Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
/* conversation.h
|
|
|
|
|
* Routines for building lists of packets that are part of a "conversation"
|
|
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
2002-08-28 20:41:00 +00:00
|
|
|
*
|
2018-02-08 16:59:17 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
Generalize the "ip_src" and "ip_dst" members of the "packet_info"
structure to "dl_src"/"dl_dst", "net_src"/"net_dst", and "src"/"dst"
addresses, where an address is an address type, an address length in
bytes, and a pointer to that many bytes.
"dl_{src,dst}" are the link-layer source/destination; "net_{src,dst}"
are the network-layer source/destination; "{src,dst}" are the
source/destination from the highest of those two layers that we have in
the packet.
Add a port type to "packet_info" as well, specifying whether it's a TCP
or UDP port.
Don't set the address and port columns in the dissector functions; just
set the address and port members of the "packet_info" structure. Set
the columns in "fill_in_columns()"; this means that if we're showing
COL_{DEF,RES,UNRES}_SRC" or "COL_{DEF,RES,UNRES}_DST", we only generate
the string from "src" or "dst", we don't generate a string for the
link-layer address and then overwrite it with a string for the
network-layer address (generating those strings costs CPU).
Add support for "conversations", where a "conversation" is (at present)
a source and destination address and a source and destination port. (In
the future, we may support "conversations" above the transport layer,
e.g. a TFTP conversation, where the first packet goes from the client to
the TFTP server port, but the reply comes back from a different port,
and all subsequent packets go between the client address/port and the
server address/new port, or an NFS conversation, which might include
lock manager, status monitor, and mount packets, as well as NFS
packets.)
Currently, all we support is a call that takes the source and
destination address/port pairs, looks them up in a hash table, and:
if nothing is found, creates a new entry in the hash table, and
assigns it a unique 32-bit conversation ID, and returns that
conversation ID;
if an entry is found, returns its conversation ID.
Use that in the SMB and AFS code to keep track of individual SMB or AFS
conversations. We need to match up requests and replies, as, for
certain replies, the operation code for the request to which it's a
reply doesn't show up in the reply - you have to find the request with a
matching transaction ID. Transaction IDs are per-conversation, so the
hash table for requests should include a conversation ID and transaction
ID as the key.
This allows SMB and AFS decoders to handle IPv4 or IPv6 addresses
transparently (and should allow the SMB decoder to handle NetBIOS atop
other protocols as well, if the source and destination address and port
values in the "packet_info" structure are set appropriately).
In the "Follow TCP Connection" code, check to make sure that the
addresses are IPv4 addressses; ultimately, that code should be changed
to use the conversation code instead, which will let it handle IPv6
transparently.
svn path=/trunk/; revision=909
1999-10-22 07:18:23 +00:00
|
|
|
*/
|
|
|
|
|
|
1999-10-29 01:04:44 +00:00
|
|
|
#ifndef __CONVERSATION_H__
|
|
|
|
|
#define __CONVERSATION_H__
|
|
|
|
|
|
2013-03-01 23:53:11 +00:00
|
|
|
#include "ws_symbol_export.h"
|
|
|
|
|
|
2021-03-16 09:36:10 +00:00
|
|
|
#include "packet.h" /* for conversation dissector type */
|
2021-07-26 00:31:17 +00:00
|
|
|
#include <epan/wmem_scopes.h>
|
2021-03-16 09:36:10 +00:00
|
|
|
|
2007-01-18 18:43:30 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
extern "C" {
|
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
|
2010-08-28 19:27:19 +00:00
|
|
|
/**
|
|
|
|
|
*@file
|
|
|
|
|
*/
|
2002-08-28 20:41:00 +00:00
|
|
|
/*
|
2001-06-10 09:50:20 +00:00
|
|
|
* Flags to pass to "conversation_new()" to indicate that the address 2
|
|
|
|
|
* and/or port 2 values for the conversation should be wildcards.
|
2004-12-15 09:25:48 +00:00
|
|
|
* The CONVERSATION_TEMPLATE option tells that any of the other supplied
|
|
|
|
|
* port and / or address wildcards will be used to match an infinite number
|
|
|
|
|
* of new connections to the conversation(s) that have the CONVERSATION_-
|
|
|
|
|
* TEMPLATE flag set. Any conversation created without the CONVERSATION_-
|
|
|
|
|
* TEMPLATE flag will be altered once the first connections (connection
|
|
|
|
|
* oriented protocols only) to include the newly found information which
|
|
|
|
|
* matched the wildcard options.
