1998-09-16 02:39:15 +00:00
|
|
|
/* file.h
|
|
|
|
|
* Definitions for file structures and routines
|
|
|
|
|
*
|
2004-07-18 00:24:25 +00:00
|
|
|
* $Id$
|
1998-09-16 03:22:19 +00:00
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
1998-09-16 02:39:15 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
2002-08-28 21:04:11 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
2002-08-28 21:04:11 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
2002-08-28 21:04:11 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __FILE_H__
|
|
|
|
|
#define __FILE_H__
|
|
|
|
|
|
2004-09-04 20:02:11 +00:00
|
|
|
#include "packet-range.h"
|
1999-08-11 17:02:28 +00:00
|
|
|
#include "wiretap/wtap.h"
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/dfilter/dfilter.h>
|
1999-12-10 04:21:04 +00:00
|
|
|
#include "print.h"
|
1999-09-22 01:26:50 +00:00
|
|
|
#include <errno.h>
|
2002-01-21 07:37:49 +00:00
|
|
|
#include <epan/epan.h>
|
2000-10-06 10:11:40 +00:00
|
|
|
|
2002-09-06 22:45:44 +00:00
|
|
|
#include "cfile.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2005-02-05 13:44:27 +00:00
|
|
|
|
|
|
|
|
/** Return values from functions that only can succeed or fail. */
|
Add routines to Wiretap to allow a client of Wiretap to get:
a pointer to the "wtap_pkthdr" structure for an open capture
file;
a pointer to the "wtap_pseudo_header" union for an open capture
file;
a pointer to the packet buffer for an open capture file;
so that a program using "wtap_read()" in a loop can get at those items.
Keep, in a "capture_file" structure, an indicator of whether:
no file is open;
a file is open, and being read;
a file is open, and is being read, but the user tried to quit
out of reading the file (e.g., by doing "File/Quit");
a file is open, and has been completely read.
Abort if we try to close a capture that's being read if the user hasn't
tried to quit out of the read.
Have "File/Quit" check if a file is being read; if so, just set the
state indicator to "user tried to quit out of it", so that the code
reading the file can do what's appropriate to clean up, rather than
closing the file out from under that code and causing crashes.
Have "read_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
close the capture and return an indication that the read was aborted by
the user. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "continue_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
return an indication that the read was aborted by the user if that
happened. Otherwise, return an indication of whether the read
completely succeeded or failed in the middle (and, if it failed, return
the error code through a pointer).
Have "finish_tail_cap_file()" read the capture file with a loop using
"wtap_read()", rather than by using "wtap_loop()"; have it check after
reading each packet whether the user tried to abort the read and, if so,
quit the loop, and after the loop finishes (even if it read no packets),
close the capture and return an indication that the read was aborted by
the user if that happened. Otherwise, return an indication of whether
the read completely succeeded or failed in the middle (and, if it
failed, return the error code through a pointer).
Have their callers check whether the read was aborted or not and, if it
was, bail out in the appropriate fashion (exit if it's reading a file
specified by "-r" on the command line; exit the main loop if it's
reading a file specified with File->Open; kill the capture child if it's
"continue_tail_cap_file()"; exit the main loop if it's
"finish_tail_cap_file()".
svn path=/trunk/; revision=2095
2000-06-27 07:13:42 +00:00
|
|
|
typedef enum {
|
2005-02-05 13:44:27 +00:00
|
|
|
CF_OK, /**< operation succeeded */
|
2005-02-05 12:50:47 +00:00
|
|
|
CF_ERROR /**< operation got an error (function may provide err with details) */
|
|
|
|
|
} cf_status_t;
|
|
|
|
|
|
2005-02-05 13:44:27 +00:00
|
|
|
/** Return values from functions that read capture files. */
|
2005-02-05 12:50:47 +00:00
|
|
|
typedef enum {
|
|
|
|
|
CF_READ_OK, /**< operation succeeded */
|
|
|
|
|
CF_READ_ERROR, /**< operation got an error (function may provide err with details) */
|
|
|
|
|
CF_READ_ABORTED /**< operation aborted by user */
|
2005-02-04 20:54:12 +00:00
|
|
|
} cf_read_status_t;
|
|
|
|
|
|
|
|
|
|
/** Return values from functions that print sets of packets. */
|
|
|
|
|
typedef enum {
|
2005-02-05 13:44:27 +00:00
|
|
|
CF_PRINT_OK, /**< print operation succeeded */
|
2005-02-04 18:44:44 +00:00
|
|
|
CF_PRINT_OPEN_ERROR, /**< print operation failed while opening printer */
|
|
|
|
|
CF_PRINT_WRITE_ERROR /**< print operation failed while writing to the printer */
|
2005-02-04 20:54:12 +00:00
|
|
|
} cf_print_status_t;
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2005-02-07 00:54:46 +00:00
|
|
|
typedef enum {
|
2005-09-20 08:42:35 +00:00
|
|
|
cf_cb_file_closing,
|
2005-02-07 00:54:46 +00:00
|
|
|
cf_cb_file_closed,
|
2009-12-14 22:05:29 +00:00
|
|
|
cf_cb_file_read_started,
|
2005-02-07 00:54:46 +00:00
|
|
|
cf_cb_file_read_finished,
|
|
|
|
|
cf_cb_packet_selected,
|
|
|
|
|
cf_cb_packet_unselected,
|
|
|
|
|
cf_cb_field_unselected,
|
2009-12-14 22:05:29 +00:00
|
|
|
cf_cb_file_save_started,
|
|
|
|
|
cf_cb_file_save_finished,
|
|
|
|
|
cf_cb_file_save_reload_finished,
|
|
|
|
|
cf_cb_file_save_failed
|
2005-02-07 00:54:46 +00:00
|
|
|
} cf_cbs;
|
|
|
|
|
|
|
|
|
|
typedef void (*cf_callback_t) (gint event, gpointer data, gpointer user_data);
|
|
|
|
|
|
2011-01-31 12:19:15 +00:00
|
|
|
typedef struct {
|
|
|
|
|
const char *string;
|
|
|
|
|
size_t string_len;
|
|
|
|
|
capture_file *cf;
|
|
|
|
|
gboolean frame_matched;
|
|
|
|
|
field_info *finfo;
|
|
|
|
|
} match_data;
|
|
|
|
|
|
2005-02-07 00:54:46 +00:00
|
|
|
extern void
|
|
|
|
|
cf_callback_add(cf_callback_t func, gpointer user_data);
|
|
|
|
|
|
|
|
|
|
extern void
|
|
|
|
|
cf_callback_remove(cf_callback_t func);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Open a capture file.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file to be opened
|
|
|
|
|
* @param fname the filename to be opened
|
|
|
|
|
* @param is_tempfile is this a temporary file?
