1998-11-12 06:01:27 +00:00
|
|
|
/* wtap.c
|
|
|
|
|
*
|
2001-10-04 08:30:36 +00:00
|
|
|
* $Id: wtap.c,v 1.55 2001/10/04 08:30:36 guy Exp $
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
|
* Wiretap Library
|
2000-01-22 06:22:44 +00:00
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
*
|
|
|
|
|
*/
|
1999-08-22 02:52:48 +00:00
|
|
|
#include <string.h>
|
1999-09-22 01:26:50 +00:00
|
|
|
#include <errno.h>
|
1999-08-22 02:52:48 +00:00
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
|
#include "config.h"
|
|
|
|
|
#endif
|
2000-05-19 23:07:04 +00:00
|
|
|
#include "wtap-int.h"
|
2000-01-13 07:09:20 +00:00
|
|
|
#include "file_wrappers.h"
|
1999-03-01 18:57:07 +00:00
|
|
|
#include "buffer.h"
|
1998-11-12 00:06:47 +00:00
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
int
|
|
|
|
|
wtap_fd(wtap *wth)
|
1999-09-23 04:39:01 +00:00
|
|
|
{
|
|
|
|
|
return wth->fd;
|
|
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
int
|
|
|
|
|
wtap_file_type(wtap *wth)
|
1998-11-12 00:06:47 +00:00
|
|
|
{
|
|
|
|
|
return wth->file_type;
|
|
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
int
|
|
|
|
|
wtap_snapshot_length(wtap *wth)
|
1998-11-12 00:06:47 +00:00
|
|
|
{
|
1998-11-15 05:29:17 +00:00
|
|
|
return wth->snapshot_length;
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
int
|
|
|
|
|
wtap_file_encap(wtap *wth)
|
Add "wtap_file_encap()", to return the encapsulation of packets in the
file (which could be WTAP_ENCAP_UNKNOWN, if we couldn't determine it, or
WTAP_ENCAP_PER_PACKET, if we could determine the encapsulation of
packets in the file, but they didn't all have the same encapsulation).
This may be useful in the future, if we allow files to be saved in
different capture file formats - we'd have to specify, when creating the
capture file, the per-file encapsulation, for those formats that don't
support per-packet encapsulations (we wouldn't be able to save a
multi-encapsulation capture in those formats).
Make the code to read "iptrace" files set the per-file packet
encapsulation - set it to the type of the first packet seen, and, if any
subsequent packets have a different encapsulation, set it to
WTAP_ENCAP_PER_PACKET.
svn path=/trunk/; revision=772
1999-10-06 03:29:36 +00:00
|
|
|
{
|
|
|
|
|
return wth->file_encap;
|
|
|
|
|
}
|
|
|
|
|
|
1999-12-05 01:24:54 +00:00
|
|
|
/* Table of the encapsulation types we know about. */
|
2001-07-13 00:55:58 +00:00
|
|
|
static const struct encap_type_info {
|
1999-12-05 01:24:54 +00:00
|
|
|
const char *name;
|
|
|
|
|
const char *short_name;
|
|
|
|
|
} encap_table[WTAP_NUM_ENCAP_TYPES] = {
|
|
|
|
|
/* WTAP_ENCAP_UNKNOWN */
|
|
|
|
|
{ "Unknown", NULL },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_ETHERNET */
|
|
|
|
|
{ "Ethernet", "ether" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_TR */
|
|
|
|
|
{ "Token Ring", "tr" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_SLIP */
|
|
|
|
|
{ "SLIP", "slip" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_PPP */
|
|
|
|
|
{ "PPP", "ppp" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_FDDI */
|
|
|
|
|
{ "FDDI", "fddi" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_FDDI_BITSWAPPED */
|
|
|
|
|
{ "FDDI with bit-swapped MAC addresses", "fddi-swapped" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_RAW_IP */
|
|
|
|
|
{ "Raw IP", "rawip" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_ARCNET */
|
|
|
|
|
{ "ARCNET", "arcnet" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_ATM_RFC1483 */
|
|
|
|
|
{ "RFC 1483 ATM", "atm-rfc1483" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_LINUX_ATM_CLIP */
|
|
|
|
|
{ "Linux ATM CLIP", "linux-atm-clip" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_LAPB */
|
|
|
|
|
{ "LAPB", "lapb" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_ATM_SNIFFER */
|
|
|
|
|
{ "ATM Sniffer", "atm-sniffer" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_NULL */
|
|
|
|
|
{ "NULL", "null" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_ASCEND */
|
|
|
|
|
{ "Lucent/Ascend access equipment", "ascend" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_LAPD */
|
1999-12-12 22:40:10 +00:00
|
|
|
{ "LAPD", "lapd" },
|
|
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_V120 */
|
1999-12-12 22:53:25 +00:00
|
|
|
{ "V.120", "v120" },
|
2000-09-28 04:19:09 +00:00
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_PPP_WITH_PHDR */
|
|
|
|
|
{ "PPP with Directional Info", "ppp-with-direction" },
|
|
|
|
|
|
2000-11-15 05:42:35 +00:00
|
|
|
/* WTAP_ENCAP_IEEE_802_11 */
|
|
|
|
|
{ "IEEE 802.11 Wireless LAN", "ieee-802-11" },
|
|
|
|
|
|
2000-12-23 08:06:16 +00:00
|
|
|
/* WTAP_ENCAP_SLL */
|
|
|
|
|
{ "Linux cooked-mode capture", "linux-sll" },
|
2001-01-08 22:18:22 +00:00
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_FRELAY */
|
|
|
|
|
{ "Frame Relay", "frelay" },
|
Add a new Wiretap encapsulation type for Cisco HDLC. Map the NetBSD
DLT_HDLC to it.
Make a separate dissector for Cisco HDLC, and add a dissector for Cisco
SLARP. Have the PPP dissector call the Cisco HDLC dissector if the
address field is the Cisco HDLC unicast or multicast address. Use the
Cisco HDLC dissector for the Cisco HDLC Wiretap encapsulation type.
Add a new dissector table "chdlctype", for Cisco HDLC packet types
(they're *almost* the same as Ethernet types, but 0x8035 is SLARP, not
Reverse ARP, and 0x2000 is the Cisco Discovery protocol, for example),
replacing "fr.chdlc".
Have a "chdlctype()" routine, similar to "ethertype()", used both by the
Cisco HDLC and Frame Relay dissectors. Have a "chdlc_vals[]"
"value_string" table for Cisco HDLC types and protocol names. Split the
packet type field in the Frame Relay dissector into separate SNAP and
Cisco HDLC fields, and give them the Ethernet type and Cisco HDLC type
"value_string" tables, respectively.
svn path=/trunk/; revision=3133
2001-03-15 09:11:03 +00:00
|
|
|
|
|
|
|
|
/* WTAP_ENCAP_CHDLC */
|
|
|
|
|
{ "Cisco HDLC", "chdlc" },
|
1999-12-05 01:24:54 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* Name that should be somewhat descriptive. */
|
2000-09-07 05:34:23 +00:00
|
|
|
const char
|
|
|
|
|
*wtap_encap_string(int encap)
|
1999-12-05 01:24:54 +00:00
|
|
|
{
|
|
|
|
|
if (encap < 0 || encap >= WTAP_NUM_ENCAP_TYPES)
|
|
|
|
|
return NULL;
|
|
|
|
|
else
|
|
|
|
|
return encap_table[encap].name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Name to use in, say, a command-line flag specifying the type. */
|
2000-09-07 05:34:23 +00:00
|
|
|
const char
|
|
|
|
|
*wtap_encap_short_string(int encap)
|
1999-12-05 01:24:54 +00:00
|
|
|
{
|
|
|
|
|
if (encap < 0 || encap >= WTAP_NUM_ENCAP_TYPES)
|
|
|
|
|
return NULL;
|
|
|
|
|
else
|
|
|
|
|
return encap_table[encap].short_name;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Translate a short name to a capture file type. */
|
2000-09-07 05:34:23 +00:00
|
|
|
int
|
|
|
|
|
wtap_short_string_to_encap(const char *short_name)
|
1999-12-05 01:24:54 +00:00
|
|
|
{
|
|
|
|
|
int encap;
|
|
|
|
|
|
|
|
|
|
for (encap = 0; encap < WTAP_NUM_ENCAP_TYPES; encap++) {
|
|
|
|
|
if (encap_table[encap].short_name != NULL &&
|
|
|
|
|
strcmp(short_name, encap_table[encap].short_name) == 0)
|
|
|
|
|
return encap;
|
|
|
|
|
}
|
|
|
|
|
return -1; /* no such encapsulation type */
|
|
|
|
|
}
|
|
|
|
|
|
1999-08-22 02:52:48 +00:00
|
|
|
static const char *wtap_errlist[] = {
|
|
|
|
|
"The file isn't a plain file",
|
|
|
|
|
"The file isn't a capture file in a known format",
|
|
|
|
|
"File contains record data we don't support",
|
|
|
|
|
NULL,
|
|
|
|
|
"Files can't be saved in that format",
|
1999-08-22 03:50:31 +00:00
|
|
|
"Files from that network type can't be saved in that format",
|
1999-08-22 02:52:48 +00:00
|
|
|
"That format doesn't support per-packet encapsulations",
|
|
|
|
|
NULL,
|
|
|
|
|
NULL,
|
|
|
|
|
"Less data was read than was expected",
|
|
|
|
|
"File contains a record that's not valid",
|
2000-05-25 09:00:24 +00:00
|
|
|
"Less data was written than was requested",
|
|
|
|
|
"Uncompression error: data oddly truncated",
|
|
|
|
|
"Uncompression error: data would overflow buffer",
|
|
|
|
|
"Uncompression error: bad LZ77 offset",
|
1999-08-22 02:52:48 +00:00
|
|
|
};
|
|
|
|
|
