1998-11-12 06:01:27 +00:00
|
|
|
/* wtap.c
|
|
|
|
*
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
* $Id: wtap.c,v 1.12 1999/08/02 02:04:38 guy Exp $
|
1998-11-12 06:01:27 +00:00
|
|
|
*
|
|
|
|
* Wiretap Library
|
|
|
|
* Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
|
|
*
|
|
|
|
*/
|
1999-07-13 02:53:26 +00:00
|
|
|
#ifdef HAVE_CONFIG_H
|
|
|
|
#include "config.h"
|
|
|
|
#endif
|
1998-11-12 00:06:47 +00:00
|
|
|
#include "wtap.h"
|
1999-03-01 18:57:07 +00:00
|
|
|
#include "buffer.h"
|
1998-11-12 00:06:47 +00:00
|
|
|
|
|
|
|
FILE* wtap_file(wtap *wth)
|
|
|
|
{
|
1998-11-15 05:29:17 +00:00
|
|
|
return wth->fh;
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
int wtap_file_type(wtap *wth)
|
|
|
|
{
|
|
|
|
return wth->file_type;
|
|
|
|
}
|
|
|
|
|
|
|
|
int wtap_snapshot_length(wtap *wth)
|
|
|
|
{
|
1998-11-15 05:29:17 +00:00
|
|
|
return wth->snapshot_length;
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
|
|
|
|
Check in Olivier Abad's patch to add dissectors for LAP-B and X.25, and
wiretap support for RADCOM Ltd.'s WAN/LAN analyzers (see
http://www.radcom-inc.com/
). Note: as I remember, IEEE 802.2/ISO 8022 LLC has somewhat of an SDLC
flavor to it, just as I think LAP, LAPB, LAPD, and so on do, so we may
be able to combine some of the LLC dissection and the LAPB dissection
into common code that could, conceivably be used for other SDLC-flavored
protocols.
Make "S" a mnemonic for "Summary" in the "Tools" menu.
Move the routine, used for the "Tools/Summary" display, that turns a
wiretap file type into a descriptive string for it into the wiretap
library itself, expand on some of its descriptions, and add an entry for
files from a RADCOM analyzer.
Have "Tools/Summary" display the snapshot length for the capture.
svn path=/trunk/; revision=416
1999-08-02 02:04:38 +00:00
|
|
|
const char *wtap_file_type_string(wtap *wth)
|
|
|
|
{
|
|
|
|
switch (wth->file_type) {
|
|
|
|
case WTAP_FILE_WTAP:
|
|
|
|
return "wiretap";
|
|
|
|
|
|
|
|
case WTAP_FILE_PCAP:
|
|
|
|
return "pcap";
|
|
|
|
|
|
|
|
case WTAP_FILE_LANALYZER:
|
|
|
|
return "Novell LANalyzer";
|
|
|
|
|
|
|
|
case WTAP_FILE_NGSNIFFER:
|
|
|
|
return "Network Associates Sniffer (DOS-based)";
|
|
|
|
|
|
|
|
case WTAP_FILE_SNOOP:
|
|
|
|
return "snoop";
|
|
|
|
|
|
|
|
case WTAP_FILE_IPTRACE:
|
|
|
|
return "iptrace";
|
|
|
|
|
|
|
|
case WTAP_FILE_NETMON:
|
|
|
|
return "Microsoft Network Monitor";
|
|
|
|
|
|
|
|
case WTAP_FILE_NETXRAY:
|
|
|
|
return "Cinco Networks NetXRay/Network Associates Sniffer (Windows-based)";
|
|
|
|
|
|
|
|
case WTAP_FILE_RADCOM:
|
|
|
|
return "RADCOM WAN/LAN analyzer";
|
|
|
|
|
|
|
|
default:
|
|
|
|
g_error("Unknown capture file type %d", wth->file_type);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
1998-11-12 00:06:47 +00:00
|
|
|
void wtap_close(wtap *wth)
|
|
|
|
{
|
1999-01-07 16:15:37 +00:00
|
|
|
/* free up memory. If any capture structure ever allocates
|
|
|
|
* its own memory, it would be better to make a *close() function
|
|
|
|
* for each filetype, like pcap_close(0, lanalyzer_close(), etc.
|
|
|
|
* But for now this will work. */
|
|
|
|
switch(wth->file_type) {
|
|
|
|
case WTAP_FILE_PCAP:
|
1999-01-08 17:24:01 +00:00
|
|
|
g_free(wth->capture.pcap);
|
1999-01-07 16:15:37 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case WTAP_FILE_LANALYZER:
|
1999-01-08 17:24:01 +00:00
|
|
|
g_free(wth->capture.lanalyzer);
|
1999-01-07 16:15:37 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
case WTAP_FILE_NGSNIFFER:
|
1999-01-08 17:24:01 +00:00
|
|
|
g_free(wth->capture.ngsniffer);
|
1999-01-07 16:15:37 +00:00
|
|
|
break;
|
|
|
|
|
1999-03-01 18:57:07 +00:00
|
|
|
case WTAP_FILE_NETMON:
|
|
|
|
g_free(wth->capture.netmon);
|
|
|
|
break;
|
|
|
|
|
1999-02-12 16:26:09 +00:00
|
|
|
/* default:
|
|
|
|
nothing */
|
1999-01-07 16:15:37 +00:00
|
|
|
}
|
|
|
|
|
1998-11-15 05:29:17 +00:00
|
|
|
fclose(wth->fh);
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void wtap_loop(wtap *wth, int count, wtap_handler callback, u_char* user)
|
|
|
|
{
|
1999-07-28 20:17:24 +00:00
|
|
|
int data_offset, loop = 0;
|
1998-11-12 00:06:47 +00:00
|
|
|
|
1998-11-15 05:29:17 +00:00
|
|
|
while ((data_offset = wth->subtype_read(wth)) > 0) {
|
1999-07-07 22:52:57 +00:00
|
|
|
callback(user, &wth->phdr, data_offset,
|
|
|
|
buffer_start_ptr(wth->frame_buffer));
|
1999-07-28 20:17:24 +00:00
|
|
|
if (count > 0 && ++loop >= count) break;
|
1998-11-12 00:06:47 +00:00
|
|
|
}
|
|
|
|
}
|