diff -ru -x trafshow-2.0/libpcap* trafshow-2.0.orig/Makefile trafshow-2.0/Makefile --- trafshow-2.0.orig/Makefile Tue Jan 16 14:28:26 1996 +++ trafshow-2.0/Makefile Sun Apr 13 17:25:39 1997 @@ -3,17 +3,19 @@ # # This options intended for BSD/OS V2 -CC = shlicc2 +CC = gcc +ifndef FLAGS FLAGS = -O2 +endif DEFINE = -LIB = ../lib/libbpft.a -lcurses -ltermcap -ll +LIB = ../lib/libbpft.a -L../libpcap -lncurses -ltermcap -lpcap BINDIR = /usr/local/bin MANDIR = /usr/local/man/man1 MODE = 750 GROUP = wheel -INCLUDE = -I../include +INCLUDE = -I../include -I../linux-include -I../libpcap/linux-include -I../libpcap -I../libpcap/bpf -I/usr/include/bsd CFLAGS = $(FLAGS) $(INCLUDE) $(DEFINE) DEPFLAGS= $(INCLUDE) $(DEFINE) ARFLAGS = rc diff -ru -x trafshow-2.0/libpcap* trafshow-2.0.orig/include/interface.h trafshow-2.0/include/interface.h --- trafshow-2.0.orig/include/interface.h Fri Jun 9 19:25:48 1995 +++ trafshow-2.0/include/interface.h Sun Apr 13 17:33:18 1997 @@ -20,6 +20,7 @@ */ #include +#include #ifdef __GNUC__ #define inline __inline @@ -39,8 +40,8 @@ extern char *program_name; /* used to generate self-identifying messages */ extern int link_type; -extern unsigned long netmask; -extern unsigned long localnet; +extern bpf_u_int32 netmask; +extern bpf_u_int32 localnet; extern int snaplen; /* global pointers to beginning and end of current packet */ extern unsigned char *packetp; diff -ru -x trafshow-2.0/libpcap* trafshow-2.0.orig/lib/Makefile trafshow-2.0/lib/Makefile --- trafshow-2.0.orig/lib/Makefile Wed Jan 10 15:51:15 1996 +++ trafshow-2.0/lib/Makefile Sun Apr 13 17:25:39 1997 @@ -3,21 +3,23 @@ # LIB = libbpft.a -SRC = addrtoname.c bpf.c bpf_dump.c bpf_filter.c bpf_image.c etherent.c \ - gencode.c inet.c interfaces.c nametoaddr.c optimize.c util.c \ - version.c tcpgram.y tcplex.l -OBJ = addrtoname.o bpf.o bpf_dump.o bpf_filter.o bpf_image.o etherent.o \ - gencode.o inet.o interfaces.o nametoaddr.o optimize.o util.o \ - version.o tcpgram.o tcplex.o +#SRC = addrtoname.c bpf.c bpf_dump.c bpf_filter.c bpf_image.c etherent.c \ +# gencode.c inet.c interfaces.c nametoaddr.c optimize.c util.c \ +# version.c tcpgram.y tcplex.l +#OBJ = addrtoname.o bpf.o bpf_dump.o bpf_filter.o bpf_image.o etherent.o \ +# gencode.o inet.o interfaces.o nametoaddr.o optimize.o util.o \ +# version.o tcpgram.o tcplex.o +SRC = addrtoname.c bpf_dump.c etherent.c util.c +OBJ = $(SRC:.c=.o) -CC = gcc -FLAGS = -g -DEFINE = - -INCLUDE = -I../include -CFLAGS = $(FLAGS) $(INCLUDE) $(DEFINE) -DEPFLAGS= $(INCLUDE) $(DEFINE) -ARFLAGS = rc +#CC = gcc +#FLAGS = -g +#DEFINE = +# +#INCLUDE = -I../include +#CFLAGS = $(FLAGS) $(INCLUDE) $(DEFINE) +#DEPFLAGS= $(INCLUDE) $(DEFINE) +#ARFLAGS = rc $(LIB): $(OBJ) rm -f $(LIB) diff -ru -x trafshow-2.0/libpcap* trafshow-2.0.orig/lib/addrtoname.c trafshow-2.0/lib/addrtoname.c --- trafshow-2.0.orig/lib/addrtoname.c Fri Jan 12 12:42:37 1996 +++ trafshow-2.0/lib/addrtoname.c Sun Apr 13 17:26:02 1997 @@ -468,8 +468,10 @@ char *device; int fflag; { +#if 0 /* netmask MUST be initialized */ if (netmask == 0) /* if was not initialized */ lookup_net(device); +#endif if (fflag) { f_localnet = localnet; diff -ru -x trafshow-2.0/libpcap* trafshow-2.0.orig/trafshow/Makefile trafshow-2.0/trafshow/Makefile --- trafshow-2.0.orig/trafshow/Makefile Mon Jan 15 11:44:09 1996 +++ trafshow-2.0/trafshow/Makefile Sun Apr 13 17:25:39 1997 @@ -5,14 +5,14 @@ PROG = trafshow SRC = main.c show.c keyb.c OBJ = $(SRC:.c=.o) -LIB = ../lib/libbpft.a -lcurses -ltermcap -ll -CC = gcc -FLAGS = -g -DEFINE = - -INCLUDE = -I../include -CFLAGS = $(FLAGS) $(INCLUDE) $(DEFINE) -DEPFLAGS= $(INCLUDE) $(DEFINE) +#LIB = ../lib/libbpft.a -lcurses -ltermcap -ll +#CC = gcc +#FLAGS = -g +#DEFINE = +# +#INCLUDE = -I../include +#CFLAGS = $(FLAGS) $(INCLUDE) $(DEFINE) +#DEPFLAGS= $(INCLUDE) $(DEFINE) $(PROG): $(OBJ) $(CC) $(OBJ) $(LIB) -o $(PROG) diff -ru -x trafshow-2.0/libpcap* trafshow-2.0.orig/trafshow/main.c trafshow-2.0/trafshow/main.c --- trafshow-2.0.orig/trafshow/main.c Mon Jan 15 17:10:42 1996 +++ trafshow-2.0/trafshow/main.c Sun Apr 13 17:37:29 1997 @@ -11,6 +11,8 @@ * THIS SOFTWARE IS PROVIDED ``AS IS'' WITHOUT ANY WARRANTIES OF ANY KIND. */ +char *version = "2.0s"; + #include #include #include @@ -37,20 +39,24 @@ int scr_interval = DEFAULT_SCR; /* screen refresh interval in seconds */ int snaplen = DEFAULT_SNAPLEN; /* length of saved portion of packet */ +bpf_u_int32 localnet, netmask; + void main(argc, argv) int argc; char **argv; { - struct bpf_program *parse(); - void bpf_dump(), usage(), onterm(), onalarm(); - - int op, cnt = -1, fflag = 0, if_fd = -1; - struct bpf_program *fcode; - char *infile = 0; + int op, cnt = -1, fflag = 0; + struct bpf_program fcode; + char *infile = NULL; char *cmdbuf; extern char *optarg; extern int optind, opterr; + char errbuf[PCAP_ERRBUF_SIZE]; + pcap_t *pcap; + void usage(), onterm(), onalarm(); + void show_callback(u_char *, const struct pcap_pkthdr *, + const u_char *); program_name = stripdir(argv[0]); @@ -101,25 +107,55 @@ } /* Find network interface */ - if (device_name == 0) - if ((device_name = getenv("IFF_LISTEN")) == NULL) - if ((device_name = lookup_device()) == 0) - error("can't find any interfaces"); - - /* Attach bpf interface to the network interface */ - if_fd = bpf_init(device_name, pflag); + if (device_name == NULL) { + device_name = pcap_lookupdev(errbuf); + if (device_name == NULL) { + fputs(errbuf, stderr); + exit(10); + } + } - if (infile) + if (infile != NULL) { + pcap = pcap_open_offline(infile, errbuf); + localnet = 0; + netmask = 0; + if (fflag != 0) { + fputs("-f and -r options are incompatible", stderr); + exit(14); + } + }else { + pcap = pcap_open_live(device_name, snaplen, !pflag, 1000, errbuf); + } + if (pcap == NULL) { + fputs(errbuf, stderr); + exit(11); + } + if (pcap_lookupnet(device_name, &localnet, &netmask, errbuf) < 0) { + fputs(errbuf, stderr); + exit(12); + } + + if (infile != NULL) cmdbuf = read_infile(infile); else cmdbuf = copy_argv(&argv[optind]); - fcode = parse(cmdbuf, Oflag); + if (pcap_compile(pcap, &fcode, cmdbuf, Oflag, netmask) < 0) { + fputs(pcap_geterr(pcap), stderr); + exit(13); + } + init_addrtoname(device_name, fflag); + if (dflag) { - bpf_dump(fcode, dflag); + bpf_dump(&fcode, dflag); exit(0); } + if (pcap_setfilter(pcap, &fcode) < 0) { + fputs(pcap_geterr(pcap), stderr); + exit(15); + } + initterm(); signal(SIGHUP, onterm); signal(SIGINT, onterm); @@ -128,7 +164,8 @@ signal(SIGTSTP, SIG_IGN); signal(SIGALRM, onalarm); traf_init(fflag); - bpf_readloop(cnt, if_fd, fcode); + if (pcap_loop(pcap, cnt, &show_callback, NULL) < 0) + pcap_perror(pcap, argv[0]); onterm(); } @@ -161,7 +198,7 @@ { puts(NICECOLOR); COLS = 80; - if (initscr() == ERR) exit(1); + initscr(); if (LINES < 20) { addstr("Must more LINES on term"); onterm(); @@ -189,8 +226,6 @@ void usage() { - extern char version[]; - fprintf(stderr, "trafshow v%s - full screen show network traffic\n", version); fprintf(stderr, "Usage: %s [-dfknNOp -c num -i name -r sec -t sec] [-F file | expr]\n\ diff -ru -x trafshow-2.0/libpcap* trafshow-2.0.orig/trafshow/show.c trafshow-2.0/trafshow/show.c --- trafshow-2.0.orig/trafshow/show.c Mon Jan 15 17:00:25 1996 +++ trafshow-2.0/trafshow/show.c Sun Apr 13 17:25:39 1997 @@ -27,7 +27,9 @@ #include #include #include +#include +#include #include "addrtoname.h" #include "trafshow.h" @@ -56,6 +58,8 @@ int page_size; int l_nflag; +u_char *snapend; + extern void onterm(); traf_init(fflag) @@ -361,6 +365,20 @@ return; } + + +void show_callback(u_char *dummy, const struct pcap_pkthdr *pkt, + const u_char *data) +{ + const struct ether_header *p; + if (pkt->caplen < sizeof(struct ether_header)) return; + p = (struct ether_header *)data; + snapend = (u_char *) (data + pkt->caplen); + if (ntohs(p->ether_type) != ETHERTYPE_IP) return; + processing_ip((struct ip *) (data + sizeof(struct ether_header)), + pkt->len - sizeof(struct ether_header)); +} + int inputchar()