34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
-
|
} else {
if {$tcl_platform(platform) == "windows"} {
set tmpdir {C:/TEMP}
} else {
set tmpdir /tmp
}
}
set tmpdir "C:/TEMP"
# Determine interface to lookup
set dest_parm_idx [lsearch -exact $argv "-i"]
if {$dest_parm_idx != -1} {
incr dest_parm_idx
set dest_chk [lindex $argv $dest_parm_idx]
|
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
-
+
-
-
-
+
-
-
-
+
+
-
-
-
-
-
-
-
-
+
-
+
-
-
-
+
+
+
+
|
# Run tcpdump
set exit 1
set start_npf_service 0
set npf_failed 0
if {[catch {
set filesdir [file join $dstdir files]
file mkdir $dstdir
exec cmd /c mkdir [file nativename $dstdir]
exec cmd /c mkdir [file nativename $filesdir]
file copy -- {*}[glob -directory $srcdir *] $filesdir
file copy -- $srcdir $filesdir
## Delete extraneous service
if {[::twapi::service_exists npf]} {
if {![catch {
::twapi::stop_service npf
catch {
::twapi::stop_service npf
}]} {
set start_npf_service 1
}
}
catch {
::twapi::stop_service npf_tcpdump
}
catch {
::twapi::delete_service npf_tcpdump
::twapi::delete_service npf
}
## Install driver and start service
if {[catch {
set driver [file join $filesdir npf${bits}.sys]
set driver [file nativename $driver]
::twapi::create_service npf_tcpdump $driver -displayname "NPF for TCPDUMP (ignore)" -servicetype kernel_driver -starttype demand_start -errorcontrol ignore
::twapi::create_service npf $driver -displayname "WinPcap Packet Driver (NPF)" -servicetype kernel_driver -starttype demand_start -errorcontrol ignore
puts [exec net start npf_tcpdump]
::twapi::start_service npf_tcpdump
puts [exec net start npf_tcpdump]
set started [::twapi::start_service npf -wait 60000]
if {!$started} {
error "npf did not start"
}
} npf_err]} {
set npf_failed 1
}
after 5000
## Launch tcpdump with the apropriate parameters
|
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
-
-
-
-
+
-
+
-
-
-
-
-
-
|
}
puts "Failed: $::errorInfo"
set exit 1
}
# Debug
puts [exec net stop npf_tcpdump]
puts [exec net start npf_tcpdump]
# Cleanup
catch {
::twapi::stop_service npf_tcpdump
::twapi::stop_service npf
}
catch {
::twapi::delete_service npf_tcpdump
::twapi::delete_service npf
}
if {$start_npf_service} {
catch {
::twapi::start_service npf
}
}
catch {
file delete -force -- $dstdir
}
# Terminate
exit $exit
|