ngrep: update to git version from 2019
This commit is contained in:
parent
b169069d47
commit
0b687c88b1
@ -1,14 +1,13 @@
|
||||
# $OpenBSD: Makefile,v 1.39 2019/07/12 20:48:34 sthen Exp $
|
||||
# $OpenBSD: Makefile,v 1.40 2021/02/17 12:57:58 sthen Exp $
|
||||
|
||||
COMMENT= network grep
|
||||
|
||||
DISTNAME= ngrep-1.45
|
||||
REVISION= 5
|
||||
CATEGORIES= net
|
||||
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ngrep/}
|
||||
EXTRACT_SUFX= .tar.bz2
|
||||
GH_ACCOUNT= jpr5
|
||||
GH_PROJECT= ngrep
|
||||
GH_COMMIT= 2a9603bc67dface9606a658da45e1f5c65170444
|
||||
DISTNAME= ngrep-1.47.20190128
|
||||
|
||||
HOMEPAGE= http://ngrep.sourceforge.net/
|
||||
CATEGORIES= net
|
||||
|
||||
# custom BSD-like
|
||||
PERMIT_PACKAGE= Yes
|
||||
@ -19,7 +18,7 @@ LIB_DEPENDS= devel/pcre
|
||||
NO_TEST= Yes
|
||||
|
||||
USE_GMAKE= Yes
|
||||
AUTOCONF_VERSION= 2.60
|
||||
AUTOCONF_VERSION= 2.69
|
||||
CONFIGURE_STYLE= autoconf no-autoheader
|
||||
CONFIGURE_ARGS+= --enable-ipv6 \
|
||||
--enable-pcre \
|
||||
|
@ -1,2 +1,2 @@
|
||||
SHA256 (ngrep-1.45.tar.bz2) = rqbdM32oeBhHx1s7W4duTenFhSDg13MQZ5qXn8ZAL6c=
|
||||
SIZE (ngrep-1.45.tar.bz2) = 463361
|
||||
SHA256 (ngrep-1.47.20190128-2a9603bc.tar.gz) = UAwpkU3Sb1qm3wdEY4jUm2AkliLJsP0fJm9ipXBvBWw=
|
||||
SIZE (ngrep-1.47.20190128-2a9603bc.tar.gz) = 187252
|
||||
|
@ -1,49 +0,0 @@
|
||||
--- Makefile.in.orig Tue Nov 28 13:35:37 2006
|
||||
+++ Makefile.in Thu Mar 26 22:14:15 2009
|
||||
@@ -11,7 +11,7 @@ CFLAGS=@CFLAGS@ -D@OS@ @DEFS@ @EXTRA_DEFINES@
|
||||
INCLUDES=-I@srcdir@ @PCAP_INCLUDE@ @EXTRA_INCLUDES@
|
||||
|
||||
LDFLAGS=@LDFLAGS@ @PCAP_LINK@
|
||||
-LIBS=-lpcap @EXTRA_LIBS@
|
||||
+LIBS=@LIBS@ @EXTRA_LIBS@
|
||||
|
||||
STRIPFLAG=@STRIPFLAG@
|
||||
|
||||
@@ -25,14 +25,14 @@ exec_prefix = @exec_prefix@
|
||||
|
||||
bindir = $(prefix)/bin
|
||||
datadir = $(prefix)/share
|
||||
-mandir = $(datadir)/man
|
||||
+mandir = $(prefix)/man
|
||||
|
||||
-BINDIR_INSTALL = $(prefix)/bin
|
||||
+BINDIR_INSTALL = $(prefix)/sbin
|
||||
MANDIR_INSTALL = $(mandir)/man8
|
||||
|
||||
INSTALL = ./install-sh
|
||||
|
||||
-REGEX_DIR=@REGEX_DIR@
|
||||
+#REGEX_DIR=@REGEX_DIR@
|
||||
REGEX_OBJS=@REGEX_OBJS@
|
||||
|
||||
|
||||
@@ -55,15 +55,15 @@ install: $(TARGET)
|
||||
$(CC) $(CFLAGS) $(INCLUDES) -g -c $<
|
||||
|
||||
clean:
|
||||
- make -C $(REGEX_DIR) clean
|
||||
+ #make -C $(REGEX_DIR) clean
|
||||
rm -f *~ $(OBJS) $(REGEX_OBJS) $(TARGET) $(TARGET).static
|
||||
|
||||
distclean: clean
|
||||
- make -C $(REGEX_DIR) distclean
|
||||
+ #make -C $(REGEX_DIR) distclean
|
||||
rm -f config.status config.cache config.log config.h Makefile
|
||||
|
||||
-$(REGEX_OBJS): $(REGEX_OBJS:.o=.c) $(REGEX_DIR)/*.h
|
||||
- $(MAKE) $(MAKEFLAGS) -C $(REGEX_DIR) $(notdir $(REGEX_OBJS))
|
||||
+#$(REGEX_OBJS): $(REGEX_OBJS:.o=.c) $(REGEX_DIR)/*.h
|
||||
+# $(MAKE) $(MAKEFLAGS) -C $(REGEX_DIR) $(notdir $(REGEX_OBJS))
|
||||
|
||||
$(OBJS): Makefile ngrep.c ngrep.h
|
||||
|
@ -1,17 +0,0 @@
|
||||
$OpenBSD: patch-config_h_in,v 1.2 2011/06/18 14:02:38 kili Exp $
|
||||
--- config.h.in.orig Tue Nov 28 14:36:02 2006
|
||||
+++ config.h.in Sat Jun 18 14:55:32 2011
|
||||
@@ -11,12 +11,11 @@
|
||||
#define USE_IPv6 @USE_IPv6@
|
||||
|
||||
#define HAVE_DLT_RAW @HAVE_DLT_RAW@
|
||||
+#define HAVE_DLT_PFLOG @HAVE_DLT_PFLOG@
|
||||
#define HAVE_DLT_LOOP @HAVE_DLT_LOOP@
|
||||
#define HAVE_DLT_LINUX_SLL @HAVE_DLT_LINUX_SLL@
|
||||
#define HAVE_DLT_IEEE802_11 @HAVE_DLT_IEEE802_11@
|
||||
#define HAVE_DLT_IEEE802_11_RADIO @HAVE_DLT_IEEE802_11_RADIO@
|
||||
-
|
||||
-#define HAVE_DUMB_UDPHDR @HAVE_DUMB_UDPHDR@
|
||||
|
||||
#define USE_PCAP_RESTART @USE_PCAP_RESTART@
|
||||
#define PCAP_RESTART_FUNC @PCAP_RESTART_FUNC@
|
@ -1,99 +0,0 @@
|
||||
--- configure.in.orig Wed Nov 15 03:43:56 2006
|
||||
+++ configure.in Thu Jun 16 16:09:24 2011
|
||||
@@ -111,47 +111,12 @@ else
|
||||
fi
|
||||
|
||||
|
||||
-dnl
|
||||
-dnl Configure the regular expression library.
