mirror of
https://github.com/zeek/zeek.git
synced 2025-10-05 16:18:19 +00:00
Change default snaplen to 65535, add -l/--snaplen command line option.
Addresses #447.
This commit is contained in:
Jon Siwek
parent
005b1505b8
commit
0ae1d8a359
2 changed files with 11 additions and 5 deletions
|
|
@ -19,7 +19,7 @@
|
||||||
#include <pcap-int.h>
|
#include <pcap-int.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
int snaplen = 8192; // really want "capture entire packet"
|
int snaplen = 65535; // really want "capture entire packet"
|
||||||
|
|
||||||
|
|
||||||
PktSrc::PktSrc()
|
PktSrc::PktSrc()
|
||||||
|
|
@ -492,7 +492,7 @@ PktInterfaceSrc::PktInterfaceSrc(const char* arg_interface, const char* filter,
|
||||||
// Couldn't get header size.
|
// Couldn't get header size.
|
||||||
return;
|
return;
|
||||||
|
|
||||||
reporter->Info("listening on %s\n", interface);
|
reporter->Info("listening on %s, capture size %i bytes\n", interface, snaplen);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
closed = true;
|
closed = true;
|
||||||
|
|
|
||||||
12
src/main.cc
12
src/main.cc
|
|
@ -98,6 +98,7 @@ extern char version[];
|
||||||
char* command_line_policy = 0;
|
char* command_line_policy = 0;
|
||||||
vector<string> params;
|
vector<string> params;
|
||||||
char* proc_status_file = 0;
|
char* proc_status_file = 0;
|
||||||
|
extern int snaplen;
|
||||||
|
|
||||||
int FLAGS_use_binpac = false;
|
int FLAGS_use_binpac = false;
|
||||||
|
|
||||||
|
|
@ -145,7 +146,7 @@ void usage()
|
||||||
fprintf(stderr, " -g|--dump-config | dump current config into .state dir\n");
|
fprintf(stderr, " -g|--dump-config | dump current config into .state dir\n");
|
||||||
fprintf(stderr, " -h|--help|-? | command line help\n");
|
fprintf(stderr, " -h|--help|-? | command line help\n");
|
||||||
fprintf(stderr, " -i|--iface <interface> | read from given interface\n");
|
fprintf(stderr, " -i|--iface <interface> | read from given interface\n");
|
||||||
fprintf(stderr, " -Z|--doc-scripts | generate documentation for all loaded scripts\n");
|
fprintf(stderr, " -l|--snaplen <snaplen> | number of bytes per packet to capture from interfaces (default 65535)\n");
|
||||||
fprintf(stderr, " -p|--prefix <prefix> | add given prefix to policy file resolution\n");
|
fprintf(stderr, " -p|--prefix <prefix> | add given prefix to policy file resolution\n");
|
||||||
fprintf(stderr, " -r|--readfile <readfile> | read from given tcpdump file\n");
|
fprintf(stderr, " -r|--readfile <readfile> | read from given tcpdump file\n");
|
||||||
fprintf(stderr, " -y|--flowfile <file>[=<ident>] | read from given flow file\n");
|
fprintf(stderr, " -y|--flowfile <file>[=<ident>] | read from given flow file\n");
|
||||||
|
|
@ -172,6 +173,7 @@ void usage()
|
||||||
fprintf(stderr, " -T|--re-level <level> | set 'RE_level' for rules\n");
|
fprintf(stderr, " -T|--re-level <level> | set 'RE_level' for rules\n");
|
||||||
fprintf(stderr, " -U|--status-file <file> | Record process status in file\n");
|
fprintf(stderr, " -U|--status-file <file> | Record process status in file\n");
|
||||||
fprintf(stderr, " -W|--watchdog | activate watchdog timer\n");
|
fprintf(stderr, " -W|--watchdog | activate watchdog timer\n");
|
||||||
|
fprintf(stderr, " -Z|--doc-scripts | generate documentation for all loaded scripts\n");
|
||||||
|
|
||||||
#ifdef USE_PERFTOOLS
|
#ifdef USE_PERFTOOLS
|
||||||
fprintf(stderr, " -m|--mem-leaks | show leaks [perftools]\n");
|
fprintf(stderr, " -m|--mem-leaks | show leaks [perftools]\n");
|
||||||
|
|
@ -367,7 +369,7 @@ int main(int argc, char** argv)
|
||||||
{"filter", required_argument, 0, 'f'},
|
{"filter", required_argument, 0, 'f'},
|
||||||
{"help", no_argument, 0, 'h'},
|
{"help", no_argument, 0, 'h'},
|
||||||
{"iface", required_argument, 0, 'i'},
|
{"iface", required_argument, 0, 'i'},
|
||||||
{"print-scripts", no_argument, 0, 'l'},
|
{"snaplen", required_argument, 0, 'l'},
|
||||||
{"doc-scripts", no_argument, 0, 'Z'},
|
{"doc-scripts", no_argument, 0, 'Z'},
|
||||||
{"prefix", required_argument, 0, 'p'},
|
{"prefix", required_argument, 0, 'p'},
|
||||||
{"readfile", required_argument, 0, 'r'},
|
{"readfile", required_argument, 0, 'r'},
|
||||||
|
|
@ -441,7 +443,7 @@ int main(int argc, char** argv)
|
||||||
opterr = 0;
|
opterr = 0;
|
||||||
|
|
||||||
char opts[256];
|
char opts[256];
|
||||||
safe_strncpy(opts, "B:D:e:f:I:i:K:n:p:R:r:s:T:t:U:w:x:X:y:Y:z:CFGLOPSWbdghvZ",
|
safe_strncpy(opts, "B:D:e:f:I:i:K:l:n:p:R:r:s:T:t:U:w:x:X:y:Y:z:CFGLOPSWbdghvZ",
|
||||||
sizeof(opts));
|
sizeof(opts));
|
||||||
|
|
||||||
#ifdef USE_PERFTOOLS
|
#ifdef USE_PERFTOOLS
|
||||||
|
|
@ -476,6 +478,10 @@ int main(int argc, char** argv)
|
||||||
interfaces.append(optarg);
|
interfaces.append(optarg);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'l':
|
||||||
|
snaplen = atoi(optarg);
|
||||||
|
break;
|
||||||
|
|
||||||
case 'p':
|
case 'p':
|
||||||
prefixes.append(optarg);
|
prefixes.append(optarg);
|
||||||
break;
|
break;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue