git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
tcpreplay
1
0
Fork 0
Files
Tree: 498547f086
Branches Tags
tcpreplay
/
libpcap.c

libpcap.c 4.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172 
  1. /* $Id: libpcap.c 767 2004-10-06 12:48:49Z aturner $ */
    2. 

  2. 

  3. /*
    4. 

  4.  * Copyright (c) 2001-2004 Aaron Turner, Matt Bing.
    5. 

  5.  * All rights reserved.
    6. 

  6.  *
    7. 

  7.  * Redistribution and use in source and binary forms, with or without
    8. 

  8.  * modification, are permitted provided that the following conditions
    9. 

  9.  * are met:
    10. 

  10.  *
    11. 

  11.  * 1. Redistributions of source code must retain the above copyright
    12. 

  12.  *    notice, this list of conditions and the following disclaimer.
    13. 

  13.  * 2. Redistributions in binary form must reproduce the above copyright
    14. 

  14.  *    notice, this list of conditions and the following disclaimer in the
    15. 

  15.  *    documentation and/or other materials provided with the distribution.
    16. 

  16.  * 3. Neither the names of the copyright owners nor the names of its
    17. 

  17.  *    contributors may be used to endorse or promote products derived from
    18. 

  18.  *    this software without specific prior written permission.
    19. 

  19.  *
    20. 

  20.  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
    21. 

  21.  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
    22. 

  22.  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
    23. 

  23.  * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
    24. 

  24.  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    25. 

  25.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
    26. 

  26.  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
    27. 

  27.  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
    28. 

  28.  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
    29. 

  29.  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
    30. 

  30.  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    31. 

  31.  */
    32. 

  32. 

  33. #include "config.h"
    34. 

  34. 

  35. #include <stdio.h>
    36. 

  36. #include <unistd.h>
    37. 

  37. #include <sys/types.h>
    38. 

  38. 

  39. #include "capinfo.h"
    40. 

  40. #include "libpcap.h"
    41. 

  41. #include "err.h"
    42. 

  42. #include "fakepcap.h"
    43. 

  43. 

  44. /* state of the current pcap file */
    45. 

  45. struct pcap_file_header phdr;
    46. 

  46. int modified;
    47. 

  47. int swapped;
    48. 

  48. 

  49. /* return flag if this is a pcap file */
    50. 

  50. int
    51. 

  51. is_pcap(int fd)
    52. 

  52. {
    53. 

  53. 

  54.     if (lseek(fd, SEEK_SET, 0) != 0) {
    55. 

  55.         err(1, "Unable to seek to start of file");
    56. 

  56.     }
    57. 

  57. 

  58.     if (read(fd, (void *)&phdr, sizeof(phdr)) != sizeof(phdr))
    59. 

  59.         return 0;
    60. 

  60. 

  61.     switch (phdr.magic) {
    62. 

  62.     case PCAP_MAGIC:
    63. 

  63.         swapped = 0;
    64. 

  64.         modified = 0;
    65. 

  65.         break;
    66. 

  66. 

  67.     case PCAP_SWAPPED_MAGIC:
    68. 

  68.         swapped = 1;
    69. 

  69.         modified = 0;
    70. 

  70.         break;
    71. 

  71. 

  72.     case PCAP_MODIFIED_MAGIC:
    73. 

  73.         swapped = 0;
    74. 

  74.         modified = 1;
    75. 

  75.         break;
    76. 

  76. 

  77.     case PCAP_SWAPPED_MODIFIED_MAGIC:
    78. 

  78.         swapped = 1;
    79. 

  79.         modified = 1;
    80. 

  80.         break;
    81. 

  81. 

  82.     default:
    83. 

  83.         return 0;
    84. 

  84.     }
    85. 

  85. 

  86.     /* ensure everything is in host-byte order */
    87. 

  87.     if (swapped) {
    88. 

  88.         phdr.version_major = SWAPSHORT(phdr.version_major);
    89. 

  89.         phdr.version_minor = SWAPSHORT(phdr.version_minor);
    90. 

