1998-09-16 02:39:15 +00:00
|
|
|
/* packet.h
|
|
|
|
|
* Definitions for packet disassembly structures and routines
|
|
|
|
|
*
|
2001-11-26 05:41:15 +00:00
|
|
|
* $Id: packet.h,v 1.41 2001/11/26 05:41:13 hagbard Exp $
|
1998-09-16 03:22:19 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* Ethereal - Network traffic analyzer
|
2001-06-02 08:23:10 +00:00
|
|
|
* By Gerald Combs <gerald@ethereal.com>
|
1998-09-16 02:39:15 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef __PACKET_H__
|
|
|
|
|
#define __PACKET_H__
|
|
|
|
|
|
1999-08-20 06:55:20 +00:00
|
|
|
#include "wiretap/wtap.h"
|
1999-07-12 21:39:28 +00:00
|
|
|
#include "proto.h"
|
2000-05-11 08:18:09 +00:00
|
|
|
#include "tvbuff.h"
|
2000-08-30 02:50:18 +00:00
|
|
|
#include "pint.h"
|
2001-04-01 02:47:56 +00:00
|
|
|
#include "to_str.h"
|
2001-04-01 03:18:41 +00:00
|
|
|
#include "value_string.h"
|
2001-04-01 03:42:00 +00:00
|
|
|
#include "column_info.h"
|
2001-04-01 04:11:51 +00:00
|
|
|
#include "frame_data.h"
|
2001-04-01 04:50:42 +00:00
|
|
|
#include "packet_info.h"
|
2001-04-01 07:32:35 +00:00
|
|
|
#include "column-utils.h"
|
2001-11-21 23:16:26 +00:00
|
|
|
#include "epan.h"
|
1998-09-16 02:39:15 +00:00
|
|
|
|
2000-08-22 08:19:40 +00:00
|
|
|
#define hi_nibble(b) (((b) & 0xf0) >> 4)
|
|
|
|
|
#define lo_nibble(b) ((b) & 0x0f)
|
1999-02-08 20:02:35 +00:00
|
|
|
|
1999-07-12 21:39:28 +00:00
|
|
|
/* Useful when you have an array whose size you can tell at compile-time */
|
|
|
|
|
#define array_length(x) (sizeof x / sizeof x[0])
|
|
|
|
|
|
1999-09-17 05:56:58 +00:00
|
|
|
/* Check whether the "len" bytes of data starting at "offset" is
|
2001-11-20 21:59:18 +00:00
|
|
|
* entirely inside the captured data for this packet. */
|
|
|
|
|
#define BYTES_ARE_IN_FRAME(offset, captured_len, len) \
|
|
|
|
|
((offset) + (len) <= (captured_len))
|
1999-09-17 05:56:58 +00:00
|
|
|
|
1999-07-12 21:39:28 +00:00
|
|
|
/* To pass one of two strings, singular or plural */
|
|
|
|
|
#define plurality(d,s,p) ((d) == 1 ? (s) : (p))
|
1998-09-16 02:39:15 +00:00
|
|
|
|
1999-02-09 00:35:38 +00:00
|
|
|
typedef struct _packet_counts {
|
2000-05-26 22:08:16 +00:00
|
|
|
gint sctp;
|
1999-02-09 00:35:38 +00:00
|
|
|
gint tcp;
|
|
|
|
|
gint udp;
|
1999-08-14 23:47:20 +00:00
|
|
|
gint icmp;
|
1999-02-09 00:35:38 +00:00
|
|
|
gint ospf;
|
1999-07-12 21:39:28 +00:00
|
|
|
gint gre;
|
1999-08-10 20:06:39 +00:00
|
|
|
gint netbios;
|
1999-11-30 23:56:37 +00:00
|
|
|
gint ipx;
|
2000-01-20 21:34:16 +00:00
|
|
|
gint vines;
|
1999-02-09 00:35:38 +00:00
|
|
|
gint other;
|
|
|
|
|
gint total;
|
|
|
|
|
} packet_counts;
|
|
|
|
|
|
1999-11-22 06:24:56 +00:00
|
|
|
/* Types of character encodings */
|
|
|
|
|
typedef enum {
|
2000-04-13 20:39:38 +00:00
|
|
|
CHAR_ASCII = 0, /* ASCII */
|
|
|
|
|
CHAR_EBCDIC = 1 /* EBCDIC */
|
1999-11-22 06:24:56 +00:00
|
|
|
} char_enc;
|
|
|
|
|
|
1999-10-12 06:21:15 +00:00
|
|
|
/* Struct for boolean enumerations */
|
|
|
|
|
typedef struct true_false_string {
|
|
|
|
|
char *true_string;
|
|
|
|
|
char *false_string;
|
|
|
|
|
} true_false_string;
|
|
|
|
|
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void packet_init(void);
|
|
|
|
|
extern void packet_cleanup(void);
|
2000-10-06 10:11:40 +00:00
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
/* Hash table for matching port numbers and dissectors */
|
Change the sub-dissector handoff registration routines so that the
sub-dissector table is not stored in the header_field_info struct, but
in a separate namespace. Dissector tables are now registered by name
and not by field ID. For example:
udp_dissector_table = register_dissector_table("udp.port");
Because of this different namespace, dissector tables can have names
that are not field names. This is useful for ethertype, since multiple
fields are "ethertypes".
