2005-09-11 16:55:34 +00:00
|
|
|
/* expert.h
|
|
|
|
* Collecting of Expert information.
|
|
|
|
*
|
2009-09-06 18:25:23 +00:00
|
|
|
* For further info, see: http://wiki.wireshark.org/Development/ExpertInfo
|
2005-09-11 16:55:34 +00:00
|
|
|
*
|
|
|
|
* $Id$
|
|
|
|
*
|
2006-05-21 05:12:17 +00:00
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
2005-09-11 16:55:34 +00:00
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
2012-06-28 22:56:06 +00:00
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2005-09-11 16:55:34 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __EXPERT_H__
|
|
|
|
#define __EXPERT_H__
|
|
|
|
|
2012-10-08 19:30:34 +00:00
|
|
|
#include <epan/packet_info.h>
|
2005-11-25 23:42:52 +00:00
|
|
|
#include <epan/proto.h>
|
2006-08-31 22:56:38 +00:00
|
|
|
#include "value_string.h"
|
2013-03-01 23:53:11 +00:00
|
|
|
#include "ws_symbol_export.h"
|
2005-09-13 04:00:47 +00:00
|
|
|
|
2011-02-01 21:03:29 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif /* __cplusplus */
|
2005-09-11 16:55:34 +00:00
|
|
|
|
2010-02-27 22:12:43 +00:00
|
|
|
/** only for internal and display use. */
|
2005-09-11 16:55:34 +00:00
|
|
|
typedef struct expert_info_s {
|
2005-09-11 22:25:33 +00:00
|
|
|
guint32 packet_num;
|
2005-09-11 16:55:34 +00:00
|
|
|
int group;
|
|
|
|
int severity;
|
2010-02-27 22:12:43 +00:00
|
|
|
const gchar *protocol;
|
|
|
|
gchar *summary;
|
|
|
|
proto_item *pitem;
|
2005-09-11 16:55:34 +00:00
|
|
|
} expert_info_t;
|
|
|
|
|
2013-05-24 17:59:36 +00:00
|
|
|
/* Expert Info and Display hf data */
|
|
|
|
typedef struct expert_field
|
|
|
|
{
|
|
|
|
int ei;
|
|
|
|
int hf;
|
|
|
|
} expert_field;
|
|
|
|
|
|
|
|
#define EI_INIT {-1, -1}
|
|
|
|
|
|
|
|
typedef struct expert_field_info {
|
|
|
|
/* ---------- set by dissector --------- */
|
|
|
|
const char *name;
|
|
|
|
int group;
|
|
|
|
int severity;
|
|
|
|
const gchar *summary;
|
|
|
|
|
|
|
|
/* ------- set by register routines (prefilled by EXPFILL macro, see below) ------ */
|
|
|
|
int id;
|
|
|
|
const gchar *protocol;
|
|
|
|
hf_register_info hf_info;
|
|
|
|
|
|
|
|
} expert_field_info;
|
|
|
|
|
|
|
|
#define EXPFILL 0, NULL, \
|
|
|
|
{0, {"Expert Info", NULL, FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL}}
|
|
|
|
|
|
|
|
typedef struct ei_register_info {
|
|
|
|
expert_field *ids; /**< written to by register() function */
|
|
|
|
expert_field_info eiinfo; /**< the field info to be registered */
|
|
|
|
} ei_register_info;
|
|
|
|
|
|
|
|
typedef struct expert_module expert_module_t;
|
|
|
|
|
2013-03-02 01:00:20 +00:00
|
|
|
static const value_string expert_group_vals[] = {
|
|
|
|
{ PI_CHECKSUM, "Checksum" },
|
|
|
|
{ PI_SEQUENCE, "Sequence" },
|
|
|
|
{ PI_RESPONSE_CODE, "Response" },
|
|
|
|
{ PI_REQUEST_CODE, "Request" },
|
|
|
|
{ PI_UNDECODED, "Undecoded" },
|
|
|
|
{ PI_REASSEMBLE, "Reassemble" },
|
|
|
|
{ PI_MALFORMED, "Malformed" },
|
|
|
|
{ PI_DEBUG, "Debug" },
|
|
|
|
{ PI_PROTOCOL, "Protocol" },
|
|
|
|
{ PI_SECURITY, "Security" },
|
|
|
|
{ PI_COMMENTS_GROUP, "Comment" },
|
|
|
|
{ 0, NULL }
|
|
|
|
};
|
|
|
|
|
|
|
|
static const value_string expert_severity_vals[] = {
|
|
|
|
{ PI_ERROR, "Error" },
|
|
|
|
{ PI_WARN, "Warn" },
|
|
|
|
{ PI_NOTE, "Note" },
|
|
|
|
{ PI_CHAT, "Chat" },
|
|
|
|
{ PI_COMMENT, "Comment" },
|
|
|
|
{ 0, "Ok" },
|
|
|
|
{ 0, NULL }
|
|
|
|
};
|
2005-09-11 16:55:34 +00:00
|
|
|
|
2013-05-24 17:59:36 +00:00
|
|
|
#define PRE_ALLOC_EXPERT_FIELDS_MEM 5000
|
|
|
|
|
2011-12-14 21:13:06 +00:00
|
|
|
/* "proto_expert" is exported from libwireshark.dll.