  90.         phdr.snaplen = SWAPLONG(phdr.snaplen);
    91. 

  91.         phdr.linktype = SWAPLONG(phdr.linktype);
    92. 

  92.     }
    93. 

  93. 

  94.     /* version, snaplen, & linktype magic */
    95. 

  95.     if (phdr.version_major != 2)
    96. 

  96.         return 0;
    97. 

  97. 

  98.     return 1;
    99. 

  99. }
    100. 

  100. 

  101. int
    102. 

  102. get_next_pcap(int fd, struct packet *pkt)
    103. 

  103. {
    104. 

  104.     struct pcap_pkthdr p1, *p;
    105. 

  105.     struct pcap_mod_pkthdr p2;
    106. 

  106. 

  107.     if (modified) {
    108. 

  108.         if (read(fd, &p2, sizeof(p2)) != sizeof(p2))
    109. 

  109.             return 0;
    110. 

  110.         p = &p2.hdr;
    111. 

  111.     }
    112. 

  112.     else {
    113. 

  113.         if (read(fd, &p1, sizeof(p1)) != sizeof(p1))
    114. 

  114.             return 0;
    115. 

  115.         p = &p1;
    116. 

  116.     }
    117. 

  117. 

  118.     if (swapped) {
    119. 

  119.         pkt->len = SWAPLONG(p->caplen);
    120. 

  120.         pkt->ts.tv_sec = SWAPLONG(p->ts.tv_sec);
    121. 

  121.         pkt->ts.tv_usec = SWAPLONG(p->ts.tv_usec);
    122. 

  122.         pkt->actual_len = SWAPLONG(p->len);
    123. 

  123.     }
    124. 

  124.     else {
    125. 

  125.         pkt->len = p->caplen;
    126. 

  126.         pkt->ts = p->ts;
    127. 

  127.         pkt->actual_len = p->len;
    128. 

  128.     }
    129. 

  129. 

  130.     if (read(fd, &pkt->data, pkt->len) != pkt->len)
    131. 

  131.         return 0;
    132. 

  132. 

  133.     return pkt->len;
    134. 

  134. }
    135. 

  135. 

  136. /* 
    137. 

  137.  * Print statistics about a pcap file. is_pcap() must be called first 
    138. 

  138.  * to read the pcap header.
    139. 

  139.  */
    140. 

  140. void
    141. 

  141. stat_pcap(int fd, struct pcap_info *p)
    142. 

  142. {
    143. 

  143.     struct packet pkt;
    144. 

  144.     char *endian[2];
    145. 

  145. 

  146. #ifdef LIBNET_LIL_ENDIAN
    147. 

  147.     endian[0] = "little endian";
    148. 

  148.     endian[1] = "big endian";
    149. 

  149. #else
    150. 

  150.     endian[0] = "big endian";
    151. 

  151.     endian[1] = "little endian";
    152. 

  152. #endif
    153. 

  153. 

  154.     p->modified = modified;
    155. 

  155.     p->swapped = swapped ? endian[1] : endian[0];
    156. 

  156.     p->phdr = phdr;
    157. 

  157.     p->linktype = pcap_datalink_val_to_description(phdr.linktype);
    158. 

  158. 

  159.     p->bytes = p->trunc = 0;
    160. 

  160.     for (p->cnt = 0; get_next_pcap(fd, &pkt); p->cnt++) {
    161. 

  161.         /* grab time of the first packet */
    162. 

  162.         if (p->cnt == 0)
    163. 

  163.             TIMEVAL_TO_TIMESPEC(&pkt.ts, &p->start_tm);
    164. 

  164. 

  165.         /* count p->truncated packets */
    166. 

  166.         p->bytes += pkt.len;
    167. 

  167.         if (pkt.actual_len > phdr.snaplen)
    168. 

  168.             p->trunc++;
    169. 

  169.     }
    170. 

  170.     /* grab time of the last packet */
    171. 

  171.     TIMEVAL_TO_TIMESPEC(&pkt.ts, &p->finish_tm);
    172. 

  172. }
    173.