#define WTAP_ERRLIST_SIZE (sizeof wtap_errlist / sizeof wtap_errlist[0])
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
const char
|
|
|
|
|
*wtap_strerror(int err)
|
1999-08-22 02:52:48 +00:00
|
|
|
{
|
2000-08-19 18:31:23 +00:00
|
|
|
static char errbuf[128];
|
2001-07-13 00:55:58 +00:00
|
|
|
unsigned int wtap_errlist_index;
|
1999-08-22 02:52:48 +00:00
|
|
|
|
|
|
|
|
if (err < 0) {
|
1999-10-05 07:22:53 +00:00
|
|
|
#ifdef HAVE_LIBZ
|
|
|
|
|
if (err >= WTAP_ERR_ZLIB_MIN && err <= WTAP_ERR_ZLIB_MAX) {
|
|
|
|
|
/* Assume it's a zlib error. */
|
|
|
|
|
sprintf(errbuf, "Uncompression error: %s",
|
|
|
|
|
zError(err - WTAP_ERR_ZLIB));
|
|
|
|
|
return errbuf;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
1999-08-22 02:52:48 +00:00
|
|
|
wtap_errlist_index = -1 - err;
|
|
|
|
|
if (wtap_errlist_index >= WTAP_ERRLIST_SIZE) {
|
1999-10-05 07:22:53 +00:00
|
|
|
sprintf(errbuf, "Error %d", err);
|
1999-08-22 02:52:48 +00:00
|
|
|
return errbuf;
|
|
|
|
|
}
|
|
|
|
|
if (wtap_errlist[wtap_errlist_index] == NULL)
|
|
|
|
|
return "Unknown reason";
|
|
|
|
|
return wtap_errlist[wtap_errlist_index];
|
|
|
|
|
} else
|
|
|
|
|
return strerror(err);
|
|
|
|
|
}
|
|
|
|
|
|
2000-05-18 09:09:50 +00:00
|
|
|
/* Close only the sequential side, freeing up memory it uses.
|
2000-05-25 09:00:24 +00:00
|
|
|
|
2000-05-18 09:09:50 +00:00
|
|
|
Note that we do *not* want to call the subtype's close function,
|
|
|
|
|
as it would free any per-subtype data, and that data may be
|
2000-05-25 09:00:24 +00:00
|
|
|
needed by the random-access side.
|
|
|
|
|
|
|
|
|
|
Instead, if the subtype has a "sequential close" function, we call it,
|
|
|
|
|
to free up stuff used only by the sequential side. */
|
2000-09-07 05:34:23 +00:00
|
|
|
void
|
|
|
|
|
wtap_sequential_close(wtap *wth)
|
1998-11-12 00:06:47 +00:00
|
|
|
{
|
2000-05-25 09:00:24 +00:00
|
|
|
if (wth->subtype_sequential_close != NULL)
|
|
|
|
|
(*wth->subtype_sequential_close)(wth);
|
|
|
|
|
|
2000-05-18 09:09:50 +00:00
|
|
|
if (wth->fh != NULL) {
|
|
|
|
|
file_close(wth->fh);
|
|
|
|
|
wth->fh = NULL;
|
|
|
|
|
}
|
1999-11-10 19:47:57 +00:00
|
|
|
|
1999-11-10 19:58:54 +00:00
|
|
|
if (wth->frame_buffer) {
|
|
|
|
|
buffer_free(wth->frame_buffer);
|
1999-11-10 19:47:57 +00:00
|
|
|
g_free(wth->frame_buffer);
|
2000-05-18 09:09:50 +00:00
|
|
|
wth->frame_buffer = NULL;
|
1999-11-10 19:58:54 +00:00
|
|
|
}
|
2000-05-18 09:09:50 +00:00
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
void
|
|
|
|
|
wtap_close(wtap *wth)
|
2000-05-18 09:09:50 +00:00
|
|
|
{
|
|
|
|
|
wtap_sequential_close(wth);
|
|
|
|
|
|
|
|
|
|
if (wth->subtype_close != NULL)
|
|
|
|
|
(*wth->subtype_close)(wth);
|
|
|
|
|
|
|
|
|
|
if (wth->random_fh != NULL)
|
|
|
|
|
file_close(wth->random_fh);
|
1999-11-10 19:47:57 +00:00
|
|
|
|
|
|
|
|
g_free(wth);
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
gboolean
|
2001-10-04 08:30:36 +00:00
|
|
|
wtap_read(wtap *wth, int *err, long *data_offset)
|
2000-04-08 00:33:04 +00:00
|
|
|
{
|
2000-09-07 05:34:23 +00:00
|
|
|
return wth->subtype_read(wth, err, data_offset);
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
struct wtap_pkthdr*
|
|
|
|
|
wtap_phdr(wtap *wth)
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
{
|
|
|
|
|
return &wth->phdr;
|
|
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
