Made timestamp printing a separate function. Timestamps are now print…

…ed before 'Bad TCP Data' messages for consistancy.
pflarr · Apr 4, 2013 · 55546f9 · 55546f9
1 parent d9a3692
commit 55546f9
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 18 deletions.
diff --git a/.gitignore b/.gitignore
@@ -3,3 +3,4 @@
 *.o
 test_strutils
 bin/dns_parse
+samples
diff --git a/dns_parse.c b/dns_parse.c
@@ -348,38 +348,24 @@ void handler(uint8_t * args, const struct pcap_pkthdr *orig_header,
 // Output the DNS data.
 void print_summary(ip_info * ip, transport_info * trns, dns_info * dns,
                    struct pcap_pkthdr * header, config * conf) {
-    char date[200];
     char proto;
 
     uint32_t dnslength;
     dns_rr *next;
     dns_question *qnext;
 
-    // Print the time stamp.
-    if (conf->PRETTY_DATE) {
-        struct tm *time;
-        size_t result;
-        char t_date[200];
-        const char * format = "%F %T";
-        time = localtime(&(header->ts.tv_sec));
-        result = strftime(t_date, 200, format, time);
-        if (result == 0) strncpy(date, "Date format error", 20);
-        sprintf(date, "%s.%06d", t_date, (int)header->ts.tv_usec);
-    } else 
-        sprintf(date, "%d.%06d", (int)header->ts.tv_sec, 
-                                 (int)header->ts.tv_usec);
-
+    print_ts(&(header->ts), conf);
+
     // Print the transport protocol indicator.
     if (ip->proto == 17) {
         proto = 'u';
     } else if (ip->proto == 6) {
         proto = 't';
     }
-    fflush(stdout);
     dnslength = trns->length;
 
     // Print the IP addresses and the basic query information.
-    printf("%s,%s,", date, iptostr(&ip->src));
+    printf(",%s,", iptostr(&ip->src));
     printf("%s,%d,%c,%c,%s", iptostr(&ip->dst),
            dnslength, proto, dns->qr ? 'r':'q', dns->AA?"AA":"NA");
 
@@ -484,6 +470,27 @@ void dns_question_free(dns_question * question) {
     free(question);
 }
 
+// Print the time stamp.
+void print_ts(struct timeval * ts, config * conf) {
+    char date[200];
+    if (conf->PRETTY_DATE) {
+        struct tm *time;
+        size_t result;
+        char t_date[200];
+        const char * format = "%F %T";
+        time = localtime(&(ts->tv_sec));
+        result = strftime(t_date, 200, format, time);
+        if (result == 0) {
+            printf("0000-00-00 00:00:00.000000");
+            fprintf(stderr, "Date format error\n");
+        }
+        printf("%s.%06d", t_date, (int)ts->tv_usec);
+    } else {
+        printf("%d.%06d", (int)ts->tv_sec, (int)ts->tv_usec);
+    }
+}
+
+
 // Parse the questions section of the dns protocol.
 // pos - offset to the start of the questions section.
 // id_pos - offset set to the id field. Needed to decompress dns data.

diff --git a/dns_parse.h b/dns_parse.h
@@ -125,4 +125,7 @@ void print_summary(ip_info * ip, transport_info * trns, dns_info * dns,
 // wrap - How many bytes to print per line.
 void print_packet(uint32_t max_len, uint8_t *packet,
                   uint32_t start, uint32_t end, u_int wrap);
+
+// Print the given timestamp out on the given file*, as configured.
+void print_ts(struct timeval *, config *);
 #endif
diff --git a/tcp.c b/tcp.c
@@ -289,7 +289,8 @@ void tcp_expire(config * conf, const struct timeval * now ) {
                 offset = 0;
             } else { 
                 char * bad_data = escape_data(head->data, 0, head->len);
-                printf("Bad TCP stream: %s\n", bad_data);
+                print_ts(&(head->ts), conf);
+                printf(", Bad TCP stream: %s\n", bad_data);
                 free(bad_data);
             }
         }
-Original file line number
+Diff line change
@@ Expand Up / @@ -3,3 +3,4 @@ @@
     *.o
     test_strutils
     bin/dns_parse
+    samples