2 * Definitions for file structures and routines
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
28 #include "packet-range.h"
29 #include "wiretap/wtap.h"
30 #include <epan/dfilter/dfilter.h>
33 #include <epan/epan.h>
39 #endif /* __cplusplus */
41 /** Return values from functions that only can succeed or fail. */
43 CF_OK, /**< operation succeeded */
44 CF_ERROR /**< operation got an error (function may provide err with details) */
47 /** Return values from functions that read capture files. */
49 CF_READ_OK, /**< operation succeeded */
50 CF_READ_ERROR, /**< operation got an error (function may provide err with details) */
51 CF_READ_ABORTED /**< operation aborted by user */
54 /** Return values from functions that print sets of packets. */
56 CF_PRINT_OK, /**< print operation succeeded */
57 CF_PRINT_OPEN_ERROR, /**< print operation failed while opening printer */
58 CF_PRINT_WRITE_ERROR /**< print operation failed while writing to the printer */
64 cf_cb_file_read_started,
65 cf_cb_file_read_finished,
66 cf_cb_packet_selected,
67 cf_cb_packet_unselected,
68 cf_cb_field_unselected,
69 cf_cb_file_save_started,
70 cf_cb_file_save_finished,
71 cf_cb_file_save_reload_finished,
72 cf_cb_file_save_failed
75 typedef void (*cf_callback_t) (gint event, gpointer data, gpointer user_data);
81 gboolean frame_matched;
86 cf_callback_add(cf_callback_t func, gpointer user_data);
89 cf_callback_remove(cf_callback_t func);
92 * Open a capture file.
94 * @param cf the capture file to be opened
95 * @param fname the filename to be opened
96 * @param is_tempfile is this a temporary file?
97 * @param err error code
98 * @return one of cf_status_t
100 cf_status_t cf_open(capture_file *cf, const char *fname, gboolean is_tempfile, int *err);
103 * Close a capture file.
105 * @param cf the capture file to be closed
107 void cf_close(capture_file *cf);
110 * Reload a capture file.
112 * @param cf the capture file to be reloaded
114 void cf_reload(capture_file *cf);
117 * Read all packets of a capture file into the internal structures.
119 * @param cf the capture file to be read
120 * @param from_save reread asked from cf_save
121 * @return one of cf_read_status_t
123 cf_read_status_t cf_read(capture_file *cf, gboolean from_save);
126 * Read the pseudo-header and raw data for a packet. It will pop
127 * up an alert box if there's an error.
129 * @param cf the capture file from which to read the packet
130 * @param fdata the frame_data structure for the packet in question
131 * @param pseudo_header pointer to a wtap_pseudo_header union into
132 * which to read the packet's pseudo-header
133 * @param pd a guin8 array into which to read the packet's raw data
134 * @return TRUE if the read succeeded, FALSE if there was an error
136 gboolean cf_read_frame_r(capture_file *cf, frame_data *fdata,
137 union wtap_pseudo_header *pseudo_header, guint8 *pd);
140 * Read the pseudo-header and raw data for a packet into a
141 * capture_file structure's pseudo_header and pd members.
142 * It will pop up an alert box if there's an error.
144 * @param cf the capture file from which to read the packet
145 * @param fdata the frame_data structure for the packet in question
146 * @return TRUE if the read succeeded, FALSE if there was an error
148 gboolean cf_read_frame(capture_file *cf, frame_data *fdata);
151 * Start reading from the end of a capture file.
152 * This is used in "Update list of packets in Real-Time".
154 * @param cf the capture file to be read from
155 * @param fname the filename to be read from
156 * @param is_tempfile is this a temporary file?
157 * @param err the error code, if an error had occured
158 * @return one of cf_status_t
160 cf_status_t cf_start_tail(capture_file *cf, const char *fname, gboolean is_tempfile, int *err);
163 * Read packets from the "end" of a capture file.
165 * @param cf the capture file to be read from
166 * @param to_read the number of packets to read
167 * @param err the error code, if an error had occured
168 * @return one of cf_read_status_t
170 cf_read_status_t cf_continue_tail(capture_file *cf, volatile int to_read, int *err);
173 * Fake reading packets from the "end" of a capture file.
175 * @param cf the capture file to be read from
177 void cf_fake_continue_tail(capture_file *cf);
180 * Finish reading from "end" of a capture file.
182 * @param cf the capture file to be read from
183 * @param err the error code, if an error had occured
184 * @return one of cf_read_status_t
186 cf_read_status_t cf_finish_tail(capture_file *cf, int *err);
189 * Determine whether this capture file (or a range of it) can be saved
190 * (except by copying the raw file data).
192 * @param cf the capture file to check
193 * @return TRUE if it can be saved, FALSE if it can't
195 gboolean cf_can_save_as(capture_file *cf);
198 * Save a capture file (or a range of it).
200 * @param cf the capture file to save to
201 * @param fname the filename to save to
202 * @param range the range of packets to save
203 * @param save_format the format of the file to save (libpcap, ...)
204 * @param compressed whether to gzip compress the file
205 * @return one of cf_status_t
207 cf_status_t cf_save(capture_file * cf, const char *fname, packet_range_t *range, guint save_format, gboolean compressed);
210 * Get a displayable name of the capture file.
