tap: Mark filtered packets instead of dropping them

Allows packets to be filtered but marked and not removed from the
tap listing. Additionally a total is calculated for all rx/tx frames
and bytes
This commit is contained in:
Roland Knall 2022-06-09 22:10:49 +02:00
parent 2cf938cfa8
commit 0640b711ea
24 changed files with 173 additions and 59 deletions

View File

@ -662,19 +662,35 @@ add_conversation_table_data_with_conv_id(
g_hash_table_insert(ch->hashtable, new_key, GUINT_TO_POINTER(conversation_idx));
/* update the conversation struct */
conv_item->tx_frames += num_frames;
conv_item->tx_bytes += num_bytes;
conv_item->tx_frames_total += num_frames;
conv_item->tx_bytes_total += num_bytes;
conv_item->filtered = TRUE;
if (! (ch->flags & TL_DISPLAY_FILTER_IGNORED)) {
conv_item->tx_frames += num_frames;
conv_item->tx_bytes += num_bytes;
conv_item->filtered = FALSE;
}
} else {
/*
* update an existing conversation
* update the conversation struct
*/
if (is_fwd_direction) {
conv_item->tx_frames += num_frames;
conv_item->tx_bytes += num_bytes;
conv_item->tx_frames_total += num_frames;
conv_item->tx_bytes_total += num_bytes;
} else {
conv_item->rx_frames += num_frames;
conv_item->rx_bytes += num_bytes;
conv_item->rx_frames_total += num_frames;
conv_item->rx_bytes_total += num_bytes;
}
if (! (ch->flags & TL_DISPLAY_FILTER_IGNORED)) {
if( is_fwd_direction ){
conv_item->tx_frames += num_frames;
conv_item->tx_bytes += num_bytes;
} else {
conv_item->rx_frames += num_frames;
conv_item->rx_bytes += num_bytes;
}
conv_item->filtered = FALSE;
}
}
@ -767,6 +783,7 @@ add_hostlist_table_data(conv_hash_t *ch, const address *addr, guint32 port, gboo
host.rx_bytes=0;
host.tx_bytes=0;
host.modified = TRUE;
host.filtered = TRUE;
g_array_append_val(ch->conv_array, host);
talker_idx= ch->conv_array->len - 1;
@ -783,12 +800,23 @@ add_hostlist_table_data(conv_hash_t *ch, const address *addr, guint32 port, gboo
talker->modified = TRUE;
/* update the talker struct */
if (! (ch->flags & TL_DISPLAY_FILTER_IGNORED)) {
if( sender ){
talker->tx_frames+=num_frames;
talker->tx_bytes+=num_bytes;
} else {
talker->rx_frames+=num_frames;
talker->rx_bytes+=num_bytes;
}
talker->filtered = FALSE;
}
/* update the talker struct for total values */
if( sender ){
talker->tx_frames+=num_frames;
talker->tx_bytes+=num_bytes;
talker->tx_frames_total+=num_frames;
talker->tx_bytes_total+=num_bytes;
} else {
talker->rx_frames+=num_frames;
talker->rx_bytes+=num_bytes;
talker->rx_frames_total+=num_frames;
talker->rx_bytes_total+=num_bytes;
}
}

View File

@ -54,6 +54,7 @@ typedef struct _conversation_hash_t {
GHashTable *hashtable; /**< conversations hash table */
GArray *conv_array; /**< array of conversation values */
void *user_data; /**< "GUI" specifics (if necessary) */
guint flags; /**< flags given to the tap packet */
} conv_hash_t;
/** Key for hash lookups */
@ -110,9 +111,16 @@ typedef struct _conversation_item_t {
guint64 rx_bytes; /**< number of received bytes */
guint64 tx_bytes; /**< number of transmitted bytes */
guint64 rx_frames_total; /**< number of received packets */
guint64 tx_frames_total; /**< number of transmitted packets */
guint64 rx_bytes_total; /**< number of received bytes */
guint64 tx_bytes_total; /**< number of transmitted bytes */
nstime_t start_time; /**< relative start time for the conversation */
nstime_t stop_time; /**< relative stop time for the conversation */
nstime_t start_abs_time; /**< absolute start time for the conversation */
gboolean filtered; /**< the entry contains only filtered data */
} conv_item_t;
/** Hostlist information */
@ -127,7 +135,13 @@ typedef struct _hostlist_talker_t {
guint64 rx_bytes; /**< number of received bytes */
guint64 tx_bytes; /**< number of transmitted bytes */
guint64 rx_frames_total; /**< number of received packets */
guint64 tx_frames_total; /**< number of transmitted packets */
guint64 rx_bytes_total; /**< number of received bytes */
guint64 tx_bytes_total; /**< number of transmitted bytes */
gboolean modified; /**< new to redraw the row */
gboolean filtered; /**< the entry contains only filtered data */
} hostlist_talker_t;

