Initial import of svn+ssh:://svn.icir.org/bro/trunk/bro as of r7088

2025-10-10 02:28:21 +00:00 · 2010-09-27 20:42:30 -07:00 · 2010-09-27 20:42:30 -07:00 · 61757ac78b
commit 61757ac78b
1383 changed files with 380824 additions and 0 deletions
--- a/src/PacketDumper.cc
+++ b/src/PacketDumper.cc
@ -0,0 +1,44 @@
+// $Id:$
+//
+// See the file "COPYING" in the main distribution directory for copyright.
+
+
+#include "config.h"
+
+#include <assert.h>
+#include <stdlib.h>
+
+#include "Event.h"
+#include "Net.h"
+#include "PacketDumper.h"
+
+PacketDumper::PacketDumper(pcap_dumper_t* arg_pkt_dump)
+	{
+	last_timestamp.tv_sec = last_timestamp.tv_usec = 0;
+
+	pkt_dump = arg_pkt_dump;
+	if ( ! pkt_dump )
+		internal_error("PacketDumper: nil dump file");
+	}
+
+void PacketDumper::DumpPacket(const struct pcap_pkthdr* hdr,
+				const u_char* pkt, int len)
+	{
+	if ( pkt_dump )
+		{
+		struct pcap_pkthdr h = *hdr;
+		h.caplen = len;
+		if ( h.caplen > hdr->caplen )
+			internal_error("bad modified caplen");
+
+		pcap_dump((u_char*) pkt_dump, &h, pkt);
+		}
+	}
+
+void PacketDumper::SortTimeStamp(struct timeval* timestamp)
+	{
+	if ( time_compare(&last_timestamp, timestamp) > 0 )
+		*timestamp = last_timestamp;
+	else
+		last_timestamp = *timestamp;
+	}