Skip to content

Commit 4f3d0d2

Browse files
committed
src/mgdump: use pcap format
1 parent 2380da6 commit 4f3d0d2

File tree

2 files changed

+56
-121
lines changed

2 files changed

+56
-121
lines changed

src/mgdump/mgdump.c

Lines changed: 35 additions & 76 deletions
Original file line numberDiff line numberDiff line change
@@ -7,80 +7,46 @@ static int caught_signal = 0;
77
// .packet_count = 0,
88
//};
99

10-
// SHB
11-
#define BT_SHB 0x0A0D0D0A
12-
#define BYTE_ORDER_MAGIC 0x1A2B3C4D
13-
#define PCAP_NG_VERSION_MAJOR 1
14-
#define PCAP_NG_VERSION_MINOR 0
15-
static struct section_header_block pcapng_shb_hdr = {
16-
.block_type = BT_SHB,
17-
.total_length1 = sizeof(struct section_header_block),
18-
.byte_order_magic = BYTE_ORDER_MAGIC,
19-
.major_version = PCAP_NG_VERSION_MAJOR,
20-
.minor_version = PCAP_NG_VERSION_MINOR,
21-
.section_length = 0xffffffffffffffff,
22-
.total_length2 = sizeof(struct section_header_block),
10+
// pcap global header
11+
#define PCAP_MAGIC (0xa1b2c3d4)
12+
#define PCAP_MAGIC_NS (0xa1b23c4d)
13+
#define PCAP_VERSION_MAJOR (0x2)
14+
#define PCAP_VERSION_MINOR (0x4)
15+
#define PCAP_SNAPLEN (0xFFFF)
16+
#define PCAP_NETWORK (0x1) // linktype_ethernet
17+
static struct pcap_hdr_s pcap_ghdr = {
18+
.magic_number = PCAP_MAGIC_NS,
19+
.version_major = PCAP_VERSION_MAJOR,
20+
.version_minor = PCAP_VERSION_MINOR,
21+
.thiszone = 0,
22+
.sigfigs = 0,
23+
.snaplen = PCAP_SNAPLEN,
24+
.network = PCAP_NETWORK,
2325
};
2426

25-
// IDB
26-
#define BT_IDB 0x00000001
27-
#define IF_TSRESOL 9 /* interface's time stamp resolution */
28-
#define IF_FCSLEN 13 /* FCS length for this interface */
29-
static struct interface_description_block pcapng_idb_hdr = {
30-
.block_type = BT_IDB,
31-
.total_length1 = sizeof(struct interface_description_block),
32-
.linktype = 0x01,
33-
.reserved = 0,
34-
.snaplen = 0xffff,
35-
.option_code_fcslen = IF_FCSLEN,
36-
.option_length_fcslen = 1,
37-
.option_value_fcslen = 4,
38-
.option_code_tsresol = IF_TSRESOL,
39-
.option_length_tsresol = 1,
40-
.option_value_tsresol = 9,
41-
.option_code_pad = 0,
42-
.option_length_pad = 0,
43-
.total_length2 = sizeof(struct interface_description_block),
44-
};
45-
46-
47-
static inline int pcapng_epb_memcpy(char *po, char *pi, int pktlen, uint64_t ts)
27+
#define _NSEC_PER_SEC 1000000000
28+
static inline int pcap_memcpy(char *po, char *pi, int pktlen, uint64_t ts)
4829
{
49-
size_t epb_head_size = sizeof(struct enhanced_packet_block_head);
50-
size_t epb_tail_size = sizeof(struct enhanced_packet_block_tail);
51-
struct enhanced_packet_block_head epb_head;
52-
struct enhanced_packet_block_tail epb_tail;
53-
uint32_t epb_len, pad;
30+
struct pcaprec_hdr_s pcaprec = {0};
5431
int copy_len;
5532

5633
copy_len = (pktlen > 96) ? 96 : pktlen;
5734

58-
pad = 4 - (copy_len % 4);
59-
if (pad == 4)
60-
pad = 0;
61-
62-
epb_len = epb_head_size + epb_tail_size + copy_len + pad;
63-
64-
//printf("epb_len=%d, snaplen=%d, pktlen=%d, copy_len=%d\n", epb_len, MGC_SNAPLEN, pktlen, copy_len);
65-
//printf("pad=%d, epb_head_size=%d, epb_tail_size=%d\n", pad, (int)epb_head_size, (int)epb_tail_size);
66-
67-
// epb_head
68-
epb_head.block_type = BT_EPB;
69-
epb_head.total_length = epb_len;
70-
epb_head.interface_id = 0;
71-
epb_head.timestamp_high = (uint32_t)(ts >> 32);
72-
epb_head.timestamp_low = (uint32_t)(ts & 0xFFFFFFFF);
73-
epb_head.caplen = copy_len;
74-
epb_head.origlen = pktlen;
75-
76-
// epb_tail
77-
epb_tail.total_length = epb_len;
35+
// pcaprec header
36+
if (ts == 0) {
37+
pcaprec.ts_sec = 0;
38+
pcaprec.ts_nsec = 0;
39+
} else {
40+
pcaprec.ts_sec = (unsigned int)(ts / _NSEC_PER_SEC);
41+
pcaprec.ts_nsec = (unsigned int)(ts % _NSEC_PER_SEC);
42+
}
43+
pcaprec.incl_len = copy_len;
44+
pcaprec.orig_len = pktlen;
7845

