From 1064aea74c5dd7b3d4f87e483bd85f3fac0cf03c Mon Sep 17 00:00:00 2001 From: mickeyl Date: Thu, 10 Apr 2003 17:25:24 +0000 Subject: OPacketCapturer is now able to write captured packages in the standard tcpdump-compatible format --- (limited to 'libopie2') diff --git a/libopie2/opienet/opcap.cpp b/libopie2/opienet/opcap.cpp index 30f6208..04b1bb1 100644 --- a/libopie2/opienet/opcap.cpp +++ b/libopie2/opienet/opcap.cpp @@ -734,7 +734,7 @@ OWaveLanControlPacket::~OWaveLanControlPacket() OPacketCapturer::OPacketCapturer( QObject* parent, const char* name ) :QObject( parent, name ), _name( QString::null ), _open( false ), - _pch( 0 ), _sn( 0 ) + _pch( 0 ), _pcd( 0 ), _sn( 0 ) { } @@ -783,6 +783,11 @@ void OPacketCapturer::close() _sn->disconnect( SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) ); delete _sn; } + if ( _pcd ) + { + pcap_dump_close( _pcd ); + _pcd = 0; + } pcap_close( _pch ); _open = false; } @@ -820,6 +825,8 @@ OPacket* OPacketCapturer::next() qDebug( "==> OPacketCapturer::next()" ); const unsigned char* pdata = pcap_next( _pch, &header ); qDebug( "<== OPacketCapturer::next()" ); + if ( _pcd ) + pcap_dump( (u_char*) _pcd, &header, pdata ); if ( header.len ) { @@ -840,7 +847,7 @@ OPacket* OPacketCapturer::next() } -bool OPacketCapturer::open( const QString& name ) +bool OPacketCapturer::open( const QString& name, const QString& filename ) { if ( _open ) { @@ -856,30 +863,38 @@ bool OPacketCapturer::open( const QString& name ) _name = name; + // open libpcap pcap_t* handle = pcap_open_live( const_cast( (const char*) name ), 1024, 0, 0, &_errbuf[0] ); - if ( handle ) + if ( !handle ) { - qDebug( "OPacketCapturer::open(): libpcap opened successfully." ); - _pch = handle; - _open = true; - _stats.clear(); + qWarning( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf ); + return false; + } - // in case we have an application object, create a socket notifier - if ( qApp ) - { - _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read ); - connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) ); - } + qDebug( "OPacketCapturer::open(): libpcap [%s] opened successfully.", (const char*) name ); + _pch = handle; + _open = true; + _stats.clear(); - return true; + // in case we have an application object, create a socket notifier + if ( qApp ) //TODO: I don't like this here... + { + _sn = new QSocketNotifier( fileno(), QSocketNotifier::Read ); + connect( _sn, SIGNAL( activated(int) ), this, SLOT( readyToReceive() ) ); } - else + + // if requested, open a dump + pcap_dumper_t* dump = pcap_dump_open( _pch, const_cast( (const char*) filename ) ); + if ( !dump ) { - qDebug( "OPacketCapturer::open(): can't open libpcap with '%s': %s", (const char*) name, _errbuf ); + qWarning( "OPacketCapturer::open(): can't open dump with '%s': %s", (const char*) filename, _errbuf ); return false; } + qDebug( "OPacketCapturer::open(): dump [%s] opened successfully.", (const char*) filename ); + _pcd = dump; + return true; } diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h index 6c3ac6d..99631ba 100644 --- a/libopie2/opienet/opcap.h +++ b/libopie2/opienet/opcap.h @@ -470,8 +470,9 @@ class OPacketCapturer : public QObject OPacket* next(); /** * Open the packet capturer to capture packets in live-mode from @a interface. + * If a @a filename is given, all captured packets are output to a tcpdump-compatible capture file. */ - bool open( const QString& interface ); + bool open( const QString& interface, const QString& filename = QString::null ); /** * Open the packet capturer to capture packets in offline-mode from @a file. */ @@ -496,6 +497,7 @@ class OPacketCapturer : public QObject QString _name; // devicename bool _open; // check this before doing pcap calls pcap_t* _pch; // pcap library handle + pcap_dumper_t* _pcd; // pcap dumper handle QSocketNotifier* _sn; // socket notifier for main loop mutable char _errbuf[PCAP_ERRBUF_SIZE]; // holds error strings from libpcap QMap _stats; // statistics; -- cgit v0.9.0.2