2021-11-30 13:01:36 +00:00
|
|
|
/** @file
|
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* Definitions for packet capture windows
|
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
1998-09-16 02:39:15 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
2018-02-07 11:26:45 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
1998-09-16 02:39:15 +00:00
|
|
|
*/
|
|
|
|
|
2005-03-07 10:19:33 +00:00
|
|
|
/* This file should only be included if libpcap is present */
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
#ifndef __CAPTURE_H__
|
|
|
|
#define __CAPTURE_H__
|
|
|
|
|
2004-06-04 17:19:01 +00:00
|
|
|
/** @file
|
|
|
|
* Capture related things.
|
|
|
|
*/
|
|
|
|
|
2005-12-03 19:32:54 +00:00
|
|
|
#include "capture_opts.h"
|
2015-12-17 04:15:03 +00:00
|
|
|
#include "capture_info.h"
|
2020-05-02 13:12:07 +00:00
|
|
|
#include "cfile.h"
|
2021-03-24 22:09:19 +00:00
|
|
|
#include "capture/capture_session.h"
|
2005-05-26 17:50:27 +00:00
|
|
|
|
2011-12-29 00:08:47 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
2008-06-24 08:05:45 +00:00
|
|
|
typedef enum {
|
2017-11-29 00:03:11 +00:00
|
|
|
capture_cb_capture_prepared,
|
|
|
|
capture_cb_capture_update_started,
|
|
|
|
capture_cb_capture_update_continue,
|
|
|
|
capture_cb_capture_update_finished,
|
|
|
|
capture_cb_capture_fixed_started,
|
|
|
|
capture_cb_capture_fixed_continue,
|
|
|
|
capture_cb_capture_fixed_finished,
|
|
|
|
capture_cb_capture_stopping,
|
|
|
|
capture_cb_capture_failed
|
2008-06-24 08:05:45 +00:00
|
|
|
} capture_cbs;
|
|
|
|
|
2013-05-22 07:44:28 +00:00
|
|
|
typedef void (*capture_callback_t) (gint event, capture_session *cap_session,
|
2008-06-24 08:05:45 +00:00
|
|
|
gpointer user_data);
|
|
|
|
|
|
|
|
extern void
|
|
|
|
capture_callback_add(capture_callback_t func, gpointer user_data);
|
|
|
|
|
|
|
|
extern void
|
2014-09-09 20:42:58 +00:00
|
|
|
capture_callback_remove(capture_callback_t func, gpointer user_data);
|
2008-06-24 08:05:45 +00:00
|
|
|
|
2020-03-25 22:33:01 +00:00
|
|
|
/**
|
|
|
|
* Initialize a capture session.
|
|
|
|
*
|
|
|
|
* @param cap_session the handle for the capture session
|
|
|
|
* @param cf the capture_file for the file
|
|
|
|
*/
|
|
|
|
extern void
|
|
|
|
capture_input_init(capture_session *cap_session, capture_file *cf);
|
|
|
|
|
2007-06-11 03:58:58 +00:00
|
|
|
/**
|
2005-03-28 18:04:09 +00:00
|
|
|
* Start a capture session.
|
2004-10-30 17:50:51 +00:00
|
|
|
*
|
2005-02-05 11:37:56 +00:00
|
|
|
* @param capture_opts the numerous capture options
|
Clean up handling of --capture-comment.
Don't store the comments in a capture_options structure, because that's
available only if we're being built with capture support, and
--capture-comment can be used in TShark when reading a capture file and
writing another capture file, with no live capture taking place.
This means we don't handle that option in capture_opts_add_opt(); handle
it in the programs that support it.
Support writing multiple comments in dumpcap when capturing.
These changes also fix builds without pcap, and makes --capture-comment
work in Wireshark when a capture is started from the command line with
-k.
Update the help messages to indicate that --capture-comment adds a
capture comment, it doesn't change any comment (much less "the" comment,
as there isn't necessarily a single comment).
Update the man pages:
- not to presume that only pcapng files support file comments (even if
that's true now, it might not be true in the future);
- to note that multiple instances of --capture-comment are supported,
and that multiple comments will be written, whether capturing or reading
one file and writing another;
- clarify that Wireshark doesn't *discard* SHB comments other than the
first one, even though it only displays the first one;
2021-07-15 05:16:30 +00:00
|
|
|
* @param capture_comments if not NULL, a GPtrArray * to a set of comments
|
|
|
|
* to put in the capture file's Section Header Block if it's a pcapng file
|
2020-03-25 22:33:01 +00:00
|
|
|
* @param cap_session the handle for the capture session
|
2016-01-26 08:25:42 +00:00
|
|
|
* @param cap_data a struct with capture info data
|
2013-12-15 19:07:26 +00:00
|
|
|
* @param update_cb update screen
|
2005-02-05 11:37:56 +00:00
|
|
|
* @return TRUE if the capture starts successfully, FALSE otherwise.
|
|
|
|
*/
|
2013-05-22 07:44:28 +00:00
|
|
|
extern gboolean
|
Clean up handling of --capture-comment.
