1998-11-12 06:01:27 +00:00
|
|
|
/* lanalyzer.c
|
|
|
|
|
*
|
2001-10-04 08:30:36 +00:00
|
|
|
* $Id: lanalyzer.c,v 1.29 2001/10/04 08:30:35 guy Exp $
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
|
* Wiretap Library
|
2000-01-22 06:22:44 +00:00
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
*
|
|
|
|
|
*/
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
#include "config.h"
|
|
|
|
|
#endif
|
1998-11-15 05:29:17 +00:00
|
|
|
#include <stdlib.h>
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
#include <errno.h>
|
2000-05-19 23:07:04 +00:00
|
|
|
#include "wtap-int.h"
|
2000-01-13 07:09:20 +00:00
|
|
|
#include "file_wrappers.h"
|
1999-03-01 18:57:07 +00:00
|
|
|
#include "buffer.h"
|
1998-11-12 06:01:27 +00:00
|
|
|
#include "lanalyzer.h"
|
|
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
/* The LANalyzer format is documented (at least in part) in Novell document
|
|
|
|
|
TID022037, which can be found at, among other places:
|
|
|
|
|
|
|
|
|
|
http://www.hackzone.ru/nsp/info/nw/lan/trace.txt
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/* Record types. */
|
|
|
|
|
#define REC_TRACE_HEADER 0x1001
|
|
|
|
|
#define REC_CYCLIC_TRACE_HEADER 0x1007
|
|
|
|
|
#define REC_TRACE_SUMMARY 0x1002
|
|
|
|
|
#define REC_TRACE_PACKET_DATA 0x1005
|
|
|
|
|
|
|
|
|
|
/* LANalyzer board types (which indicate the type of network on which
|
|
|
|
|
the capture was done). */
|
|
|
|
|
#define BOARD_325 226 /* LANalyzer 325 (Ethernet) */
|
|
|
|
|
#define BOARD_325TR 227 /* LANalyzer 325TR (Token-ring) */
|
|
|
|
|
|
2001-10-04 08:30:36 +00:00
|
|
|
static gboolean lanalyzer_read(wtap *wth, int *err, long *data_offset);
|
2000-03-22 07:06:59 +00:00
|
|
|
static void lanalyzer_close(wtap *wth);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
|
|
|
|
|
int lanalyzer_open(wtap *wth, int *err)
|
1998-11-12 06:01:27 +00:00
|
|
|
{
|
|
|
|
|
int bytes_read;
|
1999-08-20 04:49:18 +00:00
|
|
|
char LE_record_type[2];
|
|
|
|
|
char LE_record_length[2];
|
1998-11-12 06:01:27 +00:00
|
|
|
char summary[210];
|
1998-11-23 04:40:22 +00:00
|
|
|
guint16 board_type, mxslc;
|
1999-08-20 04:49:18 +00:00
|
|
|
guint16 record_type, record_length;
|
1998-11-23 04:40:22 +00:00
|
|
|
guint8 cr_day, cr_month, cr_year;
|
1998-12-13 05:08:05 +00:00
|
|
|
struct tm tm;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
errno = WTAP_ERR_CANT_READ;
|
1999-09-22 01:26:50 +00:00
|
|
|
bytes_read = file_read(LE_record_type, 1, 2, wth->fh);
|
|
|
|
|
bytes_read += file_read(LE_record_length, 1, 2, wth->fh);
|
1998-11-12 06:01:27 +00:00
|
|
|
if (bytes_read != 4) {
|
1999-10-05 07:06:08 +00:00
|
|
|
*err = file_error(wth->fh);
|
|
|
|
|
if (*err != 0)
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return -1;
|
|
|
|
|
return 0;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += 4;
|
1999-08-20 04:49:18 +00:00
|
|
|
record_type = pletohs(LE_record_type);
|
|
|
|
|
record_length = pletohs(LE_record_length); /* make sure to do this for while() loop */
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1999-08-20 04:49:18 +00:00
|
|
|
if (record_type != REC_TRACE_HEADER && record_type != REC_CYCLIC_TRACE_HEADER) {
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return 0;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If we made it this far, then the file is a LANAlyzer file.
