- Timestamp:
- 04/06/16 13:08:30 (5 years ago)
- Branches:
- 4.0.1-hotfixes, cachetimestamps, develop, dpdk-ndag, etsilive, master, ndag_format, rc-4.0.1, rc-4.0.2, rc-4.0.3, rc-4.0.4, ringdecrementfix, ringperformance, ringtimestampfixes
- Children:
- bb0a1f4
- Parents:
- 13bcf9e (diff), fd4482d (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent. - Location:
- tools/tracesplit
- Files:
-
- 2 edited
-
tracesplit.1 (modified) (2 diffs)
-
tracesplit.c (modified) (17 diffs)
Legend:
- Unmodified
- Added
- Removed
-
tools/tracesplit/tracesplit.1
r17f954f r7affaae 5 5 .B tracesplit 6 6 [ \fB-f \fRbpf | \fB--filter=\fRbpf] 7 [ \fB-j \fRnumhdrs | \fB--jump=\fRnumhdrs] 7 8 [ \fB-c \fRcount | \fB--count=\fRcount] 8 9 [ \fB-b \fRbytes | \fB--bytes=\fRbytes] … … 20 21 \fB\-f\fR bpf filter 21 22 output only packets that match tcpdump style bpf filter 23 24 .TP 25 \fB\-j\fR numhdrs 26 Strip headers before the numhdrs layer 3 header. For example, \-j1 will strip 27 off all the layer 2 headers, \-j2 will strip off all the l2 headers, the first 28 l3 header, any transport headers, and return a trace that starts at the next 29 l3 header. 22 30 23 31 .TP -
tools/tracesplit/tracesplit.c
r17f954f ra1935fa 25 25 uint64_t filescreated = 0; 26 26 uint16_t snaplen = 0; 27 int jump=0; 27 28 int verbose=0; 28 29 int compress_level=-1; … … 56 57 "-e --endtime=time End at time\n" 57 58 "-m --maxfiles=n Create a maximum of n trace files\n" 59 "-j --jump=n Jump to the nth IP header\n" 58 60 "-H --libtrace-help Print libtrace runtime documentation\n" 59 61 "-S --snaplen Snap packets at the specified length\n" … … 75 77 76 78 79 static libtrace_packet_t *perform_jump(libtrace_packet_t *packet, int jump) 80 { 81 uint16_t ethertype; 82 uint32_t remaining; 83 uint8_t ipproto; 84 void *offset = trace_get_layer3(packet, ðertype, &remaining); 85 while(jump > 0 && offset) { 86 --jump; 87 switch (ethertype) { 88 case TRACE_ETHERTYPE_IP: 89 if (jump <= 0) { 90 void *newpacket = trace_create_packet(); 91 trace_construct_packet(newpacket, 92 TRACE_TYPE_NONE, 93 offset, 94 remaining); 95 return newpacket; 96 } 97 offset = trace_get_payload_from_ip(offset, 98 &ipproto, 99 &remaining); 100 if (!offset) 101 return NULL; 102 break; 103 case TRACE_ETHERTYPE_IPV6: 104 if (jump <= 0) { 105 void *newpacket = trace_create_packet(); 106 trace_construct_packet(newpacket, 107 TRACE_TYPE_NONE, 108 offset, 109 remaining); 110 return newpacket; 111 } 112 offset = trace_get_payload_from_ip6(offset, 113 &ipproto, 114 &remaining); 115 if (!offset) 116 return NULL; 117 break; 118 /* TODO: vlan, etc */ 119 default: 120 return NULL; 121 } 122 if (!offset) 123 return false; 124 switch (ipproto) { 125 case TRACE_IPPROTO_IPV6: 126 ethertype = TRACE_ETHERTYPE_IPV6; 127 continue; 128 case TRACE_IPPROTO_IPIP: 129 ethertype = TRACE_ETHERTYPE_IP; 130 continue; 131 case TRACE_IPPROTO_GRE: 132 if (remaining < sizeof(libtrace_gre_t)) { 133 return NULL; 134 } 135 ethertype = ((libtrace_gre_t *)offset)->ethertype; 136 offset = trace_get_payload_from_gre(offset, &remaining); 137 continue; 138 case TRACE_IPPROTO_UDP: 139 offset = trace_get_vxlan_from_udp(offset, &remaining); 140 if (!offset) 141 return NULL; 142 offset = trace_get_payload_from_vxlan(offset, &remaining); 143 if (!offset) 144 return NULL; 145 offset = trace_get_payload_from_layer2(offset, 146 TRACE_TYPE_ETH, 147 ðertype, 148 &remaining); 149 if (!offset) 150 return NULL; 151 continue; 152 } 153 return NULL; 154 } 155 return NULL; 156 } 157 158 77 159 /* Return values: 78 160 * 1 = continue reading packets … … 80 162 * -1 = stop reading packets, we've got an error 81 163 */ 82 static int per_packet(libtrace_packet_t * packet) {83 84 if (trace_get_link_type( packet) == ~0U) {164 static int per_packet(libtrace_packet_t **packet) { 165 166 if (trace_get_link_type(*packet) == -1) { 85 167 fprintf(stderr, "Halted due to being unable to determine linktype - input trace may be corrupt.