Tcpdump源码分析系列7:main函数
2019獨角獸企業重金招聘Python工程師標準>>>
#ifndef WIN32
?/*
? * If a user name was specified with "-Z", attempt to switch to
? * that user's UID.? This would probably be used with sudo,
? * to allow tcpdump to be run in a special restricted
? * account (if you just want to allow users to open capture
? * devices, and can't just give users that permission,
? * you'd make tcpdump set-UID or set-GID).
? *
? * Tcpdump doesn't necessarily write only to one savefile;
? * the general only way to allow a -Z instance to write to
? * savefiles as the user under whose UID it's run, rather
? * than as the user specified with -Z, would thus be to switch
? * to the original user ID before opening a capture file and
? * then switch back to the -Z user ID after opening the savefile.
? * Switching to the -Z user ID only after opening the first
? * savefile doesn't handle the general case.
? */
#ifdef HAVE_CAP_NG_H
?/* We are running as root and we will be writing to savefile */
?if ((getuid() == 0 || geteuid() == 0) && WFileName)
?{
??if (username) {
???/* Drop all capabilities from effective set */
???capng_clear(CAPNG_EFFECTIVE);
???/* Add capabilities we will need*/
???capng_update(CAPNG_ADD, CAPNG_PERMITTED, CAP_SETUID);
???capng_update(CAPNG_ADD, CAPNG_PERMITTED, CAP_SETGID);
???capng_update(CAPNG_ADD, CAPNG_PERMITTED, CAP_DAC_OVERRIDE);
???capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_SETUID);
???capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_SETGID);
???capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE);
???capng_apply(CAPNG_SELECT_BOTH);
??}
?}?
#endif /* HAVE_CAP_NG_H */?
?if (getuid() == 0 || geteuid() == 0) {
??if (username || chroot_dir)
???droproot(username, chroot_dir);
?}
#endif /* WIN32 */
//假設這里并沒有指定寫文件,所以我們并不去分析這段
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
?if (pcap_setfilter(pd, &fcode) < 0)
??error("%s", pcap_geterr(pd));
?//設置過濾器規則
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
if (WFileName)
?{
??pcap_dumper_t *p;
??/* Do not exceed the default PATH_MAX for files. */
??dumpinfo.CurrentFileName = (char *)malloc(PATH_MAX + 1);
??if (dumpinfo.CurrentFileName == NULL)
???error("malloc of dumpinfo.CurrentFileName");
??/* We do not need numbering for dumpfiles if Cflag isn't set. */
??if (Cflag != 0)
??? MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, WflagChars);
??else
??? MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0);
??p = pcap_dump_open(pd, dumpinfo.CurrentFileName);
??#ifdef HAVE_CAP_NG_H
??????? /* Give up capabilities, clear Effective set */
??????? capng_clear(CAPNG_EFFECTIVE);
??#endif
??if (p == NULL)
???error("%s", pcap_geterr(pd));
??if (Cflag != 0 || Gflag != 0) {
???callback = dump_packet_and_trunc;
???dumpinfo.WFileName = WFileName;
???dumpinfo.pd = pd;
???dumpinfo.p = p;
???pcap_userdata = (u_char *)&dumpinfo;
??} else {
???callback = dump_packet;
???pcap_userdata = (u_char *)p;
??}
??#ifdef HAVE_PCAP_DUMP_FLUSH
??if (Uflag)
???pcap_dump_flush(p);
??#endif
?}
?else
?{
??type = pcap_datalink(pd);
??printinfo = get_print_info(type);
??callback = print_packet;
??pcap_userdata = (u_char *)&printinfo;
?}
?//如果是寫入文件,當然為了方便,這里并不假設寫入文件
?//這里設置callback=print_packet函數
?
轉載于:https://my.oschina.net/qiangzigege/blog/171413
總結
以上是生活随笔為你收集整理的Tcpdump源码分析系列7:main函数的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Stimulsoft Reports.S
- 下一篇: 不错的东西: AutoMapper