OPacketCapturer is now able to write captured packages in the standard tcpdump-compatible format

author: mickeyl <mickeyl> 2003-04-10 17:25:24 (UTC)
committer: mickeyl <mickeyl> 2003-04-10 17:25:24 (UTC)
commit: 1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c (patch) (unidiff)
tree: 63e2cb70dbc76e8ac911fbbbb50625e4cc89705b /libopie2/opienet
parent: 4e8e3741dca909782e15bb197e5b6a78750536c2 (diff)
download: opie-1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c.zip
opie-1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c.tar.gz
opie-1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c.tar.bz2
2 files changed, 34 insertions, 17 deletions
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp
index 30f6208..04b1bb1 100644
--- a/libopie2/opienet/opcap.cpp
+++ b/libopie2/opienet/opcap.cpp
@@ -673,274 +673,289 @@ OWaveLanDataPacket::OWaveLanDataPacket( const unsigned char* end, const struct i
    #warning The next line works for most cases, but can not be correct generally!
    if (!( ( (OWaveLanPacket*) this->parent())->duration() )) payload -= 6; // compensation for missing last address
    new OLLCPacket( end, (const struct ieee_802_11_802_2_header*) payload, this );
 }
 OWaveLanDataPacket::~OWaveLanDataPacket()
 {
 }
 /*======================================================================================
 * OLLCPacket
 *======================================================================================*/
 OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2_header* data, QObject* parent )
                :QObject( parent, "802.11 LLC" ), _header( data )
 {
    qDebug( "OLLCPacket::OLLCPacket(): decoding frame..." );
    if ( !(_header->oui[0] || _header->oui[1] || _header->oui[2]) )
    {
        qDebug( "OLLCPacket::OLLCPacket(): contains an encapsulated Ethernet frame (type=%04X)", EXTRACT_16BITS( &_header->type ) );
        switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h
        {
            case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
            default: qDebug( "OLLCPacket::OLLCPacket(): Unknown Encapsulation Type" );
        }
    }
 }
 OLLCPacket::~OLLCPacket()
 {
 }
 /*======================================================================================
 * OWaveLanControlPacket
 *======================================================================================*/
 OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const struct ieee_802_11_control_header* data, OWaveLanPacket* parent )
                :QObject( parent, "802.11 Data" ), _header( data )
 {
    qDebug( "OWaveLanControlPacket::OWaveLanDataControl(): decoding frame..." );
    //TODO: Implement this
 }
 OWaveLanControlPacket::~OWaveLanControlPacket()
 {
 }
 /*======================================================================================
 * OPacketCapturer
 *======================================================================================*/
 OPacketCapturer::OPacketCapturer( QObject* parent, const char* name )
                 :QObject( parent, name ), _name( QString::null ), _open( false ),
-                 _pch( 0 ), _sn( 0 )
+                 _pch( 0 ), _pcd( 0 ), _sn( 0 )
 {
 }
 OPacketCapturer::~OPacketCapturer()
 {
    if ( _open )
    {
        qDebug( "OPacketCapturer::~OPacketCapturer(): pcap still open, autoclosing." );
        close();
    }
 }
 void OPacketCapturer::setBlocking( bool b )
 {
    if ( pcap_setnonblock( _pch, 1-b, _errbuf ) != -1 )
    {
        qDebug( "OPacketCapturer::setBlocking(): blocking mode changed successfully." );
    }
    else
    {
        qDebug( "OPacketCapturer::setBlocking(): can't change blocking mode: %s", _errbuf );
    }
 }
 bool OPacketCapturer::blocking() const
 {
    int b = pcap_getnonblock( _pch, _errbuf );
    if ( b == -1 )
    {
        qDebug( "OPacketCapturer::blocking(): can't get blocking mode: %s", _errbuf );
        return -1;
    }
    return !b;
 }
 void OPacketCapturer::close()
 {
    if ( _open )
    {
        if ( _sn )
        {
            _sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
            delete _sn;
        }
+        if ( _pcd )
+        {
+            pcap_dump_close( _pcd );
+            _pcd = 0;
+        }
        pcap_close( _pch );
        _open = false;
    }
    qDebug( "OPacketCapturer::close() --- dumping capturing statistics..." );
    qDebug( "--------------------------------------------------" );
    for( QMap<QString,int>::Iterator it = _stats.begin(); it != _stats.end(); ++it )
        qDebug( "%s : %d", (const char*) it.key(), it.data() );
    qDebug( "--------------------------------------------------" );
 }
 int OPacketCapturer::dataLink() const
 {
    return pcap_datalink( _pch );
 }
 int OPacketCapturer::fileno() const
 {
    if ( _open )
    {
        return pcap_fileno( _pch );
    }
    else
    {
        return -1;
    }
 }
 OPacket* OPacketCapturer::next()
 {
