Changeset 1974620
- Timestamp:
- 08/25/05 20:01:13 (15 years ago)
- Branches:
- 4.0.1-hotfixes, cachetimestamps, develop, dpdk-ndag, etsilive, getfragoff, help, libtrace4, master, ndag_format, pfring, rc-4.0.1, rc-4.0.2, rc-4.0.3, rc-4.0.4, ringdecrementfix, ringperformance, ringtimestampfixes
- Children:
- b5cd711
- Parents:
- 3073c04
- Files:
-
- 9 edited
-
ChangeLog (modified) (1 diff)
-
examples/munge/Makefile (modified) (1 diff)
-
examples/munge/munge.c (modified) (4 diffs)
-
lib/format_erf.c (modified) (13 diffs)
-
lib/format_pcap.c (modified) (9 diffs)
-
lib/format_template.c (modified) (1 diff)
-
lib/format_wag.c (modified) (1 diff)
-
lib/libtrace_int.h (modified) (3 diffs)
-
lib/trace.c (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
ChangeLog
r3073c04 r1974620 32 32 * byte-ordering fixups for WAG 33 33 * writer functions for pcap and wag 34 * fix of writer functions for erf 35 * format conversion into pcap and erf formats 36 * format conversion only applies if input not already in the right 37 format 34 38 35 39 - Version 2.0.19 -
examples/munge/Makefile
r05e83dc r1974620 1 CFLAGS=-W -Wall -g -I/usr/local/include 1 prefix=/usr/include 2 3 CFLAGS=-W -Wall -g -I$(prefix)/include 2 4 LDLIBS=-ltrace lib/libtrace_enc.a 3 LDFLAGS=-L /tmp/lib5 LDFLAGS=-L$(prefix)/lib -L/tmp/lib 4 6 5 7 all: munge -
examples/munge/munge.c
raca3ff4 r1974620 12 12 #include <time.h> 13 13 14 static int trace_link_type_to_dlt(libtrace_linktype_t t)15 {16 static int table[] = {17 -1, /* LEGACY */18 -1, /* HDLC over POS */19 DLT_EN10MB, /* Ethernet */20 -1, /* ATM */21 DLT_IEEE802_11, /* 802.11 */22 };23 if (t>sizeof(table)/sizeof(*table)) {24 return -1;25 }26 return table[t];27 }28 14 29 15 void usage(char *argv0) 30 16 { 31 17 fprintf(stderr,"Usage:\n" 32 "%s flags inputfile >outputfile\n"18 "%s flags inputfile outputfile\n" 33 19 "-s --encrypt-source Encrypt the source addresses\n" 34 20 "-d --encrypt-dest Encrypt the destination addresses\n" … … 144 130 } 145 131 146 struct libtrace_write_t {147 pcap_dumper_t *pcap;148 };149 150 void trace_write(struct libtrace_write_t *hdl,struct libtrace_packet_t *pkt)151 {152 struct pcap_pkthdr pcap_pkt_hdr;153 void *link = trace_get_link(pkt);154 155 pcap_pkt_hdr.ts=trace_get_timeval(pkt);156 pcap_pkt_hdr.caplen = trace_get_capture_length(pkt);157 pcap_pkt_hdr.len = trace_get_wire_length(pkt);158 pcap_dump((u_char*)hdl->pcap, &pcap_pkt_hdr, link);159 }160 161 132 double parse_date(const char *date) 162 133 { … … 205 176 char *key = NULL; 206 177 struct libtrace_filter_t *filter = NULL; 207 struct libtrace_t *trace ;178 struct libtrace_t *trace = 0; 208 179 struct libtrace_packet_t packet; 209 struct libtrace_ write_t writer;180 struct libtrace_out_t *writer = 0; 210 181 bool enc_source = false; 211 182 bool enc_dest = false; 212 183 double start_time = 0; 213 184 double end_time = 1e100; 214 pcap_t *p = NULL;185 char *output = 0; 215 186 216 187 if (argc<2) … … 278 249 trace_enc_init(enc_type,key); 279 