|
2001-06-10 09:50:20 +00:00
|
|
|
*/
|
|
|
|
|
#define NO_ADDR2 0x01
|
|
|
|
|
#define NO_PORT2 0x02
|
2004-07-06 19:01:32 +00:00
|
|
|
#define NO_PORT2_FORCE 0x04
|
2004-12-15 09:25:48 +00:00
|
|
|
#define CONVERSATION_TEMPLATE 0x08
|
2016-02-08 16:32:41 +00:00
|
|
|
|
2002-08-28 20:41:00 +00:00
|
|
|
/*
|
2001-06-10 09:50:20 +00:00
|
|
|
* Flags to pass to "find_conversation()" to indicate that the address B
|
|
|
|
|
* and/or port B search arguments are wildcards.
|
|
|
|
|
*/
|
|
|
|
|
#define NO_ADDR_B 0x01
|
|
|
|
|
#define NO_PORT_B 0x02
|
2000-10-21 05:52:28 +00:00
|
|
|
|
2017-11-11 22:16:13 +00:00
|
|
|
/* Flags to handle endpoints */
|
2019-11-11 00:06:53 +00:00
|
|
|
#define USE_LAST_ENDPOINT 0x08 /* Use last endpoint created, regardless of type */
|
2017-11-11 22:16:13 +00:00
|
|
|
|
2017-10-29 14:12:59 +00:00
|
|
|
/* Types of port numbers Wireshark knows about. */
|
|
|
|
|
typedef enum {
|
|
|
|
|
ENDPOINT_NONE, /* no endpoint */
|
|
|
|
|
ENDPOINT_SCTP, /* SCTP */
|
|
|
|
|
ENDPOINT_TCP, /* TCP */
|
|
|
|
|
ENDPOINT_UDP, /* UDP */
|
|
|
|
|
ENDPOINT_DCCP, /* DCCP */
|
|
|
|
|
ENDPOINT_IPX, /* IPX sockets */
|
|
|
|
|
ENDPOINT_NCP, /* NCP connection */
|
|
|
|
|
ENDPOINT_EXCHG, /* Fibre Channel exchange */
|
|
|
|
|
ENDPOINT_DDP, /* DDP AppleTalk connection */
|
|
|
|
|
ENDPOINT_SBCCS, /* FICON */
|
|
|
|
|
ENDPOINT_IDP, /* XNS IDP sockets */
|
|
|
|
|
ENDPOINT_TIPC, /* TIPC PORT */
|
|
|
|
|
ENDPOINT_USB, /* USB endpoint 0xffff means the host */
|
|
|
|
|
ENDPOINT_I2C,
|
|
|
|
|
ENDPOINT_IBQP, /* Infiniband QP number */
|
|
|
|
|
ENDPOINT_BLUETOOTH,
|
2017-11-09 01:02:06 +00:00
|
|
|
ENDPOINT_TDMOP,
|
2017-11-09 04:12:50 +00:00
|
|
|
ENDPOINT_DVBCI,
|
2017-11-09 05:25:43 +00:00
|
|
|
ENDPOINT_ISO14443,
|
2017-11-11 22:16:13 +00:00
|
|
|
ENDPOINT_ISDN, /* ISDN channel number */
|
|
|
|
|
ENDPOINT_H223, /* H.223 logical channel number */
|
|
|
|
|
ENDPOINT_X25, /* X.25 logical channel number */
|
|
|
|
|
ENDPOINT_IAX2, /* IAX2 call id */
|
|
|
|
|
ENDPOINT_DLCI, /* Frame Relay DLCI */
|
|
|
|
|
ENDPOINT_ISUP, /* ISDN User Part CIC */
|
|
|
|
|
ENDPOINT_BICC, /* BICC Circuit identifier */
|
|
|
|
|
ENDPOINT_GSMTAP,
|
2021-05-29 00:36:30 +00:00
|
|
|
ENDPOINT_IUUP,
|
2021-08-25 20:15:39 +00:00
|
|
|
ENDPOINT_DVBBBF, /* DVB Base Band Frame ISI/PLP_ID */
|
|
|
|
|
ENDPOINT_IWARP_MPA /* iWarp MPA */
|
2017-10-29 14:12:59 +00:00
|
|
|
} endpoint_type;
|
|
|
|
|
|
2010-08-28 19:27:19 +00:00
|
|
|
/**
|
Export the data structure used to represent a conversation.
