Add support to Wiretap for writing Network Monitor 1.x-format capture

files.

Make the return type of a number of routines that return 1 (for "true")
on success and 0 (for "false") on failure to "gboolean", and make the 1's
and 0's TRUEs and FALSEs.

svn path=/trunk/; revision=1194

wiretap/configure.in

@@ -1,4 +1,4 @@
-# $Id: configure.in,v 1.17 1999/12/03 07:04:54 guy Exp $
+# $Id: configure.in,v 1.18 1999/12/04 05:14:38 guy Exp $
 dnl
 dnl Process this file with autoconf 2.13 or later to produce a
 dnl configure script; 2.12 doesn't generate a "configure" script that
@@ -91,6 +91,9 @@ AC_CHECK_HEADERS(sys/time.h netinet/in.h)
 
 AC_CANONICAL_HOST
 
+# We must know our byte order
+AC_C_BIGENDIAN
+
 dnl zlib check
 AC_ARG_ENABLE(zlib,
 [  --enable-zlib           use zlib to read compressed data.  [default=yes]],, [dnl

wiretap/file.c

@@ -1,6 +1,6 @@
 /* file.c
  *
- * $Id: file.c,v 1.30 1999/12/04 03:36:21 guy Exp $
+ * $Id: file.c,v 1.31 1999/12/04 05:14:38 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -211,9 +211,10 @@ const static struct dump_type {
 	guint	type;
 	int	(*dump_open)(wtap_dumper *, int *);
 } dump_open_table[] = {
-	{ WTAP_FILE_PCAP,	libpcap_dump_open },
-	{ WTAP_FILE_SNOOP,	snoop_dump_open },
-	{ 0,			NULL }
+	{ WTAP_FILE_PCAP,		libpcap_dump_open },
+	{ WTAP_FILE_SNOOP,		snoop_dump_open },
+	{ WTAP_FILE_NETMON_1_x,		netmon_dump_open },
+	{ 0,				NULL }
 };
 
 static wtap_dumper* wtap_dump_open_common(FILE *fh, int filetype, int encap,
@@ -258,18 +259,18 @@ FILE* wtap_dump_file(wtap_dumper *wdh)
 	return wdh->fh;
 }
 
-int wtap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
+gboolean wtap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
     const u_char *pd, int *err)
 {
 	return (wdh->subtype_write)(wdh, phdr, pd, err);
 }
 
-int wtap_dump_close(wtap_dumper *wdh, int *err)
+gboolean wtap_dump_close(wtap_dumper *wdh, int *err)
 {
-	int ret = 1;
+	gboolean ret = TRUE;
 
 	if (!(wdh->subtype_close)(wdh, err))
-		ret = 0;
+		ret = FALSE;
 	errno = WTAP_ERR_CANT_CLOSE;
 	if (fclose(wdh->fh) == EOF) {
 		if (ret) {
@@ -279,8 +280,10 @@ int wtap_dump_close(wtap_dumper *wdh, int *err)
 			if (err != NULL)
 				*err = errno;
 		}
-		ret = 0;
+		ret = FALSE;
 	}
+	if (wdh->private.opaque != NULL)
+		g_free(wdh->private.opaque);
 	g_free(wdh);
 	return ret;
 }

wiretap/libpcap.c

@@ -1,6 +1,6 @@
 /* libpcap.c
  *
- * $Id: libpcap.c,v 1.23 1999/11/06 10:31:47 guy Exp $
+ * $Id: libpcap.c,v 1.24 1999/12/04 05:14:38 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -98,9 +98,9 @@ struct pcaprec_modified_hdr {
 
 static int libpcap_read(wtap *wth, int *err);
 static void adjust_header(wtap *wth, struct pcaprec_hdr *hdr);
-static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
+static gboolean libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
     const u_char *pd, int *err);
-static int libpcap_dump_close(wtap_dumper *wdh, int *err);
+static gboolean libpcap_dump_close(wtap_dumper *wdh, int *err);
 
 /*
  * XXX - this is a bit of a mess.  OpenBSD, and perhaps NetBSD, and
@@ -460,9 +460,9 @@ int wtap_pcap_encap_to_wtap_encap(int encap)
 	return pcap_encap[encap];
 }
 
