2000-09-27 04:55:05 +00:00
|
|
|
/* epan.h
|
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark Protocol Analyzer Library
|
2000-09-27 04:55:05 +00:00
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Copyright (c) 2001 by Gerald Combs <gerald@wireshark.org>
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
2018-02-08 16:59:17 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
2000-09-27 04:55:05 +00:00
|
|
|
*/
|
2014-03-20 12:22:39 +00:00
|
|
|
|
2012-10-18 21:14:43 +00:00
|
|
|
#ifndef __EPAN_H__
|
|
|
|
#define __EPAN_H__
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2011-12-29 00:08:47 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
2000-09-28 03:16:29 +00:00
|
|
|
#include <glib.h>
|
2016-01-25 01:10:20 +00:00
|
|
|
#include <epan/tvbuff.h>
|
2017-04-09 19:27:57 +00:00
|
|
|
#include <epan/prefs.h>
|
2016-01-25 01:10:20 +00:00
|
|
|
#include <epan/frame_data.h>
|
2017-09-30 23:56:03 +00:00
|
|
|
#include <wsutil/plugins.h>
|
2018-08-28 20:39:55 +00:00
|
|
|
#include <epan/register.h>
|
2013-03-01 23:53:11 +00:00
|
|
|
#include "ws_symbol_export.h"
|
2000-10-06 10:11:40 +00:00
|
|
|
|
2013-12-03 22:26:07 +00:00
|
|
|
typedef struct epan_dissect epan_dissect_t;
|
2001-11-21 23:16:26 +00:00
|
|
|
|
2013-12-03 21:31:04 +00:00
|
|
|
struct epan_dfilter;
|
2013-12-22 10:41:27 +00:00
|
|
|
struct epan_column_info;
|
2000-10-06 10:11:40 +00:00
|
|
|
|
2017-12-08 03:31:43 +00:00
|
|
|
/*
|
|
|
|
* Opaque structure provided when an epan_t is created; it contains
|
|
|
|
* information needed to allow the user of libwireshark to provide
|
|
|
|
* time stamps, comments, and other information outside the packet
|
|
|
|
* data itself.
|
|
|
|
*/
|
2017-12-08 04:33:22 +00:00
|
|
|
struct packet_provider_data;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Structure containing pointers to functions supplied by the user
|
|
|
|
* of libwireshark.
|
|
|
|
*/
|
|
|
|
struct packet_provider_funcs {
|
|
|
|
const nstime_t *(*get_frame_ts)(struct packet_provider_data *prov, guint32 frame_num);
|
|
|
|
const char *(*get_interface_name)(struct packet_provider_data *prov, guint32 interface_id);
|
|
|
|
const char *(*get_interface_description)(struct packet_provider_data *prov, guint32 interface_id);
|
|
|
|
const char *(*get_user_comment)(struct packet_provider_data *prov, const frame_data *fd);
|
|
|
|
};
|
2017-12-08 03:31:43 +00:00
|
|
|
|
2017-09-30 23:56:03 +00:00
|
|
|
#ifdef HAVE_PLUGINS
|
|
|
|
extern plugins_t *libwireshark_plugins;
|
|
|
|
#endif
|
|
|
|
|
2011-09-11 19:09:02 +00:00
|
|
|
/**
|
2018-04-16 21:49:55 +00:00
|
|
|
@section Epan The Enhanced Packet ANalyzer
|
2011-09-11 19:09:02 +00:00
|
|
|
|
|
|
|
XXX
|
|
|
|
|
|
|
|
@b Sections:
|
|
|
|
*/
|
2012-10-18 21:14:43 +00:00
|
|
|
/*
|
2011-09-11 19:09:02 +00:00
|
|
|
Ref 1
|
|
|
|
Epan
|
2018-04-16 21:49:55 +00:00
|
|
|
Enhanced Packet ANalyzer, aka the packet analyzing engine. Source code can be found in the epan directory.
|
2011-09-11 19:09:02 +00:00
|
|
|
|
2012-10-18 21:14:43 +00:00
|
|
|
Protocol-Tree - Keep data of the capture file protocol information.
|
2011-09-11 19:09:02 +00:00
|
|
|
|
2012-10-18 21:14:43 +00:00
|
|
|
Dissectors - The various protocol dissectors in epan/dissectors.
