From 2c4f893c1b44aa88bf1f989c18c68f87f07d32c1 Mon Sep 17 00:00:00 2001
From: Giuliano Bellini s294739 <s294739@studenti.polito.it>
Date: Sun, 10 Mar 2024 10:58:54 +0100
Subject: [PATCH] PCAP file export (initial implementation)

---
 .gitignore                             |  3 ++-
 Cargo.toml                             |  6 +++---
 src/networking/manage_packets.rs       |  2 +-
 src/secondary_threads/parse_packets.rs | 16 +++++++++++-----
 4 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/.gitignore b/.gitignore
index 2b0ebcd5..05386a8f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -56,4 +56,5 @@ $RECYCLE.BIN/
 
 ### Custom... ###
 Dockerfile
-lcov.info
\ No newline at end of file
+lcov.info
+*.pcap
\ No newline at end of file
diff --git a/Cargo.toml b/Cargo.toml
index 6bcf5d2f..c155c94d 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -39,13 +39,13 @@ strip = true
 [dependencies]
 pcap = "1.2.0"
 etherparse = "0.14.2"
-chrono = { version = "0.4.33", default_features = false, features = ["clock"] }
+chrono = { version = "0.4.35", default_features = false, features = ["clock"] }
 plotters = { version = "0.3.5", default_features = false, features = ["area_series"] }
 iced = { version = "0.12.1", features = ["tokio", "svg", "advanced", "lazy"] }
 plotters-iced = "0.10.0"
 maxminddb = "0.24.0"
-confy = "0.6.0"
-serde = { version = "1.0.196", default_features = false, features = ["derive"] }
+confy = "0.6.1"
+serde = { version = "1.0.197", default_features = false, features = ["derive"] }
 rodio = { version = "0.17.3", default_features = false, features = ["mp3"] }
 dns-lookup = "2.0.4"
 toml = "0.8.10"
diff --git a/src/networking/manage_packets.rs b/src/networking/manage_packets.rs
index 25f4c48f..80622dca 100644
--- a/src/networking/manage_packets.rs
+++ b/src/networking/manage_packets.rs
@@ -568,7 +568,7 @@ pub fn get_capture_result(device: &MyDevice) -> (Option<String>, Option<Capture<
     let cap_result = Capture::from_device(device.to_pcap_device())
         .expect("Capture initialization error\n\r")
         .promisc(true)
-        .snaplen(256) //limit stored packets slice dimension (to keep more in the buffer)
+        .snaplen(u16::MAX as i32) //limit stored packets slice dimension (to keep more in the buffer)
         .immediate_mode(true) //parse packets ASAP!
         .open();
     if cap_result.is_err() {
diff --git a/src/secondary_threads/parse_packets.rs b/src/secondary_threads/parse_packets.rs
index c087309f..872decbd 100644
--- a/src/secondary_threads/parse_packets.rs
+++ b/src/secondary_threads/parse_packets.rs
@@ -22,7 +22,7 @@
 use crate::networking::types::packet_filters_fields::PacketFiltersFields;
 use crate::InfoTraffic;
 
-/// The calling thread enters in a loop in which it waits for network packets, parses them according
+/// The calling thread enters a loop in which it waits for network packets, parses them according
 /// to the user specified filters, and inserts them into the shared map variable.
 pub fn parse_packets(
     current_capture_id: &Arc<Mutex<usize>>,
@@ -37,6 +37,8 @@ pub fn parse_packets(
 
     let my_link_type = MyLinkType::from_pcap_link_type(cap.get_datalink());
 
+    let mut output = cap.savefile("sniffnet.pcap").unwrap();
+
     loop {
         match cap.next_packet() {
             Err(_) => {
@@ -87,10 +89,6 @@ pub fn parse_packets(
                     //increment number of sniffed packets and bytes
                     info_traffic.all_packets += 1;
                     info_traffic.all_bytes += exchanged_bytes;
-                    // update dropped packets number
-                    if let Ok(stats) = cap.stats() {
-                        info_traffic.dropped_packets = stats.dropped;
-                    }
 
                     if passed_filters {
                         info_traffic.add_packet(exchanged_bytes, new_info.traffic_direction);
@@ -185,6 +183,14 @@ pub fn parse_packets(
                                     new_info.traffic_direction,
                                 )
                             });
+
+                        // save this packet to PCAP file
+                        output.write(&packet);
+
+                        // update dropped packets number
+                        if let Ok(stats) = cap.stats() {
+                            info_traffic.dropped_packets = stats.dropped;
+                        }
                     }
                 }
             }