2021-11-30 04:27:19 +00:00
|
|
|
/** @file
|
|
|
|
*
|
2014-10-12 18:56:12 +00:00
|
|
|
* Declarations of our own routines for writing libpcap files.
|
2006-03-04 22:33:04 +00:00
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
2006-03-04 22:33:04 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
|
|
|
* Derived from code in the Wiretap Library
|
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
|
|
|
|
*
|
2018-02-07 12:46:48 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
2006-03-04 22:33:04 +00:00
|
|
|
*/
|
|
|
|
|
2013-09-29 20:53:13 +00:00
|
|
|
/* Writing pcap files */
|
|
|
|
|
2012-02-14 17:07:52 +00:00
|
|
|
/** Write the file header to a dump file.
|
2009-04-26 15:51:25 +00:00
|
|
|
Returns TRUE on success, FALSE on failure.
|
|
|
|
Sets "*err" to an error code, or 0 for a short write, on failure*/
|
|
|
|
extern gboolean
|
2014-02-25 20:42:35 +00:00
|
|
|
libpcap_write_file_header(FILE* pfile, int linktype, int snaplen,
|
2013-01-02 04:01:22 +00:00
|
|
|
gboolean ts_nsecs, guint64 *bytes_written, int *err);
|
2006-03-04 22:33:04 +00:00
|
|
|
|
2012-02-14 17:07:52 +00:00
|
|
|
/** Write a record for a packet to a dump file.
|
2006-03-04 22:33:04 +00:00
|
|
|
Returns TRUE on success, FALSE on failure. */
|
|
|
|
extern gboolean
|
2014-02-25 20:42:35 +00:00
|
|
|
libpcap_write_packet(FILE* pfile,
|
2012-12-26 05:57:06 +00:00
|
|
|
time_t sec, guint32 usec,
|
2012-12-20 15:20:10 +00:00
|
|
|
guint32 caplen, guint32 len,
|
2012-12-26 05:57:06 +00:00
|
|
|
const guint8 *pd,
|
|
|
|
guint64 *bytes_written, int *err);
|
2006-03-04 22:33:04 +00:00
|
|
|
|
2018-01-09 00:38:10 +00:00
|
|
|
/* Writing pcapng files */
|
2013-09-29 20:53:13 +00:00
|
|
|
|
2017-11-22 19:05:48 +00:00
|
|
|
/* Write a pre-formatted pcapng block */
|
|
|
|
extern gboolean
|
|
|
|
pcapng_write_block(FILE* pfile,
|
|
|
|
const guint8 *data,
|
|
|
|
guint32 block_total_length,
|
|
|
|
guint64 *bytes_written,
|
|
|
|
int *err);
|
|
|
|
|
2012-02-14 17:07:52 +00:00
|
|
|
/** Write a section header block (SHB)
|
|
|
|
*
|
|
|
|
*/
|
2009-04-26 18:40:40 +00:00
|
|
|
extern gboolean
|
2018-12-18 22:47:33 +00:00
|
|
|
pcapng_write_section_header_block(FILE* pfile, /**< Write information */
|
Clean up handling of --capture-comment.
Don't store the comments in a capture_options structure, because that's
available only if we're being built with capture support, and
--capture-comment can be used in TShark when reading a capture file and
writing another capture file, with no live capture taking place.
This means we don't handle that option in capture_opts_add_opt(); handle
it in the programs that support it.
Support writing multiple comments in dumpcap when capturing.
These changes also fix builds without pcap, and makes --capture-comment
work in Wireshark when a capture is started from the command line with
-k.
Update the help messages to indicate that --capture-comment adds a
capture comment, it doesn't change any comment (much less "the" comment,
as there isn't necessarily a single comment).
