2009-03-21 20:43:56 +00:00
|
|
|
/*
|
|
|
|
* Copyright (c) 2006 Paolo Abeni (Italy)
|
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
*
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
2017-02-12 07:04:44 +00:00
|
|
|
* 3. The name of the author may not be used to endorse or promote
|
|
|
|
* products derived from this software without specific prior written
|
2009-03-21 20:43:56 +00:00
|
|
|
* permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
|
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
|
|
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*
|
|
|
|
* USB sniffing API implementation for Linux platform
|
|
|
|
* By Paolo Abeni <paolo.abeni@email.it>
|
|
|
|
* Modifications: Kris Katterjohn <katterjohn@gmail.com>
|
|
|
|
*
|
|
|
|
*/
|
2017-02-12 07:04:44 +00:00
|
|
|
|
2009-03-21 20:43:56 +00:00
|
|
|
#ifdef HAVE_CONFIG_H
|
2018-05-18 12:21:19 +00:00
|
|
|
#include <config.h>
|
2009-03-21 20:43:56 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
#include "pcap-int.h"
|
|
|
|
#include "pcap-usb-linux.h"
|
|
|
|
#include "pcap/usb.h"
|
|
|
|
|
|
|
|
#ifdef NEED_STRERROR_H
|
|
|
|
#include "strerror.h"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include <ctype.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <fcntl.h>
|
2019-10-06 04:26:37 +00:00
|
|
|
#include <limits.h>
|
2009-03-21 20:43:56 +00:00
|
|
|
#include <string.h>
|
|
|
|
#include <dirent.h>
|
|
|
|
#include <byteswap.h>
|
|
|
|
#include <netinet/in.h>
|
|
|
|
#include <sys/ioctl.h>
|
|
|
|
#include <sys/mman.h>
|
2018-05-18 12:21:19 +00:00
|
|
|
#include <sys/utsname.h>
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
#ifdef HAVE_LINUX_USBDEVICE_FS_H
|
2012-01-31 17:22:07 +00:00
|
|
|
/*
|
|
|
|
* We might need <linux/compiler.h> to define __user for
|
|
|
|
* <linux/usbdevice_fs.h>.
|
|
|
|
*/
|
|
|
|
#ifdef HAVE_LINUX_COMPILER_H
|
|
|
|
#include <linux/compiler.h>
|
|
|
|
#endif /* HAVE_LINUX_COMPILER_H */
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
#include <linux/usbdevice_fs.h>
|
2012-01-31 17:22:07 +00:00
|
|
|
#endif /* HAVE_LINUX_USBDEVICE_FS_H */
|
2009-03-21 20:43:56 +00:00
|
|
|
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
#define USB_IFACE "usbmon"
|
|
|
|
#define USB_TEXT_DIR_OLD "/sys/kernel/debug/usbmon"
|
|
|
|
#define USB_TEXT_DIR "/sys/kernel/debug/usb/usbmon"
|
|
|
|
#define SYS_USB_BUS_DIR "/sys/bus/usb/devices"
|
|
|
|
#define PROC_USB_BUS_DIR "/proc/bus/usb"
|
2009-03-21 20:43:56 +00:00
|
|
|
#define USB_LINE_LEN 4096
|
|
|
|
|
|
|
|
#if __BYTE_ORDER == __LITTLE_ENDIAN
|
|
|
|
#define htols(s) s
|
|
|
|
#define htoll(l) l
|
|
|
|
#define htol64(ll) ll
|
|
|
|
#else
|
|
|
|
#define htols(s) bswap_16(s)
|
|
|
|
#define htoll(l) bswap_32(l)
|
|
|
|
#define htol64(ll) bswap_64(ll)
|
|
|
|
#endif
|
|
|
|
|
|
|
|
struct mon_bin_stats {
|
2018-05-18 12:21:19 +00:00
|
|
|
uint32_t queued;
|
|
|
|
uint32_t dropped;
|
2009-03-21 20:43:56 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
struct mon_bin_get {
|
|
|
|
pcap_usb_header *hdr;
|
|
|
|
void *data;
|
|
|
|
size_t data_len; /* Length of data (can be zero) */
|
|
|
|
};
|
|
|
|
|
|
|
|
struct mon_bin_mfetch {
|
|
|
|
int32_t *offvec; /* Vector of events fetched */
|
|
|
|
int32_t nfetch; /* Number of events to fetch (out: fetched) */
|
|
|
|
int32_t nflush; /* Number of events to flush */
|
|
|
|
};
|
|
|
|
|
|
|
|
#define MON_IOC_MAGIC 0x92
|
|
|
|
|
|
|
|
#define MON_IOCQ_URB_LEN _IO(MON_IOC_MAGIC, 1)
|
|
|
|
#define MON_IOCX_URB _IOWR(MON_IOC_MAGIC, 2, struct mon_bin_hdr)
|
|
|
|
#define MON_IOCG_STATS _IOR(MON_IOC_MAGIC, 3, struct mon_bin_stats)
|
|
|
|
#define MON_IOCT_RING_SIZE _IO(MON_IOC_MAGIC, 4)
|
|
|
|
#define MON_IOCQ_RING_SIZE _IO(MON_IOC_MAGIC, 5)
|
|
|
|
#define MON_IOCX_GET _IOW(MON_IOC_MAGIC, 6, struct mon_bin_get)
|
|
|
|
#define MON_IOCX_MFETCH _IOWR(MON_IOC_MAGIC, 7, struct mon_bin_mfetch)
|
|
|
|
#define MON_IOCH_MFLUSH _IO(MON_IOC_MAGIC, 8)
|
|
|
|
|
|
|
|
#define MON_BIN_SETUP 0x1 /* setup hdr is present*/
|
|
|
|
#define MON_BIN_SETUP_ZERO 0x2 /* setup buffer is not available */
|
|
|
|
#define MON_BIN_DATA_ZERO 0x4 /* data buffer is not available */
|
|
|
|
#define MON_BIN_ERROR 0x8
|
|
|
|
|
2015-01-06 18:58:31 +00:00
|
|
|
/*
|
|
|
|
* Private data for capturing on Linux USB.
|
|
|
|
*/
|
|
|
|
struct pcap_usb_linux {
|
|
|
|
u_char *mmapbuf; /* memory-mapped region pointer */
|
|
|
|
size_t mmapbuflen; /* size of region */
|
|
|
|
int bus_index;
|
|
|
|
u_int packets_read;
|
|
|
|
};
|
|
|
|
|
2009-03-21 20:43:56 +00:00
|
|
|
/* forward declaration */
|
|
|
|
static int usb_activate(pcap_t *);
|
|
|
|
static int usb_stats_linux(pcap_t *, struct pcap_stat *);
|
|
|
|
static int usb_stats_linux_bin(pcap_t *, struct pcap_stat *);
|
|
|
|
static int usb_read_linux(pcap_t *, int , pcap_handler , u_char *);
|
|
|
|
static int usb_read_linux_bin(pcap_t *, int , pcap_handler , u_char *);
|
|
|
|
static int usb_read_linux_mmap(pcap_t *, int , pcap_handler , u_char *);
|
|
|
|
static int usb_inject_linux(pcap_t *, const void *, size_t);
|
|
|
|
static int usb_setdirection_linux(pcap_t *, pcap_direction_t);
|
|
|
|
static void usb_cleanup_linux_mmap(pcap_t *);
|
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
static int
|
|
|
|
have_binary_usbmon(void)
|
|
|
|
{
|
|
|
|
struct utsname utsname;
|
|
|
|
char *version_component, *endp;
|
|
|
|
int major, minor, subminor;
|
|
|
|
|
|
|
|
if (uname(&utsname) == 0) {
|
|
|
|
/*
|
|
|
|
* 2.6.21 is the first release with the binary-mode
|
|
|
|
* USB monitoring.
|
|
|
|
*/
|
|
|
|
version_component = utsname.release;
|
|
|
|
major = strtol(version_component, &endp, 10);
|
|
|
|
if (endp != version_component && *endp == '.') {
|
|
|
|
/*
|
|
|
|
* OK, that was a valid major version.
|
|
|
|
* Is it 3 or greater? If so, we have binary
|
|
|
|
* mode support.
|
|
|
|
*/
|
|
|
|
if (major >= 3)
|
|
|
|
return 1;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Is it 1 or less? If so, we don't have binary
|
|
|
|
* mode support. (In fact, we don't have any
|
|
|
|
* USB monitoring....)
|
|
|
|
*/
|
|
|
|
if (major <= 1)
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* OK, this is a 2.x kernel.
|
|
|
|
* What's the minor version?
|
|
|
|
*/
|
|
|
|
version_component = endp + 1;
|
|
|
|
minor = strtol(version_component, &endp, 10);
|
|
|
|
if (endp != version_component &&
|
|
|
|
(*endp == '.' || *endp == '\0')) {
|
|
|
|
/*
|
|
|
|
* OK, that was a valid minor version.
|
|
|
|
* Is is 2.6 or later? (There shouldn't be a
|
|
|
|
* "later", as 2.6.x went to 3.x, but we'll
|
|
|
|
* check anyway.)
|
|
|
|
*/
|
|
|
|
if (minor < 6) {
|
|
|
|
/*
|
|
|
|
* No, so no binary support (did 2.4 have
|
|
|
|
* any USB monitoring at all?)
