tcpdump mailing list archives
[PATCH] pcap_setdirection support
From: Thomas Jacob <jacob () internet24 de>
Date: Tue, 25 Aug 2009 21:59:49 +0200
---
configure.in | 7 +++++++
tcpdump.1.in | 10 ++++++++++
tcpdump.c | 35 +++++++++++++++++++++++++++++++++--
3 files changed, 50 insertions(+), 2 deletions(-)
diff --git a/configure.in b/configure.in
index 50ac7ad..79478c5 100644
--- a/configure.in
+++ b/configure.in
@@ -785,6 +785,13 @@ else
AC_MSG_RESULT(no)
fi
fi
+
+AC_CHECK_FUNCS(pcap_setdirection)
+if test $ac_cv_func_pcap_setdirection = "yes" ; then
+dnl Check for capture direction setting support
+ AC_DEFINE(HAVE_PCAP_SETDIRECTION)
+fi
+
AC_REPLACE_FUNCS(bpf_dump) dnl moved to libpcap in 0.6
V_GROUP=0
diff --git a/tcpdump.1.in b/tcpdump.1.in
index f0f7ce0..fb27e4a 100644
--- a/tcpdump.1.in
+++ b/tcpdump.1.in
@@ -109,6 +109,11 @@ tcpdump \- dump traffic on a network
]
.ti +8
[
+.B \-P
+.I in|out|inout
+]
+.ti +8
+[
.I expression
]
.br
@@ -410,6 +415,11 @@ Note that the interface might be in promiscuous
mode for some other reason; hence, `-p' cannot be used as an abbreviation for
`ether host {local-hw-addr} or ether broadcast'.
.TP
+.B \-P
+Choose send/receive direction \fIdirection\fR for which packets should be
+captured. Possible values are `in', `out' and `inout'. Not available
+on all platforms.
+.TP
.B \-q
Quick (quiet?) output.
Print less protocol information so output
diff --git a/tcpdump.c b/tcpdump.c
index 26d1d80..fdbd880 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -92,6 +92,9 @@ netdissect_options *gndo = &Gndo;
int dflag; /* print filter code */
int Lflag; /* list available data link types and exit */
+#ifdef HAVE_PCAP_SETDIRECTION
+int Pflag = PCAP_D_INOUT; /* Restrict captured packet by sent/receive direction */
+#endif
char *zflag = NULL; /* compress each savefile using a specified command (like gzip or bzip2) */
static int infodelay;
@@ -387,6 +390,12 @@ show_dlts_and_exit(pcap_t *pd)
#define U_FLAG
#endif
+#ifdef HAVE_PCAP_SETDIRECTION
+#define P_FLAG "P:"
+#else
+#define P_FLAG
+#endif
+
#ifndef WIN32
/* Drop root privileges and chroot if necessary */
static void
@@ -541,7 +550,7 @@ main(int argc, char **argv)
opterr = 0;
while (
- (op = getopt(argc, argv, "aA" B_FLAG "c:C:d" D_FLAG "eE:fF:G:i:" I_FLAG "KlLm:M:nNOpqr:Rs:StT:u" U_FLAG
"vw:W:xXy:Yz:Z:")) != -1)
+ (op = getopt(argc, argv, "aA" B_FLAG "c:C:d" D_FLAG "eE:fF:G:i:" I_FLAG "KlLm:M:nNOp" P_FLAG "qr:Rs:StT:u"
U_FLAG "vw:W:xXy:Yz:Z:")) != -1)
switch (op) {
case 'a':
@@ -741,7 +750,18 @@ main(int argc, char **argv)
case 'p':
++pflag;
break;
-
+#ifdef HAVE_PCAP_SETDIRECTION
+ case 'P':
+ if (strcasecmp(optarg, "in") == 0)
+ Pflag = PCAP_D_IN;
+ else if (strcasecmp(optarg, "out") == 0)
+ Pflag = PCAP_D_OUT;
+ else if (strcasecmp(optarg, "inout") == 0)
+ Pflag = PCAP_D_INOUT;
+ else
+ error("unknown capture direction `%s'", optarg);
+ break;
+#endif /* HAVE_PCAP_SETDIRECTION */
case 'q':
++qflag;
++suppress_default_print;
@@ -996,6 +1016,7 @@ main(int argc, char **argv)
error("%s: pcap_set_buffer_size failed: %s",
device, pcap_statustostr(status));
}
+
status = pcap_activate(pd);
if (status < 0) {
/*
@@ -1028,6 +1049,12 @@ main(int argc, char **argv)
warning("%s: %s", device,
pcap_statustostr(status));
}
+#ifdef HAVE_PCAP_SETDIRECTION
+ status = pcap_setdirection(pd, Pflag);
+ if (status != 0)
+ error("%s: pcap_set_direction failed: %s",
+ device, pcap_geterr(pd));
+#endif
#else
*ebuf = '\0';
pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf);
@@ -1697,6 +1724,10 @@ usage(void)
"\t\t[ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ]\n");
(void)fprintf(stderr,
"\t\t[ -y datalinktype ] [ -z command ] [ -Z user ]\n");
+#ifdef HAVE_PCAP_SETDIRECTION
+ (void)fprintf(stderr,
+"\t\t[ -P in|out|inout ]\n");
+#endif
(void)fprintf(stderr,
"\t\t[ expression ]\n");
exit(1);
--
1.5.6.5
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Small patch to support pcap_setdirection Thomas Jacob (Aug 25)
- [PATCH] pcap_setdirection support Thomas Jacob (Aug 25)