From 83ffd1fcf9aade0c91834fe3058a4d5644eeba3f Mon Sep 17 00:00:00 2001 From: Thomas Osterried Date: Mon, 4 Jul 2016 12:12:37 +0200 Subject: Improved timestamps. With code and -t -tt -ttt ... option behaviour from tcpdump. -> Without -t, listen now shows a timestamp. Signed-off-by: Thomas Osterried --- listen/ax25dump.c | 12 ++--- listen/listen.1 | 105 +++++++++++++++++++++++++++++++++++++++ listen/listen.c | 146 ++++++++++++++++++++++++++++++++++++++++++++++++++---- listen/listen.h | 4 +- 4 files changed, 245 insertions(+), 22 deletions(-) create mode 100644 listen/listen.1 diff --git a/listen/ax25dump.c b/listen/ax25dump.c index d8e6532..c59b500 100644 --- a/listen/ax25dump.c +++ b/listen/ax25dump.c @@ -225,8 +225,7 @@ void ax25_dump(unsigned char *data, int length, int hexdump) } lprintf(T_AXHDR, "%s len %d ", dama, length); - if (timestamp) - display_timestamp(); + display_timestamp(); if (pid == PID_SEGMENT) { seg = *data++; @@ -292,8 +291,7 @@ void ax25_dump(unsigned char *data, int length, int hexdump) lprintf(T_ERROR, " Invalid seq number"); lprintf(T_AXHDR, "%s ", dama); - if (timestamp) - display_timestamp(); + display_timestamp(); lprintf(T_AXHDR, "\n"); } else if ((type == SABM || type == UA) && length >= 2) { /* FlexNet transmits the QSO "handle" for header @@ -301,13 +299,11 @@ void ax25_dump(unsigned char *data, int length, int hexdump) */ lprintf(T_AXHDR, " [%d]%s ", (data[0] << 8) | data[1], dama); - if (timestamp) - display_timestamp(); + display_timestamp(); lprintf(T_AXHDR, "\n"); } else { lprintf(T_AXHDR, "%s ", dama); - if (timestamp) - display_timestamp(); + display_timestamp(); lprintf(T_AXHDR, "\n"); } } diff --git a/listen/listen.1 b/listen/listen.1 new file mode 100644 index 0000000..b6717d2 --- /dev/null +++ b/listen/listen.1 @@ -0,0 +1,105 @@ +.TH LISTEN 1 "27 August 1996" Linux "Linux Programmer's Manual" +.SH NAME +listen \- monitor AX.25 traffic +.SH SYNOPSIS +.B listen [-8] [-a] [-c] [-h] [-i] [-p port] [-r] [-t..] [-v] +.SH DESCRIPTION +.LP +.B Listen +uses SOCK_PACKET facilities to provide a network monitor of all AX.25 +traffic heard by the system. Since KISS is implicitly promiscuous no +special driver configurations are needed. +.LP +This version displays standard AX.25, PE1CHL extended AX.25, NET/ROM, Rose, ARP, +IP, ICMP, TCP and UDP. It also displays IP, TCP, ICMP, TCP and UDP +encapsulated within NET/ROM frames. The program also displays AX.25 and IP +encapsulated within an IP frame, but see RFC1326 for reasons not to do so. +.LP +.B Listen +makes an attempt at decoding some of the more common routing protocols. RSPF +and RIP (both \(lqnormal\(rq and G8BPQs RIP98) are traced. JNOS style +NET/ROM node polls are also displayed. +.LP +.B Listen +can use colors to make the output more readable. The ncurses library is used +to accomplish this. +.B Color support defaults to being disabled, +and the +.BR -c +parameter is used to enable it. +.SH OPTIONS +.TP 10 +.BI \-8 +Indicates that the terminal is capable of printing 8-bit characters. This +parameter is required for the -i parameter to work. +.TP 10 +.BI \-a +Allow for the monitoring of outgoing frames as well as incoming ones. +.TP 10 +.BI \-c +Enable color support. +.TP 10 +.BI \-h +Dump the data portion of the