|
||||
-dnl
|
||||
+AC_CHECK_LIB(pcre, pcre_compile,,echo need pcre lib; exit)
|
||||
+REGEX_OBJS=''
|
||||
+USE_PCRE="1"
|
||||
|
||||
-AC_ARG_ENABLE(pcre,
|
||||
-[ --enable-pcre use PCRE instead of GNU regex],
|
||||
-[
|
||||
- use_pcre="$enableval"
|
||||
-],
|
||||
-[
|
||||
- use_pcre="no"
|
||||
-])
|
||||
-
|
||||
-if test $use_pcre = yes; then
|
||||
-
|
||||
- echo
|
||||
- echo 'Configuring Perl-Compatible Regular Expression (PCRE) library ...'
|
||||
- echo
|
||||
-
|
||||
- REGEX_DIR='pcre-5.0'
|
||||
- REGEX_OBJS="$REGEX_DIR/pcre.o $REGEX_DIR/study.o"
|
||||
- USE_PCRE="1"
|
||||
-
|
||||
-else
|
||||
-
|
||||
- echo
|
||||
- echo 'Configuring GNU Regular Expression library ...'
|
||||
- echo
|
||||
-
|
||||
- REGEX_DIR='regex-0.12'
|
||||
- REGEX_OBJS="$REGEX_DIR/regex.o"
|
||||
- USE_PCRE="0"
|
||||
-
|
||||
-fi
|
||||
-
|
||||
-( cd $REGEX_DIR && ./configure )
|
||||
-
|
||||
-AC_SUBST(REGEX_DIR)
|
||||
AC_SUBST(REGEX_OBJS)
|
||||
|
||||
-
|
||||
echo
|
||||
echo 'Configuring Network Grep (ngrep) ...'
|
||||
echo
|
||||
@@ -194,18 +159,6 @@ unsigned short bar = foo.source;
|
||||
*bsd*)
|
||||
AC_SUBST(OS, BSD)
|
||||
|
||||
- if test "$USE_PCAP_RESTART" = "0"; then
|
||||
-
|
||||
- AC_MSG_WARN(
|
||||
-Your OS ($target_os) may have an old libpcap installation.
|
||||
-If the resulting ngrep binary segfaults when a BPF filter is specified
|
||||
-without an ngrep match string then you should reconfigure ngrep with
|
||||
-the option ``--disable-pcap-restart''.
|
||||
-)
|
||||
- sleep 3
|
||||
-
|
||||
- fi
|
||||
-
|
||||
;;
|
||||
|
||||
*solaris*)
|
||||
@@ -381,6 +334,18 @@ yes
|
||||
[HAVE_DLT_RAW="1" && echo yes], [HAVE_DLT_RAW="0" && echo no])
|
||||
|
||||
|
||||
+present=""
|
||||
+AC_MSG_CHECKING(for DLT_PFLOG in bpf.h)
|
||||
+AC_EGREP_CPP(yes,
|
||||
+[
|
||||
+#include <$BPF>
|
||||
+#ifdef DLT_PFLOG
|
||||
+yes
|
||||
+#endif
|
||||
+],
|
||||
+[HAVE_DLT_PFLOG="1" && echo yes], [HAVE_DLT_PFLOG="0" && echo no])
|
||||
+
|
||||
+
|
||||
dnl
|
||||
dnl Now that we're past the OS-specific stuff, which could have
|
||||
dnl modified our USE_* and other defines, define them all now.
|
||||
@@ -397,6 +362,7 @@ AC_DEFINE_UNQUOTED(DROPPRIVS_USER, "$DROPPRI
|
||||
AC_DEFINE_UNQUOTED(HAVE_DUMB_UDPHDR, $HAVE_DUMB_UDPHDR, [whether to accommodate broken redhat-glibc udphdr declaration (default no)])
|
||||
|
||||
AC_DEFINE_UNQUOTED(HAVE_DLT_RAW, $HAVE_DLT_RAW, [presence of DLT_RAW in bpf.h])
|
||||
+AC_DEFINE_UNQUOTED(HAVE_DLT_PFLOG, $HAVE_DLT_PFLOG, [presence of DLT_PFLOG in bpf.h])
|
||||
AC_DEFINE_UNQUOTED(HAVE_DLT_IEEE802_11, $HAVE_DLT_IEEE802_11, [presence of DLT_IEEE802_11 in bpf.h])
|
||||
AC_DEFINE_UNQUOTED(HAVE_DLT_IEEE802_11_RADIO, $HAVE_DLT_IEEE802_11_RADIO, [presence of DLT_IEEE802_11_RADIO in bpf.h])
|
||||
AC_DEFINE_UNQUOTED(HAVE_DLT_LOOP, $HAVE_DLT_LOOP, [presence of DLT_LOOP in bpf.h])
|
@ -1,11 +0,0 @@
|
||||
$OpenBSD: patch-doc_README_txt,v 1.1 2011/06/16 21:21:43 sthen Exp $
|
||||
--- doc/README.txt.orig Tue Nov 28 13:37:34 2006
|
||||
+++ doc/README.txt Thu Jun 16 16:04:12 2011
|
||||
@@ -41,6 +41,7 @@ Usage: ngrep <LhNXViwqpevxlDtTRM> <-IO pcap_dump> <-n
|
||||
-D is replay pcap_dumps with their recorded time intervals
|
||||
-t is print timestamp every time a packet is matched
|
||||
-T is print delta timestamp every time a packet is matched
|
||||
+ specify twice for delta from first match
|
||||
-M is don't do multi-line match (do single-line match instead)
|
||||
-I is read packet stream from pcap format file pcap_dump
|
||||
-O is dump matched packets in pcap format to pcap_dump
|
@ -1,49 +0,0 @@
|
||||
$OpenBSD: patch-ngrep_8,v 1.6 2011/06/18 14:02:38 kili Exp $
|
||||
--- ngrep.8.orig Tue Nov 28 14:36:31 2006
|
||||
+++ ngrep.8 Sat Jun 18 14:57:33 2011
|
||||
@@ -2,11 +2,11 @@
|
||||
.\"
|
||||
.\" All content, except portions of the bpf filter explanation, are:
|
||||
.\"
|
||||
-.\" Copyright (c) 2006 Jordan Ritter <jpr5@darkridge.com>
|
||||
+.\" Copyright (c) 2007 Jordan Ritter <jpr5@darkridge.com>
|
||||
.\"
|
||||
.\" Please refer to the LICENSE file for more information.