    packetheaderstruct header;
    qDebug( "==> OPacketCapturer::next()" );
    const unsigned char* pdata = pcap_next( _pch, &header );
    qDebug( "<== OPacketCapturer::next()" );
+    if ( _pcd )
+        pcap_dump( (u_char*) _pcd, &header, pdata );
    if ( header.len )
    {
        OPacket* p = new OPacket( dataLink(), header, pdata, 0 );
        // packets shouldn't be inserted in the QObject child-parent hierarchy,
        // because due to memory constraints they will be deleted as soon
        // as possible - that is right after they have been processed
        // by emit() [ see below ]
        //TODO: make gathering statistics optional, because it takes time
        p->updateStats( _stats, const_cast<QObjectList*>( p->children() ) );
        return p;
    }
    else
    {
        return 0;
    }
 }
-bool OPacketCapturer::open( const QString& name )
+bool OPacketCapturer::open( const QString& name, const QString& filename )
 {
    if ( _open )
    {
        if ( name == _name )    // ignore opening an already openend device
        {
            return true;
        }
        else                    // close the last opened device
        {
            close();
        }
    }
    _name = name;
+    // open libpcap
    pcap_t* handle = pcap_open_live( const_cast<char*>( (const char*) name ), 1024, 0, 0, &_errbuf[0] );
-    if ( handle )
+    if ( !handle )
    {
-        qDebug( "OPacketCapturer::open(): libpcap opened successfully." );
+        qWarning( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf );
-        _pch = handle;
+        return false;
-        _open = true;
+    }
-        _stats.clear();
-        // in case we have an application object, create a socket notifier
+    qDebug( "OPacketCapturer::open(): libpcap [%s] opened successfully.", (const char*) name );
-        if ( qApp )
+    _pch = handle;
-        {
+    _open = true;
-            _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
+    _stats.clear();
-            connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
-        }
-        return true;
+    // in case we have an application object, create a socket notifier
+    if ( qApp ) //TODO: I don't like this here...
+    {
+        _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
+        connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
    }
-    else
+    // if requested, open a dump
+    pcap_dumper_t* dump = pcap_dump_open( _pch, const_cast<char*>( (const char*) filename ) );
+    if ( !dump )
    {
-        qDebug( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf );
+        qWarning( "OPacketCapturer::open(): can't open dump with '%s': %s", (const char*) filename, _errbuf );
        return false;
    }
+    qDebug( "OPacketCapturer::open(): dump [%s] opened successfully.", (const char*) filename );
+    _pcd = dump;
+    return true;
 }
 bool OPacketCapturer::open( const QFile& file )
 {
    QString name = file.name();
    if ( _open )
    {
        close();
        if ( name == _name )    // ignore opening an already openend device
        {
            return true;
        }
        else                    // close the last opened device
        {
            close();
        }
    }
    _name = name;
    pcap_t* handle = pcap_open_offline( const_cast<char*>( (const char*) name ), &_errbuf[0] );
    if ( handle )
    {
        qDebug( "OPacketCapturer::open(): libpcap opened successfully." );
        _pch = handle;
        _open = true;
        // in case we have an application object, create a socket notifier
        if ( qApp )
        {
            _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
            connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
        }
        return true;
    }
    else
    {
        qDebug( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf );
        return false;
    }
 }
 bool OPacketCapturer::isOpen() const
 {
    return _open;
 }
 void OPacketCapturer::readyToReceive()
 {
    qDebug( "OPacketCapturer::readyToReceive(): about to emit 'receivePacket(p)'" );
    OPacket* p = next();
    emit receivedPacket( p );
    // emit is synchronous - packet has been dealt with, now it's safe to delete
    delete p;
 }
diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h
index 6c3ac6d..99631ba 100644
--- a/libopie2/opienet/opcap.h
+++ b/libopie2/opienet/opcap.h
@@ -409,97 +409,99 @@ class OTCPPacket : public QObject
    OTCPPacket( const unsigned char*, const struct tcphdr*, QObject* parent = 0 );
    virtual ~OTCPPacket();
    int fromPort() const;
    int toPort() const;
  private:
    const struct tcphdr* _tcphdr;
 };
 /*======================================================================================
 * OPacketCapturer
 *======================================================================================*/
 /**
 * @brief A class based wrapper for network packet capturing.
 *
 * This class is the base of a high-level interface to the well known packet capturing
 * library libpcap. ...
 */
 class OPacketCapturer : public QObject
 {
  Q_OBJECT
  public:
    /**
     * Constructor.
     */
    OPacketCapturer( QObject* parent = 0, const char* name = 0 );
    /**
     * Destructor.
     */
    ~OPacketCapturer();
    /**
     * Setting the packet capturer to use blocking IO calls can be useful when
     * not using the socket notifier, e.g. without an application object.
     */
    void setBlocking( bool );
    /**
     * @returns true if the packet capturer uses blocking IO calls.
     */
    bool blocking() const;
    /**
     * Closes the packet capturer. This is automatically done in the destructor.
     */
    void close();
    /**
     * @returns the data link type.
     * @see <pcap.h> for possible values.
     */
    int dataLink() const;
    /**
     * @returns the filedescriptor of the packet capturer. This is only useful, if
     * not using the socket notifier, e.g. without an application object.
     */
    int fileno() const;
    /**
     * @returns the next @ref OPacket from the packet capturer.
     * @note If blocking mode is true then this call might block.
     */
    OPacket* next();
    /**
     * Open the packet capturer to capture packets in live-mode from @a interface.
+     * If a @a filename is given, all captured packets are output to a tcpdump-compatible capture file.
     */
-    bool open( const QString& interface );
+    bool open( const QString& interface, const QString& filename = QString::null );
    /**
     * Open the packet capturer to capture packets in offline-mode from @a file.
     */
    bool open( const QFile& file );
    /**
     * @returns true if the packet capturer is open
     */
    bool isOpen() const;
    const QMap<QString,int>& statistics() const;
  signals:
    /**
     * This signal is emitted, when a packet has been received.
     */
    void receivedPacket( OPacket* );
  protected slots:
    void readyToReceive();
  protected:
    QString _name;                                  // devicename
    bool _open;                                     // check this before doing pcap calls
    pcap_t* _pch;                                   // pcap library handle
+    pcap_dumper_t* _pcd;                            // pcap dumper handle
    QSocketNotifier* _sn;                           // socket notifier for main loop
    mutable char _errbuf[PCAP_ERRBUF_SIZE];         // holds error strings from libpcap
    QMap<QString, int> _stats;                      // statistics;
 };
 #endif // OPCAP_H
author	mickeyl <mickeyl>	2003-04-10 17:25:24 (UTC)
committer	mickeyl <mickeyl>	2003-04-10 17:25:24 (UTC)
commit	1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c (patch) (unidiff)
tree	63e2cb70dbc76e8ac911fbbbb50625e4cc89705b /libopie2/opienet
parent	4e8e3741dca909782e15bb197e5b6a78750536c2 (diff)
download	opie-1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c.zip opie-1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c.tar.gz opie-1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c.tar.bz2

diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp index 30f6208..04b1bb1 100644 --- a/libopie2/opienet/opcap.cpp +++ b/libopie2/opienet/opcap.cpp
@@ -673,274 +673,289 @@ OWaveLanDataPacket::OWaveLanDataPacket( const unsigned char* end, const struct i
673		673
674	#warning The next line works for most cases, but can not be correct generally!	674	#warning The next line works for most cases, but can not be correct generally!