packet-ethertype.c replaces ethertype.c (the name was changed so that it
would be named in the same fashion as all the filenames passed to make-reg-dotc)
Although it registers no protocol or field, it registers one dissector table:
ethertype_dissector_table = register_dissector_table("ethertype");
All protocols that can be called because of an ethertype field now register
that fact with dissector_add() calls.
In this way, one dissector_table services all ethertype fields
(hf_eth_type, hf_llc_type, hf_null_etype, hf_vlan_etype)
Furthermore, the code allows for names of protocols to exist in the
etype_vals, yet a dissector for that protocol doesn't exist. The name
of the dissector is printed in COL_INFO. You're welcome, Richard. :-)
svn path=/trunk/; revision=1848
2000-04-13 18:18:56 +00:00
|
|
|
typedef GHashTable* dissector_table_t;
|
1999-10-12 06:21:15 +00:00
|
|
|
|
2000-04-03 09:24:12 +00:00
|
|
|
/* types for sub-dissector lookup */
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
typedef void (*old_dissector_t)(const u_char *, int, frame_data *, proto_tree *);
|
|
|
|
|
typedef void (*dissector_t)(tvbuff_t *, packet_info *, proto_tree *);
|
2000-04-03 09:24:12 +00:00
|
|
|
|
2001-02-01 07:34:33 +00:00
|
|
|
typedef void (*DATFunc) (gchar *table_name, gpointer key, gpointer value, gpointer user_data);
|
|
|
|
|
|
|
|
|
|
/* Opaque structure - provides type checking but no access to components */
|
|
|
|
|
typedef struct dtbl_entry dtbl_entry_t;
|
|
|
|
|
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern gint dissector_get_proto (dtbl_entry_t * entry);
|
|
|
|
|
extern gint dissector_get_initial_proto (dtbl_entry_t * entry);
|
|
|
|
|
extern void dissector_table_foreach_changed (char *name, DATFunc func,
|
|
|
|
|
gpointer user_data);
|
|
|
|
|
extern void dissector_table_foreach (char *name, DATFunc func,
|
|
|
|
|
gpointer user_data);
|
|
|
|
|
extern void dissector_all_tables_foreach_changed (DATFunc func,
|
|
|
|
|
gpointer user_data);
|
2001-02-01 07:34:33 +00:00
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
/* a protocol uses the function to register a sub-dissector table */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern dissector_table_t register_dissector_table(const char *name);
|
2000-04-03 09:24:12 +00:00
|
|
|
|
|
|
|
|
/* Add a sub-dissector to a dissector table. Called by the protocol routine */
|
|
|
|
|
/* that wants to register a sub-dissector. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void dissector_add(const char *abbrev, guint32 pattern,
|
2001-01-09 06:32:10 +00:00
|
|
|
dissector_t dissector, int proto);
|
2000-04-03 09:24:12 +00:00
|
|
|
|
|
|
|
|
/* Add a sub-dissector to a dissector table. Called by the protocol routine */
|
|
|
|
|
/* that wants to de-register a sub-dissector. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void dissector_delete(const char *name, guint32 pattern,
|
|
|
|
|
dissector_t dissector);
|
2000-04-03 09:24:12 +00:00
|
|
|
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void dissector_change(const char *abbrev, guint32 pattern,
|
2001-10-31 05:59:20 +00:00
|
|
|
dissector_t dissector, int proto);
|
|
|
|
|
|
|
|
|
|
/* Reset a dissector in a sub-dissector table to its initial value. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void dissector_reset(const char *name, guint32 pattern);
|
2001-02-01 07:34:33 +00:00
|
|
|
|
Make a routine that takes a dissector table, a port number, and
pd/offset/fd/tree arguments, looks up the port number in the dissector
table, and:
if it finds it, call the corresponding dissector routine with
the pd/offset/fd/tree arguments, and return TRUE;
if it doesn't find it, return FALSE.