|
||||
|
||||
-.TH NGREP 8 "November 2006" *nux "User Manuals"
|
||||
+.TH NGREP 8 "December 2007" *nux "User Manuals"
|
||||
|
||||
.SH NAME
|
||||
|
||||
@@ -106,7 +106,8 @@ a packet is matched.
|
||||
|
||||
.IP -T
|
||||
Print a timestamp in the form of +S.UUUUUU, indicating the delta
|
||||
-between packet matches.
|
||||
+between packet matches. Specify a second time to indicate the delta
|
||||
+since the first packet match.
|
||||
|
||||
.IP -R
|
||||
Do not try to drop privileges to the DROPPRIVS_USER.
|
||||
@@ -180,21 +181,6 @@ this option to force ngrep to listen on interface \fId
|
||||
|
||||
.IP "-A num"
|
||||
Dump \fInum\fP packets of trailing context after matching a packet.
|
||||
-
|
||||
-.IP "-W normal|byline|none"
|
||||
-Alter the method by which ngrep displays packet payload. ``normal''
|
||||
-mode represents the standard behaviour, ``byline'' instructs ngrep to
|
||||
-respect embedded linefeeds (useful for observing HTTP transactions,
|
||||
-for instance), and ``none'' results in the payload on one single line
|
||||
-(useful for scripted processing of ngrep output).
|
||||
-
|
||||
-.IP "-c cols"
|
||||
-Ignore the detected terminal width and force the column width to the
|
||||
-specified size.
|
||||
-
|
||||
-.IP "-P char"
|
||||
-Change the non-printable character from the default ``.'' to the
|
||||
-character specified.
|
||||
|
||||
.IP "\fI match expression\fP"
|
||||
A match expression is either an extended regular expression, or if the
|
@ -1,612 +1,13 @@
|
||||
$OpenBSD: patch-ngrep_c,v 1.7 2017/02/07 12:32:56 sthen Exp $
|
||||
--- ngrep.c.orig Tue Nov 28 13:38:43 2006
|
||||
+++ ngrep.c Tue Feb 7 12:31:35 2017
|
||||
@@ -60,6 +60,7 @@
|
||||
#include <config.h>
|
||||
|
||||
#define strcasecmp stricmp
|
||||
+#define strncasecmp strnicmp
|
||||
|
||||
#else
|
||||
|
||||
@@ -74,6 +75,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <signal.h>
|
||||
+#include <locale.h>
|
||||
|
||||
#if !defined(_WIN32)
|
||||
#include <errno.h>
|
||||
@@ -92,7 +94,7 @@
|
||||
$OpenBSD: patch-ngrep_c,v 1.8 2021/02/17 12:57:58 sthen Exp $
|
||||
|
||||
Index: ngrep.c
|
||||
--- ngrep.c.orig
|
||||
+++ ngrep.c
|
||||
@@ -16,6 +16,7 @@
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/tty.h>
|
||||
#include <pwd.h>
|
||||
+#include <stdint.h>
|
||||
#endif
|
||||
|
||||
#if USE_PCRE
|
||||
-#include "pcre-5.0/pcre.h"
|
||||
+#include "pcre.h"
|
||||
#else
|
||||
#include "regex-0.12/regex.h"
|
||||
#endif
|
||||
@@ -114,6 +116,7 @@ uint8_t show_empty = 0, show_hex = 0, show_proto = 0,
|
||||
uint8_t invert_match = 0, bin_match = 0;
|
||||
uint8_t live_read = 1, want_delay = 0;
|
||||
uint8_t dont_dropprivs = 0;
|
||||
+uint8_t enable_hilite = 0;
|
||||
|
||||
char *read_file = NULL, *dump_file = NULL;
|
||||
char *usedev = NULL;
|
||||
@@ -145,7 +148,7 @@ uint16_t match_len = 0;
|
||||
int8_t (*match_func)() = &blank_match_func;
|
||||
|
||||
int8_t dump_single = 0;
|
||||
-void (*dump_func)(unsigned char *, uint32_t) = &dump_formatted;
|
||||
+void (*dump_func)(unsigned char *, uint32_t, uint16_t, uint16_t) = &dump_formatted;
|
||||
|
||||
/*
|
||||
* BPF/Network
|
||||
@@ -153,10 +156,10 @@ void (*dump_func)(unsigned char *, uint32_t) = &dump_f
|
||||
|
||||
char *filter = NULL, *filter_file = NULL;
|
||||
char pc_err[PCAP_ERRBUF_SIZE];
|
||||
-uint8_t link_offset;
|
||||
+uint8_t link_offset, vlan_offset = 0;
|
||||
uint8_t radiotap_present = 0;
|
||||
|
||||
-pcap_t *pd = NULL;
|
||||
+pcap_t *pd = NULL, *pd_dumppcap = NULL;
|
||||
pcap_dumper_t *pd_dump = NULL;
|
||||
struct bpf_program pcapfilter;
|
||||
struct in_addr net, mask;
|
||||
@@ -176,8 +179,7 @@ void (*print_time)() = NULL, (*dump_delay)() = dump_de
|
||||
|
||||
|
||||
/*
|
||||
- * When !Win32, windowsize stuff. We leave it in regardless to avoid
|
||||
- * any additional #if complication/obfuscation.
