Hello,
the attached patch is an attempt to get remote pcap working on macOS (and other
Unix'ish operating systems).
I then rebuild Wireshark and managed to configure a remote capture session.
Unfortunately
I don't have an AP or other testdevice available right now. I *may* find a
chance and time
on Friday to test this with an Extremenetworks AP.
What this patch does:
- Move remote-ext.h to pcap/remote-ext.h (plus necessary autotools changes):
Inside pcap/ is a more consistent place to put it.
- Fix a small typo in a comment in remote-ext.h
- Add the necessary autotools changes for --enable-rpcap to compile and link.
With that said: When I open the rpcap dialog in Wireshark, I get an error
message
but Wireshark continues without crashing:
(process:93925): GLib-CRITICAL **: guint g_hash_table_size(GHashTable *):
assertion `hash_table != NULL' failed
But that is most likely a Wireshark issue.
While I'm at it: Does anyone know of a working rpcap server on Unix?
Please consider adding this patch (or maybe something inspired by it :-)
If not, please let me know what is missing to get rpcap support on Unix.
Thanks
Jörg
--
Joerg Mayer <jma...@loplof.de>
We are stuck with technology when what we really want is just stuff that
works. Some say that should read Microsoft instead of technology.
>From 839e665b9f7240ac26a3dcbaebeae8dc0ed8c774 Mon Sep 17 00:00:00 2001
From: Joerg Mayer <jma...@loplof.de>
Date: Fri, 28 Oct 2016 10:12:20 +0200
Subject: [PATCH] Support building with rpcap (--enable-rpcap)
Signed-off-by: Joerg Mayer <jma...@loplof.de>
---
Makefile.in | 5 +++--
config.h.in | 3 +++
configure | 19 +++++++++++++++++++
configure.ac | 11 +++++++++++
pcap/pcap.h | 2 +-
remote-ext.h => pcap/remote-ext.h | 2 +-
6 files changed, 38 insertions(+), 4 deletions(-)
rename remote-ext.h => pcap/remote-ext.h (99%)
diff --git a/Makefile.in b/Makefile.in
index 7044f04..eba68dd 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -79,7 +79,8 @@ YACC = @YACC@
@rm -f $@
$(CC) $(FULL_CFLAGS) -c $(srcdir)/$*.c
-PSRC = pcap-@V_PCAP@.c @USB_SRC@ @BT_SRC@ @BT_MONITOR_SRC@ @NETFILTER_SRC@
@DBUS_SRC@
+PSRC = pcap-@V_PCAP@.c @USB_SRC@ @BT_SRC@ @BT_MONITOR_SRC@ @NETFILTER_SRC@ \
+ @DBUS_SRC@ @RPCAP_SRC@
FSRC = @V_FINDALLDEVS@
SSRC = @SSRC@
CSRC = pcap.c inet.c gencode.c optimize.c nametoaddr.c \
@@ -106,6 +107,7 @@ PUBHDR = \
pcap/namedb.h \
pcap/nflog.h \
pcap/pcap.h \
+ pcap/remote-ext.h \
pcap/sll.h \
pcap/vlan.h \
pcap/usb.h
@@ -345,7 +347,6 @@ EXTRA_DIST = \
pcap-usb-linux.c \
pcap-usb-linux.h \
pcap-win32.c \
- remote-ext.h \
sockutils.c \
sockutils.h \
scanner.l \
diff --git a/config.h.in b/config.h.in
index 7f6115d..b02873e 100644
--- a/config.h.in
+++ b/config.h.in
@@ -127,6 +127,9 @@
/* define if net/pfvar.h defines PF_NAT through PF_NORDR */
#undef HAVE_PF_NAT_THROUGH_PF_NORDR
+/* enable remote capture protocol support */
+#undef HAVE_REMOTE
+
/* define if you have the Septel API */
#undef HAVE_SEPTEL_API
diff --git a/configure b/configure
index 7af37bc..4842b6d 100755
--- a/configure
+++ b/configure
@@ -623,6 +623,7 @@ ac_subst_vars='LTLIBOBJS
INSTALL_DATA
INSTALL_SCRIPT
INSTALL_PROGRAM
+RPCAP_SRC
PCAP_SUPPORT_PACKET_RING
DBUS_SRC
PCAP_SUPPORT_DBUS
@@ -752,6 +753,7 @@ enable_usb
enable_bluetooth
enable_dbus
enable_packet_ring
+enable_rpcap
'
ac_precious_vars='build_alias
host_alias
@@ -1392,6 +1394,7 @@ Optional Features:
--enable-dbus enable D-Bus capture support [default=yes, if
support available]
--enable-packet-ring enable Linux packet ring support [default=yes]
+ --enable-rpcap enable remote capture protocol support [default=no]
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
@@ -8956,6 +8959,22 @@ $as_echo "#define PCAP_SUPPORT_PACKET_RING 1"
>>confdefs.h
fi
+# Check whether --enable-rpcap was given.
+if test "${enable_rpcap+set}" = set; then :
+ enableval=$enable_rpcap;
+else
+ enable_rpcap=no
+fi
+
+
+if test "x$enable_rpcap" != "xno" ; then
+
+$as_echo "#define HAVE_REMOTE 1" >>confdefs.h
+
+ RPCAP_SRC="pcap-new.c pcap-rpcap.c sockutils.c"
+
+fi
+
# Find a good install program. We prefer a C program (faster),
# so one script is as good as another. But avoid the broken or
# incompatible versions:
diff --git a/configure.ac b/configure.ac
index a2b31d4..6f5fd5d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1817,6 +1817,17 @@ if test "x$enable_packet_ring" != "xno" ; then
AC_SUBST(PCAP_SUPPORT_PACKET_RING)
fi
+dnl Support remote capture
+AC_ARG_ENABLE([rpcap],
+[AC_HELP_STRING([--enable-rpcap],[enable remote capture protocol support
@<:@default=no@:>@])],
+,enable_rpcap=no)
+
+if test "x$enable_rpcap" != "xno" ; then
+ AC_DEFINE(HAVE_REMOTE, 1, [enable remote capture protocol support])
+ RPCAP_SRC="pcap-new.c pcap-rpcap.c sockutils.c"
+ AC_SUBST(RPCAP_SRC)
+fi
+
AC_PROG_INSTALL
AC_CONFIG_HEADER(config.h)
diff --git a/pcap/pcap.h b/pcap/pcap.h
index 36606ac..1bce5ce 100644
--- a/pcap/pcap.h
+++ b/pcap/pcap.h
@@ -528,7 +528,7 @@ PCAP_API void bpf_dump(const struct bpf_program *,
int);
#ifdef HAVE_REMOTE
/* Includes most of the public stuff that is needed for the remote capture */
- #include <remote-ext.h>
+ #include <pcap/remote-ext.h>
#endif /* HAVE_REMOTE */
#ifdef __cplusplus
diff --git a/remote-ext.h b/pcap/remote-ext.h
similarity index 99%
rename from remote-ext.h
rename to pcap/remote-ext.h
index ed2f9bb..00d8e3f 100644
--- a/remote-ext.h
+++ b/pcap/remote-ext.h
@@ -51,7 +51,7 @@ extern "C" {
/*
* \file remote-ext.h
*
- * The goal of this file it to include most of the new definitions that should
be
+ * The goal of this file is to include most of the new definitions that should
be
* placed into the pcap.h file.
*
* It includes all new definitions (structures and functions like pcap_open().
--
2.10.1 (Apple Git-78)
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