-/* Returns 1 on success, 0 on failure; sets "*err" to an error code on
+/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on
    failure */
-int libpcap_dump_open(wtap_dumper *wdh, int *err)
+gboolean libpcap_dump_open(wtap_dumper *wdh, int *err)
 {
 	static const guint32 pcap_magic = PCAP_MAGIC;
 	struct pcap_hdr file_hdr;
@@ -488,13 +488,13 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err)
 	/* Per-packet encapsulations aren't supported. */
 	if (wdh->encap == WTAP_ENCAP_PER_PACKET) {
 		*err = WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED;
-		return 0;
+		return FALSE;
 	}
 
 	if (wdh->encap < 0 || wdh->encap >= NUM_WTAP_ENCAPS
 	    || wtap_encap[wdh->encap] == -1) {
 		*err = WTAP_ERR_UNSUPPORTED_ENCAP;
-		return 0;
+		return FALSE;
 	}
 
 	/* This is a libpcap file */
@@ -508,7 +508,7 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err)
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
 
 	/* current "libpcap" format is 2.4 */
@@ -524,15 +524,15 @@ int libpcap_dump_open(wtap_dumper *wdh, int *err)
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
 
-	return 1;
+	return TRUE;
 }
 
 /* Write a record for a packet to a dump file.
-   Returns 1 on success, 0 on failure. */
-static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
+   Returns TRUE on success, FALSE on failure. */
+static gboolean libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
     const u_char *pd, int *err)
 {
 	struct pcaprec_hdr rec_hdr;
@@ -548,7 +548,7 @@ static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
 	nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh);
 	if (nwritten != phdr->caplen) {
@@ -556,15 +556,15 @@ static int libpcap_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
-	return 1;
+	return TRUE;
 }
 
 /* Finish writing to a dump file.
-   Returns 1 on success, 0 on failure. */
-static int libpcap_dump_close(wtap_dumper *wdh, int *err)
+   Returns TRUE on success, FALSE on failure. */
+static gboolean libpcap_dump_close(wtap_dumper *wdh, int *err)
 {
 	/* Nothing to do here. */
-	return 1;
+	return TRUE;
 }

wiretap/libpcap.h

@@ -1,6 +1,6 @@
 /* libpcap.h
  *
- * $Id: libpcap.h,v 1.3 1999/08/19 05:31:37 guy Exp $
+ * $Id: libpcap.h,v 1.4 1999/12/04 05:14:39 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -22,4 +22,4 @@
  */
 
 int libpcap_open(wtap *wth, int *err);
-int libpcap_dump_open(wtap_dumper *wdh, int *err);
+gboolean libpcap_dump_open(wtap_dumper *wdh, int *err);

wiretap/netmon.c

@@ -1,6 +1,6 @@
 /* netmon.c
  *
- * $Id: netmon.c,v 1.17 1999/11/26 22:50:51 guy Exp $
+ * $Id: netmon.c,v 1.18 1999/12/04 05:14:38 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -94,6 +94,9 @@ struct netmonrec_2_x_hdr {
 };
 
 static int netmon_read(wtap *wth, int *err);
+static gboolean netmon_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
+    const u_char *pd, int *err);
+static gboolean netmon_dump_close(wtap_dumper *wdh, int *err);
 
 int netmon_open(wtap *wth, int *err)
 {
@@ -365,3 +368,236 @@ static int netmon_read(wtap *wth, int *err)
 
