1998-11-12 06:01:27 +00:00
|
|
|
/* wtap.h
|
|
|
|
*
|
1999-08-18 17:08:47 +00:00
|
|
|
* $Id: wtap.h,v 1.26 1999/08/18 17:08:47 guy Exp $
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
* Wiretap Library
|
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
1998-11-12 00:06:47 +00:00
|
|
|
*
|
1998-11-12 06:01:27 +00:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*
|
1998-11-12 00:06:47 +00:00
|
|
|
*/
|
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
#ifndef __WTAP_H__
|
|
|
|
#define __WTAP_H__
|
|
|
|
|
1998-12-17 06:39:13 +00:00
|
|
|
/* Encapsulation types. Choose names that truly reflect
|
1999-07-28 23:16:42 +00:00
|
|
|
* what is contained in the packet trace file.
|
|
|
|
*
|
|
|
|
* WTAP_ENCAP_LINUX_ATM_CLIP is the encapsulation you get with the
|
|
|
|
* ATM on Linux code from <http://lrcwww.epfl.ch/linux-atm/>;
|
|
|
|
* that code adds a DLT_ATM_CLIP DLT_ code of 19, and that
|
|
|
|
* encapsulation isn't the same as the DLT_ATM_RFC1483 encapsulation
|
|
|
|
* presumably used on some BSD systems, which we turn into
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
* WTAP_ENCAP_ATM_RFC1483.
|
|
|
|
*
|
|
|
|
* WTAP_ENCAP_PER_PACKET is a value passed to "wtap_dump_open()" or
|
|
|
|
* "wtap_dump_fdopen()" to indicate that there is no single encapsulation
|
|
|
|
* type for all packets in the file; this may cause those routines to
|
1999-08-18 17:08:47 +00:00
|
|
|
* fail if the capture file format being written can't support that.
|
|
|
|
*
|
|
|
|
* WTAP_ENCAP_UNKNOWN is returned by "wtap_pcap_encap_to_wtap_encap()"
|
|
|
|
* if it's handed an unknown encapsulation. */
|
|
|
|
#define WTAP_ENCAP_UNKNOWN -2
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
#define WTAP_ENCAP_PER_PACKET -1
|
1998-11-12 00:06:47 +00:00
|
|
|
#define WTAP_ENCAP_NONE 0
|
|
|
|
#define WTAP_ENCAP_ETHERNET 1
|
|
|
|
#define WTAP_ENCAP_TR 2
|
|
|
|
#define WTAP_ENCAP_SLIP 3
|
|
|
|
#define WTAP_ENCAP_PPP 4
|
|
|
|
#define WTAP_ENCAP_FDDI 5
|
|
|
|
#define WTAP_ENCAP_RAW_IP 6
|
1998-11-13 05:57:39 +00:00
|
|
|
#define WTAP_ENCAP_ARCNET 7
|
1998-12-17 06:39:13 +00:00
|
|
|
#define WTAP_ENCAP_ATM_RFC1483 8
|
1999-07-28 23:16:42 +00:00
|
|
|
#define WTAP_ENCAP_LINUX_ATM_CLIP 9
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
#define WTAP_ENCAP_LAPB 10
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
/* last WTAP_ENCAP_ value + 1 */
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
#define WTAP_NUM_ENCAP_TYPES 11
|
1999-03-01 18:57:07 +00:00
|
|
|
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
/* File types that can be read by wiretap.
|
|
|
|
We may eventually support writing some or all of these file types,
|
|
|
|
too, so we distinguish between different versions of them. */
|
1998-11-12 00:06:47 +00:00
|
|
|
#define WTAP_FILE_UNKNOWN 0
|
|
|
|
#define WTAP_FILE_WTAP 1
|
|
|
|
#define WTAP_FILE_PCAP 2
|
|
|
|
#define WTAP_FILE_LANALYZER 3
|
|
|
|
#define WTAP_FILE_NGSNIFFER 4
|
|
|
|
#define WTAP_FILE_SNOOP 6
|
|
|
|
#define WTAP_FILE_IPTRACE 7
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
#define WTAP_FILE_NETMON_1_x 8
|
|
|
|
#define WTAP_FILE_NETMON_2_x 9
|
|
|
|
#define WTAP_FILE_NETXRAY_1_0 10
|
|
|
|
#define WTAP_FILE_NETXRAY_1_1 11
|
|
|
|
#define WTAP_FILE_NETXRAY_2_001 12
|
|
|
|
#define WTAP_FILE_RADCOM 13
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
/* Filter types that wiretap can create. An 'offline' filter is really
|
|
|
|
* a BPF filter, but it is treated specially because wiretap might not know
|
|
|
|
* in advance the datalink type(s) needed.