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* OK, this is a 2.6.x kernel.
|
|
|
|
* What's the subminor version?
|
|
|
|
*/
|
|
|
|
version_component = endp + 1;
|
|
|
|
subminor = strtol(version_component, &endp, 10);
|
|
|
|
if (endp != version_component &&
|
|
|
|
(*endp == '.' || *endp == '\0')) {
|
|
|
|
/*
|
|
|
|
* OK, that was a valid subminor version.
|
|
|
|
* Is it 21 or greater?
|
|
|
|
*/
|
|
|
|
if (subminor >= 21) {
|
|
|
|
/*
|
|
|
|
* Yes - we have binary mode
|
|
|
|
* support.
|
|
|
|
*/
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Either uname() failed, in which case we just say "no binary
|
|
|
|
* mode support", or we don't have binary mode support.
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2009-03-21 20:43:56 +00:00
|
|
|
/* facility to add an USB device to the device list*/
|
2017-02-12 07:04:44 +00:00
|
|
|
static int
|
2018-05-18 12:21:19 +00:00
|
|
|
usb_dev_add(pcap_if_list_t *devlistp, int n, char *err_str)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
|
|
|
char dev_name[10];
|
2017-02-12 07:04:44 +00:00
|
|
|
char dev_descr[30];
|
|
|
|
pcap_snprintf(dev_name, 10, USB_IFACE"%d", n);
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
|
|
|
* XXX - is there any notion of "up" and "running"?
|
|
|
|
*/
|
|
|
|
if (n == 0) {
|
|
|
|
/*
|
|
|
|
* As this refers to all buses, there's no notion of
|
|
|
|
* "connected" vs. "disconnected", as that's a property
|
|
|
|
* that would apply to a particular USB interface.
|
|
|
|
*/
|
|
|
|
if (add_dev(devlistp, dev_name,
|
|
|
|
PCAP_IF_CONNECTION_STATUS_NOT_APPLICABLE,
|
2019-10-06 04:26:37 +00:00
|
|
|
"Raw USB traffic, all USB buses", err_str) == NULL)
|
2018-05-18 12:21:19 +00:00
|
|
|
return -1;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* XXX - is there a way to determine whether anything's
|
|
|
|
* plugged into this bus interface or not, and set
|
|
|
|
* PCAP_IF_CONNECTION_STATUS_CONNECTED or
|
|
|
|
* PCAP_IF_CONNECTION_STATUS_DISCONNECTED?
|
|
|
|
*/
|
2019-10-06 04:26:37 +00:00
|
|
|
pcap_snprintf(dev_descr, 30, "Raw USB traffic, bus number %d", n);
|
2018-05-18 12:21:19 +00:00
|
|
|
if (add_dev(devlistp, dev_name, 0, dev_descr, err_str) == NULL)
|
|
|
|
return -1;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
return 0;
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
int
|
2018-05-18 12:21:19 +00:00
|
|
|
usb_findalldevs(pcap_if_list_t *devlistp, char *err_str)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
2018-05-18 12:21:19 +00:00
|
|
|
char usb_mon_dir[PATH_MAX];
|
|
|
|
char *usb_mon_prefix;
|
|
|
|
size_t usb_mon_prefix_len;
|
2009-03-21 20:43:56 +00:00
|
|
|
struct dirent* data;
|
|
|
|
int ret = 0;
|
|
|
|
DIR* dir;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
int n;
|
|
|
|
char* name;
|
|
|
|
size_t len;
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
if (have_binary_usbmon()) {
|
2017-02-12 07:04:44 +00:00
|
|
|
/*
|
2018-05-18 12:21:19 +00:00
|
|
|
* We have binary-mode support.
|
|
|
|
* What do the device names look like?
|
|
|
|
* Split LINUX_USB_MON_DEV into a directory that we'll
|
|
|
|
* scan and a file name prefix that we'll check for.
|
2017-02-12 07:04:44 +00:00
|
|
|
*/
|
2019-10-06 04:26:37 +00:00
|
|
|
pcap_strlcpy(usb_mon_dir, LINUX_USB_MON_DEV, sizeof usb_mon_dir);
|
2018-05-18 12:21:19 +00:00
|
|
|
usb_mon_prefix = strrchr(usb_mon_dir, '/');
|
|
|
|
if (usb_mon_prefix == NULL) {
|
2017-02-12 07:04:44 +00:00
|
|
|
/*
|
2018-05-18 12:21:19 +00:00
|
|
|
* This "shouldn't happen". Just give up if it
|
|
|
|
* does.
|
2017-02-12 07:04:44 +00:00
|
|
|
*/
|
2018-05-18 12:21:19 +00:00
|
|
|
return 0;
|
2017-02-12 07:04:44 +00:00
|
|
|
}
|
2018-05-18 12:21:19 +00:00
|
|
|
*usb_mon_prefix++ = '\0';
|
|
|
|
usb_mon_prefix_len = strlen(usb_mon_prefix);
|
2017-02-12 07:04:44 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
|
|
|
* Open the directory and scan it.
|
|
|
|
*/
|
|
|
|
dir = opendir(usb_mon_dir);
|
|
|
|
if (dir != NULL) {
|
|
|
|
while ((ret == 0) && ((data = readdir(dir)) != 0)) {
|
|
|
|
name = data->d_name;
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
|
|
|
* Is this a usbmon device?
|
|
|
|
*/
|
|
|
|
if (strncmp(name, usb_mon_prefix, usb_mon_prefix_len) != 0)
|
|
|
|
continue; /* no */
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
|
|
|
* What's the device number?
|
|
|
|
*/
|
|
|
|
if (sscanf(&name[usb_mon_prefix_len], "%d", &n) == 0)
|
|
|
|
continue; /* failed */
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
ret = usb_dev_add(devlistp, n, err_str);
|
|
|
|
}
|
|
|
|
|
|
|
|
closedir(dir);
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
}
|
2018-05-18 12:21:19 +00:00
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* We have only text mode support.
|
|
|
|
* We don't look for the text devices because we can't
|
|
|
|
* look for them without root privileges, and we don't
|
|
|
|
* want to require root privileges to enumerate devices
|
|
|
|
* (we want to let the user to try a device and get
|
|
|
|
* an error, rather than seeing no devices and asking
|
|
|
|
* "why am I not seeing devices" and forcing a long
|
|
|
|
* process of poking to figure out whether it's "no
|
|
|
|
* privileges" or "your kernel is too old" or "the
|
|
|
|
* usbmon module isn't loaded" or...).
|
|
|
|
*
|
|
|
|
* Instead, we look to see what buses we have.
|
|
|
|
* If the kernel is so old that it doesn't have
|
|
|
|
* binary-mode support, it's also so old that
|
|
|
|
* it doesn't have a "scan all buses" device.
|
|
|
|
*
|
|
|
|
* First, try scanning sysfs USB bus directory.
|
|
|
|
*/
|
|
|
|
dir = opendir(SYS_USB_BUS_DIR);
|
|
|
|
if (dir != NULL) {
|
|
|
|
while ((ret == 0) && ((data = readdir(dir)) != 0)) {
|
|
|
|
name = data->d_name;
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
if (strncmp(name, "usb", 3) != 0)
|
|
|
|
continue;
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
if (sscanf(&name[3], "%d", &n) == 0)
|
|
|
|
continue;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
ret = usb_dev_add(devlistp, n, err_str);
|
|
|
|
}
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
closedir(dir);
|
|
|
|
return 0;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
}
|
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
/* That didn't work; try scanning procfs USB bus directory. */
|
|
|
|
dir = opendir(PROC_USB_BUS_DIR);
|
|
|
|
if (dir != NULL) {
|
|
|
|
while ((ret == 0) && ((data = readdir(dir)) != 0)) {
|
|
|
|
name = data->d_name;
|
|
|
|
len = strlen(name);
|
|
|
|
|
|
|
|
/* if this file name does not end with a number it's not of our interest */
|
|
|
|
if ((len < 1) || !isdigit(name[--len]))
|
|
|
|
continue;
|
|
|
|
while (isdigit(name[--len]));
|
|
|
|
if (sscanf(&name[len+1], "%d", &n) != 1)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
ret = usb_dev_add(devlistp, n, err_str);
|
|
|
|
}
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
closedir(dir);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* neither of them worked */
|
|
|
|
return 0;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
|
|
|
|
2019-10-06 04:26:37 +00:00
|
|
|
/*
|
|
|
|
* Matches what's in mon_bin.c in the Linux kernel.