|
2010-08-26 20:31:09 +00:00
|
|
|
* @param err error code
|
2005-02-05 12:50:47 +00:00
|
|
|
* @return one of cf_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-05 12:50:47 +00:00
|
|
|
cf_status_t cf_open(capture_file *cf, const char *fname, gboolean is_tempfile, int *err);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Close a capture file.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file to be closed
|
|
|
|
|
*/
|
|
|
|
|
void cf_close(capture_file *cf);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Reload a capture file.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file to be reloaded
|
|
|
|
|
*/
|
|
|
|
|
void cf_reload(capture_file *cf);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Read all packets of a capture file into the internal structures.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file to be read
|
2009-12-14 22:05:29 +00:00
|
|
|
* @param from_save reread asked from cf_save
|
2005-02-04 20:54:12 +00:00
|
|
|
* @return one of cf_read_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2009-12-14 22:05:29 +00:00
|
|
|
cf_read_status_t cf_read(capture_file *cf, gboolean from_save);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/**
|
|
|
|
|
* Read the pseudo-header and raw data for a packet. It will pop
|
|
|
|
|
* up an alert box if there's an error.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file from which to read the packet
|
|
|
|
|
* @param fdata the frame_data structure for the packet in question
|
|
|
|
|
* @param pseudo_header pointer to a wtap_pseudo_header union into
|
|
|
|
|
* which to read the packet's pseudo-header
|
|
|
|
|
* @param pd a guin8 array into which to read the packet's raw data
|
|
|
|
|
* @return TRUE if the read succeeded, FALSE if there was an error
|
|
|
|
|
*/
|
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
2010-05-26 19:11:23 +00:00
|
|
|
gboolean cf_read_frame_r(capture_file *cf, frame_data *fdata,
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
union wtap_pseudo_header *pseudo_header, guint8 *pd);
|
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
2010-05-26 19:11:23 +00:00
|
|
|
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
/**
|
|
|
|
|
* Read the pseudo-header and raw data for a packet into a
|
|
|
|
|
* capture_file structure's pseudo_header and pd members.
|
|
|
|
|
* It will pop up an alert box if there's an error.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file from which to read the packet
|
|
|
|
|
* @param fdata the frame_data structure for the packet in question
|
|
|
|
|
* @return TRUE if the read succeeded, FALSE if there was an error
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_read_frame(capture_file *cf, frame_data *fdata);
|
From Jakub Zawadzki:
New functions: cf_read_frame_r, cf_read_frame
It's much easier to write:
cf_read_frame (cf, fdata, &err, &err_info)
Than:
wtap_seek_read (cf->wth, fdata->file_off, &cf->pseudo_header, cf->pd,
fdata->cap_len, &err, &err_info)
svn path=/trunk/; revision=32980
2010-05-26 19:11:23 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Start reading from the end of a capture file.
|
|
|
|
|
* This is used in "Update list of packets in Real-Time".
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file to be read from
|
|
|
|
|
* @param fname the filename to be read from
|
|
|
|
|
* @param is_tempfile is this a temporary file?
|
|
|
|
|
* @param err the error code, if an error had occured
|
2005-02-05 12:50:47 +00:00
|
|
|
* @return one of cf_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-07 01:32:53 +00:00
|
|
|
cf_status_t cf_start_tail(capture_file *cf, const char *fname, gboolean is_tempfile, int *err);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Read packets from the "end" of a capture file.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file to be read from
|
|
|
|
|
* @param to_read the number of packets to read
|
|
|
|
|
* @param err the error code, if an error had occured
|
2005-02-04 20:54:12 +00:00
|
|
|
* @return one of cf_read_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2007-03-22 23:44:48 +00:00
|
|
|
cf_read_status_t cf_continue_tail(capture_file *cf, volatile int to_read, int *err);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2010-05-27 23:55:04 +00:00
|
|
|
/**
|
|
|
|
|
* Fake reading packets from the "end" of a capture file.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file to be read from
|
|
|
|
|
*/
|
|
|
|
|
void cf_fake_continue_tail(capture_file *cf);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Finish reading from "end" of a capture file.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file to be read from
|
|
|
|
|
* @param err the error code, if an error had occured
|
2005-02-04 20:54:12 +00:00
|
|
|
* @return one of cf_read_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_read_status_t cf_finish_tail(capture_file *cf, int *err);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2007-03-14 19:30:19 +00:00
|
|
|
/**
|
|
|
|
|
* Determine whether this capture file (or a range of it) can be saved
|
|
|
|
|
* (except by copying the raw file data).
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2007-03-14 19:30:19 +00:00
|
|
|
* @param cf the capture file to check
|
|
|
|
|
* @return TRUE if it can be saved, FALSE if it can't
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_can_save_as(capture_file *cf);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Save a capture file (or a range of it).
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file to save to
|
|
|
|
|
* @param fname the filename to save to
|
|
|
|
|
* @param range the range of packets to save
|
|
|
|
|
* @param save_format the format of the file to save (libpcap, ...)
|
2009-04-08 13:41:30 +00:00
|
|
|
* @param compressed whether to gzip compress the file
|
2005-02-05 12:50:47 +00:00
|
|
|
* @return one of cf_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-09-14 21:57:30 +00:00
|
|
|
cf_status_t cf_save(capture_file * cf, const char *fname, packet_range_t *range, guint save_format, gboolean compressed);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get a displayable name of the capture file.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @return the displayable name (don't have to be g_free'd)
|
|
|
|
|
*/
|
|
|
|
|
const gchar *cf_get_display_name(capture_file *cf);
|
|
|
|
|
|
2010-04-01 21:55:01 +00:00
|
|
|
/**
|
|
|
|
|
* Set the source of the capture data for temporary files, e.g.
|
|
|
|
|
* "Interface eth0" or "Pipe from Pong"
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param source the source description. this will be copied internally.
|
|
|
|
|
*/
|
|
|
|
|
void cf_set_tempfile_source(capture_file *cf, gchar *source);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the source of the capture data for temporary files. Guaranteed to
|
|
|
|
|
* return a non-null value. The returned value should not be freed.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
*/
|
|
|
|
|
const gchar *cf_get_tempfile_source(capture_file *cf);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Get the number of packets in the capture file.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @return the number of packets in the capture file
|
|
|
|
|
*/
|
2006-01-22 16:26:41 +00:00
|
|
|
int cf_get_packet_count(capture_file *cf);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set the number of packets in the capture file.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2006-01-22 16:26:41 +00:00
|
|
|
* @param cf the capture file
|
2010-08-26 20:31:09 +00:00
|
|
|
* @param packet_count the number of packets in the capture file
|
2006-01-22 16:26:41 +00:00
|
|
|
*/
|
|
|
|
|
void cf_set_packet_count(capture_file *cf, int packet_count);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Is this capture file a temporary file?
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @return TRUE if it's a temporary file, FALSE otherwise
|
|
|
|
|
*/
|
2005-02-04 01:29:29 +00:00
|
|
|
gboolean cf_is_tempfile(capture_file *cf);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2005-03-28 14:39:31 +00:00
|
|
|
/**
|
|
|
|
|
* Set flag, that this file is a tempfile.
|
|
|
|
|
*/
|
|
|
|
|
void cf_set_tempfile(capture_file *cf, gboolean is_tempfile);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Set flag, if the number of packet drops while capturing are known or not.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param drops_known TRUE if the number of packet drops are known, FALSE otherwise
|
|
|
|
|
*/
|
2005-02-04 01:29:29 +00:00
|
|
|
void cf_set_drops_known(capture_file *cf, gboolean drops_known);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set the number of packet drops while capturing.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param drops the number of packet drops occured while capturing
|
|
|
|
|
*/
|
2005-02-04 01:29:29 +00:00
|
|
|
void cf_set_drops(capture_file *cf, guint32 drops);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2005-02-28 22:46:49 +00:00
|
|
|
/**
|
|
|
|
|
* Get flag state, if the number of packet drops while capturing are known or not.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-28 22:46:49 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @return TRUE if the number of packet drops are known, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_get_drops_known(capture_file *cf);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the number of packet drops while capturing.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-28 22:46:49 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @return the number of packet drops occured while capturing
|
|
|
|
|
*/
|
|
|
|
|
guint32 cf_get_drops(capture_file *cf);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Set the read filter.
