1 /* 2 * Copyright (c) 1993, 1994, 1995, 1996, 1997, 1998 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the Computer Systems 16 * Engineering Group at Lawrence Berkeley Laboratory. 17 * 4. Neither the name of the University nor of the Laboratory may be used 18 * to endorse or promote products derived from this software without 19 * specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifdef HAVE_CONFIG_H 35 #include "config.h" 36 #endif 37 38 #ifdef WIN32 39 #include <pcap-stdinc.h> 40 #else /* WIN32 */ 41 #if HAVE_INTTYPES_H 42 #include <inttypes.h> 43 #elif HAVE_STDINT_H 44 #include <stdint.h> 45 #endif 46 #ifdef HAVE_SYS_BITYPES_H 47 #include <sys/bitypes.h> 48 #endif 49 #include <sys/types.h> 50 #include <sys/mman.h> 51 #endif /* WIN32 */ 52 53 #include <stdio.h> 54 #include <stdlib.h> 55 #include <string.h> 56 #if !defined(_MSC_VER) && !defined(__BORLANDC__) && !defined(__MINGW32__) 57 #include <unistd.h> 58 #endif 59 #include <fcntl.h> 60 #include <errno.h> 61 62 #ifdef HAVE_OS_PROTO_H 63 #include "os-proto.h" 64 #endif 65 66 #ifdef MSDOS 67 #include "pcap-dos.h" 68 #endif 69 70 #include "pcap-int.h" 71 72 #ifdef HAVE_DAG_API 73 #include "pcap-dag.h" 74 #endif /* HAVE_DAG_API */ 75 76 #ifdef HAVE_SEPTEL_API 77 #include "pcap-septel.h" 78 #endif /* HAVE_SEPTEL_API */ 79 80 #ifdef HAVE_SNF_API 81 #include "pcap-snf.h" 82 #endif /* HAVE_SNF_API */ 83 84 #ifdef PCAP_SUPPORT_USB 85 #include "pcap-usb-linux.h" 86 #endif 87 88 #ifdef PCAP_SUPPORT_BT 89 #include "pcap-bt-linux.h" 90 #endif 91 92 #ifdef PCAP_SUPPORT_BT_MONITOR 93 #include "pcap-bt-monitor-linux.h" 94 #endif 95 96 #ifdef PCAP_SUPPORT_CAN 97 #include "pcap-can-linux.h" 98 #endif 99 100 #ifdef PCAP_SUPPORT_CANUSB 101 #include "pcap-canusb-linux.h" 102 #endif 103 104 #ifdef PCAP_SUPPORT_NETFILTER 105 #include "pcap-netfilter-linux.h" 106 #endif 107 108 #ifdef PCAP_SUPPORT_NETMAP 109 pcap_t* pcap_netmap_create(const char *device, char *ebuf, int *is_ours); 110 #endif 111 112 #ifdef PCAP_SUPPORT_DBUS 113 #include "pcap-dbus.h" 114 #endif 115 116 int 117 pcap_not_initialized(pcap_t *pcap _U_) 118 { 119 /* this means 'not initialized' */ 120 return (PCAP_ERROR_NOT_ACTIVATED); 121 } 122 123 #ifdef WIN32 124 Adapter * 125 pcap_no_adapter(pcap_t *pcap _U_) 126 { 127 return (NULL); 128 } 129 #endif 130 131 /* 132 * Returns 1 if rfmon mode can be set on the pcap_t, 0 if it can't, 133 * a PCAP_ERROR value on an error. 134 */ 135 int 136 pcap_can_set_rfmon(pcap_t *p) 137 { 138 return (p->can_set_rfmon_op(p)); 139 } 140 141 /* 142 * For systems where rfmon mode is never supported. 143 */ 144 static int 145 pcap_cant_set_rfmon(pcap_t *p _U_) 146 { 147 return (0); 148 } 149 150 /* 151 * Sets *tstamp_typesp to point to an array 1 or more supported time stamp 152 * types; the return value is the number of supported time stamp types. 153 * The list should be freed by a call to pcap_free_tstamp_types() when 154 * you're done with it. 155 * 156 * A return value of 0 means "you don't get a choice of time stamp type", 157 * in which case *tstamp_typesp is set to null. 158 * 159 * PCAP_ERROR is returned on error. 160 */ 161 int 162 pcap_list_tstamp_types(pcap_t *p, int **tstamp_typesp) 163 { 164 if (p->tstamp_type_count == 0) { 165 /* 166 * We don't support multiple time stamp types. 167 */ 168 *tstamp_typesp = NULL; 169 } else { 170 *tstamp_typesp = (int*)calloc(sizeof(**tstamp_typesp), 171 p->tstamp_type_count); 172 if (*tstamp_typesp == NULL) { 173 (void)snprintf(p->errbuf, sizeof(p->errbuf), 174 "malloc: %s", pcap_strerror(errno)); 175 return (PCAP_ERROR); 176 } 177 (void)memcpy(*tstamp_typesp, p->tstamp_type_list, 178 sizeof(**tstamp_typesp) * p->tstamp_type_count); 179 } 180 return (p->tstamp_type_count); 181 } 182 183 /* 184 * In Windows, you might have a library built with one version of the 185 * C runtime library and an application built with another version of 186 * the C runtime library, which means that the library might use one 187 * version of malloc() and free() and the application might use another 188 * version of malloc() and free(). If so, that means something 189 * allocated by the library cannot be freed by the application, so we 190 * need to have a pcap_free_tstamp_types() routine to free up the list 191 * allocated by pcap_list_tstamp_types(), even though it's just a wrapper 192 * around free(). 193 */ 194 void 195 pcap_free_tstamp_types(int *tstamp_type_list) 196 { 197 free(tstamp_type_list); 198 } 199 200 /* 201 * Default one-shot callback; overridden for capture types where the 202 * packet data cannot be guaranteed to be available after the callback 203 * returns, so that a copy must be made. 204 */ 205 void 206 pcap_oneshot(u_char *user, const struct pcap_pkthdr *h, const u_char *pkt) 207 { 208 struct oneshot_userdata *sp = (struct oneshot_userdata *)user; 209 210 *sp->hdr = *h; 211 *sp->pkt = pkt; 212 } 213 214 const u_char * 215 pcap_next(pcap_t *p, struct pcap_pkthdr *h) 216 { 217 struct oneshot_userdata s; 218 const u_char *pkt; 219 220 s.hdr = h; 221 s.pkt = &pkt; 222 s.pd = p; 223 if (pcap_dispatch(p, 1, p->oneshot_callback, (u_char *)&s) <= 0) 224 return (0); 225 return (pkt); 226 } 227 228 int 229 pcap_next_ex(pcap_t *p, struct pcap_pkthdr **pkt_header, 230 const u_char **pkt_data) 231 { 232 struct oneshot_userdata s; 233 234 s.hdr = &p->pcap_header; 235 s.pkt = pkt_data; 236 s.pd = p; 237 238 /* Saves a pointer to the packet headers */ 239 *pkt_header= &p->pcap_header; 240 241 if (p->rfile != NULL) { 242 int status; 243 244 /* We are on an offline capture */ 245 status = pcap_offline_read(p, 1, p->oneshot_callback, 246 (u_char *)&s); 247 248 /* 249 * Return codes for pcap_offline_read() are: 250 * - 0: EOF 251 * - -1: error 252 * - >1: OK 253 * The first one ('0') conflicts with the return code of 254 * 0 from pcap_read() meaning "no packets arrived before 255 * the timeout expired", so we map it to -2 so you can 256 * distinguish between an EOF from a savefile and a 257 * "no packets arrived before the timeout expired, try 258 * again" from a live capture. 259 */ 260 if (status == 0) 261 return (-2); 262 else 263 return (status); 264 } 265 266 /* 267 * Return codes for pcap_read() are: 268 * - 0: timeout 269 * - -1: error 270 * - -2: loop was broken out of with pcap_breakloop() 271 * - >1: OK 272 * The first one ('0') conflicts with the return code of 0 from 273 * pcap_offline_read() meaning "end of file". 