- Timestamp:
- 02/25/05 11:08:48 (16 years ago)
- Branches:
- 4.0.1-hotfixes, cachetimestamps, develop, dpdk-ndag, etsilive, getfragoff, help, libtrace4, master, ndag_format, pfring, rc-4.0.1, rc-4.0.2, rc-4.0.3, rc-4.0.4, ringdecrementfix, ringperformance, ringtimestampfixes
- Children:
- aca3ff4
- Parents:
- 68667ee
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
examples/munge/munge.c
r5959435 rb06e535 10 10 #include <string.h> 11 11 #include <pcap.h> 12 #include <time.h> 12 13 13 14 static int trace_link_type_to_dlt(libtrace_linktype_t t) … … 36 37 "-p --prefix=C.I.D.R/bits Substitute the prefix of the address\n" 37 38 "-f --filter=expr Apply a tcpdump filter\n" 39 "-b --start-time=date Show only packets after this time\n" 40 "-f --end-time=date Show only packets before this time\n" 38 41 ,argv0); 39 42 exit(0); … … 116 119 if (udp) update_in_cksum(&udp->check,old_ip,new_ip); 117 120 ip->ip_src.s_addr = new_ip; 118 fprintf(stderr,"enc'd source\n");119 121 } 120 122 … … 128 130 if (udp) update_in_cksum(&udp->check,old_ip,new_ip); 129 131 ip->ip_dst.s_addr = new_ip; 130 fprintf(stderr,"enc'ing dest %08x->%08x\n",old_ip,new_ip);131 132 } 132 133 … … 158 159 } 159 160 161 double parse_date(const char *date) 162 { 163 struct tm *parsed_time; 164 165 parsed_time=getdate(date); 166 167 if (parsed_time) { 168 return (double)mktime(parsed_time); 169 } 170 171 switch(getdate_err) { 172 case 1: 173 fprintf(stderr,"Cannot parse date: The DATEMSK environmental variable is null or undefined\n"); 174 break; 175 case 2: 176 fprintf(stderr,"The date template file '%s' cannot be opened for reading\n",getenv("DATEMSK")); 177 break; 178 case 3: 179 fprintf(stderr,"Failed to get file status information for '%s'\n",getenv("DATEMSK")); 180 break; 181 case 4: 182 fprintf(stderr,"%s: Not a regular file\n",getenv("DATEMSK")); 183 break; 184 case 5: 185 fprintf(stderr,"An error occured reading '%s'\n",getenv("DATEMSK")); 186 break; 187 case 6: 188 fprintf(stderr,"Out of memory reading '%s'\n",getenv("DATEMSK")); 189 break; 190 case 7: 191 fprintf(stderr,"Could not parse '%s'\n",date); 192 break; 193 case 8: 194 fprintf(stderr,"Invalid specification in '%s'\n",getenv("DATEMSK")); 195 break; 196 default: 197 fprintf(stderr,"Unable to parse date '%s': Unknown error\n",date); 198 } 199 exit(1); 200 } 201 160 202 int main(int argc, char *argv[]) 161 203 { … … 168 210 bool enc_source = false; 169 211 bool enc_dest = false; 212 double start_time = 0; 213 double end_time = 1e100; 170 214 pcap_t *p = NULL; 171 215 … … 181 225 { "prefix", 1, 0, 'p' }, 182 226 { "filter", 1, 0, 'f' }, 227 { "start-time", 1, 0, 'b' }, 228 { "end-time", 1, 0, 'e' }, 183 229 { NULL, 0, 0, 0 }, 184 230 }; 185 231 186 int c=getopt_long(argc, argv, "s dc:p:f:",232 int c=getopt_long(argc, argv, "sb:c:de:p:f:", 187 233 long_options, &option_index); 188 234 … … 216 262 filter=trace_bpf_setfilter(optarg); 217 263 break; 264 case 'b': /* "begin" time */ 265 start_time = parse_date(optarg); 266 break; 267 case 'e': /* "end" time */ 268 start_time = parse_date(optarg); 269 break; 218 270 default: 219 printf("unknown option: %c\n",c);271 fprintf(stderr,"unknown option: %c\n",c); 220 272 usage(argv[0]); 221 273 … … 226 278 trace_enc_init(enc_type,key); 227 279 280 fprintf(stderr,"From %f to %f\n",start_time,end_time); 281 228 282 /* Do the actual processing */ 229 283 trace = trace_create(argv[optind]); … … 236 290 struct libtrace_ip *ipptr; 237 291 int psize; 292 double ts; 238 293 if ((psize = trace_read_packet(trace, &packet)) <= 0) { 239 294 break; … … 253 308 } 254 309 310 ts = trace_get_seconds(&packet); 311 312 /* skip packets before/after the time */ 313 if (ts < start_time || ts > end_time) { 314 continue; 315 } 316 255 317 ipptr = trace_get_ip(&packet); 256 318 257 319 if (ipptr && (enc_source || enc_dest)) 258 320 encrypt_ips(ipptr,enc_source,enc_dest); 259 else260 fprintf(stderr,"No enc\n");261 321 262 322 /* TODO: Encrypt IP's in ARP packets */
Note: See TracChangeset
for help on using the changeset viewer.