|
|
|
|
|
* @todo this shouldn't be required, remove it somehow
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param rfcode the readfilter
|
|
|
|
|
*/
|
2005-02-04 08:27:41 +00:00
|
|
|
void cf_set_rfcode(capture_file *cf, dfilter_t *rfcode);
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* "Display Filter" packets in the capture file.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param dfilter the display filter
|
|
|
|
|
* @param force TRUE if do in any case, FALSE only if dfilter changed
|
2005-02-05 12:50:47 +00:00
|
|
|
* @return one of cf_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-05 12:50:47 +00:00
|
|
|
cf_status_t cf_filter_packets(capture_file *cf, gchar *dfilter, gboolean force);
|
2004-10-27 23:28:37 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* At least one "Refence Time" flag has changed, rescan all packets.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
*/
|
|
|
|
|
void cf_reftime_packets(capture_file *cf);
|
|
|
|
|
|
2009-08-30 10:35:48 +00:00
|
|
|
/**
|
|
|
|
|
* Return the time it took to load the file
|
|
|
|
|
*/
|
2009-08-28 05:19:52 +00:00
|
|
|
gulong cf_get_computed_elapsed(void);
|
2009-08-30 10:35:48 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* "Something" has changed, rescan all packets.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
*/
|
|
|
|
|
void cf_redissect_packets(capture_file *cf);
|
|
|
|
|
|
|
|
|
|
/**
|
2005-02-04 20:54:12 +00:00
|
|
|
* Rescan all packets and just run taps - don't reconstruct the display.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
2005-02-05 12:50:47 +00:00
|
|
|
* @return one of cf_read_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2009-06-05 22:42:47 +00:00
|
|
|
cf_read_status_t cf_retap_packets(capture_file *cf);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2009-07-28 10:53:57 +00:00
|
|
|
/**
|
|
|
|
|
* Adjust timestamp precision if auto is selected.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2009-07-28 10:53:57 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
*/
|
|
|
|
|
void cf_timestamp_auto_precision(capture_file *cf);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Print the capture file.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param print_args the arguments what and how to print
|
2005-02-04 20:54:12 +00:00
|
|
|
* @return one of cf_print_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_print_status_t cf_print_packets(capture_file *cf, print_args_t *print_args);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Print (export) the capture file into PDML format.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param print_args the arguments what and how to export
|
2005-02-04 20:54:12 +00:00
|
|
|
* @return one of cf_print_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_print_status_t cf_write_pdml_packets(capture_file *cf, print_args_t *print_args);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Print (export) the capture file into PSML format.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param print_args the arguments what and how to export
|
2005-02-04 20:54:12 +00:00
|
|
|
* @return one of cf_print_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-04 20:54:12 +00:00
|
|
|
cf_print_status_t cf_write_psml_packets(capture_file *cf, print_args_t *print_args);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2005-03-11 20:56:31 +00:00
|
|
|
/**
|
|
|
|
|
* Print (export) the capture file into CSV format.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param print_args the arguments what and how to export
|
|
|
|
|
* @return one of cf_print_status_t
|
|
|
|
|
*/
|
|
|
|
|
cf_print_status_t cf_write_csv_packets(capture_file *cf, print_args_t *print_args);
|
|
|
|
|
|
2008-03-11 18:23:16 +00:00
|
|
|
/**
|
|
|
|
|
* Print (export) the capture file into C Arrays format.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param print_args the arguments what and how to export
|
|
|
|
|
* @return one of cf_print_status_t
|
|
|
|
|
*/
|
|
|
|
|
cf_print_status_t cf_write_carrays_packets(capture_file *cf, print_args_t *print_args);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* Find packet with a protocol tree item that contains a specified text string.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param string the string to find
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* @param dir direction in which to search
|
2005-02-04 18:44:44 +00:00
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
gboolean cf_find_packet_protocol_tree(capture_file *cf, const char *string,
|
|
|
|
|
search_direction dir);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
2011-01-31 12:19:15 +00:00
|
|
|
/**
|
|
|
|
|
* Find field with a label that contains text string cfile->sfilter.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param tree the protocol tree
|
|
|
|
|
* @param mdata the first field (mdata->finfo) that matched the string
|
|
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
extern gboolean cf_find_string_protocol_tree(capture_file *cf, proto_tree *tree,
|
|
|
|
|
