/*
- * $Id: network_instruments.h,v 1.3 2003/11/01 03:38:10 guy Exp $
+ * $Id$
*/
/***************************************************************************
#ifndef __NETWORK_INSTRUMENTS_H__
#define __NETWORK_INSTRUMENTS_H__
-int network_instruments_open(wtap *wth, int *err);
+int network_instruments_open(wtap *wth, int *err, gchar **err_info);
+int network_instruments_dump_can_write_encap(int encap);
+gboolean network_instruments_dump_open(wtap_dumper *wdh, gboolean cant_seek, int *err);
typedef struct capture_file_header
{
char observer_version[32];
guint16 offset_to_first_packet;
char probe_instance;
- char extra_information_present;
+ guint8 number_of_information_elements; /* number of TLVs in the header */
} capture_file_header;
+typedef struct tlv_header
+{
+ guint16 type;
+ guint16 length; /* includes the length of the TLV header */
+} tlv_header;
+
+/*
+ * TLV type values.
+ */
+#define INFORMATION_TYPE_ALIAS_LIST 0x01
+#define INFORMATION_TYPE_COMMENT 0x02 /* ASCII text */
+
typedef struct packet_entry_header
{
guint32 packet_magic;
guint16 offset_to_next_packet;
guint8 network_type;
guint8 flags;
- guint8 extra_information;
+ guint8 number_of_information_elements; /* number of TLVs in the header */
guint8 packet_type;
guint16 errors;
guint16 reserved;
guint64 nano_seconds_since_2000;
} packet_entry_header;
-typedef struct tlv_header
-{
- guint16 type;
- guint16 length;
-} tlv_header;
-
-typedef struct tlv_alias_list
-{
- tlv_header header;
- char alias_list[1];
-} tlv_alias_list;
-
-typedef struct tlv_user_commnent
-{
- tlv_header header;
- char user_comment[1];
-} tlv_user_comment;
+/*
+ * Network type values.
+ */
+#define OBSERVER_UNDEFINED 0xFF
+#define OBSERVER_ETHERNET 0x00
+#define OBSERVER_TOKENRING 0x01
+#define OBSERVER_FDDI 0x02
-typedef struct observer_time
-{
- guint64 ns_since2000; /* given in packet_entry_header */
+/*
+ * Packet type values.
+ */
+#define PACKET_TYPE_DATA_PACKET 0
+#define PACKET_TYPE_EXPERT_INFORMATION_PACKET 1
- guint64 us_since2000; /* Micro-Seconds since 1-1-2000 */
- guint64 sec_since2000; /* Seconds since 1-1-2000 */
+/*
+ * The Observer document indicates that the types of expert information
+ * packets are:
+ *
+ * Network Load (markers used by Expert Time Interval and What If
+ * analysis modes)
+ *
+ * Start/Stop Packet Capture marker frames (with time stamps when
+ * captures start and stop)
+ *
+ * Wireless Channel Change (markers showing what channel was being
+ * currently listened to)
+ *
+ * That information appears to be contained in TLVs.
+ */
- time_t seconds_from_1970;
- guint64 useconds_from_1970;
+/*
+ * TLV type values.
+ */
+#define INFORMATION_TYPE_NETWORK_LOAD 0x0100
+#define INFORMATION_TYPE_CAPTURE_START_STOP 0x0104
-} observer_time;
+/*
+ * Might some of these be broadcast and multicast packet counts?
+ */
+typedef struct tlv_network_load
+{
+ guint32 utilization; /* network utilization, in .1% units */
+ guint32 unknown1;
+ guint32 unknown2;
+ guint32 packets_per_second;
+ guint32 unknown3;
+ guint32 bytes_per_second;
+ guint32 unknown4;
+} tlv_network_load;
+
+typedef struct tlv_capture_start_stop
+{
+ guint32 start_stop;
+} tlv_capture_start_stop;
+#define START_STOP_TYPE_STOP 0
+#define START_STOP_TYPE_START 1
#endif
git.samba.org / obnox / wireshark / wip.git / blobdiff