3 * $Id: lanalyzer.c,v 1.10 1999/07/13 02:53:24 gram Exp $
6 * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
30 #include "lanalyzer.h"
32 int lanalyzer_open(wtap *wth)
36 char record_length[2];
38 guint16 board_type, mxslc;
40 guint8 cr_day, cr_month, cr_year;
43 fseek(wth->fh, 0, SEEK_SET);
44 bytes_read = fread(record_type, 1, 2, wth->fh);
45 bytes_read += fread(record_length, 1, 2, wth->fh);
46 type = pletohs(record_type);
47 length = pletohs(record_length); /* make sure to do this for while() loop */
49 if (bytes_read != 4) {
50 return WTAP_FILE_UNKNOWN;
53 if (type != 0x1001 && type != 0x1007) {
54 return WTAP_FILE_UNKNOWN;
57 /* If we made it this far, then the file is a LANAlyzer file.
58 * Let's get some info from it */
59 wth->capture.lanalyzer = g_malloc(sizeof(lanalyzer_t));
60 wth->subtype_read = lanalyzer_read;
61 /* wth->snapshot_length = 16384; */ /* available in header as 'mxslc' */
63 /* Read records until we find the start of packets */
66 fseek(wth->fh, length, SEEK_CUR);
67 bytes_read = fread(record_type, 1, 2, wth->fh);
68 bytes_read += fread(record_length, 1, 2, wth->fh);
69 if (bytes_read != 4) {
70 free(wth->capture.lanalyzer);
71 return WTAP_FILE_UNKNOWN;
74 type = pletohs(record_type);
75 length = pletohs(record_length);
77 /* g_message("Record 0x%04X Length %d", type, length);*/
79 /* Trace Summary Record */
81 fread(summary, 1, 210, wth->fh);
83 /* Assume that the date of the creation of the trace file
84 * is the same date of the trace. Lanalyzer doesn't
85 * store the creation date/time of the trace, but only of
86 * the file. Unless you traced at 11:55 PM and saved at 00:05
87 * AM, the assumption that trace.date == file.date is true.
90 cr_month = summary[1];
91 cr_year = pletohs(&summary[2]);
92 /*g_message("Day %d Month %d Year %d (%04X)", cr_day, cr_month,
95 /* Get capture start time. I learned how to do
96 * this from Guy's code in ngsniffer.c
98 /* this strange year offset is not in the
99 * lanalyzer file format documentation, but it
101 tm.tm_year = cr_year - (1900 - 1792);
102 tm.tm_mon = cr_month - 1;
108 wth->capture.lanalyzer->start = mktime(&tm);
109 /*g_message("Day %d Month %d Year %d", tm.tm_mday,
110 tm.tm_mon, tm.tm_year);*/
111 mxslc = pletohs(&summary[30]);
112 wth->snapshot_length = mxslc;
114 length = 0; /* to fake the next iteration of while() */
115 board_type = pletohs(&summary[188]);
116 switch (board_type) {
118 wth->file_encap = WTAP_ENCAP_ETHERNET;
121 wth->file_encap = WTAP_ENCAP_TR;
124 wth->file_encap = WTAP_ENCAP_NONE;
128 /* Trace Packet Data Record */
130 wth->capture.lanalyzer->pkt_len = length - 32;
131 return WTAP_FILE_LANALYZER;
133 /* default: no default action */
134 /* printf("Record 0x%04X Length %d\n", type, length);*/
138 /* never gets here */
139 return WTAP_FILE_LANALYZER;
142 /* Read the next packet */
143 int lanalyzer_read(wtap *wth)
145 int packet_size = wth->capture.lanalyzer->pkt_len; /* slice, really */
148 char record_length[2];
149 guint16 type, length;
150 gchar descriptor[32];
152 guint16 time_low, time_med, time_high, true_size;
155 /* If this is the very first packet, then the fh cursor will already
156 * be at the start of the packet data instead of at the start of the Trace
157 * Packet Data Record. Check for this */
160 /* Increment fh cursor to next record */
161 bytes_read = fread(record_type, 1, 2, wth->fh);
162 bytes_read += fread(record_length, 1, 2, wth->fh);
163 if (bytes_read != 4) {
167 type = pletohs(record_type);
168 length = pletohs(record_length);
170 if (type != 0x1005) {
174 packet_size = length - 32;
178 wth->capture.lanalyzer->pkt_len = 0;
181 /* Read the descriptor data */
182 bytes_read = fread(descriptor, 1, 32, wth->fh);
183 if (bytes_read != 32) {
184 g_error("lanalyzer_read: not enough descriptor data (%d bytes)",
189 /* Read the packet data */
190 buffer_assure_space(wth->frame_buffer, packet_size);
191 data_offset = ftell(wth->fh);
192 bytes_read = fread(buffer_start_ptr(wth->frame_buffer), 1,
193 packet_size, wth->fh);
195 if (bytes_read != packet_size) {
196 if (ferror(wth->fh)) {
197 g_error("lanalyzer_read: fread for data: read error\n");
199 g_error("lanalyzer_read: fread for data: %d bytes out of %d read",
200 bytes_read, packet_size);
205 true_size = pletohs(&descriptor[4]);
206 time_low = pletohs(&descriptor[8]);
207 time_med = pletohs(&descriptor[10]);
208 time_high = pletohs(&descriptor[12]);
210 t = (double)time_low+(double)(time_med)*65536.0 +
211 (double)time_high*4294967296.0;
212 t = t/1000000.0 * 0.5; /* t = # of secs */
213 t += wth->capture.lanalyzer->start;
215 wth->phdr.ts.tv_sec = (long)t;
216 wth->phdr.ts.tv_usec = (unsigned long)((t-(double)(wth->phdr.ts.tv_sec))
219 wth->phdr.len = true_size - 4;
220 wth->phdr.caplen = packet_size;
221 wth->phdr.pkt_encap = wth->file_encap;