|
|
|
|
*/
|
|
|
|
#define MIN_RING_SIZE (8*1024)
|
|
|
|
#define MAX_RING_SIZE (1200*1024)
|
|
|
|
|
|
|
|
static int
|
|
|
|
usb_set_ring_size(pcap_t* handle, int header_size)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* A packet from binary usbmon has:
|
|
|
|
*
|
|
|
|
* 1) a fixed-length header, of size header_size;
|
|
|
|
* 2) descriptors, for isochronous transfers;
|
|
|
|
* 3) the payload.
|
|
|
|
*
|
|
|
|
* The kernel buffer has a size, defaulting to 300KB, with a
|
|
|
|
* minimum of 8KB and a maximum of 1200KB. The size is set with
|
|
|
|
* the MON_IOCT_RING_SIZE ioctl; the size passed in is rounded up
|
|
|
|
* to a page size.
|
|
|
|
*
|
|
|
|
* No more than {buffer size}/5 bytes worth of payload is saved.
|
|
|
|
* Therefore, if we subtract the fixed-length size from the
|
|
|
|
* snapshot length, we have the biggest payload we want (we
|
|
|
|
* don't worry about the descriptors - if we have descriptors,
|
|
|
|
* we'll just discard the last bit of the payload to get it
|
|
|
|
* to fit). We multiply that result by 5 and set the buffer
|
|
|
|
* size to that value.
|
|
|
|
*/
|
|
|
|
int ring_size;
|
|
|
|
|
|
|
|
if (handle->snapshot < header_size)
|
|
|
|
handle->snapshot = header_size;
|
|
|
|
/* The maximum snapshot size is small enough that this won't overflow */
|
|
|
|
ring_size = (handle->snapshot - header_size) * 5;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Will this get an error?
|
|
|
|
* (There's no wqy to query the minimum or maximum, so we just
|
|
|
|
* copy the value from the kernel source. We don't round it
|
|
|
|
* up to a multiple of the page size.)
|
|
|
|
*/
|
|
|
|
if (ring_size > MAX_RING_SIZE) {
|
|
|
|
/*
|
|
|
|
* Yes. Lower the ring size to the maximum, and set the
|
|
|
|
* snapshot length to the value that would give us a
|
|
|
|
* maximum-size ring.
|
|
|
|
*/
|
|
|
|
ring_size = MAX_RING_SIZE;
|
|
|
|
handle->snapshot = header_size + (MAX_RING_SIZE/5);
|
|
|
|
} else if (ring_size < MIN_RING_SIZE) {
|
|
|
|
/*
|
|
|
|
* Yes. Raise the ring size to the minimum, but leave
|
|
|
|
* the snapshot length unchanged, so we show the
|
|
|
|
* callback no more data than specified by the
|
|
|
|
* snapshot length.
|
|
|
|
*/
|
|
|
|
ring_size = MIN_RING_SIZE;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (ioctl(handle->fd, MON_IOCT_RING_SIZE, ring_size) == -1) {
|
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
errno, "Can't set ring size from fd %d", handle->fd);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return ring_size;
|
|
|
|
}
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
static
|
2009-03-21 20:43:56 +00:00
|
|
|
int usb_mmap(pcap_t* handle)
|
|
|
|
{
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
2019-10-06 04:26:37 +00:00
|
|
|
int len;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Attempt to set the ring size as appropriate for the snapshot
|
|
|
|
* length, reducing the snapshot length if that'd make the ring
|
|
|
|
* bigger than the kernel supports.
|
|
|
|
*/
|
|
|
|
len = usb_set_ring_size(handle, (int)sizeof(pcap_usb_header_mmapped));
|
|
|
|
if (len == -1) {
|
|
|
|
/* Failed. Fall back on non-memory-mapped access. */
|
2009-03-21 20:43:56 +00:00
|
|
|
return 0;
|
2019-10-06 04:26:37 +00:00
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2015-01-06 18:58:31 +00:00
|
|
|
handlep->mmapbuflen = len;
|
|
|
|
handlep->mmapbuf = mmap(0, handlep->mmapbuflen, PROT_READ,
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
MAP_SHARED, handle->fd, 0);
|
2019-10-06 04:26:37 +00:00
|
|
|
if (handlep->mmapbuf == MAP_FAILED) {
|
|
|
|
/*
|
|
|
|
* Failed. We don't treat that as a fatal error, we
|
|
|
|
* just try to fall back on non-memory-mapped access.
|
|
|
|
*/
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
return 1;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
}
|
|
|
|
|
2015-01-06 18:58:31 +00:00
|
|
|
#ifdef HAVE_LINUX_USBDEVICE_FS_H
|
|
|
|
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
#define CTRL_TIMEOUT (5*1000) /* milliseconds */
|
|
|
|
|
|
|
|
#define USB_DIR_IN 0x80
|
|
|
|
#define USB_TYPE_STANDARD 0x00
|
|
|
|
#define USB_RECIP_DEVICE 0x00
|
|
|
|
|
|
|
|
#define USB_REQ_GET_DESCRIPTOR 6
|
|
|
|
|
|
|
|
#define USB_DT_DEVICE 1
|
|
|
|
|
|
|
|
/* probe the descriptors of the devices attached to the bus */
|
|
|
|
/* the descriptors will end up in the captured packet stream */
|
|
|
|
/* and be decoded by external apps like wireshark */
|
|
|
|
/* without these identifying probes packet data can't be fully decoded */
|
|
|
|
static void
|
|
|
|
probe_devices(int bus)
|
|
|
|
{
|
|
|
|
struct usbdevfs_ctrltransfer ctrl;
|
|
|
|
struct dirent* data;
|
|
|
|
int ret = 0;
|
2018-05-18 12:21:19 +00:00
|
|
|
char buf[sizeof("/dev/bus/usb/000/") + NAME_MAX];
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
DIR* dir;
|
|
|
|
|
|
|
|
/* scan usb bus directories for device nodes */
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d", bus);
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
dir = opendir(buf);
|
|
|
|
if (!dir)
|
|
|
|
return;
|
|
|
|
|
|
|
|
while ((ret >= 0) && ((data = readdir(dir)) != 0)) {
|
|
|
|
int fd;
|
|
|
|
char* name = data->d_name;
|
|
|
|
|
|
|
|
if (name[0] == '.')
|
|
|
|
continue;
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d/%s", bus, data->d_name);
|
|
|
|
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
fd = open(buf, O_RDWR);
|
|
|
|
if (fd == -1)
|
|
|
|
continue;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Sigh. Different kernels have different member names
|
|
|
|
* for this structure.