|
||||
+ * Window-size functionality (adjust output based on width of console display)
|
||||
*/
|
||||
|
||||
uint32_t ws_row, ws_col = 80, ws_col_forced = 0;
|
||||
@@ -195,7 +197,17 @@ int main(int argc, char **argv) {
|
||||
signal(SIGWINCH, update_windowsize);
|
||||
#endif
|
||||
|
||||
- while ((c = getopt(argc, argv, "LNhXViwqpevxlDtTRMs:n:c:d:A:I:O:S:P:F:W:")) != EOF) {
|
||||
+#if !defined(_WIN32)
|
||||
+ {
|
||||
+ char const *locale = getenv("LANG");
|
||||
+ if (locale == NULL)
|
||||
+ locale = "en_US";
|
||||
+
|
||||
+ setlocale(LC_CTYPE, locale);
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ while ((c = getopt(argc, argv, "LNhXViwqpevxlDtTRMCs:n:c:d:A:I:O:S:P:F:W:")) != EOF) {
|
||||
switch (c) {
|
||||
case 'W': {
|
||||
if (!strcasecmp(optarg, "normal"))
|
||||
@@ -257,6 +269,9 @@ int main(int argc, char **argv) {
|
||||
if (value > 0)
|
||||
snaplen = value;
|
||||
} break;
|
||||
+ case 'C':
|
||||
+ enable_hilite = 1;
|
||||
+ break;
|
||||
case 'M':
|
||||
re_multiline_match = 0;
|
||||
break;
|
||||
@@ -264,13 +279,18 @@ int main(int argc, char **argv) {
|
||||
dont_dropprivs = 1;
|
||||
break;
|
||||
case 'T':
|
||||
- print_time = &print_time_diff;
|
||||
+ if (print_time == &print_time_diff) {
|
||||
+ print_time = print_time_offset;
|
||||
+ memset(&prev_ts, 0, sizeof(prev_ts));
|
||||
+ } else {
|
||||
+ print_time = &print_time_diff;
|
||||
#if defined(_WIN32)
|
||||
- prev_ts.tv_sec = (uint32_t)time(NULL);
|
||||
- prev_ts.tv_usec = 0;
|
||||
+ prev_ts.tv_sec = (uint32_t)time(NULL);
|
||||
+ prev_ts.tv_usec = 0;
|
||||
#else
|
||||
- gettimeofday(&prev_ts, NULL);
|
||||
+ gettimeofday(&prev_ts, NULL);
|
||||
#endif
|
||||
+ }
|
||||
break;
|
||||
case 't':
|
||||
print_time = &print_time_absolute;
|
||||
@@ -337,7 +357,12 @@ int main(int argc, char **argv) {
|
||||
|
||||
} else {
|
||||
|
||||
- char *dev = usedev ? usedev : pcap_lookupdev(pc_err);
|
||||
+ char *dev = usedev ? usedev :
|
||||
+#if defined(_WIN32)
|
||||
+ win32_choosedevice();
|
||||
+#else
|
||||
+ pcap_lookupdev(pc_err);
|
||||
+#endif
|
||||
|
||||
if (!dev) {
|
||||
perror(pc_err);
|
||||
@@ -391,7 +416,7 @@ int main(int argc, char **argv) {
|
||||
filter = get_filter_from_argv(&argv[optind-1]);
|
||||
|
||||
#if USE_PCAP_RESTART
|
||||
- PCAP_RESTART_FUNC();
|
||||
+ PCAP_RESTART_FUNC(NULL);
|
||||
#endif
|
||||
if (pcap_compile(pd, &pcapfilter, filter, 0, mask.s_addr)) {
|
||||
pcap_perror(pd, "pcap compile");
|
||||
@@ -408,6 +433,17 @@ int main(int argc, char **argv) {
|
||||
}
|
||||
}
|
||||
|
||||
+ /* VLAN support: determine # of +4 offsets to accommodate */
|
||||
+ if (filter) {
|
||||
+ char const bpf_vlan[] = "vlan";
|
||||
+ char *s = filter;
|
||||
+ while (*s)
|
||||
+ if (strncasecmp(s++, bpf_vlan, sizeof(bpf_vlan)-1) == 0)
|
||||
+ vlan_offset++;
|
||||
+
|
||||
+ vlan_offset *= VLANHDR_SIZE;
|
||||
+ }
|
||||
+
|
||||
if (filter && quiet < 2)
|
||||
printf("filter: %s\n", filter);
|
||||
|
||||
@@ -549,6 +585,10 @@ int main(int argc, char **argv) {
|
||||
link_offset = PPPHDR_SIZE;
|
||||
break;
|
||||
|
||||
+ case DLT_PPP_ETHER:
|
||||
+ link_offset = PPPOEHDR_SIZE;
|
||||
+ break;
|
||||
+
|
||||
#if HAVE_DLT_LOOP
|
||||
case DLT_LOOP:
|
||||
#endif
|
||||
@@ -579,21 +619,28 @@ int main(int argc, char **argv) {
|
||||
break;
|
||||
#endif
|
||||
|
||||
+#if HAVE_DLT_PFLOG
|
||||
+ case DLT_PFLOG:
|
||||
+ link_offset = PFLOGHDR_SIZE;
|
||||
+ break;
|
||||
+#endif
|
||||
+
|
||||
default:
|
||||
fprintf(stderr, "fatal: unsupported interface type %u\n", pcap_datalink(pd));
|
||||
clean_exit(-1);
|
||||
}
|
||||
|
||||
+ link_offset += vlan_offset;
|
||||
+
|
||||
if (dump_file) {
|
||||
- if (!(pd_dump = pcap_dump_open(pd, dump_file))) {
|
||||
+ pd_dump = pcap_dump_open(pd, dump_file);
|
||||
+ if (!pd_dump) {
|
||||
fprintf(stderr, "fatal: %s\n", pcap_geterr(pd));
|
||||
clean_exit(-1);
|
||||
} else printf("output: %s\n", dump_file);
|
||||
}
|
||||
|
||||
-#if !defined(_WIN32)
|
||||
update_windowsize(0);
|
||||
-#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
win32_initwinsock();
|
||||
@@ -603,7 +650,7 @@ int main(int argc, char **argv) {