match_data *mdata);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* Find packet whose summary line contains a specified text string.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param string the string to find
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* @param dir direction in which to search
|
2005-02-04 18:44:44 +00:00
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
gboolean cf_find_packet_summary_line(capture_file *cf, const char *string,
|
|
|
|
|
search_direction dir);
|
2005-02-04 18:44:44 +00:00
|
|
|
|
|
|
|
|
/**
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* Find packet whose data contains a specified byte string.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param string the string to find
|
|
|
|
|
* @param string_size the size of the string to find
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* @param dir direction in which to search
|
2005-02-04 18:44:44 +00:00
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_find_packet_data(capture_file *cf, const guint8 *string,
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
size_t string_size, search_direction dir);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Find packet that matches a compiled display filter.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param sfcode the display filter to match
|
|
|
|
|
* @param dir direction in which to search
|
|
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_find_packet_dfilter(capture_file *cf, dfilter_t *sfcode,
|
|
|
|
|
search_direction dir);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Find packet that matches a display filter given as a text string.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param filter the display filter to match
|
|
|
|
|
* @param dir direction in which to search
|
|
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
gboolean
|
|
|
|
|
cf_find_packet_dfilter_string(capture_file *cf, const char *filter,
|
|
|
|
|
search_direction dir);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Find marked packet.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param dir direction in which to search
|
|
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_find_packet_marked(capture_file *cf, search_direction dir);
|
Get rid of the EBCDIC stuff in the find dialog - it's not supported yet,
so we shouldn't torment the users by offering it.
Check the string type and convert it to an internal representation in
the GUI code; have the search code deal only with the internal
representation.
Save the case-sensitivity flag, and the indication of where string
searches look, along with other search parameters.
Upper-casify the string, for case-insensitive searches, in the GUI code;
don't save the upper-casified string, so it doesn't SHOUT at you when
you next pop up a "find" dialog.
Convert the hex value string to raw binary data in the GUI code, rather
than doing so in the search code. Check that it's a valid string.
Connect the signals to the radio buttons after the pointers have been
attached to various GUI items - the signal handlers expect some of those
pointers to be attached, and aren't happy if they're not.
Have "find_packet()" contain a framework for searching, but not contain
the matching code; instead, pass it a pointer to a matching routine and
an opaque pointer to be passed to the matching routine. Have all the
routines that do different types of searching have their own matching
routines, and use the common "find_packet()" code, rather than
duplicating that code.
Search for the Info column by column type, not by name (the user can
change the name).
When matching on the protocol tree, don't format the entire protocol
tree into a big buffer - just have a routine that matches the text
representation of a protocol tree item against a string, and, if it
finds a match, sets a "we found a match flag" and returns; have that
routine not bother doing any more work if that flag is set.
(Unfortunately, you can't abort "g_node_children_foreach()" in the
middle of a traversal.)
Free the generated display filter code after a find-by-display-filter
finishes.
svn path=/trunk/; revision=8306
2003-08-29 04:03:46 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* Find time-reference packet.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
* @param dir direction in which to search
|
2005-02-04 18:44:44 +00:00
|
|
|
* @return TRUE if a packet was found, FALSE otherwise
|
|
|
|
|
*/
|
Instead of using a Boolean for the search direction, use an enum, so
that you can tell from examination whether the search is forward or
backward.
Make the cf_find_packet routines take the direction as an explicit
argument, rather than, in the cases where you don't want to permanently
set the direction, saving the direction in the capture_file structure,
changing it, doing the search, and restoring the saved direction. Give
more information in the Doxygen comments for those routines.
Add a cf_find_packet_dfilter_string() routine, which takes a filter
string rather than a compiled filter as an argument. Replace
find_previous_next_frame_with_filter() with it.
