2002-09-06 23:14:04 +00:00
|
|
|
/* cfile.h
|
|
|
|
|
* capture_file definition & GUI-independent manipulation
|
|
|
|
|
*
|
2004-07-18 00:24:25 +00:00
|
|
|
* $Id$
|
2002-09-06 23:14:04 +00:00
|
|
|
*
|
|
|
|
|
* Ethereal - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@ethereal.com>
|
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __CFILE_H__
|
|
|
|
|
#define __CFILE_H__
|
|
|
|
|
|
|
|
|
|
/* Current state of file. */
|
|
|
|
|
typedef enum {
|
|
|
|
|
FILE_CLOSED, /* No file open */
|
|
|
|
|
FILE_READ_IN_PROGRESS, /* Reading a file we've opened */
|
|
|
|
|
FILE_READ_ABORTED, /* Read aborted by user */
|
|
|
|
|
FILE_READ_DONE /* Read completed */
|
|
|
|
|
} file_state;
|
|
|
|
|
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
/* Character set for text search. */
|
|
|
|
|
typedef enum {
|
|
|
|
|
SCS_ASCII_AND_UNICODE,
|
|
|
|
|
SCS_ASCII,
|
|
|
|
|
SCS_UNICODE
|
|
|
|
|
/* add EBCDIC when it's implemented */
|
|
|
|
|
} search_charset_t;
|
|
|
|
|
|
2002-09-06 23:14:04 +00:00
|
|
|
typedef struct _capture_file {
|
|
|
|
|
file_state state; /* Current state of capture file */
|
|
|
|
|
gchar *filename; /* Name of capture file */
|
|
|
|
|
gboolean is_tempfile; /* Is capture file a temporary file? */
|
|
|
|
|
gboolean user_saved;/* If capture file is temporary, has it been saved by user yet? */
|
2005-08-19 01:17:24 +00:00
|
|
|
long f_datalen; /* Size of capture file data (uncompressed) */
|
2002-09-06 23:14:04 +00:00
|
|
|
guint16 cd_t; /* File type of capture file */
|
|
|
|
|
int lnk_t; /* Link-layer type with which to save capture */
|
|
|
|
|
guint32 vers; /* Version. For tcpdump minor is appended to major */
|
|
|
|
|
int count; /* Total number of frames */
|
2004-02-03 00:16:59 +00:00
|
|
|
int displayed_count; /* Number of displayed frames */
|
2002-09-06 23:14:04 +00:00
|
|
|
int marked_count; /* Number of marked frames */
|
|
|
|
|
gboolean drops_known; /* TRUE if we know how many packets were dropped */
|
|
|
|
|
guint32 drops; /* Dropped packets */
|
2005-08-24 21:31:56 +00:00
|
|
|
nstime_t elapsed_time;/* Elapsed time (see: tsaccur below!) */
|
2002-09-06 23:14:04 +00:00
|
|
|
gboolean has_snap; /* TRUE if maximum capture packet length is known */
|
|
|
|
|
int snap; /* Maximum captured packet length */
|
|
|
|
|
wtap *wth; /* Wiretap session */
|
2005-02-06 21:20:35 +00:00
|
|
|
dfilter_t *rfcode; /* Compiled read (display) filter program */
|
2002-09-06 23:14:04 +00:00
|
|
|
gchar *dfilter; /* Display filter string */
|
|
|
|
|
dfilter_t *dfcode; /* Compiled display filter program */
|
|
|
|
|
gchar *sfilter; /* Search filter string */
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
gboolean sbackward; /* TRUE if search is backward, FALSE if forward */
|
|
|
|
|
gboolean hex; /* TRUE is raw data search is being performed */
|
2004-04-15 23:28:11 +00:00
|
|
|
gboolean string; /* TRUE is text search is being performed */
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
search_charset_t scs_type; /* Character set for text search */
|
|
|
|
|
gboolean case_type; /* TRUE if case-insensitive text search */
|
|
|
|
|
gboolean decode_data; /* TRUE if searching protocol tree text */
|
|
|
|
|
gboolean summary_data; /* TRUE if searching Info column text */
|
2002-09-06 23:14:04 +00:00
|
|
|
union wtap_pseudo_header pseudo_header; /* Packet pseudo_header */
|
|
|
|
|
guint8 pd[WTAP_MAX_PACKET_SIZE]; /* Packet data */
|
|
|
|
|
GMemChunk *plist_chunk; /* Memory chunk for frame_data structures */
|
|
|
|
|
frame_data *plist; /* Packet list */
|
|
|
|
|
frame_data *plist_end; /* Last packet in list */
|
|
|
|
|
frame_data *first_displayed; /* First frame displayed */
|
|
|
|
|
frame_data *last_displayed; /* Last frame displayed */
|
|
|
|
|
column_info cinfo; /* Column formatting information */
|
|
|
|
|
frame_data *current_frame; /* Frame data for current frame */
|
|
|
|
|
epan_dissect_t *edt; /* Protocol dissection for currently selected packet */
|
2003-09-24 00:47:37 +00:00
|
|
|
field_info *finfo_selected; /* Field info for currently selected field */
|
2002-09-06 23:14:04 +00:00
|
|
|
struct ph_stats_s* pstats; /* accumulated stats (reset on redisplay in GUI)*/
|
2005-08-24 21:31:56 +00:00
|
|
|
int tsprecision; /* timestamp precision
|
|
|
|
|
(WTAP_FILE_TSPREC_USEC or WTAP_FILE_TSPREC_NSEC) */
|
2002-09-06 23:14:04 +00:00
|
|
|
} capture_file;
|
|
|
|
|
|
|
|
|
|
void init_cap_file(capture_file *);
|
|
|
|
|
|
|
|
|
|
#endif /* cfile.h */
|