|
1999-08-20 04:49:18 +00:00
|
|
|
* Let's get some info from it. Note that we get wth->snapshot_length
|
|
|
|
|
* from a record later in the file. */
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
wth->file_type = WTAP_FILE_LANALYZER;
|
1998-11-12 06:01:27 +00:00
|
|
|
wth->capture.lanalyzer = g_malloc(sizeof(lanalyzer_t));
|
|
|
|
|
wth->subtype_read = lanalyzer_read;
|
2000-05-18 09:09:50 +00:00
|
|
|
wth->subtype_seek_read = wtap_def_seek_read;
|
2000-03-22 07:06:59 +00:00
|
|
|
wth->subtype_close = lanalyzer_close;
|
1999-08-20 04:49:18 +00:00
|
|
|
wth->snapshot_length = 0;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
|
|
|
|
/* Read records until we find the start of packets */
|
|
|
|
|
while (1) {
|
1999-09-22 01:26:50 +00:00
|
|
|
file_seek(wth->fh, record_length, SEEK_CUR);
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += record_length;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
errno = WTAP_ERR_CANT_READ;
|
1999-09-22 01:26:50 +00:00
|
|
|
bytes_read = file_read(LE_record_type, 1, 2, wth->fh);
|
|
|
|
|
bytes_read += file_read(LE_record_length, 1, 2, wth->fh);
|
1998-11-12 06:01:27 +00:00
|
|
|
if (bytes_read != 4) {
|
1999-10-05 07:06:08 +00:00
|
|
|
*err = file_error(wth->fh);
|
|
|
|
|
if (*err != 0) {
|
1999-11-10 19:47:57 +00:00
|
|
|
g_free(wth->capture.lanalyzer);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
1999-08-20 04:49:18 +00:00
|
|
|
g_free(wth->capture.lanalyzer);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return 0;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += 4;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1999-08-20 04:49:18 +00:00
|
|
|
record_type = pletohs(LE_record_type);
|
|
|
|
|
record_length = pletohs(LE_record_length);
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1999-08-20 04:49:18 +00:00
|
|
|
/*g_message("Record 0x%04X Length %d", record_type, record_length);*/
|
|
|
|
|
switch (record_type) {
|
1998-11-12 06:01:27 +00:00
|
|
|
/* Trace Summary Record */
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
case REC_TRACE_SUMMARY:
|
|
|
|
|
errno = WTAP_ERR_CANT_READ;
|
1999-09-22 01:26:50 +00:00
|
|
|
bytes_read = file_read(summary, 1, sizeof summary,
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
wth->fh);
|
|
|
|
|
if (bytes_read != sizeof summary) {
|
1999-10-05 07:06:08 +00:00
|
|
|
*err = file_error(wth->fh);
|
|
|
|
|
if (*err != 0) {
|
1999-08-20 04:49:18 +00:00
|
|
|
g_free(wth->capture.lanalyzer);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
1999-08-20 04:49:18 +00:00
|
|
|
g_free(wth->capture.lanalyzer);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += sizeof summary;
|
1998-11-23 04:40:22 +00:00
|
|
|
|
|
|
|
|
/* Assume that the date of the creation of the trace file
|
|
|
|
|
* is the same date of the trace. Lanalyzer doesn't
|
|
|
|
|
* store the creation date/time of the trace, but only of
|
|
|
|
|
* the file. Unless you traced at 11:55 PM and saved at 00:05
|
|
|
|
|
* AM, the assumption that trace.date == file.date is true.
|
|
|
|
|
*/
|
|
|
|
|
cr_day = summary[0];
|
|
|
|
|
cr_month = summary[1];
|
|
|
|
|
cr_year = pletohs(&summary[2]);
|
1998-12-13 05:08:05 +00:00
|
|
|
/*g_message("Day %d Month %d Year %d (%04X)", cr_day, cr_month,
|
|
|
|
|
cr_year, cr_year);*/
|
1998-11-23 04:40:22 +00:00
|
|
|
|
1998-12-13 05:08:05 +00:00
|
|
|
/* Get capture start time. I learned how to do
|
|
|
|
|
* this from Guy's code in ngsniffer.c
|
|
|
|
|
*/
|
|
|
|
|
/* this strange year offset is not in the
|
|
|
|
|
* lanalyzer file format documentation, but it
|
|
|
|
|
* works. */
|
|
|
|
|
tm.tm_year = cr_year - (1900 - 1792);
|
|
