.can-cia.org/downloads/?269
*/
#define LINKTYPE_CAN20B 190
/*
* IEEE 802.15.4, with address fields padded, as is done by Linux
* drivers; requested by Juergen Schimmer.
*/
#define LINKTYPE_IEEE802_15_4_LINUX 191
/*
* Per Packet Information encapsulated packets.
* LINKTYPE_ requested by Gianluca Varenni <gianluca.varenni@cacetech.com>.
*/
#define LINKTYPE_PPI 192
/*
* Header for 802.16 MAC Common Part Sublayer plus a radiotap radio header;
* requested by Charles Clancy.
*/
#define LINKTYPE_IEEE802_16_MAC_CPS_RADIO 193
/*
* Juniper-private data link type, as per request from
* Hannes Gredler <hannes@juniper.net>.
* The DLT_ is used for internal communication with a
* integrated service module (ISM).
*/
#define LINKTYPE_JUNIPER_ISM 194
/*
* IEEE 802.15.4, exactly as it appears in the spec (no padding, no
* nothing); requested by Mikko Saarnivala <mikko.saarnivala@sensinode.com>.
*/
#define LINKTYPE_IEEE802_15_4 195
/*
* Various link-layer types, with a pseudo-header, for SITA
* (http://www.sita.aero/); requested by Fulko Hew (fulko.hew@gmail.com).
*/
#define LINKTYPE_SITA 196
/*
* Various link-layer types, with a pseudo-header, for Endace DAG cards;
* encapsulates Endace ERF records. Requested by Stephen Donnelly
* <stephen@endace.com>.
*/
#define LINKTYPE_ERF 197
/*
* Special header prepended to Ethernet packets when capturing from a
* u10 Networks board. Requested by Phil Mulholland
* <phil@u10networks.com>.
*/
#define LINKTYPE_RAIF1 198
/*
* IPMB packet for IPMI, beginning with the I2C slave address, followed
* by the netFn and LUN, etc.. Requested by Chanthy Toeung
* <chanthy.toeung@ca.kontron.com>.
*/
#define LINKTYPE_IPMB 199
static struct linktype_map {
int dlt;
int linktype;
@ -635,6 +757,59 @@ static struct linktype_map {
{ DLT_JUNIPER_FRELAY, LINKTYPE_JUNIPER_FRELAY },
{ DLT_JUNIPER_CHDLC, LINKTYPE_JUNIPER_CHDLC },
/* Multi Link Frame Relay (FRF.16) */
{ DLT_MFR, LINKTYPE_MFR },
/* Juniper Voice PIC */
{ DLT_JUNIPER_VP, LINKTYPE_JUNIPER_VP },
/* Controller Area Network (CAN) v2.0B */
{ DLT_A429, LINKTYPE_A429 },
/* Arinc 653 Interpartition Communication messages */
{ DLT_A653_ICM, LINKTYPE_A653_ICM },
/* USB */
{ DLT_USB, LINKTYPE_USB },
/* Bluetooth HCI UART transport layer */
{ DLT_BLUETOOTH_HCI_H4, LINKTYPE_BLUETOOTH_HCI_H4 },
/* IEEE 802.16 MAC Common Part Sublayer */
{ DLT_IEEE802_16_MAC_CPS, LINKTYPE_IEEE802_16_MAC_CPS },
/* USB with Linux header */
{ DLT_USB_LINUX, LINKTYPE_USB_LINUX },
/* Controller Area Network (CAN) v2.0B */
{ DLT_CAN20B, LINKTYPE_CAN20B },
/* IEEE 802.15.4 with address fields padded */
{ DLT_IEEE802_15_4_LINUX, LINKTYPE_IEEE802_15_4_LINUX },
/* Per Packet Information encapsulated packets */
{ DLT_PPI, LINKTYPE_PPI },
/* IEEE 802.16 MAC Common Part Sublayer plus radiotap header */
{ DLT_IEEE802_16_MAC_CPS_RADIO, LINKTYPE_IEEE802_16_MAC_CPS_RADIO },
/* Juniper Voice ISM */
{ DLT_JUNIPER_ISM, LINKTYPE_JUNIPER_ISM },
/* IEEE 802.15.4 exactly as it appears in the spec */
{ DLT_IEEE802_15_4, LINKTYPE_IEEE802_15_4 },
/* Various link-layer types for SITA */
{ DLT_SITA, LINKTYPE_SITA },
/* Various link-layer types for Endace */
{ DLT_ERF, LINKTYPE_ERF },
/* Special header for u10 Networks boards */
{ DLT_RAIF1, LINKTYPE_RAIF1 },
/* IPMB */
{ DLT_IPMB, LINKTYPE_IPMB },
{ -1, -1 }
};
@ -870,6 +1045,28 @@ pcap_fopen_offline(FILE *fp, char *errbuf)
p->tzoff = hdr.thiszone;
p->snapshot = hdr.snaplen;
p->linktype = linktype_to_dlt(hdr.linktype);
if (magic == KUZNETZOV_TCPDUMP_MAGIC && p->linktype == DLT_EN10MB) {
/*
* This capture might have been done in raw mode or cooked
* mode.