|
|
|
|
*/
|
|
|
|
#define WTAP_FILTER_NONE 0
|
|
|
|
#define WTAP_FILTER_OFFLINE 1
|
|
|
|
#define WTAP_FILTER_BPF 2
|
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
#include <sys/types.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
|
|
|
|
#ifdef HAVE_SYS_TIME_H
|
1998-11-12 00:06:47 +00:00
|
|
|
#include <sys/time.h>
|
1999-07-13 02:53:26 +00:00
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifdef HAVE_WINSOCK_H
|
|
|
|
#include <winsock.h>
|
|
|
|
#endif
|
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
#include <glib.h>
|
1998-11-15 05:29:17 +00:00
|
|
|
#include <stdio.h>
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1998-11-13 05:57:39 +00:00
|
|
|
typedef struct {
|
1998-11-13 06:47:37 +00:00
|
|
|
double timeunit;
|
1998-12-13 05:08:05 +00:00
|
|
|
time_t start;
|
1998-12-17 06:39:13 +00:00
|
|
|
guint16 pkt_len;
|
|
|
|
guint16 size;
|
|
|
|
guint16 true_size;
|
|
|
|
double t;
|
|
|
|
int is_atm;
|
1998-11-13 05:57:39 +00:00
|
|
|
} ngsniffer_t;
|
|
|
|
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
typedef struct {
|
|
|
|
time_t start;
|
|
|
|
} radcom_t;
|
|
|
|
|
1998-11-12 06:01:27 +00:00
|
|
|
typedef struct {
|
|
|
|
guint16 pkt_len;
|
|
|
|
guint32 totpktt;
|
1998-12-13 05:08:05 +00:00
|
|
|
time_t start;
|
1998-11-12 06:01:27 +00:00
|
|
|
} lanalyzer_t;
|
|
|
|
|
1998-11-15 05:29:17 +00:00
|
|
|
typedef struct {
|
|
|
|
int byte_swapped;
|
|
|
|
guint16 version_major;
|
|
|
|
guint16 version_minor;
|
|
|
|
} libpcap_t;
|
|
|
|
|
1999-01-17 09:33:15 +00:00
|
|
|
typedef struct {
|
|
|
|
time_t start_secs;
|
1999-05-12 21:40:07 +00:00
|
|
|
guint32 start_usecs;
|
|
|
|
guint8 version_major;
|
1999-01-17 09:33:15 +00:00
|
|
|
int end_offset;
|
|
|
|
} netmon_t;
|
|
|
|
|
1999-02-20 06:49:27 +00:00
|
|
|
typedef struct {
|
1999-03-01 22:59:47 +00:00
|
|
|
time_t start_time;
|
1999-02-20 06:49:27 +00:00
|
|
|
double timeunit;
|
1999-03-01 22:59:47 +00:00
|
|
|
double start_timestamp;
|
1999-03-01 18:57:07 +00:00
|
|
|
int wrapped;
|
|
|
|
int end_offset;
|
1999-03-22 02:46:46 +00:00
|
|
|
int version_major;
|
1999-02-20 06:49:27 +00:00
|
|
|
} netxray_t;
|
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
struct wtap_pkthdr {
|
|
|
|
struct timeval ts;
|
|
|
|
guint32 caplen;
|
|
|
|
guint32 len;
|
1999-01-02 06:10:55 +00:00
|
|
|
int pkt_encap;
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
guint8 flags; /* ENCAP_LAPB : 1st bit means From DCE */
|
1998-11-12 00:06:47 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
typedef void (*wtap_handler)(u_char*, const struct wtap_pkthdr*,
|
1998-11-15 05:29:17 +00:00
|
|
|
int, const u_char *);
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1998-11-12 06:01:27 +00:00
|
|
|
struct wtap;
|
1999-03-01 18:57:07 +00:00
|
|
|
struct bpf_instruction;
|
|
|
|
struct Buffer;
|
|
|
|
|
1998-11-12 06:01:27 +00:00
|
|
|
typedef int (*subtype_func)(struct wtap*);
|
|
|
|
typedef struct wtap {
|
1998-11-12 00:06:47 +00:00
|
|
|
FILE* fh;
|