250 280 p = NULL; 281 282 while(optind<argc) { 283 /* Do the actual processing */ 284 trace = trace_create(argv[optind]); 285 if (!trace) { 286 fprintf(stderr,"Cannot open %s\n",argv[optind]); 287 return 1; 288 } 289 for(;;) { 290 struct libtrace_ip *ipptr; 291 int psize; 292 double ts; 293 if ((psize = trace_read_packet(trace, &packet)) <= 0) { 294 break; 295 } 296 if (!p) { 297 p=pcap_open_dead( 298 trace_link_type_to_dlt( 299 trace_get_link_type(&packet)), 300 65536); 301 writer.pcap = pcap_dump_open(p,"-"); 302 fflush((FILE *)writer.pcap); 303 } 304 305 /* Skip packets that don't match the filter */ 306 if (filter && !trace_bpf_filter(filter,&packet)) { 307 continue; 308 } 309 310 ts = trace_get_seconds(&packet); 311 312 /* skip packets before/after the time */ 313 if (ts < start_time || ts > end_time) { 314 continue; 315 } 316 317 ipptr = trace_get_ip(&packet); 318 319 if (ipptr && (enc_source || enc_dest)) 320 encrypt_ips(ipptr,enc_source,enc_dest); 321 322 /* TODO: Encrypt IP's in ARP packets */ 323 324 trace_write(&writer,&packet); 325 } 326 optind++; 251 // open input uri 252 trace = trace_create(argv[optind]); 253 if (!trace) { 254 fprintf(stderr,"Cannot open %s\n",argv[optind]); 255 trace_perror(argv[optind]); 256 return 1; 257 } 258 259 if (optind == argc) { 260 // no output specified, output in same format to stdout 261 asprintf(&output,"%s:-","erf"); 262 writer = trace_output_create(output); 263 } else { 264 writer = trace_output_create(argv[optind +1]); 265 } 266 if (!writer) { 267 trace_perror("trace_output_create"); 268 return 1; 269 } 270 271 272 for(;;) { 273 struct libtrace_ip *ipptr; 274 int psize; 275 double ts; 276 if ((psize = trace_read_packet(trace, &packet)) <= 0) { 277 break; 278 } 279 280 /* Skip packets that don't match the filter */ 281 if (filter && !trace_bpf_filter(filter,&packet)) { 282 continue; 283 } 284 285 ts = trace_get_seconds(&packet); 286 287 /* skip packets before/after the time */ 288 if (ts < start_time || ts > end_time) { 289 continue; 290 } 291 292 ipptr = trace_get_ip(&packet); 293 294 if (ipptr && (enc_source || enc_dest)) 295 encrypt_ips(ipptr,enc_source,enc_dest); 296 297 /* TODO: Encrypt IP's in ARP packets */ 298 299 trace_write_packet(writer,&packet); 327 300 } 328 301 return 0; -
lib/format_erf.c
r3073c04 r1974620 64 64 #endif 65 65 66 static struct libtrace_format_t *erf_ptr = 0; 67 static struct libtrace_format_t *rtclient_ptr = 0; 68 #if HAVE_DAG 69 static struct libtrace_format_t *dag_ptr = 0; 70 #endif 71 66 72 #define CONNINFO libtrace->format_data->conn_info 67 73 #define INPUT libtrace->format_data->input 68 74 #define OUTPUT libtrace->format_data->output 75 #if HAVE_DAG 69 76 #define DAG libtrace->format_data->dag 77 #endif 70 78 #define OPTIONS libtrace->format_data->options 71 79 struct libtrace_format_data_t { 72 80 union { 73 /** Information about rtclients */74 81 struct { 75 82 char *hostname; 76 83 short port; 77 84 } rt; 78 char *path; /**< information for