274 */ 275 return (p->read_op(p, 1, p->oneshot_callback, (u_char *)&s)); 276 } 277 278 #if defined(DAG_ONLY) 279 int 280 pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf) 281 { 282 return (dag_findalldevs(alldevsp, errbuf)); 283 } 284 285 pcap_t * 286 pcap_create(const char *source, char *errbuf) 287 { 288 return (dag_create(source, errbuf)); 289 } 290 #elif defined(SEPTEL_ONLY) 291 int 292 pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf) 293 { 294 return (septel_findalldevs(alldevsp, errbuf)); 295 } 296 297 pcap_t * 298 pcap_create(const char *source, char *errbuf) 299 { 300 return (septel_create(source, errbuf)); 301 } 302 #elif defined(SNF_ONLY) 303 int 304 pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf) 305 { 306 return (snf_findalldevs(alldevsp, errbuf)); 307 } 308 309 pcap_t * 310 pcap_create(const char *source, char *errbuf) 311 { 312 return (snf_create(source, errbuf)); 313 } 314 #else /* regular pcap */ 315 struct capture_source_type { 316 int (*findalldevs_op)(pcap_if_t **, char *); 317 pcap_t *(*create_op)(const char *, char *, int *); 318 } capture_source_types[] = { 319 #ifdef PCAP_SUPPORT_NETMAP 320 { NULL, pcap_netmap_create }, 321 #endif 322 #ifdef HAVE_DAG_API 323 { dag_findalldevs, dag_create }, 324 #endif 325 #ifdef HAVE_SEPTEL_API 326 { septel_findalldevs, septel_create }, 327 #endif 328 #ifdef HAVE_SNF_API 329 { snf_findalldevs, snf_create }, 330 #endif 331 #ifdef PCAP_SUPPORT_BT 332 { bt_findalldevs, bt_create }, 333 #endif 334 #ifdef PCAP_SUPPORT_BT_MONITOR 335 { bt_monitor_findalldevs, bt_monitor_create }, 336 #endif 337 #if PCAP_SUPPORT_CANUSB 338 { canusb_findalldevs, canusb_create }, 339 #endif 340 #ifdef PCAP_SUPPORT_CAN 341 { can_findalldevs, can_create }, 342 #endif 343 #ifdef PCAP_SUPPORT_USB 344 { usb_findalldevs, usb_create }, 345 #endif 346 #ifdef PCAP_SUPPORT_NETFILTER 347 { netfilter_findalldevs, netfilter_create }, 348 #endif 349 #ifdef PCAP_SUPPORT_DBUS 350 { dbus_findalldevs, dbus_create }, 351 #endif 352 { NULL, NULL } 353 }; 354 355 /* 356 * Get a list of all capture sources that are up and that we can open. 357 * Returns -1 on error, 0 otherwise. 358 * The list, as returned through "alldevsp", may be null if no interfaces 359 * were up and could be opened. 360 */ 361 int 362 pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf) 363 { 364 size_t i; 365 366 /* 367 * Get the list of regular interfaces first. 368 */ 369 if (pcap_findalldevs_interfaces(alldevsp, errbuf) == -1) 370 return (-1); /* failure */ 371 372 /* 373 * Add any interfaces that need a platform-specific mechanism 374 * to find. 375 */ 376 if (pcap_platform_finddevs(alldevsp, errbuf) == -1) { 377 /* 378 * We had an error; free the list we've been 379 * constructing. 380 */ 381 if (*alldevsp != NULL) { 382 pcap_freealldevs(*alldevsp); 383 *alldevsp = NULL; 384 } 385 return (-1); 386 } 387 388 /* 389 * Ask each of the non-local-network-interface capture 390 * source types what interfaces they have. 391 */ 392 for (i = 0; capture_source_types[i].findalldevs_op != NULL; i++) { 393 if (capture_source_types[i].findalldevs_op(alldevsp, errbuf) == -1) { 394 /* 395 * We had an error; free the list we've been 396 * constructing. 397 */ 398 if (*alldevsp != NULL) { 399 pcap_freealldevs(*alldevsp); 400 *alldevsp = NULL; 401 } 402 return (-1); 403 } 404 } 405 406 return (0); 407 } 408 409 pcap_t * 410 pcap_create(const char *source, char *errbuf) 411 { 412 size_t i; 413 int is_theirs; 414 pcap_t *p; 415 416 /* 417 * A null source name is equivalent to the "any" device - 418 * which might not be supported on this platform, but 419 * this means that you'll get a "not supported" error 420 * rather than, say, a crash when we try to dereference 421 * the null pointer. 422 */ 423 if (source == NULL) 424 source = "any"; 425 426 /* 427 * Try each of the non-local-network-interface capture 428 * source types until we find one that works for this 429 * device or run out of types. 430 */ 431 for (i = 0; capture_source_types[i].create_op != NULL; i++) { 432 is_theirs = 0; 433 p = capture_source_types[i].create_op(source, errbuf, &is_theirs); 434 if (is_theirs) { 435 /* 436 * The device name refers to a device of the 437 * type in question; either it succeeded, 438 * in which case p refers to a pcap_t to 439 * later activate for the device, or it 440 * failed, in which case p is null and we 441 * should return that to report the failure 442 * to create. 443 */ 444 return (p); 445 } 446 } 447 448 /* 449 * OK, try it as a regular network interface. 450 */ 451 return (pcap_create_interface(source, errbuf)); 452 } 453 #endif 454 455 static void 456 initialize_ops(pcap_t *p) 457 { 458 /* 459 * Set operation pointers for operations that only work on 460 * an activated pcap_t to point to a routine that returns 461 * a "this isn't activated" error. 462 */ 463 p->read_op = (read_op_t)pcap_not_initialized; 464 p->inject_op = (inject_op_t)pcap_not_initialized; 465 p->setfilter_op = (setfilter_op_t)pcap_not_initialized; 466 p->setdirection_op = (setdirection_op_t)pcap_not_initialized; 467 p->set_datalink_op = (set_datalink_op_t)pcap_not_initialized; 468 p->getnonblock_op = (getnonblock_op_t)pcap_not_initialized; 469 p->setnonblock_op = (setnonblock_op_t)pcap_not_initialized; 470 p->stats_op = (stats_op_t)pcap_not_initialized; 471 #ifdef WIN32 472 p->setbuff_op = (setbuff_op_t)pcap_not_initialized; 473 p->setmode_op = (setmode_op_t)pcap_not_initialized; 474 p->setmintocopy_op = (setmintocopy_op_t)pcap_not_initialized; 475 p->getadapter_op = pcap_no_adapter; 476 #endif 477 478 /* 479 * Default cleanup operation - implementations can override 480 * this, but should call pcap_cleanup_live_common() after 481 * doing their own additional cleanup. 482 */ 483 p->cleanup_op = pcap_cleanup_live_common; 484 485 /* 486 * In most cases, the standard one-shot callback can 487 * be used for pcap_next()/pcap_next_ex(). 488 */ 489 p->oneshot_callback = pcap_oneshot; 490 } 491 492 static pcap_t * 493 pcap_alloc_pcap_t(char *ebuf, size_t size) 494 { 495 char *chunk; 496 pcap_t *p; 497 498 /* 499 * Allocate a chunk of memory big enough for a pcap_t 500 * plus a structure following it of size "size". The 501 * structure following it is a private data structure 502 * for the routines that handle this pcap_t. 503 */ 504 chunk = malloc(sizeof (pcap_t) + size); 505 if (chunk == NULL) { 506 snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s", 507 pcap_strerror(errno)); 508 return (NULL); 509 } 510 memset(chunk, 0, sizeof (pcap_t) + size); 511 512 /* 513 * Get a pointer to the pcap_t at the beginning. 514 */ 515 p = (pcap_t *)chunk; 516 517 #ifndef WIN32 518 p->fd = -1; /* not opened yet */ 519 p->selectable_fd = -1; 520 #endif 521 522 if (size == 0) { 523 /* No private data was requested. */ 524 p->priv = NULL; 525 } else { 526 /* 527 * Set the pointer to the private data; that's the structure 528 * of size "size" following the pcap_t. 529 */ 530 p->priv = (void *)(chunk + sizeof (pcap_t)); 531 } 532 533 return (p); 534 } 535 536 pcap_t * 537 pcap_create_common(const char *source, char *ebuf, size_t size) 538 { 539 pcap_t *p; 540 541 p = pcap_alloc_pcap_t(ebuf, size); 542 if (p == NULL) 543 return (NULL); 544 545 p->opt.source = strdup(source); 546 if (p->opt.source == NULL) { 547 snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s", 548 pcap_strerror(errno)); 549 free(p); 550 return (NULL); 551 } 552 553 /* 554 * Default to "can't set rfmon mode"; if it's supported by 555 * a platform, the create routine that called us can set 556 * the op to its routine to check whether a particular 557 * device supports it. 558 */ 559 p->can_set_rfmon_op = pcap_cant_set_rfmon; 560 561 initialize_ops(p); 562 563 /* put in some defaults*/ 564 pcap_set_snaplen(p, MAXIMUM_SNAPLEN); /* max packet size */ 565 p->opt.timeout = 0; /* no timeout specified */ 566 p->opt.buffer_size = 0; /* use the platform's default */ 567 p->opt.promisc = 0; 568 p->opt.rfmon = 0; 569 p->opt.immediate = 0; 570 p->opt.tstamp_type = -1; /* default to not setting time stamp type */ 571 p->opt.tstamp_precision = PCAP_TSTAMP_PRECISION_MICRO; 572 return (p); 573 } 574 575 int 576 pcap_check_activated(pcap_t *p) 577 { 578 if (p->activated) { 579 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "can't perform " 580 " operation on activated capture"); 581 return (-1); 582 } 583 return (0); 584 } 585 586 int 587 pcap_set_snaplen(pcap_t *p, int snaplen) 588 { 589 if (pcap_check_activated(p)) 590 return (PCAP_ERROR_ACTIVATED); 591 p->snapshot = snaplen; 592 return (0); 593 } 594 595 int 596 pcap_set_promisc(pcap_t *p, int promisc) 597 { 598 if (pcap_check_activated(p)) 599 return (PCAP_ERROR_ACTIVATED); 600 p->opt.promisc = promisc; 601 return (0); 602 } 603 604 int 605 pcap_set_rfmon(pcap_t *p, int rfmon) 606 { 607 if (pcap_check_activated(p)) 608 return (PCAP_ERROR_ACTIVATED); 609 p->opt.rfmon = rfmon; 610 return (0); 611 } 612 613 int 614 pcap_set_timeout(pcap_t *p, int timeout_ms) 615 { 616 if (pcap_check_activated(p)) 617 return (PCAP_ERROR_ACTIVATED); 618 p->opt.timeout = timeout_ms; 619 return (0); 620 } 621 622 int 623 pcap_set_tstamp_type(pcap_t *p, int tstamp_type) 624 { 625 int i; 626 627 if (pcap_check_activated(p)) 628 return (PCAP_ERROR_ACTIVATED); 629 630 /* 631 * If p->tstamp_type_count is 0, we only support PCAP_TSTAMP_HOST; 632 * the default time stamp type is PCAP_TSTAMP_HOST. 633 */ 634 if (p->tstamp_type_count == 0) { 635 if (tstamp_type == PCAP_TSTAMP_HOST) { 636 p->opt.tstamp_type = tstamp_type; 637 return (0); 638 } 639 } else { 640 /* 641 * Check whether we claim to support this type of time stamp. 642 */ 643 for (i = 0; i < p->tstamp_type_count; i++) { 644 if (p->tstamp_type_list[i] == tstamp_type) { 645 /* 646 * Yes. 647 */ 648 p->opt.tstamp_type = tstamp_type; 649 return (0); 650 } 651 } 652 } 653 654 /* 655 * We don't support this type of time stamp. 656 */ 657 return (PCAP_WARNING_TSTAMP_TYPE_NOTSUP); 658 } 659 660 int 661 pcap_set_immediate_mode(pcap_t *p, int immediate) 662 { 663 if (pcap_check_activated(p)) 664 return (PCAP_ERROR_ACTIVATED); 665 p->opt.immediate = immediate; 666 return (0); 667 } 668 669 int 670 pcap_set_buffer_size(pcap_t *p, int buffer_size) 671 { 672 if (pcap_check_activated(p)) 673 return (PCAP_ERROR_ACTIVATED); 674 p->opt.buffer_size = buffer_size; 675 return (0); 676 } 677 678 int 679 pcap_set_tstamp_precision(pcap_t *p, int tstamp_precision) 680 { 681 int i; 682 683 if (pcap_check_activated(p)) 684 return (PCAP_ERROR_ACTIVATED); 685 686 /* 687 * If p->tstamp_precision_count is 0, we only support setting 688 * the time stamp precision to microsecond precision; every 689 * pcap module *MUST* support microsecond precision, even if 690 * it does so by converting the native precision to 691 * microseconds. 692 */ 693 if (p->tstamp_precision_count == 0) { 694 if (tstamp_precision == PCAP_TSTAMP_PRECISION_MICRO) { 695 p->opt.tstamp_precision = tstamp_precision; 696 return (0); 697 } 698 } else { 699 /* 700 * Check whether we claim to support this precision of 701 * time stamp. 702 */ 703 for (i = 0; i < p->tstamp_precision_count; i++) { 704 if (p->tstamp_precision_list[i] == tstamp_precision) { 705 /* 706 * Yes. 707 */ 708 p->opt.tstamp_precision = tstamp_precision; 709 return (0); 710 } 711 } 712 } 713 714 /* 715 * We don't support this time stamp precision. 716 */ 717 return (PCAP_ERROR_TSTAMP_PRECISION_NOTSUP); 718 } 719 720 int 721 pcap_get_tstamp_precision(pcap_t *p) 722 { 723 return (p->opt.tstamp_precision); 724 } 725 726 int 727 pcap_activate(pcap_t *p) 728 { 729 int status; 730 731 /* 732 * Catch attempts to re-activate an already-activated 733 * pcap_t; this should, for example, catch code that 734 * calls pcap_open_live() followed by pcap_activate(), 735 * as some code that showed up in a Stack Exchange 736 * question did. 737 */ 738 if (pcap_check_activated(p)) 739 return (PCAP_ERROR_ACTIVATED); 740 status = p->activate_op(p); 741 if (status >= 0) 742 p->activated = 1; 743 else { 744 if (p->errbuf[0] == '\0') { 745 /* 746 * No error message supplied by the activate routine; 747 * for the benefit of programs that don't specially 748 * handle errors other than PCAP_ERROR, return the 749 * error message corresponding to the status. 750 */ 751 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "%s", 752 pcap_statustostr(status)); 753 } 754 755 /* 756 * Undo any operation pointer setting, etc. done by 757 * the activate operation. 758 */ 759 initialize_ops(p); 760 } 761 return (status); 762 } 763 764 pcap_t * 765 pcap_open_live(const char *source, int snaplen, int promisc, int to_ms, char *errbuf) 766 { 767 pcap_t *p; 768 int status; 769 770 p = pcap_create(source, errbuf); 771 if (p == NULL) 772 return (NULL); 773 status = pcap_set_snaplen(p, snaplen); 774 if (status < 0) 775 goto fail; 776 status = pcap_set_promisc(p, promisc); 777 if (status < 0) 778 goto fail; 779 status = pcap_set_timeout(p, to_ms); 780 if (status < 0) 781 goto fail; 782 /* 783 * Mark this as opened with pcap_open_live(), so that, for 784 * example, we show the full list of DLT_ values, rather 785 * than just the ones that are compatible with capturing 786 * when not in monitor mode. That allows existing applications 787 * to work the way they used to work, but allows new applications 788 * that know about the new open API to, for example, find out the 789 * DLT_ values that they can select without changing whether 790 * the adapter is in monitor mode or not. 791 */ 792 p->oldstyle = 1; 793 status = pcap_activate(p); 794 if (status < 0) 795 goto fail; 796 return (p); 797 fail: 798 if (status == PCAP_ERROR) 799 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", source, 800 p->errbuf); 801 else if (status == PCAP_ERROR_NO_SUCH_DEVICE || 802 status == PCAP_ERROR_PERM_DENIED || 803 status == PCAP_ERROR_PROMISC_PERM_DENIED) 804 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s (%s)", source, 805 pcap_statustostr(status), p->errbuf); 806 else 807 snprintf(errbuf, PCAP_ERRBUF_SIZE, "%s: %s", source, 808 pcap_statustostr(status)); 809 pcap_close(p); 810 return (NULL); 811 } 812 813 pcap_t * 814 pcap_open_offline_common(char *ebuf, size_t size) 815 { 816 pcap_t *p; 817 818 p = pcap_alloc_pcap_t(ebuf, size); 819 if (p == NULL) 820 return (NULL); 821 822 p->opt.tstamp_precision = PCAP_TSTAMP_PRECISION_MICRO; 823 p->opt.source = strdup("(savefile)"); 824 if (p->opt.source == NULL) { 825 snprintf(ebuf, PCAP_ERRBUF_SIZE, "malloc: %s", 826 pcap_strerror(errno)); 827 free(p); 828 return (NULL); 829 } 830 831 return (p); 832 } 833 834 int 835 pcap_dispatch(pcap_t *p, int cnt, pcap_handler callback, u_char *user) 836 { 837 return (p->read_op(p, cnt, callback, user)); 838 } 839 840 /* 841 * XXX - is this necessary? 842 */ 843 int 844 pcap_read(pcap_t *p, int cnt, pcap_handler callback, u_char *user) 845 { 846 847 return (p->read_op(p, cnt, callback, user)); 848 } 849 850 int 851 pcap_loop(pcap_t *p, int cnt, pcap_handler callback, u_char *user) 852 { 853 register int n; 854 855 for (;;) { 856 if (p->rfile != NULL) { 857 /* 858 * 0 means EOF, so don't loop if we get 0. 859 */ 860 n = pcap_offline_read(p, cnt, callback, user); 861 } else { 862 /* 863 * XXX keep reading until we get something 864 * (or an error occurs) 865 */ 866 do { 867 n = p->read_op(p, cnt, callback, user); 868 } while (n == 0); 869 } 870 if (n <= 0) 871 return (n); 872 if (!PACKET_COUNT_IS_UNLIMITED(cnt)) { 873 cnt -= n; 874 if (cnt <= 0) 875 return (0); 876 } 877 } 878 } 879 880 /* 881 * Force the loop in "pcap_read()" or "pcap_read_offline()" to terminate. 