Don't store the comments in a capture_options structure, because that's
available only if we're being built with capture support, and
--capture-comment can be used in TShark when reading a capture file and
writing another capture file, with no live capture taking place.
This means we don't handle that option in capture_opts_add_opt(); handle
it in the programs that support it.
Support writing multiple comments in dumpcap when capturing.
These changes also fix builds without pcap, and makes --capture-comment
work in Wireshark when a capture is started from the command line with
-k.
Update the help messages to indicate that --capture-comment adds a
capture comment, it doesn't change any comment (much less "the" comment,
as there isn't necessarily a single comment).
Update the man pages:
- not to presume that only pcapng files support file comments (even if
that's true now, it might not be true in the future);
- to note that multiple instances of --capture-comment are supported,
and that multiple comments will be written, whether capturing or reading
one file and writing another;
- clarify that Wireshark doesn't *discard* SHB comments other than the
first one, even though it only displays the first one;
2021-07-15 05:16:30 +00:00
|
|
|
capture_start(capture_options *capture_opts, GPtrArray *capture_comments,
|
|
|
|
capture_session *cap_session, info_data_t* cap_data,
|
|
|
|
void(*update_cb)(void));
|
2005-03-28 18:04:09 +00:00
|
|
|
|
|
|
|
/** Stop a capture session (usually from a menu item). */
|
2013-05-22 07:44:28 +00:00
|
|
|
extern void
|
|
|
|
capture_stop(capture_session *cap_session);
|
2005-03-28 18:04:09 +00:00
|
|
|
|
|
|
|
/** Terminate the capture child cleanly when exiting. */
|
2013-05-22 07:44:28 +00:00
|
|
|
extern void
|
|
|
|
capture_kill_child(capture_session *cap_session);
|
Add a new global flag "capture_child", which is TRUE if we're a child
process for a sync mode or fork mode capture.
Have that flag control whether we do things that *only* the parent or
*only* the child should do, rather than basing it solely on the setting
of "sync_mode" or "fork_mode" (or, in the case of stuff done in the
child process either in sync mode or fork mode, rather than basing it on
the setting of those flags at all).
Split "do_capture()" into a "run_capture()" routine that starts a
capture (possibly by forking off and execing a child process, if we're
supposed to do sync mode or fork mode captures), and that assumes the
file to which the capture is to write has already been opened and that
"cf.save_file_fd" is the file descriptor for that file, and a
"do_capture()" routine that creates a temporary file, getting an FD for
it, and calls "run_capture()".
Use "run_capture()", rather than "capture()", for "-k" captures, so that
it'll do the capture in a child process if "-S" or "-F" was specified
("do_capture()" won't do because "-k" captures should write to the file
specified by the "-w" flag, not some random temporary file).
For child process captures, however, just use "capture()" - the child
process shouldn't itself fork off a child if we're in sync or fork mode,
and should just write to the file whose file descriptor was specified by
the "-W" flag on the command line.
All this allows you to do "ethereal -S -w <file> -i <interface> -k" to
start a sync mode capture from the command line.
svn path=/trunk/; revision=740
1999-09-30 06:50:01 +00:00
|
|
|
|
2007-08-02 21:45:27 +00:00
|
|
|
struct if_stat_cache_s;
|
|
|
|
typedef struct if_stat_cache_s if_stat_cache_t;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Start gathering capture statistics for the interfaces specified.
|
2013-04-26 18:28:21 +00:00
|
|
|
* @param capture_opts A structure containing options for the capture.
|
2007-08-02 21:45:27 +00:00
|
|
|
* @return A pointer to the statistics state data.
|
|
|
|
*/
|
2018-12-13 17:42:23 +00:00
|
|
|
extern WS_RETNONNULL if_stat_cache_t * capture_stat_start(capture_options *capture_opts);
|
2007-08-02 21:45:27 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Fetch capture statistics, similar to pcap_stats().
|
|
|
|
*/
|
|
|
|
struct pcap_stat; /* Stub in case we don't or haven't yet included pcap.h */
|
|
|
|
extern gboolean capture_stats(if_stat_cache_t *sc, char *ifname, struct pcap_stat *ps);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Stop gathering capture statistics.
|
|
|
|
*/
|
|
|
|
void capture_stat_stop(if_stat_cache_t *sc);
|
|
|
|
|
2011-12-29 00:08:47 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
2014-10-14 19:58:21 +00:00
|
|
|
#endif /* capture.h */
|