mirror of
https://github.com/the-tcpdump-group/tcpdump.git
synced 2024-11-23 18:14:29 +08:00
From Andrew Brown <atatat@atatdot.net>: add a "-U" flag, which causes
the output stream for "-w" to be flushed after each packet is dumped. Add checks for "pcap_dump_flush()", and only enable the "-U" flag if it's present. Clean up the handling of the "getopt()" argument and the usage message to get rid of the pile of #ifdefs. Add documentation for the "-L" and "-y" flags. Tweak the description of "-r" to properly format "-w" in the text.
This commit is contained in:
guy
parent
6eeb0a811b
commit
b8e2c3bead
1
CREDITS
1
CREDITS
@ -15,6 +15,7 @@ The current maintainers:
|
||||
|
||||
Additional people who have contributed patches:
|
||||
|
||||
Andrew Brown <atatat@atatdot.net>
|
||||
Alfredo Andres <aandres@s21sec.com>
|
||||
Andrew Hintz <adhintz@users.sourceforge.net>
|
||||
Andrew Tridgell <tridge@linuxcare.com>
|
||||
|
||||
@ -148,6 +148,9 @@
|
||||
/* Define if you have the inet_pton function. */
|
||||
#undef HAVE_INET_PTON
|
||||
|
||||
/* Define if you have the pcap_dump_flush function. */
|
||||
#undef HAVE_PCAP_DUMP_FLUSH
|
||||
|
||||
/* Define if you have the pcap_findalldevs function. */
|
||||
#undef HAVE_PCAP_FINDALLDEVS
|
||||
|
||||
|
||||
4
configure
vendored
4
configure
vendored
@ -1,6 +1,6 @@
|
||||
#! /bin/sh
|
||||
|
||||
# From configure.in Revision: 1.158
|
||||
# From configure.in Revision: 1.159
|
||||
|
||||
|
||||
|
||||
@ -4095,7 +4095,7 @@ fi
|
||||
|
||||
|
||||
|
||||
for ac_func in pcap_findalldevs
|
||||
for ac_func in pcap_findalldevs pcap_dump_flush
|
||||
do
|
||||
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
|
||||
echo "configure:4102: checking for $ac_func" >&5
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
dnl @(#) $Header: /tcpdump/master/tcpdump/configure.in,v 1.158 2002-12-11 05:00:06 guy Exp $ (LBL)
|
||||
dnl @(#) $Header: /tcpdump/master/tcpdump/configure.in,v 1.159 2002-12-22 00:15:27 guy Exp $ (LBL)
|
||||
dnl
|
||||
dnl Copyright (c) 1994, 1995, 1996, 1997
|
||||
dnl The Regents of the University of California. All rights reserved.
|
||||
@ -6,7 +6,7 @@ dnl
|
||||
dnl Process this file with autoconf to produce a configure script.
|
||||
dnl
|
||||
|
||||
AC_REVISION($Revision: 1.158 $)
|
||||
AC_REVISION($Revision: 1.159 $)
|
||||
AC_PREREQ(2.13)
|
||||
AC_INIT(tcpdump.c)
|
||||
|
||||
@ -559,7 +559,7 @@ dnl AC_CHECK_HEADERS(zlib.h)
|
||||
|
||||
AC_LBL_LIBPCAP(V_PCAPDEP, V_INCLS)
|
||||
|
||||
AC_CHECK_FUNCS(pcap_findalldevs)
|
||||
AC_CHECK_FUNCS(pcap_findalldevs pcap_dump_flush)
|
||||
AC_MSG_CHECKING(whether pcap_version is defined by libpcap)
|
||||
AC_TRY_LINK([],
|
||||
[
|
||||
|
||||
38
tcpdump.1
38
tcpdump.1
@ -1,4 +1,4 @@
|
||||
.\" @(#) $Header: /tcpdump/master/tcpdump/Attic/tcpdump.1,v 1.134 2002-12-19 05:44:47 guy Exp $ (LBL)
|
||||
.\" @(#) $Header: /tcpdump/master/tcpdump/Attic/tcpdump.1,v 1.135 2002-12-22 00:15:27 guy Exp $ (LBL)
|
||||
.\"
|
||||
.\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997
|
||||
.\" The Regents of the University of California. All rights reserved.