882 */ 883 void 884 pcap_breakloop(pcap_t *p) 885 { 886 p->break_loop = 1; 887 } 888 889 int 890 pcap_datalink(pcap_t *p) 891 { 892 if (!p->activated) 893 return (PCAP_ERROR_NOT_ACTIVATED); 894 return (p->linktype); 895 } 896 897 int 898 pcap_datalink_ext(pcap_t *p) 899 { 900 if (!p->activated) 901 return (PCAP_ERROR_NOT_ACTIVATED); 902 return (p->linktype_ext); 903 } 904 905 int 906 pcap_list_datalinks(pcap_t *p, int **dlt_buffer) 907 { 908 if (!p->activated) 909 return (PCAP_ERROR_NOT_ACTIVATED); 910 if (p->dlt_count == 0) { 911 /* 912 * We couldn't fetch the list of DLTs, which means 913 * this platform doesn't support changing the 914 * DLT for an interface. Return a list of DLTs 915 * containing only the DLT this device supports. 916 */ 917 *dlt_buffer = (int*)malloc(sizeof(**dlt_buffer)); 918 if (*dlt_buffer == NULL) { 919 (void)snprintf(p->errbuf, sizeof(p->errbuf), 920 "malloc: %s", pcap_strerror(errno)); 921 return (PCAP_ERROR); 922 } 923 **dlt_buffer = p->linktype; 924 return (1); 925 } else { 926 *dlt_buffer = (int*)calloc(sizeof(**dlt_buffer), p->dlt_count); 927 if (*dlt_buffer == NULL) { 928 (void)snprintf(p->errbuf, sizeof(p->errbuf), 929 "malloc: %s", pcap_strerror(errno)); 930 return (PCAP_ERROR); 931 } 932 (void)memcpy(*dlt_buffer, p->dlt_list, 933 sizeof(**dlt_buffer) * p->dlt_count); 934 return (p->dlt_count); 935 } 936 } 937 938 /* 939 * In Windows, you might have a library built with one version of the 940 * C runtime library and an application built with another version of 941 * the C runtime library, which means that the library might use one 942 * version of malloc() and free() and the application might use another 943 * version of malloc() and free(). If so, that means something 944 * allocated by the library cannot be freed by the application, so we 945 * need to have a pcap_free_datalinks() routine to free up the list 946 * allocated by pcap_list_datalinks(), even though it's just a wrapper 947 * around free(). 948 */ 949 void 950 pcap_free_datalinks(int *dlt_list) 951 { 952 free(dlt_list); 953 } 954 955 int 956 pcap_set_datalink(pcap_t *p, int dlt) 957 { 958 int i; 959 const char *dlt_name; 960 961 if (p->dlt_count == 0 || p->set_datalink_op == NULL) { 962 /* 963 * We couldn't fetch the list of DLTs, or we don't 964 * have a "set datalink" operation, which means 965 * this platform doesn't support changing the 966 * DLT for an interface. Check whether the new 967 * DLT is the one this interface supports. 968 */ 969 if (p->linktype != dlt) 970 goto unsupported; 971 972 /* 973 * It is, so there's nothing we need to do here. 974 */ 975 return (0); 976 } 977 for (i = 0; i < p->dlt_count; i++) 978 if (p->dlt_list[i] == dlt) 979 break; 980 if (i >= p->dlt_count) 981 goto unsupported; 982 if (p->dlt_count == 2 && p->dlt_list[0] == DLT_EN10MB && 983 dlt == DLT_DOCSIS) { 984 /* 985 * This is presumably an Ethernet device, as the first 986 * link-layer type it offers is DLT_EN10MB, and the only 987 * other type it offers is DLT_DOCSIS. That means that 988 * we can't tell the driver to supply DOCSIS link-layer 989 * headers - we're just pretending that's what we're 990 * getting, as, presumably, we're capturing on a dedicated 991 * link to a Cisco Cable Modem Termination System, and 992 * it's putting raw DOCSIS frames on the wire inside low-level 993 * Ethernet framing. 994 */ 995 p->linktype = dlt; 996 return (0); 997 } 998 if (p->set_datalink_op(p, dlt) == -1) 999 return (-1); 1000 p->linktype = dlt; 1001 return (0); 1002 1003 unsupported: 1004 dlt_name = pcap_datalink_val_to_name(dlt); 1005 if (dlt_name != NULL) { 1006 (void) snprintf(p->errbuf, sizeof(p->errbuf), 1007 "%s is not one of the DLTs supported by this device", 1008 dlt_name); 1009 } else { 1010 (void) snprintf(p->errbuf, sizeof(p->errbuf), 1011 "DLT %d is not one of the DLTs supported by this device", 1012 dlt); 1013 } 1014 return (-1); 1015 } 1016 1017 /* 1018 * This array is designed for mapping upper and lower case letter 1019 * together for a case independent comparison. The mappings are 1020 * based upon ascii character sequences. 1021 */ 1022 static const u_char charmap[] = { 1023 (u_char)'\000', (u_char)'\001', (u_char)'\002', (u_char)'\003', 1024 (u_char)'\004', (u_char)'\005', (u_char)'\006', (u_char)'\007', 1025 (u_char)'\010', (u_char)'\011', (u_char)'\012', (u_char)'\013', 1026 (u_char)'\014', (u_char)'\015', (u_char)'\016', (u_char)'\017', 1027 (u_char)'\020', (u_char)'\021', (u_char)'\022', (u_char)'\023', 1028 (u_char)'\024', (u_char)'\025', (u_char)'\026', (u_char)'\027', 1029 (u_char)'\030', (u_char)'\031', (u_char)'\032', (u_char)'\033', 1030 (u_char)'\034', (u_char)'\035', (u_char)'\036', (u_char)'\037', 1031 (u_char)'\040', (u_char)'\041', (u_char)'\042', (u_char)'\043', 1032 (u_char)'\044', (u_char)'\045', (u_char)'\046', (u_char)'\047', 1033 (u_char)'\050', (u_char)'\051', (u_char)'\052', (u_char)'\053', 1034 (u_char)'\054', (u_char)'\055', (u_char)'\056', (u_char)'\057', 1035 (u_char)'\060', (u_char)'\061', (u_char)'\062', (u_char)'\063', 1036 (u_char)'\064', (u_char)'\065', (u_char)'\066', (u_char)'\067', 1037 (u_char)'\070', (u_char)'\071', (u_char)'\072', (u_char)'\073', 1038 (u_char)'\074', (u_char)'\075', (u_char)'\076', (u_char)'\077', 1039 (u_char)'\100', (u_char)'\141', (u_char)'\142', (u_char)'\143', 1040 (u_char)'\144', (u_char)'\145', (u_char)'\146', (u_char)'\147', 1041 (u_char)'\150', (u_char)'\151', (u_char)'\152', (u_char)'\153', 1042 (u_char)'\154', (u_char)'\155', (u_char)'\156', (u_char)'\157', 1043 (u_char)'\160', (u_char)'\161', (u_char)'\162', (u_char)'\163', 1044 (u_char)'\164', (u_char)'\165', (u_char)'\166', (u_char)'\167', 1045 (u_char)'\170', (u_char)'\171', (u_char)'\172', (u_char)'\133', 1046 (u_char)'\134', (u_char)'\135', (u_char)'\136', (u_char)'\137', 1047 (u_char)'\140', (u_char)'\141', (u_char)'\142', (u_char)'\143', 1048 (u_char)'\144', (u_char)'\145', (u_char)'\146', (u_char)'\147', 1049 (u_char)'\150', (u_char)'\151', (u_char)'\152', (u_char)'\153', 1050 (u_char)'\154', (u_char)'\155', (u_char)'\156', (u_char)'\157', 1051 (u_char)'\160', (u_char)'\161', (u_char)'\162', (u_char)'\163', 1052 (u_char)'\164', (u_char)'\165', (u_char)'\166', (u_char)'\167', 1053 (u_char)'\170', (u_char)'\171', (u_char)'\172', (u_char)'\173', 1054 (u_char)'\174', (u_char)'\175', (u_char)'\176', (u_char)'\177', 1055 (u_char)'\200', (u_char)'\201', (u_char)'\202', (u_char)'\203', 1056 (u_char)'\204', (u_char)'\205', (u_char)'\206', (u_char)'\207', 1057 (u_char)'\210', (u_char)'\211', (u_char)'\212', (u_char)'\213', 1058 (u_char)'\214', (u_char)'\215', (u_char)'\216', (u_char)'\217', 1059 (u_char)'\220', (u_char)'\221', (u_char)'\222', (u_char)'\223', 1060 (u_char)'\224', (u_char)'\225', (u_char)'\226', (u_char)'\227', 1061 (u_char)'\230', (u_char)'\231', (u_char)'\232', (u_char)'\233', 1062 (u_char)'\234', (u_char)'\235', (u_char)'\236', (u_char)'\237', 1063 (u_char)'\240', (u_char)'\241', (u_char)'\242', (u_char)'\243', 1064 (u_char)'\244', (u_char)'\245', (u_char)'\246', (u_char)'\247', 1065 (u_char)'\250', (u_char)'\251', (u_char)'\252', (u_char)'\253', 1066 (u_char)'\254', (u_char)'\255', (u_char)'\256', (u_char)'\257', 1067 (u_char)'\260', (u_char)'\261', (u_char)'\262', (u_char)'\263', 1068 (u_char)'\264', (u_char)'\265', (u_char)'\266', (u_char)'\267', 1069 (u_char)'\270', (u_char)'\271', (u_char)'\272', (u_char)'\273', 1070 (u_char)'\274', (u_char)'\275', (u_char)'\276', (u_char)'\277', 