|
2011-09-11 19:09:02 +00:00
|
|
|
|
2012-10-18 21:14:43 +00:00
|
|
|
Plugins - Some of the protocol dissectors are implemented as plugins. Source code can be found at plugins.
|
2011-09-11 19:09:02 +00:00
|
|
|
|
|
|
|
Display-Filters - the display filter engine at epan/dfilter
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Ref2 for further edits - delete when done
|
|
|
|
\section Introduction
|
|
|
|
|
|
|
|
This document describes the data structures and the functions exported by the CACE Technologies AirPcap library.
|
|
|
|
The AirPcap library provides low-level access to the AirPcap driver including advanced capabilities such as channel setting,
|
|
|
|
link type control and WEP configuration.<br>
|
|
|
|
This manual includes the following sections:
|
|
|
|
|
|
|
|
\note throughout this documentation, \e device refers to a physical USB AirPcap device, while \e adapter is an open API
|
|
|
|
instance. Most of the AirPcap API operations are adapter-specific but some of them, like setting the channel, are
|
|
|
|
per-device and will be reflected on all the open adapters. These functions will have "Device" in their name, e.g.
|
|
|
|
AirpcapSetDeviceChannel().
|
|
|
|
|
|
|
|
\b Sections:
|
|
|
|
|
|
|
|
- \ref airpcapfuncs
|
|
|
|
- \ref airpcapdefs
|
|
|
|
- \ref radiotap
|
|
|
|
*/
|
2013-12-02 08:30:29 +00:00
|
|
|
|
2015-10-28 00:41:23 +00:00
|
|
|
/**
|
|
|
|
* Init the whole epan module.
|
|
|
|
*
|
|
|
|
* Must be called only once in a program.
|
|
|
|
*
|
|
|
|
* Returns TRUE on success, FALSE on failure.
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2018-09-08 15:02:06 +00:00
|
|
|
gboolean epan_init(register_cb cb, void *client_data, gboolean load_plugins);
|
2009-02-15 21:47:57 +00:00
|
|
|
|
2017-04-09 19:27:57 +00:00
|
|
|
/**
|
|
|
|
* Load all settings, from the current profile, that affect epan.
|
|
|
|
*/
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
e_prefs *epan_load_settings(void);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** cleanup the whole epan module, this is used to be called only once in a program */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2000-09-27 04:55:05 +00:00
|
|
|
void epan_cleanup(void);
|
2009-02-15 21:47:57 +00:00
|
|
|
|
2017-08-29 14:34:31 +00:00
|
|
|
#ifdef HAVE_PLUGINS
|
|
|
|
typedef struct {
|
|
|
|
void (*init)(void);
|
|
|
|
void (*dissect_init)(epan_dissect_t *);
|
|
|
|
void (*dissect_cleanup)(epan_dissect_t *);
|
|
|
|
void (*cleanup)(void);
|
|
|
|
void (*register_all_protocols)(register_cb, gpointer);
|
|
|
|
void (*register_all_handoffs)(register_cb, gpointer);
|
|
|
|
} epan_plugin;
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC void epan_register_plugin(const epan_plugin *plugin);
|
|
|
|
#endif
|
2010-08-29 10:47:38 +00:00
|
|
|
/**
|
2009-02-25 10:05:04 +00:00
|
|
|
* Initialize the table of conversations. Conversations are identified by
|
|
|
|
* their endpoints; they are used for protocols such as IP, TCP, and UDP,
|
|
|
|
* where packets contain endpoint information but don't contain a single
|
|
|
|
* value indicating to which flow the packet belongs.
|
|
|
|
*/
|
2000-09-27 04:55:05 +00:00
|
|
|
void epan_conversation_init(void);
|
2009-02-15 21:47:57 +00:00
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** A client will create one epan_t for an entire dissection session.
|
2000-09-27 04:55:05 +00:00
|
|
|
* A single epan_t will be used to analyze the entire sequence of packets,
|
|
|
|
* sequentially, in a single session. A session corresponds to a single
|
2017-01-30 07:45:15 +00:00
|
|
|
* packet trace file. The reasons epan_t exists is that some packets in
|
2000-09-27 04:55:05 +00:00
|
|
|
* some protocols cannot be decoded without knowledge of previous packets.
|
|
|
|
* This inter-packet "state" is stored in the epan_t.