675	if (!( ( (OWaveLanPacket*) this->parent())->duration() )) payload -= 6; // compensation for missing last address	675	if (!( ( (OWaveLanPacket*) this->parent())->duration() )) payload -= 6; // compensation for missing last address
676		676
677	new OLLCPacket( end, (const struct ieee_802_11_802_2_header*) payload, this );	677	new OLLCPacket( end, (const struct ieee_802_11_802_2_header*) payload, this );
678	}	678	}
679		679
680		680
681	OWaveLanDataPacket::~OWaveLanDataPacket()	681	OWaveLanDataPacket::~OWaveLanDataPacket()
682	{	682	{
683	}	683	}
684		684
685		685
686	/*======================================================================================	686	/*======================================================================================
687	* OLLCPacket	687	* OLLCPacket
688	======================================================================================/	688	======================================================================================/
689		689
690	OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2_header* data, QObject* parent )	690	OLLCPacket::OLLCPacket( const unsigned char* end, const struct ieee_802_11_802_2_header* data, QObject* parent )
691	:QObject( parent, "802.11 LLC" ), _header( data )	691	:QObject( parent, "802.11 LLC" ), _header( data )
692	{	692	{
693	qDebug( "OLLCPacket::OLLCPacket(): decoding frame..." );	693	qDebug( "OLLCPacket::OLLCPacket(): decoding frame..." );
694		694
695	if ( !(_header->oui[0] \|\| _header->oui[1] \|\| _header->oui[2]) )	695	if ( !(_header->oui[0] \|\| _header->oui[1] \|\| _header->oui[2]) )
696	{	696	{
697	qDebug( "OLLCPacket::OLLCPacket(): contains an encapsulated Ethernet frame (type=%04X)", EXTRACT_16BITS( &_header->type ) );	697	qDebug( "OLLCPacket::OLLCPacket(): contains an encapsulated Ethernet frame (type=%04X)", EXTRACT_16BITS( &_header->type ) );
698		698
699	switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h	699	switch ( EXTRACT_16BITS( &_header->type ) ) // defined in linux/if_ether.h
700	{	700	{
701	case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;	701	case ETH_P_IP: new OIPPacket( end, (const struct iphdr*) (data+1), this ); break;
702	default: qDebug( "OLLCPacket::OLLCPacket(): Unknown Encapsulation Type" );	702	default: qDebug( "OLLCPacket::OLLCPacket(): Unknown Encapsulation Type" );
703	}	703	}
704		704
705	}	705	}
706	}	706	}
707		707
708		708
709	OLLCPacket::~OLLCPacket()	709	OLLCPacket::~OLLCPacket()
710	{	710	{
711	}	711	}
712		712
713		713
714	/*======================================================================================	714	/*======================================================================================
715	* OWaveLanControlPacket	715	* OWaveLanControlPacket
716	======================================================================================/	716	======================================================================================/
717		717
718	OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const struct ieee_802_11_control_header* data, OWaveLanPacket* parent )	718	OWaveLanControlPacket::OWaveLanControlPacket( const unsigned char* end, const struct ieee_802_11_control_header* data, OWaveLanPacket* parent )
719	:QObject( parent, "802.11 Data" ), _header( data )	719	:QObject( parent, "802.11 Data" ), _header( data )
720	{	720	{
721	qDebug( "OWaveLanControlPacket::OWaveLanDataControl(): decoding frame..." );	721	qDebug( "OWaveLanControlPacket::OWaveLanDataControl(): decoding frame..." );
722	//TODO: Implement this	722	//TODO: Implement this
723	}	723	}
724		724
725		725
726	OWaveLanControlPacket::~OWaveLanControlPacket()	726	OWaveLanControlPacket::~OWaveLanControlPacket()
727	{	727	{
728	}	728	}
