259989ac1a
The current mechanism that reads the first 20 blocks looking for a headerd oesn't work in all cases. I was given sample files that consist of data blocks only and have no header. Use a new approach to detect a .camins file by searching for pairs of size high + size low blocks, either read or write. Go through the entire file. If we have significantly more pairs than single, non-matching blocks, this is a camins file. Change-Id: Ic91e7db7149b105e26896d1a89cad4a2a73d0f13 Reviewed-on: https://code.wireshark.org/review/19603 Reviewed-by: Martin Kaiser <wireshark@kaiser.cx> Petri-Dish: Martin Kaiser <wireshark@kaiser.cx> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Roland Knall <rknall@gmail.com>
34 lines
1.1 KiB
C
34 lines
1.1 KiB
C
/* camins.h
|
|
*
|
|
* File format support for Rabbit Labs CAM Inspector files
|
|
* Copyright (c) 2013 by Martin Kaiser <martin@kaiser.cx>
|
|
*
|
|
* Wireshark - Network traffic analyzer
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
* Copyright 1998 Gerald Combs
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*/
|
|
|
|
#ifndef _CAMINS_H
|
|
#define _CAMINS_H
|
|
|
|
#include <glib.h>
|
|
#include <wiretap/wtap.h>
|
|
|
|
wtap_open_return_val camins_open(wtap *wth, int *err, gchar **err_info _U_);
|
|
|
|
#endif /* _CAMINS_H */
|