2 * Definitions for file structures and routines
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 #include "packet-range.h"
29 #include "wiretap/wtap.h"
30 #include <epan/dfilter/dfilter.h>
33 #include <epan/epan.h>
38 /** Return values from functions that only can succeed or fail. */
40 CF_OK, /**< operation succeeded */
41 CF_ERROR /**< operation got an error (function may provide err with details) */
44 /** Return values from functions that read capture files. */
46 CF_READ_OK, /**< operation succeeded */
47 CF_READ_ERROR, /**< operation got an error (function may provide err with details) */
48 CF_READ_ABORTED /**< operation aborted by user */
51 /** Return values from functions that print sets of packets. */
53 CF_PRINT_OK, /**< print operation succeeded */
54 CF_PRINT_OPEN_ERROR, /**< print operation failed while opening printer */
55 CF_PRINT_WRITE_ERROR /**< print operation failed while writing to the printer */
61 cf_cb_file_read_started,
62 cf_cb_file_read_finished,
63 cf_cb_packet_selected,
64 cf_cb_packet_unselected,
65 cf_cb_field_unselected,
66 cf_cb_file_save_started,
67 cf_cb_file_save_finished,
68 cf_cb_file_save_reload_finished,
69 cf_cb_file_save_failed
72 typedef void (*cf_callback_t) (gint event, gpointer data, gpointer user_data);
75 cf_callback_add(cf_callback_t func, gpointer user_data);
78 cf_callback_remove(cf_callback_t func);
81 * Open a capture file.
83 * @param cf the capture file to be opened
84 * @param fname the filename to be opened
85 * @param is_tempfile is this a temporary file?
86 * @return one of cf_status_t
88 cf_status_t cf_open(capture_file *cf, const char *fname, gboolean is_tempfile, int *err);
91 * Close a capture file.
93 * @param cf the capture file to be closed
95 void cf_close(capture_file *cf);
98 * Reload a capture file.
100 * @param cf the capture file to be reloaded
102 void cf_reload(capture_file *cf);
105 * Read all packets of a capture file into the internal structures.
107 * @param cf the capture file to be read
108 * @param from_save reread asked from cf_save
109 * @return one of cf_read_status_t
111 cf_read_status_t cf_read(capture_file *cf, gboolean from_save);
114 * Read the pseudo-header and raw data for a packet. It will pop
115 * up an alert box if there's an error.
117 * @param cf the capture file from which to read the packet
118 * @param fdata the frame_data structure for the packet in question
119 * @param pseudo_header pointer to a wtap_pseudo_header union into
120 * which to read the packet's pseudo-header
121 * @param pd a guin8 array into which to read the packet's raw data
122 * @return TRUE if the read succeeded, FALSE if there was an error
124 gboolean cf_read_frame_r(capture_file *cf, frame_data *fdata,
125 union wtap_pseudo_header *pseudo_header, guint8 *pd);
128 * Read the pseudo-header and raw data for a packet into a
129 * capture_file structure's pseudo_header and pd members.
130 * It will pop up an alert box if there's an error.
132 * @param cf the capture file from which to read the packet
133 * @param fdata the frame_data structure for the packet in question
134 * @return TRUE if the read succeeded, FALSE if there was an error
136 gboolean cf_read_frame(capture_file *cf, frame_data *fdata);
139 * Start reading from the end of a capture file.
140 * This is used in "Update list of packets in Real-Time".
142 * @param cf the capture file to be read from
143 * @param fname the filename to be read from
144 * @param is_tempfile is this a temporary file?
145 * @param err the error code, if an error had occured
146 * @return one of cf_status_t
148 cf_status_t cf_start_tail(capture_file *cf, const char *fname, gboolean is_tempfile, int *err);
151 * Read packets from the "end" of a capture file.
153 * @param cf the capture file to be read from
154 * @param to_read the number of packets to read
155 * @param err the error code, if an error had occured
156 * @return one of cf_read_status_t
158 cf_read_status_t cf_continue_tail(capture_file *cf, volatile int to_read, int *err);
161 * Fake reading packets from the "end" of a capture file.
163 * @param cf the capture file to be read from
165 void cf_fake_continue_tail(capture_file *cf);
168 * Finish reading from "end" of a capture file.
170 * @param cf the capture file to be read from
171 * @param err the error code, if an error had occured
172 * @return one of cf_read_status_t
174 cf_read_status_t cf_finish_tail(capture_file *cf, int *err);
177 * Determine whether this capture file (or a range of it) can be saved
178 * (except by copying the raw file data).
180 * @param cf the capture file to check
181 * @return TRUE if it can be saved, FALSE if it can't
183 gboolean cf_can_save_as(capture_file *cf);
186 * Save a capture file (or a range of it).
188 * @param cf the capture file to save to
189 * @param fname the filename to save to
190 * @param range the range of packets to save
191 * @param save_format the format of the file to save (libpcap, ...)
192 * @param compressed whether to gzip compress the file
193 * @return one of cf_status_t
195 cf_status_t cf_save(capture_file * cf, const char *fname, packet_range_t *range, guint save_format, gboolean compressed);
198 * Get a displayable name of the capture file.