Replace "add_to_conversation()" with:
"conversation_new()", which creates a new conversation, given
source and destination addresses and ports, and returns a
pointer to the structure for the conversation;
"find_conversation()", which tries to find a conversation for
given source and destination addresses and ports, and returns a
pointer to the structure for the conversation if found, and a
null pointer if not found.
Add a private data pointer field to the conversation structure, and have
"conversation_new()" take an argument that specifies what to set that
pointer to; that lets clients of the conversation code hang arbitrary
data off the conversation (e.g., a hash table of protocol requests and
replies, in case the protocol is a request/reply protocol wherein the
reply doesn't say what type of request it's a reply to, and you need
that information to dissect the reply).
svn path=/trunk/; revision=920
1999-10-24 07:27:20 +00:00
|
|
|
* Data structure representing a conversation.
|
|
|
|
|
*/
|
2017-10-28 17:26:51 +00:00
|
|
|
struct conversation_key;
|
|
|
|
|
typedef struct conversation_key* conversation_key_t;
|
2000-10-21 05:52:28 +00:00
|
|
|
|
Export the data structure used to represent a conversation.
Replace "add_to_conversation()" with:
"conversation_new()", which creates a new conversation, given
source and destination addresses and ports, and returns a
pointer to the structure for the conversation;
"find_conversation()", which tries to find a conversation for
given source and destination addresses and ports, and returns a
pointer to the structure for the conversation if found, and a
null pointer if not found.
Add a private data pointer field to the conversation structure, and have
"conversation_new()" take an argument that specifies what to set that
pointer to; that lets clients of the conversation code hang arbitrary
data off the conversation (e.g., a hash table of protocol requests and
replies, in case the protocol is a request/reply protocol wherein the
reply doesn't say what type of request it's a reply to, and you need
that information to dissect the reply).
svn path=/trunk/; revision=920
1999-10-24 07:27:20 +00:00
|
|
|
typedef struct conversation {
|
2010-08-28 19:27:19 +00:00
|
|
|
struct conversation *next; /** pointer to next conversation on hash chain */
|
2012-02-04 12:23:51 +00:00
|
|
|
struct conversation *last; /** pointer to the last conversation on hash chain */
|
2019-11-11 00:06:53 +00:00
|
|
|
struct conversation *latest_found; /** pointer to the last conversation on hash chain */
|
|
|
|
|
guint32 conv_index; /** unique ID for conversation */
|
2010-08-28 19:27:19 +00:00
|
|
|
guint32 setup_frame; /** frame number that setup this conversation */
|
2019-11-11 00:06:53 +00:00
|
|
|
/* Assume that setup_frame is also the lowest frame number for now. */
|
2013-07-08 16:54:18 +00:00
|
|
|
guint32 last_frame; /** highest frame number in this conversation */
|
2019-11-11 00:06:53 +00:00
|
|
|
wmem_tree_t *data_list; /** list of data associated with conversation */
|
|
|
|
|
wmem_tree_t *dissector_tree; /** tree containing protocol dissector client associated with conversation */
|
|
|
|
|
guint options; /** wildcard flags */
|
2017-10-28 17:26:51 +00:00
|
|
|
conversation_key_t key_ptr; /** pointer to the key for this conversation */
|
Export the data structure used to represent a conversation.
Replace "add_to_conversation()" with:
"conversation_new()", which creates a new conversation, given
source and destination addresses and ports, and returns a
pointer to the structure for the conversation;
"find_conversation()", which tries to find a conversation for
given source and destination addresses and ports, and returns a
pointer to the structure for the conversation if found, and a
null pointer if not found.
