Define the private data structures for some particular capture file
types in the modules for those capture file types, not in wtap-int.h, so wtap-int.h doesn't have to change when the code to handle that particular capture type changes, or a new capture file type is added. (Ultimately, we should do this for all the private data structures.) svn path=/trunk/; revision=31974
This commit is contained in:
parent
04920a8fcd
commit
dde6d97f63
|
@ -117,6 +117,10 @@ static const guint8 LA_CyclicInformationFake[] = {
|
|||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
|
||||
};
|
||||
|
||||
typedef struct {
|
||||
time_t start;
|
||||
} lanalyzer_t;
|
||||
|
||||
static gboolean lanalyzer_read(wtap *wth, int *err, gchar **err_info,
|
||||
gint64 *data_offset);
|
||||
static gboolean lanalyzer_seek_read(wtap *wth, gint64 seek_off,
|
||||
|
@ -136,6 +140,7 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
guint8 cr_day, cr_month;
|
||||
guint16 cr_year;
|
||||
struct tm tm;
|
||||
lanalyzer_t *lanalyzer;
|
||||
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
bytes_read = file_read(LE_record_type, 1, 2, wth->fh);
|
||||
|
@ -158,7 +163,8 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
* Let's get some info from it. Note that we get wth->snapshot_length
|
||||
* from a record later in the file. */
|
||||
wth->file_type = WTAP_FILE_LANALYZER;
|
||||
wth->capture.lanalyzer = g_malloc(sizeof(lanalyzer_t));
|
||||
lanalyzer = (lanalyzer_t *)g_malloc(sizeof(lanalyzer_t));;
|
||||
wth->capture.generic = lanalyzer;
|
||||
wth->subtype_read = lanalyzer_read;
|
||||
wth->subtype_seek_read = lanalyzer_seek_read;
|
||||
wth->subtype_close = lanalyzer_close;
|
||||
|
@ -168,7 +174,7 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
/* Read records until we find the start of packets */
|
||||
while (1) {
|
||||
if (file_seek(wth->fh, record_length, SEEK_CUR, err) == -1) {
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
wth->data_offset += record_length;
|
||||
|
@ -178,10 +184,10 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
if (bytes_read != 4) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err != 0) {
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
return 0;
|
||||
}
|
||||
wth->data_offset += 4;
|
||||
|
@ -199,10 +205,10 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
if (bytes_read != sizeof summary) {
|
||||
*err = file_error(wth->fh);
|
||||
if (*err != 0) {
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
return 0;
|
||||
}
|
||||
wth->data_offset += sizeof summary;
|
||||
|
@ -229,7 +235,7 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
tm.tm_min = 0;
|
||||
tm.tm_sec = 0;
|
||||
tm.tm_isdst = -1;
|
||||
wth->capture.lanalyzer->start = mktime(&tm);
|
||||
lanalyzer->start = mktime(&tm);
|
||||
/*g_message("Day %d Month %d Year %d", tm.tm_mday,
|
||||
tm.tm_mon, tm.tm_year);*/
|
||||
mxslc = pletohs(&summary[30]);
|
||||
|
@ -245,7 +251,7 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
wth->file_encap = WTAP_ENCAP_TOKEN_RING;
|
||||
break;
|
||||
default:
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
*err = WTAP_ERR_UNSUPPORTED_ENCAP;
|
||||
*err_info = g_strdup_printf("lanalyzer: board type %u unknown",
|
||||
board_type);
|
||||
|
@ -258,7 +264,7 @@ int lanalyzer_open(wtap *wth, int *err, gchar **err_info)
|
|||
/* Go back header number ob ytes so that lanalyzer_read
|
||||
* can read this header */
|
||||
if (file_seek(wth->fh, -bytes_read, SEEK_CUR, err) == -1) {
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
wth->data_offset -= bytes_read;
|
||||
|
@ -285,6 +291,7 @@ static gboolean lanalyzer_read(wtap *wth, int *err, gchar **err_info,
|
|||
guint16 time_low, time_med, time_high, true_size;
|
||||
guint64 t;
|
||||
time_t tsecs;
|
||||
lanalyzer_t *lanalyzer;
|
||||
|
||||
/* read the record type and length. */
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
|
@ -370,7 +377,8 @@ static gboolean lanalyzer_read(wtap *wth, int *err, gchar **err_info,
|
|||
t = (((guint64)time_low) << 0) + (((guint64)time_med) << 16) +
|
||||
(((guint64)time_high) << 32);
|
||||
tsecs = (time_t) (t/2000000);
|
||||
wth->phdr.ts.secs = tsecs + wth->capture.lanalyzer->start;
|
||||
lanalyzer = (lanalyzer_t *)wth->capture.generic;
|
||||
wth->phdr.ts.secs = tsecs + lanalyzer->start;
|
||||
wth->phdr.ts.nsecs = ((guint32) (t - tsecs*2000000)) * 500;
|
||||
|
||||
if (true_size - 4 >= packet_size) {
|
||||
|
@ -430,7 +438,7 @@ static gboolean lanalyzer_seek_read(wtap *wth, gint64 seek_off,
|
|||
static void
|
||||
lanalyzer_close(wtap *wth)
|
||||
{
|
||||
g_free(wth->capture.lanalyzer);
|
||||
g_free(wth->capture.generic);
|
||||
}
|
||||
|
||||
/*---------------------------------------------------
|
||||
|
|
|
@ -38,6 +38,22 @@
|
|||
/* See source to the "libpcap" library for information on the "libpcap"
|
||||
file format. */
|
||||
|
||||
/*
|
||||
* Private per-wtap_t data needed to read a file.