packet in both hexadecimal and ASCII. The +default is to display data as ASCII only. +.TP 10 +.BI \-i +Map IBM codepage 437 characters 128-158 to their ISO-Latin-1 equivalents. +This is a hack for scandinavian users. This parameter is only valid +when used with the -8 and -c parameters. +.TP 10 +.BI "\-p port" +Monitor only those frames received on a particular port, by default all +AX.25 devices are monitored. +.TP 10 +.BI \-r +Dump the data portion in a "readable" fashion, which is more suitable +for tracing plaintext AX.25 traffic. CR-LF conversion is done. +.TP 10 +.BI \-t +Don't print a timestamp on each dump line. +.TP 10 +.BI -tt +Print an unformatted timestamp on each dump line. +.TP 10 +.BI -ttt +Print a delta (micro-second resolution) between current and previous line +on each dump line. +.TP 10 +.BI -tttt +Print a timestamp in default format proceeded by date on each dump line. +.TP 10 +.BI -ttttt +Print a delta (micro-second resolution) between current and first +line on each dump line. +.TP 10 +.BI \-v +Display the version. +.SH FILES +/etc/ax25/axports +.SH "SEE ALSO" +.BR call (1), +.BR mheard (1), +.BR beacon (1), +.BR ax25 (4), +.BR netrom (4), +.BR rose (4), +.BR kissattach (8). +.LP +.SH BUGS +.B Listen +does not validate the checksums of frames that support them (ie IP), +therefore corrupt frames will be displayed with bogus values. The MSS +of a TCP frame that contains that option is not displayed. +.SH AUTHORS +.nf +Alan Cox GW4PTS +.br +Jonathan Naylor G4KLX +.br +Phil Karn KA9Q +.br +Heikki Hannikainen OH7LZB +.br +Scott Miller N1VG +.fi diff --git a/listen/listen.c b/listen/listen.c index ca933c6..1e311fb 100644 --- a/listen/listen.c +++ b/listen/listen.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -25,7 +26,9 @@ #include #include "listen.h" -int timestamp; +struct timeval t_recv; +int tflag = 0; +int32_t thiszone; /* seconds offset from gmt to local time */ static int sigint; static int sock; @@ -39,18 +42,124 @@ static void display_port(char *dev) lprintf(T_PORT, "%s: ", port); } +/* from tcpdump util.c */ + +/* + * Format the timestamp + */ +char * +ts_format(register int sec, register int usec) +{ + static char buf[sizeof("00:00:00.000000")]; + (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d.%06u", + sec / 3600, (sec % 3600) / 60, sec % 60, usec); + + return buf; +} + +/* + * Print the timestamp + */ +void +ts_print(register const struct timeval *tvp) +{ + register int s; + struct tm *tm; + time_t Time; + static unsigned b_sec; + static unsigned b_usec; + int d_usec; + int d_sec; + + switch (tflag) { + + case 0: /* Default */ + s = (tvp->tv_sec + thiszone) % 86400; + (void)lprintf(T_TIMESTAMP, "%s ", ts_format(s, tvp->tv_usec)); + break; + + case 1: /* No time stamp */ + break; + + case 2: /* Unix timeval style */ + (void)lprintf(T_TIMESTAMP, "%u.