2 * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that: (1) source code distributions
7 * retain the above copyright notice and this paragraph in its entirety, (2)
8 * distributions including binary code include the above copyright notice and
9 * this paragraph in its entirety in the documentation or other materials
10 * provided with the distribution, and (3) all advertising materials mentioning
11 * features or use of this software display the following acknowledgement:
12 * ``This product includes software developed by the University of California,
13 * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of
14 * the University nor the names of its contributors may be used to endorse
15 * or promote products derived from this software without specific prior
17 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
25 static const char copyright[] _U_ =
26 "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
27 The Regents of the University of California. All rights reserved.\n";
39 #define THREAD_HANDLE HANDLE
40 #define THREAD_FUNC_ARG_TYPE LPVOID
41 #define THREAD_FUNC_RETURN_TYPE DWORD __stdcall
49 #define THREAD_HANDLE pthread_t
50 #define THREAD_FUNC_ARG_TYPE void *
51 #define THREAD_FUNC_RETURN_TYPE void *
54 #include <sys/types.h>
58 #include "pcap/funcattrs.h"
61 #include "portability.h"
64 static char *program_name;
67 static void countme(u_char *, const struct pcap_pkthdr *, const u_char *);
68 static void PCAP_NORETURN usage(void);
69 static void PCAP_NORETURN error(const char *, ...) PCAP_PRINTFLIKE(1, 2);
70 static void warning(const char *, ...) PCAP_PRINTFLIKE(1, 2);
71 static char *copy_argv(char **);
77 * Generate a string for a Win32-specific error (i.e. an error generated when
78 * calling a Win32 API).
79 * For errors occurred during standard C calls, we still use pcap_strerror()
81 #define ERRBUF_SIZE 1024
83 win32_strerror(DWORD error)
85 static char errbuf[ERRBUF_SIZE+1];
88 FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM, NULL, error, 0, errbuf,
92 * "FormatMessage()" "helpfully" sticks CR/LF at the end of the
93 * message. Get rid of it.
95 errlen = strlen(errbuf);
97 errbuf[errlen - 1] = '\0';
98 errbuf[errlen - 2] = '\0';
105 catch_sigusr1(int sig _U_)
107 printf("Got SIGUSR1\n");
117 unsigned secs_remaining;
121 secs_remaining = secs;
122 while (secs_remaining != 0)
123 secs_remaining = sleep(secs_remaining);
127 static THREAD_FUNC_RETURN_TYPE
128 capture_thread_func(THREAD_FUNC_ARG_TYPE arg)
134 struct sigaction action;
140 action.sa_handler = catch_sigusr1;
141 action.sa_mask = mask;
143 if (sigaction(SIGUSR1, &action, NULL) == -1)
144 error("Can't catch SIGUSR1: %s", strerror(errno));
147 printf("Listening on %s\n", device);
150 status = pcap_dispatch(pd, -1, countme,
151 (u_char *)&packet_count);
155 printf("%d packets seen, %d packets counted after pcap_dispatch returns\n",
156 status, packet_count);
158 printf("No packets seen by pcap_dispatch\n");
162 * We got interrupted, so perhaps we didn't
163 * manage to finish a line we were printing.
164 * Print an extra newline, just in case.
167 printf("Loop got broken\n");
169 (void)fflush(stdout);
174 (void)fprintf(stderr, "%s: pcap_loop: %s\n",
175 program_name, pcap_geterr(pd));
181 main(int argc, char **argv)
184 register char *cp, *cmdbuf, *device;
187 bpf_u_int32 localnet, netmask;
188 struct bpf_program fcode;
189 char ebuf[PCAP_ERRBUF_SIZE];
191 THREAD_HANDLE capture_thread;
197 if ((cp = strrchr(argv[0], '/')) != NULL)
198 program_name = cp + 1;
200 program_name = argv[0];
203 while ((op = getopt(argc, argv, "i:")) != -1) {
216 if (device == NULL) {
217 if (pcap_findalldevs(&devlist, ebuf) == -1)
220 error("no interfaces available for capture");
221 device = strdup(devlist->name);
222 pcap_freealldevs(devlist);
225 pd = pcap_create(device, ebuf);
228 status = pcap_set_snaplen(pd, 65535);
230 error("%s: pcap_set_snaplen failed: %s",
231 device, pcap_statustostr(status));
233 status = pcap_set_immediate_mode(pd, 1);
235 error("%s: pcap_set_immediate_mode failed: %s",
236 device, pcap_statustostr(status));
238 status = pcap_set_timeout(pd, 5*60*1000);
240 error("%s: pcap_set_timeout failed: %s",
241 device, pcap_statustostr(status));
242 status = pcap_activate(pd);
245 * pcap_activate() failed.
247 error("%s: %s\n(%s)", device,
248 pcap_statustostr(status), pcap_geterr(pd));
249 } else if (status > 0) {
251 * pcap_activate() succeeded, but it's warning us
252 * of a problem it had.
254 warning("%s: %s\n(%s)", device,
255 pcap_statustostr(status), pcap_geterr(pd));
257 if (pcap_lookupnet(device, &localnet, &netmask, ebuf) < 0) {
262 cmdbuf = copy_argv(&argv[optind]);
264 if (pcap_compile(pd, &fcode, cmdbuf, 1, netmask) < 0)
265 error("%s", pcap_geterr(pd));
267 if (pcap_setfilter(pd, &fcode) < 0)
268 error("%s", pcap_geterr(pd));
271 capture_thread = CreateThread(NULL, 0, capture_thread_func, device,
273 if (capture_thread == NULL)
274 error("Can't create capture thread: %s",
275 win32_strerror(GetLastError()));
277 status = pthread_create(&capture_thread, NULL, capture_thread_func,
280 error("Can't create capture thread: %s", strerror(status));
285 printf("Setting event\n");
286 if (!SetEvent(pcap_getevent(pd)))
287 error("Can't set event for pcap_t: %s",
288 win32_strerror(GetLastError()));
289 if (WaitForSingleObject(capture_thread, INFINITE) == WAIT_FAILED)
290 error("Wait for thread termination failed: %s",
291 win32_strerror(GetLastError()));
292 CloseHandle(capture_thread);
294 printf("Sending SIGUSR1\n");
295 status = pthread_kill(capture_thread, SIGUSR1);
297 warning("Can't interrupt capture thread: %s", strerror(status));
298 status = pthread_join(capture_thread, &retval);
300 error("Wait for thread termination failed: %s",
305 pcap_freecode(&fcode);
306 exit(status == -1 ? 1 : 0);
310 countme(u_char *user, const struct pcap_pkthdr *h _U_, const u_char *sp _U_)
312 int *counterp = (int *)user;
320 (void)fprintf(stderr, "Usage: %s [ -m ] [ -i interface ] [ -t timeout] [expression]\n",
327 error(const char *fmt, ...)
331 (void)fprintf(stderr, "%s: ", program_name);
333 (void)vfprintf(stderr, fmt, ap);
338 (void)fputc('\n', stderr);
346 warning(const char *fmt, ...)
350 (void)fprintf(stderr, "%s: WARNING: ", program_name);
352 (void)vfprintf(stderr, fmt, ap);
357 (void)fputc('\n', stderr);
362 * Copy arg vector into a new buffer, concatenating arguments with spaces.
365 copy_argv(register char **argv)
368 register u_int len = 0;
377 len += strlen(*p++) + 1;
379 buf = (char *)malloc(len);
381 error("copy_argv: malloc");
385 while ((src = *p++) != NULL) {
386 while ((*dst++ = *src++) != '\0')