oga's tools
| リビジョン | 876a6023572985e65dd35daabfbd9a799af16259 (tree) |
|---|---|
| 日時 | 2022-05-13 15:07:38 |
| 作者 |  hyperoga <hyperoga@gmai...> |
| コミッター | hyperoga |
update V0.15, V0.16
| @@ -14,6 +14,8 @@ | ||
| 14 | 14 | * 14/10/18 V0.12 support -n, -raw option |
| 15 | 15 | * 14/10/18 V0.13 support time-only format |
| 16 | 16 | * 14/10/23 V0.14 fix last data print, unprintable char proc |
| 17 | + * 22/04/19 V0.15 support latest export format | |
| 18 | + * 22/04/20 V0.16 support -ip -csv | |
| 17 | 19 | * |
| 18 | 20 | */ |
| 19 | 21 |
| @@ -21,12 +23,13 @@ | ||
| 21 | 23 | #include <stdlib.h> |
| 22 | 24 | #include <errno.h> |
| 23 | 25 | #include <string.h> |
| 26 | +#include <ctype.h> /* V0.16-A */ | |
| 24 | 27 | #ifdef _WIN32 |
| 25 | 28 | #include <windows.h> |
| 26 | 29 | #include <sys/utime.h> |
| 27 | 30 | #endif /* _WIN32 */ |
| 28 | 31 | |
| 29 | -#define VER "0.14" | |
| 32 | +#define VER "0.16" | |
| 30 | 33 | |
| 31 | 34 | #define dprintf if (vf) printf |
| 32 | 35 | #define dprintf2 if (vf >= 2) printf |
| @@ -34,6 +37,7 @@ | ||
| 34 | 37 | |
| 35 | 38 | #define MAX_NTCPDATA 200000 |
| 36 | 39 | #define MAX_NPORTID 50000 |
| 40 | +#define MAX_IPLIST 2 /* V0.16-A */ | |
| 37 | 41 | |
| 38 | 42 | #define KEY_TCP "Transmission" |
| 39 | 43 | #define KEY_PKTDATA "0030" |
| @@ -45,6 +49,7 @@ typedef struct _tcpdata { | ||
| 45 | 49 | char srcip[16]; /* xxx.xxx.xxx.xxx */ |
| 46 | 50 | char dstip[16]; /* xxx.xxx.xxx.xxx */ |
| 47 | 51 | char proto[16]; /* protocol */ |
| 52 | + char len[16]; /* length V0.15-A */ | |
| 48 | 53 | char info[100]; |
| 49 | 54 | char portid[12]; /* <port1>-<port2> , port1 < port2 */ |
| 50 | 55 | int srcport; |
| @@ -61,11 +66,15 @@ int portf = 0; /* -port V0.11-A */ | ||
| 61 | 66 | int cnt = 0; /* frm data count */ |
| 62 | 67 | int nportid = 0; /* num of portid */ |
| 63 | 68 | int contf = 0; /* . continue flag V0.12-A V0.14-M */ |
| 69 | +int oldf = 0; /* -oldf old format(no Length) V0.15-A */ | |
| 70 | +int ipcnt = 0; /* -ip ip addr count V0.16-A */ | |
| 71 | +int csvf = 0; /* -csv output csv format V0.16-A */ | |
| 64 | 72 | int max_ntcpdata = MAX_NTCPDATA; /* default num of data V0.11-A */ |
| 65 | 73 | tcpdata_t *tcpdatas = NULL; |
| 66 | 74 | char **portids = NULL; |
| 67 | 75 | char *start_time = "00:00:00.000000"; |
| 68 | 76 | char *end_time = "99:99:99.999999"; |
| 77 | +char iplist[MAX_IPLIST][32]; /* -ip target IP list V0.16-A */ | |
| 69 | 78 | |
| 70 | 79 | /* |
| 71 | 80 | * 不定長のデータをコピーし、次のデータ項目に位置づける |
| @@ -124,6 +133,11 @@ void GetSummary(char *buf, tcpdata_t *tcpdatp) | ||
