mirror of https://github.com/dirtbags/fluffy.git
pcat wrong order, pmerge no longer junks linktype
This commit is contained in:
parent
4d9d840ab3
commit
72945ca4ea
|
@ -127,7 +127,7 @@ such as sed, awk, cut, grep, or head.
|
||||||
|
|
||||||
Output is tab-separated, of the format:
|
Output is tab-separated, of the format:
|
||||||
|
|
||||||
timestamp protocol options src dst payload
|
timestamp protocol src dst options payload
|
||||||
|
|
||||||
Frequently you are only interested in the payload,
|
Frequently you are only interested in the payload,
|
||||||
so you can run pcat like:
|
so you can run pcat like:
|
||||||
|
|
7
pcap.c
7
pcap.c
|
@ -38,7 +38,12 @@ pcap_open_in(struct pcap_file *ctx, FILE * f)
|
||||||
int
|
int
|
||||||
pcap_open_out(struct pcap_file *ctx, FILE * f)
|
pcap_open_out(struct pcap_file *ctx, FILE * f)
|
||||||
{
|
{
|
||||||
struct pcap_file_header h = { MAGIC, 2, 4, 0, 0, MAXFRAME, 1 };
|
return pcap_open_out_linktype(ctx, f, 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
pcap_open_out_linktype(struct pcap_file *ctx, FILE *f, int32_t linktype) {
|
||||||
|
struct pcap_file_header h = { MAGIC, 2, 4, 0, 0, MAXFRAME, linktype };
|
||||||
|
|
||||||
if (1 != fwrite(&h, sizeof(h), 1, f)) {
|
if (1 != fwrite(&h, sizeof(h), 1, f)) {
|
||||||
return -1;
|
return -1;
|
||||||
|
|
1
pcap.h
1
pcap.h
|
@ -69,6 +69,7 @@ struct pcap_pkthdr {
|
||||||
|
|
||||||
int pcap_open_in(struct pcap_file *ctx, FILE * f);
|
int pcap_open_in(struct pcap_file *ctx, FILE * f);
|
||||||
int pcap_open_out(struct pcap_file *ctx, FILE * f);
|
int pcap_open_out(struct pcap_file *ctx, FILE * f);
|
||||||
|
int pcap_open_out_linktype(struct pcap_file *ctx, FILE * f, int32_t linktype);
|
||||||
int pcap_read_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr);
|
int pcap_read_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr);
|
||||||
int pcap_write_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr);
|
int pcap_write_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr);
|
||||||
void pcap_close(struct pcap_file *ctx);
|
void pcap_close(struct pcap_file *ctx);
|
||||||
|
|
2
pcat.c
2
pcat.c
|
@ -99,7 +99,7 @@ process_icmp(struct stream *s, char *saddr_s, char *daddr_s)
|
||||||
uint8_t code = read_uint8(s);
|
uint8_t code = read_uint8(s);
|
||||||
uint16_t checksum = read_uint16(s);
|
uint16_t checksum = read_uint16(s);
|
||||||
|
|
||||||
printf("ICMP\t%d,%d\t%s\t%s\t", type, code, saddr_s, daddr_s);
|
printf("ICMP\t%s\t%s\t%d,%d\t", saddr_s, daddr_s, type, code);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
|
9
pmerge.c
9
pmerge.c
|
@ -50,6 +50,7 @@ main(int argc, char *argv[])
|
||||||
/*
|
/*
|
||||||
* Open input files
|
* Open input files
|
||||||
*/
|
*/
|
||||||
|
int32_t linktype = 0;
|
||||||
for (i = 0; i < argc - 1; i += 1) {
|
for (i = 0; i < argc - 1; i += 1) {
|
||||||
char *fn = argv[i + 1];
|
char *fn = argv[i + 1];
|
||||||
struct input_file *cur = &files[nfiles];
|
struct input_file *cur = &files[nfiles];
|
||||||
|
@ -68,6 +69,12 @@ main(int argc, char *argv[])
|
||||||
fprintf(stderr, "%s: unable to process\n", fn);
|
fprintf(stderr, "%s: unable to process\n", fn);
|
||||||
return EX_IOERR;
|
return EX_IOERR;
|
||||||
}
|
}
|
||||||
|
if (i == 0) {
|
||||||
|
linktype = cur->p.linktype;
|
||||||
|
} else if (linktype != cur->p.linktype) {
|
||||||
|
fprintf(stderr, "%s: incompatible linktype with first file\n", fn);
|
||||||
|
return EX_IOERR;
|
||||||
|
}
|
||||||
cur->active = 1;
|
cur->active = 1;
|
||||||
|
|
||||||
if (0 == read_next(cur)) {
|
if (0 == read_next(cur)) {
|
||||||
|
@ -75,7 +82,7 @@ main(int argc, char *argv[])
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (-1 == pcap_open_out(&out, stdout)) {
|
if (-1 == pcap_open_out_linktype(&out, stdout, linktype)) {
|
||||||
perror("writing header");
|
perror("writing header");
|
||||||
return EX_IOERR;
|
return EX_IOERR;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue