From: guy Date: Sun, 22 Dec 2002 00:15:26 +0000 (+0000) Subject: From Andrew Brown : add a "-U" flag, which causes X-Git-Tag: tcpdump-3.8-bp~250 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/b8e2c3beadd349cef70e6246536feb84d203c826 From Andrew Brown : add a "-U" flag, which causes the output stream for "-w" to be flushed after each packet is dumped. Add checks for "pcap_dump_flush()", and only enable the "-U" flag if it's present. Clean up the handling of the "getopt()" argument and the usage message to get rid of the pile of #ifdefs. Add documentation for the "-L" and "-y" flags. Tweak the description of "-r" to properly format "-w" in the text. --- diff --git a/CREDITS b/CREDITS index fa7f2b13..24551462 100644 --- a/CREDITS +++ b/CREDITS @@ -15,6 +15,7 @@ The current maintainers: Additional people who have contributed patches: + Andrew Brown Alfredo Andres Andrew Hintz Andrew Tridgell diff --git a/config.h.in b/config.h.in index 89af5e84..71b1e30a 100644 --- a/config.h.in +++ b/config.h.in @@ -148,6 +148,9 @@ /* Define if you have the inet_pton function. */ #undef HAVE_INET_PTON +/* Define if you have the pcap_dump_flush function. */ +#undef HAVE_PCAP_DUMP_FLUSH + /* Define if you have the pcap_findalldevs function. */ #undef HAVE_PCAP_FINDALLDEVS diff --git a/configure b/configure index 3de0a530..614fa879 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh -# From configure.in Revision: 1.158 +# From configure.in Revision: 1.159 @@ -4095,7 +4095,7 @@ fi -for ac_func in pcap_findalldevs +for ac_func in pcap_findalldevs pcap_dump_flush do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 echo "configure:4102: checking for $ac_func" >&5 diff --git a/configure.in b/configure.in index 5f89c1bf..8b50a2ab 100644 --- a/configure.in +++ b/configure.in @@ -1,4 +1,4 @@ -dnl @(#) $Header: /tcpdump/master/tcpdump/configure.in,v 1.158 2002-12-11 05:00:06 guy Exp $ (LBL) +dnl @(#) $Header: /tcpdump/master/tcpdump/configure.in,v 1.159 2002-12-22 00:15:27 guy Exp $ (LBL) dnl dnl Copyright (c) 1994, 1995, 1996, 1997 dnl The Regents of the University of California. All rights reserved. @@ -6,7 +6,7 @@ dnl dnl Process this file with autoconf to produce a configure script. dnl -AC_REVISION($Revision: 1.158 $) +AC_REVISION($Revision: 1.159 $) AC_PREREQ(2.13) AC_INIT(tcpdump.c) @@ -559,7 +559,7 @@ dnl AC_CHECK_HEADERS(zlib.h) AC_LBL_LIBPCAP(V_PCAPDEP, V_INCLS) -AC_CHECK_FUNCS(pcap_findalldevs) +AC_CHECK_FUNCS(pcap_findalldevs pcap_dump_flush) AC_MSG_CHECKING(whether pcap_version is defined by libpcap) AC_TRY_LINK([], [ diff --git a/tcpdump.1 b/tcpdump.1 index c564a272..ce6db3f5 100644 --- a/tcpdump.1 +++ b/tcpdump.1 @@ -1,4 +1,4 @@ -.\" @(#) $Header: /tcpdump/master/tcpdump/Attic/tcpdump.1,v 1.134 2002-12-19 05:44:47 guy Exp $ (LBL) +.\" @(#) $Header: /tcpdump/master/tcpdump/Attic/tcpdump.1,v 1.135 2002-12-22 00:15:27 guy Exp $ (LBL) .\" .\" Copyright (c) 1987, 1988, 1989, 1990, 1991, 1992, 1994, 1995, 1996, 1997 .\" The Regents of the University of California. All rights reserved. @@ -20,14 +20,14 @@ .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. .\" -.TH TCPDUMP 1 "8 August 2002" +.TH TCPDUMP 1 "21 December 2002" .SH NAME tcpdump \- dump traffic on a network .SH SYNOPSIS .na .B tcpdump [ -.B \-aAdDeflnNOpqRStuvxX +.B \-aAdDeflnNOpqRStuUvxXy ] [ .B \-c .I count @@ -76,6 +76,11 @@ tcpdump \- dump traffic on a network .I algo:secret ] [ +.B \-y +.I datalinktype +] +.ti +8 +[ .I expression ] .br @@ -325,6 +330,9 @@ E.g., ``tcpdump\ \ \-l\ \ |\ \ tee dat'' or ``tcpdump\ \ \-l \ \ > dat\ \ &\ \ tail\ \ \-f\ \ dat''. .TP +.B \-L +List the known data link types for the interface and exit. +.TP .B \-m Load SMI MIB module definitions from file \fImodule\fR. This option @@ -363,7 +371,9 @@ Since there is no protocol version field in ESP/AH specification, \fItcpdump\fP cannot deduce the version of ESP/AH protocol. .TP .B \-r -Read packets from \fIfile\fR (which was created with the -w option). +Read packets from \fIfile\fR (which was created with the +.B \-w +option). Standard input is used if \fIfile\fR is ``-''. .TP .B \-S @@ -417,6 +427,23 @@ Print a timestamp in default format proceeded by date on each dump line. .B \-u Print undecoded NFS handles. .TP +.B \-U +Make output saved via the +.B \-w +option ``packet-buffered''; i.e., as each packet is saved, it will be +written to the output file, rather than being written only when the +output buffer fills. +.IP +The +.B \-U +flag will not be supported if +.I tcpdump +was built with an older version of +.I libpcap +that lacks the +.B pcap_dump_flush() +function. +.TP .B \-v (Slightly more) verbose output. For example, the time to live, @@ -466,6 +493,9 @@ This is very handy for analysing new protocols. Print each packet, .I including its link level header, in hex and ASCII. +.TP +.B \-y +Set the data link type to use while capturing packets to \fIdatalinktype\fP. .IP "\fI expression\fP" .RS selects which packets will be dumped. diff --git a/tcpdump.c b/tcpdump.c index a4dde2f3..9cf64423 100644 --- a/tcpdump.c +++ b/tcpdump.c @@ -30,7 +30,7 @@ static const char copyright[] = "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\ The Regents of the University of California. All rights reserved.\n"; static const char rcsid[] = - "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.193 2002-12-19 09:39:17 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.194 2002-12-22 00:15:28 guy Exp $ (LBL)"; #endif /* @@ -83,6 +83,7 @@ int Rflag = 1; /* print sequence # field in AH/ESP*/ int sflag = 0; /* use the libsmi to translate OIDs */ int Sflag; /* print raw TCP sequence numbers */ int tflag = 1; /* print packet arrival time */ +int Uflag = 0; /* "unbuffered" output of dump files */ int uflag = 0; /* Print undecoded NFS handles */ int vflag; /* verbose */ int xflag; /* print packet in hex */ @@ -262,6 +263,36 @@ show_dlts_and_exit(pcap_t *pd) exit(0); } +/* + * Set up flags that might or might not be supported depending on the + * version of libpcap we're using. + * + * Win32 builds are assumed to be done with the latest version of WinPcap. + */ +#ifdef WIN32 +#define B_FLAG "B:" +#define B_FLAG_USAGE " [ -B size ]" +#define D_FLAG "D" +#define U_FLAG "U" +#else /* WIN32 */ + +#define B_FLAG +#define B_FLAG_USAGE + +#ifdef HAVE_PCAP_FINDALLDEVS +#define D_FLAG "D" +#else +#define D_FLAG +#endif + +#ifdef HAVE_PCAP_DUMP_FLUSH +#define U_FLAG "U" +#else +#define U_FLAG +#endif + +#endif /* WIN32 */ + int main(int argc, char **argv) { @@ -313,15 +344,7 @@ main(int argc, char **argv) opterr = 0; while ( -#ifdef WIN32 - (op = getopt(argc, argv, "aAB:c:C:dDeE:fF:i:lLm:nNOpqr:Rs:StT:uvw:xXy:Y")) != -1) -#else /* WIN32 */ -#ifdef HAVE_PCAP_FINDALLDEVS - (op = getopt(argc, argv, "aAc:C:dDeE:fF:i:lLm:nNOpqr:Rs:StT:uvw:xXy:Y")) != -1) -#else /* HAVE_PCAP_FINDALLDEVS */ - (op = getopt(argc, argv, "aAc:C:deE:fF:i:lLm:nNOpqr:Rs:StT:uvw:xXy:Y")) != -1) -#endif /* HAVE_PCAP_FINDALLDEVS */ -#endif /* WIN32 */ + (op = getopt(argc, argv, "aA" B_FLAG "c:C:d" D_FLAG "eE:fF:i:lLm:nNOpqr:Rs:StT:u" U_FLAG "vw:xXy:Y")) != -1) switch (op) { case 'a': @@ -523,6 +546,12 @@ main(int argc, char **argv) ++uflag; break; +#ifdef HAVE_PCAP_DUMP_FLUSH + case 'U': + ++Uflag; + break; +#endif + case 'v': ++vflag; break; @@ -817,6 +846,10 @@ dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *s } pcap_dump((u_char *)dump_info->p, h, sp); +#ifdef HAVE_PCAP_FINDALLDEVS + if (Uflag) + pcap_dump_flush(dump_info->p); +#endif --infodelay; if (infoprint) @@ -829,6 +862,10 @@ dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) ++infodelay; pcap_dump(user, h, sp); +#ifdef HAVE_PCAP_FINDALLDEVS + if (Uflag) + pcap_dump_flush((pcap_dumper_t *)user); +#endif --infodelay; if (infoprint) @@ -970,15 +1007,7 @@ usage(void) (void)fprintf(stderr, "libpcap version %s\n", pcap_version); #endif /* WIN32 */ (void)fprintf(stderr, -#ifdef WIN32 -"Usage: %s [-aAdDeflLnNOpqRStuvxX] [-B size] [-c count] [ -C file_size ]\n", program_name); -#else /* WIN32 */ -#ifdef HAVE_PCAP_FINDALLDEVS -"Usage: %s [-aAdDeflLnNOpqRStuvxX] [-c count] [ -C file_size ]\n", program_name); -#else /* HAVE_PCAP_FINDALLDEVS */ -"Usage: %s [-aAdeflLnNOpqRStuvxX] [-c count] [ -C file_size ]\n", program_name); -#endif /* HAVE_PCAP_FINDALLDEVS */ -#endif /* WIN32 */ +"Usage: %s [-aAd" D_FLAG "eflLnNOpqRStu" U_FLAG "vxXy]" B_FLAG_USAGE " [-c count] [ -C file_size ]\n", program_name); (void)fprintf(stderr, "\t\t[ -E algo:secret ] [ -F file ] [ -i interface ] [ -r file ]\n"); (void)fprintf(stderr,