|
||||
*/
|
||||
typedef enum {
|
||||
NOT_SWAPPED,
|
||||
SWAPPED,
|
||||
MAYBE_SWAPPED
|
||||
} swapped_type_t;
|
||||
|
||||
typedef struct {
|
||||
gboolean byte_swapped;
|
||||
swapped_type_t lengths_swapped;
|
||||
guint16 version_major;
|
||||
guint16 version_minor;
|
||||
} libpcap_t;
|
||||
|
||||
/* On some systems, the FDDI MAC addresses are bit-swapped. */
|
||||
#if !defined(ultrix) && !defined(__alpha) && !defined(__bsdi__)
|
||||
#define BIT_SWAPPED_MAC_ADDRS
|
||||
|
@ -74,6 +90,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
gboolean modified;
|
||||
gboolean aix;
|
||||
int file_encap;
|
||||
libpcap_t *libpcap;
|
||||
|
||||
/* Read in the number that should be at the start of a "libpcap" file */
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
|
@ -242,10 +259,11 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
}
|
||||
|
||||
/* This is a libpcap file */
|
||||
wth->capture.pcap = g_malloc(sizeof(libpcap_t));
|
||||
wth->capture.pcap->byte_swapped = byte_swapped;
|
||||
wth->capture.pcap->version_major = hdr.version_major;
|
||||
wth->capture.pcap->version_minor = hdr.version_minor;
|
||||
libpcap = (libpcap_t *)g_malloc(sizeof(libpcap_t));;
|
||||
libpcap->byte_swapped = byte_swapped;
|
||||
libpcap->version_major = hdr.version_major;
|
||||
libpcap->version_minor = hdr.version_minor;
|
||||
wth->capture.generic = libpcap;
|
||||
wth->subtype_read = libpcap_read;
|
||||
wth->subtype_seek_read = libpcap_seek_read;
|
||||
wth->subtype_close = libpcap_close;
|
||||
|
@ -272,19 +290,19 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
|
||||
case 2:
|
||||
if (hdr.version_minor < 3)
|
||||
wth->capture.pcap->lengths_swapped = SWAPPED;
|
||||
libpcap->lengths_swapped = SWAPPED;
|
||||
else if (hdr.version_minor == 3)
|
||||
wth->capture.pcap->lengths_swapped = MAYBE_SWAPPED;
|
||||
libpcap->lengths_swapped = MAYBE_SWAPPED;
|
||||
else
|
||||
wth->capture.pcap->lengths_swapped = NOT_SWAPPED;
|
||||
libpcap->lengths_swapped = NOT_SWAPPED;
|
||||
break;
|
||||
|
||||
case 543:
|
||||
wth->capture.pcap->lengths_swapped = SWAPPED;
|
||||
libpcap->lengths_swapped = SWAPPED;
|
||||
break;
|
||||
|
||||
default:
|
||||
wth->capture.pcap->lengths_swapped = NOT_SWAPPED;
|
||||
libpcap->lengths_swapped = NOT_SWAPPED;
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -349,7 +367,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
* Well, we couldn't even read it.
|
||||
* Give up.
|
||||
*/
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
|
||||
case THIS_FORMAT:
|
||||
|
@ -358,7 +376,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
* Put the seek pointer back, and return success.
|
||||
*/
|
||||
if (file_seek(wth->fh, wth->data_offset, SEEK_SET, err) == -1) {
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
|
@ -379,7 +397,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
*/
|
||||
wth->file_type = WTAP_FILE_PCAP_SS990915;
|
||||
if (file_seek(wth->fh, wth->data_offset, SEEK_SET, err) == -1) {
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
} else {
|
||||
|
@ -400,7 +418,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
* Well, we couldn't even read it.
|
||||
* Give up.
|
||||
*/
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
|
||||
case THIS_FORMAT:
|
||||
|
@ -410,7 +428,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
* Put the seek pointer back, and return success.
|
||||
*/
|
||||
if (file_seek(wth->fh, wth->data_offset, SEEK_SET, err) == -1) {
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
|
@ -429,7 +447,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
*/
|
||||
wth->file_type = WTAP_FILE_PCAP_SS990417;
|
||||
if (file_seek(wth->fh, wth->data_offset, SEEK_SET, err) == -1) {
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
switch (libpcap_try(wth, err)) {
|
||||
|
@ -439,7 +457,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
* Well, we couldn't even read it.
|
||||
* Give up.