|
|
|
|
*/
|
2018-05-18 12:21:19 +00:00
|
|
|
#ifdef HAVE_STRUCT_USBDEVFS_CTRLTRANSFER_BREQUESTTYPE
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
ctrl.bRequestType = USB_DIR_IN | USB_TYPE_STANDARD | USB_RECIP_DEVICE;
|
|
|
|
ctrl.bRequest = USB_REQ_GET_DESCRIPTOR;
|
|
|
|
ctrl.wValue = USB_DT_DEVICE << 8;
|
|
|
|
ctrl.wIndex = 0;
|
|
|
|
ctrl.wLength = sizeof(buf);
|
|
|
|
#else
|
|
|
|
ctrl.requesttype = USB_DIR_IN | USB_TYPE_STANDARD | USB_RECIP_DEVICE;
|
|
|
|
ctrl.request = USB_REQ_GET_DESCRIPTOR;
|
|
|
|
ctrl.value = USB_DT_DEVICE << 8;
|
|
|
|
ctrl.index = 0;
|
|
|
|
ctrl.length = sizeof(buf);
|
|
|
|
#endif
|
|
|
|
ctrl.data = buf;
|
|
|
|
ctrl.timeout = CTRL_TIMEOUT;
|
|
|
|
|
|
|
|
ret = ioctl(fd, USBDEVFS_CONTROL, &ctrl);
|
|
|
|
|
|
|
|
close(fd);
|
|
|
|
}
|
|
|
|
closedir(dir);
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
2015-01-06 18:58:31 +00:00
|
|
|
#endif /* HAVE_LINUX_USBDEVICE_FS_H */
|
2009-03-21 20:43:56 +00:00
|
|
|
|
|
|
|
pcap_t *
|
2013-05-30 06:41:26 +00:00
|
|
|
usb_create(const char *device, char *ebuf, int *is_ours)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
2013-05-30 06:41:26 +00:00
|
|
|
const char *cp;
|
|
|
|
char *cpend;
|
|
|
|
long devnum;
|
2009-03-21 20:43:56 +00:00
|
|
|
pcap_t *p;
|
|
|
|
|
2013-05-30 06:41:26 +00:00
|
|
|
/* Does this look like a USB monitoring device? */
|
|
|
|
cp = strrchr(device, '/');
|
|
|
|
if (cp == NULL)
|
|
|
|
cp = device;
|
|
|
|
/* Does it begin with USB_IFACE? */
|
|
|
|
if (strncmp(cp, USB_IFACE, sizeof USB_IFACE - 1) != 0) {
|
|
|
|
/* Nope, doesn't begin with USB_IFACE */
|
|
|
|
*is_ours = 0;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
/* Yes - is USB_IFACE followed by a number? */
|
|
|
|
cp += sizeof USB_IFACE - 1;
|
|
|
|
devnum = strtol(cp, &cpend, 10);
|
|
|
|
if (cpend == cp || *cpend != '\0') {
|
|
|
|
/* Not followed by a number. */
|
|
|
|
*is_ours = 0;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
if (devnum < 0) {
|
|
|
|
/* Followed by a non-valid number. */
|
|
|
|
*is_ours = 0;
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* OK, it's probably ours. */
|
|
|
|
*is_ours = 1;
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
p = pcap_create_common(ebuf, sizeof (struct pcap_usb_linux));
|
2009-03-21 20:43:56 +00:00
|
|
|
if (p == NULL)
|
|
|
|
return (NULL);
|
|
|
|
|
|
|
|
p->activate_op = usb_activate;
|
|
|
|
return (p);
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
usb_activate(pcap_t* handle)
|
|
|
|
{
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
2009-03-21 20:43:56 +00:00
|
|
|
char full_path[USB_LINE_LEN];
|
2019-10-06 04:26:37 +00:00
|
|
|
int ret;
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
|
|
|
* Turn a negative snapshot value (invalid), a snapshot value of
|
|
|
|
* 0 (unspecified), or a value bigger than the normal maximum
|
|
|
|
* value, into the maximum allowed value.
|
|
|
|
*
|
|
|
|
* If some application really *needs* a bigger snapshot
|
|
|
|
* length, we should just increase MAXIMUM_SNAPLEN.
|
|
|
|
*/
|
|
|
|
if (handle->snapshot <= 0 || handle->snapshot > MAXIMUM_SNAPLEN)
|
|
|
|
handle->snapshot = MAXIMUM_SNAPLEN;
|
|
|
|
|
2009-03-21 20:43:56 +00:00
|
|
|
/* Initialize some components of the pcap structure. */
|
|
|
|
handle->bufsize = handle->snapshot;
|
|
|
|
handle->offset = 0;
|
|
|
|
handle->linktype = DLT_USB_LINUX;
|
|
|
|
|
|
|
|
handle->inject_op = usb_inject_linux;
|
2012-01-31 17:22:07 +00:00
|
|
|
handle->setfilter_op = install_bpf_program; /* no kernel filtering */
|
2009-03-21 20:43:56 +00:00
|
|
|
handle->setdirection_op = usb_setdirection_linux;
|
|
|
|
handle->set_datalink_op = NULL; /* can't change data link type */
|
|
|
|
handle->getnonblock_op = pcap_getnonblock_fd;
|
|
|
|
handle->setnonblock_op = pcap_setnonblock_fd;
|
|
|
|
|
|
|
|
/*get usb bus index from device name */
|
2017-02-12 07:04:44 +00:00
|
|
|
if (sscanf(handle->opt.device, USB_IFACE"%d", &handlep->bus_index) != 1)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
"Can't get USB bus index from %s", handle->opt.device);
|
2009-03-21 20:43:56 +00:00
|
|
|
return PCAP_ERROR;
|
|
|
|
}
|
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
if (have_binary_usbmon())
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
|
|
|
* We have binary-mode support.
|
|
|
|
* Try to open the binary interface.
|
|
|
|
*/
|
|
|
|
pcap_snprintf(full_path, USB_LINE_LEN, LINUX_USB_MON_DEV"%d", handlep->bus_index);
|
|
|
|
handle->fd = open(full_path, O_RDONLY, 0);
|
|
|
|
if (handle->fd < 0)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* The attempt failed; why?
|
|
|
|
*/
|
|
|
|
switch (errno) {
|
|
|
|
|
|
|
|
case ENOENT:
|
|
|
|
/*
|
|
|
|
* The device doesn't exist.
|
|
|
|
* That could either mean that there's
|
|
|
|
* no support for monitoring USB buses
|
|
|
|
* (which probably means "the usbmon
|
|
|
|
* module isn't loaded") or that there
|
|
|
|
* is but that *particular* device
|
|
|
|
* doesn't exist (no "scan all buses"
|
|
|
|
* device if the bus index is 0, no
|
|
|
|
* such bus if the bus index isn't 0).
|
|
|
|
*/
|
|
|
|
return PCAP_ERROR_NO_SUCH_DEVICE;
|
|
|
|
|
|
|
|
case EACCES:
|
|
|
|
/*
|
|
|
|
* We didn't have permission to open it.
|
|
|
|
*/
|
|
|
|
return PCAP_ERROR_PERM_DENIED;
|
|
|
|
|
|
|
|
default:
|
|
|
|
/*
|
|
|
|
* Something went wrong.
|
|
|
|
*/
|
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf,
|
|
|
|
PCAP_ERRBUF_SIZE, errno,
|
|
|
|
"Can't open USB bus file %s", full_path);
|
|
|
|
return PCAP_ERROR;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (handle->opt.rfmon)
|
|
|
|
{
|
2009-03-21 20:43:56 +00:00
|
|
|
/*
|
|
|
|
* Monitor mode doesn't apply to USB devices.
|
|
|
|
*/
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
close(handle->fd);
|
2009-03-21 20:43:56 +00:00
|
|
|
return PCAP_ERROR_RFMON_NOTSUP;
|
|
|
|
}
|
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
/* try to use fast mmap access */
|
|
|
|
if (usb_mmap(handle))
|
|
|
|
{
|
2019-10-06 04:26:37 +00:00
|
|
|
/* We succeeded. */
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
handle->linktype = DLT_USB_LINUX_MMAPPED;
|
2009-03-21 20:43:56 +00:00
|
|
|
handle->stats_op = usb_stats_linux_bin;
|
|
|
|
handle->read_op = usb_read_linux_mmap;
|
|
|
|
handle->cleanup_op = usb_cleanup_linux_mmap;
|
2015-01-06 18:58:31 +00:00
|
|
|
#ifdef HAVE_LINUX_USBDEVICE_FS_H
|
|
|
|
probe_devices(handlep->bus_index);
|
|
|
|
#endif
|
2009-03-21 20:43:56 +00:00
|
|
|
|
|
|
|
/*
|
2018-05-18 12:21:19 +00:00
|
|
|
* "handle->fd" is a real file, so
|
|
|
|
* "select()" and "poll()" work on it.
|
2009-03-21 20:43:56 +00:00
|
|
|
*/
|
|
|
|
handle->selectable_fd = handle->fd;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2019-10-06 04:26:37 +00:00
|
|
|
/*
|
|
|
|
* We failed; try plain binary interface access.
|
|
|
|
*
|
|
|
|
* Attempt to set the ring size as appropriate for
|
|
|
|
* the snapshot length, reducing the snapshot length
|
|
|
|
* if that'd make the ring bigger than the kernel
|
|
|
|
* supports.
|
|
|
|
*/
|
|
|
|
if (usb_set_ring_size(handle, (int)sizeof(pcap_usb_header)) == -1) {
|
|
|
|
/* Failed. */
|
|
|
|
close(handle->fd);
|
|
|
|
return PCAP_ERROR;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
handle->stats_op = usb_stats_linux_bin;
|
|
|
|
handle->read_op = usb_read_linux_bin;
|
2015-01-06 18:58:31 +00:00
|
|
|
#ifdef HAVE_LINUX_USBDEVICE_FS_H
|
|
|
|
probe_devices(handlep->bus_index);
|
|
|
|
#endif
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
|
|
|
else {
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
|
|
|
* We don't have binary mode support.
|
|
|
|
* Try opening the text-mode device.
|
|
|
|
*/
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR"/%dt", handlep->bus_index);
|
2009-03-21 20:43:56 +00:00
|
|
|
handle->fd = open(full_path, O_RDONLY, 0);
|
|
|
|
if (handle->fd < 0)
|
|
|
|
{
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
if (errno == ENOENT)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Not found at the new location; try
|
|
|
|
* the old location.