|
|
|
|
*/
|
|
|
|
typedef struct epan_session epan_t;
|
|
|
|
|
2017-12-08 04:33:22 +00:00
|
|
|
WS_DLL_PUBLIC epan_t *epan_new(struct packet_provider_data *prov,
|
|
|
|
const struct packet_provider_funcs *funcs);
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2014-12-19 13:08:38 +00:00
|
|
|
WS_DLL_PUBLIC const char *epan_get_user_comment(const epan_t *session, const frame_data *fd);
|
2013-08-01 20:59:38 +00:00
|
|
|
|
2015-01-22 11:27:23 +00:00
|
|
|
WS_DLL_PUBLIC const char *epan_get_interface_name(const epan_t *session, guint32 interface_id);
|
2013-07-22 19:38:38 +00:00
|
|
|
|
2017-01-30 07:45:15 +00:00
|
|
|
WS_DLL_PUBLIC const char *epan_get_interface_description(const epan_t *session, guint32 interface_id);
|
|
|
|
|
2013-07-21 20:48:30 +00:00
|
|
|
const nstime_t *epan_get_frame_ts(const epan_t *session, guint32 frame_num);
|
|
|
|
|
2013-07-21 18:38:03 +00:00
|
|
|
WS_DLL_PUBLIC void epan_free(epan_t *session);
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC const gchar*
|
2006-06-13 08:18:50 +00:00
|
|
|
epan_get_version(void);
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2017-09-03 14:03:31 +00:00
|
|
|
WS_DLL_PUBLIC void epan_get_version_number(int *major, int *minor, int *micro);
|
|
|
|
|
2014-02-21 06:11:41 +00:00
|
|
|
/**
|
|
|
|
* Set/unset the tree to always be visible when epan_dissect_init() is called.
|
|
|
|
* This state change sticks until cleared, rather than being done per function call.
|
|
|
|
* This is currently used when Lua scripts request all fields be generated.
|
|
|
|
* By default it only becomes visible if epan_dissect_init() makes it so, usually
|
|
|
|
* only when a packet is selected.
|
|
|
|
* Setting this overrides that so it's always visible, although it will still not be
|
|
|
|
* created if create_proto_tree is false in the call to epan_dissect_init().
|
|
|
|
* Clearing this reverts the decision to epan_dissect_init() and proto_tree_visible.
|
|
|
|
*/
|
|
|
|
void epan_set_always_visible(gboolean force);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** initialize an existing single packet dissection */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2017-05-09 14:11:27 +00:00
|
|
|
void
|
2013-07-21 18:38:03 +00:00
|
|
|
epan_dissect_init(epan_dissect_t *edt, epan_t *session, const gboolean create_proto_tree, const gboolean proto_tree_visible);
|
2009-08-13 19:42:46 +00:00
|
|
|
|
2010-09-23 01:14:44 +00:00
|
|
|
/** get a new single packet dissection
|
2010-08-29 10:47:38 +00:00
|
|
|
* should be freed using epan_dissect_free() after packet dissection completed
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2001-12-18 19:09:08 +00:00
|
|
|
epan_dissect_t*
|
2013-07-21 18:38:03 +00:00
|
|
|
epan_dissect_new(epan_t *session, const gboolean create_proto_tree, const gboolean proto_tree_visible);
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2013-10-20 10:21:25 +00:00
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
|
|
|
epan_dissect_reset(epan_dissect_t *edt);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** Indicate whether we should fake protocols or not */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2009-08-11 18:08:03 +00:00
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
epan_dissect_fake_protocols(epan_dissect_t *edt, const gboolean fake_protocols);
|
2009-08-11 18:08:03 +00:00
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** run a single packet dissection */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2001-12-18 19:09:08 +00:00
|
|
|
void
|
2014-05-25 00:04:44 +00:00
|
|
|
epan_dissect_run(epan_dissect_t *edt, int file_type_subtype,
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *rec, tvbuff_t *tvb, frame_data *fd,
|
2014-05-25 00:04:44 +00:00
|
|
|
struct epan_column_info *cinfo);
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2012-10-20 19:27:24 +00:00
|
|
|
void
|
2014-05-25 00:04:44 +00:00
|
|
|
epan_dissect_run_with_taps(epan_dissect_t *edt, int file_type_subtype,
|