|
||||
*/
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
|
||||
case THIS_FORMAT:
|
||||
|
@ -448,7 +466,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
* Put the seek pointer back, and return success.
|
||||
*/
|
||||
if (file_seek(wth->fh, wth->data_offset, SEEK_SET, err) == -1) {
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
|
@ -469,7 +487,7 @@ int libpcap_open(wtap *wth, int *err, gchar **err_info)
|
|||
*/
|
||||
wth->file_type = WTAP_FILE_PCAP_NOKIA;
|
||||
if (file_seek(wth->fh, wth->data_offset, SEEK_SET, err) == -1) {
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
@ -587,6 +605,7 @@ static gboolean libpcap_read(wtap *wth, int *err, gchar **err_info,
|
|||
int bytes_read;
|
||||
guchar fddi_padding[3];
|
||||
int phdr_len;
|
||||
libpcap_t *libpcap;
|
||||
|
||||
bytes_read = libpcap_read_header(wth, err, err_info, &hdr);
|
||||
if (bytes_read == -1) {
|
||||
|
@ -624,7 +643,9 @@ static gboolean libpcap_read(wtap *wth, int *err, gchar **err_info,
|
|||
|
||||
*data_offset = wth->data_offset;
|
||||
|
||||
phdr_len = pcap_process_pseudo_header(wth->fh, wth->file_type, wth->file_encap, wth->capture.pcap->byte_swapped, packet_size,
|
||||
libpcap = (libpcap_t *)wth->capture.generic;
|
||||
phdr_len = pcap_process_pseudo_header(wth->fh, wth->file_type,
|
||||
wth->file_encap, libpcap->byte_swapped, packet_size,
|
||||
TRUE, &wth->phdr, &wth->pseudo_header, err, err_info);
|
||||
if (phdr_len < 0)
|
||||
return FALSE; /* error */
|
||||
|
@ -688,11 +709,14 @@ libpcap_seek_read(wtap *wth, gint64 seek_off,
|
|||
int *err, gchar **err_info)
|
||||
{
|
||||
int phdr_len;
|
||||
libpcap_t *libpcap;
|
||||
|
||||
if (file_seek(wth->random_fh, seek_off, SEEK_SET, err) == -1)
|
||||
return FALSE;
|
||||
|
||||
phdr_len = pcap_process_pseudo_header(wth->random_fh, wth->file_type, wth->file_encap, wth->capture.pcap->byte_swapped, length,
|
||||
libpcap = (libpcap_t *)wth->capture.generic;
|
||||
phdr_len = pcap_process_pseudo_header(wth->random_fh, wth->file_type,
|
||||
wth->file_encap, libpcap->byte_swapped, length,
|
||||
FALSE, NULL, pseudo_header, err, err_info);
|
||||
if (phdr_len < 0)
|
||||
return FALSE; /* error */
|
||||
|
@ -814,8 +838,10 @@ static void
|
|||
adjust_header(wtap *wth, struct pcaprec_hdr *hdr)
|
||||
{
|
||||
guint32 temp;
|
||||
libpcap_t *libpcap;
|
||||
|
||||
if (wth->capture.pcap->byte_swapped) {
|
||||
libpcap = (libpcap_t *)wth->capture.generic;
|
||||
if (libpcap->byte_swapped) {
|
||||
/* Byte-swap the record header fields. */
|
||||
hdr->ts_sec = BSWAP32(hdr->ts_sec);
|
||||
hdr->ts_usec = BSWAP32(hdr->ts_usec);
|
||||
|
@ -824,7 +850,7 @@ adjust_header(wtap *wth, struct pcaprec_hdr *hdr)
|
|||
}
|
||||
|
||||
/* Swap the "incl_len" and "orig_len" fields, if necessary. */
|
||||
switch (wth->capture.pcap->lengths_swapped) {
|
||||
switch (libpcap->lengths_swapped) {
|
||||
|
||||
case NOT_SWAPPED:
|
||||
break;
|
||||
|
@ -867,7 +893,7 @@ libpcap_read_rec_data(FILE_T fh, guchar *pd, int length, int *err)
|
|||
static void
|
||||
libpcap_close(wtap *wth)
|
||||
{
|
||||
g_free(wth->capture.pcap);
|
||||
g_free(wth->capture.generic);
|
||||
}
|
||||
|
||||
/* Returns 0 if we could write the specified encapsulation type,
|
||||
|
|
|
@ -459,6 +459,28 @@ static const guint32 Psec[] = {
|
|||
};
|
||||
#define NUM_NGSNIFF_TIMEUNITS (sizeof Psec / sizeof Psec[0])
|
||||
|
||||
/* Information for a compressed Sniffer data stream. */
|
||||
typedef struct {
|
||||
unsigned char *buf; /* buffer into which we uncompress data */
|
||||
size_t nbytes; /* number of bytes of data in that buffer */
|
||||
int nextout; /* offset in that buffer of stream's current position */
|
||||
gint64 comp_offset; /* current offset in compressed data stream */
|
||||
gint64 uncomp_offset; /* current offset in uncompressed data stream */
|
||||
} ngsniffer_comp_stream_t;
|
||||
|
||||
typedef struct {
|
||||
guint maj_vers;
|
||||
guint min_vers;
|
||||
guint32 timeunit;
|
||||
time_t start;
|
||||
guint network; /* network type */
|
||||
ngsniffer_comp_stream_t seq; /* sequential access */
|