View File

@ -4429,9 +4429,10 @@ static hostlist_dissector_info_t bluetooth_dissector_info = {&bluetooth_get_fil
static tap_packet_status
bluetooth_conversation_packet(void *pct, packet_info *pinfo,
epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
add_conversation_table_data(hash, &pinfo->dl_src, &pinfo->dl_dst, 0, 0, 1,
pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts,
&bluetooth_ct_dissector_info, ENDPOINT_NONE);
@ -4442,9 +4443,10 @@ bluetooth_conversation_packet(void *pct, packet_info *pinfo,
static tap_packet_status
bluetooth_hostlist_packet(void *pit, packet_info *pinfo,
epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
add_hostlist_table_data(hash, &pinfo->dl_src, 0, TRUE, 1, pinfo->fd->pkt_len, &bluetooth_dissector_info, ENDPOINT_NONE);
add_hostlist_table_data(hash, &pinfo->dl_dst, 0, FALSE, 1, pinfo->fd->pkt_len, &bluetooth_dissector_info, ENDPOINT_NONE);

View File

@ -440,9 +440,10 @@ static const char* dccp_conv_get_filter_type(conv_item_t* conv, conv_filter_type
static ct_dissector_info_t dccp_ct_dissector_info = {&dccp_conv_get_filter_type};
static tap_packet_status
dccpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
dccpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const e_dccphdr *dccphdr=(const e_dccphdr *)vip;
add_conversation_table_data_with_conv_id(hash, &dccphdr->ip_src, &dccphdr->ip_dst, dccphdr->sport, dccphdr->dport, (conv_id_t) dccphdr->stream, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &dccp_ct_dissector_info, ENDPOINT_DCCP);
@ -494,9 +495,10 @@ static const char* dccp_host_get_filter_type(hostlist_talker_t* host, conv_filte
static hostlist_dissector_info_t dccp_host_dissector_info = {&dccp_host_get_filter_type};
static tap_packet_status
dccpip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
dccpip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags )
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const e_dccphdr *dccphdr=(const e_dccphdr *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -156,9 +156,10 @@ static const char* eth_conv_get_filter_type(conv_item_t* conv, conv_filter_type_
static ct_dissector_info_t eth_ct_dissector_info = {&eth_conv_get_filter_type};
static tap_packet_status
eth_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
eth_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const eth_hdr *ehdr=(const eth_hdr *)vip;
add_conversation_table_data(hash, &ehdr->src, &ehdr->dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &eth_ct_dissector_info, ENDPOINT_NONE);
@ -177,9 +178,10 @@ static const char* eth_host_get_filter_type(hostlist_talker_t* host, conv_filter
static hostlist_dissector_info_t eth_host_dissector_info = {&eth_host_get_filter_type};
static tap_packet_status
eth_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
eth_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const eth_hdr *ehdr=(const eth_hdr *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -195,9 +195,10 @@ static const char* fc_conv_get_filter_type(conv_item_t* conv, conv_filter_type_e
static ct_dissector_info_t fc_ct_dissector_info = {&fc_conv_get_filter_type};
static tap_packet_status
fc_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
fc_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const fc_hdr *fchdr=(const fc_hdr *)vip;
add_conversation_table_data(hash, &fchdr->s_id, &fchdr->d_id, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &fc_ct_dissector_info, ENDPOINT_NONE);
@ -216,9 +217,10 @@ static const char* fc_host_get_filter_type(hostlist_talker_t* host, conv_filter_
static hostlist_dissector_info_t fc_host_dissector_info = {&fc_host_get_filter_type};
static tap_packet_status
fc_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
fc_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const fc_hdr *fchdr=(const fc_hdr *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -155,9 +155,10 @@ static const char* fddi_conv_get_filter_type(conv_item_t* conv, conv_filter_type
static ct_dissector_info_t fddi_ct_dissector_info = {&fddi_conv_get_filter_type};
static tap_packet_status
fddi_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
fddi_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const fddi_hdr *ehdr=(const fddi_hdr *)vip;
add_conversation_table_data(hash, &ehdr->src, &ehdr->dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &fddi_ct_dissector_info, ENDPOINT_NONE);
@ -176,9 +177,10 @@ static const char* fddi_host_get_filter_type(hostlist_talker_t* host, conv_filte
static hostlist_dissector_info_t fddi_host_dissector_info = {&fddi_host_get_filter_type};
static tap_packet_status
fddi_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
fddi_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const fddi_hdr *ehdr=(const fddi_hdr *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -7988,9 +7988,10 @@ wlan_conv_get_filter_type(conv_item_t* conv, conv_filter_type_e filter)
static ct_dissector_info_t wlan_ct_dissector_info = {&wlan_conv_get_filter_type};
static tap_packet_status
wlan_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
wlan_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const wlan_hdr_t *whdr=(const wlan_hdr_t *)vip;
add_conversation_table_data(hash, &whdr->src, &whdr->dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &wlan_ct_dissector_info, ENDPOINT_NONE);
@ -8010,9 +8011,10 @@ wlan_host_get_filter_type(hostlist_talker_t* host, conv_filter_type_e filter)
static hostlist_dissector_info_t wlan_host_dissector_info = {&wlan_host_get_filter_type};
static tap_packet_status
wlan_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
wlan_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const wlan_hdr_t *whdr=(const wlan_hdr_t *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -5560,9 +5560,10 @@ static const char* ieee802154_conv_get_filter_type(conv_item_t* conv, conv_filte
static ct_dissector_info_t ieee802154_ct_dissector_info = {&ieee802154_conv_get_filter_type };
static tap_packet_status ieee802154_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
static tap_packet_status ieee802154_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*)pct;
hash->flags = flags;
add_conversation_table_data(hash, &pinfo->dl_src, &pinfo->dl_dst, 0, 0, 1,
pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts,
@ -5585,9 +5586,10 @@ static const char* ieee802154_host_get_filter_type(hostlist_talker_t* host, conv
static hostlist_dissector_info_t ieee802154_host_dissector_info = {&ieee802154_host_get_filter_type };
static tap_packet_status ieee802154_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
static tap_packet_status ieee802154_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*)pit;
hash->flags = flags;
/* Take two "add" passes per packet, adding for each direction, ensures that all
packets are counted properly (even if address is sending to itself)