2018-02-09 00:19:12 +00:00
|
|
|
wtap_rec *rec, tvbuff_t *tvb, frame_data *fd,
|
2014-05-25 00:04:44 +00:00
|
|
|
struct epan_column_info *cinfo);
|
2012-10-20 19:27:24 +00:00
|
|
|
|
2014-01-08 04:35:28 +00:00
|
|
|
/** run a single file packet dissection */
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_file_run(epan_dissect_t *edt, wtap_rec *rec,
|
2014-01-08 04:35:28 +00:00
|
|
|
tvbuff_t *tvb, frame_data *fd, struct epan_column_info *cinfo);
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
2018-02-09 00:19:12 +00:00
|
|
|
epan_dissect_file_run_with_taps(epan_dissect_t *edt, wtap_rec *rec,
|
2014-01-08 04:35:28 +00:00
|
|
|
tvbuff_t *tvb, frame_data *fd, struct epan_column_info *cinfo);
|
|
|
|
|
2016-01-04 21:14:08 +00:00
|
|
|
/** Prime an epan_dissect_t's proto_tree using the fields/protocols used in a dfilter. */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2001-12-18 19:09:08 +00:00
|
|
|
void
|
2017-04-12 04:56:14 +00:00
|
|
|
epan_dissect_prime_with_dfilter(epan_dissect_t *edt, const struct epan_dfilter *dfcode);
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2016-01-04 21:14:08 +00:00
|
|
|
/** Prime an epan_dissect_t's proto_tree with a field/protocol specified by its hfid */
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
2017-04-12 04:56:14 +00:00
|
|
|
epan_dissect_prime_with_hfid(epan_dissect_t *edt, int hfid);
|
2016-01-04 21:14:08 +00:00
|
|
|
|
2017-04-12 20:52:07 +00:00
|
|
|
/** Prime an epan_dissect_t's proto_tree with a set of fields/protocols specified by their hfids in a GArray */
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
void
|
|
|
|
epan_dissect_prime_with_hfid_array(epan_dissect_t *edt, GArray *hfids);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** fill the dissect run output into the packet list columns */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2001-12-18 19:09:08 +00:00
|
|
|
void
|
2010-04-03 18:18:50 +00:00
|
|
|
epan_dissect_fill_in_columns(epan_dissect_t *edt, const gboolean fill_col_exprs, const gboolean fill_fd_colums);
|
2000-09-27 04:55:05 +00:00
|
|
|
|
2013-05-22 23:02:19 +00:00
|
|
|
/** Check whether a dissected packet contains a given named field */
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
gboolean
|
|
|
|
epan_dissect_packet_contains_field(epan_dissect_t* edt,
|
|
|
|
const char *field_name);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** releases resources attached to the packet dissection. DOES NOT free the actual pointer */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2009-08-13 19:42:46 +00:00
|
|
|
void
|
|
|
|
epan_dissect_cleanup(epan_dissect_t* edt);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** free a single packet dissection */
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2000-09-27 04:55:05 +00:00
|
|
|
void
|
2000-10-06 10:11:40 +00:00
|
|
|
epan_dissect_free(epan_dissect_t* edt);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/** Sets custom column */
|
2009-08-25 21:10:35 +00:00
|
|
|
const gchar *
|
2014-12-17 10:38:49 +00:00
|
|
|
epan_custom_set(epan_dissect_t *edt, GSList *ids, gint occurrence,
|
2010-09-23 06:00:22 +00:00
|
|
|
gchar *result, gchar *expr, const int size);
|
2010-07-15 02:07:16 +00:00
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/**
|
2010-07-15 02:07:16 +00:00
|
|
|
* Get compile-time information for libraries used by libwireshark.
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2010-07-15 02:07:16 +00:00
|
|
|
void
|
|
|
|
epan_get_compiled_version_info(GString *str);
|
|
|
|
|
2010-08-29 10:47:38 +00:00
|
|
|
/**
|
2010-07-15 02:07:16 +00:00
|
|
|
* Get runtime information for libraries used by libwireshark.
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC
|
2010-07-15 02:07:16 +00:00
|
|
|
void
|
|
|
|
epan_get_runtime_version_info(GString *str);
|
2009-08-25 21:10:35 +00:00
|
|
|
|
2011-12-29 00:08:47 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
2012-10-18 21:14:43 +00:00
|
|
|
#endif /* __EPAN_H__ */
|