| 124 | 133 | CopyWord(tcpdatp->srcip, sizeof(tcpdatp->srcip), &pt, ' '); /* copy source ip */ |
| 125 | 134 | CopyWord(tcpdatp->dstip, sizeof(tcpdatp->dstip), &pt, ' '); /* copy dest ip */ |
| 126 | 135 | CopyWord(tcpdatp->proto, sizeof(tcpdatp->proto), &pt, ' '); /* copy protocol */ |
| 136 | + /* V0.15-A start */ | |
| 137 | + if (!oldf) { | |
| 138 | + CopyWord(tcpdatp->len, sizeof(tcpdatp->len), &pt, ' '); /* copy length */ | |
| 139 | + } | |
| 140 | + /* V0.15-A end */ | |
| 127 | 141 | CopyWord(tcpdatp->info, sizeof(tcpdatp->info), &pt, '\n'); /* copy info */ |
| 128 | 142 | /* V0.11-A start */ |
| 129 | 143 | if (tcpdatp->info[strlen(tcpdatp->info)-1] == 0x0d) { |
| @@ -140,16 +154,33 @@ void GetPortNo(char *buf, tcpdata_t *tcpdatp) | ||
| 140 | 154 | { |
| 141 | 155 | char *pt = buf; |
| 142 | 156 | |
| 143 | - /* search source port */ | |
| 144 | - pt = strchr(pt, '('); | |
| 145 | - if (pt) { | |
| 146 | - tcpdatp->srcport = atoi(++pt); | |
| 147 | - } | |
| 148 | - /* search dest port */ | |
| 149 | - pt = strchr(pt, '('); | |
| 150 | - if (pt) { | |
| 151 | - tcpdatp->dstport = atoi(++pt); | |
| 152 | - } | |
| 157 | + dprintf3("### Start GetPortNo\n"); | |
| 158 | + | |
| 159 | + if (oldf) { /* V0.15-A */ | |
| 160 | + /* search source port */ | |
| 161 | + pt = strchr(pt, '('); | |
| 162 | + if (pt) { | |
| 163 | + tcpdatp->srcport = atoi(++pt); | |
| 164 | + } | |
| 165 | + /* search dest port */ | |
| 166 | + pt = strchr(pt, '('); | |
| 167 | + if (pt) { | |
| 168 | + tcpdatp->dstport = atoi(++pt); | |
| 169 | + } | |
| 170 | + } else { /* V0.15-A start */ | |
| 171 | + /* search source port */ | |
| 172 | + pt = strstr(pt, "Src Port:"); | |
| 173 | + if (pt) { | |
| 174 | + pt += 10; | |
| 175 | + tcpdatp->srcport = atoi(pt); | |
| 176 | + } | |
| 177 | + /* search dest port */ | |
| 178 | + pt = strstr(pt, "Dst Port:"); | |
| 179 | + if (pt) { | |
| 180 | + pt += 10; | |
| 181 | + tcpdatp->dstport = atoi(pt); | |
| 182 | + } | |
| 183 | + } /* V0.15-A end */ | |
| 153 | 184 | |
| 154 | 185 | /* search Seq number */ |
| 155 | 186 | pt = strstr(pt, "Seq:"); |
| @@ -163,6 +194,8 @@ void GetPortNo(char *buf, tcpdata_t *tcpdatp) | ||
| 163 | 194 | pt += 5; |
| 164 | 195 | tcpdatp->ack = atoi(pt); |
| 165 | 196 | } |
| 197 | + | |
| 198 | + dprintf3("### end GetPortNo\n"); | |
| 166 | 199 | } |
| 167 | 200 | |
| 168 | 201 | /* |
| @@ -266,7 +299,7 @@ void GetPktData(char *ibuf, tcpdata_t *tcpdatp, FILE *fp) | ||
| 266 | 299 | strcpy(buf, ibuf); |
| 267 | 300 | contf = 0; /* V0.14-A */ |
