1998-09-16 02:39:15 +00:00
|
|
|
/* resolv.h
|
|
|
|
* Definitions for network object lookup
|
|
|
|
*
|
2000-10-19 22:59:24 +00:00
|
|
|
* $Id: resolv.h,v 1.3 2000/10/19 22:59:24 guy Exp $
|
1998-09-16 03:22:19 +00:00
|
|
|
*
|
1998-09-16 02:39:15 +00:00
|
|
|
* Laurent Deniel <deniel@worldnet.fr>
|
|
|
|
*
|
|
|
|
* Ethereal - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@zing.org>
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __RESOLV_H__
|
|
|
|
#define __RESOLV_H__
|
|
|
|
|
1999-11-20 05:35:15 +00:00
|
|
|
#ifndef MAXNAMELEN
|
|
|
|
#define MAXNAMELEN 64 /* max name length (hostname and port name) */
|
|
|
|
#endif
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/* global variables */
|
|
|
|
|
2000-10-19 22:59:24 +00:00
|
|
|
extern int g_resolving_actif;
|
1998-09-25 23:24:07 +00:00
|
|
|
extern gchar *g_ethers_path;
|
1999-11-21 16:32:23 +00:00
|
|
|
extern gchar *g_ipxnets_path;
|
1998-09-25 23:24:07 +00:00
|
|
|
extern gchar *g_manuf_path;
|
|
|
|
extern gchar *g_pethers_path;
|
1999-11-21 16:32:23 +00:00
|
|
|
extern gchar *g_pipxnets_path;
|
1998-09-16 02:39:15 +00:00
|
|
|
|
|
|
|
/* Functions in resolv.c */
|
|
|
|
|
2000-08-19 08:26:04 +00:00
|
|
|
/* get_tcp_port returns the UDP port name or "%u" if not found */
|
1998-09-16 02:39:15 +00:00
|
|
|
extern u_char *get_udp_port(u_int port);
|
1998-09-25 23:24:07 +00:00
|
|
|
|
2000-08-19 08:26:04 +00:00
|
|
|
/* get_tcp_port returns the TCP port name or "%u" if not found */
|
1998-09-16 02:39:15 +00:00
|
|
|
extern u_char *get_tcp_port(u_int port);
|
1998-09-25 23:24:07 +00:00
|
|
|
|
2000-08-19 08:26:04 +00:00
|
|
|
/* get_sctp_port returns the SCTP port name or "%u" if not found */
|
|
|
|
extern u_char *get_sctp_port(u_int port);
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/* get_hostname returns the host name or "%d.%d.%d.%d" if not found */
|
1998-09-16 02:39:15 +00:00
|
|
|
extern u_char *get_hostname(u_int addr);
|
|
|
|
|
1999-03-28 18:32:03 +00:00
|
|
|
/* get_hostname returns the host name, or numeric addr if not found */
|
|
|
|
struct e_in6_addr;
|
|
|
|
gchar* get_hostname6(struct e_in6_addr *ad);
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/* get_ether_name returns the logical name if found in ethers files else
|
|
|
|
"<vendor>_%02x:%02x:%02x" if the vendor code is known else
|
|
|
|
"%02x:%02x:%02x:%02x:%02x:%02x" */
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
extern u_char *get_ether_name(const u_char *addr);
|
1998-09-25 23:24:07 +00:00
|
|
|
|
1999-11-20 05:35:15 +00:00
|
|
|
/* get_ether_name returns the logical name if found in ethers files else NULL */
|
|
|
|
extern u_char *get_ether_name_if_known(const u_char *addr);
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/* get_manuf_name returns the vendor name or "%02x:%02x:%02x" if not known */
|
|
|
|
extern u_char *get_manuf_name(u_char *addr);
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
/* get_ipxnet_name returns the logical name if found in an ipxnets file,
|
|
|
|
* or a string formatted with "%X" if not */
|
|
|
|
extern u_char *get_ipxnet_name(const guint32 addr);
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/* returns the ethernet address corresponding to name or NULL if not known */
|
|
|
|
extern u_char *get_ether_addr(u_char *name);
|
|
|
|
|
1999-11-21 16:32:23 +00:00
|
|
|
/* returns the ipx network corresponding to name. If name is unknown,
|
|
|
|
* 0 is returned and 'known' is set to TRUE. */
|
|
|
|
guint32 get_ipxnet_addr(u_char *name, gboolean *known);
|
|
|
|
|
1998-09-25 23:24:07 +00:00
|
|
|
/* adds a hostname/IP in the hash table */
|
|
|
|
extern void add_host_name(u_int addr, u_char *name);
|
|
|
|
|
2000-08-10 20:09:29 +00:00
|
|
|
/* add ethernet address / name corresponding to IP address */
|
|
|
|
extern void add_ether_byip(u_int ip, const u_char *eth);
|
|
|
|
|
Have "get_host_ipaddr()" return a Boolean indicating whether it
succeeded or failed, and, if it succeeded, have it fill in the IP
address if found through a pointer passed as the second argument.
Have it first try interpreting its first argument as a dotted-quad IP
address, with "inet_aton()", and, if that fails, have it try to
interpret it as a host name with "gethostbyname()"; don't bother with
"gethostbyaddr()", as we should be allowed to filter on IP addresses
even if there's no host name associated with them (there's no guarantee
that "gethostbyaddr()" will succeed if handed an IP address with no
corresponding name - and it looks as if FreeBSD 3.2, at least, may not
succeed in that case).
Add a "dfilter_fail()" routine that takes "printf()"-like arguments and
uses them to set an error message for the parse; doing so means that
even if the filter expression is syntactically valid, we treat it as
being invalid. (Is there a better way to force a parse to fail from
arbitrary places in routines called by the parser?)
Use that routine in the lexical analyzer.
If that error message was set, use it as is as the failure message,
rather than adding "Unable to parse filter string XXX" to it.
Have the code to handle IP addresses and host names in display filters
check whether "get_host_ipaddr()" succeeded or failed and, if it failed,
arrange that the parse fail with an error message indicating the source
of the problem.
svn path=/trunk/; revision=802
1999-10-11 03:03:12 +00:00
|
|
|
/* Translates a string representing the hostname or dotted-decimal IP address
|
|
|
|
* into a numeric IP address value, returning TRUE if it succeeds and
|
|
|
|
* FALSE if it fails. */
|
|
|
|
gboolean get_host_ipaddr(const char *host, guint32 *addrp);
|
1999-07-07 22:52:57 +00:00
|
|
|
|
1999-10-15 03:11:52 +00:00
|
|
|
/*
|
|
|
|
* Translate IPv6 numeric address or FQDN hostname, into binary IPv6 address.
|
|
|
|
* Return TRUE if we succeed and set "*addrp" to that numeric IP address;
|
|
|
|
* return FALSE if we fail.
|
|
|
|
*/
|
|
|
|
gboolean get_host_ipaddr6(const char *host, struct e_in6_addr *addrp);
|
|
|
|
|
1998-09-16 02:39:15 +00:00
|
|
|
#endif /* __RESOLV_H__ */
|