729		729
730		730
731	/*======================================================================================	731	/*======================================================================================
732	* OPacketCapturer	732	* OPacketCapturer
733	======================================================================================/	733	======================================================================================/
734		734
735	OPacketCapturer::OPacketCapturer( QObject* parent, const char* name )	735	OPacketCapturer::OPacketCapturer( QObject* parent, const char* name )
736	:QObject( parent, name ), _name( QString::null ), _open( false ),	736	:QObject( parent, name ), _name( QString::null ), _open( false ),
737	_pch( 0 ), _sn( 0 )	737	_pch( 0 ), _pcd( 0 ), _sn( 0 )
738	{	738	{
739	}	739	}
740		740
741		741
742	OPacketCapturer::~OPacketCapturer()	742	OPacketCapturer::~OPacketCapturer()
743	{	743	{
744	if ( _open )	744	if ( _open )
745	{	745	{
746	qDebug( "OPacketCapturer::~OPacketCapturer(): pcap still open, autoclosing." );	746	qDebug( "OPacketCapturer::~OPacketCapturer(): pcap still open, autoclosing." );
747	close();	747	close();
748	}	748	}
749	}	749	}
750		750
751		751
752	void OPacketCapturer::setBlocking( bool b )	752	void OPacketCapturer::setBlocking( bool b )
753	{	753	{
754	if ( pcap_setnonblock( _pch, 1-b, _errbuf ) != -1 )	754	if ( pcap_setnonblock( _pch, 1-b, _errbuf ) != -1 )
755	{	755	{
756	qDebug( "OPacketCapturer::setBlocking(): blocking mode changed successfully." );	756	qDebug( "OPacketCapturer::setBlocking(): blocking mode changed successfully." );
757	}	757	}
758	else	758	else
759	{	759	{
760	qDebug( "OPacketCapturer::setBlocking(): can't change blocking mode: %s", _errbuf );	760	qDebug( "OPacketCapturer::setBlocking(): can't change blocking mode: %s", _errbuf );
761	}	761	}
762	}	762	}
763		763
764		764
765	bool OPacketCapturer::blocking() const	765	bool OPacketCapturer::blocking() const
766	{	766	{
767	int b = pcap_getnonblock( _pch, _errbuf );	767	int b = pcap_getnonblock( _pch, _errbuf );
768	if ( b == -1 )	768	if ( b == -1 )
769	{	769	{
770	qDebug( "OPacketCapturer::blocking(): can't get blocking mode: %s", _errbuf );	770	qDebug( "OPacketCapturer::blocking(): can't get blocking mode: %s", _errbuf );
771	return -1;	771	return -1;
772	}	772	}
773	return !b;	773	return !b;
774	}	774	}
775		775
776		776
777	void OPacketCapturer::close()	777	void OPacketCapturer::close()
778	{	778	{
779	if ( _open )	779	if ( _open )
780	{	780	{
781	if ( _sn )	781	if ( _sn )
782	{	782	{
783	_sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );	783	_sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
784	delete _sn;	784	delete _sn;
785	}	785	}
		786	if ( _pcd )
		787	{
		788	pcap_dump_close( _pcd );
		789	_pcd = 0;
		790	}
786	pcap_close( _pch );	791	pcap_close( _pch );
787	_open = false;	792	_open = false;
788	}	793	}
789		794
790	qDebug( "OPacketCapturer::close() --- dumping capturing statistics..." );	795	qDebug( "OPacketCapturer::close() --- dumping capturing statistics..." );
791	qDebug( "--------------------------------------------------" );	796	qDebug( "--------------------------------------------------" );
792	for( QMap<QString,int>::Iterator it = _stats.begin(); it != _stats.end(); ++it )	797	for( QMap<QString,int>::Iterator it = _stats.begin(); it != _stats.end(); ++it )
793	qDebug( "%s : %d", (const char*) it.key(), it.data() );	798	qDebug( "%s : %d", (const char*) it.key(), it.data() );
794	qDebug( "--------------------------------------------------" );	799	qDebug( "--------------------------------------------------" );
795		800
796	}	801	}
797		802
798		803
799	int OPacketCapturer::dataLink() const	804	int OPacketCapturer::dataLink() const