212 * @param cf the capture file
213 * @return the displayable name (don't have to be g_free'd)
215 const gchar *cf_get_display_name(capture_file *cf);
218 * Set the source of the capture data for temporary files, e.g.
219 * "Interface eth0" or "Pipe from Pong"
221 * @param cf the capture file
222 * @param source the source description. this will be copied internally.
224 void cf_set_tempfile_source(capture_file *cf, gchar *source);
227 * Get the source of the capture data for temporary files. Guaranteed to
228 * return a non-null value. The returned value should not be freed.
230 * @param cf the capture file
232 const gchar *cf_get_tempfile_source(capture_file *cf);
235 * Get the number of packets in the capture file.
237 * @param cf the capture file
238 * @return the number of packets in the capture file
240 int cf_get_packet_count(capture_file *cf);
243 * Set the number of packets in the capture file.
245 * @param cf the capture file
246 * @param packet_count the number of packets in the capture file
248 void cf_set_packet_count(capture_file *cf, int packet_count);
251 * Is this capture file a temporary file?
253 * @param cf the capture file
254 * @return TRUE if it's a temporary file, FALSE otherwise
256 gboolean cf_is_tempfile(capture_file *cf);
259 * Set flag, that this file is a tempfile.
261 void cf_set_tempfile(capture_file *cf, gboolean is_tempfile);
264 * Set flag, if the number of packet drops while capturing are known or not.
266 * @param cf the capture file
267 * @param drops_known TRUE if the number of packet drops are known, FALSE otherwise
269 void cf_set_drops_known(capture_file *cf, gboolean drops_known);
272 * Set the number of packet drops while capturing.
274 * @param cf the capture file
275 * @param drops the number of packet drops occured while capturing
277 void cf_set_drops(capture_file *cf, guint32 drops);
280 * Get flag state, if the number of packet drops while capturing are known or not.
282 * @param cf the capture file
283 * @return TRUE if the number of packet drops are known, FALSE otherwise
285 gboolean cf_get_drops_known(capture_file *cf);
288 * Get the number of packet drops while capturing.
290 * @param cf the capture file
291 * @return the number of packet drops occured while capturing
293 guint32 cf_get_drops(capture_file *cf);
296 * Set the read filter.
297 * @todo this shouldn't be required, remove it somehow
299 * @param cf the capture file
300 * @param rfcode the readfilter
302 void cf_set_rfcode(capture_file *cf, dfilter_t *rfcode);
305 * "Display Filter" packets in the capture file.
307 * @param cf the capture file
308 * @param dfilter the display filter
309 * @param force TRUE if do in any case, FALSE only if dfilter changed
310 * @return one of cf_status_t
312 cf_status_t cf_filter_packets(capture_file *cf, gchar *dfilter, gboolean force);
315 * At least one "Refence Time" flag has changed, rescan all packets.
317 * @param cf the capture file
319 void cf_reftime_packets(capture_file *cf);
322 * Return the time it took to load the file
324 gulong cf_get_computed_elapsed(void);
327 * "Something" has changed, rescan all packets.
329 * @param cf the capture file
331 void cf_redissect_packets(capture_file *cf);
334 * Rescan all packets and just run taps - don't reconstruct the display.
336 * @param cf the capture file
337 * @return one of cf_read_status_t
339 cf_read_status_t cf_retap_packets(capture_file *cf);
342 * Adjust timestamp precision if auto is selected.
344 * @param cf the capture file
346 void cf_timestamp_auto_precision(capture_file *cf);
349 * Print the capture file.
351 * @param cf the capture file
352 * @param print_args the arguments what and how to print
353 * @return one of cf_print_status_t
355 cf_print_status_t cf_print_packets(capture_file *cf, print_args_t *print_args);
358 * Print (export) the capture file into PDML format.
360 * @param cf the capture file
361 * @param print_args the arguments what and how to export
362 * @return one of cf_print_status_t
364 cf_print_status_t cf_write_pdml_packets(capture_file *cf, print_args_t *print_args);
367 * Print (export) the capture file into PSML format.
369 * @param cf the capture file
370 * @param print_args the arguments what and how to export
371 * @return one of cf_print_status_t
373 cf_print_status_t cf_write_psml_packets(capture_file *cf, print_args_t *print_args);
376 * Print (export) the capture file into CSV format.
378 * @param cf the capture file
379 * @param print_args the arguments what and how to export
380 * @return one of cf_print_status_t
382 cf_print_status_t cf_write_csv_packets(capture_file *cf, print_args_t *print_args);
385 * Print (export) the capture file into C Arrays format.
387 * @param cf the capture file
388 * @param print_args the arguments what and how to export
389 * @return one of cf_print_status_t
391 cf_print_status_t cf_write_carrays_packets(capture_file *cf, print_args_t *print_args);
394 * Find packet with a protocol tree item that contains a specified text string.
396 * @param cf the capture file
397 * @param string the string to find
398 * @param dir direction in which to search
399 * @return TRUE if a packet was found, FALSE otherwise
401 gboolean cf_find_packet_protocol_tree(capture_file *cf, const char *string,
402 search_direction dir);
405 * Find field with a label that contains text string cfile->sfilter.