*
* If it was done in cooked mode, p->snapshot was passed
* to recvfrom() as the buffer size, meaning that the
* most packet data that would be copied would be
* p->snapshot. However, a faked Ethernet header would
* then have been added to it, so the most data that would
* be in a packet in the file would be p->snapshot + 14.
*
* We can't easily tell whether the capture was done in
* raw mode or cooked mode, so we'll assume it was
* cooked mode, and add 14 to the snapshot length. That
* means that, for a raw capture, the snapshot length will
* be misleading if you use it to figure out why a capture
* doesn't have all the packet data, but there's not much
* we can do to avoid that.
*/
p->snapshot += 14;
}
p->sf.rfile = fp;
#ifndef WIN32
p->bufsize = hdr.snaplen;
@ -1177,7 +1374,7 @@ pcap_dump(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
sf_hdr.len = h->len;
/* XXX we should check the return status */
(void)fwrite(&sf_hdr, sizeof(sf_hdr), 1, f);
(void)fwrite((char *)sp, h->caplen, 1, f);
(void)fwrite(sp, h->caplen, 1, f);
}
static pcap_dumper_t *

19
contrib/libpcap/scanner.l
View File

@ -22,7 +22,7 @@
#ifndef lint
static const char rcsid[] _U_ =
"@(#) $Header: /tcpdump/master/libpcap/scanner.l,v 1.99.2.4 2005/09/05 09:08:07 guy Exp $ (LBL)";
"@(#) $Header: /tcpdump/master/libpcap/scanner.l,v 1.99.2.9 2007/06/11 09:52:05 guy Exp $ (LBL)";
#endif
#ifdef HAVE_CONFIG_H
@ -72,6 +72,7 @@ static char *in_buffer;
#define getc(fp) (*in_buffer == 0 ? EOF : *in_buffer++)
#endif
#define yylval pcap_lval
extern YYSTYPE yylval;
%}
@ -80,11 +81,11 @@ N ([0-9]+|(0X|0x)[0-9A-Fa-f]+)
B ([0-9A-Fa-f][0-9A-Fa-f]?)
W ([0-9A-Fa-f][0-9A-Fa-f]?[0-9A-Fa-f]?[0-9A-Fa-f]?)
%a 16000
%o 19000
%e 6000
%k 4000
%p 25000
%a 18400
%o 21500
%e 7600
%k 4550
%p 27600
%n 2000
V680 {W}:{W}:{W}:{W}:{W}:{W}:{W}:{W}
@ -287,6 +288,10 @@ srnr|subrulenum return PF_SRNR;
reason return PF_REASON;
action return PF_ACTION;
fisu return FISU;
lssu return LSSU;
lsu return LSSU;
msu return MSU;
sio return SIO;
opc return OPC;
dpc return DPC;
@ -356,7 +361,7 @@ tcp-urg { yylval.i = 0x20; return NUM; }
%%
void
lex_init(buf)
char *buf;
const char *buf;
{
#ifdef FLEX_SCANNER
in_buffer = yy_scan_string(buf);