Use that in the TCP and UDP dissectors.
Don't add arbitrary UDP ports for which a dissector is found in the
table as ports that should be dissected as TFTP; this should only be
done if we find a packet going from port XXX to the official TFTP port.
Don't register TFTP in UDP's dissector table, as it has to be handled
specially (i.e., we have to add the source port as a TFTP port, although
we really should register the source port *and* IP address); eventually,
we should move that registration to the TFTP dissector itself, at which
point we can register TFTP normally.
svn path=/trunk/; revision=1785
2000-04-04 05:37:36 +00:00
|
|
|
/* Look for a given port in a given dissector table and, if found, call
|
|
|
|
|
the dissector with the arguments supplied, and return TRUE, otherwise
|
|
|
|
|
return FALSE. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern gboolean dissector_try_port(dissector_table_t sub_dissectors,
|
|
|
|
|
guint32 port, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
|
2000-04-03 09:24:12 +00:00
|
|
|
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
/* List of "heuristic" dissectors (which get handed a packet, look at it,
|
|
|
|
|
and either recognize it as being for their protocol, dissect it, and
|
|
|
|
|
return TRUE, or don't recognize it and return FALSE) to be called
|
|
|
|
|
by another dissector. */
|
|
|
|
|
typedef GSList *heur_dissector_list_t;
|
|
|
|
|
|
|
|
|
|
/* Type of a heuristic dissector */
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
typedef gboolean (*heur_dissector_t)(tvbuff_t *, packet_info *,
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
proto_tree *);
|
|
|
|
|
|
|
|
|
|
/* A protocol uses this function to register a heuristic dissector list */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void register_heur_dissector_list(const char *name,
|
|
|
|
|
heur_dissector_list_t *list);
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
|
|
|
|
|
/* Add a sub-dissector to a heuristic dissector list. Called by the
|
|
|
|
|
protocol routine that wants to register a sub-dissector. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void heur_dissector_add(const char *name, heur_dissector_t dissector,
|
2001-01-09 06:32:10 +00:00
|
|
|
int proto);
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
|
|
|
|
|
/* Try all the dissectors in a given heuristic dissector list until
|
|
|
|
|
we find one that recognizes the protocol, in which case we return
|
|
|
|
|
TRUE, or we run out of dissectors, in which case we return FALSE. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern gboolean dissector_try_heuristic(heur_dissector_list_t sub_dissectors,
|
Allow either old-style (pre-tvbuff) or new-style (tvbuffified)
dissectors to be registered as dissectors for particular ports,
registered as heuristic dissectors, and registered as dissectors for
conversations, and have routines to be used both by old-style and
new-style dissectors to call registered dissectors.
Have the code that calls those dissectors translate the arguments as
necessary. (For conversation dissectors, replace
"find_conversation_dissector()", which just returns a pointer to the
dissector, with "old_try_conversation_dissector()" and
"try_conversation_dissector()", which actually call the dissector, so
that there's a single place at which we can do that translation. Also
make "dissector_lookup()" static and, instead of calling it and, if it
returns a non-null pointer, calling that dissector, just use
"old_dissector_try_port()" or "dissector_try_port()", for the same
reason.)
This allows some dissectors that took old-style arguments and
immediately translated them to new-style arguments to just take
new-style arguments; make them do so. It also allows some new-style
dissectors not to have to translate arguments before calling routines to
look up and call dissectors; make them not do so.
Get rid of checks for too-short frames in new-style dissectors - the
tvbuff code does those checks for you.
Give the routines to register old-style dissectors, and to call
dissectors from old-style dissectors, names beginning with "old_", with
the routines for new-style dissectors not having the "old_". Update the
dissectors that use those routines appropriately.
Rename "dissect_data()" to "old_dissect_data()", and
"dissect_data_tvb()" to "dissect_data()".
svn path=/trunk/; revision=2218
2000-08-07 03:21:25 +00:00
|
|
|
tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree);
|
Add routines to:
register lists of "heuristic" dissectors, which are handed a
frame that may or may contain a payload for the protocol they
dissect, and that return FALSE if it's not or dissect the packet
and return TRUE if it is;
add a dissector to such a list;
go through such a list, calling each dissector until either a
dissector returns TRUE, in which case the routine returns TRUE,
or it runs out of entries in the list, in which case the routine
returns FALSE.
Have lists of heuristic dissectors for TCP and for COTP when used with
the Inactive Subset of CLNP, and add the GIOP and Yahoo Messenger
dissectors to the first list and the Sinec H1 dissector to the second
list.
Make the dissector name argument to "dissector_add()" and
"dissector_delete()" a "const char *" rarther than just a "char *".
Add "heur_dissector_add()", the routine to add a heuristic dissector to
a list of heuristic dissectors, to the set of routines we can export to
plugins through a table on platforms where dynamically-loaded code can't
call stuff in the main program, and initialize the element in the table
in question for "dissector_add()" (which we'd forgotten to do).
svn path=/trunk/; revision=1909
2000-05-05 09:32:36 +00:00
|
|
|
|
Add tables of "conversation" dissectors, which are associated with
particular protocols, and which keep track of all dissectors that could
be associated with conversations using those particular protocols - for
example, the RTP and RTCP dissectors could be assigned to UDP
conversations.
This is for future use with UI features allowing the dissector for a
given conversation to be set from the UI, to allow
1) conversations between two ports, both of which have
dissectors associated with them, that have been given to the
wrong dissector to be given to the right dissector;
2) conversations between two ports, neither of which have
dissectors associated with them, to be given to a dissector
(RTP and RTCP, for example, typically run on random ports,
and if you don't have, in a capture, traffic that would say
"OK, traffic between these two hosts and ports will be RTP
traffic", you may have to tell Ethereal explicitly what
protocol the conversation is).
svn path=/trunk/; revision=2848
2001-01-09 05:53:21 +00:00
|
|
|
/* List of "conversation" dissectors (they're not heuristic, but are
|
|
|
|
|
assigned to a conversation if some other dissector sees some traffic
|
|
|
|
|
saying "traffic between these hosts on these ports will be of type
|
|
|
|
|
XXX", e.g. RTSP traffic doing so).
|
|
|
|
|
|
|
|
|
|
These lists are for use by the UI, which, for a given conversation,
|
|
|
|
|
would offer a list of dissectors that could be used with it; this
|
|
|
|
|
would include dissectors on the conversation dissector list for
|
|
|
|
|
the transport-layer protocol for the conversation, as well as
|
|
|
|
|
dissectors for any port-based lists for that protocol (as a conversation
|
|
|
|
|
between two ports, both of which have dissectors associated with them,
|
|
|
|
|
might have been given to the wrong one of those dissectors). */
|
|
|
|
|
typedef GSList *conv_dissector_list_t;
|
|
|
|
|
|
|
|
|
|
/* A protocol uses this function to register a conversation dissector list */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void register_conv_dissector_list(const char *name,
|
|
|
|
|
conv_dissector_list_t *list);
|
Add tables of "conversation" dissectors, which are associated with
particular protocols, and which keep track of all dissectors that could
be associated with conversations using those particular protocols - for
example, the RTP and RTCP dissectors could be assigned to UDP
conversations.
This is for future use with UI features allowing the dissector for a
given conversation to be set from the UI, to allow
1) conversations between two ports, both of which have
dissectors associated with them, that have been given to the
wrong dissector to be given to the right dissector;
2) conversations between two ports, neither of which have
dissectors associated with them, to be given to a dissector
(RTP and RTCP, for example, typically run on random ports,
and if you don't have, in a capture, traffic that would say
"OK, traffic between these two hosts and ports will be RTP
traffic", you may have to tell Ethereal explicitly what
protocol the conversation is).
svn path=/trunk/; revision=2848
2001-01-09 05:53:21 +00:00
|
|
|
|
|
|
|
|
/* Add a sub-dissector to a conversation dissector list. Called by the
|
|
|
|
|
protocol routine that wants to register a sub-dissector. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void conv_dissector_add(const char *name, dissector_t dissector,
|
2001-01-09 06:32:10 +00:00
|
|
|
int proto);
|
Add tables of "conversation" dissectors, which are associated with
particular protocols, and which keep track of all dissectors that could
be associated with conversations using those particular protocols - for
example, the RTP and RTCP dissectors could be assigned to UDP
conversations.