|
|
|
|
* Thus we need a special declaration.
|
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC int proto_expert;
|
2011-12-14 21:13:06 +00:00
|
|
|
|
2005-09-11 16:55:34 +00:00
|
|
|
extern void
|
|
|
|
expert_init(void);
|
|
|
|
|
2013-05-24 17:59:36 +00:00
|
|
|
extern void
|
|
|
|
expert_packet_init(void);
|
|
|
|
|
2005-09-11 16:55:34 +00:00
|
|
|
extern void
|
|
|
|
expert_cleanup(void);
|
|
|
|
|
2013-05-24 17:59:36 +00:00
|
|
|
extern void
|
|
|
|
expert_packet_cleanup(void);
|
|
|
|
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC int
|
2006-08-31 22:56:38 +00:00
|
|
|
expert_get_highest_severity(void);
|
|
|
|
|
2013-05-24 17:59:36 +00:00
|
|
|
/** Add an expert info.
|
|
|
|
Add an expert info tree to a protocol item using registered expert info item
|
|
|
|
@param pinfo Packet info of the currently processed packet. May be NULL if
|
|
|
|
pi is supplied
|
|
|
|
@param pi Current protocol item (or NULL)
|
|
|
|
@param eiindex The registered expert info item
|
|
|
|
*/
|
|
|
|
WS_DLL_PUBLIC void
|
|
|
|
expert_add_info(packet_info *pinfo, proto_item *pi, expert_field* eiindex);
|
|
|
|
|
2005-09-11 16:55:34 +00:00
|
|
|
/** Add an expert info.
|
2010-02-27 22:12:43 +00:00
|
|
|
Add an expert info tree to a protocol item, with classification and message.
|
2012-08-10 20:33:01 +00:00
|
|
|
@param pinfo Packet info of the currently processed packet. May be NULL if
|
|
|
|
pi is supplied
|
|
|
|
@param pi Current protocol item (or NULL)
|
|
|
|
@param group The expert group (like PI_CHECKSUM - see: proto.h)
|
|
|
|
@param severity The expert severity (like PI_WARN - see: proto.h)
|
|
|
|
@param format Printf-style format string for additional arguments
|
2005-09-11 16:55:34 +00:00
|
|
|
*/
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC void
|
2005-09-13 04:00:47 +00:00
|
|
|
expert_add_info_format(packet_info *pinfo, proto_item *pi, int group,
|
|
|
|
int severity, const char *format, ...)
|
2010-01-25 13:20:53 +00:00
|
|
|
G_GNUC_PRINTF(5, 6);
|
2005-09-11 16:55:34 +00:00
|
|
|
|
2013-05-24 17:59:36 +00:00
|
|
|
/** Add an expert info.
|
|
|
|
Add an expert info tree to a protocol item, using registered expert info item,
|
|
|
|
but with a formatted message.
|
|
|
|
@param pinfo Packet info of the currently processed packet. May be NULL if
|
|
|
|
pi is supplied
|
|
|
|
@param pi Current protocol item (or NULL)
|
|
|
|
@param eiindex The registered expert info item
|
|
|
|
@param format Printf-style format string for additional arguments
|
|
|
|
*/
|
|
|
|
WS_DLL_PUBLIC void
|
2013-05-24 18:12:00 +00:00
|
|
|
expert_add_info_format_text(packet_info *pinfo, proto_item *pi, expert_field *eiindex,
|
|
|
|
const char *format, ...) G_GNUC_PRINTF(4, 5);
|
2013-05-24 17:59:36 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Register that a protocol has expert info.
|
|
|
|
*/
|
|
|
|
WS_DLL_PUBLIC expert_module_t *expert_register_protocol(int id);
|
|
|
|
|
|
|
|
/** Register a expert field array.
|
|
|
|
@param module the protocol handle from expert_register_protocol()
|
|
|
|
@param ei the ei_register_info array
|
|
|
|
@param num_records the number of records in exp */
|
|
|
|
WS_DLL_PUBLIC void
|
|
|
|
expert_register_field_array(expert_module_t* module, ei_register_info *ei, const int num_records);
|
|
|
|
|
|
|
|
|
2011-05-25 11:05:23 +00:00
|
|
|
/** Add an expert info about not dissected "item"
|
|
|
|
Add an expert info tree to a not dissected protocol item.
|
2013-04-26 18:28:21 +00:00
|
|
|
@param tvb The tvb associated with the item.
|
2012-08-10 20:33:01 +00:00
|
|
|
@param pinfo Packet info of the currently processed packet. May be NULL.
|
|
|
|
@param tree Tree to add the item to
|
|
|
|
@param offset Offset in tvb
|
|
|
|
@param length The length of the item.
|
|
|
|
@param severity The expert severity (like PI_WARN - see: proto.h)
|
2011-05-25 11:05:23 +00:00
|
|
|
*/
|
|
|
|
|
2013-03-01 23:53:11 +00:00
|
|
|
WS_DLL_PUBLIC void
|
2011-05-25 11:05:23 +00:00
|
|
|
expert_add_undecoded_item(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, int offset, int length, const int severity);
|
2011-02-01 21:03:29 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
2005-09-11 16:55:34 +00:00
|
|
|
#endif /* __EXPERT_H__ */
|