1071 (u_char)'\300', (u_char)'\341', (u_char)'\342', (u_char)'\343', 1072 (u_char)'\344', (u_char)'\345', (u_char)'\346', (u_char)'\347', 1073 (u_char)'\350', (u_char)'\351', (u_char)'\352', (u_char)'\353', 1074 (u_char)'\354', (u_char)'\355', (u_char)'\356', (u_char)'\357', 1075 (u_char)'\360', (u_char)'\361', (u_char)'\362', (u_char)'\363', 1076 (u_char)'\364', (u_char)'\365', (u_char)'\366', (u_char)'\367', 1077 (u_char)'\370', (u_char)'\371', (u_char)'\372', (u_char)'\333', 1078 (u_char)'\334', (u_char)'\335', (u_char)'\336', (u_char)'\337', 1079 (u_char)'\340', (u_char)'\341', (u_char)'\342', (u_char)'\343', 1080 (u_char)'\344', (u_char)'\345', (u_char)'\346', (u_char)'\347', 1081 (u_char)'\350', (u_char)'\351', (u_char)'\352', (u_char)'\353', 1082 (u_char)'\354', (u_char)'\355', (u_char)'\356', (u_char)'\357', 1083 (u_char)'\360', (u_char)'\361', (u_char)'\362', (u_char)'\363', 1084 (u_char)'\364', (u_char)'\365', (u_char)'\366', (u_char)'\367', 1085 (u_char)'\370', (u_char)'\371', (u_char)'\372', (u_char)'\373', 1086 (u_char)'\374', (u_char)'\375', (u_char)'\376', (u_char)'\377', 1087 }; 1088 1089 int 1090 pcap_strcasecmp(const char *s1, const char *s2) 1091 { 1092 register const u_char *cm = charmap, 1093 *us1 = (const u_char *)s1, 1094 *us2 = (const u_char *)s2; 1095 1096 while (cm[*us1] == cm[*us2++]) 1097 if (*us1++ == '\0') 1098 return(0); 1099 return (cm[*us1] - cm[*--us2]); 1100 } 1101 1102 struct dlt_choice { 1103 const char *name; 1104 const char *description; 1105 int dlt; 1106 }; 1107 1108 #define DLT_CHOICE(code, description) { #code, description, code } 1109 #define DLT_CHOICE_SENTINEL { NULL, NULL, 0 } 1110 1111 static struct dlt_choice dlt_choices[] = { 1112 DLT_CHOICE(DLT_NULL, "BSD loopback"), 1113 DLT_CHOICE(DLT_EN10MB, "Ethernet"), 1114 DLT_CHOICE(DLT_IEEE802, "Token ring"), 1115 DLT_CHOICE(DLT_ARCNET, "BSD ARCNET"), 1116 DLT_CHOICE(DLT_SLIP, "SLIP"), 1117 DLT_CHOICE(DLT_PPP, "PPP"), 1118 DLT_CHOICE(DLT_FDDI, "FDDI"), 1119 DLT_CHOICE(DLT_ATM_RFC1483, "RFC 1483 LLC-encapsulated ATM"), 1120 DLT_CHOICE(DLT_RAW, "Raw IP"), 1121 DLT_CHOICE(DLT_SLIP_BSDOS, "BSD/OS SLIP"), 1122 DLT_CHOICE(DLT_PPP_BSDOS, "BSD/OS PPP"), 1123 DLT_CHOICE(DLT_ATM_CLIP, "Linux Classical IP-over-ATM"), 1124 DLT_CHOICE(DLT_PPP_SERIAL, "PPP over serial"), 1125 DLT_CHOICE(DLT_PPP_ETHER, "PPPoE"), 1126 DLT_CHOICE(DLT_SYMANTEC_FIREWALL, "Symantec Firewall"), 1127 DLT_CHOICE(DLT_C_HDLC, "Cisco HDLC"), 1128 DLT_CHOICE(DLT_IEEE802_11, "802.11"), 1129 DLT_CHOICE(DLT_FRELAY, "Frame Relay"), 1130 DLT_CHOICE(DLT_LOOP, "OpenBSD loopback"), 1131 DLT_CHOICE(DLT_ENC, "OpenBSD encapsulated IP"), 1132 DLT_CHOICE(DLT_LINUX_SLL, "Linux cooked"), 1133 DLT_CHOICE(DLT_LTALK, "Localtalk"), 1134 DLT_CHOICE(DLT_PFLOG, "OpenBSD pflog file"), 1135 DLT_CHOICE(DLT_PFSYNC, "Packet filter state syncing"), 1136 DLT_CHOICE(DLT_PRISM_HEADER, "802.11 plus Prism header"), 1137 DLT_CHOICE(DLT_IP_OVER_FC, "RFC 2625 IP-over-Fibre Channel"), 1138 DLT_CHOICE(DLT_SUNATM, "Sun raw ATM"), 1139 DLT_CHOICE(DLT_IEEE802_11_RADIO, "802.11 plus radiotap header"), 1140 DLT_CHOICE(DLT_ARCNET_LINUX, "Linux ARCNET"), 1141 DLT_CHOICE(DLT_JUNIPER_MLPPP, "Juniper Multi-Link PPP"), 1142 DLT_CHOICE(DLT_JUNIPER_MLFR, "Juniper Multi-Link Frame Relay"), 1143 DLT_CHOICE(DLT_JUNIPER_ES, "Juniper Encryption Services PIC"), 1144 DLT_CHOICE(DLT_JUNIPER_GGSN, "Juniper GGSN PIC"), 1145 DLT_CHOICE(DLT_JUNIPER_MFR, "Juniper FRF.16 Frame Relay"), 1146 DLT_CHOICE(DLT_JUNIPER_ATM2, "Juniper ATM2 PIC"), 1147 DLT_CHOICE(DLT_JUNIPER_SERVICES, "Juniper Advanced Services PIC"), 1148 DLT_CHOICE(DLT_JUNIPER_ATM1, "Juniper ATM1 PIC"), 1149 DLT_CHOICE(DLT_APPLE_IP_OVER_IEEE1394, "Apple IP-over-IEEE 1394"), 1150 DLT_CHOICE(DLT_MTP2_WITH_PHDR, "SS7 MTP2 with Pseudo-header"), 1151 DLT_CHOICE(DLT_MTP2, "SS7 MTP2"), 1152 DLT_CHOICE(DLT_MTP3, "SS7 MTP3"), 1153 DLT_CHOICE(DLT_SCCP, "SS7 SCCP"), 1154 DLT_CHOICE(DLT_DOCSIS, "DOCSIS"), 1155 DLT_CHOICE(DLT_LINUX_IRDA, "Linux IrDA"), 1156 DLT_CHOICE(DLT_IEEE802_11_RADIO_AVS, "802.11 plus AVS radio information header"), 1157 DLT_CHOICE(DLT_JUNIPER_MONITOR, "Juniper Passive Monitor PIC"), 1158 DLT_CHOICE(DLT_BACNET_MS_TP, "BACnet MS/TP"), 1159 DLT_CHOICE(DLT_PPP_PPPD, "PPP for pppd, with direction flag"), 1160 DLT_CHOICE(DLT_JUNIPER_PPPOE, "Juniper PPPoE"), 1161 DLT_CHOICE(DLT_JUNIPER_PPPOE_ATM, "Juniper PPPoE/ATM"), 1162 DLT_CHOICE(DLT_GPRS_LLC, "GPRS LLC"), 1163 DLT_CHOICE(DLT_GPF_T, "GPF-T"), 1164 DLT_CHOICE(DLT_GPF_F, "GPF-F"), 1165 DLT_CHOICE(DLT_JUNIPER_PIC_PEER, "Juniper PIC Peer"), 1166 DLT_CHOICE(DLT_ERF_ETH, "Ethernet with Endace ERF header"), 1167 DLT_CHOICE(DLT_ERF_POS, "Packet-over-SONET with Endace ERF header"), 1168 DLT_CHOICE(DLT_LINUX_LAPD, "Linux vISDN LAPD"), 1169 DLT_CHOICE(DLT_JUNIPER_ETHER, "Juniper Ethernet"), 1170 DLT_CHOICE(DLT_JUNIPER_PPP, "Juniper PPP"), 1171 DLT_CHOICE(DLT_JUNIPER_FRELAY, "Juniper Frame Relay"), 1172 DLT_CHOICE(DLT_JUNIPER_CHDLC, "Juniper C-HDLC"), 1173 DLT_CHOICE(DLT_MFR, "FRF.16 Frame Relay"), 1174 DLT_CHOICE(DLT_JUNIPER_VP, "Juniper Voice PIC"), 1175 DLT_CHOICE(DLT_A429, "Arinc 429"), 1176 DLT_CHOICE(DLT_A653_ICM, "Arinc 653 Interpartition Communication"), 1177 DLT_CHOICE(DLT_USB, "USB"), 1178 DLT_CHOICE(DLT_BLUETOOTH_HCI_H4, "Bluetooth HCI UART transport layer"), 1179 DLT_CHOICE(DLT_IEEE802_16_MAC_CPS, "IEEE 802.16 MAC Common Part Sublayer"), 1180 DLT_CHOICE(DLT_USB_LINUX, "USB with Linux header"), 1181 DLT_CHOICE(DLT_CAN20B, "Controller Area Network (CAN) v. 2.0B"), 1182 DLT_CHOICE(DLT_IEEE802_15_4_LINUX, "IEEE 802.15.4 with Linux padding"), 1183 DLT_CHOICE(DLT_PPI, "Per-Packet Information"), 1184 DLT_CHOICE(DLT_IEEE802_16_MAC_CPS_RADIO, "IEEE 802.16 MAC Common Part Sublayer plus radiotap header"), 1185 DLT_CHOICE(DLT_JUNIPER_ISM, "Juniper Integrated Service Module"), 1186 DLT_CHOICE(DLT_IEEE802_15_4, "IEEE 802.15.4 with FCS"), 1187 DLT_CHOICE(DLT_SITA, "SITA pseudo-header"), 1188 DLT_CHOICE(DLT_ERF, "Endace ERF header"), 1189 DLT_CHOICE(DLT_RAIF1, "Ethernet with u10 Networks pseudo-header"), 1190 DLT_CHOICE(DLT_IPMB, "IPMB"), 1191 DLT_CHOICE(DLT_JUNIPER_ST, "Juniper Secure Tunnel"), 1192 DLT_CHOICE(DLT_BLUETOOTH_HCI_H4_WITH_PHDR, "Bluetooth HCI UART transport layer plus pseudo-header"), 1193 DLT_CHOICE(DLT_AX25_KISS, "AX.25 with KISS header"), 1194 DLT_CHOICE(DLT_IEEE802_15_4_NONASK_PHY, "IEEE 802.15.4 with non-ASK PHY data"), 1195 DLT_CHOICE(DLT_MPLS, "MPLS with label as link-layer header"), 1196 DLT_CHOICE(DLT_LINUX_EVDEV, "Linux evdev events"), 1197 DLT_CHOICE(DLT_USB_LINUX_MMAPPED, "USB with padded Linux header"), 1198 DLT_CHOICE(DLT_DECT, "DECT"), 1199 DLT_CHOICE(DLT_AOS, "AOS Space Data Link protocol"), 1200 DLT_CHOICE(DLT_WIHART, "Wireless HART"), 1201 DLT_CHOICE(DLT_FC_2, "Fibre Channel FC-2"), 1202 DLT_CHOICE(DLT_FC_2_WITH_FRAME_DELIMS, "Fibre Channel FC-2 with frame delimiters"), 1203 DLT_CHOICE(DLT_IPNET, "Solaris ipnet"), 1204 DLT_CHOICE(DLT_CAN_SOCKETCAN, "CAN-bus with SocketCAN headers"), 1205 DLT_CHOICE(DLT_IPV4, "Raw IPv4"), 1206 DLT_CHOICE(DLT_IPV6, "Raw IPv6"), 1207 DLT_CHOICE(DLT_IEEE802_15_4_NOFCS, "IEEE 802.15.4 without FCS"), 1208 DLT_CHOICE(DLT_DBUS, "D-Bus"), 1209 DLT_CHOICE(DLT_JUNIPER_VS, "Juniper Virtual Server"), 1210 DLT_CHOICE(DLT_JUNIPER_SRX_E2E, "Juniper SRX E2E"), 1211 DLT_CHOICE(DLT_JUNIPER_FIBRECHANNEL, "Juniper Fibre Channel"), 1212 DLT_CHOICE(DLT_DVB_CI, "DVB-CI"), 