local sockets */85 char *path; 79 86 } conn_info; 80 /** Information about the current state of the input device */ 81 87 88 union { 82 89 int fd; 83 90 #if HAVE_ZLIB … … 88 95 } input; 89 96 97 #if HAVE_DAG 90 98 struct { 91 99 void *buf; … … 96 104 unsigned offset; 97 105 } dag; 106 #endif 98 107 }; 99 108 … … 452 461 int rlen; 453 462 454 if ( libtrace->dag.diff == 0) {463 if (DAG.diff == 0) { 455 464 if ((numbytes = dag_read(libtrace,buf,RP_BUFSIZE)) <= 0) 456 465 return numbytes; … … 458 467 459 468 //DAG always gives us whole packets 460 erfptr = (dag_record_t *) ((void *) libtrace->dag.buf +461 ( libtrace->dag.bottom + libtrace->dag.offset));469 erfptr = (dag_record_t *) ((void *)DAG.buf + 470 (DAG.bottom + DAG.offset)); 462 471 size = ntohs(erfptr->rlen); 463 472 … … 471 480 472 481 packet->size = size; 473 libtrace->dag.offset += size;474 libtrace->dag.diff -= size;475 476 assert( libtrace->dag.diff >= 0);482 DAG.offset += size; 483 DAG.diff -= size; 484 485 assert(DAG.diff >= 0); 477 486 478 487 return (size); … … 606 615 } 607 616 617 static int erf_dump_packet(struct libtrace_out_t *libtrace, dag_record_t *erfptr, void *buffer, size_t size) { 618 int numbytes = 0; 619 #if HAVE_ZLIB 620 if ((numbytes = gzwrite(OUTPUT.file, erfptr, sizeof(dag_record_t))) == 0) { 621 perror("gzwrite"); 622 return -1; 623 } 624 if ((numbytes = gzwrite(OUTPUT.file, buffer, size)) == 0) { 625 perror("gzwrite"); 626 return -1; 627 } 628 #else 629 if ((numbytes = write(OUTPUT.file, erfptr, sizeof(dag_record_t))) == 0) { 630 perror("write"); 631 return -1; 632 } 633 if ((numbytes = write(OUTPUT.file, buffer, size)) == 0) { 634 perror("write"); 635 return -1; 636 } 637 #endif 638 return numbytes + sizeof(dag_record_t); 639 640 } 641 608 642 static int erf_write_packet(struct libtrace_out_t *libtrace, struct libtrace_packet_t *packet) { 609 643 int numbytes = 0; 610 #if HAVE_ZLIB 611 if ((numbytes = gzwrite(OUTPUT.file, packet->buffer, packet->size)) == 0) { 612 perror("gzwrite"); 613 return -1; 614 } 615 #else 616 if ((numbytes = write(OUTPUT.file, packet->buffer, packet->size)) == 0) { 617 perror("write"); 618 return -1; 619 } 620 #endif 644 dag_record_t erfhdr; 645 void *payload = (void *)trace_get_link(packet); 646 647 if (packet->trace->format == erf_ptr 648 #if HAVE_DAG 649 || packet->trace->format == dag_ptr 650 #endif 651 ) { 652 numbytes = erf_dump_packet(libtrace, 653 (dag_record_t *)packet->buffer, 654 payload, 655 packet->size - 656 sizeof(dag_record_t)); 657 } else { 658 // convert format - build up a new erf header 659 // Timestamp 660 erfhdr.ts = trace_get_erf_timestamp(packet); 661 // Link type 662 switch(trace_get_link_type(packet)) { 663 case TRACE_TYPE_ETH: 664 erfhdr.type=TYPE_ETH; break; 665 case TRACE_TYPE_ATM: 666 erfhdr.type=TYPE_ATM; break; 667 default: 668 erfhdr.type=0; 669 } 670 // Flags. Can't do this 671 memset(&erfhdr.flags,1,1); 672 // Packet length 673 erfhdr.rlen = trace_get_capture_length(packet); 674 // loss