79-
memcpy(po, &epb_head, epb_head_size);
80-
memcpy((po + epb_head_size), (pi + MGC_HDRLEN), (size_t)copy_len);
81-
memcpy((po + epb_head_size + (size_t)copy_len), &epb_tail, epb_tail_size);
46+
memcpy(po, &pcaprec, sizeof(struct pcaprec_hdr_s));
47+
memcpy((po + sizeof(struct pcaprec_hdr_s)), (pi + MGC_HDRLEN), (size_t)copy_len);
8248

83-
return epb_len;
49+
return (sizeof(struct pcaprec_hdr_s) + copy_len);
8450
}
8551

8652

@@ -155,16 +121,9 @@ void *rx_thread(void *arg)
155121
}
156122

157123
// dump BT_SHB to pcap file
158-
count = write(fdo, &pcapng_shb_hdr, sizeof(struct section_header_block));
159-
if (count != sizeof(struct section_header_block)) {
160-
fprintf(stderr, "cannot write output file: BT_SHB\n");
161-
return NULL;
162-
}
163-
164-
// dump BT_IDB to pcap file
165-
count = write(fdo, &pcapng_idb_hdr, sizeof(struct interface_description_block));
166-
if (count != sizeof(struct interface_description_block)) {
167-
fprintf(stderr, "cannot write output file: BT_IDB\n");
124+
count = write(fdo, &pcap_ghdr, sizeof(struct pcap_hdr_s));
125+
if (count != sizeof(struct pcap_hdr_s)) {
126+
fprintf(stderr, "cannot write output file: pcap_hdr_s\n");
168127
return NULL;
169128
}
170129

@@ -198,7 +157,7 @@ void *rx_thread(void *arg)
198157
printf("format size: pktlen %X\n", pktlen);
199158
break;
200159
}
201-
copy_len = pcapng_epb_memcpy(po, pi, pktlen, tstamp);
160+
copy_len = pcap_memcpy(po, pi, pktlen, tstamp);
202161
pi += MGC_SLOTLEN;
203162
po += copy_len;
204163
copy_sum += copy_len;

src/mgdump/mgdump.h

Lines changed: 21 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -20,55 +20,31 @@
2020
#define MGC_SLOTLEN 128
2121
#define INTERVAL_100USEC 100
2222

23-
/* PCAP-NG header
24-
* from https://github.com/the-tcpdump-group/libpcap */
25-
26-
/* Section Header Block. */
27-
struct section_header_block {
28-
uint32_t block_type;
29-
uint32_t total_length1;
30-
uint32_t byte_order_magic;
31-
uint16_t major_version;
32-
uint16_t minor_version;
33-
uint64_t section_length;
34-
uint32_t total_length2;
35-
} __attribute__((packed));
36-
37-
/* Interface Description Block. */
38-
struct interface_description_block {
39-
uint32_t block_type;
40-
uint32_t total_length1;
41-
uint16_t linktype;
42-
uint16_t reserved;
43-
uint32_t snaplen;
44-
uint16_t option_code_fcslen;
45-
uint16_t option_length_fcslen;
46-
uint32_t option_value_fcslen;
47-
uint16_t option_code_tsresol;
48-
uint16_t option_length_tsresol;
49-
uint32_t option_value_tsresol;
50-
uint16_t option_code_pad;
51-
uint16_t option_length_pad;
52-
uint32_t total_length2;
23+
/* PCAP header
24+
* from https://wiki.wireshark.org/Development/LibpcapFileFormat */
25+
26+
/* pcap v2.4 global header */
27+
struct pcap_hdr_s {
28+
unsigned int magic_number; /* magic number */
29+
unsigned short version_major; /* major version number */
30+
unsigned short version_minor; /* minor version number */
31+
int thiszone; /* GMT to local correction */
32+
unsigned int sigfigs; /* accuracy of timestamps */
33+
unsigned int snaplen; /* max length of captured packets, in octets */
34+
unsigned int network; /* data link type */
5335
} __attribute__((packed));
5436

55-
/* Enhanced Packet Block. */
56-
#define BT_EPB 0x00000006
57-
struct enhanced_packet_block_head {
58-
uint32_t block_type;
59-
uint32_t total_length;
60-
uint32_t interface_id;
61-
uint32_t timestamp_high;
62-
uint32_t timestamp_low;
63-
uint32_t caplen;
64-
uint32_t origlen;
65-
/* followed by packet data, options, and trailer */
37+
/* pcap v2.4 packet header */
38+
struct pcaprec_hdr_s {
39+
unsigned int ts_sec; /* timestamp seconds */
40+
union {
41+
unsigned int ts_usec; /* timestamp microseconds */
42+
unsigned int ts_nsec; /* timestamp nanoseconds */
43+
};
44+
unsigned int incl_len; /* number of octets of packet saved in file */
45+
unsigned int orig_len; /* actual length of packet */
6646
} __attribute__((packed));
6747

68-
struct enhanced_packet_block_tail {
69-
uint32_t total_length;
70-
};
71-
7248
struct mgdump_statistics {
7349
uint32_t packet_count;
7450
};

0 commit comments

Comments
 (0)