Add a private data pointer field to the conversation structure, and have
"conversation_new()" take an argument that specifies what to set that
pointer to; that lets clients of the conversation code hang arbitrary
data off the conversation (e.g., a hash table of protocol requests and
replies, in case the protocol is a request/reply protocol wherein the
reply doesn't say what type of request it's a reply to, and you need
that information to dissect the reply).
svn path=/trunk/; revision=920
1999-10-24 07:27:20 +00:00
|
|
|
} conversation_t;
|
|
|
|
|
|
2017-10-28 17:26:51 +00:00
|
|
|
|
2017-10-30 19:57:34 +00:00
|
|
|
struct endpoint;
|
|
|
|
|
typedef struct endpoint* endpoint_t;
|
|
|
|
|
|
2017-10-28 17:26:51 +00:00
|
|
|
WS_DLL_PUBLIC address* conversation_key_addr1(const conversation_key_t key);
|
|
|
|
|
WS_DLL_PUBLIC address* conversation_key_addr2(const conversation_key_t key);
|
|
|
|
|
WS_DLL_PUBLIC guint32 conversation_key_port1(const conversation_key_t key);
|
|
|
|
|
WS_DLL_PUBLIC guint32 conversation_key_port2(const conversation_key_t key);
|
|
|
|
|
|
2010-08-28 19:27:19 +00:00
|
|
|
/**
|
2017-02-09 17:28:14 +00:00
|
|
|
* Create a new hash tables for conversations.
|
2010-08-28 19:27:19 +00:00
|
|
|
*/
|
2017-02-09 17:28:14 +00:00
|
|
|
extern void conversation_init(void);
|
2010-08-28 19:27:19 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Initialize some variables every time a file is loaded or re-loaded.
|
|
|
|
|
*/
|
2017-02-09 17:28:14 +00:00
|
|
|
extern void conversation_epan_reset(void);
|
2000-10-21 05:52:28 +00:00
|
|
|
|
2016-02-08 16:32:41 +00:00
|
|
|
/*
|
2010-08-28 19:27:19 +00:00
|
|
|
* Given two address/port pairs for a packet, create a new conversation
|
|
|
|
|
* to contain packets between those address/port pairs.
|
|
|
|
|
*
|
|
|
|
|
* The options field is used to specify whether the address 2 value
|
|
|
|
|
* and/or port 2 value are not given and any value is acceptable
|
|
|
|
|
* when searching for this conversation.
|
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC conversation_t *conversation_new(const guint32 setup_frame, const address *addr1, const address *addr2,
|
2017-10-29 14:12:59 +00:00
|
|
|
const endpoint_type etype, const guint32 port1, const guint32 port2, const guint options);
|
2000-10-21 05:52:28 +00:00
|
|
|
|
2017-11-11 22:16:13 +00:00
|
|
|
WS_DLL_PUBLIC conversation_t *conversation_new_by_id(const guint32 setup_frame, const endpoint_type etype, const guint32 id, const guint options);
|
2017-11-09 01:02:06 +00:00
|
|
|
|
2010-08-28 19:27:19 +00:00
|
|
|
/**
|
|
|
|
|
* Given two address/port pairs for a packet, search for a conversation
|
|
|
|
|
* containing packets between those address/port pairs. Returns NULL if
|
|
|
|
|
* not found.
|
|
|
|
|
*
|
|
|
|
|
* We try to find the most exact match that we can, and then proceed to
|
|
|
|
|
* try wildcard matches on the "addr_b" and/or "port_b" argument if a more
|
|
|
|
|
* exact match failed.
|
|
|
|
|
*
|
|
|
|
|
* Either or both of the "addr_b" and "port_b" arguments may be specified as
|
|
|
|
|
* a wildcard by setting the NO_ADDR_B or NO_PORT_B flags in the "options"
|
|
|
|
|
* argument. We do only wildcard matches on addresses and ports specified
|
|
|
|
|
* as wildcards.
|
|
|
|
|
*
|
|
|
|
|
* I.e.:
|
|
|
|
|
*
|
|
|
|
|
* if neither "addr_b" nor "port_b" were specified as wildcards, we
|
|
|
|
|
* do an exact match (addr_a/port_a and addr_b/port_b) and, if that
|
|
|
|
|
* succeeds, we return a pointer to the matched conversation;
|
|
|
|
|
*
|
|
|
|
|
* otherwise, if "port_b" wasn't specified as a wildcard, we try to
|
|
|
|
|
* match any address 2 with the specified port 2 (addr_a/port_a and
|
|
|
|
|
* {any}/addr_b) and, if that succeeds, we return a pointer to the
|
|
|
|
|
* matched conversation;
|
|
|
|
|
*
|
|
|
|
|
* otherwise, if "addr_b" wasn't specified as a wildcard, we try to
|
|
|
|
|
* match any port 2 with the specified address 2 (addr_a/port_a and
|
|
|
|
|
* addr_b/{any}) and, if that succeeds, we return a pointer to the
|
|
|
|
|
* matched conversation;
|
|
|
|
|
*
|
|
|
|
|
* otherwise, we try to match any address 2 and any port 2
|
|
|
|
|
* (addr_a/port_a and {any}/{any}) and, if that succeeds, we return
|
|
|
|
|
* a pointer to the matched conversation;
|
|
|
|
|
*
|
|
|
|
|
* otherwise, we found no matching conversation, and return NULL.