Have cf_read_frame_r() and cf_read_frame() pop up the error dialog if
the read fails, rather than leaving that up to its caller. That lets us
eliminate cf_read_error_message(), by swallowing its code into
cf_read_frame_r(). Add Doxygen comments for cf_read_frame_r() and
cf_read_frame().
Don't have find_packet() read the packet before calling the callback
routine; leave that up to the callback routine.
Add cf_find_packet_marked(), to find the next or previous marked packet,
and cf_find_packet_time_reference(), to find the next or previous time
reference packet. Those routines do *not* need to read the packet data
to see if it matches; that lets them run much faster.
Clean up indentation.
svn path=/trunk/; revision=33791
2010-08-13 07:39:46 +00:00
|
|
|
gboolean cf_find_packet_time_reference(capture_file *cf, search_direction dir);
|
2004-01-20 18:47:25 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* GoTo Packet in first row.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @return TRUE if the first row exists, FALSE otherwise
|
|
|
|
|
*/
|
2011-05-17 21:26:25 +00:00
|
|
|
gboolean cf_goto_top_frame(void);
|
1999-11-30 07:27:37 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* GoTo Packet in last row.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @return TRUE if last row exists, FALSE otherwise
|
|
|
|
|
*/
|
2011-05-17 21:26:25 +00:00
|
|
|
gboolean cf_goto_bottom_frame(void);
|
1999-06-19 01:14:51 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* GoTo Packet with the given row.
|
2010-05-27 23:55:04 +00:00
|
|
|
*
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param row the row to go to
|
|
|
|
|
* @return TRUE if this row exists, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_goto_frame(capture_file *cf, guint row);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Go to frame specified by currently selected protocol tree field.
|
|
|
|
|
* (Go To Corresponding Packet)
|
|
|
|
|
* @todo this is ugly and should be improved!
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @return TRUE if this packet exists, FALSE otherwise
|
|
|
|
|
*/
|
|
|
|
|
gboolean cf_goto_framenum(capture_file *cf);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Select the packet in the given row.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param row the row to select
|
|
|
|
|
*/
|
|
|
|
|
void cf_select_packet(capture_file *cf, int row);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Unselect all packets, if any.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
*/
|
|
|
|
|
void cf_unselect_packet(capture_file *cf);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Unselect all protocol tree fields, if any.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
*/
|
|
|
|
|
void cf_unselect_field(capture_file *cf);
|
Enable "Match Selected" only if there's a field selected *and* we can do
a "Match Selected" on it - we can't do a "Match Selected" if the field
has no value (e.g., FT_NULL) and has a length of 0.
If we unselect the current packet, we don't have a protocol tree, so we
don't have a currently selected field - clear the "Match Selected" menu
item and the display in the status line of information about the
currently selected field.
Move the low-level statusbar manipulation into "gtk/main.c", in routines
whose API doesn't expose anything GTK+-ish.
"close_cap_file()" calls one of those routines to clear out the status
bar, so it doesn't need to take a pointer to the statusbar widget as an
argument.
"clear_tree_and_hex_views()" is purely a display-manipulating routine;
move it to "gtk/proto_draw.c".
Extract from "tree_view_unselect_row_cb()" an "unselect_field()" routine
to do all the work that needs to be done if the currently selected
protocol tree row is unselected, and call it if the currently selected
packet list row is unselected (if it's unselected, there *is* no
protocol tree, so no row can be selected), as well as from
"tree_view_unselect_row_cb()".
Before pushing a new field-description message onto the statusbar, pop
the old one off.