1213 DLT_CHOICE(DLT_MUX27010, "MUX27010"), 1214 DLT_CHOICE(DLT_STANAG_5066_D_PDU, "STANAG 5066 D_PDUs"), 1215 DLT_CHOICE(DLT_JUNIPER_ATM_CEMIC, "Juniper ATM CEMIC"), 1216 DLT_CHOICE(DLT_NFLOG, "Linux netfilter log messages"), 1217 DLT_CHOICE(DLT_NETANALYZER, "Ethernet with Hilscher netANALYZER pseudo-header"), 1218 DLT_CHOICE(DLT_NETANALYZER_TRANSPARENT, "Ethernet with Hilscher netANALYZER pseudo-header and with preamble and SFD"), 1219 DLT_CHOICE(DLT_IPOIB, "RFC 4391 IP-over-Infiniband"), 1220 DLT_CHOICE(DLT_MPEG_2_TS, "MPEG-2 transport stream"), 1221 DLT_CHOICE(DLT_NG40, "ng40 protocol tester Iub/Iur"), 1222 DLT_CHOICE(DLT_NFC_LLCP, "NFC LLCP PDUs with pseudo-header"), 1223 DLT_CHOICE(DLT_INFINIBAND, "InfiniBand"), 1224 DLT_CHOICE(DLT_SCTP, "SCTP"), 1225 DLT_CHOICE(DLT_USBPCAP, "USB with USBPcap header"), 1226 DLT_CHOICE(DLT_RTAC_SERIAL, "Schweitzer Engineering Laboratories RTAC packets"), 1227 DLT_CHOICE(DLT_BLUETOOTH_LE_LL, "Bluetooth Low Energy air interface"), 1228 DLT_CHOICE(DLT_NETLINK, "Linux netlink"), 1229 DLT_CHOICE(DLT_BLUETOOTH_LINUX_MONITOR, "Bluetooth Linux Monitor"), 1230 DLT_CHOICE(DLT_BLUETOOTH_BREDR_BB, "Bluetooth Basic Rate/Enhanced Data Rate baseband packets"), 1231 DLT_CHOICE(DLT_BLUETOOTH_LE_LL_WITH_PHDR, "Bluetooth Low Energy air interface with pseudo-header"), 1232 DLT_CHOICE(DLT_PROFIBUS_DL, "PROFIBUS data link layer"), 1233 DLT_CHOICE(DLT_PKTAP, "Apple DLT_PKTAP"), 1234 DLT_CHOICE(DLT_EPON, "Ethernet with 802.3 Clause 65 EPON preamble"), 1235 DLT_CHOICE_SENTINEL 1236 }; 1237 1238 int 1239 pcap_datalink_name_to_val(const char *name) 1240 { 1241 int i; 1242 1243 for (i = 0; dlt_choices[i].name != NULL; i++) { 1244 if (pcap_strcasecmp(dlt_choices[i].name + sizeof("DLT_") - 1, 1245 name) == 0) 1246 return (dlt_choices[i].dlt); 1247 } 1248 return (-1); 1249 } 1250 1251 const char * 1252 pcap_datalink_val_to_name(int dlt) 1253 { 1254 int i; 1255 1256 for (i = 0; dlt_choices[i].name != NULL; i++) { 1257 if (dlt_choices[i].dlt == dlt) 1258 return (dlt_choices[i].name + sizeof("DLT_") - 1); 1259 } 1260 return (NULL); 1261 } 1262 1263 const char * 1264 pcap_datalink_val_to_description(int dlt) 1265 { 1266 int i; 1267 1268 for (i = 0; dlt_choices[i].name != NULL; i++) { 1269 if (dlt_choices[i].dlt == dlt) 1270 return (dlt_choices[i].description); 1271 } 1272 return (NULL); 1273 } 1274 1275 struct tstamp_type_choice { 1276 const char *name; 1277 const char *description; 1278 int type; 1279 }; 1280 1281 static struct tstamp_type_choice tstamp_type_choices[] = { 1282 { "host", "Host", PCAP_TSTAMP_HOST }, 1283 { "host_lowprec", "Host, low precision", PCAP_TSTAMP_HOST_LOWPREC }, 1284 { "host_hiprec", "Host, high precision", PCAP_TSTAMP_HOST_HIPREC }, 1285 { "adapter", "Adapter", PCAP_TSTAMP_ADAPTER }, 1286 { "adapter_unsynced", "Adapter, not synced with system time", PCAP_TSTAMP_ADAPTER_UNSYNCED }, 1287 { NULL, NULL, 0 } 1288 }; 1289 1290 int 1291 pcap_tstamp_type_name_to_val(const char *name) 1292 { 1293 int i; 1294 1295 for (i = 0; tstamp_type_choices[i].name != NULL; i++) { 1296 if (pcap_strcasecmp(tstamp_type_choices[i].name, name) == 0) 1297 return (tstamp_type_choices[i].type); 1298 } 1299 return (PCAP_ERROR); 1300 } 1301 1302 const char * 1303 pcap_tstamp_type_val_to_name(int tstamp_type) 1304 { 1305 int i; 1306 1307 for (i = 0; tstamp_type_choices[i].name != NULL; i++) { 1308 if (tstamp_type_choices[i].type == tstamp_type) 1309 return (tstamp_type_choices[i].name); 1310 } 1311 return (NULL); 1312 } 1313 1314 const char * 1315 pcap_tstamp_type_val_to_description(int tstamp_type) 1316 { 1317 int i; 1318 1319 for (i = 0; tstamp_type_choices[i].name != NULL; i++) { 1320 if (tstamp_type_choices[i].type == tstamp_type) 1321 return (tstamp_type_choices[i].description); 1322 } 1323 return (NULL); 1324 } 1325 1326 int 1327 pcap_snapshot(pcap_t *p) 1328 { 1329 if (!p->activated) 1330 return (PCAP_ERROR_NOT_ACTIVATED); 1331 return (p->snapshot); 1332 } 1333 1334 int 1335 pcap_is_swapped(pcap_t *p) 1336 { 1337 if (!p->activated) 1338 return (PCAP_ERROR_NOT_ACTIVATED); 1339 return (p->swapped); 1340 } 1341 1342 int 1343 pcap_major_version(pcap_t *p) 1344 { 1345 if (!p->activated) 1346 return (PCAP_ERROR_NOT_ACTIVATED); 1347 return (p->version_major); 1348 } 1349 1350 int 1351 pcap_minor_version(pcap_t *p) 1352 { 1353 if (!p->activated) 1354 return (PCAP_ERROR_NOT_ACTIVATED); 1355 return (p->version_minor); 1356 } 1357 1358 FILE * 1359 pcap_file(pcap_t *p) 1360 { 1361 return (p->rfile); 1362 } 1363 1364 int 1365 pcap_fileno(pcap_t *p) 1366 { 1367 #ifndef WIN32 1368 return (p->fd); 1369 #else 1370 if (p->adapter != NULL) 1371 return ((int)(DWORD)p->adapter->hFile); 1372 else 1373 return (PCAP_ERROR); 1374 #endif 1375 } 1376 1377 #if !defined(WIN32) && !defined(MSDOS) 1378 int 1379 pcap_get_selectable_fd(pcap_t *p) 1380 { 1381 return (p->selectable_fd); 1382 } 1383 #endif 1384 1385 void 1386 pcap_perror(pcap_t *p, char *prefix) 1387 { 1388 fprintf(stderr, "%s: %s\n", prefix, p->errbuf); 1389 } 1390 1391 char * 1392 pcap_geterr(pcap_t *p) 1393 { 1394 return (p->errbuf); 1395 } 1396 1397 int 1398 pcap_getnonblock(pcap_t *p, char *errbuf) 1399 { 1400 int ret; 1401 1402 ret = p->getnonblock_op(p, errbuf); 1403 if (ret == -1) { 1404 /* 1405 * In case somebody depended on the bug wherein 1406 * the error message was put into p->errbuf 1407 * by pcap_getnonblock_fd(). 1408 */ 1409 strlcpy(p->errbuf, errbuf, PCAP_ERRBUF_SIZE); 1410 } 1411 return (ret); 1412 } 1413 1414 /* 1415 * Get the current non-blocking mode setting, under the assumption that 1416 * it's just the standard POSIX non-blocking flag. 1417 * 1418 * We don't look at "p->nonblock", in case somebody tweaked the FD 1419 * directly. 1420 */ 1421 #if !defined(WIN32) && !defined(MSDOS) 1422 int 1423 pcap_getnonblock_fd(pcap_t *p, char *errbuf) 1424 { 1425 int fdflags; 1426 1427 fdflags = fcntl(p->fd, F_GETFL, 0); 1428 if (fdflags == -1) { 1429 snprintf(errbuf, PCAP_ERRBUF_SIZE, "F_GETFL: %s", 1430 pcap_strerror(errno)); 1431 return (-1); 1432 } 1433 if (fdflags & O_NONBLOCK) 1434 return (1); 1435 else 1436 return (0); 1437 } 1438 #endif 1439 1440 int 1441 pcap_setnonblock(pcap_t *p, int nonblock, char *errbuf) 1442 { 1443 int ret; 1444 1445 ret = p->setnonblock_op(p, nonblock, errbuf); 1446 if (ret == -1) { 1447 /* 1448 * In case somebody depended on the bug wherein 1449 * the error message was put into p->errbuf 1450 * by pcap_setnonblock_fd(). 1451 */ 1452 strlcpy(p->errbuf, errbuf, PCAP_ERRBUF_SIZE); 1453 } 1454 return (ret); 1455 } 1456 1457 #if !defined(WIN32) && !defined(MSDOS) 1458 /* 1459 * Set non-blocking mode, under the assumption that it's just the 1460 * standard POSIX non-blocking flag. (This can be called by the 1461 * per-platform non-blocking-mode routine if that routine also 1462 * needs to do some additional work.) 1463 */ 1464 int 1465 pcap_setnonblock_fd(pcap_t *p, int nonblock, char *errbuf) 1466 { 1467 int fdflags; 1468 1469 fdflags = fcntl(p->fd, F_GETFL, 0); 1470 if (fdflags == -1) { 1471 snprintf(errbuf, PCAP_ERRBUF_SIZE, "F_GETFL: %s", 1472 pcap_strerror(errno)); 1473 return (-1); 1474 } 1475 if (nonblock) 1476 fdflags |= O_NONBLOCK; 1477 else 1478 fdflags &= ~O_NONBLOCK; 1479 if (fcntl(p->fd, F_SETFL, fdflags) == -1) { 1480 snprintf(errbuf, PCAP_ERRBUF_SIZE, "F_SETFL: %s", 1481 pcap_strerror(errno)); 1482 return (-1); 1483 } 1484 return (0); 1485 } 1486 #endif 1487 1488 #ifdef WIN32 1489 /* 1490 * Generate a string for the last Win32-specific error (i.e. an error generated when 1491 * calling a Win32 API). 1492 * For errors occurred during standard C calls, we still use pcap_strerror() 1493 */ 1494 char * 1495 pcap_win32strerror(void) 1496 { 1497 DWORD error; 1498 static char errbuf[PCAP_ERRBUF_SIZE+1]; 1499 int errlen; 1500 char *p; 1501 1502 error = GetLastError(); 1503 FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, error, 0, errbuf, 1504 PCAP_ERRBUF_SIZE, NULL); 1505 1506 /* 1507 * "FormatMessage()" "helpfully" sticks CR/LF at the end of the 1508 * message. Get rid of it. 1509 */ 1510 errlen = strlen(errbuf); 1511 if (errlen >= 2) { 1512 errbuf[errlen - 1] = '\0'; 1513 errbuf[errlen - 2] = '\0'; 1514 } 1515 p = strchr(errbuf, '\0'); 1516 snprintf (p, sizeof(errbuf)-(p-errbuf), " (%lu)", error); 1517 return (errbuf); 1518 } 1519 #endif 1520 1521 /* 1522 * Generate error strings for PCAP_ERROR_ and PCAP_WARNING_ values. 1523 */ 1524 const char * 1525 pcap_statustostr(int errnum) 1526 { 1527 static char ebuf[15+10+1]; 1528 1529 switch (errnum) { 1530 1531 case PCAP_WARNING: 1532 return("Generic warning"); 1533 1534 case PCAP_WARNING_TSTAMP_TYPE_NOTSUP: 1535 return ("That type of time stamp is not supported by that device"); 1536 1537 case PCAP_WARNING_PROMISC_NOTSUP: 1538 return ("That device doesn't support promiscuous mode"); 1539 1540 case PCAP_ERROR: 1541 return("Generic error"); 1542 1543 case PCAP_ERROR_BREAK: 1544 return("Loop terminated by pcap_breakloop"); 1545 1546 case PCAP_ERROR_NOT_ACTIVATED: 1547 return("The pcap_t has not been activated"); 1548 1549 case PCAP_ERROR_ACTIVATED: 1550 return ("The setting can't be changed after the pcap_t is activated"); 1551 1552 case PCAP_ERROR_NO_SUCH_DEVICE: 1553 return ("No such device exists"); 1554 1555 case PCAP_ERROR_RFMON_NOTSUP: 1556 return ("That device doesn't support monitor mode"); 1557 1558 case PCAP_ERROR_NOT_RFMON: 1559 return ("That operation is supported only in monitor mode"); 1560 1561 case PCAP_ERROR_PERM_DENIED: 1562 return ("You don't have permission to capture on that device"); 1563 1564 case PCAP_ERROR_IFACE_NOT_UP: 1565 return ("That device is not up"); 1566 1567 case PCAP_ERROR_CANTSET_TSTAMP_TYPE: 1568 return ("That device doesn't support setting the time stamp type"); 1569 1570 case PCAP_ERROR_PROMISC_PERM_DENIED: 1571 return ("You don't have permission to capture in promiscuous mode on that device"); 1572 1573 case PCAP_ERROR_TSTAMP_PRECISION_NOTSUP: 1574 return ("That device doesn't support that time stamp precision"); 1575 } 1576 (void)snprintf(ebuf, sizeof ebuf, "Unknown error: %d", errnum); 1577 return(ebuf); 1578 } 1579 1580 /* 1581 * Not all systems have strerror(). 1582 */ 1583 const char * 1584 pcap_strerror(int errnum) 1585 { 1586 #ifdef HAVE_STRERROR 1587 return (strerror(errnum)); 1588 #else 1589 extern int sys_nerr; 1590 extern const char *const sys_errlist[]; 1591 static char ebuf[15+10+1]; 1592 1593 if ((unsigned int)errnum < sys_nerr) 1594 return ((char *)sys_errlist[errnum]); 1595 (void)snprintf(ebuf, sizeof ebuf, "Unknown error: %d", errnum); 1596 return(ebuf); 1597 #endif 1598 } 1599 1600 int 1601 pcap_setfilter(pcap_t *p, struct bpf_program *fp) 1602 { 1603 return (p->setfilter_op(p, fp)); 1604 } 1605 1606 /* 1607 * Set direction flag, which controls whether we accept only incoming 1608 * packets, only outgoing packets, or both. 1609 * Note that, depending on the platform, some or all direction arguments 1610 * might not be supported. 1611 */ 1612 int 1613 pcap_setdirection(pcap_t *p, pcap_direction_t d) 1614 { 1615 if (p->setdirection_op == NULL) { 1616 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 1617 "Setting direction is not implemented on this platform"); 1618 return (-1); 1619 } else 1620 return (p->setdirection_op(p, d)); 1621 } 1622 1623 int 1624 pcap_stats(pcap_t *p, struct pcap_stat *ps) 1625 { 1626 return (p->stats_op(p, ps)); 1627 } 1628 1629 static int 1630 pcap_stats_dead(pcap_t *p, struct pcap_stat *ps _U_) 1631 { 1632 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 1633 "Statistics aren't available from a pcap_open_dead pcap_t"); 1634 return (-1); 1635 } 1636 1637 #ifdef WIN32 1638 int 1639 pcap_setbuff(pcap_t *p, int dim) 1640 { 1641 return (p->setbuff_op(p, dim)); 1642 } 1643 1644 static int 1645 pcap_setbuff_dead(pcap_t *p, int dim) 1646 { 1647 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 1648 "The kernel buffer size cannot be set on a pcap_open_dead pcap_t"); 1649 return (-1); 1650 } 1651 1652 int 1653 pcap_setmode(pcap_t *p, int mode) 1654 { 1655 return (p->setmode_op(p, mode)); 1656 } 1657 1658 static int 1659 pcap_setmode_dead(pcap_t *p, int mode) 1660 { 1661 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 1662 "impossible to set mode on a pcap_open_dead pcap_t"); 1663 return (-1); 1664 } 1665 1666 int 1667 pcap_setmintocopy(pcap_t *p, int size) 1668 { 1669 return (p->setmintocopy_op(p, size)); 1670 } 1671 1672 Adapter * 1673 pcap_get_adapter(pcap_t *p) 1674 { 1675 return (p->getadapter_op(p)); 1676 } 1677 1678 static int 1679 pcap_setmintocopy_dead(pcap_t *p, int size) 1680 { 1681 snprintf(p->errbuf, PCAP_ERRBUF_SIZE, 1682 "The mintocopy parameter cannot be set on a pcap_open_dead pcap_t"); 1683 return (-1); 1684 } 1685 #endif 1686 1687 /* 1688 * On some platforms, we need to clean up promiscuous or monitor mode 1689 * when we close a device - and we want that to happen even if the 1690 * application just exits without explicitl closing devices. 1691 * On those platforms, we need to register a "close all the pcaps" 1692 * routine to be called when we exit, and need to maintain a list of 1693 * pcaps that need to be closed to clean up modes. 1694 * 1695 * XXX - not thread-safe. 1696 */ 1697 1698 /* 1699 * List of pcaps on which we've done something that needs to be 1700 * cleaned up. 1701 * If there are any such pcaps, we arrange to call "pcap_close_all()" 1702 * when we exit, and have it close all of them. 1703 */ 1704 static struct pcap *pcaps_to_close; 1705 1706 /* 1707 * TRUE if we've already called "atexit()" to cause "pcap_close_all()" to 1708 * be called on exit. 1709 */ 1710 static int did_atexit; 1711 1712 static void 1713 pcap_close_all(void) 1714 { 1715 struct pcap *handle; 1716 1717 while ((handle = pcaps_to_close) != NULL) 1718 pcap_close(handle); 1719 } 1720 1721 int 1722 pcap_do_addexit(pcap_t *p) 1723 { 1724 /* 1725 * If we haven't already done so, arrange to have 1726 * "pcap_close_all()" called when we exit. 1727 */ 1728 if (!did_atexit) { 1729 if (atexit(pcap_close_all) == -1) { 1730 /* 1731 * "atexit()" failed; let our caller know. 1732 */ 1733 strncpy(p->errbuf, "atexit failed", 1734 PCAP_ERRBUF_SIZE); 1735 return (0); 1736 } 1737 did_atexit = 1; 1738 } 1739 return (1); 1740 } 1741 1742 void 1743 pcap_add_to_pcaps_to_close(pcap_t *p) 1744 { 1745 p->next = pcaps_to_close; 1746 pcaps_to_close = p; 1747 } 1748 1749 void 1750 pcap_remove_from_pcaps_to_close(pcap_t *p) 1751 { 1752 pcap_t *pc, *prevpc; 1753 1754 for (pc = pcaps_to_close, prevpc = NULL; pc != NULL; 1755 prevpc = pc, pc = pc->next) { 1756 if (pc == p) { 1757 /* 1758 * Found it. Remove it from the list. 1759 */ 1760 if (prevpc == NULL) { 1761 /* 1762 * It was at the head of the list. 1763 */ 1764 pcaps_to_close = pc->next; 1765 } else { 1766 /* 1767 * It was in the middle of the list. 1768 */ 1769 prevpc->next = pc->next; 1770 } 1771 break; 1772 } 1773 } 1774 } 1775 1776 void 1777 pcap_cleanup_live_common(pcap_t *p) 1778 { 1779 if (p->buffer != NULL) { 1780 free(p->buffer); 1781 p->buffer = NULL; 1782 } 1783 if (p->dlt_list != NULL) { 1784 free(p->dlt_list); 1785 p->dlt_list = NULL; 1786 p->dlt_count = 0; 1787 } 1788 if (p->tstamp_type_list != NULL) { 1789 free(p->tstamp_type_list); 1790 p->tstamp_type_list = NULL; 1791 p->tstamp_type_count = 0; 1792 } 1793 if (p->tstamp_precision_list != NULL) { 1794 free(p->tstamp_precision_list); 1795 p->tstamp_precision_list = NULL; 1796 p->tstamp_precision_count = 0; 1797 } 1798 pcap_freecode(&p->fcode); 1799 #if !defined(WIN32) && !defined(MSDOS) 1800 if (p->fd >= 0) { 1801 close(p->fd); 1802 p->fd = -1; 1803 } 1804 p->selectable_fd = -1; 1805 #endif 1806 } 1807 1808 static void 1809 pcap_cleanup_dead(pcap_t *p _U_) 1810 { 1811 /* Nothing to do. */ 1812 } 1813 1814 pcap_t * 1815 pcap_open_dead_with_tstamp_precision(int linktype, int snaplen, u_int precision) 1816 { 1817 pcap_t *p; 1818 1819 switch (precision) { 1820 1821 case PCAP_TSTAMP_PRECISION_MICRO: 1822 case PCAP_TSTAMP_PRECISION_NANO: 1823 break; 1824 1825 default: 1826 return NULL; 1827 } 1828 p = malloc(sizeof(*p)); 1829 if (p == NULL) 1830 return NULL; 1831 memset (p, 0, sizeof(*p)); 1832 p->snapshot = snaplen; 1833 p->linktype = linktype; 1834 p->opt.tstamp_precision = precision; 1835 p->stats_op = pcap_stats_dead; 1836 #ifdef WIN32 1837 p->setbuff_op = pcap_setbuff_dead; 1838 p->setmode_op = pcap_setmode_dead; 1839 p->setmintocopy_op = pcap_setmintocopy_dead; 1840 #endif 1841 p->cleanup_op = pcap_cleanup_dead; 1842 p->activated = 1; 1843 return (p); 1844 } 1845 1846 pcap_t * 1847 pcap_open_dead(int linktype, int snaplen) 1848 { 1849 return (pcap_open_dead_with_tstamp_precision(linktype, snaplen, 1850 PCAP_TSTAMP_PRECISION_MICRO)); 1851 } 1852 1853 /* 1854 * API compatible with WinPcap's "send a packet" routine - returns -1 1855 * on error, 0 otherwise. 1856 * 1857 * XXX - what if we get a short write? 1858 */ 1859 int 1860 pcap_sendpacket(pcap_t *p, const u_char *buf, int size) 1861 { 1862 if (p->inject_op(p, buf, size) == -1) 1863 return (-1); 1864 return (0); 1865 } 1866 1867 /* 1868 * API compatible with OpenBSD's "send a packet" routine - returns -1 on 1869 * error, number of bytes written otherwise. 1870 */ 1871 int 1872 pcap_inject(pcap_t *p, const void *buf, size_t size) 1873 { 1874 return (p->inject_op(p, buf, size)); 1875 } 1876 1877 void 1878 pcap_close(pcap_t *p) 1879 { 1880 if (p->opt.source != NULL) 1881 free(p->opt.source); 1882 p->cleanup_op(p); 1883 free(p); 1884 } 1885 1886 /* 1887 * Given a BPF program, a pcap_pkthdr structure for a packet, and the raw 1888 * data for the packet, check whether the packet passes the filter. 1889 * Returns the return value of the filter program, which will be zero if 1890 * the packet doesn't pass and non-zero if the packet does pass. 1891 */ 1892 int 1893 pcap_offline_filter(const struct bpf_program *fp, const struct pcap_pkthdr *h, 1894 const u_char *pkt) 1895 { 1896 const struct bpf_insn *fcode = fp->bf_insns; 1897 1898 if (fcode != NULL) 1899 return (bpf_filter(fcode, pkt, h->len, h->caplen)); 1900 else 1901 return (0); 1902 } 1903 1904 /* 1905 * We make the version string static, and return a pointer to it, rather 1906 * than exporting the version string directly. On at least some UNIXes, 1907 * if you import data from a shared library into an program, the data is 1908 * bound into the program binary, so if the string in the version of the 1909 * library with which the program was linked isn't the same as the 1910 * string in the version of the library with which the program is being 1911 * run, various undesirable things may happen (warnings, the string 1912 * being the one from the version of the library with which the program 1913 * was linked, or even weirder things, such as the string being the one 1914 * from the library but being truncated). 1915 */ 1916 #ifdef HAVE_VERSION_H 1917 #include "version.h" 1918 #else 1919 static const char pcap_version_string[] = "libpcap version 1.x.y"; 1920 #endif 1921 1922 #ifdef WIN32 1923 /* 1924 * XXX - it'd be nice if we could somehow generate the WinPcap and libpcap 1925 * version numbers when building WinPcap. (It'd be nice to do so for 1926 * the packet.dll version number as well.) 1927 */ 1928 static const char wpcap_version_string[] = "4.0"; 1929 static const char pcap_version_string_fmt[] = 1930 "WinPcap version %s, based on %s"; 1931 static const char pcap_version_string_packet_dll_fmt[] = 1932 "WinPcap version %s (packet.dll version %s), based on %s"; 1933 static char *full_pcap_version_string; 1934 1935 const char * 1936 pcap_lib_version(void) 1937 { 1938 char *packet_version_string; 1939 size_t full_pcap_version_string_len; 1940 1941 if (full_pcap_version_string == NULL) { 1942 /* 1943 * Generate the version string. 1944 */ 1945 packet_version_string = PacketGetVersion(); 1946 if (strcmp(wpcap_version_string, packet_version_string) == 0) { 1947 /* 1948 * WinPcap version string and packet.dll version 1949 * string are the same; just report the WinPcap 1950 * version. 1951 */ 1952 full_pcap_version_string_len = 1953 (sizeof pcap_version_string_fmt - 4) + 1954 strlen(wpcap_version_string) + 1955 strlen(pcap_version_string); 1956 full_pcap_version_string = 1957 malloc(full_pcap_version_string_len); 1958 if (full_pcap_version_string == NULL) 1959 return (NULL); 1960 sprintf(full_pcap_version_string, 1961 pcap_version_string_fmt, wpcap_version_string, 1962 pcap_version_string); 1963 } else { 1964 /* 1965 * WinPcap version string and packet.dll version 1966 * string are different; that shouldn't be the 1967 * case (the two libraries should come from the 1968 * same version of WinPcap), so we report both 1969 * versions. 1970 */ 1971 full_pcap_version_string_len = 1972 (sizeof pcap_version_string_packet_dll_fmt - 6) + 1973 strlen(wpcap_version_string) + 1974 strlen(packet_version_string) + 1975 strlen(pcap_version_string); 1976 full_pcap_version_string = malloc(full_pcap_version_string_len); 1977 if (full_pcap_version_string == NULL) 1978 return (NULL); 1979 sprintf(full_pcap_version_string, 1980 pcap_version_string_packet_dll_fmt, 1981 wpcap_version_string, packet_version_string, 1982 pcap_version_string); 1983 } 1984 } 1985 return (full_pcap_version_string); 1986 } 1987 1988 #elif defined(MSDOS) 1989 1990 static char *full_pcap_version_string; 1991 1992 const char * 1993 pcap_lib_version (void) 1994 { 1995 char *packet_version_string; 1996 size_t full_pcap_version_string_len; 1997 static char dospfx[] = "DOS-"; 1998 1999 if (full_pcap_version_string == NULL) { 2000 /* 2001 * Generate the version string. 2002 */ 2003 full_pcap_version_string_len = 2004 sizeof dospfx + strlen(pcap_version_string); 2005 full_pcap_version_string = 2006 malloc(full_pcap_version_string_len); 2007 if (full_pcap_version_string == NULL) 2008 return (NULL); 2009 strcpy(full_pcap_version_string, dospfx); 2010 strcat(full_pcap_version_string, pcap_version_string); 2011 } 2012 return (full_pcap_version_string); 2013 } 2014 2015 #else /* UN*X */ 2016 2017 const char * 2018 pcap_lib_version(void) 2019 { 2020 return (pcap_version_string); 2021 } 2022 #endif 2023