union wtap_pseudo_header*
|
|
|
|
|
wtap_pseudoheader(wtap *wth)
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
{
|
|
|
|
|
return &wth->pseudo_header;
|
|
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
guint8*
|
|
|
|
|
wtap_buf_ptr(wtap *wth)
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
{
|
|
|
|
|
return buffer_start_ptr(wth->frame_buffer);
|
2000-04-08 00:33:04 +00:00
|
|
|
}
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
gboolean
|
|
|
|
|
wtap_loop(wtap *wth, int count, wtap_handler callback, u_char* user, int *err)
|
1998-11-12 00:06:47 +00:00
|
|
|
{
|
2001-10-04 08:30:36 +00:00
|
|
|
long data_offset;
|
|
|
|
|
int loop = 0;
|
1998-11-12 00:06:47 +00:00
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
/* Start by clearing error flag */
|
2000-05-12 05:06:33 +00:00
|
|
|
*err = 0;
|
|
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
while ( (wtap_read(wth, err, &data_offset)) ) {
|
1999-07-07 22:52:57 +00:00
|
|
|
callback(user, &wth->phdr, data_offset,
|
2000-05-18 09:09:50 +00:00
|
|
|
&wth->pseudo_header, buffer_start_ptr(wth->frame_buffer));
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
if (count > 0 && ++loop >= count)
|
|
|
|
|
break;
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
2000-09-07 05:34:23 +00:00
|
|
|
|
|
|
|
|
if (*err == 0)
|
Have the per-capture-file-type open routines "wtap_open_offline()" calls
return 1 on success, -1 if they got an error, and 0 if the file isn't of
the type that file is checking for, and supply an error code if they
return -1; have "wtap_open_offline()" use that error code. Also, have
the per-capture-file-type open routines treat errors accessing the file
as errors, and return -1, rather than just returning 0 so that we try
another file type.
Have the per-capture-file-type read routines "wtap_loop()" calls return
-1 and supply an error code on error (and not, as they did in some
cases, call "g_error()" and abort), and have "wtap_loop()", if the read
routine returned an error, return FALSE (and pass an error-code-pointer
argument onto the read routines, so they fill it in), and return TRUE on
success.
Add some new error codes for them to return.
Now that "wtap_loop()" can return a success/failure indication and an
error code, in "read_cap_file()" put up a message box if we get an error
reading the file, and return the error code.
Handle the additional errors we can get when opening a capture file.
If the attempt to open a capture file succeeds, but the attempt to read
it fails, don't treat that as a complete failure - we may have managed
to read some of the capture file, and we should display what we managed
to read.
svn path=/trunk/; revision=516
1999-08-19 05:31:38 +00:00
|
|
|
return TRUE; /* success */
|
2000-09-07 05:34:23 +00:00
|
|
|
else
|
|
|
|
|
return FALSE; /* failure */
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
1999-09-11 04:50:44 +00:00
|
|
|
|
2000-09-07 05:34:23 +00:00
|
|
|
int
|
2001-10-04 08:30:36 +00:00
|
|
|
wtap_seek_read(wtap *wth, long seek_off,
|
2000-05-19 23:07:04 +00:00
|
|
|
union wtap_pseudo_header *pseudo_header, guint8 *pd, int len)
|
1999-09-11 06:48:33 +00:00
|
|
|
{
|
2000-05-18 09:09:50 +00:00
|
|
|
return wth->subtype_seek_read(wth, seek_off, pseudo_header, pd, len);
|
1999-09-11 04:50:44 +00:00
|
|
|
}
|