-rw-r--r-- | libopie2/opienet/opcap.cpp | 33 | ||||
-rw-r--r-- | libopie2/opienet/opcap.h | 4 |
2 files changed, 27 insertions, 10 deletions
diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp index 30f6208..04b1bb1 100644 --- a/libopie2/opienet/opcap.cpp +++ b/libopie2/opienet/opcap.cpp @@ -736,3 +736,3 @@ OPacketCapturer::OPacketCapturer( QObject* parent, const char* name ) :QObject( parent, name ), _name( QString::null ), _open( false ), - _pch( 0 ), _sn( 0 ) + _pch( 0 ), _pcd( 0 ), _sn( 0 ) { @@ -785,2 +785,7 @@ void OPacketCapturer::close() } + if ( _pcd ) + { + pcap_dump_close( _pcd ); + _pcd = 0; + } pcap_close( _pch ); @@ -822,2 +827,4 @@ OPacket* OPacketCapturer::next() qDebug( "<== OPacketCapturer::next()" ); + if ( _pcd ) + pcap_dump( (u_char*) _pcd, &header, pdata ); @@ -842,3 +849,3 @@ OPacket* OPacketCapturer::next() -bool OPacketCapturer::open( const QString& name ) +bool OPacketCapturer::open( const QString& name, const QString& filename ) { @@ -858,7 +865,12 @@ bool OPacketCapturer::open( const QString& name ) + // open libpcap pcap_t* handle = pcap_open_live( const_cast<char*>( (const char*) name ), 1024, 0, 0, &_errbuf[0] ); - if ( handle ) + if ( !handle ) { - qDebug( "OPacketCapturer::open(): libpcap opened successfully." ); + qWarning( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf ); + return false; + } + + qDebug( "OPacketCapturer::open(): libpcap [%s] opened successfully.", (const char*) name ); _pch = handle; @@ -868,3 +880,3 @@ bool OPacketCapturer::open( const QString& name ) // in case we have an application object, create a socket notifier - if ( qApp ) + if ( qApp ) //TODO: I don't like this here... { @@ -874,10 +886,13 @@ bool OPacketCapturer::open( const QString& name ) - return true; - } - else + // if requested, open a dump + pcap_dumper_t* dump = pcap_dump_open( _pch, const_cast<char*>( (const char*) filename ) ); + if ( !dump ) { - qDebug( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf ); + qWarning( "OPacketCapturer::open(): can't open dump with '%s': %s", (const char*) filename, _errbuf ); return false; } + qDebug( "OPacketCapturer::open(): dump [%s] opened successfully.", (const char*) filename ); + _pcd = dump; + return true; } diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h index 6c3ac6d..99631ba 100644 --- a/libopie2/opienet/opcap.h +++ b/libopie2/opienet/opcap.h @@ -472,4 +472,5 @@ class OPacketCapturer : public QObject * Open the packet capturer to capture packets in live-mode from @a interface. + * If a @a filename is given, all captured packets are output to a tcpdump-compatible capture file. */ - bool open( const QString& interface ); + bool open( const QString& interface, const QString& filename = QString::null ); /** @@ -498,2 +499,3 @@ class OPacketCapturer : public QObject pcap_t* _pch; // pcap library handle + pcap_dumper_t* _pcd; // pcap dumper handle QSocketNotifier* _sn; // socket notifier for main loop |