200 * @param cf the capture file
201 * @return the displayable name (don't have to be g_free'd)
203 const gchar *cf_get_display_name(capture_file *cf);
206 * Set the source of the capture data for temporary files, e.g.
207 * "Interface eth0" or "Pipe from Pong"
209 * @param cf the capture file
210 * @param source the source description. this will be copied internally.
212 void cf_set_tempfile_source(capture_file *cf, gchar *source);
215 * Get the source of the capture data for temporary files. Guaranteed to
216 * return a non-null value. The returned value should not be freed.
218 * @param cf the capture file
219 * @param source the source description. this will be copied internally.
221 const gchar *cf_get_tempfile_source(capture_file *cf);
224 * Get the number of packets in the capture file.
226 * @param cf the capture file
227 * @return the number of packets in the capture file
229 int cf_get_packet_count(capture_file *cf);
232 * Set the number of packets in the capture file.
234 * @param cf the capture file
235 * @param the number of packets in the capture file
237 void cf_set_packet_count(capture_file *cf, int packet_count);
240 * Is this capture file a temporary file?
242 * @param cf the capture file
243 * @return TRUE if it's a temporary file, FALSE otherwise
245 gboolean cf_is_tempfile(capture_file *cf);
248 * Set flag, that this file is a tempfile.
250 void cf_set_tempfile(capture_file *cf, gboolean is_tempfile);
253 * Set flag, if the number of packet drops while capturing are known or not.
255 * @param cf the capture file
256 * @param drops_known TRUE if the number of packet drops are known, FALSE otherwise
258 void cf_set_drops_known(capture_file *cf, gboolean drops_known);
261 * Set the number of packet drops while capturing.
263 * @param cf the capture file
264 * @param drops the number of packet drops occured while capturing
266 void cf_set_drops(capture_file *cf, guint32 drops);
269 * Get flag state, if the number of packet drops while capturing are known or not.
271 * @param cf the capture file
272 * @return TRUE if the number of packet drops are known, FALSE otherwise
274 gboolean cf_get_drops_known(capture_file *cf);
277 * Get the number of packet drops while capturing.
279 * @param cf the capture file
280 * @return the number of packet drops occured while capturing
282 guint32 cf_get_drops(capture_file *cf);
285 * Set the read filter.
286 * @todo this shouldn't be required, remove it somehow
288 * @param cf the capture file
289 * @param rfcode the readfilter
291 void cf_set_rfcode(capture_file *cf, dfilter_t *rfcode);
294 * "Display Filter" packets in the capture file.
296 * @param cf the capture file
297 * @param dfilter the display filter
298 * @param force TRUE if do in any case, FALSE only if dfilter changed
299 * @return one of cf_status_t
301 cf_status_t cf_filter_packets(capture_file *cf, gchar *dfilter, gboolean force);
304 * At least one "Refence Time" flag has changed, rescan all packets.
306 * @param cf the capture file
308 void cf_reftime_packets(capture_file *cf);
311 * Return the time it took to load the file
313 gulong cf_get_computed_elapsed(void);
316 * The coloring rules have changed, redo coloring
318 * @param cf the capture file
320 void cf_colorize_packets(capture_file *cf);
323 * "Something" has changed, rescan all packets.
325 * @param cf the capture file
327 void cf_redissect_packets(capture_file *cf);
330 * Rescan all packets and just run taps - don't reconstruct the display.
332 * @param cf the capture file
333 * @return one of cf_read_status_t
335 cf_read_status_t cf_retap_packets(capture_file *cf);
338 * The time format has changed, rescan all packets.
340 * @param cf the capture file
342 void cf_change_time_formats(capture_file *cf);
345 * Adjust timestamp precision if auto is selected.
347 * @param cf the capture file
349 void cf_timestamp_auto_precision(capture_file *cf);
352 * Print the capture file.
354 * @param cf the capture file
355 * @param print_args the arguments what and how to print
356 * @return one of cf_print_status_t
358 cf_print_status_t cf_print_packets(capture_file *cf, print_args_t *print_args);
361 * Print (export) the capture file into PDML format.
363 * @param cf the capture file
364 * @param print_args the arguments what and how to export
365 * @return one of cf_print_status_t
367 cf_print_status_t cf_write_pdml_packets(capture_file *cf, print_args_t *print_args);
370 * Print (export) the capture file into PSML format.
372 * @param cf the capture file
373 * @param print_args the arguments what and how to export
374 * @return one of cf_print_status_t
376 cf_print_status_t cf_write_psml_packets(capture_file *cf, print_args_t *print_args);
379 * Print (export) the capture file into CSV format.
381 * @param cf the capture file
382 * @param print_args the arguments what and how to export
383 * @return one of cf_print_status_t
385 cf_print_status_t cf_write_csv_packets(capture_file *cf, print_args_t *print_args);
388 * Print (export) the capture file into C Arrays format.
390 * @param cf the capture file
391 * @param print_args the arguments what and how to export
392 * @return one of cf_print_status_t
394 cf_print_status_t cf_write_carrays_packets(capture_file *cf, print_args_t *print_args);
397 * Find packet with a protocol tree item that contains a specified text string.