|
||||
drop_privs();
|
||||
#endif
|
||||
|
||||
- while (pcap_loop(pd, 0, (pcap_handler)process, 0));
|
||||
+ while (pcap_loop(pd, -1, (pcap_handler)process, 0));
|
||||
|
||||
clean_exit(0);
|
||||
|
||||
@@ -699,11 +746,6 @@ void process(u_char *d, struct pcap_pkthdr *h, u_char
|
||||
data = (unsigned char *)(tcp_pkt) + tcphdr_offset;
|
||||
len -= link_offset + ip_hl + tcphdr_offset;
|
||||
|
||||
-#if USE_IPv6
|
||||
- if (ip_ver == 6)
|
||||
- len -= ntohs(ip6_pkt->ip6_plen);
|
||||
-#endif
|
||||
-
|
||||
if ((int32_t)len < 0)
|
||||
len = 0;
|
||||
|
||||
@@ -719,20 +761,11 @@ void process(u_char *d, struct pcap_pkthdr *h, u_char
|
||||
data = (unsigned char *)(udp_pkt) + udphdr_offset;
|
||||
len -= link_offset + ip_hl + udphdr_offset;
|
||||
|
||||
-#if USE_IPv6
|
||||
- if (ip_ver == 6)
|
||||
- len -= ntohs(ip6_pkt->ip6_plen);
|
||||
-#endif
|
||||
-
|
||||
if ((int32_t)len < 0)
|
||||
len = 0;
|
||||
|
||||
dump_packet(h, p, ip_proto, data, len, ip_src, ip_dst,
|
||||
-#if HAVE_DUMB_UDPHDR
|
||||
- ntohs(udp_pkt->source), ntohs(udp_pkt->dest), 0,
|
||||
-#else
|
||||
ntohs(udp_pkt->uh_sport), ntohs(udp_pkt->uh_dport), 0,
|
||||
-#endif
|
||||
udphdr_offset, fragmented, frag_offset, frag_id);
|
||||
} break;
|
||||
|
||||
@@ -757,7 +790,7 @@ void process(u_char *d, struct pcap_pkthdr *h, u_char
|
||||
uint16_t icmp6hdr_offset = (frag_offset) ? 0 : 4;
|
||||
|
||||
data = (unsigned char *)(icmp6_pkt) + icmp6hdr_offset;
|
||||
- len -= link_offset + ip_hl + ntohs(ip6_pkt->ip6_plen) + icmp6hdr_offset;
|
||||
+ len -= link_offset + ip_hl + icmp6hdr_offset;
|
||||
|
||||
if ((int32_t)len < 0)
|
||||
len = 0;
|
||||
@@ -808,13 +841,15 @@ void dump_packet(struct pcap_pkthdr *h, u_char *p, uin
|
||||
const char *ip_src, const char *ip_dst, uint16_t sport, uint16_t dport, uint8_t flags,
|
||||
uint16_t hdr_offset, uint8_t frag, uint16_t frag_offset, uint32_t frag_id) {
|
||||
|
||||
+ uint16_t match_size, match_index;
|
||||
+
|
||||
if (!show_empty && len == 0)
|
||||
return;
|
||||
|
||||
if (len > limitlen)
|
||||
len = limitlen;
|
||||
|
||||
- if ((len > 0 && match_func(data, len) == invert_match) && !keep_matching)
|
||||
+ if ((len > 0 && match_func(data, len, &match_index, &match_size) == invert_match) && !keep_matching)
|
||||
return;
|
||||
|
||||
if (!live_read && want_delay)
|
||||
@@ -879,15 +914,17 @@ void dump_packet(struct pcap_pkthdr *h, u_char *p, uin
|
||||
printf("\n");
|
||||
|
||||
if (quiet < 3)
|
||||
- dump_func(data, len);
|
||||
+ dump_func(data, len, match_index, match_size);
|
||||
|
||||
if (pd_dump)
|
||||
pcap_dump((u_char*)pd_dump, h, p);
|
||||
}
|
||||
|
||||
-int8_t re_match_func(unsigned char *data, uint32_t len) {
|
||||
+int8_t re_match_func(unsigned char *data, uint32_t len, uint16_t *mindex, uint16_t *msize) {
|
||||
#if USE_PCRE
|
||||
- switch(pcre_exec(pattern, 0, data, (int32_t)len, 0, 0, 0, 0)) {
|
||||
+
|
||||
+ static int sub[2];
|
||||
+ switch(pcre_exec(pattern, 0, (char const *)data, (int32_t)len, 0, 0, 0, 0)) {
|
||||
case PCRE_ERROR_NULL:
|
||||
case PCRE_ERROR_BADOPTION:
|
||||
case PCRE_ERROR_BADMAGIC:
|
||||
@@ -898,15 +935,25 @@ int8_t re_match_func(unsigned char *data, uint32_t len
|
||||
|
||||
case PCRE_ERROR_NOMATCH:
|
||||
return 0;
|
||||
+
|
||||
+ default:
|
||||
+ *mindex = sub[0];
|
||||
+ *msize = sub[1] - sub[0];
|
||||
}
|
||||
#else
|
||||
- switch (re_search(&pattern, data, (int32_t)len, 0, len, 0)) {
|
||||
+
|
||||
+ static struct re_registers regs;
|
||||
+ switch (re_search(&pattern, (char const *)data, (int32_t)len, 0, len, ®s)) {
|
||||
case -2:
|
||||
perror("she's dead, jim\n");
|
||||
clean_exit(-2);
|
||||
|
||||
case -1:
|
||||
return 0;
|
||||
+
|
||||
+ default:
|
||||
+ *mindex = regs.start[0];
|
||||
+ *msize = regs.end[0] - regs.start[0];
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -919,7 +966,7 @@ int8_t re_match_func(unsigned char *data, uint32_t len
|
||||
return 1;
|
||||
}
|
||||
|
||||
-int8_t bin_match_func(unsigned char *data, uint32_t len) {
|
||||
+int8_t bin_match_func(unsigned char *data, uint32_t len, uint16_t *mindex, uint16_t *msize) {
