2 * Definitions for network object lookup
4 * Laurent Deniel <laurent.deniel@free.fr>
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 /* The buffers returned by these functions are all allocated with a
25 * packet lifetime and does not have have to be freed.
26 * However, take into account that when the packet dissection
27 * completes, these buffers will be automatically reclaimed/freed.
28 * If you need the buffer to remain for a longer scope than packet lifetime
29 * you must copy the content to an wmem_file_scope() buffer.
35 #include <epan/address.h>
36 #include <epan/tvbuff.h>
37 #include <epan/ipv6-utils.h>
38 #include <epan/to_str.h>
39 #include <wiretap/wtap.h>
40 #include "ws_symbol_export.h"
44 #endif /* __cplusplus */
47 #define MAXNAMELEN 64 /* max name length (hostname and port name) */
51 * @brief Flags to control name resolution.
53 typedef struct _e_addr_resolve {
54 gboolean mac_name; /**< Whether to resolve Ethernet MAC to manufacturer names */
55 gboolean network_name; /**< Whether to resolve IPv4, IPv6, and IPX addresses into host names */
56 gboolean transport_name; /**< Whether to resolve TCP/UDP ports into service names */
57 gboolean concurrent_dns; /**< Whether to use concurrent DNS name resolution */
58 gboolean dns_pkt_addr_resolution; /**< Whether to resolve addresses using captured DNS packets */
59 gboolean use_external_net_name_resolver; /**< Whether to system's configured DNS server to resolve names */
60 gboolean load_hosts_file_from_profile_only; /**< Whether to only load the hosts in the current profile, not hosts files */
63 #define ADDR_RESOLV_MACADDR(at) \
64 (((at)->type == AT_ETHER))
66 #define ADDR_RESOLV_NETADDR(at) \
67 (((at)->type == AT_IPv4) || ((at)->type == AT_IPv6) || ((at)->type == AT_IPX))
70 typedef struct hashether hashether_t;
73 typedef struct hashmanuf hashmanuf_t;
75 typedef struct serv_port {
85 #define DUMMY_ADDRESS_ENTRY 1<<0
86 #define TRIED_RESOLVE_ADDRESS 1<<1
87 #define RESOLVED_ADDRESS_USED 1<<2
89 #define DUMMY_AND_RESOLVE_FLGS 3
90 #define USED_AND_RESOLVED_MASK (1+4)
91 typedef struct hashipv4 {
93 guint8 flags; /* B0 dummy_entry, B1 resolve, B2 If the address is used in the trace */
95 gchar name[MAXNAMELEN];
99 typedef struct hashipv6 {
100 struct e_in6_addr addr;
101 guint8 flags; /* B0 dummy_entry, B1 resolve, B2 If the address is used in the trace */
102 gchar ip6[MAX_IP6_STR_LEN]; /* XX */
103 gchar name[MAXNAMELEN];
106 * Flag controlling what names to resolve.
108 WS_DLL_PUBLIC e_addr_resolve gbl_resolv_flags;
110 /* global variables */
112 extern gchar *g_ethers_path;
113 extern gchar *g_ipxnets_path;
114 extern gchar *g_pethers_path;
115 extern gchar *g_pipxnets_path;
117 /* Functions in addr_resolv.c */
120 * udp_port_to_display() returns the port name corresponding to that UDP port,
121 * or the port number as a string if not found.
123 WS_DLL_PUBLIC gchar *udp_port_to_display(wmem_allocator_t *allocator, guint port);
126 * tcp_port_to_display() returns the port name corresponding to that TCP port,
127 * or the port number as a string if not found.
129 WS_DLL_PUBLIC gchar *tcp_port_to_display(wmem_allocator_t *allocator, guint port);
132 * dccp_port_to_display() returns the port name corresponding to that DCCP port,
133 * or the port number as a string if not found.
135 extern gchar *dccp_port_to_display(wmem_allocator_t *allocator, guint port);
138 * sctp_port_to_display() returns the port name corresponding to that SCTP port,
139 * or the port number as a string if not found.