399 * @param cf the capture file
400 * @param string the string to find
401 * @param dir direction in which to search
402 * @return TRUE if a packet was found, FALSE otherwise
404 gboolean cf_find_packet_protocol_tree(capture_file *cf, const char *string,
405 search_direction dir);
408 * Find packet whose summary line contains a specified text string.
410 * @param cf the capture file
411 * @param string the string to find
412 * @param dir direction in which to search
413 * @return TRUE if a packet was found, FALSE otherwise
415 gboolean cf_find_packet_summary_line(capture_file *cf, const char *string,
416 search_direction dir);
419 * Find packet whose data contains a specified byte string.
421 * @param cf the capture file
422 * @param string the string to find
423 * @param string_size the size of the string to find
424 * @param dir direction in which to search
425 * @return TRUE if a packet was found, FALSE otherwise
427 gboolean cf_find_packet_data(capture_file *cf, const guint8 *string,
428 size_t string_size, search_direction dir);
431 * Find packet that matches a compiled display filter.
433 * @param cf the capture file
434 * @param sfcode the display filter to match
435 * @param dir direction in which to search
436 * @return TRUE if a packet was found, FALSE otherwise
438 gboolean cf_find_packet_dfilter(capture_file *cf, dfilter_t *sfcode,
439 search_direction dir);
442 * Find packet that matches a display filter given as a text string.
444 * @param cf the capture file
445 * @param filter the display filter to match
446 * @param dir direction in which to search
447 * @return TRUE if a packet was found, FALSE otherwise
450 cf_find_packet_dfilter_string(capture_file *cf, const char *filter,
451 search_direction dir);
454 * Find marked packet.
456 * @param cf the capture file
457 * @param dir direction in which to search
458 * @return TRUE if a packet was found, FALSE otherwise
460 gboolean cf_find_packet_marked(capture_file *cf, search_direction dir);
463 * Find time-reference packet.
465 * @param cf the capture file
466 * @param dir direction in which to search
467 * @return TRUE if a packet was found, FALSE otherwise
469 gboolean cf_find_packet_time_reference(capture_file *cf, search_direction dir);
472 * GoTo Packet in first row.
474 * @param cf the capture file
475 * @return TRUE if the first row exists, FALSE otherwise
477 gboolean cf_goto_top_frame(capture_file *cf);
480 * GoTo Packet in last row.
482 * @param cf the capture file
483 * @return TRUE if last row exists, FALSE otherwise
485 gboolean cf_goto_bottom_frame(capture_file *cf);
488 * GoTo Packet with the given row.
490 * @param cf the capture file
491 * @param row the row to go to
492 * @return TRUE if this row exists, FALSE otherwise
494 gboolean cf_goto_frame(capture_file *cf, guint row);
497 * Go to frame specified by currently selected protocol tree field.
498 * (Go To Corresponding Packet)
499 * @todo this is ugly and should be improved!
501 * @param cf the capture file
502 * @return TRUE if this packet exists, FALSE otherwise
504 gboolean cf_goto_framenum(capture_file *cf);
507 * Select the packet in the given row.
509 * @param cf the capture file
510 * @param row the row to select
512 void cf_select_packet(capture_file *cf, int row);
515 * Unselect all packets, if any.
517 * @param cf the capture file
518 * @param row the row to select
520 void cf_unselect_packet(capture_file *cf);
523 * Unselect all protocol tree fields, if any.
525 * @param cf the capture file
526 * @param row the row to select
528 void cf_unselect_field(capture_file *cf);
531 * Mark a particular frame in a particular capture.
533 * @param cf the capture file
534 * @param frame the frame to be marked
536 void cf_mark_frame(capture_file *cf, frame_data *frame);
539 * Unmark a particular frame in a particular capture.
541 * @param cf the capture file
542 * @param frame the frame to be unmarked
544 void cf_unmark_frame(capture_file *cf, frame_data *frame);
547 * Ignore a particular frame in a particular capture.
549 * @param cf the capture file
550 * @param frame the frame to be ignored
552 void cf_ignore_frame(capture_file *cf, frame_data *frame);
555 * Unignore a particular frame in a particular capture.
557 * @param cf the capture file
558 * @param frame the frame to be unignored
560 void cf_unignore_frame(capture_file *cf, frame_data *frame);
563 * Merge two (or more) capture files into one.
564 * @todo is this the right place for this function? It doesn't have to do a lot with capture_file.
566 * @param out_filename pointer to output filename; if output filename is
567 * NULL, a temporary file name is generated and *out_filename is set
568 * to point to the generated file name
569 * @param in_file_count the number of input files to merge
570 * @param in_filnames array of input filenames
571 * @param file_type the output filetype
572 * @param do_append FALSE to merge chronologically, TRUE simply append
573 * @return one of cf_status_t
576 cf_merge_files(char **out_filename, int in_file_count,
577 char *const *in_filenames, int file_type, gboolean do_append);
579 #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
580 void read_keytab_file(const char *);