counter. Can't do this 675 erfhdr.lctr = 0; 676 // Wire length 677 erfhdr.wlen = trace_get_wire_length(packet); 678 679 // Write it out 680 numbytes = erf_dump_packet(libtrace, 681 &erfhdr, 682 payload, 683 erfhdr.rlen); 684 } 621 685 return numbytes; 622 686 } … … 751 815 } 752 816 817 #if HAVE_DAG 753 818 static void dag_help() { 754 819 printf("dag format module: $Revision$\n"); … … 761 826 printf("\tnone\n"); 762 827 printf("\n"); 763 764 } 828 } 829 #endif 830 765 831 766 832 static void erf_help() { … … 812 878 "erf", 813 879 "$Id$", 880 "erf", 814 881 erf_init_input, /* init_input */ 815 882 erf_init_output, /* init_output */ … … 838 905 "dag", 839 906 "$Id$", 907 "erf", 840 908 dag_init_input, /* init_input */ 841 909 NULL, /* init_output */ … … 864 932 "rtclient", 865 933 "$Id$", 934 "erf", 866 935 rtclient_init_input, /* init_input */ 867 936 rtclient_init_output, /* init_output */ … … 887 956 888 957 void __attribute__((constructor)) erf_constructor() { 889 register_format(&erf); 958 erf_ptr = &erf; 959 register_format(erf_ptr); 890 960 #ifdef HAVE_DAG 891 register_format(&dag); 892 #endif 893 register_format(&rtclient); 894 } 961 dag_ptr = &dag; 962 register_format(dag_ptr); 963 #endif 964 rtclient_ptr = &rtclient; 965 register_format(rtclient_ptr); 966 } -
lib/format_pcap.c
r3073c04 r1974620 87 87 char *interface; 88 88 } conn_info; 89 struct { 90 pcap_t *pcap; 91 pcap_dumper_t *dump; 89 union { 90 struct { 91 pcap_t *pcap; 92 pcap_dumper_t *dump; 93 } trace; 94 92 95 } output; 93 96 }; … … 159 162 malloc(sizeof(struct libtrace_format_data_out_t)); 160 163 CONNINFO.path = libtrace->uridata; 161 OUTPUT.pcap = NULL; 162 OUTPUT.dump = NULL; 164 OUTPUT.trace.pcap = NULL; 165 OUTPUT.trace.dump = NULL; 166 return 1; 163 167 } 164 168 … … 181 185 } 182 186 187 static int pcapint_init_output(struct libtrace_out_t *libtrace) { 188 return -1; 189 } 190 183 191 static int pcap_fin_input(struct libtrace_t *libtrace) { 184 192 pcap_close(INPUT.pcap); … … 188 196 189 197 static int pcap_fin_output(struct libtrace_out_t *libtrace) { 190 pcap_dump_flush(OUTPUT. dump);191 pcap_dump_close(OUTPUT. dump);198 pcap_dump_flush(OUTPUT.trace.dump); 199 pcap_dump_close(OUTPUT.trace.dump); 192 200 return 0; 201 } 202 203 static int pcapint_fin_output(struct libtrace_out_t *libtrace) { 204 return -1; 193 205 } 194 206 … … 224 236 void *link = trace_get_link(packet); 225 237 226 if (!OUTPUT. pcap) {227 OUTPUT. pcap = pcap_open_dead(238 if (!OUTPUT.trace.pcap) { 239 OUTPUT.trace.pcap = pcap_open_dead( 228 240 linktype_to_dlt(trace_get_link_type(packet)), 229 241 65536); 230 OUTPUT. dump = pcap_dump_open(OUTPUT.pcap,CONNINFO.path);231 fflush((FILE *)OUTPUT. dump);242 OUTPUT.trace.dump = pcap_dump_open(OUTPUT.trace.pcap,CONNINFO.path); 243 fflush((FILE *)OUTPUT.trace.dump); 232 244 } 233 245 if (packet->trace->format == pcap_ptr || … … 236 248 // this is a pcap trace anyway 237 249 238 pcap_dump((u_char*)OUTPUT. dump,(struct pcap_pkthdr *)packet->buffer,link);250 