Update the man pages:
- not to presume that only pcapng files support file comments (even if
that's true now, it might not be true in the future);
- to note that multiple instances of --capture-comment are supported,
and that multiple comments will be written, whether capturing or reading
one file and writing another;
- clarify that Wireshark doesn't *discard* SHB comments other than the
first one, even though it only displays the first one;
2021-07-15 05:16:30 +00:00
|
|
|
GPtrArray *comments, /**< Comments on the section, Optinon 1 opt_comment
|
|
|
|
* UTF-8 strings containing comments that areassociated to the current block.
|
2013-09-29 20:53:13 +00:00
|
|
|
*/
|
|
|
|
const char *hw, /**< HW, Optinon 2 shb_hardware
|
|
|
|
* An UTF-8 string containing the description of the hardware used to create this section.
|
|
|
|
*/
|
|
|
|
const char *os, /**< Operating system name, Optinon 3 shb_os
|
|
|
|
* An UTF-8 string containing the name of the operating system used to create this section.
|
|
|
|
*/
|
|
|
|
const char *appname, /**< Application name, Optinon 4 shb_userappl
|
|
|
|
* An UTF-8 string containing the name of the application used to create this section.
|
|
|
|
*/
|
2013-12-15 19:07:26 +00:00
|
|
|
guint64 section_length, /**< Length of section */
|
|
|
|
guint64 *bytes_written, /**< Number of written bytes */
|
2014-04-14 18:23:59 +00:00
|
|
|
int *err /**< Error type */
|
|
|
|
);
|
2009-04-26 18:40:40 +00:00
|
|
|
|
|
|
|
extern gboolean
|
2013-09-29 20:53:13 +00:00
|
|
|
pcapng_write_interface_description_block(FILE* pfile,
|
|
|
|
const char *comment, /* OPT_COMMENT 1 */
|
|
|
|
const char *name, /* IDB_NAME 2 */
|
|
|
|
const char *descr, /* IDB_DESCRIPTION 3 */
|
|
|
|
const char *filter, /* IDB_FILTER 11 */
|
|
|
|
const char *os, /* IDB_OS 12 */
|
2020-03-28 03:08:33 +00:00
|
|
|
const char *hardware, /* IDB_HARDWARE 15 */
|
2013-09-29 20:53:13 +00:00
|
|
|
int link_type,
|
|
|
|
int snap_len,
|
2012-12-26 05:57:06 +00:00
|
|
|
guint64 *bytes_written,
|
2013-09-29 20:53:13 +00:00
|
|
|
guint64 if_speed, /* IDB_IF_SPEED 8 */
|
|
|
|
guint8 tsresol, /* IDB_TSRESOL 9 */
|
2009-04-26 18:40:40 +00:00
|
|
|
int *err);
|
|
|
|
|
|
|
|
extern gboolean
|
2013-09-29 20:53:13 +00:00
|
|
|
pcapng_write_interface_statistics_block(FILE* pfile,
|
|
|
|
guint32 interface_id,
|
|
|
|
guint64 *bytes_written,
|
|
|
|
const char *comment, /* OPT_COMMENT 1 */
|
|
|
|
guint64 isb_starttime, /* ISB_STARTTIME 2 */
|
|
|
|
guint64 isb_endtime, /* ISB_ENDTIME 3 */
|
|
|
|
guint64 isb_ifrecv, /* ISB_IFRECV 4 */
|
|
|
|
guint64 isb_ifdrop, /* ISB_IFDROP 5 */
|
|
|
|
int *err);
|
|
|
|
|
|
|
|
extern gboolean
|
|
|
|
pcapng_write_enhanced_packet_block(FILE* pfile,
|
|
|
|
const char *comment,
|
|
|
|
time_t sec, guint32 usec,
|
|
|
|
guint32 caplen, guint32 len,
|
|
|
|
guint32 interface_id,
|
|
|
|
guint ts_mul,
|
|
|
|
const guint8 *pd,
|
|
|
|
guint32 flags,
|
|
|
|
guint64 *bytes_written,
|
|
|
|
int *err);
|
2014-10-12 18:56:12 +00:00
|
|
|
|
|
|
|
/*
|
2019-07-26 18:43:17 +00:00
|
|
|
* Editor modelines - https://www.wireshark.org/tools/modelines.html
|
2014-10-12 18:56:12 +00:00
|
|
|
*
|
|
|
|
* Local variables:
|
|
|
|
* c-basic-offset: 4
|
|
|
|
* tab-width: 8
|
|
|
|
* indent-tabs-mode: nil
|
|
|
|
* End:
|
|
|
|
*
|
|
|
|
* vi: set shiftwidth=4 tabstop=8 expandtab:
|
|
|
|
* :indentSize=4:tabSize=8:noTabs=true:
|
|
|
|
*/
|