|
|
|
tm.tm_mon = cr_month - 1;
|
|
|
|
|
tm.tm_mday = cr_day;
|
|
|
|
|
tm.tm_hour = 0;
|
|
|
|
|
tm.tm_min = 0;
|
|
|
|
|
tm.tm_sec = 0;
|
|
|
|
|
tm.tm_isdst = -1;
|
|
|
|
|
wth->capture.lanalyzer->start = mktime(&tm);
|
1998-12-13 05:38:13 +00:00
|
|
|
/*g_message("Day %d Month %d Year %d", tm.tm_mday,
|
|
|
|
|
tm.tm_mon, tm.tm_year);*/
|
1998-11-23 04:40:22 +00:00
|
|
|
mxslc = pletohs(&summary[30]);
|
|
|
|
|
wth->snapshot_length = mxslc;
|
|
|
|
|
|
1999-08-20 04:49:18 +00:00
|
|
|
record_length = 0; /* to fake the next iteration of while() */
|
1998-11-12 06:01:27 +00:00
|
|
|
board_type = pletohs(&summary[188]);
|
|
|
|
|
switch (board_type) {
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
case BOARD_325:
|
1999-03-01 18:57:07 +00:00
|
|
|
wth->file_encap = WTAP_ENCAP_ETHERNET;
|
1998-11-12 06:01:27 +00:00
|
|
|
break;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
case BOARD_325TR:
|
2000-09-21 04:41:37 +00:00
|
|
|
wth->file_encap = WTAP_ENCAP_TOKEN_RING;
|
1998-11-12 06:01:27 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
1999-08-22 02:29:40 +00:00
|
|
|
g_message("lanalyzer: board type %u unknown",
|
|
|
|
|
board_type);
|
|
|
|
|
g_free(wth->capture.lanalyzer);
|
|
|
|
|
*err = WTAP_ERR_UNSUPPORTED;
|
|
|
|
|
return -1;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
/* Trace Packet Data Record */
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
case REC_TRACE_PACKET_DATA:
|
1999-08-20 04:49:18 +00:00
|
|
|
/* Go back header number ob ytes so that lanalyzer_read
|
|
|
|
|
* can read this header */
|
1999-09-22 01:26:50 +00:00
|
|
|
file_seek(wth->fh, -bytes_read, SEEK_CUR);
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset -= bytes_read;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return 1;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1999-08-20 04:49:18 +00:00
|
|
|
default:
|
|
|
|
|
; /* no action */
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
#define DESCRIPTOR_LEN 32
|
|
|
|
|
|
1998-11-12 06:01:27 +00:00
|
|
|
/* Read the next packet */
|
2001-10-04 08:30:36 +00:00
|
|
|
static gboolean lanalyzer_read(wtap *wth, int *err, long *data_offset)
|
1998-11-12 06:01:27 +00:00
|
|
|
{
|
1999-08-20 04:49:18 +00:00
|
|
|
int packet_size = 0;
|
|
|
|
|
int bytes_read;
|
|
|
|
|
char LE_record_type[2];
|
|
|
|
|
char LE_record_length[2];
|
|
|
|
|
guint16 record_type, record_length;
|
|
|
|
|
gchar descriptor[DESCRIPTOR_LEN];
|
|
|
|
|
guint16 time_low, time_med, time_high, true_size;
|
|
|
|
|
double t;
|
|
|
|
|
|
|
|
|
|
/* read the record type and length. */
|
|
|
|
|
errno = WTAP_ERR_CANT_READ;
|
1999-09-22 01:26:50 +00:00
|
|
|
bytes_read = file_read(LE_record_type, 1, 2, wth->fh);
|
1999-08-20 04:49:18 +00:00
|
|
|
if (bytes_read != 2) {
|
1999-10-05 07:06:08 +00:00
|
|
|
*err = file_error(wth->fh);
|
2000-09-07 05:34:23 +00:00
|
|
|
if (*err == 0 && bytes_read != 0) {
|
1999-08-20 04:49:18 +00:00
|
|
|
*err = WTAP_ERR_SHORT_READ;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
}
|
2000-09-07 05:34:23 +00:00
|
|
|
return FALSE;
|
1999-08-20 04:49:18 +00:00
|
|
|
}
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += 2;
|
1999-09-22 01:26:50 +00:00
|
|
|
bytes_read = file_read(LE_record_length, 1, 2, wth->fh);
|
1999-08-20 04:49:18 +00:00
|
|
|
if (bytes_read != 2) {
|
1999-10-05 07:06:08 +00:00
|
|
|
*err = file_error(wth->fh);
|
|
|
|
|
if (*err == 0)
|
1999-08-20 04:49:18 +00:00
|
|
|
*err = WTAP_ERR_SHORT_READ;
|
2000-09-07 05:34:23 +00:00
|
|
|
return FALSE;
|
1999-08-20 04:49:18 +00:00
|
|
|
}
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += 2;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1999-08-20 04:49:18 +00:00