|
|
|
|
*/
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%dt", handlep->bus_index);
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
handle->fd = open(full_path, O_RDONLY, 0);
|
|
|
|
}
|
|
|
|
if (handle->fd < 0) {
|
2019-10-06 04:26:37 +00:00
|
|
|
if (errno == ENOENT)
|
|
|
|
{
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
2019-10-06 04:26:37 +00:00
|
|
|
* The problem is that the file
|
|
|
|
* doesn't exist. Report that as
|
|
|
|
* "no such device". (That could
|
|
|
|
* mean "no such USB bus" or
|
|
|
|
* "monitoring not supported".)
|
2018-05-18 12:21:19 +00:00
|
|
|
*/
|
2019-10-06 04:26:37 +00:00
|
|
|
ret = PCAP_ERROR_NO_SUCH_DEVICE;
|
2018-05-18 12:21:19 +00:00
|
|
|
}
|
2019-10-06 04:26:37 +00:00
|
|
|
else if (errno == EACCES)
|
|
|
|
{
|
2018-05-18 12:21:19 +00:00
|
|
|
/*
|
2019-10-06 04:26:37 +00:00
|
|
|
* The problem is that we don't
|
|
|
|
* have sufficient permission to
|
|
|
|
* open the file. Report that.
|
2018-05-18 12:21:19 +00:00
|
|
|
*/
|
2019-10-06 04:26:37 +00:00
|
|
|
ret = PCAP_ERROR_PERM_DENIED;
|
2018-05-18 12:21:19 +00:00
|
|
|
}
|
2019-10-06 04:26:37 +00:00
|
|
|
else
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Some other error.
|
|
|
|
*/
|
|
|
|
ret = PCAP_ERROR;
|
|
|
|
}
|
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf,
|
|
|
|
PCAP_ERRBUF_SIZE, errno,
|
|
|
|
"Can't open USB bus file %s",
|
|
|
|
full_path);
|
|
|
|
return ret;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
if (handle->opt.rfmon)
|
|
|
|
{
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
/*
|
|
|
|
* Monitor mode doesn't apply to USB devices.
|
|
|
|
*/
|
|
|
|
close(handle->fd);
|
|
|
|
return PCAP_ERROR_RFMON_NOTSUP;
|
|
|
|
}
|
|
|
|
|
2009-03-21 20:43:56 +00:00
|
|
|
handle->stats_op = usb_stats_linux;
|
|
|
|
handle->read_op = usb_read_linux;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* "handle->fd" is a real file, so "select()" and "poll()"
|
|
|
|
* work on it.
|
|
|
|
*/
|
|
|
|
handle->selectable_fd = handle->fd;
|
|
|
|
|
|
|
|
/* for plain binary access and text access we need to allocate the read
|
|
|
|
* buffer */
|
|
|
|
handle->buffer = malloc(handle->bufsize);
|
|
|
|
if (!handle->buffer) {
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
errno, "malloc");
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
close(handle->fd);
|
2009-03-21 20:43:56 +00:00
|
|
|
return PCAP_ERROR;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
static inline int
|
2009-03-21 20:43:56 +00:00
|
|
|
ascii_to_int(char c)
|
|
|
|
{
|
|
|
|
return c < 'A' ? c- '0': ((c<'a') ? c - 'A' + 10: c-'a'+10);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2017-02-12 07:04:44 +00:00
|
|
|
* see <linux-kernel-source>/Documentation/usb/usbmon.txt and
|
|
|
|
* <linux-kernel-source>/drivers/usb/mon/mon_text.c for urb string
|
2009-03-21 20:43:56 +00:00
|
|
|
* format description
|
|
|
|
*/
|
|
|
|
static int
|
2018-05-18 12:21:19 +00:00
|
|
|
usb_read_linux(pcap_t *handle, int max_packets _U_, pcap_handler callback, u_char *user)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
|
|
|
/* see:
|
2017-02-12 07:04:44 +00:00
|
|
|
* /usr/src/linux/Documentation/usb/usbmon.txt
|
2009-03-21 20:43:56 +00:00
|
|
|
* for message format
|
|
|
|
*/
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
2009-03-21 20:43:56 +00:00
|
|
|
unsigned timestamp;
|
|
|
|
int tag, cnt, ep_num, dev_addr, dummy, ret, urb_len, data_len;
|
|
|
|
char etype, pipeid1, pipeid2, status[16], urb_tag, line[USB_LINE_LEN];
|
|
|
|
char *string = line;
|
|
|
|
u_char * rawdata = handle->buffer;
|
|
|
|
struct pcap_pkthdr pkth;
|
|
|
|
pcap_usb_header* uhdr = (pcap_usb_header*)handle->buffer;
|
|
|
|
u_char urb_transfer=0;
|
|
|
|
int incoming=0;
|
|
|
|
|
|
|
|
/* ignore interrupt system call errors */
|
|
|
|
do {
|
|
|
|
ret = read(handle->fd, line, USB_LINE_LEN - 1);
|
|
|
|
if (handle->break_loop)
|
|
|
|
{
|
|
|
|
handle->break_loop = 0;
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
} while ((ret == -1) && (errno == EINTR));
|
|
|
|
if (ret < 0)
|
|
|
|
{
|
|
|
|
if (errno == EAGAIN)
|
|
|
|
return 0; /* no data there */
|
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
errno, "Can't read from fd %d", handle->fd);
|
2009-03-21 20:43:56 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
/* read urb header; %n argument may increment return value, but it's
|
2009-03-21 20:43:56 +00:00
|
|
|
* not mandatory, so does not count on it*/
|
|
|
|
string[ret] = 0;
|
2017-02-12 07:04:44 +00:00
|
|
|
ret = sscanf(string, "%x %d %c %c%c:%d:%d %s%n", &tag, ×tamp, &etype,
|
|
|
|
&pipeid1, &pipeid2, &dev_addr, &ep_num, status,
|
2009-03-21 20:43:56 +00:00
|
|
|
&cnt);
|
|
|
|
if (ret < 8)
|
|
|
|
{
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
2009-03-21 20:43:56 +00:00
|
|
|
"Can't parse USB bus message '%s', too few tokens (expected 8 got %d)",
|
|
|
|
string, ret);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
uhdr->id = tag;
|
|
|
|
uhdr->device_address = dev_addr;
|
2015-01-06 18:58:31 +00:00
|
|
|
uhdr->bus_id = handlep->bus_index;
|
2009-03-21 20:43:56 +00:00
|
|
|
uhdr->status = 0;
|
|
|
|
string += cnt;
|
|
|
|
|
|
|
|
/* don't use usbmon provided timestamp, since it have low precision*/
|
2017-02-12 07:04:44 +00:00
|
|
|
if (gettimeofday(&pkth.ts, NULL) < 0)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
errno, "Can't get timestamp for message '%s'", string);
|
2009-03-21 20:43:56 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
uhdr->ts_sec = pkth.ts.tv_sec;
|
|
|
|
uhdr->ts_usec = pkth.ts.tv_usec;
|
|
|
|
|
|
|
|
/* parse endpoint information */
|
|
|
|
if (pipeid1 == 'C')
|
|
|
|
urb_transfer = URB_CONTROL;
|
|
|
|
else if (pipeid1 == 'Z')
|
|
|
|
urb_transfer = URB_ISOCHRONOUS;
|
|
|
|
else if (pipeid1 == 'I')
|
|
|
|
urb_transfer = URB_INTERRUPT;
|
|
|
|
else if (pipeid1 == 'B')
|
|
|
|
urb_transfer = URB_BULK;
|
|
|
|
if (pipeid2 == 'i') {
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
ep_num |= URB_TRANSFER_IN;
|
2009-03-21 20:43:56 +00:00
|
|
|
incoming = 1;
|
|
|
|
}
|
|
|
|
if (etype == 'C')
|
|
|
|
incoming = !incoming;
|
|
|
|
|
|
|
|
/* direction check*/
|
|
|
|
if (incoming)
|
|
|
|
{
|
|
|
|
if (handle->direction == PCAP_D_OUT)
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
if (handle->direction == PCAP_D_IN)
|
|
|
|
return 0;
|
|
|
|
uhdr->event_type = etype;
|
|
|
|
uhdr->transfer_type = urb_transfer;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
uhdr->endpoint_number = ep_num;
|
2009-03-21 20:43:56 +00:00
|
|
|
pkth.caplen = sizeof(pcap_usb_header);
|
|
|
|
rawdata += sizeof(pcap_usb_header);
|
|
|
|
|
|
|
|
/* check if this is a setup packet */
|
|
|
|
ret = sscanf(status, "%d", &dummy);
|
|
|
|
if (ret != 1)
|
|
|
|
{
|
|
|
|
/* this a setup packet, setup data can be filled with underscore if