||||
ngsniffer_comp_stream_t rand; /* random access */
|
||||
GList *first_blob; /* list element for first blob */
|
||||
GList *last_blob; /* list element for last blob */
|
||||
GList *current_blob; /* list element for current blob */
|
||||
} ngsniffer_t;
|
||||
|
||||
static int process_header_records(wtap *wth, int *err, gchar **err_info,
|
||||
gint16 maj_vers, guint8 network);
|
||||
static int process_rec_header2_v2(wtap *wth, unsigned char *buffer,
|
||||
|
@ -530,6 +552,7 @@ int ngsniffer_open(wtap *wth, int *err, gchar **err_info)
|
|||
};
|
||||
#define NUM_NGSNIFF_ENCAPS (sizeof sniffer_encap / sizeof sniffer_encap[0])
|
||||
struct tm tm;
|
||||
ngsniffer_t *ngsniffer;
|
||||
|
||||
/* Read in the string that should be at the start of a Sniffer file */
|
||||
errno = WTAP_ERR_CANT_READ;
|
||||
|
@ -677,33 +700,34 @@ int ngsniffer_open(wtap *wth, int *err, gchar **err_info)
|
|||
}
|
||||
|
||||
/* This is a ngsniffer file */
|
||||
wth->capture.ngsniffer = g_malloc(sizeof(ngsniffer_t));
|
||||
wth->capture.ngsniffer->maj_vers = maj_vers;
|
||||
wth->capture.ngsniffer->min_vers = pletohs(&version.min_vers);
|
||||
ngsniffer = (ngsniffer_t *)g_malloc(sizeof(ngsniffer_t));
|
||||
wth->capture.generic = ngsniffer;
|
||||
ngsniffer->maj_vers = maj_vers;
|
||||
ngsniffer->min_vers = pletohs(&version.min_vers);
|
||||
|
||||
/* We haven't allocated any uncompression buffers yet. */
|
||||
wth->capture.ngsniffer->seq.buf = NULL;
|
||||
wth->capture.ngsniffer->rand.buf = NULL;
|
||||
ngsniffer->seq.buf = NULL;
|
||||
ngsniffer->rand.buf = NULL;
|
||||
|
||||
/* Set the current file offset; the offset in the compressed file
|
||||
and in the uncompressed data stream currently the same. */
|
||||
wth->capture.ngsniffer->seq.uncomp_offset = wth->data_offset;
|
||||
wth->capture.ngsniffer->seq.comp_offset = wth->data_offset;
|
||||
wth->capture.ngsniffer->rand.uncomp_offset = wth->data_offset;
|
||||
wth->capture.ngsniffer->rand.comp_offset = wth->data_offset;
|
||||
ngsniffer->seq.uncomp_offset = wth->data_offset;
|
||||
ngsniffer->seq.comp_offset = wth->data_offset;
|
||||
ngsniffer->rand.uncomp_offset = wth->data_offset;
|
||||
ngsniffer->rand.comp_offset = wth->data_offset;
|
||||
|
||||
/* We don't yet have any list of compressed blobs. */
|
||||
wth->capture.ngsniffer->first_blob = NULL;
|
||||
wth->capture.ngsniffer->last_blob = NULL;
|
||||
wth->capture.ngsniffer->current_blob = NULL;
|
||||
ngsniffer->first_blob = NULL;
|
||||
ngsniffer->last_blob = NULL;
|
||||
ngsniffer->current_blob = NULL;
|
||||
|
||||
wth->subtype_read = ngsniffer_read;
|
||||
wth->subtype_seek_read = ngsniffer_seek_read;
|
||||
wth->subtype_sequential_close = ngsniffer_sequential_close;
|
||||
wth->subtype_close = ngsniffer_close;
|
||||
wth->snapshot_length = 0; /* not available in header, only in frame */
|
||||
wth->capture.ngsniffer->timeunit = Psec[version.timeunit];
|
||||
wth->capture.ngsniffer->network = version.network;
|
||||
ngsniffer->timeunit = Psec[version.timeunit];
|
||||
ngsniffer->network = version.network;
|
||||
|
||||
/* Get capture start time */
|
||||
start_time = pletohs(&version.time);
|
||||
|
@ -719,7 +743,7 @@ int ngsniffer_open(wtap *wth, int *err, gchar **err_info)
|
|||
tm.tm_min = 0;
|
||||
tm.tm_sec = 0;
|
||||
tm.tm_isdst = -1;
|
||||
wth->capture.ngsniffer->start = mktime(&tm);
|
||||
ngsniffer->start = mktime(&tm);
|
||||
/*
|
||||
* XXX - what if "secs" is -1? Unlikely,
|
||||
* but if the capture was done in a time
|
||||
|
@ -1005,6 +1029,7 @@ process_rec_header2_v145(wtap *wth, unsigned char *buffer, guint16 length,
|
|||
static gboolean ngsniffer_read(wtap *wth, int *err, gchar **err_info,
|
||||
gint64 *data_offset)
|
||||
{
|
||||
ngsniffer_t *ngsniffer;
|
||||
int ret;
|
||||
guint16 type, length;
|
||||
struct frame2_rec frame2;
|
||||
|
@ -1015,6 +1040,7 @@ static gboolean ngsniffer_read(wtap *wth, int *err, gchar **err_info,
|
|||
guint64 t, tsecs, tpsecs;
|
||||
guchar *pd;
|
||||
|
||||
ngsniffer = (ngsniffer_t *)wth->capture.generic;
|
||||
for (;;) {
|
||||
/*
|
||||
* Read the record header.