%06u ", + (unsigned)tvp->tv_sec, + (unsigned)tvp->tv_usec); + break; + + case 3: /* Microseconds since previous packet */ + case 5: /* Microseconds since first packet */ + if (b_sec == 0) { + /* init timestamp for first packet */ + b_usec = tvp->tv_usec; + b_sec = tvp->tv_sec; + } + + d_usec = tvp->tv_usec - b_usec; + d_sec = tvp->tv_sec - b_sec; + + while (d_usec < 0) { + d_usec += 1000000; + d_sec--; + } + + (void)lprintf(T_TIMESTAMP, "%s ", ts_format(d_sec, d_usec)); + + if (tflag == 3) { /* set timestamp for last packet */ + b_sec = tvp->tv_sec; + b_usec = tvp->tv_usec; + } + break; + + case 4: /* Default + Date*/ + s = (tvp->tv_sec + thiszone) % 86400; + Time = (tvp->tv_sec + thiszone) - s; + tm = gmtime (&Time); + if (!tm) + lprintf(T_TIMESTAMP, "Date fail "); + else + lprintf(T_TIMESTAMP, "%04d-%02d-%02d %s ", + tm->tm_year+1900, tm->tm_mon+1, tm->tm_mday, + ts_format(s, tvp->tv_usec)); + break; + } +} + void display_timestamp(void) { - time_t timenowx; - struct tm *timenow; + ts_print(&t_recv); +} - time(&timenowx); - timenow = localtime(&timenowx); +/* from tcpdump gmtlocal.c */ - lprintf(T_TIMESTAMP, "%02d:%02d:%02d", timenow->tm_hour, - timenow->tm_min, timenow->tm_sec); +int32_t gmt2local(time_t t) +{ + register int dt, dir; + register struct tm *gmt, *loc; + struct tm sgmt; + + if (t == 0) + t = time(NULL); + gmt = &sgmt; + *gmt = *gmtime(&t); + loc = localtime(&t); + dt = (loc->tm_hour - gmt->tm_hour) * 60 * 60 + + (loc->tm_min - gmt->tm_min) * 60; + + /* + * If the year or julian day is different, we span 00:00 GMT + * and must add or subtract a day. Check the year first to + * avoid problems when the julian day wraps. + */ + dir = loc->tm_year - gmt->tm_year; + if (dir == 0) + dir = loc->tm_yday - gmt->tm_yday; + dt += dir * 24 * 60 * 60; + + return (dt); } + static void handle_sigint(int signal) { sigint++; @@ -77,8 +186,6 @@ int main(int argc, char **argv) int proto = ETH_P_AX25; int exit_code = EXIT_SUCCESS; - timestamp = 0; - while ((s = getopt(argc, argv, "8achip:rtv")) != -1) { switch (s) { case '8': @@ -103,7 +210,7 @@ int main(int argc, char **argv) dumpstyle = READABLE; break; case 't': - timestamp = 1; + tflag++; break; case 'v': printf("listen: %s\n", VERSION); @@ -114,11 +221,26 @@ int main(int argc, char **argv) return 1; case '?': fprintf(stderr, - "Usage: listen [-8] [-a] [-c] [-h] [-i] [-p port] [-r] [-t] [-v]\n"); + "Usage: listen [-8] [-a] [-c] [-h] [-i] [-p port] [-r] [-t..] [-v]\n"); return 1; } } + switch (tflag) { + case 0: /* Default */ + case 4: /* Default + Date*/ + thiszone = gmt2local(0); + break; + case 1: /* No time stamp */ + case 2: /* Unix timeval style */ + case 3: /* Microseconds since previous packet */ + case 5: /* Microseconds since first packet */ + break; + default: /* Not supported */ + fprintf(stderr, "listen: only -t, -tt, -ttt, -tttt and -ttttt are supported\n"); + return 1; + } + if (ax25_config_load_ports() == 0) fprintf(stderr, "listen: no AX.25 port data configured\n"); @@ -164,6 +286,7 @@ int main(int argc, char **argv) } break; } + gettimeofday(&t_recv, NULL); signal(SIGINT, SIG_DFL); signal(SIGTERM, SIG_DFL); if (sock == -1 || sigint) @@ -377,3 +500,4 @@ int get32(unsigned char *cp) return x; } + diff --git a/listen/listen.h b/listen/listen.h index 841a494..0075bf3 100644 --- a/listen/listen.h +++ b/listen/listen.h @@ -15,12 +15,10 @@ #define T_OPENTRAC 14 /* In utils.c */ -extern int color; /* Colorized mode */ +extern int color; /* Colorized mode */ extern int sevenbit; /* Are we on a 7-bit terminal? */ extern int ibmhack; /* IBM mapping? */ -extern int timestamp; - void display_timestamp(void); void lprintf(int dtype, char *fmt, ...); -- cgit v1.2.3