800	{	805	{
801	return pcap_datalink( _pch );	806	return pcap_datalink( _pch );
802	}	807	}
803		808
804		809
805	int OPacketCapturer::fileno() const	810	int OPacketCapturer::fileno() const
806	{	811	{
807	if ( _open )	812	if ( _open )
808	{	813	{
809	return pcap_fileno( _pch );	814	return pcap_fileno( _pch );
810	}	815	}
811	else	816	else
812	{	817	{
813	return -1;	818	return -1;
814	}	819	}
815	}	820	}
816		821
817	OPacket* OPacketCapturer::next()	822	OPacket* OPacketCapturer::next()
818	{	823	{
819	packetheaderstruct header;	824	packetheaderstruct header;
820	qDebug( "==> OPacketCapturer::next()" );	825	qDebug( "==> OPacketCapturer::next()" );
821	const unsigned char* pdata = pcap_next( _pch, &header );	826	const unsigned char* pdata = pcap_next( _pch, &header );
822	qDebug( "<== OPacketCapturer::next()" );	827	qDebug( "<== OPacketCapturer::next()" );
		828	if ( _pcd )
		829	pcap_dump( (u_char*) _pcd, &header, pdata );
823		830
824	if ( header.len )	831	if ( header.len )
825	{	832	{
826	OPacket* p = new OPacket( dataLink(), header, pdata, 0 );	833	OPacket* p = new OPacket( dataLink(), header, pdata, 0 );
827	// packets shouldn't be inserted in the QObject child-parent hierarchy,	834	// packets shouldn't be inserted in the QObject child-parent hierarchy,
828	// because due to memory constraints they will be deleted as soon	835	// because due to memory constraints they will be deleted as soon
829	// as possible - that is right after they have been processed	836	// as possible - that is right after they have been processed
830	// by emit() [ see below ]	837	// by emit() [ see below ]
831	//TODO: make gathering statistics optional, because it takes time	838	//TODO: make gathering statistics optional, because it takes time
832	p->updateStats( _stats, const_cast<QObjectList*>( p->children() ) );	839	p->updateStats( _stats, const_cast<QObjectList*>( p->children() ) );
833		840
834	return p;	841	return p;
835	}	842	}
836	else	843	else
837	{	844	{
838	return 0;	845	return 0;
839	}	846	}
840	}	847	}
841		848
842		849
843	bool OPacketCapturer::open( const QString& name )	850	bool OPacketCapturer::open( const QString& name, const QString& filename )
844	{	851	{
845	if ( _open )	852	if ( _open )
846	{	853	{
847	if ( name == _name ) // ignore opening an already openend device	854	if ( name == _name ) // ignore opening an already openend device
848	{	855	{
849	return true;	856	return true;
850	}	857	}
851	else // close the last opened device	858	else // close the last opened device
852	{	859	{
853	close();	860	close();
854	}	861	}
855	}	862	}
856		863
857	_name = name;	864	_name = name;
858		865
		866	// open libpcap
859	pcap_t* handle = pcap_open_live( const_cast<char>( (const char) name ), 1024, 0, 0, &_errbuf[0] );	867	pcap_t* handle = pcap_open_live( const_cast<char>( (const char) name ), 1024, 0, 0, &_errbuf[0] );
860		868
861	if ( handle )	869	if ( !handle )
862	{	870	{
863	qDebug( "OPacketCapturer::open(): libpcap opened successfully." );	871	qWarning( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf );
864	_pch = handle;	872	return false;
865	_open = true;	873	}
866	_stats.clear();
867		874
868	// in case we have an application object, create a socket notifier	875	qDebug( "OPacketCapturer::open(): libpcap [%s] opened successfully.", (const char*) name );
869	if ( qApp )	876	_pch = handle;
870	{	877	_open = true;
871	_sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );	878	_stats.clear();
872	connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
873	}
874		879
875	return true;	880	// in case we have an application object, create a socket notifier
		881	if ( qApp ) //TODO: I don't like this here...