View File

@ -505,9 +505,10 @@ static const char* ip_conv_get_filter_type(conv_item_t* conv, conv_filter_type_e
static ct_dissector_info_t ip_ct_dissector_info = {&ip_conv_get_filter_type};
static tap_packet_status
ip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
ip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const ws_ip4 *iph=(const ws_ip4 *)vip;
add_conversation_table_data(hash, &iph->ip_src, &iph->ip_dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &ip_ct_dissector_info, ENDPOINT_NONE);
@ -526,9 +527,10 @@ static const char* ip_host_get_filter_type(hostlist_talker_t* host, conv_filter_
static hostlist_dissector_info_t ip_host_dissector_info = {&ip_host_get_filter_type};
static tap_packet_status
ip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
ip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const ws_ip4 *iph=(const ws_ip4 *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -522,9 +522,11 @@ static const char* ipv6_conv_get_filter_type(conv_item_t* conv, conv_filter_type
static ct_dissector_info_t ipv6_ct_dissector_info = {&ipv6_conv_get_filter_type};
static tap_packet_status
ipv6_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
ipv6_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const ipv6_tap_info_t *ip6 = (const ipv6_tap_info_t *)vip;
add_conversation_table_data(hash, &ip6->ip6_src, &ip6->ip6_dst, 0, 0, 1,
@ -545,9 +547,11 @@ static const char* ipv6_host_get_filter_type(hostlist_talker_t* host, conv_filte
static hostlist_dissector_info_t ipv6_host_dissector_info = {&ipv6_host_get_filter_type};
static tap_packet_status
ipv6_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
ipv6_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const ipv6_tap_info_t *ip6 = (const ipv6_tap_info_t *)vip;
add_hostlist_table_data(hash, &ip6->ip6_src, 0, TRUE, 1,

View File

@ -149,9 +149,11 @@ static const char* ipx_conv_get_filter_type(conv_item_t* conv, conv_filter_type_
static ct_dissector_info_t ipx_ct_dissector_info = {&ipx_conv_get_filter_type};
static tap_packet_status
ipx_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
ipx_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const ipxhdr_t *ipxh=(const ipxhdr_t *)vip;
add_conversation_table_data(hash, &ipxh->ipx_src, &ipxh->ipx_dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &ipx_ct_dissector_info, ENDPOINT_NONE);
@ -170,9 +172,11 @@ static const char* ipx_host_get_filter_type(hostlist_talker_t* host, conv_filter
static hostlist_dissector_info_t ipx_host_dissector_info = {&ipx_host_get_filter_type};
static tap_packet_status
ipx_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
ipx_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const ipxhdr_t *ipxh=(const ipxhdr_t *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -184,9 +184,11 @@ static const char* jxta_conv_get_filter_type(conv_item_t* conv, conv_filter_type
static ct_dissector_info_t jxta_ct_dissector_info = {&jxta_conv_get_filter_type};
static tap_packet_status
jxta_conversation_packet(void *pct, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
jxta_conversation_packet(void *pct, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const jxta_tap_header *jxtahdr = (const jxta_tap_header *) vip;
add_conversation_table_data(hash, &jxtahdr->src_address, &jxtahdr->dest_address,
@ -206,9 +208,11 @@ static const char* jxta_host_get_filter_type(hostlist_talker_t* host, conv_filte
static hostlist_dissector_info_t jxta_host_dissector_info = {&jxta_host_get_filter_type};
static tap_packet_status
jxta_hostlist_packet(void *pit, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
jxta_hostlist_packet(void *pit, packet_info *pinfo _U_, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const jxta_tap_header *jxtahdr = (const jxta_tap_header *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -756,9 +756,11 @@ static const char* ncp_conv_get_filter_type(conv_item_t* conv _U_, conv_filter_t
static ct_dissector_info_t ncp_ct_dissector_info = {&ncp_conv_get_filter_type};
static tap_packet_status
ncp_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
ncp_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const struct ncp_common_header *ncph=(const struct ncp_common_header *)vip;
guint32 connection;
@ -778,9 +780,11 @@ static const char* ncp_host_get_filter_type(hostlist_talker_t* host _U_, conv_fi
static hostlist_dissector_info_t ncp_host_dissector_info = {&ncp_host_get_filter_type};
static tap_packet_status
ncp_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
ncp_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
/*const ncp_common_header *ncphdr=vip;*/
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -2112,9 +2112,11 @@ static const char* rsvp_conv_get_filter_type(conv_item_t* conv, conv_filter_type
static ct_dissector_info_t rsvp_ct_dissector_info = {&rsvp_conv_get_filter_type};
static tap_packet_status
rsvp_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
rsvp_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const rsvp_conversation_info *rsvph = (const rsvp_conversation_info *)vip;
add_conversation_table_data(hash, &rsvph->source, &rsvph->destination,
@ -2134,9 +2136,11 @@ static const char* rsvp_host_get_filter_type(hostlist_talker_t* host, conv_filte
static hostlist_dissector_info_t rsvp_host_dissector_info = {&rsvp_host_get_filter_type};
static tap_packet_status
rsvp_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
rsvp_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const rsvp_conversation_info *rsvph = (const rsvp_conversation_info *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures

View File

@ -780,9 +780,11 @@ static const char* sctp_conv_get_filter_type(conv_item_t* conv, conv_filter_type
static ct_dissector_info_t sctp_ct_dissector_info = {&sctp_conv_get_filter_type};
static tap_packet_status
sctp_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
sctp_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const struct _sctp_info *sctphdr=(const struct _sctp_info *)vip;
add_conversation_table_data(hash, &sctphdr->ip_src, &sctphdr->ip_dst,
@ -834,9 +836,11 @@ static const char* sctp_host_get_filter_type(hostlist_talker_t* host, conv_filte
static hostlist_dissector_info_t sctp_host_dissector_info = {&sctp_host_get_filter_type};
static tap_packet_status
sctp_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
sctp_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const struct _sctp_info *sctphdr=(const struct _sctp_info *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -137,9 +137,11 @@ static ct_dissector_info_t sll_ct_dissector_info = {&sll_conv_get_filter_type};
static address no_dst = {AT_NONE, 0, NULL, NULL};
static tap_packet_status
sll_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
sll_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const sll_tap_data *tap_data = (const sll_tap_data*)vip;
add_conversation_table_data(hash, &tap_data->src_address, &no_dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &sll_ct_dissector_info, ENDPOINT_NONE);
@ -167,9 +169,11 @@ static const char* sll_host_get_filter_type(hostlist_talker_t* host, conv_filter
static hostlist_dissector_info_t sll_host_dissector_info = {&sll_host_get_filter_type};
static tap_packet_status
sll_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
sll_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const sll_tap_data *tap_data = (const sll_tap_data*)vip;
add_hostlist_table_data(hash, &tap_data->src_address, 0, TRUE, 1, pinfo->fd->pkt_len, &sll_host_dissector_info, ENDPOINT_NONE);

View File

@ -843,9 +843,11 @@ static const char* tcp_conv_get_filter_type(conv_item_t* conv, conv_filter_type_
static ct_dissector_info_t tcp_ct_dissector_info = {&tcp_conv_get_filter_type};
static tap_packet_status
tcpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
tcpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const struct tcpheader *tcphdr=(const struct tcpheader *)vip;
add_conversation_table_data_with_conv_id(hash, &tcphdr->ip_src, &tcphdr->ip_dst, tcphdr->th_sport, tcphdr->th_dport, (conv_id_t) tcphdr->th_stream, 1, pinfo->fd->pkt_len,
@ -855,9 +857,11 @@ tcpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_
}
static tap_packet_status
mptcpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
mptcpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const struct tcp_analysis *tcpd=(const struct tcp_analysis *)vip;
const mptcp_meta_flow_t *meta=(const mptcp_meta_flow_t *)tcpd->fwd->mptcp_subflow->meta;
@ -910,9 +914,11 @@ static const char* tcp_host_get_filter_type(hostlist_talker_t* host, conv_filter
static hostlist_dissector_info_t tcp_host_dissector_info = {&tcp_host_get_filter_type};
static tap_packet_status
tcpip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
tcpip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const struct tcpheader *tcphdr=(const struct tcpheader *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -137,9 +137,11 @@ static const char* tr_conv_get_filter_type(conv_item_t* conv, conv_filter_type_e
static ct_dissector_info_t tr_ct_dissector_info = {&tr_conv_get_filter_type};
static tap_packet_status
tr_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
tr_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const tr_hdr *trhdr=(const tr_hdr *)vip;
add_conversation_table_data(hash, &trhdr->src, &trhdr->dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &tr_ct_dissector_info, ENDPOINT_NONE);
@ -158,9 +160,11 @@ static const char* tr_host_get_filter_type(hostlist_talker_t* host, conv_filter_
static hostlist_dissector_info_t tr_host_dissector_info = {&tr_host_get_filter_type};
static tap_packet_status
tr_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
tr_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const tr_hdr *trhdr=(const tr_hdr *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -271,9 +271,11 @@ static const char* udp_conv_get_filter_type(conv_item_t* conv, conv_filter_type_
static ct_dissector_info_t udp_ct_dissector_info = {&udp_conv_get_filter_type};
static tap_packet_status
udpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
udpip_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
const e_udphdr *udphdr=(const e_udphdr *)vip;
add_conversation_table_data_with_conv_id(hash,
@ -328,9 +330,11 @@ static const char* udp_host_get_filter_type(hostlist_talker_t* host, conv_filter
static hostlist_dissector_info_t udp_host_dissector_info = {&udp_host_get_filter_type};
static tap_packet_status
udpip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags _U_)
udpip_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
const e_udphdr *udphdr=(const e_udphdr *)vip;
/* Take two "add" passes per packet, adding for each direction, ensures that all