|
||||
|
@ -1031,7 +1057,7 @@ static gboolean ngsniffer_read(wtap *wth, int *err, gchar **err_info,
|
|||
switch (type) {
|
||||
|
||||
case REC_FRAME2:
|
||||
if (wth->capture.ngsniffer->network == NETWORK_ATM) {
|
||||
if (ngsniffer->network == NETWORK_ATM) {
|
||||
/*
|
||||
* We shouldn't get a frame2 record in
|
||||
* an ATM capture.
|
||||
|
@ -1061,7 +1087,7 @@ static gboolean ngsniffer_read(wtap *wth, int *err, gchar **err_info,
|
|||
goto found;
|
||||
|
||||
case REC_FRAME4:
|
||||
if (wth->capture.ngsniffer->network != NETWORK_ATM) {
|
||||
if (ngsniffer->network != NETWORK_ATM) {
|
||||
/*
|
||||
* We shouldn't get a frame2 record in
|
||||
* a non-ATM capture.
|
||||
|
@ -1089,10 +1115,10 @@ static gboolean ngsniffer_read(wtap *wth, int *err, gchar **err_info,
|
|||
* a bogus record length, based on the assumption
|
||||
* that the record is a frame2 record.
|
||||
*/
|
||||
if (wth->capture.ngsniffer->maj_vers >= 5)
|
||||
if (ngsniffer->maj_vers >= 5)
|
||||
length -= sizeof frame4; /* we already read that much */
|
||||
else {
|
||||
if (wth->capture.ngsniffer->min_vers >= 95)
|
||||
if (ngsniffer->min_vers >= 95)
|
||||
length -= sizeof frame2;
|
||||
else
|
||||
length -= sizeof frame4;
|
||||
|
@ -1181,7 +1207,7 @@ found:
|
|||
* bits. That gives a 64-bit time stamp, in units of
|
||||
* picoseconds.
|
||||
*/
|
||||
t *= wth->capture.ngsniffer->timeunit;
|
||||
t *= ngsniffer->timeunit;
|
||||
|
||||
/*
|
||||
* Convert to seconds and picoseconds.
|
||||
|
@ -1197,7 +1223,7 @@ found:
|
|||
/*
|
||||
* Add in the capture start time.
|
||||
*/
|
||||
tsecs += wth->capture.ngsniffer->start;
|
||||
tsecs += ngsniffer->start;
|
||||
|
||||
wth->phdr.ts.secs = (time_t)tsecs;
|
||||
wth->phdr.ts.nsecs = (int)(tpsecs/1000); /* psecs to nsecs */
|
||||
|
@ -1922,9 +1948,12 @@ static int fix_pseudo_header(int encap, const guint8 *pd, int len,
|
|||
those used by the random I/O stream. */
|
||||
static void ngsniffer_sequential_close(wtap *wth)
|
||||
{
|
||||
if (wth->capture.ngsniffer->seq.buf != NULL) {
|
||||
g_free(wth->capture.ngsniffer->seq.buf);
|
||||
wth->capture.ngsniffer->seq.buf = NULL;
|
||||
ngsniffer_t *ngsniffer;
|
||||
|
||||
ngsniffer = (ngsniffer_t *)wth->capture.generic;
|
||||
if (ngsniffer->seq.buf != NULL) {
|
||||
g_free(ngsniffer->seq.buf);
|
||||
ngsniffer->seq.buf = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1939,15 +1968,23 @@ static void free_blob(gpointer data, gpointer user_data _U_)
|
|||
is called, so we don't have to free the sequential buffer here.) */
|
||||
static void ngsniffer_close(wtap *wth)
|
||||
{
|
||||
if (wth->capture.ngsniffer->rand.buf != NULL)
|
||||
g_free(wth->capture.ngsniffer->rand.buf);
|
||||
if (wth->capture.ngsniffer->first_blob != NULL) {
|
||||
g_list_foreach(wth->capture.ngsniffer->first_blob, free_blob, NULL);
|
||||
g_list_free(wth->capture.ngsniffer->first_blob);
|
||||
ngsniffer_t *ngsniffer;
|
||||
|
||||
ngsniffer = (ngsniffer_t *)wth->capture.generic;
|
||||
if (ngsniffer->rand.buf != NULL)
|
||||
g_free(ngsniffer->rand.buf);
|
||||
if (ngsniffer->first_blob != NULL) {
|
||||
g_list_foreach(ngsniffer->first_blob, free_blob, NULL);
|
||||
g_list_free(ngsniffer->first_blob);
|
||||
}
|
||||
g_free(wth->capture.ngsniffer);
|
||||
g_free(ngsniffer);
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
gboolean first_frame;
|
||||
time_t start;
|
||||
} ngsniffer_dump_t;
|
||||
|
||||
static const int wtap_encap[] = {
|
||||
-1, /* WTAP_ENCAP_UNKNOWN -> unsupported */
|
||||