141 WS_DLL_PUBLIC gchar *sctp_port_to_display(wmem_allocator_t *allocator, guint port);
144 * Asynchronous host name lookup initialization, processing, and cleanup
147 /* Setup name resolution preferences */
149 extern void addr_resolve_pref_init(struct pref_module *nameres);
152 * disable_name_resolution() sets all relevant gbl_resolv_flags to FALSE.
154 WS_DLL_PUBLIC void disable_name_resolution(void);
156 /** If we're using c-ares or ADNS, process outstanding host name lookups.
157 * This is called from a GLIB timeout in Wireshark and before processing
158 * each packet in TShark.
160 * @return True if any new objects have been resolved since the previous
161 * call. This can be used to trigger a display update, e.g. in Wireshark.
163 WS_DLL_PUBLIC gboolean host_name_lookup_process(void);
165 /* get_hostname returns the host name or "%d.%d.%d.%d" if not found */
166 WS_DLL_PUBLIC const gchar *get_hostname(const guint addr);
168 /* get_hostname6 returns the host name, or numeric addr if not found */
170 WS_DLL_PUBLIC const gchar* get_hostname6(const struct e_in6_addr *ad);
172 /* get_ether_name returns the logical name if found in ethers files else
173 "<vendor>_%02x:%02x:%02x" if the vendor code is known else
174 "%02x:%02x:%02x:%02x:%02x:%02x" */
175 WS_DLL_PUBLIC gchar *get_ether_name(const guint8 *addr);
177 /* Same as get_ether_name with tvb support */
178 WS_DLL_PUBLIC gchar *tvb_get_ether_name(tvbuff_t *tvb, gint offset);
180 /* get_ether_name returns the logical name if found in ethers files else NULL */
181 gchar *get_ether_name_if_known(const guint8 *addr);
184 * Given a sequence of 3 octets containing an OID, get_manuf_name()
185 * returns the vendor name, or "%02x:%02x:%02x" if not known.
187 extern const gchar *get_manuf_name(const guint8 *addr);
190 * Given a sequence of 3 octets containing an OID, get_manuf_name_if_known()
191 * returns the vendor name, or NULL if not known.
193 WS_DLL_PUBLIC const gchar *get_manuf_name_if_known(const guint8 *addr);
196 * Given an integer containing a 24-bit OID, uint_get_manuf_name()
197 * returns the vendor name, or "%02x:%02x:%02x" if not known.
199 extern const gchar *uint_get_manuf_name(const guint oid);
202 * Given an integer containing a 24-bit OID, uint_get_manuf_name_if_known()
203 * returns the vendor name, or NULL if not known.
205 extern const gchar *uint_get_manuf_name_if_known(const guint oid);
208 * Given a tvbuff and an offset in that tvbuff for a 3-octet OID,
209 * tvb_get_manuf_name() returns the vendor name, or "%02x:%02x:%02x"
212 WS_DLL_PUBLIC const gchar *tvb_get_manuf_name(tvbuff_t *tvb, gint offset);
215 * Given a tvbuff and an offset in that tvbuff for a 3-octet OID,
216 * tvb_get_manuf_name_if_known() returns the vendor name, or NULL
219 WS_DLL_PUBLIC const gchar *tvb_get_manuf_name_if_known(tvbuff_t *tvb, gint offset);
221 /* eui64_to_display returns "<vendor>_%02x:%02x:%02x:%02x:%02x:%02x" if the vendor code is known
222 "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x" */
223 extern const gchar *eui64_to_display(wmem_allocator_t *allocator, const guint64 addr);
225 /* get_ipxnet_name returns the logical name if found in an ipxnets file,
226 * or a string formatted with "%X" if not */
227 extern const gchar *get_ipxnet_name(wmem_allocator_t *allocator, const guint32 addr);
229 WS_DLL_PUBLIC guint get_hash_ether_status(hashether_t* ether);
230 WS_DLL_PUBLIC char* get_hash_ether_hexaddr(hashether_t* ether);
231 WS_DLL_PUBLIC char* get_hash_ether_resolved_name(hashether_t* ether);
233 WS_DLL_PUBLIC char* get_hash_manuf_resolved_name(hashmanuf_t* manuf);
236 /* returns the ethernet address corresponding to name or NULL if not known */
237 extern guint8 *get_ether_addr(const gchar *name);
239 /* returns the ipx network corresponding to name. If name is unknown,
240 * 0 is returned and 'known' is set to FALSE. On success, 'known'
242 guint32 get_ipxnet_addr(const gchar *name, gboolean *known);
244 /* adds a hostname/IPv4 in the hash table */
245 WS_DLL_PUBLIC void add_ipv4_name(const guint addr, const gchar *name);
247 /* adds a hostname/IPv6 in the hash table */
248 WS_DLL_PUBLIC void add_ipv6_name(const struct e_in6_addr *addr, const gchar *name);
250 /** Add an additional "hosts" file for IPv4 and IPv6 name resolution.
