#!perl -w
#
# this script converts a activesync wincap file to a ppp cap file
#
use IO::File;
if (@ARGV!=2) {
	die "need in + out file arguments\n";
}
my $ifn= shift;
my $ofn= shift;
my $ifh= IO::File->new($ifn, "r") or die "$ifn: $!\n";
binmode $ifh;
my $ofh= IO::File->new($ofn, "w") or die "$ifn: $!\n";
binmode $ofh;

my $filehdrdata= read_file_header($ifh);
my $filehdr= unpack_file_header($filehdrdata);

# LINKTYPE_PPP_BSDOS	103		/* BSD/OS PPP BPF header */

# ff00 = IN, ff01 = OUT
# LINKTYPE_PPP_PPPD	166

# LINKTYPE_PPP_HDLC	50		/* PPP in HDLC-like framing */
# DLT_PPP_SERIAL	50	/* rfc1662 PPP over serial with HDLC encapsulation */

# LINKTYPE_PPP_ETHER	51		/* NetBSD PPP-over-Ethernet */
# DLT_PPP_ETHER	51	/* rfc2516 PPP over Ethernet */

# with or without HDLC framing ( ff03 header )
# LINKTYPE_PPP		DLT_PPP 9	/* Point-to-point Protocol */

# DLT_PPP_BSDOS	16	/* BSD/OS Point-to-point Protocol */

$filehdr->{linktype} = 50;

write_file_header($ofh, pack_file_header($filehdr));
while (!$ifh->eof) {
    my $pkthdrdata= read_pkt_header($ifh);
    my $pkt= unpack_pkt_header($pkthdrdata);

    my $pktdata;
    $ifh->read($pktdata, $pkt->{len});

    my ($newpkt, $newdata)= convert_pkt($pkt, $pktdata);

    $ofh->print(pack_pkt_header($newpkt));
    $ofh->print($newdata);
}

sub convert_pkt {
    my ($oldhdr, $olddata)= @_;
    my $dir= (substr($olddata,0,5) eq " SEND");
    printf("%d %s\n", $dir, substr($olddata,0,5));
    my $newdata= ($dir?"\xff\x00":"\xff\x01").substr($olddata, 12);

    my %newhdr= (
        ts=>$oldhdr->{ts},
        len=>length($newdata),
        caplen=>length($newdata),
    );

    return (\%newhdr, $newdata);
}
sub read_file_header {
    my ($fh)= @_;
    my $hdr;
    $fh->read($hdr, 24);

    return $hdr;
}
sub write_file_header {
    my ($fh, $hdr)= @_;
    $fh->print($hdr);
}
sub unpack_file_header {
    my ($data)= @_;
    my %hdr;
    (
	    $hdr{magic},
	    $hdr{version_major},
	    $hdr{version_minor},
	    $hdr{thiszone},
	    $hdr{sigfigs},
	    $hdr{snaplen},
	    $hdr{linktype},
    ) = unpack("VvvVVVV", $data);

    return \%hdr;
}
sub pack_file_header {
    my ($hdr)= @_;
    return pack("VvvVVVV", 
	    $hdr->{magic},
	    $hdr->{version_major},
	    $hdr->{version_minor},
	    $hdr->{thiszone},
	    $hdr->{sigfigs},
	    $hdr->{snaplen},
	    $hdr->{linktype},
    );
}


sub read_pkt_header {
    my ($fh)= @_;
    my $hdr;
    $fh->read($hdr, 16);

    return $hdr;
}
sub write_pkt_header {
    my ($fh, $hdr)= @_;
    $fh->print($hdr);
}
sub unpack_pkt_header {
    my ($data)= @_;
    my %hdr;
    (
	    $hdr{ts},
	    $hdr{caplen},
	    $hdr{len},
    ) = unpack("a8VV", $data);

    return \%hdr;
}
sub pack_pkt_header {
    my ($hdr)= @_;
    return pack("a8VV", 
	    $hdr->{ts},
	    $hdr->{caplen},
	    $hdr->{len},
    );
}