\n"); 86 168 return -1; … … 88 170 89 171 if (snaplen>0) { 90 trace_set_capture_length( packet,snaplen);91 } 92 93 if (trace_get_seconds( packet)<starttime) {172 trace_set_capture_length(*packet,snaplen); 173 } 174 175 if (trace_get_seconds(*packet)<starttime) { 94 176 return 1; 95 177 } 96 178 97 if (trace_get_seconds( packet)>endtime) {179 if (trace_get_seconds(*packet)>endtime) { 98 180 return 0; 99 181 } 100 182 101 183 if (firsttime==0) { 102 time_t now = trace_get_seconds( packet);184 time_t now = trace_get_seconds(*packet); 103 185 if (starttime != 0) { 104 186 firsttime=now-((now - starttime)%interval); … … 109 191 } 110 192 111 if (output && trace_get_seconds( packet)>firsttime+interval) {193 if (output && trace_get_seconds(*packet)>firsttime+interval) { 112 194 trace_destroy_output(output); 113 195 output=NULL; … … 121 203 122 204 pktcount++; 123 totbytes+=trace_get_capture_length( packet);205 totbytes+=trace_get_capture_length(*packet); 124 206 if (output && totbytes-totbyteslast>=bytes) { 125 207 trace_destroy_output(output); … … 198 280 } 199 281 200 /* Some traces we have are padded (usually with 0x00), so 282 /* Some traces we have are padded (usually with 0x00), so 201 283 * lets sort that out now and truncate them properly 202 284 */ 203 285 204 if (trace_get_capture_length(packet) 205 > trace_get_wire_length(packet)) { 206 trace_set_capture_length(packet,trace_get_wire_length(packet)); 207 } 208 209 if (trace_write_packet(output,packet)==-1) { 286 if (trace_get_capture_length(*packet) 287 > trace_get_wire_length(*packet)) { 288 trace_set_capture_length(*packet, 289 trace_get_wire_length(*packet)); 290 } 291 292 /* Support "jump"ping to the nth IP header. */ 293 if (jump) { 294 /* Skip headers */ 295 void *newpacket = perform_jump(*packet, jump); 296 if (newpacket) { 297 trace_destroy_packet(*packet); 298 *packet = newpacket; 299 } 300 else /* Skip packet */ 301 return 1; 302 } 303 304 if (trace_write_packet(output, *packet)==-1) { 210 305 trace_perror_output(output,"write_packet"); 211 306 return -1; … … 223 318 struct libtrace_packet_t *packet = trace_create_packet(); 224 319 struct sigaction sigact; 225 int i; 226 320 int i; 321 227 322 if (argc<2) { 228 323 usage(argv[0]); … … 240 335 { "endtime", 1, 0, 'e' }, 241 336 { "interval", 1, 0, 'i' }, 337 { "jump", 1, 0, 'j' }, 242 338 { "libtrace-help", 0, 0, 'H' }, 243 339 { "maxfiles", 1, 0, 'm' }, … … 249 345 }; 250 346 251 int c=getopt_long(argc, argv, " f:c:b:s:e:i:m:S:Hvz:Z:",347 int c=getopt_long(argc, argv, "j:f:c:b:s:e:i:m:S:Hvz:Z:", 252 348 long_options, &option_index); 253 349 … … 268 364 case 'i': interval=atoi(optarg); 269 365 break; 366 case 'j': jump=atoi(optarg); 367 break; 270 368 case 'm': maxfiles=atoi(optarg); 271 369 break; … … 283 381 if (compress_level<0 || compress_level>9) { 284 382 usage(argv[0]); 285 383 exit(1); 286 384 } 287 385 break; 288 386 case 'Z': 289 387 compress_type_str=optarg; 290 break; 388 break; 291 389 default: 292 390 fprintf(stderr,"Unknown option: %c\n",c); … … 321 419 compress_type = TRACE_OPTION_COMPRESSTYPE_NONE; 322 420 } else { 323 fprintf(stderr, "Unknown compression type: %s\n", 421 fprintf(stderr, "Unknown compression type: %s\n", 324 422 compress_type_str); 325 423 return 1; … … 348 446 349 447 350 input = trace_create(argv[i]); 351 448 input = trace_create(argv[i]); 449 352 450 if (trace_is_err(input)) { 353 451 trace_perror(input,"%s",argv[i]); … … 356 454 357 455 if (filter && trace_config(input, TRACE_OPTION_FILTER, filter) == 1) { 358 trace_perror(input, "Configuring filter for %s", 456 trace_perror(input, "Configuring filter for %s", 359 457 argv[i]); 360 458 return 1; … … 367 465 368 466 while (trace_read_packet(input,packet)>0) { 369 if (per_packet( packet) < 1)467 if (per_packet(&packet) < 1) 370 468 done = 1; 371 469 if (done)
Note: See TracChangeset
for help on using the changeset viewer.