|
|
|
record_type = pletohs(LE_record_type);
|
|
|
|
|
record_length = pletohs(LE_record_length);
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1999-08-20 04:49:18 +00:00
|
|
|
/* Only Trace Packet Data Records should occur now that we're in
|
|
|
|
|
* the middle of reading packets. If any other record type exists
|
|
|
|
|
* after a Trace Packet Data Record, mark it as an error. */
|
|
|
|
|
if (record_type != REC_TRACE_PACKET_DATA) {
|
1999-08-22 02:29:40 +00:00
|
|
|
g_message("lanalyzer: record type %u seen after trace summary record",
|
|
|
|
|
record_type);
|
1999-08-20 04:49:18 +00:00
|
|
|
*err = WTAP_ERR_BAD_RECORD;
|
2000-09-07 05:34:23 +00:00
|
|
|
return FALSE;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
|
|
|
|
else {
|
1999-08-20 04:49:18 +00:00
|
|
|
packet_size = record_length - DESCRIPTOR_LEN;
|
|
|
|
|
}
|
1998-11-12 06:01:27 +00:00
|
|
|
|
|
|
|
|
/* Read the descriptor data */
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
errno = WTAP_ERR_CANT_READ;
|
1999-09-22 01:26:50 +00:00
|
|
|
bytes_read = file_read(descriptor, 1, DESCRIPTOR_LEN, wth->fh);
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
if (bytes_read != DESCRIPTOR_LEN) {
|
1999-10-05 07:06:08 +00:00
|
|
|
*err = file_error(wth->fh);
|
|
|
|
|
if (*err == 0)
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
*err = WTAP_ERR_SHORT_READ;
|
2000-09-07 05:34:23 +00:00
|
|
|
return FALSE;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += DESCRIPTOR_LEN;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1998-11-23 04:40:22 +00:00
|
|
|
/* Read the packet data */
|
1999-03-01 18:57:07 +00:00
|
|
|
buffer_assure_space(wth->frame_buffer, packet_size);
|
2000-09-07 05:34:23 +00:00
|
|
|
*data_offset = wth->data_offset;
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
errno = WTAP_ERR_CANT_READ;
|
1999-09-22 01:26:50 +00:00
|
|
|
bytes_read = file_read(buffer_start_ptr(wth->frame_buffer), 1,
|
1998-11-12 06:01:27 +00:00
|
|
|
packet_size, wth->fh);
|
|
|
|
|
|
|
|
|
|
if (bytes_read != packet_size) {
|
1999-10-05 07:06:08 +00:00
|
|
|
*err = file_error(wth->fh);
|
|
|
|
|
if (*err == 0)
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
*err = WTAP_ERR_SHORT_READ;
|
2000-09-07 05:34:23 +00:00
|
|
|
return FALSE;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
1999-08-28 01:19:45 +00:00
|
|
|
wth->data_offset += packet_size;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
1998-11-23 04:40:22 +00:00
|
|
|
true_size = pletohs(&descriptor[4]);
|
|
|
|
|
time_low = pletohs(&descriptor[8]);
|
|
|
|
|
time_med = pletohs(&descriptor[10]);
|
|
|
|
|
time_high = pletohs(&descriptor[12]);
|
|
|
|
|
|
|
|
|
|
t = (double)time_low+(double)(time_med)*65536.0 +
|
1998-12-13 05:08:05 +00:00
|
|
|
(double)time_high*4294967296.0;
|
1998-11-23 15:48:38 +00:00
|
|
|
t = t/1000000.0 * 0.5; /* t = # of secs */
|
1998-12-13 05:08:05 +00:00
|
|
|
t += wth->capture.lanalyzer->start;
|
1998-11-23 04:40:22 +00:00
|
|
|
|
|
|
|
|
wth->phdr.ts.tv_sec = (long)t;
|
|
|
|
|
wth->phdr.ts.tv_usec = (unsigned long)((t-(double)(wth->phdr.ts.tv_sec))
|
|
|
|
|
*1.0e6);
|
|
|
|
|
|
|
|
|
|
wth->phdr.len = true_size - 4;
|
1998-11-12 06:01:27 +00:00
|
|
|
wth->phdr.caplen = packet_size;
|
1999-03-01 18:57:07 +00:00
|
|
|
wth->phdr.pkt_encap = wth->file_encap;
|
1998-11-12 06:01:27 +00:00
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
return TRUE;
|
1998-11-12 06:01:27 +00:00
|
|
|
}
|
2000-03-22 07:06:59 +00:00
|
|
|
|
|
|
|
|
static void
|
|
|
|
|
lanalyzer_close(wtap *wth)
|
|
|
|
|
{
|
|
|
|
|
g_free(wth->capture.lanalyzer);
|
|
|
|
|
}
|