2 * Collecting of Expert information.
4 * For further info, see: http://wiki.wireshark.org/Development/ExpertInfo
8 * Wireshark - Network traffic analyzer
9 * By Gerald Combs <gerald@wireshark.org>
10 * Copyright 1998 Gerald Combs
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; either version 2
15 * of the License, or (at your option) any later version.
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
30 #include <epan/packet_info.h>
31 #include <epan/proto.h>
32 #include "value_string.h"
33 #include "ws_symbol_export.h"
37 #endif /* __cplusplus */
39 /** only for internal and display use. */
40 typedef struct expert_info_s {
44 const gchar *protocol;
49 /* Expert Info and Display hf data */
50 typedef struct expert_field
56 #define EI_INIT {-1, -1}
58 typedef struct expert_field_info {
59 /* ---------- set by dissector --------- */
65 /* ------- set by register routines (prefilled by EXPFILL macro, see below) ------ */
67 const gchar *protocol;
68 hf_register_info hf_info;
72 #define EXPFILL 0, NULL, \
73 {0, {"Expert Info", NULL, FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL}}
75 typedef struct ei_register_info {
76 expert_field *ids; /**< written to by register() function */
77 expert_field_info eiinfo; /**< the field info to be registered */
80 typedef struct expert_module expert_module_t;
82 static const value_string expert_group_vals[] = {
83 { PI_CHECKSUM, "Checksum" },
84 { PI_SEQUENCE, "Sequence" },
85 { PI_RESPONSE_CODE, "Response" },
86 { PI_REQUEST_CODE, "Request" },
87 { PI_UNDECODED, "Undecoded" },
88 { PI_REASSEMBLE, "Reassemble" },
89 { PI_MALFORMED, "Malformed" },
90 { PI_DEBUG, "Debug" },
91 { PI_PROTOCOL, "Protocol" },
92 { PI_SECURITY, "Security" },
93 { PI_COMMENTS_GROUP, "Comment" },
97 static const value_string expert_severity_vals[] = {
98 { PI_ERROR, "Error" },
102 { PI_COMMENT, "Comment" },
107 #define PRE_ALLOC_EXPERT_FIELDS_MEM 5000
109 /* "proto_expert" is exported from libwireshark.dll.
110 * Thus we need a special declaration.
112 WS_DLL_PUBLIC int proto_expert;
118 expert_packet_init(void);
121 expert_cleanup(void);
124 expert_packet_cleanup(void);
127 expert_get_highest_severity(void);
130 expert_update_comment_count(guint64 count);
132 /** Add an expert info.
133 Add an expert info tree to a protocol item using registered expert info item
134 @param pinfo Packet info of the currently processed packet. May be NULL if
136 @param pi Current protocol item (or NULL)
137 @param eiindex The registered expert info item
140 expert_add_info(packet_info *pinfo, proto_item *pi, expert_field* eiindex);
142 /** Add an expert info. FOR INTERNAL (NON-DISSECTOR) USE ONLY!!!
143 Add an expert info tree to a protocol item, with classification and message.
144 @param pinfo Packet info of the currently processed packet. May be NULL if
146 @param pi Current protocol item (or NULL)
147 @param group The expert group (like PI_CHECKSUM - see: proto.h)
148 @param severity The expert severity (like PI_WARN - see: proto.h)
149 @param format Printf-style format string for additional arguments
152 expert_add_info_format_internal(packet_info *pinfo, proto_item *pi, int group,
153 int severity, const char *format, ...)
156 /** Add an expert info.
157 Add an expert info tree to a protocol item, using registered expert info item,
158 but with a formatted message.
159 @param pinfo Packet info of the currently processed packet. May be NULL if
161 @param pi Current protocol item (or NULL)
162 @param eiindex The registered expert info item
163 @param format Printf-style format string for additional arguments
166 expert_add_info_format(packet_info *pinfo, proto_item *pi, expert_field *eiindex,
167 const char *format, ...) G_GNUC_PRINTF(4, 5);
169 /** Add an expert info associated with some byte data
170 Add an expert info tree to a protocol item using registered expert info item.
171 This function is intended to replace places where
172 proto_tree_add_text or proto_tree_add_none_format + expert_add_info
174 @param tree Current protocol item (or NULL)
175 @param pinfo Packet info of the currently processed packet. May be NULL if
177 @param eiindex The registered expert info item
178 @param tvb the tv buffer of the current data
179 @param start start of data in tvb
180 @param length length of data in tvb
181 @return the newly created item above expert info tree
183 WS_DLL_PUBLIC proto_item *
184 proto_tree_add_expert(proto_tree *tree, packet_info *pinfo, expert_field* eiindex,
185 tvbuff_t *tvb, gint start, gint length);
187 /** Add an expert info associated with some byte data
188 Add an expert info tree to a protocol item, using registered expert info item,
189 but with a formatted message.
190 This function is intended to replace places where
191 proto_tree_add_text or proto_tree_add_none_format + expert_add_info_format
193 @param tree Current protocol item (or NULL)
194 @param pinfo Packet info of the currently processed packet. May be NULL if tree is supplied
195 @param eiindex The registered expert info item
196 @param tvb the tv buffer of the current data
197 @param start start of data in tvb
198 @param length length of data in tvb
199 @param format Printf-style format string for additional arguments
200 @return the newly created item above expert info tree
202 WS_DLL_PUBLIC proto_item *
203 proto_tree_add_expert_format(proto_tree *tree, packet_info *pinfo, expert_field* eiindex,
204 tvbuff_t *tvb, gint start, gint length, const char *format, ...) G_GNUC_PRINTF(7, 8);
207 * Register that a protocol has expert info.
209 WS_DLL_PUBLIC expert_module_t *expert_register_protocol(int id);
211 /** Register a expert field array.
212 @param module the protocol handle from expert_register_protocol()
213 @param ei the ei_register_info array
214 @param num_records the number of records in exp */
216 expert_register_field_array(expert_module_t* module, ei_register_info *ei, const int num_records);
218 #define EXPERT_CHECKSUM_DISABLED -2
219 #define EXPERT_CHECKSUM_UNKNOWN -1
220 #define EXPERT_CHECKSUM_GOOD 0
221 #define EXPERT_CHECKSUM_BAD 1
223 WS_DLL_PUBLIC const value_string expert_checksum_vals[];
227 #endif /* __cplusplus */
229 #endif /* __EXPERT_H__ */