|
2017-02-12 07:04:44 +00:00
|
|
|
* usbmon has not been able to read them, so we must parse this fields as
|
2009-03-21 20:43:56 +00:00
|
|
|
* strings */
|
|
|
|
pcap_usb_setup* shdr;
|
|
|
|
char str1[3], str2[3], str3[5], str4[5], str5[5];
|
2017-02-12 07:04:44 +00:00
|
|
|
ret = sscanf(string, "%s %s %s %s %s%n", str1, str2, str3, str4,
|
2009-03-21 20:43:56 +00:00
|
|
|
str5, &cnt);
|
|
|
|
if (ret < 5)
|
|
|
|
{
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
2009-03-21 20:43:56 +00:00
|
|
|
"Can't parse USB bus message '%s', too few tokens (expected 5 got %d)",
|
|
|
|
string, ret);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
string += cnt;
|
|
|
|
|
|
|
|
/* try to convert to corresponding integer */
|
|
|
|
shdr = &uhdr->setup;
|
|
|
|
shdr->bmRequestType = strtoul(str1, 0, 16);
|
|
|
|
shdr->bRequest = strtoul(str2, 0, 16);
|
|
|
|
shdr->wValue = htols(strtoul(str3, 0, 16));
|
|
|
|
shdr->wIndex = htols(strtoul(str4, 0, 16));
|
|
|
|
shdr->wLength = htols(strtoul(str5, 0, 16));
|
|
|
|
|
|
|
|
uhdr->setup_flag = 0;
|
|
|
|
}
|
2017-02-12 07:04:44 +00:00
|
|
|
else
|
2009-03-21 20:43:56 +00:00
|
|
|
uhdr->setup_flag = 1;
|
|
|
|
|
|
|
|
/* read urb data */
|
|
|
|
ret = sscanf(string, " %d%n", &urb_len, &cnt);
|
|
|
|
if (ret < 1)
|
|
|
|
{
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
2009-03-21 20:43:56 +00:00
|
|
|
"Can't parse urb length from '%s'", string);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
string += cnt;
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
/* urb tag is not present if urb length is 0, so we can stop here
|
2009-03-21 20:43:56 +00:00
|
|
|
* text parsing */
|
|
|
|
pkth.len = urb_len+pkth.caplen;
|
|
|
|
uhdr->urb_len = urb_len;
|
|
|
|
uhdr->data_flag = 1;
|
|
|
|
data_len = 0;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
if (uhdr->urb_len == 0)
|
2009-03-21 20:43:56 +00:00
|
|
|
goto got;
|
|
|
|
|
|
|
|
/* check for data presence; data is present if and only if urb tag is '=' */
|
|
|
|
if (sscanf(string, " %c", &urb_tag) != 1)
|
|
|
|
{
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
2009-03-21 20:43:56 +00:00
|
|
|
"Can't parse urb tag from '%s'", string);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
if (urb_tag != '=')
|
2009-03-21 20:43:56 +00:00
|
|
|
goto got;
|
|
|
|
|
|
|
|
/* skip urb tag and following space */
|
|
|
|
string += 3;
|
|
|
|
|
|
|
|
/* if we reach this point we got some urb data*/
|
|
|
|
uhdr->data_flag = 0;
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
/* read all urb data; if urb length is greater then the usbmon internal
|
2009-03-21 20:43:56 +00:00
|
|
|
* buffer length used by the kernel to spool the URB, we get only
|
|
|
|
* a partial information.
|
|
|
|
* At least until linux 2.6.17 there is no way to set usbmon intenal buffer
|
|
|
|
* length and default value is 130. */
|
2017-02-12 07:04:44 +00:00
|
|
|
while ((string[0] != 0) && (string[1] != 0) && (pkth.caplen < (bpf_u_int32)handle->snapshot))
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
|
|
|
rawdata[0] = ascii_to_int(string[0]) * 16 + ascii_to_int(string[1]);
|
|
|
|
rawdata++;
|
|
|
|
string+=2;
|
|
|
|
if (string[0] == ' ')
|
|
|
|
string++;
|
|
|
|
pkth.caplen++;
|
|
|
|
data_len++;
|
|
|
|
}
|
|
|
|
|
|
|
|
got:
|
|
|
|
uhdr->data_len = data_len;
|
2017-02-12 07:04:44 +00:00
|
|
|
if (pkth.caplen > (bpf_u_int32)handle->snapshot)
|
|
|
|
pkth.caplen = (bpf_u_int32)handle->snapshot;
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2012-01-31 17:22:07 +00:00
|
|
|
if (handle->fcode.bf_insns == NULL ||
|
|
|
|
bpf_filter(handle->fcode.bf_insns, handle->buffer,
|
|
|
|
pkth.len, pkth.caplen)) {
|
2015-01-06 18:58:31 +00:00
|
|
|
handlep->packets_read++;
|
2012-01-31 17:22:07 +00:00
|
|
|
callback(user, &pkth, handle->buffer);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
return 0; /* didn't pass filter */
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
2018-05-18 12:21:19 +00:00
|
|
|
usb_inject_linux(pcap_t *handle, const void *buf _U_, size_t size _U_)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
2019-10-06 04:26:37 +00:00
|
|
|
pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
"Packet injection is not supported on USB devices");
|
2009-03-21 20:43:56 +00:00
|
|
|
return (-1);
|
|
|
|
}
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
static int
|
2009-03-21 20:43:56 +00:00
|
|
|
usb_stats_linux(pcap_t *handle, struct pcap_stat *stats)
|
|
|
|
{
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
2009-03-21 20:43:56 +00:00
|
|
|
int dummy, ret, consumed, cnt;
|
|
|
|
char string[USB_LINE_LEN];
|
|
|
|
char token[USB_LINE_LEN];
|
|
|
|
char * ptr = string;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
int fd;
|
2009-03-21 20:43:56 +00:00
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(string, USB_LINE_LEN, USB_TEXT_DIR"/%ds", handlep->bus_index);
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
fd = open(string, O_RDONLY, 0);
|
2009-03-21 20:43:56 +00:00
|
|
|
if (fd < 0)
|
|
|
|
{
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
if (errno == ENOENT)
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Not found at the new location; try the old
|
|
|
|
* location.
|
|
|
|
*/
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(string, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%ds", handlep->bus_index);
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
fd = open(string, O_RDONLY, 0);
|
|
|
|
}
|
|
|
|
if (fd < 0) {
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf,
|
|
|
|
PCAP_ERRBUF_SIZE, errno,
|
|
|
|
"Can't open USB stats file %s", string);
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
return -1;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* read stats line */
|
|
|
|
do {
|
|
|
|
ret = read(fd, string, USB_LINE_LEN-1);
|
|
|
|
} while ((ret == -1) && (errno == EINTR));
|
|
|
|
close(fd);
|
|
|
|
|
|
|
|
if (ret < 0)
|
|
|
|
{
|
2017-02-12 07:04:44 +00:00
|
|
|
pcap_snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
|
2009-03-21 20:43:56 +00:00
|
|
|
"Can't read stats from fd %d ", fd);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
string[ret] = 0;
|
|
|
|
|
2019-10-06 04:26:37 +00:00
|
|
|
stats->ps_recv = handlep->packets_read;
|
|
|
|
stats->ps_drop = 0; /* unless we find text_lost */
|
|
|
|
stats->ps_ifdrop = 0;
|
|
|
|
|
2009-03-21 20:43:56 +00:00
|
|
|
/* extract info on dropped urbs */
|
|
|
|
for (consumed=0; consumed < ret; ) {
|
2017-02-12 07:04:44 +00:00
|
|
|
/* from the sscanf man page:
|
|
|
|
* The C standard says: "Execution of a %n directive does
|
2009-03-21 20:43:56 +00:00
|
|
|
* not increment the assignment count returned at the completion
|
|
|
|
* of execution" but the Corrigendum seems to contradict this.
