[openfirmware] r1379 - ofw/inet
svn at openfirmware.info
svn at openfirmware.info
Fri Sep 25 03:46:29 CEST 2009
Author: wmb
Date: 2009-09-25 03:46:29 +0200 (Fri, 25 Sep 2009)
New Revision: 1379
Added:
ofw/inet/capture.fth
Modified:
ofw/inet/ethernet.fth
ofw/inet/loadpkg.fth
Log:
Added "capture" feature for Ethernet packet logging in pcap format,
viewable by tcpdump and wireshark. Thanks to Luke Gorrie.
Added: ofw/inet/capture.fth
===================================================================
--- ofw/inet/capture.fth (rev 0)
+++ ofw/inet/capture.fth 2009-09-25 01:46:29 UTC (rev 1379)
@@ -0,0 +1,105 @@
+\ See license at end of file
+purpose: Capture ethernet packets into PCAP-format trace files
+\ PCAP is the file format used by tcpdump and wireshark etc.
+\ Spec: http://wiki.wireshark.org/Development/LibpcapFileFormat
+
+\ NOTE: This program does not economise on calls to fputs. should it?
+
+headerless
+
+0 value capture-file
+d# 64 value capture-length
+0 value #captured
+
+\ Write n-byte integers in host byte order. there's probably a simpler way..
+variable buffer
+: write32 ( u -- ) buffer ! buffer 4 capture-file fputs ;
+: write16 ( u -- ) buffer w! buffer 2 capture-file fputs ;
+
+: snaplen ( len -- snaplen ) capture-length min ;
+: write-seconds ( ms -- ) d# 1000 / write32 ;
+: write-microseconds ( ms -- ) d# 1000 mod d# 1000 * write32 ;
+: write-timestamp ( -- ) get-msecs dup write-seconds write-microseconds ;
+
+: write-packet ( adr len -- )
+ write-timestamp ( adr len )
+ dup snaplen write32 ( adr len )
+ dup write32 ( adr len )
+ snaplen capture-file fputs ( )
+;
+
+: capture-packet ( adr len -- adr len )
+ 2dup write-packet ( adr len )
+ #captured 1+ to #captured ( adr len )
+;
+
+: install-hooks ( -- )
+ ['] capture-packet to send-ethernet-packet-hook
+ ['] capture-packet to receive-ethernet-packet-hook
+;
+
+: uninstall-hooks ( -- )
+ ['] noop to send-ethernet-packet-hook
+ ['] noop to receive-ethernet-packet-hook
+;
+
+headers
+
+: stop-capture ( -- )
+ capture-file close-file
+ 0 to capture-file
+ uninstall-hooks
+;
+
+: start-capture ( fileid -- )
+ to capture-file
+ 0 to #captured
+ h# a1b2c3d4 write32 \ magic (host byte order)
+ 2 write16 \ major version
+ 4 write16 \ minor version
+ 0 write32 \ gmt offset - ignore
+ 0 write32 \ timestamp accuracy - ignore
+ capture-length write32 \ per-packet capture length
+ 1 write32 \ data link type (1 = ethernet)
+ install-hooks
+;
+
+also forth definitions
+: capture ( "file" -- )
+ safe-parse-word r/w create-file abort" couldn't create capture file"
+ start-capture
+;
+
+: .capture ( -- )
+ capture-file if
+ ." Capture enabled: " #captured . ." packet(s) captured." cr
+ else
+ ." Capture not enabled"
+ then
+;
+previous definitions
+
+\ LICENSE_BEGIN
+\ Copyright (c) 2009 Luke Gorrie
+\
+\ Permission is hereby granted, free of charge, to any person obtaining
+\ a copy of this software and associated documentation files (the
+\ "Software"), to deal in the Software without restriction, including
+\ without limitation the rights to use, copy, modify, merge, publish,
+\ distribute, sublicense, and/or sell copies of the Software, and to
+\ permit persons to whom the Software is furnished to do so, subject to
+\ the following conditions:
+\
+\ The above copyright notice and this permission notice shall be
+\ included in all copies or substantial portions of the Software.
+\
+\ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+\ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+\ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+\ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+\ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+\ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+\ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+\
+\ LICENSE_END
+
Modified: ofw/inet/ethernet.fth
===================================================================
--- ofw/inet/ethernet.fth 2009-09-25 01:44:24 UTC (rev 1378)
+++ ofw/inet/ethernet.fth 2009-09-25 01:46:29 UTC (rev 1379)
@@ -10,6 +10,9 @@
0 instance value (link-mtu) \ max packet size
0 instance value packet-buffer
+defer send-ethernet-packet-hook ' noop is send-ethernet-packet-hook
+defer receive-ethernet-packet-hook ' noop is receive-ethernet-packet-hook
+
\ Determine the Ethernet address for his-ip-addr
instance defer resolve-en-addr ( 'dest-adr type -- 'en-adr type )
\ will be set later
@@ -115,6 +118,8 @@
pause
packet-buffer link-mtu " read" $call-parent ( type length|-error )
dup 0> if ( type length )
+ packet-buffer swap ( type packet length )
+ receive-ethernet-packet-hook nip ( type length )
select-ethernet-header ( type length )
over en-type xw@ = if ( type length )
nip /ether-header payload false exit ( adr len false )
@@ -146,7 +151,9 @@
en-type xw! ( data-len )
my-en-addr en-source-addr copy-en-addr ( data-len )
- the-struct swap /ether-header + tuck " write" $call-parent ( len actual )
+ the-struct swap /ether-header + ( data-adr data-len )
+ send-ethernet-packet-hook ( data-adr data-len )
+ tuck " write" $call-parent ( len actual )
<> if ." Network transmit error" cr then
;
Modified: ofw/inet/loadpkg.fth
===================================================================
--- ofw/inet/loadpkg.fth 2009-09-25 01:44:24 UTC (rev 1378)
+++ ofw/inet/loadpkg.fth 2009-09-25 01:46:29 UTC (rev 1379)
@@ -16,3 +16,4 @@
fload ${BP}/ofw/inet/attr-ip.fth \ Save IP info in /chosen
fload ${BP}/ofw/inet/encdec.fth \ Packet encoding/decoding primitives
fload ${BP}/ofw/inet/dns.fth \ Domain name resolver (RFC1034/5)
+fload ${BP}/ofw/inet/capture.fth \ Packet capture to PCAP files
More information about the openfirmware
mailing list