252 * The file can be added before host_name_lookup_init() is called and
253 * will be re-read each time host_name_lookup_init() is called.
255 * @param hosts_file Absolute path to the hosts file.
257 * @return TRUE if the hosts file can be read.
259 WS_DLL_PUBLIC gboolean add_hosts_file (const char *hosts_file);
261 /* adds a hostname in the hash table */
262 WS_DLL_PUBLIC gboolean add_ip_name_from_string (const char *addr, const char *name);
265 /** Get lists of host name to address mappings we know about.
267 * The struct contains two g_lists one with hashipv4_t entries and one with hashipv6_t entries.
269 * @return a struct with lists of known addresses(IPv4 and IPv6). May be NULL.
271 WS_DLL_PUBLIC addrinfo_lists_t *get_addrinfo_list(void);
273 /* add ethernet address / name corresponding to IP address */
274 extern void add_ether_byip(const guint ip, const guint8 *eth);
276 /** Translates a string representing a hostname or dotted-decimal IPv4 address
277 * into a numeric IPv4 address value in network byte order. If compiled with
278 * c-ares, the request will wait a maximum of 250ms for the request to finish.
279 * Otherwise the wait time will be system-dependent, ususally much longer.
280 * Immediately returns FALSE for hostnames if network name resolution is
283 * @param[in] host The hostname.
284 * @param[out] addrp The numeric IPv4 address in network byte order.
285 * @return TRUE on success, FALSE on failure, timeout.
288 gboolean get_host_ipaddr(const char *host, guint32 *addrp);
290 /** Translates a string representing a hostname or colon-hex IPv6 address
291 * into a numeric IPv6 address value in network byte order. If compiled with
292 * c-ares, the request will wait a maximum of 250ms for the request to finish.
293 * Otherwise the wait time will be system-dependent, usually much longer.
294 * Immediately returns FALSE for hostnames if network name resolution is
297 * @param[in] host The hostname.
298 * @param[out] addrp The numeric IPv6 address in network byte order.
299 * @return TRUE on success, FALSE on failure or timeout.
302 gboolean get_host_ipaddr6(const char *host, struct e_in6_addr *addrp);
305 * Find out whether a hostname resolves to an ip or ipv6 address
306 * Return "ip6" if it is IPv6, "ip" otherwise (including the case
307 * that we don't know)
310 const char* host_ip_af(const char *host);
313 GHashTable *get_manuf_hashtable(void);
316 GHashTable *get_wka_hashtable(void);
319 GHashTable *get_eth_hashtable(void);
322 GHashTable *get_serv_port_hashtable(void);
325 GHashTable *get_ipxnet_hash_table(void);
328 GHashTable *get_ipv4_hash_table(void);
331 GHashTable *get_ipv6_hash_table(void);
334 * private functions (should only be called by epan directly)
338 void name_resolver_init(void);
340 /* (Re)Initialize hostname resolution subsystem */
342 void host_name_lookup_init(void);
344 /* Clean up only hostname resolutions (so they don't "leak" from one
348 void host_name_lookup_cleanup(void);
351 void addr_resolv_init(void);
354 void addr_resolv_cleanup(void);
357 void manually_resolve_cleanup(void);
359 gboolean str_to_ip(const char *str, void *dst);
360 gboolean str_to_ip6(const char *str, void *dst);
364 #endif /* __cplusplus */
366 #endif /* __RESOLV_H__ */