1, /* WTAP_ENCAP_ETHERNET */
|
||||
|
@ -1988,6 +2025,7 @@ int ngsniffer_dump_can_write_encap(int encap)
|
|||
failure */
|
||||
gboolean ngsniffer_dump_open(wtap_dumper *wdh, gboolean cant_seek _U_, int *err)
|
||||
{
|
||||
ngsniffer_dump_t *ngsniffer;
|
||||
size_t nwritten;
|
||||
char buf[6] = {REC_VERS, 0x00, 0x12, 0x00, 0x00, 0x00}; /* version record */
|
||||
|
||||
|
@ -1995,9 +2033,10 @@ gboolean ngsniffer_dump_open(wtap_dumper *wdh, gboolean cant_seek _U_, int *err)
|
|||
wdh->subtype_write = ngsniffer_dump;
|
||||
wdh->subtype_close = ngsniffer_dump_close;
|
||||
|
||||
wdh->dump.ngsniffer = g_malloc(sizeof(ngsniffer_dump_t));
|
||||
wdh->dump.ngsniffer->first_frame = TRUE;
|
||||
wdh->dump.ngsniffer->start = 0;
|
||||
ngsniffer = (ngsniffer_dump_t *)g_malloc(sizeof(ngsniffer_dump_t));
|
||||
wdh->dump.opaque = ngsniffer;
|
||||
ngsniffer->first_frame = TRUE;
|
||||
ngsniffer->start = 0;
|
||||
|
||||
/* Write the file header. */
|
||||
nwritten = fwrite(ngsniffer_magic, 1, sizeof ngsniffer_magic, wdh->fh);
|
||||
|
@ -2025,7 +2064,7 @@ gboolean ngsniffer_dump_open(wtap_dumper *wdh, gboolean cant_seek _U_, int *err)
|
|||
static gboolean ngsniffer_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
|
||||
const union wtap_pseudo_header *pseudo_header, const guchar *pd, int *err)
|
||||
{
|
||||
ngsniffer_dump_t *priv = wdh->dump.ngsniffer;
|
||||
ngsniffer_dump_t *ngsniffer = (ngsniffer_dump_t *)wdh->dump.opaque;
|
||||
struct frame2_rec rec_hdr;
|
||||
size_t nwritten;
|
||||
char buf[6];
|
||||
|
@ -2042,18 +2081,18 @@ static gboolean ngsniffer_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
|
|||
have times relative to the beginning of that day in the packet
|
||||
headers; pick the date of the first packet as the capture start
|
||||
date. */
|
||||
if (priv->first_frame) {
|
||||
priv->first_frame=FALSE;
|
||||
if (ngsniffer->first_frame) {
|
||||
ngsniffer->first_frame=FALSE;
|
||||
tm = localtime(&phdr->ts.secs);
|
||||
if (tm != NULL) {
|
||||
start_date = (tm->tm_year - (1980 - 1900)) << 9;
|
||||
start_date |= (tm->tm_mon + 1) << 5;
|
||||
start_date |= tm->tm_mday;
|
||||
/* record the start date, not the start time */
|
||||
priv->start = phdr->ts.secs - (3600*tm->tm_hour + 60*tm->tm_min + tm->tm_sec);
|
||||
ngsniffer->start = phdr->ts.secs - (3600*tm->tm_hour + 60*tm->tm_min + tm->tm_sec);
|
||||
} else {
|
||||
start_date = 0;
|
||||
priv->start = 0;
|
||||
ngsniffer->start = 0;
|
||||
}
|
||||
|
||||
/* "sniffer" version ? */
|
||||
|
@ -2096,7 +2135,7 @@ static gboolean ngsniffer_dump(wtap_dumper *wdh, const struct wtap_pkthdr *phdr,
|
|||
return FALSE;
|
||||
}
|
||||
/* Seconds since the start of the capture */
|
||||
tsecs = phdr->ts.secs - priv->start;
|
||||
tsecs = phdr->ts.secs - ngsniffer->start;
|
||||
/* Extract the number of days since the start of the capture */
|
||||
rec_hdr.time_day = (guint8)(tsecs / 86400); /* # days of capture - 86400 secs/day */
|
||||
tsecs -= rec_hdr.time_day * 86400; /* time within day */
|
||||
|
@ -2405,6 +2444,7 @@ static gint64
|
|||
ng_file_read(void *buffer, size_t elementsize, size_t numelements, wtap *wth,
|
||||
gboolean is_random, int *err)
|
||||
{
|
||||
ngsniffer_t *ngsniffer;
|
||||
FILE_T infile;
|
||||
ngsniffer_comp_stream_t *comp_stream;
|
||||
size_t copybytes = elementsize * numelements; /* bytes left to be copied */
|
||||
|
@ -2414,12 +2454,13 @@ ng_file_read(void *buffer, size_t elementsize, size_t numelements, wtap *wth,
|
|||
size_t bytes_to_copy;
|
||||
size_t bytes_left;
|
||||
