1999-07-07 22:52:57 +00:00
|
|
|
/* proto.h
|
|
|
|
* Definitions for protocol display
|
|
|
|
*
|
1999-09-12 14:34:36 +00:00
|
|
|
* $Id: proto.h,v 1.11 1999/09/12 14:34:20 deniel Exp $
|
1999-07-07 22:52:57 +00:00
|
|
|
*
|
|
|
|
* Ethereal - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@zing.org>
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
#ifndef __PROTO_H__
|
|
|
|
#define __PROTO_H__
|
|
|
|
|
|
|
|
#ifdef HAVE_SYS_TIME_H
|
1999-09-12 14:34:36 +00:00
|
|
|
# ifndef _SYS_TIME_H
|
|
|
|
# include <sys/time.h>
|
|
|
|
# endif
|
1999-07-07 22:52:57 +00:00
|
|
|
#endif
|
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_WINSOCK_H
|
1999-09-12 14:34:36 +00:00
|
|
|
# include <winsock.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
#endif
|
|
|
|
|
1999-07-07 22:52:57 +00:00
|
|
|
/* needs glib.h */
|
|
|
|
typedef struct GNode proto_tree;
|
|
|
|
typedef struct GNode proto_item;
|
|
|
|
struct value_string;
|
|
|
|
|
|
|
|
#define ITEM_LABEL_LENGTH 240
|
|
|
|
|
|
|
|
/* In order to make a const value_string[] look like a value_string*, I
|
|
|
|
* need this macro */
|
|
|
|
#define VALS(x) (struct value_string*)(x)
|
|
|
|
|
|
|
|
|
|
|
|
/* field types */
|
|
|
|
enum ftenum {
|
|
|
|
FT_NONE, /* used for protocol labels (thus no field type) */
|
|
|
|
FT_BOOLEAN, /* TRUE and FALSE come from <glib.h> */
|
|
|
|
FT_UINT8,
|
|
|
|
FT_UINT16,
|
|
|
|
FT_UINT32,
|
1999-09-12 06:11:51 +00:00
|
|
|
FT_DOUBLE,
|
1999-07-07 22:52:57 +00:00
|
|
|
FT_ABSOLUTE_TIME,
|
|
|
|
FT_RELATIVE_TIME,
|
|
|
|
FT_STRING,
|
|
|
|
FT_ETHER,
|
|
|
|
FT_BYTES,
|
|
|
|
FT_IPv4,
|
|
|
|
FT_IPv6,
|
Changed the display filter scanner from GLIB's GScanner to lex. The code
as it standed depends on your lex being flex, but that only matters if you're
a developer. The distribution will include the dfilter-scanner.c file, so
that if the user doesn't modify dfilter-scanner.l, he won't need flex to
re-create the *.c file.
The new lex scanner gives me better syntax checking for ether addresses. I
thought I could get by using GScanner, but it simply wasn't powerful enough.
All operands have English-like abbreviations and C-like syntax:
and, && ; or, || ; eq, == ; ne, != ; , etc.
I removed the ETHER_VENDOR type in favor of letting the user use the [x:y]
notation: ether.src[0:3] == 0:6:29 instead of ether.srcvendor == 00:06:29
I implemented the IPXNET field type; it had been there before, but was
not implemented. I chose to make it use integer values rather than byte
ranges, since an IPX Network is 4 bytes. So a display filter looks like this:
ipx.srcnet == 0xc0a82c00
rather than this:
ipx.srcnet == c0:a8:2c:00
I can supposrt the byte-range type IPXNET in the future, very trivially.
I still have more work to do on the parser though. It needs to check ranges
when extracting byte ranges ([x:y]) from packets. And I need to get rid
of those reduce/reduce errors from yacc!
svn path=/trunk/; revision=414
1999-08-01 04:28:20 +00:00
|
|
|
FT_IPXNET,
|
1999-07-07 22:52:57 +00:00
|
|
|
FT_VALS_UINT8,
|
|
|
|
FT_VALS_UINT16,
|
|
|
|
FT_VALS_UINT24,
|
|
|
|
FT_VALS_UINT32,
|
|
|
|
FT_TEXT_ONLY, /* non-filterable, used when converting ethereal
|
|
|
|
from old-style proto_tree to new-style proto_tree */
|
|
|
|
NUM_FIELD_TYPES /* last item number plus one */
|
|
|
|
};
|
|
|
|
|
1999-07-15 15:33:52 +00:00
|
|
|
/* information describing a header field */
|
1999-07-07 22:52:57 +00:00
|
|
|
typedef struct header_field_info {
|
|
|
|
char *name;
|
|
|
|
char *abbrev;
|
|
|
|
enum ftenum type;
|
|
|
|
struct value_string *vals;
|
|
|
|
int id; /* assigned by order of registration */
|
1999-07-15 15:33:52 +00:00
|
|
|
int parent; /* parent protocol */
|
1999-07-07 22:52:57 +00:00
|
|
|
} header_field_info;
|
|
|
|
|
|
|
|
/* Used when registering many fields at once */
|
|
|
|
typedef struct hf_register_info {
|
|
|
|
int *p_id; /* pointer to int; written to by register() function */
|
1999-07-15 15:33:52 +00:00
|
|
|
header_field_info hfinfo;
|
1999-07-07 22:52:57 +00:00
|
|
|
} hf_register_info;
|
|
|
|
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef WIN32
|
1999-07-15 15:33:52 +00:00
|
|
|
/* 'boolean' is a reserved word on win32 */
|
1999-07-13 02:53:26 +00:00
|
|
|
#define boolean truth_value
|
|
|
|
#endif
|
1999-07-07 22:52:57 +00:00
|
|
|
|
|
|
|
/* Info stored in each proto_item GNode */
|
|
|
|
typedef struct field_info {
|
|
|
|
struct header_field_info *hfinfo;
|
|
|
|
gint start;
|
|
|
|
gint length;
|
|
|
|
gint tree_type; /* ETT_* */
|
|
|
|
char *representation; /* for GUI tree */
|
|
|
|
int visible;
|
|
|
|
union {
|
|
|
|
gboolean boolean;
|
|
|
|
guint32 numeric;
|
1999-09-12 06:11:51 +00:00
|
|
|
struct timeval time; /* the whole struct, not a pointer */
|
|
|
|
gdouble floating;
|
1999-07-07 22:52:57 +00:00
|
|
|
gchar *string;
|
|
|
|
guint8 ether[6];
|
|
|
|
} value;
|
|
|
|
} field_info;
|
|
|
|
|
|
|
|
|
1999-08-29 04:06:43 +00:00
|
|
|
/* used when calling proto search functions */
|
1999-07-07 22:52:57 +00:00
|
|
|
typedef struct proto_tree_search_info {
|
1999-08-29 04:06:43 +00:00
|
|
|
int target;
|
|
|
|
int parent;
|
|
|
|
const guint8 *packet_data;
|
|
|
|
GNodeTraverseFunc traverse_func;
|
|
|
|
union {
|
|
|
|
GArray *array;
|
|
|
|
GNode *node;
|
|
|
|
} result;
|
1999-07-07 22:52:57 +00:00
|
|
|
} proto_tree_search_info;
|
|
|
|
|
1999-08-26 06:20:50 +00:00
|
|
|
/* Sets up memory used by proto routines. Called at program startup */
|
1999-07-07 22:52:57 +00:00
|
|
|
void proto_init(void);
|
1999-08-26 06:20:50 +00:00
|
|
|
|
|
|
|
/* Frees memory used by proto routines. Called at program shutdown */
|
|
|
|
void proto_cleanup(void);
|
|
|
|
|
1999-07-07 22:52:57 +00:00
|
|
|
void proto_item_set_len(proto_item *ti, gint length);
|
|
|
|
proto_tree* proto_tree_create_root(void);
|
|
|
|
void proto_tree_free(proto_tree *tree);
|
|
|
|
proto_tree* proto_item_add_subtree(proto_item *ti, gint idx);
|
|
|
|
|
|
|
|
int
|
|
|
|
proto_register_field(char *name, char *abbrev, enum ftenum type, int parent,
|
|
|
|
struct value_string* vals);
|
|
|
|
|
|