|
||||
@ -20,14 +20,14 @@
|
||||
.\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
||||
.\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
.\"
|
||||
.TH TCPDUMP 1 "8 August 2002"
|
||||
.TH TCPDUMP 1 "21 December 2002"
|
||||
.SH NAME
|
||||
tcpdump \- dump traffic on a network
|
||||
.SH SYNOPSIS
|
||||
.na
|
||||
.B tcpdump
|
||||
[
|
||||
.B \-aAdDeflnNOpqRStuvxX
|
||||
.B \-aAdDeflnNOpqRStuUvxXy
|
||||
] [
|
||||
.B \-c
|
||||
.I count
|
||||
@ -76,6 +76,11 @@ tcpdump \- dump traffic on a network
|
||||
.I algo:secret
|
||||
]
|
||||
[
|
||||
.B \-y
|
||||
.I datalinktype
|
||||
]
|
||||
.ti +8
|
||||
[
|
||||
.I expression
|
||||
]
|
||||
.br
|
||||
@ -325,6 +330,9 @@ E.g.,
|
||||
``tcpdump\ \ \-l\ \ |\ \ tee dat'' or
|
||||
``tcpdump\ \ \-l \ \ > dat\ \ &\ \ tail\ \ \-f\ \ dat''.
|
||||
.TP
|
||||
.B \-L
|
||||
List the known data link types for the interface and exit.
|
||||
.TP
|
||||
.B \-m
|
||||
Load SMI MIB module definitions from file \fImodule\fR.
|
||||
This option
|
||||
@ -363,7 +371,9 @@ Since there is no protocol version field in ESP/AH specification,
|
||||
\fItcpdump\fP cannot deduce the version of ESP/AH protocol.
|
||||
.TP
|
||||
.B \-r
|
||||
Read packets from \fIfile\fR (which was created with the -w option).
|
||||
Read packets from \fIfile\fR (which was created with the
|
||||
.B \-w
|
||||
option).
|
||||
Standard input is used if \fIfile\fR is ``-''.
|
||||
.TP
|
||||
.B \-S
|
||||
@ -417,6 +427,23 @@ Print a timestamp in default format proceeded by date on each dump line.
|
||||
.B \-u
|
||||
Print undecoded NFS handles.
|
||||
.TP
|
||||
.B \-U
|
||||
Make output saved via the
|
||||
.B \-w
|
||||
option ``packet-buffered''; i.e., as each packet is saved, it will be
|
||||
written to the output file, rather than being written only when the
|
||||
output buffer fills.
|
||||
.IP
|
||||
The
|
||||
.B \-U
|
||||
flag will not be supported if
|
||||
.I tcpdump
|
||||
was built with an older version of
|
||||
.I libpcap
|
||||
that lacks the
|
||||
.B pcap_dump_flush()
|
||||
function.
|
||||
.TP
|
||||
.B \-v
|
||||
(Slightly more) verbose output.
|
||||
For example, the time to live,
|
||||
@ -466,6 +493,9 @@ This is very handy for analysing new protocols.
|
||||
Print each packet,
|
||||
.I including
|
||||
its link level header, in hex and ASCII.
|
||||
.TP
|
||||
.B \-y
|
||||
Set the data link type to use while capturing packets to \fIdatalinktype\fP.
|
||||
.IP "\fI expression\fP"
|
||||
.RS
|
||||
selects which packets will be dumped.
|
||||
|
||||
67
tcpdump.c
67
tcpdump.c
@ -30,7 +30,7 @@ static const char copyright[] =
|
||||
"@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\
|
||||
The Regents of the University of California. All rights reserved.\n";
|
||||
static const char rcsid[] =
|
||||
"@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.193 2002-12-19 09:39:17 guy Exp $ (LBL)";
|
||||
"@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.194 2002-12-22 00:15:28 guy Exp $ (LBL)";
|
||||
#endif
|
||||
|
||||
/*
|
||||
@ -83,6 +83,7 @@ int Rflag = 1; /* print sequence # field in AH/ESP*/
|
||||
int sflag = 0; /* use the libsmi to translate OIDs */
|
||||
int Sflag; /* print raw TCP sequence numbers */
|
||||
int tflag = 1; /* print packet arrival time */
|
||||
int Uflag = 0; /* "unbuffered" output of dump files */
|
||||
int uflag = 0; /* Print undecoded NFS handles */
|
||||
int vflag; /* verbose */
|
||||
int xflag; /* print packet in hex */
|
||||
@ -262,6 +263,36 @@ show_dlts_and_exit(pcap_t *pd)
|
||||
exit(0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Set up flags that might or might not be supported depending on the
|
||||
* version of libpcap we're using.
|
||||
*
|
||||
* Win32 builds are assumed to be done with the latest version of WinPcap.