|
||||
ngsniffer = (ngsniffer_t *)wth->capture.generic;
|
||||
if (is_random) {
|
||||
infile = wth->random_fh;
|
||||
comp_stream = &wth->capture.ngsniffer->rand;
|
||||
comp_stream = &ngsniffer->rand;
|
||||
} else {
|
||||
infile = wth->fh;
|
||||
comp_stream = &wth->capture.ngsniffer->seq;
|
||||
comp_stream = &ngsniffer->seq;
|
||||
}
|
||||
|
||||
if (wth->file_type == WTAP_FILE_NGSNIFFER_UNCOMPRESSED) {
|
||||
|
@ -2440,21 +2481,19 @@ ng_file_read(void *buffer, size_t elementsize, size_t numelements, wtap *wth,
|
|||
(as we've not done any random reads yet to move the
|
||||
current position in the random stream); set the
|
||||
current blob to be the first blob. */
|
||||
wth->capture.ngsniffer->current_blob =
|
||||
wth->capture.ngsniffer->first_blob;
|
||||
ngsniffer->current_blob = ngsniffer->first_blob;
|
||||
} else {
|
||||
/* This is the first sequential read; if we also have a
|
||||
random stream open, allocate the first element for the
|
||||
list of blobs, and make it the last element as well. */
|
||||
if (wth->random_fh != NULL) {
|
||||
g_assert(wth->capture.ngsniffer->first_blob == NULL);
|
||||
g_assert(ngsniffer->first_blob == NULL);
|
||||
blob = g_malloc(sizeof (blob_info_t));
|
||||
blob->blob_comp_offset = comp_stream->comp_offset;
|
||||
blob->blob_uncomp_offset = comp_stream->uncomp_offset;
|
||||
wth->capture.ngsniffer->first_blob =
|
||||
g_list_append(wth->capture.ngsniffer->first_blob, blob);
|
||||
wth->capture.ngsniffer->last_blob =
|
||||
wth->capture.ngsniffer->first_blob;
|
||||
ngsniffer->first_blob = g_list_append(ngsniffer->first_blob,
|
||||
blob);
|
||||
ngsniffer->last_blob = ngsniffer->first_blob;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2470,9 +2509,8 @@ ng_file_read(void *buffer, size_t elementsize, size_t numelements, wtap *wth,
|
|||
|
||||
if (is_random) {
|
||||
/* Move to the next blob in the list. */
|
||||
wth->capture.ngsniffer->current_blob =
|
||||
g_list_next(wth->capture.ngsniffer->current_blob);
|
||||
blob = wth->capture.ngsniffer->current_blob->data;
|
||||
ngsniffer->current_blob = g_list_next(ngsniffer->current_blob);
|
||||
blob = ngsniffer->current_blob->data;
|
||||
} else {
|
||||
/* If we also have a random stream open, add a new element,
|
||||
for this blob, to the list of blobs; we know the list is
|
||||
|
@ -2483,8 +2521,8 @@ ng_file_read(void *buffer, size_t elementsize, size_t numelements, wtap *wth,
|
|||
blob = g_malloc(sizeof (blob_info_t));
|
||||
blob->blob_comp_offset = comp_stream->comp_offset;
|
||||
blob->blob_uncomp_offset = comp_stream->uncomp_offset;
|
||||
wth->capture.ngsniffer->last_blob =
|
||||
g_list_append(wth->capture.ngsniffer->last_blob, blob);
|
||||
ngsniffer->last_blob = g_list_append(ngsniffer->last_blob,
|
||||
blob);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2572,17 +2610,19 @@ ng_file_seek_seq(wtap *wth, gint64 offset, int whence, int *err)
|
|||
gint64 delta;
|
||||
char buf[65536];
|
||||
long amount_to_read;
|
||||
ngsniffer_t *ngsniffer;
|
||||
|
||||
if (wth->file_type == WTAP_FILE_NGSNIFFER_UNCOMPRESSED)
|
||||
return file_seek(wth->fh, offset, whence, err);
|
||||
|
||||
ngsniffer = (ngsniffer_t *)wth->capture.generic;
|
||||
switch (whence) {
|
||||
|
||||
case SEEK_SET:
|
||||
break; /* "offset" is the target offset */
|
||||
|
||||
case SEEK_CUR:
|
||||
offset += wth->capture.ngsniffer->seq.uncomp_offset;
|
||||
offset += ngsniffer->seq.uncomp_offset;
|
||||
break; /* "offset" is relative to the current offset */
|
||||
|
||||
