From: Victor Julien <victor@inliniac.net>
Date: Sun, 8 Nov 2015 09:02:11 +0000 (+0100)
Subject: pcap: unify -i and --pcap parsing
X-Git-Tag: suricata-3.1RC1~252
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a3a7d9b2990fe80e76522eb25f3daf643e353d7a;p=thirdparty%2Fsuricata.git

pcap: unify -i and --pcap parsing
---

diff --git a/src/suricata.c b/src/suricata.c
index 6bc348a5d8..7263d82953 100644
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -1148,63 +1148,60 @@ static int ParseCommandLinePcapLive(SCInstance *suri, const char *optarg)
 {
     memset(suri->pcap_dev, 0, sizeof(suri->pcap_dev));
 
-    if (optarg == NULL) {
-        SCLogError(SC_ERR_INITIALIZATION, "no option argument (optarg) for -i");
-        return TM_ECODE_FAILED;
-    }
-
-    /* warn user if af-packet, netmap or pf-ring are available */
+    if (optarg != NULL) {
+        /* warn user if af-packet, netmap or pf-ring are available */
 #if defined HAVE_AF_PACKET || HAVE_PFRING || HAVE_NETMAP
-    int i = 0;
+        int i = 0;
 #ifdef HAVE_AF_PACKET
-    i++;
+        i++;
 #endif
 #ifdef HAVE_PFRING
-    i++;
+        i++;
 #endif
 #ifdef HAVE_NETMAP
-    i++;
+        i++;
 #endif
-    SCLogWarning(SC_WARN_FASTER_CAPTURE_AVAILABLE, "faster capture "
-            "option%s %s available:"
+        SCLogWarning(SC_WARN_FASTER_CAPTURE_AVAILABLE, "faster capture "
+                "option%s %s available:"
 #ifdef HAVE_AF_PACKET
-            " AF_PACKET (--af-packet=%s)"
+                " AF_PACKET (--af-packet=%s)"
 #endif
 #ifdef HAVE_PFRING
-            " PF_RING (--pfring-int=%s)"
+                " PF_RING (--pfring-int=%s)"
 #endif
 #ifdef HAVE_NETMAP
-            " NETMAP (--netmap=%s)"
+                " NETMAP (--netmap=%s)"
 #endif
-            ". Use --pcap=%s to suppress this warning",
-            i == 1 ? "" : "s", i == 1 ? "is" : "are"
+                ". Use --pcap=%s to suppress this warning",
+                i == 1 ? "" : "s", i == 1 ? "is" : "are"
 
 #ifdef HAVE_AF_PACKET
-            , optarg
+                , optarg
 #endif
 #ifdef HAVE_PFRING
-            , optarg
+                , optarg
 #endif
 #ifdef HAVE_NETMAP
-            , optarg
+                , optarg
 #endif
-            , optarg
-            );
+                , optarg
+                );
 #endif
-    /* some windows shells require escaping of the \ in \Device. Otherwise
-     * the backslashes are stripped. We put them back here. */
-    if (strlen(optarg) > 9 && strncmp(optarg, "DeviceNPF", 9) == 0) {
-        snprintf(suri->pcap_dev, sizeof(suri->pcap_dev), "\\Device\\NPF%s", optarg+9);
-    } else {
-        strlcpy(suri->pcap_dev, optarg, ((strlen(optarg) < sizeof(suri->pcap_dev)) ? (strlen(optarg)+1) : (sizeof(suri->pcap_dev))));
-        PcapTranslateIPToDevice(suri->pcap_dev, sizeof(suri->pcap_dev));
-    }
+        /* some windows shells require escaping of the \ in \Device. Otherwise
+         * the backslashes are stripped. We put them back here. */
+        if (strlen(optarg) > 9 && strncmp(optarg, "DeviceNPF", 9) == 0) {
+            snprintf(suri->pcap_dev, sizeof(suri->pcap_dev), "\\Device\\NPF%s", optarg+9);
+        } else {
+            strlcpy(suri->pcap_dev, optarg, ((strlen(optarg) < sizeof(suri->pcap_dev)) ? (strlen(optarg)+1) : (sizeof(suri->pcap_dev))));
+            PcapTranslateIPToDevice(suri->pcap_dev, sizeof(suri->pcap_dev));
+        }
 
-    if (strcmp(suri->pcap_dev, optarg) != 0) {
-        SCLogInfo("translated %s to pcap device %s", optarg, suri->pcap_dev);
-    } else if (strlen(suri->pcap_dev) > 0 && isdigit((unsigned char)suri->pcap_dev[0])) {
-        SCLogError(SC_ERR_PCAP_TRANSLATE, "failed to find a pcap device for IP %s", optarg);
-        return TM_ECODE_FAILED;
+        if (strcmp(suri->pcap_dev, optarg) != 0) {
+            SCLogInfo("translated %s to pcap device %s", optarg, suri->pcap_dev);
+        } else if (strlen(suri->pcap_dev) > 0 && isdigit((unsigned char)suri->pcap_dev[0])) {
+            SCLogError(SC_ERR_PCAP_TRANSLATE, "failed to find a pcap device for IP %s", optarg);
+            return TM_ECODE_FAILED;
+        }
     }
 
     if (suri->run_mode == RUNMODE_UNKNOWN) {
@@ -1420,29 +1417,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri)
                 return TM_ECODE_FAILED;
 #endif /* HAVE_NFLOG */
             } else if (strcmp((long_opts[option_index]).name , "pcap") == 0) {
-                if (suri->run_mode == RUNMODE_UNKNOWN) {
-                    suri->run_mode = RUNMODE_PCAP_DEV;
-                    if (optarg) {
-                        LiveRegisterDevice(optarg);
-                        memset(suri->pcap_dev, 0, sizeof(suri->pcap_dev));
-                        strlcpy(suri->pcap_dev, optarg,
-                                ((strlen(optarg) < sizeof(suri->pcap_dev)) ?
-                                 (strlen(optarg) + 1) : sizeof(suri->pcap_dev)));
-                    }
-                } else if (suri->run_mode == RUNMODE_PCAP_DEV) {
-#ifdef OS_WIN32
-                    SCLogError(SC_ERR_PCAP_MULTI_DEV_NO_SUPPORT, "pcap multi dev "
-                            "support is not (yet) supported on Windows.");
-                    return TM_ECODE_FAILED;
-#else
-                    SCLogWarning(SC_WARN_PCAP_MULTI_DEV_EXPERIMENTAL, "using "
-                            "multiple pcap devices to get packets is experimental.");
-                    LiveRegisterDevice(optarg);
-#endif
-                } else {
-                    SCLogError(SC_ERR_MULTIPLE_RUN_MODE, "more than one run mode "
-                            "has been specified");
-                    usage(argv[0]);
+                if (ParseCommandLinePcapLive(suri, optarg) != TM_ECODE_OK) {
                     return TM_ECODE_FAILED;
                 }
 #ifdef AFLFUZZ_APPLAYER