1999-03-01 18:57:07 +00:00
|
|
|
int file_type;
|
|
|
|
int snapshot_length;
|
|
|
|
struct Buffer *frame_buffer;
|
1998-11-12 00:06:47 +00:00
|
|
|
struct wtap_pkthdr phdr;
|
|
|
|
|
1998-11-12 06:01:27 +00:00
|
|
|
union {
|
1998-11-15 05:29:17 +00:00
|
|
|
libpcap_t *pcap;
|
1998-11-12 06:01:27 +00:00
|
|
|
lanalyzer_t *lanalyzer;
|
1998-11-13 05:57:39 +00:00
|
|
|
ngsniffer_t *ngsniffer;
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
radcom_t *radcom;
|
1999-01-17 09:33:15 +00:00
|
|
|
netmon_t *netmon;
|
1999-02-20 06:49:27 +00:00
|
|
|
netxray_t *netxray;
|
1998-11-12 06:01:27 +00:00
|
|
|
} capture;
|
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
subtype_func subtype_read;
|
|
|
|
int file_encap; /* per-file, for those
|
|
|
|
file formats that have
|
|
|
|
per-file encapsulation
|
|
|
|
types */
|
1998-11-12 00:06:47 +00:00
|
|
|
} wtap;
|
|
|
|
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
struct wtap_dumper;
|
|
|
|
|
|
|
|
typedef int (*subtype_write_func)(struct wtap_dumper*,
|
1999-08-18 04:41:20 +00:00
|
|
|
const struct wtap_pkthdr*, const u_char*, int*);
|
|
|
|
typedef int (*subtype_close_func)(struct wtap_dumper*, int*);
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
typedef struct wtap_dumper {
|
|
|
|
FILE* fh;
|
|
|
|
int file_type;
|
|
|
|
int snaplen;
|
|
|
|
int encap;
|
|
|
|
|
|
|
|
subtype_write_func subtype_write;
|
|
|
|
subtype_close_func subtype_close;
|
|
|
|
} wtap_dumper;
|
|
|
|
|
1999-08-15 06:59:13 +00:00
|
|
|
/*
|
|
|
|
* On failure, "wtap_open_offline()" returns NULL, and puts into the
|
|
|
|
* "int" pointed to by its second argument:
|
|
|
|
*
|
|
|
|
* a positive "errno" value if the capture file can't be opened;
|
|
|
|
*
|
|
|
|
* a negative number, indicating the type of error, on other failures.
|
|
|
|
*/
|
|
|
|
wtap* wtap_open_offline(const char *filename, int *err);
|
1998-11-12 00:06:47 +00:00
|
|
|
void wtap_loop(wtap *wth, int, wtap_handler, u_char*);
|
|
|
|
|
|
|
|
FILE* wtap_file(wtap *wth);
|
|
|
|
int wtap_snapshot_length(wtap *wth); /* per file */
|
|
|
|
int wtap_file_type(wtap *wth);
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
const char *wtap_file_type_string(wtap *wth);
|
1998-11-12 00:06:47 +00:00
|
|
|
void wtap_close(wtap *wth);
|
|
|
|
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
wtap_dumper* wtap_dump_open(const char *filename, int filetype, int encap,
|
|
|
|
int snaplen, int *err);
|
|
|
|
wtap_dumper* wtap_dump_fdopen(int fd, int filetype, int encap, int snaplen,
|
|
|
|
int *err);
|
1999-08-18 04:41:20 +00:00
|
|
|
int wtap_dump(wtap_dumper *, const struct wtap_pkthdr *, const u_char *,
|
|
|
|
int *err);
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
FILE* wtap_dump_file(wtap_dumper *);
|
1999-08-18 04:41:20 +00:00
|
|
|
int wtap_dump_close(wtap_dumper *, int *);
|
Add to Wiretap the ability to write capture files; for now, it can only
write them in "libpcap" format, but the mechanism can have other formats
added.