case SEEK_END:
|
||||
|
@ -2590,7 +2630,7 @@ ng_file_seek_seq(wtap *wth, gint64 offset, int whence, int *err)
|
|||
break; /* ...but we don't know where that is. */
|
||||
}
|
||||
|
||||
delta = offset - wth->capture.ngsniffer->seq.uncomp_offset;
|
||||
delta = offset - ngsniffer->seq.uncomp_offset;
|
||||
g_assert(delta >= 0);
|
||||
|
||||
/* Ok, now read and discard "delta" bytes. */
|
||||
|
@ -2624,7 +2664,7 @@ ng_file_seek_rand(wtap *wth, gint64 offset, int whence, int *err)
|
|||
if (wth->file_type == WTAP_FILE_NGSNIFFER_UNCOMPRESSED)
|
||||
return file_seek(wth->random_fh, offset, whence, err);
|
||||
|
||||
ngsniffer = wth->capture.ngsniffer;
|
||||
ngsniffer = (ngsniffer_t *)wth->capture.generic;
|
||||
|
||||
switch (whence) {
|
||||
|
||||
|
|
|
@ -44,34 +44,12 @@
|
|||
|
||||
#include "wtap.h"
|
||||
|
||||
/* Information for a compressed Sniffer data stream. */
|
||||
typedef struct {
|
||||
unsigned char *buf; /* buffer into which we uncompress data */
|
||||
size_t nbytes; /* number of bytes of data in that buffer */
|
||||
int nextout; /* offset in that buffer of stream's current position */
|
||||
gint64 comp_offset; /* current offset in compressed data stream */
|
||||
gint64 uncomp_offset; /* current offset in uncompressed data stream */
|
||||
} ngsniffer_comp_stream_t;
|
||||
|
||||
typedef struct {
|
||||
char *sdate; /* Packet start date */
|
||||
gboolean tcp_formatted; /* TCP/IP data formated Y/N */
|
||||
int format; /* Trace format type */
|
||||
} iseries_t;
|
||||
|
||||
typedef struct {
|
||||
guint maj_vers;
|
||||
guint min_vers;
|
||||
guint32 timeunit;
|
||||
time_t start;
|
||||
guint network; /* network type */
|
||||
ngsniffer_comp_stream_t seq; /* sequential access */
|
||||
ngsniffer_comp_stream_t rand; /* random access */
|
||||
GList *first_blob; /* list element for first blob */
|
||||
GList *last_blob; /* list element for last blob */
|
||||
GList *current_blob; /* list element for current blob */
|
||||
} ngsniffer_t;
|
||||
|
||||
typedef struct {
|
||||
gboolean byte_swapped;
|
||||
} i4btrace_t;
|
||||
|
@ -80,23 +58,6 @@ typedef struct {
|
|||
gboolean is_hpux_11;
|
||||
} nettl_t;
|
||||
|
||||
typedef struct {
|
||||
time_t start;
|
||||
} lanalyzer_t;
|
||||
|
||||
typedef enum {
|
||||
NOT_SWAPPED,
|
||||
SWAPPED,
|
||||
MAYBE_SWAPPED
|
||||
} swapped_type_t;
|
||||
|
||||
typedef struct {
|
||||
gboolean byte_swapped;
|
||||
swapped_type_t lengths_swapped;
|
||||
guint16 version_major;
|
||||
guint16 version_minor;
|
||||
} libpcap_t;
|
||||
|
||||
typedef struct {
|
||||
gboolean byte_swapped;
|
||||
guint16 version_major;
|
||||
|
@ -182,9 +143,6 @@ struct wtap {
|
|||
gint64 data_offset;
|
||||
|
||||
union {
|
||||
libpcap_t *pcap;
|
||||
lanalyzer_t *lanalyzer;
|
||||
ngsniffer_t *ngsniffer;
|
||||
iseries_t *iseries;
|
||||
i4btrace_t *i4btrace;
|
||||
nettl_t *nettl;
|
||||
|
@ -220,11 +178,6 @@ typedef gboolean (*subtype_write_func)(struct wtap_dumper*,
|
|||
const guchar*, int*);
|
||||
typedef gboolean (*subtype_close_func)(struct wtap_dumper*, int*);
|
||||
|
||||
typedef struct {
|
||||
gboolean first_frame;
|
||||
time_t start;
|
||||
} ngsniffer_dump_t;
|
||||
|
||||
typedef struct {
|
||||
gboolean first_frame;
|
||||
struct wtap_nstime start;
|
||||
|
@ -281,7 +234,6 @@ struct wtap_dumper {
|
|||
|
||||
union {
|
||||
void *opaque;
|
||||
ngsniffer_dump_t *ngsniffer;
|
||||
netmon_dump_t *netmon;
|
||||
netxray_dump_t *netxray;
|
||||
_5views_dump_t *_5views;
|
||||
|
|
Loading…
Reference in New Issue