| 268 | 301 | do { |
| 269 | - if (strlen(buf) >= 8) { | |
| 302 | + if (strlen(buf) >= 8 && buf[4] == ' ') { /* V0.15-C */ | |
| 270 | 303 | /* 0000 00 01 02 03... */ |
| 271 | 304 | hex2str(&buf[6], wkstr); |
| 272 | 305 | if (vf) printf("buf:[%s]=>wkstr:[%s]\n", buf, wkstr); |
| @@ -311,8 +344,43 @@ void PrintTcpDat(tcpdata_t *tcpdatp) | ||
| 311 | 344 | printf("@@@@@ [%s]\n", tcpdatp->pktdata); fflush(stdout); |
| 312 | 345 | printf("@@@@@ end\n"); fflush(stdout); |
| 313 | 346 | } |
| 347 | + /* V0.16-A start */ | |
| 348 | + if (ipcnt) { | |
| 349 | + if (ipcnt == 1) { | |
| 350 | + /* allow specified ip */ | |
| 351 | + if (strcmp(tcpdatp->srcip, iplist[0]) && strcmp(tcpdatp->dstip, iplist[0])) { | |
| 352 | + if (vf) fflush(stdout); | |
| 353 | + return; | |
| 354 | + } | |
| 355 | + } else if (ipcnt == 2) { | |
| 356 | + if (!strcmp(tcpdatp->srcip, iplist[0]) && !strcmp(tcpdatp->dstip, iplist[1]) || | |
| 357 | + !strcmp(tcpdatp->srcip, iplist[1]) && !strcmp(tcpdatp->dstip, iplist[0])) { | |
| 358 | + /* allow specified ip pair */ | |
| 359 | + } else { | |
| 360 | + if (vf )fflush(stdout); | |
| 361 | + return; | |
| 362 | + } | |
| 363 | + } | |
| 364 | + } | |
| 365 | + /* V0.16-A end */ | |
| 366 | + | |
| 314 | 367 | /* No date time portid src(port) dst(port) protocol Seq Ack info pktdat */ |
| 315 | - printf("%7d %s %s %11s %15s(%5d) %15s(%5d) Seq:%5u Ack:%5u %8s %s", | |
| 368 | + if (csvf) { /* V0.16-A start */ | |
| 369 | + printf("%7d,%s,%s,%11s,%15s(%5d),%15s(%5d),Seq:%5u,Ack:%5u,%8s,%s", | |
| 370 | + tcpdatp->frmno, | |
| 371 | + tcpdatp->date, | |
| 372 | + tcpdatp->time, | |
| 373 | + tcpdatp->portid, | |
| 374 | + tcpdatp->srcip, | |
| 375 | + tcpdatp->srcport, | |
| 376 | + tcpdatp->dstip, | |
| 377 | + tcpdatp->dstport, | |
| 378 | + tcpdatp->seq, /* option */ | |
| 379 | + tcpdatp->ack, /* option */ | |
| 380 | + tcpdatp->proto, | |
| 381 | + tcpdatp->info); | |
| 382 | + } else { /* V0.16-A end */ | |
| 383 | + printf("%7d %s %s %11s %15s(%5d) %15s(%5d) Seq:%5u Ack:%5u %8s %s", | |
| 316 | 384 | tcpdatp->frmno, |
| 317 | 385 | tcpdatp->date, |
| 318 | 386 | tcpdatp->time, |
| @@ -325,8 +393,14 @@ void PrintTcpDat(tcpdata_t *tcpdatp) | ||
| 325 | 393 | tcpdatp->ack, /* option */ |
| 326 | 394 | tcpdatp->proto, |
| 327 | 395 | tcpdatp->info); |
| 396 | + } /* V0.16-A */ | |
| 397 | + | |
| 328 | 398 | if (tcpdatp->pktdata) { |
| 329 | - printf(" [%s]\n", tcpdatp->pktdata); | |
| 399 | + if (csvf) { /* V0.16-A */ | |
| 400 | + printf(",[%s]\n", tcpdatp->pktdata); /* V0.16-A */ | |