When creating the temporary file for a capture, use "create_tempfile()",
to close a security hole opened by the fact that "tempnam()" creates a
temporary file, but doesn't open it, and we open the file with the name
it gives us - somebody could remove the file and plant a link to some
file, and, if as may well be the case when Ethereal is capturing
packets, it's running as "root", that means we write a capture on top of
that file.... (The aforementioned changes to Wiretap let you open a
capture file for writing given an file descriptor, "fdopen()"-style,
which this change requires.)
svn path=/trunk/; revision=509
1999-08-18 04:17:38 +00:00
|
|
|
|
|
|
|
/* XXX - needed until "wiretap" can do live packet captures */
|
|
|
|
int wtap_pcap_encap_to_wtap_encap(int encap);
|
|
|
|
|
1999-08-18 04:41:20 +00:00
|
|
|
/*
|
|
|
|
* Wiretap error codes.
|
|
|
|
*/
|
|
|
|
#define WTAP_ERR_NOT_REGULAR_FILE -1
|
|
|
|
/* The file being opened for reading isn't a plain file */
|
|
|
|
#define WTAP_ERR_FILE_UNKNOWN_FORMAT -2
|
|
|
|
/* The file being opened is not a capture file in a known format */
|
|
|
|
#define WTAP_ERR_CANT_OPEN -3
|
|
|
|
/* The file couldn't be opened, reason unknown */
|
|
|
|
#define WTAP_ERR_UNSUPPORTED_FILE_TYPE -4
|
|
|
|
/* Wiretap can't save files in the specified format */
|
|
|
|
#define WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED -5
|
|
|
|
/* The specified format doesn't support per-packet encapsulations */
|
|
|
|
#define WTAP_ERR_CANT_CLOSE -6
|
|
|
|
/* The file couldn't be closed, reason unknown */
|
|
|
|
#define WTAP_ERR_SHORT_WRITE -7
|
|
|
|
/* An attempt to write wrote less data than it should have */
|
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
/* Pointer versions of ntohs and ntohl. Given a pointer to a member of a
|
|
|
|
* byte array, returns the value of the two or four bytes at the pointer.
|
|
|
|
* The pletoh[sl] versions return the little-endian representation.
|
|
|
|
*/
|
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
#ifndef pntohs
|
1998-11-12 00:06:47 +00:00
|
|
|
#define pntohs(p) ((guint16) \
|
|
|
|
((guint16)*((guint8 *)p+0)<<8| \
|
|
|
|
(guint16)*((guint8 *)p+1)<<0))
|
1999-03-01 18:57:07 +00:00
|
|
|
#endif
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
#ifndef pntohl
|
1998-11-12 00:06:47 +00:00
|
|
|
#define pntohl(p) ((guint32)*((guint8 *)p+0)<<24| \
|
|
|
|
(guint32)*((guint8 *)p+1)<<16| \
|
|
|
|
(guint32)*((guint8 *)p+2)<<8| \
|
|
|
|
(guint32)*((guint8 *)p+3)<<0)
|
1999-03-01 18:57:07 +00:00
|
|
|
#endif
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-03-28 18:32:03 +00:00
|
|
|
#ifndef phtons
|
|
|
|
#define phtons(p) ((guint16) \
|
|
|
|
((guint16)*((guint8 *)p+0)<<8| \
|
|
|
|
(guint16)*((guint8 *)p+1)<<0))
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifndef phtonl
|
|
|
|
#define phtonl(p) ((guint32)*((guint8 *)p+0)<<24| \
|
|
|
|
(guint32)*((guint8 *)p+1)<<16| \
|
|
|
|
(guint32)*((guint8 *)p+2)<<8| \
|
|
|
|
(guint32)*((guint8 *)p+3)<<0)
|
|
|
|
#endif
|
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
#ifndef pletohs
|
1998-11-12 00:06:47 +00:00
|
|
|
#define pletohs(p) ((guint16) \
|
|
|
|
((guint16)*((guint8 *)p+1)<<8| \
|
|
|
|
(guint16)*((guint8 *)p+0)<<0))
|
1999-03-01 18:57:07 +00:00
|
|
|
#endif
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
#ifndef plethol
|
1998-11-12 00:06:47 +00:00
|
|
|
#define pletohl(p) ((guint32)*((guint8 *)p+3)<<24| \
|
|
|
|
(guint32)*((guint8 *)p+2)<<16| \
|
|
|
|
(guint32)*((guint8 *)p+1)<<8| \
|
|
|
|
(guint32)*((guint8 *)p+0)<<0)
|
1999-03-01 18:57:07 +00:00
|
|
|
#endif
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
#endif /* __WTAP_H__ */
|