|
||||
int32_t stop = len - match_len;
|
||||
int32_t i = 0;
|
||||
|
||||
@@ -934,71 +981,118 @@ int8_t bin_match_func(unsigned char *data, uint32_t le
|
||||
if (match_after && keep_matching != match_after)
|
||||
keep_matching = match_after;
|
||||
|
||||
+ *mindex = i - 1;
|
||||
+ *msize = match_len;
|
||||
+
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
-
|
||||
-int8_t blank_match_func(unsigned char *data, uint32_t len) {
|
||||
+int8_t blank_match_func(unsigned char *data, uint32_t len, uint16_t *mindex, uint16_t *msize) {
|
||||
if (max_matches)
|
||||
matches++;
|
||||
|
||||
+ *mindex = 0;
|
||||
+ *msize = 0;
|
||||
+
|
||||
return 1;
|
||||
}
|
||||
|
||||
-void dump_byline(unsigned char *data, uint32_t len) {
|
||||
+void dump_byline(unsigned char *data, uint32_t len, uint16_t mindex, uint16_t msize) {
|
||||
if (len > 0) {
|
||||
- const unsigned char *s = data;
|
||||
+ const unsigned char *s = data;
|
||||
+ uint8_t should_hilite = (msize && enable_hilite);
|
||||
+ unsigned char *hilite_start = data + mindex;
|
||||
+ unsigned char *hilite_end = hilite_start + msize;
|
||||
|
||||
while (s < data + len) {
|
||||
+ if (should_hilite && s == hilite_start)
|
||||
+ printf(ANSI_hilite);
|
||||
+
|
||||
printf("%c", (*s == '\n' || isprint(*s)) ? *s : nonprint_char);
|
||||
s++;
|
||||
+
|
||||
+ if (should_hilite && s == hilite_end)
|
||||
+ printf(ANSI_off);
|
||||
}
|
||||
|
||||
printf("\n");
|
||||
}
|
||||
}
|
||||
|
||||
-void dump_unwrapped(unsigned char *data, uint32_t len) {
|
||||
+void dump_unwrapped(unsigned char *data, uint32_t len, uint16_t mindex, uint16_t msize) {
|
||||
if (len > 0) {
|
||||
- const unsigned char *s = data;
|
||||
+ const unsigned char *s = data;
|
||||
+ uint8_t should_hilite = (msize && enable_hilite);
|
||||
+ unsigned char *hilite_start = data + mindex;
|
||||
+ unsigned char *hilite_end = hilite_start + msize;
|
||||
|
||||
while (s < data + len) {
|
||||
+ if (should_hilite && s == hilite_start)
|
||||
+ printf(ANSI_hilite);
|
||||
+
|
||||
printf("%c", isprint(*s) ? *s : nonprint_char);
|
||||
s++;
|
||||
+
|
||||
+ if (should_hilite && s == hilite_end)
|
||||
+ printf(ANSI_off);
|
||||
}
|
||||
|
||||
printf("\n");
|
||||
}
|
||||
}
|
||||
|
||||
-void dump_formatted(unsigned char *data, uint32_t len) {
|
||||
+void dump_formatted(unsigned char *data, uint32_t len, uint16_t mindex, uint16_t msize) {
|
||||
if (len > 0) {
|
||||
- unsigned char *str = data;
|
||||
- uint8_t width = show_hex ? 16 : (ws_col-5);
|
||||
- uint32_t i = 0,
|
||||
- j = 0;
|
||||
+ uint8_t should_hilite = (msize && enable_hilite);
|
||||
+ unsigned char *str = data;
|
||||
+ uint8_t hiliting = 0;
|
||||
+ uint8_t width = show_hex ? 16 : (ws_col-5);
|
||||
+ uint32_t i = 0,
|
||||
+ j = 0;
|
||||
|
||||
while (i < len) {
|
||||
printf(" ");
|
||||
|
||||
- if (show_hex)
|
||||
+ if (show_hex) {
|
||||
for (j = 0; j < width; j++) {
|
||||
+ if (should_hilite && (mindex <= (i+j) && (i+j) < mindex + msize)) {
|
||||
+ hiliting = 1;
|
||||
+ printf(ANSI_hilite);
|
||||
+ }
|
||||
+
|
||||
if (i + j < len)
|
||||
printf("%02x ", str[j]);
|
||||
else printf(" ");
|
||||
|
||||
if ((j+1) % (width/2) == 0)
|
||||
printf(" ");
|
||||
+
|
||||
+ if (hiliting) {
|
||||
+ hiliting = 0;
|
||||
+ printf(ANSI_off);
|
||||
+ }
|
||||
}
|
||||
+ }
|
||||
|
||||
- for (j = 0; j < width; j++)
|
||||
+ for (j = 0; j < width; j++) {
|
||||
+ if (should_hilite && mindex <= (i+j) && (i+j) < mindex + msize) {
|
||||
+ hiliting = 1;
|
||||
+ printf(ANSI_hilite);
|
||||
+ }
|
||||
+
|
||||
if (i + j < len)
|
||||
printf("%c", isprint(str[j]) ? str[j] : nonprint_char);
|
||||
else printf(" ");
|
||||
|
||||
+ if (hiliting) {
|
||||
+ hiliting = 0;
|
||||
+ printf(ANSI_off);
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
str += width;
|
||||
i += j;
|
||||
|
||||
@@ -1080,7 +1174,9 @@ uint8_t strishex(char *str) {
|
||||
|
||||
|
||||
void print_time_absolute(struct pcap_pkthdr *h) {
|
||||
- struct tm *t = localtime((const time_t *)&h->ts.tv_sec);
|
||||
+ struct tm *t;
|
||||
+ time_t ts = h->ts.tv_sec;
|
||||
+ t = localtime(&ts);