This is for future use with UI features allowing the dissector for a
given conversation to be set from the UI, to allow
1) conversations between two ports, both of which have
dissectors associated with them, that have been given to the
wrong dissector to be given to the right dissector;
2) conversations between two ports, neither of which have
dissectors associated with them, to be given to a dissector
(RTP and RTCP, for example, typically run on random ports,
and if you don't have, in a capture, traffic that would say
"OK, traffic between these two hosts and ports will be RTP
traffic", you may have to tell Ethereal explicitly what
protocol the conversation is).
svn path=/trunk/; revision=2848
2001-01-09 05:53:21 +00:00
|
|
|
|
2001-02-01 07:34:33 +00:00
|
|
|
/* Opaque structure - provides type checking but no access to components */
|
|
|
|
|
typedef struct conv_dtbl_entry conv_dtbl_entry_t;
|
|
|
|
|
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern gint conv_dissector_get_proto (conv_dtbl_entry_t * entry);
|
|
|
|
|
extern void dissector_conv_foreach(char *name, DATFunc func,
|
|
|
|
|
gpointer user_data);
|
|
|
|
|
extern void dissector_all_conv_foreach(DATFunc func, gpointer user_data);
|
2001-02-01 07:34:33 +00:00
|
|
|
|
2000-11-18 10:51:07 +00:00
|
|
|
/* Handle for dissectors you call directly.
|
|
|
|
|
This handle is opaque outside of "packet.c". */
|
|
|
|
|
struct dissector_handle;
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
typedef struct dissector_handle *dissector_handle_t;
|
|
|
|
|
|
|
|
|
|
/* Register a dissector. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void register_dissector(const char *name, dissector_t dissector,
|
|
|
|
|
int proto);
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
|
|
|
|
|
/* Find a dissector by name. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern dissector_handle_t find_dissector(const char *name);
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
|
|
|
|
|
/* Call a dissector through a handle. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void call_dissector(dissector_handle_t handle, tvbuff_t *tvb,
|
Add a mechanism by which a dissector can be registered by name, another
dissector can get a "handle" for that dissector by name and then call
that dissector through the handle.
This allows dissectors that can't be called through a port table or a
heuristic table to be called from other dissectors without directly
referring to the dissector function - dynamically-loaded modules, under
Windows, cannot directly call functions in the main program, and
non-plugin dissectors are in the main program and thus cannot be called
from plugin dissectors unless either
1) a pointer to the dissector is put in the Big Transfer Vector
or
2) some other mechanism for getting a pointer to the dissector
is provided.
This mechanism could also support registering old-style dissectors and
calling them from new-style dissectors without the new-style dissector
having to do the argument translation itself (I didn't add support for
registering old-style dissectors because I'd prefer to have people
tvbuffify their code if they have to register a dissector...).
It could also, in the future, perhaps support
disabling of protocols;
setting "pinfo->current_proto";
inside "call_dissector()" - and inside "{old_}dissector_try_port()" and
"{old_"dissector_try_heuristic()" - allowing a pile of stuff that
currently has to be done in every dissector be done by common code.
(I have some ideas about how to do this, by
having "proto_register_protocol()" take an abbreviation - of the
sort that would be put in, for example, "pinfo->current_proto" -
as an argument;
having the calls to register dissectors take an index returned
by "proto_register_protocol()" as an argument.
The abbreviation could be used elsewhere as well, e.g. in the "Decoding"
tab of the "Edit->Protocols" dialog box, and in a GUI for constructing
protocol filters. Watch this space.)
