neale
/
fluffy
mirror of https://github.com/dirtbags/fluffy.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

pcat wrong order, pmerge no longer junks linktype

This commit is contained in:
Neale Pickett 2020-09-21 14:52:53 -06:00
parent 4d9d840ab3
commit 72945ca4ea
5 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -127,7 +127,7 @@ such as sed, awk, cut, grep, or head.
Output is tab-separated, of the format: Output is tab-separated, of the format:
timestamp protocol options src dst payload timestamp protocol src dst options payload
Frequently you are only interested in the payload, Frequently you are only interested in the payload,
so you can run pcat like: so you can run pcat like:

7
pcap.c
View File

@ -38,7 +38,12 @@ pcap_open_in(struct pcap_file *ctx, FILE * f)
int int
pcap_open_out(struct pcap_file *ctx, FILE * f) pcap_open_out(struct pcap_file *ctx, FILE * f)
{ {
struct pcap_file_header h = { MAGIC, 2, 4, 0, 0, MAXFRAME, 1 }; return pcap_open_out_linktype(ctx, f, 1);
}
int
pcap_open_out_linktype(struct pcap_file *ctx, FILE *f, int32_t linktype) {
struct pcap_file_header h = { MAGIC, 2, 4, 0, 0, MAXFRAME, linktype };
if (1 != fwrite(&h, sizeof(h), 1, f)) { if (1 != fwrite(&h, sizeof(h), 1, f)) {
return -1; return -1;

1
pcap.h
View File

@ -69,6 +69,7 @@ struct pcap_pkthdr {
int pcap_open_in(struct pcap_file *ctx, FILE * f); int pcap_open_in(struct pcap_file *ctx, FILE * f);
int pcap_open_out(struct pcap_file *ctx, FILE * f); int pcap_open_out(struct pcap_file *ctx, FILE * f);
int pcap_open_out_linktype(struct pcap_file *ctx, FILE * f, int32_t linktype);
int pcap_read_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr); int pcap_read_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr);
int pcap_write_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr); int pcap_write_pkthdr(struct pcap_file *ctx, struct pcap_pkthdr *hdr);
void pcap_close(struct pcap_file *ctx); void pcap_close(struct pcap_file *ctx);

2
pcat.c
View File

@ -99,7 +99,7 @@ process_icmp(struct stream *s, char *saddr_s, char *daddr_s)
uint8_t code = read_uint8(s); uint8_t code = read_uint8(s);
uint16_t checksum = read_uint16(s); uint16_t checksum = read_uint16(s);
printf("ICMP\t%d,%d\t%s\t%s\t", type, code, saddr_s, daddr_s); printf("ICMP\t%s\t%s\t%d,%d\t", saddr_s, daddr_s, type, code);
} }
void void

9
pmerge.c
View File

@ -50,6 +50,7 @@ main(int argc, char *argv[])
/* /*
* Open input files * Open input files
*/ */
int32_t linktype = 0;
for (i = 0; i < argc - 1; i += 1) { for (i = 0; i < argc - 1; i += 1) {
char *fn = argv[i + 1]; char *fn = argv[i + 1];
struct input_file *cur = &files[nfiles]; struct input_file *cur = &files[nfiles];
@ -68,6 +69,12 @@ main(int argc, char *argv[])
fprintf(stderr, "%s: unable to process\n", fn); fprintf(stderr, "%s: unable to process\n", fn);
return EX_IOERR; return EX_IOERR;
} }
if (i == 0) {
linktype = cur->p.linktype;
} else if (linktype != cur->p.linktype) {
fprintf(stderr, "%s: incompatible linktype with first file\n", fn);
return EX_IOERR;
}
cur->active = 1; cur->active = 1;
if (0 == read_next(cur)) { if (0 == read_next(cur)) {
@ -75,7 +82,7 @@ main(int argc, char *argv[])
} }
} }
if (-1 == pcap_open_out(&out, stdout)) { if (-1 == pcap_open_out_linktype(&out, stdout, linktype)) {
perror("writing header"); perror("writing header");
return EX_IOERR; return EX_IOERR;
} }