|
|
int
|
|
|
|
proto_register_protocol(char *name, char *abbrev);
|
|
|
|
|
|
|
|
void
|
1999-07-15 15:33:52 +00:00
|
|
|
proto_register_field_array(int parent, hf_register_info *hf, int num_records);
|
1999-07-07 22:52:57 +00:00
|
|
|
|
|
|
|
proto_item *
|
|
|
|
proto_tree_add_item(proto_tree *tree, int hfindex, gint start,
|
|
|
|
gint length, ...);
|
|
|
|
|
|
|
|
proto_item *
|
|
|
|
proto_tree_add_item_hidden(proto_tree *tree, int hfindex, gint start,
|
|
|
|
gint length, ...);
|
|
|
|
|
|
|
|
proto_item *
|
|
|
|
proto_tree_add_item_format(proto_tree *tree, int hfindex, gint start,
|
|
|
|
gint length, ...);
|
|
|
|
|
|
|
|
proto_item *
|
|
|
|
proto_tree_add_text(proto_tree *tree, gint start, gint length, ...);
|
|
|
|
|
|
|
|
void
|
|
|
|
proto_item_fill_label(field_info *fi, gchar *label_str);
|
|
|
|
|
1999-08-26 07:01:44 +00:00
|
|
|
/* Returns number of items (protocols or header fields) registered. */
|
1999-07-07 22:52:57 +00:00
|
|
|
int proto_registrar_n(void);
|
1999-08-26 07:01:44 +00:00
|
|
|
|
|
|
|
/* Returns char* to abbrev for item # n (0-indexed) */
|
1999-07-07 22:52:57 +00:00
|
|
|
char* proto_registrar_get_abbrev(int n);
|
1999-08-26 07:01:44 +00:00
|
|
|
|
|
|
|
/* Returns enum ftenum for item # n */
|
1999-07-07 22:52:57 +00:00
|
|
|
int proto_registrar_get_ftype(int n);
|
1999-08-26 07:01:44 +00:00
|
|
|
|
|
|
|
/* Returns parent protocol for item # n.
|
|
|
|
* Returns -1 if item _is_ a protocol */
|
1999-07-07 22:52:57 +00:00
|
|
|
int proto_registrar_get_parent(int n);
|
1999-08-26 07:01:44 +00:00
|
|
|
|
|
|
|
/* Is item #n a protocol? */
|
1999-07-07 22:52:57 +00:00
|
|
|
gboolean proto_registrar_is_protocol(int n);
|
1999-08-26 07:01:44 +00:00
|
|
|
|
1999-08-29 04:06:43 +00:00
|
|
|
/* Checks for existence any protocol or field within a tree.
|
|
|
|
* TRUE = found, FALSE = not found */
|
|
|
|
gboolean proto_check_for_protocol_or_field(proto_tree* tree, int id);
|
|
|
|
|
|
|
|
/* Search for a protocol subtree, which can occur more than once, and for each successful
|
|
|
|
* find, call the calback function, passing sinfo as the second argument */
|
|
|
|
void proto_find_protocol_multi(proto_tree* tree, int target, GNodeTraverseFunc callback,
|
|
|
|
proto_tree_search_info *sinfo);
|
|
|
|
|
|
|
|
/* Just a wrapper to call sinfo->traverse_func() for all nodes in the subtree, with the GNode
|
|
|
|
* and sinfo as the two arguments to sinfo->traverse_func(). Useful when you have to process
|
|
|
|
* all nodes in a subtree. */
|
|
|
|
gboolean proto_get_field_values(proto_tree* subtree, proto_tree_search_info *sinfo);
|
1999-07-07 22:52:57 +00:00
|
|
|
|
1999-07-15 15:33:52 +00:00
|
|
|
/* Dumps a glossary of the protocol and field registrations to STDOUT */
|
|
|
|
void proto_registrar_dump(void);
|
|
|
|
|
1999-08-26 07:01:44 +00:00
|
|
|
/* Is the parsing being done for a visible proto_tree or an invisible one?
|
|
|
|
* By setting this correctly, the proto_tree creation is sped up by not
|
|
|
|
* having to call vsnprintf and copy strings around.
|
|
|
|
*/
|
|
|
|
extern gboolean proto_tree_is_visible;
|
|
|
|
|
1999-07-07 22:52:57 +00:00
|
|
|
#endif /* proto.h */
|