Get rid of an unused variable (set, but not used).
svn path=/trunk/; revision=3513
2001-06-05 07:39:31 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
2001-12-06 02:21:26 +00:00
|
|
|
* Mark a particular frame in a particular capture.
|
2005-02-04 18:44:44 +00:00
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param frame the frame to be marked
|
2001-12-06 02:21:26 +00:00
|
|
|
*/
|
2005-02-04 18:44:44 +00:00
|
|
|
void cf_mark_frame(capture_file *cf, frame_data *frame);
|
2001-12-06 02:21:26 +00:00
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
2001-12-06 02:21:26 +00:00
|
|
|
* Unmark a particular frame in a particular capture.
|
2005-02-04 18:44:44 +00:00
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param frame the frame to be unmarked
|
2001-12-06 02:21:26 +00:00
|
|
|
*/
|
2005-02-04 18:44:44 +00:00
|
|
|
void cf_unmark_frame(capture_file *cf, frame_data *frame);
|
2001-12-06 02:21:26 +00:00
|
|
|
|
2009-12-17 01:18:14 +00:00
|
|
|
/**
|
|
|
|
|
* Ignore a particular frame in a particular capture.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param frame the frame to be ignored
|
|
|
|
|
*/
|
|
|
|
|
void cf_ignore_frame(capture_file *cf, frame_data *frame);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Unignore a particular frame in a particular capture.
|
|
|
|
|
*
|
|
|
|
|
* @param cf the capture file
|
|
|
|
|
* @param frame the frame to be unignored
|
|
|
|
|
*/
|
|
|
|
|
void cf_unignore_frame(capture_file *cf, frame_data *frame);
|
|
|
|
|
|
2005-02-04 18:44:44 +00:00
|
|
|
/**
|
|
|
|
|
* Merge two (or more) capture files into one.
|
|
|
|
|
* @todo is this the right place for this function? It doesn't have to do a lot with capture_file.
|
|
|
|
|
*
|
2005-02-17 03:05:54 +00:00
|
|
|
* @param out_filename pointer to output filename; if output filename is
|
|
|
|
|
* NULL, a temporary file name is generated and *out_filename is set
|
|
|
|
|
* to point to the generated file name
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param in_file_count the number of input files to merge
|
2010-08-26 20:31:09 +00:00
|
|
|
* @param in_filenames array of input filenames
|
2005-02-04 18:44:44 +00:00
|
|
|
* @param file_type the output filetype
|
|
|
|
|
* @param do_append FALSE to merge chronologically, TRUE simply append
|
2005-02-05 14:33:03 +00:00
|
|
|
* @return one of cf_status_t
|
2005-02-04 18:44:44 +00:00
|
|
|
*/
|
2005-02-05 13:44:27 +00:00
|
|
|
cf_status_t
|
2005-02-17 03:05:54 +00:00
|
|
|
cf_merge_files(char **out_filename, int in_file_count,
|
2005-02-04 18:44:44 +00:00
|
|
|
char *const *in_filenames, int file_type, gboolean do_append);
|
Improve the alert boxes put up for file open/read/write errors. (Some
influence came from
http://developer.apple.com/techpubs/mac/HIGuidelines/HIGuidelines-232.html
which has a section on dialog box and alert box messages. However,
we're largely dealing with technoids, not with The Rest Of Us, so I
didn't go as far as one perhaps should.)
Unfortunately, it looks like it's a bit more work to arrange that, if
you give a bad file name to the "-r" flag, the dialog box pop up only
*after* the main window pops up - it has the annoying habit of popping
up *before* the main window pops up, and sometimes getting *obscured* by
it, when I do that. The removal of the dialog box stuff from
"load_cap_file()" was intended to facilitate that work. (It might also
be nice if, when an open from the "File/Open" menu item fails, we keep
the file selection box open, and give the user a chance to correct
typos, choose another file name, etc.)
svn path=/trunk/; revision=310
1999-06-12 09:10:20 +00:00
|
|
|
|
2008-10-03 05:21:28 +00:00
|
|
|
#if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
|
|
|
|
|
void read_keytab_file(const char *);
|
|
|
|
|
#endif
|
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
#endif /* file.h */
|