| 401 | + } else { /* V0.16-A */ | |
| 402 | + printf(" [%s]\n", tcpdatp->pktdata); | |
| 403 | + } /* V0.16-A */ | |
| 330 | 404 | } else { |
| 331 | 405 | printf("\n"); |
| 332 | 406 | } |
| @@ -350,6 +424,7 @@ void ReadTcpFile(char *fname) | ||
| 350 | 424 | newdata = 0; |
| 351 | 425 | while(fgets(buf, sizeof(buf), fp)) { |
| 352 | 426 | if (!strncmp(buf, "No.", 3)) { |
| 427 | + dprintf3("### read packet: %s", buf); /* V0.15-A */ | |
| 353 | 428 | newdata = 1; |
| 354 | 429 | if (tcpdat.frmno > 0) { /* 1回目は出力されないようにする */ |
| 355 | 430 | /* 前回データの登録 (for -port) */ |
| @@ -407,12 +482,18 @@ void DispByEachPortid() | ||
| 407 | 482 | void usage() |
| 408 | 483 | { |
| 409 | 484 | printf("tcpan ver. %s\n", VER); |
| 410 | - printf("usage: tcpan [-port] [-raw] [-n] [-s <start_time>] [-e <end_time>] <wireshark_exp_file.txt>\n"); | |
| 485 | + printf("usage: tcpan [-port] [-raw] [-n] [-oldf] [-csv]\n"); | |
| 486 | + printf(" [-s <start_time>] [-e <end_time>]\n"); | |
| 487 | + printf(" [-ip <ip_addr1> [-ip <ip_addr2>]]\n"); | |
| 488 | + printf(" <wireshark_exp_file.txt>\n"); | |
| 411 | 489 | printf(" -port: disp each communication port.\n"); |
| 412 | 490 | printf(" -raw : output raw packet data.\n"); |
| 491 | + printf(" -ip : filter by ip addr.\n"); /* V0.16-A */ | |
| 413 | 492 | printf(" -n : allocates memory by num of data.\n"); |
| 414 | 493 | printf(" -s : start time. (%s)\n", start_time); |
| 415 | 494 | printf(" -e : end time. (%s)\n", end_time); |
| 495 | + printf(" -oldf: old input file format (no Length)\n"); /* V0.15-A */ | |
| 496 | + printf(" -csv : output csv format\n"); /* V0.16-A */ | |
| 416 | 497 | printf(" Wireshark Export Option\n"); |
| 417 | 498 | printf(" [File]=>[Export]=>[File]\n"); |
| 418 | 499 | printf(" [v]Packet summary line\n"); |
| @@ -438,6 +519,23 @@ int main(int a, char *b[]) | ||
| 438 | 519 | continue; |
| 439 | 520 | } |
| 440 | 521 | /* V0.11-A end */ |
| 522 | + /* V0.15-A start */ | |
| 523 | + if (!strcmp(b[i], "-oldf")) { | |
| 524 | + oldf = 1; | |
| 525 | + continue; | |
| 526 | + } | |
| 527 | + /* V0.15-A end */ | |
| 528 | + /* V0.16-A start */ | |
| 529 | + if (!strcmp(b[i], "-ip") && a > i+1) { | |
| 530 | + if (ipcnt >= 2) usage(); | |
| 531 | + strcpy(iplist[ipcnt++], b[++i]); | |
| 532 | + continue; | |
| 533 | + } | |
| 534 | + if (!strcmp(b[i], "-csv")) { | |
| 535 | + csvf = 1; | |
| 536 | + continue; | |
| 537 | + } | |
| 538 | + /* V0.16-A end */ | |
| 441 | 539 | if (!strcmp(b[i], "-v")) { |
| 442 | 540 | ++vf; |
| 443 | 541 | continue; |
Fork
tcpan.c