|
||||
*/
|
||||
#ifdef WIN32
|
||||
#define B_FLAG "B:"
|
||||
#define B_FLAG_USAGE " [ -B size ]"
|
||||
#define D_FLAG "D"
|
||||
#define U_FLAG "U"
|
||||
#else /* WIN32 */
|
||||
|
||||
#define B_FLAG
|
||||
#define B_FLAG_USAGE
|
||||
|
||||
#ifdef HAVE_PCAP_FINDALLDEVS
|
||||
#define D_FLAG "D"
|
||||
#else
|
||||
#define D_FLAG
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_PCAP_DUMP_FLUSH
|
||||
#define U_FLAG "U"
|
||||
#else
|
||||
#define U_FLAG
|
||||
#endif
|
||||
|
||||
#endif /* WIN32 */
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
@ -313,15 +344,7 @@ main(int argc, char **argv)
|
||||
|
||||
opterr = 0;
|
||||
while (
|
||||
#ifdef WIN32
|
||||
(op = getopt(argc, argv, "aAB:c:C:dDeE:fF:i:lLm:nNOpqr:Rs:StT:uvw:xXy:Y")) != -1)
|
||||
#else /* WIN32 */
|
||||
#ifdef HAVE_PCAP_FINDALLDEVS
|
||||
(op = getopt(argc, argv, "aAc:C:dDeE:fF:i:lLm:nNOpqr:Rs:StT:uvw:xXy:Y")) != -1)
|
||||
#else /* HAVE_PCAP_FINDALLDEVS */
|
||||
(op = getopt(argc, argv, "aAc:C:deE:fF:i:lLm:nNOpqr:Rs:StT:uvw:xXy:Y")) != -1)
|
||||
#endif /* HAVE_PCAP_FINDALLDEVS */
|
||||
#endif /* WIN32 */
|
||||
(op = getopt(argc, argv, "aA" B_FLAG "c:C:d" D_FLAG "eE:fF:i:lLm:nNOpqr:Rs:StT:u" U_FLAG "vw:xXy:Y")) != -1)
|
||||
switch (op) {
|
||||
|
||||
case 'a':
|
||||
@ -523,6 +546,12 @@ main(int argc, char **argv)
|
||||
++uflag;
|
||||
break;
|
||||
|
||||
#ifdef HAVE_PCAP_DUMP_FLUSH
|
||||
case 'U':
|
||||
++Uflag;
|
||||
break;
|
||||
#endif
|
||||
|
||||
case 'v':
|
||||
++vflag;
|
||||
break;
|
||||
@ -817,6 +846,10 @@ dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *s
|
||||
}
|
||||
|
||||
pcap_dump((u_char *)dump_info->p, h, sp);
|
||||
#ifdef HAVE_PCAP_FINDALLDEVS
|
||||
if (Uflag)
|
||||
pcap_dump_flush(dump_info->p);
|
||||
#endif
|
||||
|
||||
--infodelay;
|
||||
if (infoprint)
|
||||
@ -829,6 +862,10 @@ dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
|
||||
++infodelay;
|
||||
|
||||
pcap_dump(user, h, sp);
|
||||
#ifdef HAVE_PCAP_FINDALLDEVS
|
||||
if (Uflag)
|
||||
pcap_dump_flush((pcap_dumper_t *)user);
|
||||
#endif
|
||||
|
||||
--infodelay;
|
||||
if (infoprint)
|
||||
@ -970,15 +1007,7 @@ usage(void)
|
||||
(void)fprintf(stderr, "libpcap version %s\n", pcap_version);
|
||||
#endif /* WIN32 */
|
||||
(void)fprintf(stderr,
|
||||
#ifdef WIN32
|
||||
"Usage: %s [-aAdDeflLnNOpqRStuvxX] [-B size] [-c count] [ -C file_size ]\n", program_name);
|
||||
#else /* WIN32 */
|
||||
#ifdef HAVE_PCAP_FINDALLDEVS
|
||||
"Usage: %s [-aAdDeflLnNOpqRStuvxX] [-c count] [ -C file_size ]\n", program_name);
|
||||
#else /* HAVE_PCAP_FINDALLDEVS */
|
||||
"Usage: %s [-aAdeflLnNOpqRStuvxX] [-c count] [ -C file_size ]\n", program_name);
|
||||
#endif /* HAVE_PCAP_FINDALLDEVS */
|
||||
#endif /* WIN32 */
|
||||
"Usage: %s [-aAd" D_FLAG "eflLnNOpqRStu" U_FLAG "vxXy]" B_FLAG_USAGE " [-c count] [ -C file_size ]\n", program_name);
|
||||
(void)fprintf(stderr,
|
||||
"\t\t[ -E algo:secret ] [ -F file ] [ -i interface ] [ -r file ]\n");
|
||||
(void)fprintf(stderr,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user