		882	{
		883	_sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
		884	connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
876	}	885	}
877	else	886
		887	// if requested, open a dump
		888	pcap_dumper_t* dump = pcap_dump_open( _pch, const_cast<char>( (const char) filename ) );
		889	if ( !dump )
878	{	890	{
879	qDebug( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf );	891	qWarning( "OPacketCapturer::open(): can't open dump with '%s': %s", (const char*) filename, _errbuf );
880	return false;	892	return false;
881	}	893	}
		894	qDebug( "OPacketCapturer::open(): dump [%s] opened successfully.", (const char*) filename );
		895	_pcd = dump;
882		896
		897	return true;
883	}	898	}
884		899
885		900
886	bool OPacketCapturer::open( const QFile& file )	901	bool OPacketCapturer::open( const QFile& file )
887	{	902	{
888	QString name = file.name();	903	QString name = file.name();
889		904
890	if ( _open )	905	if ( _open )
891	{	906	{
892	close();	907	close();
893	if ( name == _name ) // ignore opening an already openend device	908	if ( name == _name ) // ignore opening an already openend device
894	{	909	{
895	return true;	910	return true;
896	}	911	}
897	else // close the last opened device	912	else // close the last opened device
898	{	913	{
899	close();	914	close();
900	}	915	}
901	}	916	}
902		917
903	_name = name;	918	_name = name;
904		919
905	pcap_t* handle = pcap_open_offline( const_cast<char>( (const char) name ), &_errbuf[0] );	920	pcap_t* handle = pcap_open_offline( const_cast<char>( (const char) name ), &_errbuf[0] );
906		921
907	if ( handle )	922	if ( handle )
908	{	923	{
909	qDebug( "OPacketCapturer::open(): libpcap opened successfully." );	924	qDebug( "OPacketCapturer::open(): libpcap opened successfully." );
910	_pch = handle;	925	_pch = handle;
911	_open = true;	926	_open = true;
912		927
913	// in case we have an application object, create a socket notifier	928	// in case we have an application object, create a socket notifier
914	if ( qApp )	929	if ( qApp )
915	{	930	{
916	_sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );	931	_sn = new QSocketNotifier( fileno(), QSocketNotifier::Read );
917	connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );	932	connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) );
918	}	933	}
919		934
920	return true;	935	return true;
921	}	936	}
922	else	937	else
923	{	938	{
924	qDebug( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf );	939	qDebug( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf );
925	return false;	940	return false;
926	}	941	}
927		942
928	}	943	}
929		944
930		945
931	bool OPacketCapturer::isOpen() const	946	bool OPacketCapturer::isOpen() const
932	{	947	{
933	return _open;	948	return _open;
934	}	949	}
935		950
936		951
937	void OPacketCapturer::readyToReceive()	952	void OPacketCapturer::readyToReceive()
938	{	953	{
939	qDebug( "OPacketCapturer::readyToReceive(): about to emit 'receivePacket(p)'" );	954	qDebug( "OPacketCapturer::readyToReceive(): about to emit 'receivePacket(p)'" );
940	OPacket* p = next();	955	OPacket* p = next();
941	emit receivedPacket( p );	956	emit receivedPacket( p );
942	// emit is synchronous - packet has been dealt with, now it's safe to delete	957	// emit is synchronous - packet has been dealt with, now it's safe to delete
943	delete p;	958	delete p;
944	}	959	}
945		960
946		961


diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h index 6c3ac6d..99631ba 100644 --- a/libopie2/opienet/opcap.h +++ b/libopie2/opienet/opcap.h
@@ -409,97 +409,99 @@ class OTCPPacket : public QObject
409	OTCPPacket( const unsigned char, const struct tcphdr, QObject* parent = 0 );	409	OTCPPacket( const unsigned char, const struct tcphdr, QObject* parent = 0 );
410	virtual ~OTCPPacket();	410	virtual ~OTCPPacket();
411		411
412	int fromPort() const;	412	int fromPort() const;
413	int toPort() const;	413	int toPort() const;
414		414
415	private:	415	private:
416	const struct tcphdr* _tcphdr;	416	const struct tcphdr* _tcphdr;
417	};	417	};
418		418
419		419
420	/*======================================================================================	420	/*======================================================================================
421	* OPacketCapturer	421	* OPacketCapturer
422	======================================================================================/	422	======================================================================================/
423		423
424	/**	424	/**
425	* @brief A class based wrapper for network packet capturing.	425	* @brief A class based wrapper for network packet capturing.
426	*	426	*
427	* This class is the base of a high-level interface to the well known packet capturing	427	* This class is the base of a high-level interface to the well known packet capturing
428	* library libpcap. ...	428	* library libpcap. ...
429	*/	429	*/
430	class OPacketCapturer : public QObject	430	class OPacketCapturer : public QObject
431	{	431	{
432	Q_OBJECT	432	Q_OBJECT
433		433
434	public:	434	public:
435	/**	435	/**
436	* Constructor.	436	* Constructor.
437	*/	437	*/
438	OPacketCapturer( QObject* parent = 0, const char* name = 0 );	438	OPacketCapturer( QObject* parent = 0, const char* name = 0 );
439	/**	439	/**
440	* Destructor.	440	* Destructor.
441	*/	441	*/
442	~OPacketCapturer();	442	~OPacketCapturer();
443	/**	443	/**
444	* Setting the packet capturer to use blocking IO calls can be useful when	444	* Setting the packet capturer to use blocking IO calls can be useful when
445	* not using the socket notifier, e.g. without an application object.	445	* not using the socket notifier, e.g. without an application object.
446	*/	446	*/
447	void setBlocking( bool );	447	void setBlocking( bool );
448	/**	448	/**
449	* @returns true if the packet capturer uses blocking IO calls.	449	* @returns true if the packet capturer uses blocking IO calls.
450	*/	450	*/
451	bool blocking() const;	451	bool blocking() const;
452	/**	452	/**
453	* Closes the packet capturer. This is automatically done in the destructor.	453	* Closes the packet capturer. This is automatically done in the destructor.
454	*/	454	*/
455	void close();	455	void close();
456	/**	456	/**
457	* @returns the data link type.	457	* @returns the data link type.
458	* @see <pcap.h> for possible values.	458	* @see <pcap.h> for possible values.
459	*/	459	*/
460	int dataLink() const;	460	int dataLink() const;
461	/**	461	/**
462	* @returns the filedescriptor of the packet capturer. This is only useful, if	462	* @returns the filedescriptor of the packet capturer. This is only useful, if
463	* not using the socket notifier, e.g. without an application object.	463	* not using the socket notifier, e.g. without an application object.
464	*/	464	*/
465	int fileno() const;	465	int fileno() const;
466	/**	466	/**
467	* @returns the next @ref OPacket from the packet capturer.	467	* @returns the next @ref OPacket from the packet capturer.
468	* @note If blocking mode is true then this call might block.	468	* @note If blocking mode is true then this call might block.
469	*/	469	*/
470	OPacket* next();	470	OPacket* next();
471	/**	471	/**
472	* Open the packet capturer to capture packets in live-mode from @a interface.	472	* Open the packet capturer to capture packets in live-mode from @a interface.
		473	* If a @a filename is given, all captured packets are output to a tcpdump-compatible capture file.
473	*/	474	*/
474	bool open( const QString& interface );	475	bool open( const QString& interface, const QString& filename = QString::null );
475	/**	476	/**
476	* Open the packet capturer to capture packets in offline-mode from @a file.	477	* Open the packet capturer to capture packets in offline-mode from @a file.
477	*/	478	*/
478	bool open( const QFile& file );	479	bool open( const QFile& file );
479	/**	480	/**
480	* @returns true if the packet capturer is open	481	* @returns true if the packet capturer is open
481	*/	482	*/
482	bool isOpen() const;	483	bool isOpen() const;
483		484
484	const QMap<QString,int>& statistics() const;	485	const QMap<QString,int>& statistics() const;
485		486
486	signals:	487	signals:
487	/**	488	/**
488	* This signal is emitted, when a packet has been received.	489	* This signal is emitted, when a packet has been received.
489	*/	490	*/
490	void receivedPacket( OPacket* );	491	void receivedPacket( OPacket* );
491		492
492	protected slots:	493	protected slots:
493	void readyToReceive();	494	void readyToReceive();
494		495
495	protected:	496	protected:
496	QString _name; // devicename	497	QString _name; // devicename
497	bool _open; // check this before doing pcap calls	498	bool _open; // check this before doing pcap calls
498	pcap_t* _pch; // pcap library handle	499	pcap_t* _pch; // pcap library handle
		500	pcap_dumper_t* _pcd; // pcap dumper handle
499	QSocketNotifier* _sn; // socket notifier for main loop	501	QSocketNotifier* _sn; // socket notifier for main loop
500	mutable char _errbuf[PCAP_ERRBUF_SIZE]; // holds error strings from libpcap	502	mutable char _errbuf[PCAP_ERRBUF_SIZE]; // holds error strings from libpcap
501	QMap<QString, int> _stats; // statistics;	503	QMap<QString, int> _stats; // statistics;
502	};	504	};
503		505
504	#endif // OPCAP_H	506	#endif // OPCAP_H
505		507