|
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC conversation_t *find_conversation(const guint32 frame_num, const address *addr_a, const address *addr_b,
|
2017-10-29 14:12:59 +00:00
|
|
|
const endpoint_type etype, const guint32 port_a, const guint32 port_b, const guint options);
|
1999-10-29 01:04:44 +00:00
|
|
|
|
2017-11-11 22:16:13 +00:00
|
|
|
WS_DLL_PUBLIC conversation_t *find_conversation_by_id(const guint32 frame, const endpoint_type etype, const guint32 id, const guint options);
|
2017-11-09 01:02:06 +00:00
|
|
|
|
2017-10-27 20:39:50 +00:00
|
|
|
/** A helper function that calls find_conversation() using data from pinfo
|
|
|
|
|
* The frame number and addresses are taken from pinfo.
|
|
|
|
|
*/
|
|
|
|
|
WS_DLL_PUBLIC conversation_t *find_conversation_pinfo(packet_info *pinfo, const guint options);
|
|
|
|
|
|
2010-08-28 19:27:19 +00:00
|
|
|
/** A helper function that calls find_conversation() and, if a conversation is
|
|
|
|
|
* not found, calls conversation_new().
|
|
|
|
|
* The frame number and addresses are taken from pinfo.
|
|
|
|
|
* No options are used, though we could extend this API to include an options
|
|
|
|
|
* parameter.
|
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC conversation_t *find_or_create_conversation(packet_info *pinfo);
|
2010-05-13 18:28:34 +00:00
|
|
|
|
2018-08-01 02:55:13 +00:00
|
|
|
/** A helper function that calls find_conversation_by_id() and, if a
|
|
|
|
|
* conversation is not found, calls conversation_new_by_id().
|
|
|
|
|
* The frame number is taken from pinfo.
|
|
|
|
|
*/
|
|
|
|
|
WS_DLL_PUBLIC conversation_t *find_or_create_conversation_by_id(packet_info *pinfo, const endpoint_type etype, const guint32 id);
|
|
|
|
|
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC void conversation_add_proto_data(conversation_t *conv, const int proto,
|
2001-09-03 10:33:12 +00:00
|
|
|
void *proto_data);
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC void *conversation_get_proto_data(const conversation_t *conv, const int proto);
|
|
|
|
|
WS_DLL_PUBLIC void conversation_delete_proto_data(conversation_t *conv, const int proto);
|
2001-09-03 10:33:12 +00:00
|
|
|
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC void conversation_set_dissector(conversation_t *conversation,
|
2010-04-03 18:18:50 +00:00
|
|
|
const dissector_handle_t handle);
|
2015-10-28 21:32:17 +00:00
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC void conversation_set_dissector_from_frame_number(conversation_t *conversation,
|
|
|
|
|
const guint32 starting_frame_num, const dissector_handle_t handle);
|
|
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC dissector_handle_t conversation_get_dissector(conversation_t *conversation,
|
|
|
|
|
const guint32 frame_num);
|
|
|
|
|
|
2017-10-30 19:57:34 +00:00
|
|
|
WS_DLL_PUBLIC void conversation_create_endpoint(struct _packet_info *pinfo, address* addr1, address* addr2,
|
|
|
|
|
endpoint_type etype, guint32 port1, guint32 port2, const guint options);
|
|
|
|
|
|
2017-11-11 22:16:13 +00:00
|
|
|
WS_DLL_PUBLIC void conversation_create_endpoint_by_id(struct _packet_info *pinfo,
|
|
|
|
|
endpoint_type etype, guint32 id, const guint options);
|
|
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC guint32 conversation_get_endpoint_by_id(struct _packet_info *pinfo,
|
|
|
|
|
endpoint_type etype, const guint options);
|
|
|
|
|
|
2010-08-28 19:27:19 +00:00
|
|
|
/**
|
|
|
|
|
* Given two address/port pairs for a packet, search for a matching
|
|
|
|
|
* conversation and, if found and it has a conversation dissector,
|
|
|
|
|
* call that dissector and return TRUE, otherwise return FALSE.