407 * @param cf the capture file
408 * @param tree the protocol tree
409 * @param mdata the first field (mdata->finfo) that matched the string
410 * @return TRUE if a packet was found, FALSE otherwise
412 extern gboolean cf_find_string_protocol_tree(capture_file *cf, proto_tree *tree,
416 * Find packet whose summary line contains a specified text string.
418 * @param cf the capture file
419 * @param string the string to find
420 * @param dir direction in which to search
421 * @return TRUE if a packet was found, FALSE otherwise
423 gboolean cf_find_packet_summary_line(capture_file *cf, const char *string,
424 search_direction dir);
427 * Find packet whose data contains a specified byte string.
429 * @param cf the capture file
430 * @param string the string to find
431 * @param string_size the size of the string to find
432 * @param dir direction in which to search
433 * @return TRUE if a packet was found, FALSE otherwise
435 gboolean cf_find_packet_data(capture_file *cf, const guint8 *string,
436 size_t string_size, search_direction dir);
439 * Find packet that matches a compiled display filter.
441 * @param cf the capture file
442 * @param sfcode the display filter to match
443 * @param dir direction in which to search
444 * @return TRUE if a packet was found, FALSE otherwise
446 gboolean cf_find_packet_dfilter(capture_file *cf, dfilter_t *sfcode,
447 search_direction dir);
450 * Find packet that matches a display filter given as a text string.
452 * @param cf the capture file
453 * @param filter the display filter to match
454 * @param dir direction in which to search
455 * @return TRUE if a packet was found, FALSE otherwise
458 cf_find_packet_dfilter_string(capture_file *cf, const char *filter,
459 search_direction dir);
462 * Find marked packet.
464 * @param cf the capture file
465 * @param dir direction in which to search
466 * @return TRUE if a packet was found, FALSE otherwise
468 gboolean cf_find_packet_marked(capture_file *cf, search_direction dir);
471 * Find time-reference packet.
473 * @param cf the capture file
474 * @param dir direction in which to search
475 * @return TRUE if a packet was found, FALSE otherwise
477 gboolean cf_find_packet_time_reference(capture_file *cf, search_direction dir);
480 * GoTo Packet in first row.
482 * @return TRUE if the first row exists, FALSE otherwise
484 gboolean cf_goto_top_frame(void);
487 * GoTo Packet in last row.
489 * @return TRUE if last row exists, FALSE otherwise
491 gboolean cf_goto_bottom_frame(void);
494 * GoTo Packet with the given row.
496 * @param cf the capture file
497 * @param row the row to go to
498 * @return TRUE if this row exists, FALSE otherwise
500 gboolean cf_goto_frame(capture_file *cf, guint row);
503 * Go to frame specified by currently selected protocol tree field.
504 * (Go To Corresponding Packet)
505 * @todo this is ugly and should be improved!
507 * @param cf the capture file
508 * @return TRUE if this packet exists, FALSE otherwise
510 gboolean cf_goto_framenum(capture_file *cf);
513 * Select the packet in the given row.
515 * @param cf the capture file
516 * @param row the row to select
518 void cf_select_packet(capture_file *cf, int row);
521 * Unselect all packets, if any.
523 * @param cf the capture file
525 void cf_unselect_packet(capture_file *cf);
528 * Unselect all protocol tree fields, if any.
530 * @param cf the capture file
532 void cf_unselect_field(capture_file *cf);
535 * Mark a particular frame in a particular capture.
537 * @param cf the capture file
538 * @param frame the frame to be marked
540 void cf_mark_frame(capture_file *cf, frame_data *frame);
543 * Unmark a particular frame in a particular capture.
545 * @param cf the capture file
546 * @param frame the frame to be unmarked
548 void cf_unmark_frame(capture_file *cf, frame_data *frame);
551 * Ignore a particular frame in a particular capture.
553 * @param cf the capture file
554 * @param frame the frame to be ignored
556 void cf_ignore_frame(capture_file *cf, frame_data *frame);
559 * Unignore a particular frame in a particular capture.
561 * @param cf the capture file
562 * @param frame the frame to be unignored
564 void cf_unignore_frame(capture_file *cf, frame_data *frame);
567 * Merge two (or more) capture files into one.
568 * @todo is this the right place for this function? It doesn't have to do a lot with capture_file.
570 * @param out_filename pointer to output filename; if output filename is
571 * NULL, a temporary file name is generated and *out_filename is set
572 * to point to the generated file name
573 * @param in_file_count the number of input files to merge
574 * @param in_filenames array of input filenames
575 * @param file_type the output filetype
576 * @param do_append FALSE to merge chronologically, TRUE simply append
577 * @return one of cf_status_t
580 cf_merge_files(char **out_filename, int in_file_count,
581 char *const *in_filenames, int file_type, gboolean do_append);
583 #if defined(HAVE_HEIMDAL_KERBEROS) || defined(HAVE_MIT_KERBEROS)
584 void read_keytab_file(const char *);
589 #endif /* __cplusplus */