pcap_dump((u_char*)OUTPUT.trace.dump,(struct pcap_pkthdr *)packet->buffer,link); 239 251 } else { 240 252 pcap_pkt_hdr.ts = trace_get_timeval(packet); … … 242 254 pcap_pkt_hdr.len = trace_get_wire_length(packet); 243 255 244 pcap_dump((u_char*)OUTPUT. pcap, &pcap_pkt_hdr, link);256 pcap_dump((u_char*)OUTPUT.trace.dump, &pcap_pkt_hdr, link); 245 257 } 246 258 return 0; 259 } 260 261 static int pcapint_write_packet(struct libtrace_out_t *libtrace, struct libtrace_packet_t *packet) { 262 void *link = trace_get_link(packet); 263 247 264 } 248 265 … … 393 410 "pcap", 394 411 "$Id$", 412 "pcap", 395 413 pcap_init_input, /* init_input */ 396 414 pcap_init_output, /* init_output */ … … 418 436 "pcapint", 419 437 "$Id$", 438 "pcap", 420 439 pcapint_init_input, /* init_input */ 421 NULL,/* init_output */440 pcapint_init_output, /* init_output */ 422 441 NULL, /* config_output */ 423 442 pcap_fin_input, /* fin_input */ 424 NULL,/* fin_output */443 pcapint_fin_output, /* fin_output */ 425 444 pcap_read_packet, /* read_packet */ 426 NULL,/* write_packet */445 pcapint_write_packet, /* write_packet */ 427 446 pcap_get_link, /* get_link */ 428 447 pcap_get_link_type, /* get_link_type */ -
lib/format_template.c
rffc8c8d r1974620 124 124 "template", 125 125 "$Id$", 126 "template", 126 127 template_init_input, /* init_input */ 127 128 template_init_output, /* init_output */ -
lib/format_wag.c
r3073c04 r1974620 444 444 "wag", 445 445 "$Id$", 446 "wag", 446 447 wag_init_input, /* init_input */ 447 448 wag_init_output, /* init_output */ -
lib/libtrace_int.h
rffc8c8d r1974620 153 153 char *name; 154 154 char *version; 155 char *type; 155 156 int (*init_input)(struct libtrace_t *libtrace); 156 157 int (*init_output)(struct libtrace_out_t *libtrace); … … 158 159 int (*fin_input)(struct libtrace_t *libtrace); 159 160 int (*fin_output)(struct libtrace_out_t *libtrace); 160 // int (*read)(struct libtrace_t *libtrace, void *buffer, size_t len);161 161 int (*read_packet)(struct libtrace_t *libtrace, struct libtrace_packet_t *packet); 162 162 int (*write_packet)(struct libtrace_out_t *libtrace, struct libtrace_packet_t *packet); … … 170 170 int (*get_capture_length)(const struct libtrace_packet_t *packet); 171 171 int (*get_wire_length)(const struct libtrace_packet_t *packet); 172 size_t (*truncate_packet)( conststruct libtrace_packet_t *packet,size_t size);172 size_t (*truncate_packet)(struct libtrace_packet_t *packet,size_t size); 173 173 int (*get_fd)(struct libtrace_packet_t *packet); 174 174 struct libtrace_eventobj_t (*trace_event)(struct libtrace_t *trace, struct libtrace_packet_t *packet); -
lib/trace.c
re01bfa8 r1974620 794 794 // seconds -> timestamp 795 795 seconds = packet->trace->format->get_seconds(packet); 796 timestamp = (( (uint32_t)seconds) << 32) + \796 timestamp = ((uint64_t)((uint32_t)seconds) << 32) + \ 797 797 (( seconds - (uint32_t)seconds ) * UINT_MAX); 798 798 }
Note: See TracChangeset
for help on using the changeset viewer.