|
||||
|
||||
printf("%02u/%02u/%02u %02u:%02u:%02u.%06u ",
|
||||
t->tm_year+1900, t->tm_mon+1, t->tm_mday, t->tm_hour,
|
||||
@@ -1104,6 +1200,27 @@ void print_time_diff(struct pcap_pkthdr *h) {
|
||||
prev_ts.tv_usec = h->ts.tv_usec;
|
||||
}
|
||||
|
||||
+void print_time_offset(struct pcap_pkthdr *h) {
|
||||
+ uint32_t secs, usecs;
|
||||
+
|
||||
+ secs = h->ts.tv_sec - prev_ts.tv_sec;
|
||||
+ if (h->ts.tv_usec >= prev_ts.tv_usec)
|
||||
+ usecs = h->ts.tv_usec - prev_ts.tv_usec;
|
||||
+ else {
|
||||
+ secs--;
|
||||
+ usecs = 1000000 - (prev_ts.tv_usec - h->ts.tv_usec);
|
||||
+ }
|
||||
+
|
||||
+ if (prev_ts.tv_sec == 0 && prev_ts.tv_usec == 0) {
|
||||
+ prev_ts.tv_sec = h->ts.tv_sec;
|
||||
+ prev_ts.tv_usec = h->ts.tv_usec;
|
||||
+ secs = 0;
|
||||
+ usecs = 0;
|
||||
+ }
|
||||
+
|
||||
+ printf("+%u.%06u ", secs, usecs);
|
||||
+}
|
||||
+
|
||||
void dump_delay_proc_init(struct pcap_pkthdr *h) {
|
||||
dump_delay = &dump_delay_proc;
|
||||
|
||||
@@ -1155,26 +1272,36 @@ void dump_delay_proc(struct pcap_pkthdr *h) {
|
||||
prev_delay_ts.tv_usec = h->ts.tv_usec;
|
||||
}
|
||||
|
||||
-#if !defined(_WIN32)
|
||||
void update_windowsize(int32_t e) {
|
||||
if (e == 0 && ws_col_forced)
|
||||
|
||||
ws_col = ws_col_forced;
|
||||
|
||||
else if (!ws_col_forced) {
|
||||
+
|
||||
+#if !defined(_WIN32)
|
||||
const struct winsize ws;
|
||||
|
||||
if (!ioctl(0, TIOCGWINSZ, &ws)) {
|
||||
ws_row = ws.ws_row;
|
||||
ws_col = ws.ws_col;
|
||||
- } else {
|
||||
+ }
|
||||
+#else
|
||||
+ CONSOLE_SCREEN_BUFFER_INFO csbi;
|
||||
+ if (GetConsoleScreenBufferInfo(GetStdHandle(STD_OUTPUT_HANDLE), &csbi)) {
|
||||
+ ws_row = csbi.dwSize.Y;
|
||||
+ ws_col = csbi.dwSize.X;
|
||||
+ }
|
||||
+#endif
|
||||
+ else {
|
||||
ws_row = 24;
|
||||
ws_col = 80;
|
||||
}
|
||||
+
|
||||
}
|
||||
}
|
||||
|
||||
-#if USE_DROPPRIVS
|
||||
+#if !defined(_WIN32) && USE_DROPPRIVS
|
||||
void drop_privs(void) {
|
||||
struct passwd *pw;
|
||||
uid_t newuid;
|
||||
@@ -1197,6 +1324,14 @@ void drop_privs(void) {
|
||||
perror("attempt to drop privileges failed");
|
||||
clean_exit(-1);
|
||||
}
|
||||
+ if (chroot("/var/empty") == -1) {
|
||||
+ perror("attempt to drop privileges failed: chroot failed");
|
||||
+ clean_exit(-1);
|
||||
+ }
|
||||
+ if (chdir("/") == -1) {
|
||||
+ perror("attempt to drop privileges failed: chdir failed");
|
||||
+ clean_exit(-1);
|
||||
+ }
|
||||
|
||||
if (((getgid() != newgid) && (setgid(newgid) == -1)) ||
|
||||
((getegid() != newgid) && (setegid(newgid) == -1)) ||
|
||||
@@ -1209,7 +1344,6 @@ void drop_privs(void) {
|
||||
}
|
||||
|
||||
#endif
|
||||
-#endif
|
||||
|
||||
void usage(int8_t e) {
|
||||
printf("usage: ngrep <-"
|
||||
@@ -1234,6 +1368,7 @@ void usage(int8_t e) {
|
||||
" -D is replay pcap_dumps with their recorded time intervals\n"
|
||||
" -t is print timestamp every time a packet is matched\n"
|
||||
" -T is print delta timestamp every time a packet is matched\n"
|
||||
+ " specify twice for delta from first match\n"
|
||||
" -M is don't do multi-line match (do single-line match instead)\n"
|
||||
" -I is read packet stream from pcap format file pcap_dump\n"
|
||||
" -O is dump matched packets in pcap format to pcap_dump\n"
|
||||
@@ -1292,8 +1427,9 @@ void clean_exit(int32_t sig) {
|
||||
&& pd && !pcap_stats(pd, &s))
|
||||
printf("%u received, %u dropped\n", s.ps_recv, s.ps_drop);
|
||||
|
||||
- if (pd) pcap_close(pd);
|
||||
- if (pd_dump) pcap_dump_close(pd_dump);
|
||||
+ if (pd) pcap_close(pd);
|
||||
+ if (pd_dumppcap) pcap_close(pd_dumppcap);
|
||||
+ if (pd_dump) pcap_dump_close(pd_dump);
|
||||
|
||||
#if defined(_WIN32)
|
||||
if (delay_socket) closesocket(delay_socket);
|
||||
@@ -1379,6 +1515,28 @@ char *win32_usedevice(const char *index) {
|
||||
}
|
||||
|
||||
pcap_freealldevs(alldevs);
|
||||
+
|
||||
+ return dev;
|
||||
+}
|
||||
+
|
||||
+char *win32_choosedevice(void) {
|
||||
+ pcap_if_t *alldevs, *d;
|
||||
+ char errbuf[PCAP_ERRBUF_SIZE];
|
||||
+ char *dev = NULL;
|
||||
+
|
||||
+ if (pcap_findalldevs(&alldevs, errbuf) == -1) {
|
||||
+ perror("unable to enumerate devices");
|
||||
+ clean_exit(-1);
|
||||
+ }
|
||||
+
|
||||
+ for (d = alldevs; d != NULL; d = d->next)
|
||||
+ if ((d->addresses) && (d->addresses->addr))
|
||||
+ dev = _strdup(d->name);
|
||||
+
|
||||
+ pcap_freealldevs(alldevs);
|
||||
+
|
||||
+ if (!dev)
|
||||
+ dev = pcap_lookupdev(errbuf);
|
||||
|
||||
return dev;
|
||||
}
|
||||
#if defined(OSF1)
|
||||
|
@ -1,106 +0,0 @@
|
||||
$OpenBSD: patch-ngrep_h,v 1.3 2011/06/18 14:02:38 kili Exp $
|
||||
--- ngrep.h.orig Tue Nov 28 14:38:43 2006
|
||||
+++ ngrep.h Sat Jun 18 14:55:58 2011
|
||||
@@ -7,7 +7,7 @@
|
||||
*
|
||||
*/
|
||||
|
||||
-#define VERSION "1.45"
|
||||
+#define VERSION "1.46-CVS"
|
||||
|
||||
/*
|
||||
* We cache the standard frame sizes here to save us time and
|
||||
@@ -17,12 +17,15 @@
|
||||
#define ETHHDR_SIZE 14
|
||||
#define TOKENRING_SIZE 22
|
||||
#define PPPHDR_SIZE 4
|
||||
+#define PPPOEHDR_SIZE 8
|
||||
#define SLIPHDR_SIZE 16
|
||||
#define RAWHDR_SIZE 0
|
||||
#define LOOPHDR_SIZE 4
|
||||
#define FDDIHDR_SIZE 21
|
||||
#define ISDNHDR_SIZE 16
|
||||
#define IEEE80211HDR_SIZE 32
|
||||
+#define PFLOGHDR_SIZE 48
|
||||
+#define VLANHDR_SIZE 4
|
||||
|
||||
/*
|
||||
* Default patterns for BPF and regular expression filters.
|
||||
@@ -34,8 +37,8 @@
|
||||
#define BPF_FILTER_IP "(ip)"
|
||||
#endif
|
||||
|
||||
-#define BPF_FILTER_OTHER " and ( %s)"
|
||||
-#define BPF_MAIN_FILTER BPF_FILTER_IP BPF_FILTER_OTHER
|
||||
+#define BPF_FILTER_OTHER "( %s) and "
|
||||
+#define BPF_MAIN_FILTER BPF_FILTER_OTHER BPF_FILTER_IP
|
||||
|
||||
#define WORD_REGEX "((^%s\\W)|(\\W%s$)|(\\W%s\\W))"
|
||||
|
||||
@@ -77,25 +80,27 @@ void process(u_char *, struct pcap_pkthdr *, u_char *)
|
||||
|
||||
void version(void);
|
||||
void usage(int8_t);
|
||||
+void update_windowsize(int32_t);
|
||||
void clean_exit(int32_t);
|
||||
|
||||
void dump_packet(struct pcap_pkthdr *, u_char *, uint8_t, unsigned char *, uint32_t,
|
||||
const char *, const char *, uint16_t, uint16_t, uint8_t,
|
||||
uint16_t, uint8_t, uint16_t, uint32_t);
|
||||
|
||||
-void dump_unwrapped(unsigned char *, uint32_t);
|
||||
-void dump_formatted(unsigned char *, uint32_t);
|
||||
-void dump_byline (unsigned char *, uint32_t);
|
||||
+void dump_unwrapped(unsigned char *, uint32_t, uint16_t, uint16_t);
|
||||
+void dump_formatted(unsigned char *, uint32_t, uint16_t, uint16_t);
|
||||
+void dump_byline (unsigned char *, uint32_t, uint16_t, uint16_t);
|
||||
|
||||
void dump_delay_proc_init(struct pcap_pkthdr *);
|
||||
void dump_delay_proc (struct pcap_pkthdr *);
|
||||
|
||||
-int8_t re_match_func (unsigned char *, uint32_t);
|
||||
-int8_t bin_match_func (unsigned char *, uint32_t);
|
||||
-int8_t blank_match_func(unsigned char *, uint32_t);
|
||||
+int8_t re_match_func (unsigned char *, uint32_t, uint16_t *, uint16_t *);
|
||||
+int8_t bin_match_func (unsigned char *, uint32_t, uint16_t *, uint16_t *);
|
||||
+int8_t blank_match_func(unsigned char *, uint32_t, uint16_t *, uint16_t *);
|
||||
|
||||
void print_time_absolute(struct pcap_pkthdr *);
|
||||
void print_time_diff (struct pcap_pkthdr *);
|
||||
+void print_time_offset (struct pcap_pkthdr *);
|
||||
|
||||
char *get_filter_from_string(char *);
|
||||
char *get_filter_from_argv (char **);
|
||||
@@ -103,7 +108,6 @@ char *get_filter_from_argv (char **);
|
||||
uint8_t strishex(char *);
|
||||
|
||||
#if !defined(_WIN32)
|
||||
-void update_windowsize(int32_t);
|
||||
void drop_privs(void);
|
||||
#endif
|
||||
|
||||
@@ -111,6 +115,7 @@ void drop_privs(void);
|
||||
int8_t win32_initwinsock(void);
|
||||
void win32_listdevices(void);
|
||||
char *win32_usedevice(const char *);
|
||||
+char *win32_choosedevice(void);
|
||||
#endif
|
||||
|
||||
|
||||
@@ -120,4 +125,16 @@ struct NGREP_rtaphdr_t {
|
||||
uint16_t it_len;
|
||||
uint32_t it_present;
|
||||
};
|
||||
+
|
||||
+
|
||||
+/*
|
||||
+ * ANSI color/hilite stuff.
|
||||
+ */
|
||||
+
|
||||
+const char ANSI_red[] = "\33[01;31m";
|
||||
+const char ANSI_bold[] = "\33[01m";
|
||||
+
|
||||
+const char *ANSI_hilite = ANSI_red;
|
||||
+const char ANSI_off[] = "\33[00m";
|
||||
+
|
||||
|
Loading…
Reference in New Issue
Block a user