Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-05 08:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge remote branch 'origin/topic/jsiwek/snaplen'

Browse source 
* origin/topic/jsiwek/snaplen:
  Change default snaplen to 65535, add -l/--snaplen command line option.

Closes #447.
This commit is contained in:
Robin Sommer 2011-09-04 08:32:37 -07:00
commit ccad24b685
3 changed files with 14 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/Net.h
View file

@ -75,6 +75,9 @@ extern bool terminating;
// True if the remote serializer is to be activated. // True if the remote serializer is to be activated.
extern bool using_communication; extern bool using_communication;
// Snaplen passed to libpcap.
extern int snaplen;
extern const struct pcap_pkthdr* current_hdr; extern const struct pcap_pkthdr* current_hdr;
extern const u_char* current_pkt; extern const u_char* current_pkt;
extern int current_dispatched; extern int current_dispatched;

5
src/PktSrc.cc
View file

@ -19,9 +19,6 @@
#include <pcap-int.h> #include <pcap-int.h>
#endif #endif
int snaplen = 8192; // really want "capture entire packet"
PktSrc::PktSrc() PktSrc::PktSrc()
{ {
interface = readfile = 0; interface = readfile = 0;
@ -492,7 +489,7 @@ PktInterfaceSrc::PktInterfaceSrc(const char* arg_interface, const char* filter,
// Couldn't get header size. // Couldn't get header size.
return; return;
reporter->Info("listening on %s\n", interface); reporter->Info("listening on %s, capture length %d bytes\n", interface, snaplen);
} }
else else
closed = true; closed = true;

14
src/main.cc
View file

@ -98,6 +98,7 @@ extern char version[];
char* command_line_policy = 0; char* command_line_policy = 0;
vector<string> params; vector<string> params;
char* proc_status_file = 0; char* proc_status_file = 0;
int snaplen = 65535; // really want "capture entire packet"
int FLAGS_use_binpac = false; int FLAGS_use_binpac = false;
@ -145,7 +146,7 @@ void usage()
fprintf(stderr, " -g|--dump-config | dump current config into .state dir\n"); fprintf(stderr, " -g|--dump-config | dump current config into .state dir\n");
fprintf(stderr, " -h|--help|-? | command line help\n"); fprintf(stderr, " -h|--help|-? | command line help\n");
fprintf(stderr, " -i|--iface <interface> | read from given interface\n"); fprintf(stderr, " -i|--iface <interface> | read from given interface\n");
fprintf(stderr, " -Z|--doc-scripts | generate documentation for all loaded scripts\n"); fprintf(stderr, " -l|--snaplen <snaplen> | number of bytes per packet to capture from interfaces (default 65535)\n");
fprintf(stderr, " -p|--prefix <prefix> | add given prefix to policy file resolution\n"); fprintf(stderr, " -p|--prefix <prefix> | add given prefix to policy file resolution\n");
fprintf(stderr, " -r|--readfile <readfile> | read from given tcpdump file\n"); fprintf(stderr, " -r|--readfile <readfile> | read from given tcpdump file\n");
fprintf(stderr, " -y|--flowfile <file>[=<ident>] | read from given flow file\n"); fprintf(stderr, " -y|--flowfile <file>[=<ident>] | read from given flow file\n");
@ -172,6 +173,7 @@ void usage()
fprintf(stderr, " -T|--re-level <level> | set 'RE_level' for rules\n"); fprintf(stderr, " -T|--re-level <level> | set 'RE_level' for rules\n");
fprintf(stderr, " -U|--status-file <file> | Record process status in file\n"); fprintf(stderr, " -U|--status-file <file> | Record process status in file\n");
fprintf(stderr, " -W|--watchdog | activate watchdog timer\n"); fprintf(stderr, " -W|--watchdog | activate watchdog timer\n");
fprintf(stderr, " -Z|--doc-scripts | generate documentation for all loaded scripts\n");
#ifdef USE_PERFTOOLS #ifdef USE_PERFTOOLS
fprintf(stderr, " -m|--mem-leaks | show leaks [perftools]\n"); fprintf(stderr, " -m|--mem-leaks | show leaks [perftools]\n");
@ -367,7 +369,7 @@ int main(int argc, char** argv)
{"filter", required_argument, 0, 'f'}, {"filter", required_argument, 0, 'f'},
{"help", no_argument, 0, 'h'}, {"help", no_argument, 0, 'h'},
{"iface", required_argument, 0, 'i'}, {"iface", required_argument, 0, 'i'},
{"print-scripts", no_argument, 0, 'l'}, {"snaplen", required_argument, 0, 'l'},
{"doc-scripts", no_argument, 0, 'Z'}, {"doc-scripts", no_argument, 0, 'Z'},
{"prefix", required_argument, 0, 'p'}, {"prefix", required_argument, 0, 'p'},
{"readfile", required_argument, 0, 'r'}, {"readfile", required_argument, 0, 'r'},
@ -441,7 +443,7 @@ int main(int argc, char** argv)
opterr = 0; opterr = 0;
char opts[256]; char opts[256];
safe_strncpy(opts, "B:D:e:f:I:i:K:n:p:R:r:s:T:t:U:w:x:X:y:Y:z:CFGLOPSWbdghvZ", safe_strncpy(opts, "B:D:e:f:I:i:K:l:n:p:R:r:s:T:t:U:w:x:X:y:Y:z:CFGLOPSWbdghvZ",
sizeof(opts)); sizeof(opts));
#ifdef USE_PERFTOOLS #ifdef USE_PERFTOOLS
@ -454,7 +456,7 @@ int main(int argc, char** argv)
case 'b': case 'b':
bare_mode = true; bare_mode = true;
break; break;
case 'd': case 'd':
fprintf(stderr, "Policy file debugging ON.\n"); fprintf(stderr, "Policy file debugging ON.\n");
g_policy_debug = true; g_policy_debug = true;
@ -476,6 +478,10 @@ int main(int argc, char** argv)
interfaces.append(optarg); interfaces.append(optarg);
break; break;
case 'l':
snaplen = atoi(optarg);
break;
case 'p': case 'p':
prefixes.append(optarg); prefixes.append(optarg);
break; break;