|
2017-02-12 07:04:44 +00:00
|
|
|
* Do not make any assumptions on the effect of %n conversions
|
2009-03-21 20:43:56 +00:00
|
|
|
* on the return value and explicitly check for cnt assignmet*/
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
int ntok;
|
|
|
|
|
2009-03-21 20:43:56 +00:00
|
|
|
cnt = -1;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
ntok = sscanf(ptr, "%s%n", token, &cnt);
|
2009-03-21 20:43:56 +00:00
|
|
|
if ((ntok < 1) || (cnt < 0))
|
|
|
|
break;
|
|
|
|
consumed += cnt;
|
|
|
|
ptr += cnt;
|
2019-10-06 04:26:37 +00:00
|
|
|
if (strcmp(token, "text_lost") == 0)
|
|
|
|
ntok = sscanf(ptr, "%d%n", &stats->ps_drop, &cnt);
|
2017-02-12 07:04:44 +00:00
|
|
|
else
|
2019-10-06 04:26:37 +00:00
|
|
|
ntok = sscanf(ptr, "%d%n", &dummy, &cnt);
|
|
|
|
if ((ntok != 1) || (cnt < 0))
|
2009-03-21 20:43:56 +00:00
|
|
|
break;
|
|
|
|
consumed += cnt;
|
|
|
|
ptr += cnt;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
static int
|
2009-03-21 20:43:56 +00:00
|
|
|
usb_setdirection_linux(pcap_t *p, pcap_direction_t d)
|
|
|
|
{
|
|
|
|
p->direction = d;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2017-02-12 07:04:44 +00:00
|
|
|
static int
|
2009-03-21 20:43:56 +00:00
|
|
|
usb_stats_linux_bin(pcap_t *handle, struct pcap_stat *stats)
|
|
|
|
{
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
2009-03-21 20:43:56 +00:00
|
|
|
int ret;
|
|
|
|
struct mon_bin_stats st;
|
|
|
|
ret = ioctl(handle->fd, MON_IOCG_STATS, &st);
|
|
|
|
if (ret < 0)
|
|
|
|
{
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
errno, "Can't read stats from fd %d", handle->fd);
|
2009-03-21 20:43:56 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2015-01-06 18:58:31 +00:00
|
|
|
stats->ps_recv = handlep->packets_read + st.queued;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
stats->ps_drop = st.dropped;
|
|
|
|
stats->ps_ifdrop = 0;
|
2009-03-21 20:43:56 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2017-02-12 07:04:44 +00:00
|
|
|
* see <linux-kernel-source>/Documentation/usb/usbmon.txt and
|
2009-03-21 20:43:56 +00:00
|
|
|
* <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI
|
|
|
|
*/
|
|
|
|
static int
|
2018-05-18 12:21:19 +00:00
|
|
|
usb_read_linux_bin(pcap_t *handle, int max_packets _U_, pcap_handler callback, u_char *user)
|
2009-03-21 20:43:56 +00:00
|
|
|
{
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
2009-03-21 20:43:56 +00:00
|
|
|
struct mon_bin_get info;
|
|
|
|
int ret;
|
|
|
|
struct pcap_pkthdr pkth;
|
2017-02-12 07:04:44 +00:00
|
|
|
u_int clen = handle->snapshot - sizeof(pcap_usb_header);
|
2009-03-21 20:43:56 +00:00
|
|
|
|
|
|
|
/* the usb header is going to be part of 'packet' data*/
|
|
|
|
info.hdr = (pcap_usb_header*) handle->buffer;
|
2017-02-12 07:04:44 +00:00
|
|
|
info.data = (u_char *)handle->buffer + sizeof(pcap_usb_header);
|
2009-03-21 20:43:56 +00:00
|
|
|
info.data_len = clen;
|
|
|
|
|
|
|
|
/* ignore interrupt system call errors */
|
|
|
|
do {
|
|
|
|
ret = ioctl(handle->fd, MON_IOCX_GET, &info);
|
|
|
|
if (handle->break_loop)
|
|
|
|
{
|
|
|
|
handle->break_loop = 0;
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
} while ((ret == -1) && (errno == EINTR));
|
|
|
|
if (ret < 0)
|
|
|
|
{
|
|
|
|
if (errno == EAGAIN)
|
|
|
|
return 0; /* no data there */
|
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
errno, "Can't read from fd %d", handle->fd);
|
2009-03-21 20:43:56 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2019-10-06 04:26:37 +00:00
|
|
|
/*
|
|
|
|
* info.hdr->data_len is the number of bytes of isochronous
|
|
|
|
* descriptors (if any) plus the number of bytes of data
|
|
|
|
* provided. There are no isochronous descriptors here,
|
|
|
|
* because we're using the old 48-byte header.
|
|
|
|
*
|
|
|
|
* If info.hdr->data_flag is non-zero, there's no URB data;
|
|
|
|
* info.hdr->urb_len is the size of the buffer into which
|
|
|
|
* data is to be placed; it does not represent the amount
|
|
|
|
* of data transferred. If info.hdr->data_flag is zero,
|
|
|
|
* there is URB data, and info.hdr->urb_len is the number
|
|
|
|
* of bytes transmitted or received; it doesn't include
|
|
|
|
* isochronous descriptors.
|
|
|
|
*
|
|
|
|
* The kernel may give us more data than the snaplen; if it did,
|
|
|
|
* reduce the data length so that the total number of bytes we
|
|
|
|
* tell our client we have is not greater than the snaplen.
|
|
|
|
*/
|
2009-03-21 20:43:56 +00:00
|
|
|
if (info.hdr->data_len < clen)
|
|
|
|
clen = info.hdr->data_len;
|
|
|
|
info.hdr->data_len = clen;
|
2019-10-06 04:26:37 +00:00
|
|
|
pkth.caplen = sizeof(pcap_usb_header) + clen;
|
|
|
|
if (info.hdr->data_flag) {
|
|
|
|
/*
|
|
|
|
* No data; just base the on-the-wire length on
|
|
|
|
* info.hdr->data_len (so that it's >= the captured
|
|
|
|
* length).
|
|
|
|
*/
|
|
|
|
pkth.len = sizeof(pcap_usb_header) + info.hdr->data_len;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* We got data; base the on-the-wire length on
|
|
|
|
* info.hdr->urb_len, so that it includes data
|
|
|
|
* discarded by the USB monitor device due to
|
|
|
|
* its buffer being too small.
|
|
|
|
*/
|
|
|
|
pkth.len = sizeof(pcap_usb_header) + info.hdr->urb_len;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
pkth.ts.tv_sec = info.hdr->ts_sec;
|
|
|
|
pkth.ts.tv_usec = info.hdr->ts_usec;
|
|
|
|
|
2012-01-31 17:22:07 +00:00
|
|
|
if (handle->fcode.bf_insns == NULL ||
|
|
|
|
bpf_filter(handle->fcode.bf_insns, handle->buffer,
|
|
|
|
pkth.len, pkth.caplen)) {
|
2015-01-06 18:58:31 +00:00
|
|
|
handlep->packets_read++;
|
2012-01-31 17:22:07 +00:00
|
|
|
callback(user, &pkth, handle->buffer);
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0; /* didn't pass filter */
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2017-02-12 07:04:44 +00:00
|
|
|
* see <linux-kernel-source>/Documentation/usb/usbmon.txt and
|
2009-03-21 20:43:56 +00:00
|
|
|
* <linux-kernel-source>/drivers/usb/mon/mon_bin.c binary ABI
|
|
|
|
*/
|
|
|
|
#define VEC_SIZE 32
|
|
|
|
static int
|
|
|
|
usb_read_linux_mmap(pcap_t *handle, int max_packets, pcap_handler callback, u_char *user)
|
|
|
|
{
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
2009-03-21 20:43:56 +00:00
|
|
|
struct mon_bin_mfetch fetch;
|
|
|
|
int32_t vec[VEC_SIZE];
|
|
|
|
struct pcap_pkthdr pkth;
|
2019-10-06 04:26:37 +00:00
|
|
|
pcap_usb_header_mmapped* hdr;
|
2009-03-21 20:43:56 +00:00
|
|
|
int nflush = 0;
|
|
|
|
int packets = 0;
|
2017-02-12 07:04:44 +00:00
|
|
|
u_int clen, max_clen;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
|
2019-10-06 04:26:37 +00:00
|
|
|
max_clen = handle->snapshot - sizeof(pcap_usb_header_mmapped);
|
2009-03-21 20:43:56 +00:00
|
|
|
|
|
|
|
for (;;) {
|
|
|
|
int i, ret;
|
|
|
|
int limit = max_packets - packets;
|
|
|
|
if (limit <= 0)
|
|
|
|
limit = VEC_SIZE;
|
|
|
|
if (limit > VEC_SIZE)
|
|
|
|
limit = VEC_SIZE;
|
|
|
|
|
|
|
|
/* try to fetch as many events as possible*/
|
|
|
|
fetch.offvec = vec;
|
|
|
|
fetch.nfetch = limit;
|
|
|
|
fetch.nflush = nflush;
|
|
|
|
/* ignore interrupt system call errors */
|
|
|
|
do {
|
|
|
|
ret = ioctl(handle->fd, MON_IOCX_MFETCH, &fetch);
|
|
|
|
if (handle->break_loop)
|
|
|
|
{
|
|
|
|
handle->break_loop = 0;
|
|
|
|
return -2;
|
|
|
|
}
|
|
|
|
} while ((ret == -1) && (errno == EINTR));
|
|
|
|
if (ret < 0)
|
|
|
|
{
|
|
|
|
if (errno == EAGAIN)
|
|
|
|
return 0; /* no data there */
|
|
|
|
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf,
|
|
|
|
PCAP_ERRBUF_SIZE, errno, "Can't mfetch fd %d",
|
|
|
|
handle->fd);
|
2009-03-21 20:43:56 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* keep track of processed events, we will flush them later */
|
|
|
|
nflush = fetch.nfetch;
|
|
|
|
for (i=0; i<fetch.nfetch; ++i) {
|
|
|
|
/* discard filler */
|
2019-10-06 04:26:37 +00:00
|
|
|
hdr = (pcap_usb_header_mmapped*) &handlep->mmapbuf[vec[i]];
|
2017-02-12 07:04:44 +00:00
|
|
|
if (hdr->event_type == '@')
|
2009-03-21 20:43:56 +00:00
|
|
|
continue;
|
|
|
|
|
2019-10-06 04:26:37 +00:00
|
|
|
/*
|
|
|
|
* hdr->data_len is the number of bytes of
|
|
|
|
* isochronous descriptors (if any) plus the
|
|
|
|
* number of bytes of data provided.
|
|
|
|
*
|
|
|
|
* If hdr->data_flag is non-zero, there's no
|
|
|
|
* URB data; hdr->urb_len is the size of the
|
|
|
|
* buffer into which data is to be placed; it does
|
|
|
|
* not represent the amount of data transferred.
|
|
|
|
* If hdr->data_flag is zero, there is URB data,
|
|
|
|
* and hdr->urb_len is the number of bytes
|
|
|
|
* transmitted or received; it doesn't include
|
|
|
|
* isochronous descriptors.
|
|
|
|
*
|
|
|
|
* The kernel may give us more data than the
|
|
|
|
* snaplen; if it did, reduce the data length
|
|
|
|
* so that the total number of bytes we
|
|
|
|
* tell our client we have is not greater than
|
|
|
|
* the snaplen.
|
|
|
|
*/
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
clen = max_clen;
|
|
|
|
if (hdr->data_len < clen)
|
|
|
|
clen = hdr->data_len;
|
2019-10-06 04:26:37 +00:00
|
|
|
pkth.caplen = sizeof(pcap_usb_header_mmapped) + clen;
|
|
|
|
if (hdr->data_flag) {
|
|
|
|
/*
|
|
|
|
* No data; just base the on-the-wire length
|
|
|
|
* on hdr->data_len (so that it's >= the
|
|
|
|
* captured length).
|
|
|
|
*/
|
|
|
|
pkth.len = sizeof(pcap_usb_header_mmapped) +
|
|
|
|
hdr->data_len;
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* We got data; base the on-the-wire length
|
|
|
|
* on hdr->urb_len, so that it includes
|
|
|
|
* data discarded by the USB monitor device
|
|
|
|
* due to its buffer being too small.
|
|
|
|
*/
|
|
|
|
pkth.len = sizeof(pcap_usb_header_mmapped) +
|
|
|
|
(hdr->ndesc * sizeof (usb_isodesc)) + hdr->urb_len;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
pkth.ts.tv_sec = hdr->ts_sec;
|
|
|
|
pkth.ts.tv_usec = hdr->ts_usec;
|
|
|
|
|
2012-01-31 17:22:07 +00:00
|
|
|
if (handle->fcode.bf_insns == NULL ||
|
|
|
|
bpf_filter(handle->fcode.bf_insns, (u_char*) hdr,
|
|
|
|
pkth.len, pkth.caplen)) {
|
2015-01-06 18:58:31 +00:00
|
|
|
handlep->packets_read++;
|
2012-01-31 17:22:07 +00:00
|
|
|
callback(user, &pkth, (u_char*) hdr);
|
|
|
|
packets++;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
}
|
|
|
|
|
2015-01-06 18:58:31 +00:00
|
|
|
/* with max_packets specifying "unlimited" we stop afer the first chunk*/
|
|
|
|
if (PACKET_COUNT_IS_UNLIMITED(max_packets) || (packets == max_packets))
|
2009-03-21 20:43:56 +00:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* flush pending events*/
|
2017-02-12 07:04:44 +00:00
|
|
|
if (ioctl(handle->fd, MON_IOCH_MFLUSH, nflush) == -1) {
|
2018-05-18 12:21:19 +00:00
|
|
|
pcap_fmt_errmsg_for_errno(handle->errbuf, PCAP_ERRBUF_SIZE,
|
|
|
|
errno, "Can't mflush fd %d", handle->fd);
|
2017-02-12 07:04:44 +00:00
|
|
|
return -1;
|
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
return packets;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
usb_cleanup_linux_mmap(pcap_t* handle)
|
|
|
|
{
|
2015-01-06 18:58:31 +00:00
|
|
|
struct pcap_usb_linux *handlep = handle->priv;
|
|
|
|
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
/* if we have a memory-mapped buffer, unmap it */
|
2015-01-06 18:58:31 +00:00
|
|
|
if (handlep->mmapbuf != NULL) {
|
|
|
|
munmap(handlep->mmapbuf, handlep->mmapbuflen);
|
|
|
|
handlep->mmapbuf = NULL;
|
Update libpcap to 1.1.1.
Changes:
Thu. April 1, 2010. guy@alum.mit.edu.
Summary for 1.1.1 libpcap release
Update CHANGES to reflect more of the changes in 1.1.0.
Fix build on RHEL5.
Fix shared library build on AIX.
Thu. March 11, 2010. ken@netfunctional.ca/guy@alum.mit.edu.
Summary for 1.1.0 libpcap release
Add SocketCAN capture support
Add Myricom SNF API support
Update Endace DAG and ERF support
Add support for shared libraries on Solaris, HP-UX, and AIX
Build, install, and un-install shared libraries by default;
don't build/install shared libraries on platforms we don't support
Fix building from a directory other than the source directory
Fix compiler warnings and builds on some platforms
Update config.guess and config.sub
Support monitor mode on mac80211 devices on Linux
Fix USB memory-mapped capturing on Linux; it requires a new DLT_
value
On Linux, scan /sys/class/net for devices if we have it; scan
it, or /proc/net/dev if we don't have /sys/class/net, even if
we have getifaddrs(), as it'll find interfaces with no
addresses
Add limited support for reading pcap-ng files
Fix BPF driver-loading error handling on AIX
Support getting the full-length interface description on FreeBSD
In the lexical analyzer, free up any addrinfo structure we got back
from getaddrinfo().
Add support for BPF and libdlpi in OpenSolaris (and SXCE)
Hyphenate "link-layer" everywhere
Add /sys/kernel/debug/usb/usbmon to the list of usbmon locations
In pcap_read_linux_mmap(), if there are no frames available, call
poll() even if we're in non-blocking mode, so we pick up
errors, and check for the errors in question.
Note that poll() works on BPF devices is Snow Leopard
If an ENXIO or ENETDOWN is received, it may mean the device has
gone away. Deal with it.
For BPF, raise the default capture buffer size to from 32k to 512k
Support ps_ifdrop on Linux
Added a bunch of #ifdef directives to make wpcap.dll (WinPcap) compile
under cygwin.
Changes to Linux mmapped captures.
Fix bug where create_ring would fail for particular snaplen and
buffer size combinations
Update pcap-config so that it handles libpcap requiring
additional libraries
Add workaround for threadsafeness on Windows
Add missing mapping for DLT_ENC <-> LINKTYPE_ENC
DLT: Add DLT_CAN_SOCKETCAN
DLT: Add Solaris ipnet
Don't check for DLT_IPNET if it's not defined
Add link-layer types for Fibre Channel FC-2
Add link-layer types for Wireless HART
Add link-layer types for AOS
Add link-layer types for DECT
Autoconf fixes (AIX, HP-UX, OSF/1, Tru64 cleanups)
Install headers unconditionally, and include vlan.h/bluetooth.h if
enabled
Autoconf fixes+cleanup
Support enabling/disabling bluetooth (--{en,dis}able-bluetooth)
Support disabling SITA support (--without-sita)
Return -1 on failure to create packet ring (if supported but
creation failed)
Fix handling of 'any' device, so that it can be opened, and no longer
attempt to open it in Monitor mode
Add support for snapshot length for USB Memory-Mapped Interface
Fix configure and build on recent Linux kernels
Fix memory-mapped Linux capture to support pcap_next() and
pcap_next_ex()
Fixes for Linux USB capture
DLT: Add DLT_LINUX_EVDEV
DLT: Add DLT_GSMTAP_UM
DLT: Add DLT_GSMTAP_ABIS
2010-10-28 16:22:13 +00:00
|
|
|
}
|
2009-03-21 20:43:56 +00:00
|
|
|
pcap_cleanup_live_common(handle);
|
|
|
|
}
|