adulau/ssldump
1
0
Fork 0
mirror of https://github.com/adulau/ssldump.git synced 2024-11-22 09:27:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #80 from wllm-rbnt/ts

Browse source 
Add -z option for printing timestamps in front of TCP headers
This commit is contained in:
Alexandre Dulaunoy 2023-08-04 17:40:24 +02:00 committed by GitHub
commit a933d5b6a2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
base/network.h
View file

@ -124,5 +124,6 @@ extern UINT4 NET_print_flags;
#define NET_PRINT_ACKS 4 #define NET_PRINT_ACKS 4
#define NET_PRINT_NO_RESOLVE 8 #define NET_PRINT_NO_RESOLVE 8
#define NET_PRINT_JSON 16 #define NET_PRINT_JSON 16
#define NET_PRINT_TS 32
#endif #endif

9
base/pcap-snoop.c
View file

@ -111,7 +111,7 @@ int err_exit(str,num)
int usage() int usage()
{ {
fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] [-w outpcapfile]\n"); fprintf(stderr,"Usage: ssldump [-r dumpfile] [-i interface] [-l sslkeylogfile] [-w outpcapfile]\n");
fprintf(stderr," [-k keyfile] [-p password] [-vtaTnsAxVNde]\n"); fprintf(stderr," [-k keyfile] [-p password] [-vtaTznsAxVNde]\n");
fprintf(stderr," [filter]\n"); fprintf(stderr," [filter]\n");
exit(0); exit(0);
} }
@ -120,7 +120,7 @@ int print_version()
{ {
printf(PACKAGE_STRING "\n"); printf(PACKAGE_STRING "\n");
printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n"); printf("Maintained by a bunch of volunteers, see https://github.com/adulau/ssldump/blob/master/CREDITS\n");
printf("Copyright (C) 2015-2021 the aforementioned volunteers\n"); printf("Copyright (C) 2015-2023 the aforementioned volunteers\n");
printf("Copyright (C) 1998-2001 RTFM, Inc.\n"); printf("Copyright (C) 1998-2001 RTFM, Inc.\n");
printf("All rights reserved.\n"); printf("All rights reserved.\n");
#ifdef OPENSSL #ifdef OPENSSL
@ -332,7 +332,7 @@ int main(argc,argv)
signal(SIGINT,sig_handler); signal(SIGINT,sig_handler);
while((c=getopt(argc,argv,"vr:F:f:S:jyTt:ai:k:l:w:p:nsAxXhHVNdqem:P"))!=EOF){ while((c=getopt(argc,argv,"vr:F:f:S:jyTt:ai:k:l:w:p:znsAxXhHVNdqem:P"))!=EOF){
switch(c){ switch(c){
case 'v': case 'v':
print_version(); print_version();
@ -354,6 +354,9 @@ int main(argc,argv)
NET_print_flags |= NET_PRINT_JSON; NET_print_flags |= NET_PRINT_JSON;
SSL_print_flags |= SSL_PRINT_JSON; SSL_print_flags |= SSL_PRINT_JSON;
break; break;
case 'z':
NET_print_flags |= NET_PRINT_TS;
break;
case 'a': case 'a':
NET_print_flags |= NET_PRINT_ACKS; NET_print_flags |= NET_PRINT_ACKS;
break; break;

5
base/tcppack.c
View file

@ -398,6 +398,8 @@ static int print_tcp_packet(p)
{ {
char *src=0,*dst=0; char *src=0,*dst=0;
struct timeval *ts = &p->ts;
if(!(NET_print_flags & NET_PRINT_TCP_HDR)) if(!(NET_print_flags & NET_PRINT_TCP_HDR))
return(0); return(0);
@ -405,6 +407,9 @@ static int print_tcp_packet(p)
lookuphostname(&p->r_addr.so_st,&dst); lookuphostname(&p->r_addr.so_st,&dst);
if(!(NET_print_flags & NET_PRINT_JSON)) { if(!(NET_print_flags & NET_PRINT_JSON)) {
if(NET_print_flags & NET_PRINT_TS) {
printf("%lld%c%4.4lld ", (long long)ts->tv_sec,'.',(long long)ts->tv_usec/100);
}
printf("TCP: %s(%d) -> %s(%d) ", printf("TCP: %s(%d) -> %s(%d) ",
src, src,
ntohs(p->tcp->th_sport), ntohs(p->tcp->th_sport),

3
ssldump.1
View file

@ -251,6 +251,9 @@ program.
Decorate the output for processing with nroff/troff. Not very Decorate the output for processing with nroff/troff. Not very
useful for the average user. useful for the average user.
.TP .TP
.B \-z
Add timestamp in front of TCP packet description (-T)
.TP
\fIexpression\fP \fIexpression\fP
.RS .RS
Selects what packets \fIssldump\fP will examine. Technically speaking, Selects what packets \fIssldump\fP will examine. Technically speaking,