 	return data_offset;
 }
+
+static const int wtap_encap[] = {
+	-1,		/* WTAP_ENCAP_UNKNOWN -> unsupported */
+	1,		/* WTAP_ENCAP_ETHERNET -> NDIS Ethernet */
+	2,		/* WTAP_ENCAP_TR -> NDIS Token Ring */
+	-1,		/* WTAP_ENCAP_SLIP -> unsupported */
+	-1,		/* WTAP_ENCAP_PPP -> unsupported */
+	3,		/* WTAP_ENCAP_FDDI -> NDIS FDDI */
+	3,		/* WTAP_ENCAP_FDDI_BITSWAPPED -> NDIS FDDI */
+	-1,		/* WTAP_ENCAP_RAW_IP -> unsupported */
+	-1,		/* WTAP_ENCAP_ARCNET -> unsupported */
+	-1,		/* WTAP_ENCAP_ATM_RFC1483 -> unsupported */
+	-1,		/* WTAP_ENCAP_LINUX_ATM_CLIP -> unsupported */
+	-1,		/* WTAP_ENCAP_LAPB -> unsupported*/
+	-1,		/* WTAP_ENCAP_ATM_SNIFFER -> unsupported */
+	0		/* WTAP_ENCAP_NULL -> DLT_NULL */
+};
+#define NUM_WTAP_ENCAPS (sizeof wtap_encap / sizeof wtap_encap[0])
+
+/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on
+   failure */
+gboolean netmon_dump_open(wtap_dumper *wdh, int *err)
+{
+	/* Per-packet encapsulations aren't supported. */
+	if (wdh->encap == WTAP_ENCAP_PER_PACKET) {
+		*err = WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED;
+		return FALSE;
+	}
+
+	if (wdh->encap < 0 || wdh->encap >= NUM_WTAP_ENCAPS
+	    || wtap_encap[wdh->encap] == -1) {
+		*err = WTAP_ERR_UNSUPPORTED_ENCAP;
+		return FALSE;
+	}
+
+	/* This is a netmon file */
+	wdh->subtype_write = netmon_dump;
+	wdh->subtype_close = netmon_dump_close;
+
+	/* We can't fill in all the fields in the file header, as we
+	   haven't yet written any packets.  As we'll have to rewrite
+	   the header when we've written out all the packets, we just
+	   skip over the header for now. */
+	fseek(wdh->fh, CAPTUREFILE_HEADER_SIZE, SEEK_SET);
+
+	wdh->private.netmon = g_malloc(sizeof(netmon_dump_t));
+	wdh->private.netmon->frame_table_offset = CAPTUREFILE_HEADER_SIZE;
+	wdh->private.netmon->got_first_record_time = FALSE;
+	wdh->private.netmon->frame_table = NULL;
+	wdh->private.netmon->frame_table_index = 0;
+	wdh->private.netmon->frame_table_size = 0;
+
+	return TRUE;
+}
+
+/* Write a record for a packet to a dump file.
+   Returns TRUE on success, FALSE on failure. */
+static gboolean netmon_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
+    const u_char *pd, int *err)
+{
+	netmon_dump_t *priv = wdh->private.netmon;
+	struct netmonrec_1_x_hdr rec_1_x_hdr;
+	struct netmonrec_2_x_hdr rec_2_x_hdr;
+	char *hdrp;
+	int hdr_size;
+	int nwritten;
+
+	/* NetMon files have a capture start time in the file header,
+	   and have times relative to that in the packet headers;
+	   pick the time of the first packet as the capture start
+	   time. */
+	if (!priv->got_first_record_time) {
+		priv->first_record_time = phdr->ts;
+		priv->got_first_record_time = TRUE;
+	}
+	
+	switch (wdh->file_type) {
+
+	case WTAP_FILE_NETMON_1_x:
+		rec_1_x_hdr.ts_delta = htolel(
+		    (phdr->ts.tv_sec - priv->first_record_time.tv_sec)*1000
+		  + (phdr->ts.tv_usec - priv->first_record_time.tv_usec + 500)/1000);
+		rec_1_x_hdr.orig_len = htoles(phdr->len);
+		rec_1_x_hdr.incl_len = htoles(phdr->caplen);
+		hdrp = (char *)&rec_1_x_hdr;
+		hdr_size = sizeof rec_1_x_hdr;
+		break;
+
+	case WTAP_FILE_NETMON_2_x:
+		/* XXX - fill in 64-bit time diff in microseconds */
+		rec_2_x_hdr.orig_len = htolel(phdr->len);
+		rec_2_x_hdr.incl_len = htolel(phdr->caplen);
+		hdrp = (char *)&rec_2_x_hdr;
+		hdr_size = sizeof rec_2_x_hdr;
+		break;
+
+	default:
+		/* We should never get here - our open routine
+		   should only get called for the types above. */
+		*err = WTAP_ERR_UNSUPPORTED_FILE_TYPE;
+		return FALSE;
+	}
+
+	nwritten = fwrite(hdrp, 1, hdr_size, wdh->fh);
+	if (nwritten != hdr_size) {
+		if (nwritten < 0)
+			*err = errno;
+		else
+			*err = WTAP_ERR_SHORT_WRITE;
+		return FALSE;
+	}
+	nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh);
+	if (nwritten != phdr->caplen) {
+		if (nwritten < 0)
+			*err = errno;
+		else
+			*err = WTAP_ERR_SHORT_WRITE;
+		return FALSE;
+	}
+
+	/*
+	 * Stash the file offset of this frame.
+	 */
+	if (priv->frame_table_size == 0) {
+		/*
+		 * Haven't yet allocated the buffer for the frame table.
+		 */
+		priv->frame_table = g_malloc(1024 * sizeof *priv->frame_table);
+		priv->frame_table_size = 1024;
+	} else {
+		/*
+		 * We've allocated it; are we at the end?
+		 */
+		if (priv->frame_table_index >= priv->frame_table_size) {
+			/*
+			 * Yes - double the size of the frame table.
+			 */
+			priv->frame_table_size *= 2;
+			priv->frame_table = g_realloc(priv->frame_table,
+			    priv->frame_table_size * sizeof *priv->frame_table);
+		}
+	}
+	priv->frame_table[priv->frame_table_index] =
+	    htolel(priv->frame_table_offset);
+	priv->frame_table_index++;
+	priv->frame_table_offset += hdr_size + phdr->caplen;
+
+	return TRUE;
+}
+
+/* Finish writing to a dump file.
+   Returns TRUE on success, FALSE on failure. */
+static gboolean netmon_dump_close(wtap_dumper *wdh, int *err)
+{
+	netmon_dump_t *priv = wdh->private.netmon;
+	int n_to_write;
+	int nwritten;
+	struct netmon_hdr file_hdr;
+	const char *magicp;
+	int magic_size;
+	struct tm *tm;
+
+	/* Write out the frame table.  "priv->frame_table_index" is
+	   the number of entries we've put into it. */
+	n_to_write = priv->frame_table_index * sizeof *priv->frame_table;
+	nwritten = fwrite(priv->frame_table, 1, n_to_write, wdh->fh);
+	if (nwritten != n_to_write) {
+		if (nwritten < 0)
+			*err = errno;
+		else
+			*err = WTAP_ERR_SHORT_WRITE;
+		return FALSE;
+	}
+
+	/* Now go fix up the file header. */
+	fseek(wdh->fh, 0, SEEK_SET);
+	memset(&file_hdr, '\0', sizeof file_hdr);
+	switch (wdh->file_type) {
+
+	case WTAP_FILE_NETMON_1_x:
+		magicp = netmon_1_x_magic;
+		magic_size = sizeof netmon_1_x_magic;
+		/* current NetMon version, for 1.x, is 1.1 */
+		file_hdr.ver_minor = 1;
+		file_hdr.ver_major = 1;
+		break;
+
+	case WTAP_FILE_NETMON_2_x:
+		magicp = netmon_2_x_magic;
+		magic_size = sizeof netmon_2_x_magic;
+		/* XXX - fill in V2 stuff. */
+		break;
+
+	default:
+		/* We should never get here - our open routine
+		   should only get called for the types above. */
+		*err = WTAP_ERR_UNSUPPORTED_FILE_TYPE;
+		return FALSE;
+	}
+	nwritten = fwrite(magicp, 1, magic_size, wdh->fh);
+	if (nwritten != magic_size) {
+		if (nwritten < 0)
+			*err = errno;
+		else
+			*err = WTAP_ERR_SHORT_WRITE;
+		return FALSE;
+	}
+
+	file_hdr.network = htoles(wtap_encap[wdh->encap]);
+	tm = localtime(&priv->first_record_time.tv_sec);
+	file_hdr.ts_year = htoles(1900 + tm->tm_year);
+	file_hdr.ts_month = htoles(tm->tm_mon + 1);
+	file_hdr.ts_dow = htoles(tm->tm_wday);
+	file_hdr.ts_day = htoles(tm->tm_mday);
+	file_hdr.ts_hour = htoles(tm->tm_hour);
+	file_hdr.ts_min = htoles(tm->tm_min);
+	file_hdr.ts_sec = htoles(tm->tm_sec);
+	file_hdr.ts_msec = htoles(priv->first_record_time.tv_usec/1000);
+		/* XXX - what about rounding? */
+	file_hdr.frametableoffset = htolel(priv->frame_table_offset);
+	file_hdr.frametablelength =
+	    htolel(priv->frame_table_index * sizeof *priv->frame_table);
+	nwritten = fwrite(&file_hdr, 1, sizeof file_hdr, wdh->fh);
+	if (nwritten != sizeof file_hdr) {
+		if (nwritten < 0)
+			*err = errno;
+		else
+			*err = WTAP_ERR_SHORT_WRITE;
+		return FALSE;
+	}
+
+	return TRUE;
+}