Make "dissect_sdp()" the first client of this mechanism; it's now static
to "packet-sdp.c", and all dissectors that call it - including the MGCP
plugin - now call it through a dissector handle fetched by
"find_dissector()". (Next step - see if Ethereal can now compile on
Windows as a result of this.)
svn path=/trunk/; revision=2647
2000-11-15 07:07:52 +00:00
|
|
|
packet_info *pinfo, proto_tree *tree);
|
|
|
|
|
|
2000-04-04 07:03:07 +00:00
|
|
|
/* Do all one-time initialization. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void dissect_init(void);
|
2000-04-04 07:03:07 +00:00
|
|
|
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void dissect_cleanup(void);
|
2000-04-04 07:03:07 +00:00
|
|
|
|
2001-06-29 09:46:54 +00:00
|
|
|
/*
|
|
|
|
|
* Given a tvbuff, a packet_info *, and a length from a packet header,
|
|
|
|
|
* adjust the length of the tvbuff, and the "len" and "captured_len"
|
|
|
|
|
* members of the "packet_info" structure, to reflect the specified
|
|
|
|
|
* length.
|
|
|
|
|
*/
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void set_actual_length(tvbuff_t *tvb, packet_info *pinfo,
|
|
|
|
|
guint specified_len);
|
2001-06-29 09:46:54 +00:00
|
|
|
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
/* Allow protocols to register "init" routines, which are called before
|
|
|
|
|
we make a pass through a capture file and dissect all its packets
|
|
|
|
|
(e.g., when we read in a new capture file, or run a "filter packets"
|
|
|
|
|
or "colorize packets" pass over the current capture file). */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void register_init_routine(void (*func)(void));
|
Provide a general mechanism by which dissectors can register "init"
routines, which are called before a dissection pass is made over all the
packets in a capture - the "init" routine would clear out any state
information that needs to be initialized before such a dissection pass.
Make the NCP, SMB, AFS, and ONC RPC dissectors register their "init"
routines with that mechanism, have the code that reads in a capture file
call the routine that calls all registered "init" routines rather than
calling a wired-in set of "init" routines, and also have the code that
runs a filtering or colorizing pass over all the packets call that
routine, as a filtering or colorizing pass is a dissection pass.
Have the ONC RPC "init" routine zero out the table of RPC calls, so that
it completely erases any state from the previous dissection pass (so
that, for example, if you run a filtering pass, it doesn't mark any
non-duplicate packets as duplicates because it remembers them from the
previous pass).
svn path=/trunk/; revision=1050
1999-11-17 21:58:33 +00:00
|
|
|
|
|
|
|
|
/* Call all the registered "init" routines. */
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void init_all_protocols(void);
|
1999-10-10 11:50:45 +00:00
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
/*
|
2000-10-06 10:11:40 +00:00
|
|
|
* Dissectors should never modify the packet data.
|
1998-09-16 02:39:15 +00:00
|
|
|
*/
|
2001-11-21 23:16:26 +00:00
|
|
|
extern void dissect_packet(struct _epan_dissect_t *edt,
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
union wtap_pseudo_header *pseudo_header, const u_char *pd,
|
2001-11-21 23:16:26 +00:00
|
|
|
frame_data *fd);
|
1999-02-15 06:36:57 +00:00
|
|
|
|
2001-01-18 07:44:41 +00:00
|
|
|
/* These functions are in packet-ethertype.c */
|
2001-11-20 21:59:18 +00:00
|
|
|
extern void capture_ethertype(guint16 etype, const u_char *pd, int offset,
|
|
|
|
|
int len, packet_counts *ld);
|
Put "extern" in front of a pile of function declarations.
It makes no difference if they really are function declarations;
however, in plugins, when building on OSes that don't let
dynamically-loaded modules access functions in the main program (e.g.,
Windows), when compiling a plugin, <plugin_api.h> defines the names of
those functions as (*pointer_name), so they turn into declarations of
pointer variables pointing to the functions in question, and, on
platforms with a def/ref model in the linker, if a plugin has more than
one source file that gets linked into the plugin, the linker may get
upset at two definitions of the same variable.
svn path=/trunk/; revision=4114
2001-10-31 07:47:27 +00:00
|
|
|
extern void ethertype(guint16 etype, tvbuff_t *tvb, int offset_after_ethertype,
|
2001-01-18 07:44:41 +00:00
|
|
|
packet_info *pinfo, proto_tree *tree, proto_tree *fh_tree,
|
|
|
|
|
int etype_id, int trailer_id);
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
|
#endif /* packet.h */
|