|
|
|
|
|
*
|
|
|
|
|
* This helper uses call_dissector_only which will NOT call the default
|
|
|
|
|
* "data" dissector if the packet was rejected.
|
2014-01-04 17:29:20 +00:00
|
|
|
* Our caller is responsible to call the data dissector explicitly in case
|
2010-08-28 19:27:19 +00:00
|
|
|
* this function returns FALSE.
|
|
|
|
|
*/
|
2018-07-31 21:44:49 +00:00
|
|
|
WS_DLL_PUBLIC gboolean
|
2017-10-29 14:12:59 +00:00
|
|
|
try_conversation_dissector(const address *addr_a, const address *addr_b, const endpoint_type etype,
|
2010-04-03 18:18:50 +00:00
|
|
|
const guint32 port_a, const guint32 port_b, tvbuff_t *tvb, packet_info *pinfo,
|
2018-01-23 10:48:57 +00:00
|
|
|
proto_tree *tree, void* data, const guint options);
|
2000-04-12 22:53:16 +00:00
|
|
|
|
2018-07-31 21:44:49 +00:00
|
|
|
WS_DLL_PUBLIC gboolean
|
2017-11-11 22:16:13 +00:00
|
|
|
try_conversation_dissector_by_id(const endpoint_type etype, const guint32 id, tvbuff_t *tvb,
|
2017-11-09 05:25:43 +00:00
|
|
|
packet_info *pinfo, proto_tree *tree, void* data);
|
|
|
|
|
|
2000-10-21 05:52:28 +00:00
|
|
|
/* These routines are used to set undefined values for a conversation */
|
|
|
|
|
|
2018-07-31 21:44:49 +00:00
|
|
|
WS_DLL_PUBLIC
|
|
|
|
|
void conversation_set_port2(conversation_t *conv, const guint32 port);
|
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
|
void conversation_set_addr2(conversation_t *conv, const address *addr);
|
2000-10-21 05:52:28 +00:00
|
|
|
|
2013-09-15 19:35:10 +00:00
|
|
|
WS_DLL_PUBLIC
|
2017-02-09 17:28:14 +00:00
|
|
|
wmem_map_t *get_conversation_hashtable_exact(void);
|
2013-09-15 19:35:10 +00:00
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC
|
2017-02-09 17:28:14 +00:00
|
|
|
wmem_map_t *get_conversation_hashtable_no_addr2(void);
|
2013-09-15 19:35:10 +00:00
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC
|
2017-02-09 17:28:14 +00:00
|
|
|
wmem_map_t * get_conversation_hashtable_no_port2(void);
|
2013-09-15 19:35:10 +00:00
|
|
|
|
|
|
|
|
WS_DLL_PUBLIC
|
2017-02-09 17:28:14 +00:00
|
|
|
wmem_map_t *get_conversation_hashtable_no_addr2_or_port2(void);
|
2013-09-15 19:35:10 +00:00
|
|
|
|
2017-10-29 14:12:59 +00:00
|
|
|
/* Temporary function to handle port_type to endpoint_type conversion
|
|
|
|
|
For now it's a 1-1 mapping, but the intention is to remove
|
|
|
|
|
many of the port_type instances in favor of endpoint_type
|
|
|
|
|
*/
|
|
|
|
|
WS_DLL_PUBLIC
|
|
|
|
|
endpoint_type conversation_pt_to_endpoint_type(port_type pt);
|
|
|
|
|
|
2017-10-28 15:15:44 +00:00
|
|
|
WS_DLL_PUBLIC guint
|
|
|
|
|
conversation_hash_exact(gconstpointer v);
|
2013-09-15 19:35:10 +00:00
|
|
|
|
2017-10-28 17:26:51 +00:00
|
|
|
/* Provide a wmem_alloced (NULL scope) hash string using HTML tags */
|
|
|
|
|
WS_DLL_PUBLIC gchar*
|
|
|
|
|
conversation_get_html_hash(const conversation_key_t key);
|
|
|
|
|
|
2007-01-18 18:43:30 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
}
|
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
|
1999-10-29 01:04:44 +00:00
|
|
|
#endif /* conversation.h */
|