View File

@ -1875,9 +1875,11 @@ static const char* usb_conv_get_filter_type(conv_item_t* conv, conv_filter_type_
static ct_dissector_info_t usb_ct_dissector_info = {&usb_conv_get_filter_type};
static tap_packet_status
usb_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
usb_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pct;
hash->flags = flags;
add_conversation_table_data(hash, &pinfo->src, &pinfo->dst, 0, 0, 1, pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts, &usb_ct_dissector_info, ENDPOINT_NONE);
return TAP_PACKET_REDRAW;
@ -1900,9 +1902,10 @@ usb_col_filter_str(const address* addr _U_, gboolean is_src)
static hostlist_dissector_info_t usb_host_dissector_info = {&usb_host_get_filter_type};
static tap_packet_status
usb_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
usb_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*) pit;
hash->flags = flags;
/* Take two "add" passes per packet, adding for each direction, ensures that all
packets are counted properly (even if address is sending to itself)

View File

@ -1813,9 +1813,10 @@ static const char* zbee_nwk_conv_get_filter_type(conv_item_t* conv, conv_filter_
static ct_dissector_info_t zbee_nwk_ct_dissector_info = {&zbee_nwk_conv_get_filter_type };
static tap_packet_status zbee_nwk_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
static tap_packet_status zbee_nwk_conversation_packet(void *pct, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*)pct;
hash->flags = flags;
add_conversation_table_data(hash, &pinfo->net_src, &pinfo->net_dst, 0, 0, 1,
pinfo->fd->pkt_len, &pinfo->rel_ts, &pinfo->abs_ts,
@ -1834,9 +1835,10 @@ static const char* zbee_nwk_host_get_filter_type(hostlist_talker_t* host, conv_f
static hostlist_dissector_info_t zbee_nwk_host_dissector_info = {&zbee_nwk_host_get_filter_type };
static tap_packet_status zbee_nwk_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags _U_)
static tap_packet_status zbee_nwk_hostlist_packet(void *pit, packet_info *pinfo, epan_dissect_t *edt _U_, const void *vip _U_, tap_flags_t flags)
{
conv_hash_t *hash = (conv_hash_t*)pit;
hash->flags = flags;
/* Take two "add" passes per packet, adding for each direction, ensures that all
packets are counted properly (even if address is sending to itself)

View File

@ -348,18 +348,22 @@ tap_push_tapped_queue(epan_dissect_t *edt)
/* If we have a filter, see if the
* packet passes.
*/
guint flags = tl->flags;
if(tl->code){
if (!dfilter_apply_edt(tl->code, edt)){
/* The packet didn't
* pass the filter. */
continue;
if (tl->flags & TL_IGNORE_DISPLAY_FILTER)
flags |= TL_DISPLAY_FILTER_IGNORED;
else
continue;
}
}
/* So call the per-packet routine. */
tap_packet_status status;
status = tl->packet(tl->tapdata, tp->pinfo, edt, tp->tap_specific_data, tl->flags);
status = tl->packet(tl->tapdata, tp->pinfo, edt, tp->tap_specific_data, flags);
switch (status) {

View File

@ -38,13 +38,18 @@ typedef void (*tap_finish_cb)(void *tapdata);
/**
* Flags to indicate what a tap listener's packet routine requires.
*/
#define TL_REQUIRES_NOTHING 0x00000000 /**< nothing */
#define TL_REQUIRES_PROTO_TREE 0x00000001 /**< full protocol tree */
#define TL_REQUIRES_COLUMNS 0x00000002 /**< columns */
#define TL_REQUIRES_ERROR_PACKETS 0x00000004 /**< include packet even if pinfo->flags.in_error_pkt is set */
#define TL_REQUIRES_NOTHING 0x00000000 /**< nothing */
#define TL_REQUIRES_PROTO_TREE 0x00000001 /**< full protocol tree */
#define TL_REQUIRES_COLUMNS 0x00000002 /**< columns */
#define TL_REQUIRES_ERROR_PACKETS 0x00000004 /**< include packet even if pinfo->flags.in_error_pkt is set */
/** Flags to indicate what the tap listener does */
#define TL_IS_DISSECTOR_HELPER 0x00000008 /**< tap helps a dissector do work
** but does not, itself, require dissection */
#define TL_IS_DISSECTOR_HELPER 0x00000008 /**< tap helps a dissector do work
** but does not, itself, require dissection */
/** Flags to indicate what the packet cb should do */
#define TL_IGNORE_DISPLAY_FILTER 0x00000010 /**< use packet, even if it woul dbe filtered out */
#define TL_DISPLAY_FILTER_IGNORED 0x00100000 /**< flag for the conversation handler */
typedef struct {
void (*register_tap_listener)(void); /* routine to call to register tap listener */