wiretap/netmon.h

@@ -1,6 +1,6 @@
 /* netmon.h
  *
- * $Id: netmon.h,v 1.2 1999/08/19 05:31:36 guy Exp $
+ * $Id: netmon.h,v 1.3 1999/12/04 05:14:39 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -22,3 +22,4 @@
  */
 
 int netmon_open(wtap *wth, int *err);
+gboolean netmon_dump_open(wtap_dumper *wdh, int *err);

wiretap/snoop.c

@@ -1,6 +1,6 @@
 /* snoop.c
  *
- * $Id: snoop.c,v 1.18 1999/12/04 03:36:21 guy Exp $
+ * $Id: snoop.c,v 1.19 1999/12/04 05:14:39 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -56,9 +56,9 @@ struct snooprec_hdr {
 };
 
 static int snoop_read(wtap *wth, int *err);
-static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
+static gboolean snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
     const u_char *pd, int *err);
-static int snoop_dump_close(wtap_dumper *wdh, int *err);
+static gboolean snoop_dump_close(wtap_dumper *wdh, int *err);
 
 /*
  * See
@@ -350,9 +350,9 @@ static int snoop_read(wtap *wth, int *err)
 	return data_offset;
 }
 
-/* Returns 1 on success, 0 on failure; sets "*err" to an error code on
+/* Returns TRUE on success, FALSE on failure; sets "*err" to an error code on
    failure */
-int snoop_dump_open(wtap_dumper *wdh, int *err)
+gboolean snoop_dump_open(wtap_dumper *wdh, int *err)
 {
 	struct snoop_hdr file_hdr;
 	static const int wtap_encap[] = {
@@ -377,13 +377,13 @@ int snoop_dump_open(wtap_dumper *wdh, int *err)
 	/* Per-packet encapsulations aren't supported. */
 	if (wdh->encap == WTAP_ENCAP_PER_PACKET) {
 		*err = WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED;
-		return 0;
+		return FALSE;
 	}
 
 	if (wdh->encap < 0 || wdh->encap >= NUM_WTAP_ENCAPS
 	    || wtap_encap[wdh->encap] == -1) {
 		*err = WTAP_ERR_UNSUPPORTED_ENCAP;
-		return 0;
+		return FALSE;
 	}
 
 	/* This is a snoop file */
@@ -397,7 +397,7 @@ int snoop_dump_open(wtap_dumper *wdh, int *err)
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
 
 	/* current "snoop" format is 2 */
@@ -409,15 +409,15 @@ int snoop_dump_open(wtap_dumper *wdh, int *err)
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
 
-	return 1;
+	return TRUE;
 }
 
 /* Write a record for a packet to a dump file.
-   Returns 1 on success, 0 on failure. */
-static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
+   Returns TRUE on success, FALSE on failure. */
+static gboolean snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
     const u_char *pd, int *err)
 {
 	struct snooprec_hdr rec_hdr;
@@ -445,7 +445,7 @@ static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
 	nwritten = fwrite(pd, 1, phdr->caplen, wdh->fh);
 	if (nwritten != phdr->caplen) {
@@ -453,7 +453,7 @@ static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
 
 	/* Now write the padding. */
@@ -463,15 +463,15 @@ static int snoop_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
 			*err = errno;
 		else
 			*err = WTAP_ERR_SHORT_WRITE;
-		return 0;
+		return FALSE;
 	}
-	return 1;
+	return TRUE;
 }
 
 /* Finish writing to a dump file.
-   Returns 1 on success, 0 on failure. */
-static int snoop_dump_close(wtap_dumper *wdh, int *err)
+   Returns TRUE on success, FALSE on failure. */
+static gboolean snoop_dump_close(wtap_dumper *wdh, int *err)
 {
 	/* Nothing to do here. */
-	return 1;
+	return TRUE;
 }

wiretap/snoop.h

@@ -1,6 +1,6 @@
 /* snoop.h
  *
- * $Id: snoop.h,v 1.3 1999/12/04 03:36:22 guy Exp $
+ * $Id: snoop.h,v 1.4 1999/12/04 05:14:39 guy Exp $
  *
  * Wiretap Library
  * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
@@ -22,4 +22,4 @@
  */
 
 int snoop_open(wtap *wth, int *err);
-int snoop_dump_open(wtap_dumper *wdh, int *err);
+gboolean snoop_dump_open(wtap_dumper *wdh, int *err);