6 * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 #ifndef __WTAP_INT_H__
24 #define __WTAP_INT_H__
26 #ifdef HAVE_SYS_TIME_H
35 #ifdef HAVE_WINSOCK2_H
42 #endif /* HAVE_LIBZ */
46 /* Information for a compressed Sniffer data stream. */
48 unsigned char *buf; /* buffer into which we uncompress data */
49 size_t nbytes; /* number of bytes of data in that buffer */
50 int nextout; /* offset in that buffer of stream's current position */
51 long comp_offset; /* current offset in compressed data stream */
52 long uncomp_offset; /* current offset in uncompressed data stream */
53 } ngsniffer_comp_stream_t;
61 ngsniffer_comp_stream_t seq; /* sequential access */
62 ngsniffer_comp_stream_t rand; /* random access */
63 GList *first_blob; /* list element for first blob */
64 GList *last_blob; /* list element for last blob */
65 GList *current_blob; /* list element for current blob */
69 gboolean byte_swapped;
87 gboolean byte_swapped;
88 swapped_type_t lengths_swapped;
89 guint16 version_major;
90 guint16 version_minor;
98 guint32 frame_table_size;
105 double start_timestamp;
109 gboolean fcs_valid; /* if packets have valid FCS at the end */
110 guint isdn_type; /* 1 = E1 PRI, 2 = T1 PRI, 3 = BRI */
116 long next_packet_seek_start;
120 gboolean byteswapped;
124 struct timeval reference_time;
137 typedef struct _k12_t k12_t;
139 typedef gboolean (*subtype_read_func)(struct wtap*, int*, char**, long*);
140 typedef gboolean (*subtype_seek_read_func)(struct wtap*, long, union wtap_pseudo_header*,
141 guint8*, int, int *, char **);
144 int fd; /* File descriptor for cap file */
145 FILE_T random_fh; /* Secondary FILE_T for random access */
148 struct Buffer *frame_buffer;
149 struct wtap_pkthdr phdr;
150 union wtap_pseudo_header pseudo_header;
156 lanalyzer_t *lanalyzer;
157 ngsniffer_t *ngsniffer;
158 i4btrace_t *i4btrace;
164 etherpeek_t *etherpeek;
165 airopeek9_t *airopeek9;
171 subtype_read_func subtype_read;
172 subtype_seek_read_func subtype_seek_read;
173 void (*subtype_sequential_close)(struct wtap*);
174 void (*subtype_close)(struct wtap*);
175 int file_encap; /* per-file, for those
176 file formats that have
177 per-file encapsulation
183 typedef gboolean (*subtype_write_func)(struct wtap_dumper*,
184 const struct wtap_pkthdr*, const union wtap_pseudo_header*,
185 const guchar*, int*);
186 typedef gboolean (*subtype_close_func)(struct wtap_dumper*, int*);
189 gboolean first_frame;
194 gboolean first_frame;
195 struct timeval start;
200 gboolean got_first_record_time;
201 struct timeval first_record_time;
202 guint32 frame_table_offset;
203 guint32 *frame_table;
204 guint frame_table_index;
205 guint frame_table_size;
213 guint64 packet_count;
219 guint32 num_of_records;
233 ngsniffer_dump_t *ngsniffer;
234 netmon_dump_t *netmon;
235 netxray_dump_t *netxray;
236 _5views_dump_t *_5views;
237 niobserver_dump_t *niobserver;
241 subtype_write_func subtype_write;
242 subtype_close_func subtype_close;
246 /* Macros to byte-swap 32-bit and 16-bit quantities. */
248 ((((x)&0xFF000000)>>24) | \
249 (((x)&0x00FF0000)>>8) | \
250 (((x)&0x0000FF00)<<8) | \
251 (((x)&0x000000FF)<<24))
253 ((((x)&0xFF00)>>8) | \
256 /* Turn host-byte-order values into little-endian values. */
257 #define htoles(s) GUINT16_TO_LE(s)
258 #define htolel(l) GUINT32_TO_LE(l)
260 #define htolell(ll) GUINT64_TO_LE(ll)
261 #endif /* G_HAVE_GINT64 */
263 /* Pointer versions of ntohs and ntohl. Given a pointer to a member of a
264 * byte array, returns the value of the two or four bytes at the pointer.
265 * The pletoh[sl] versions return the little-endian representation.
267 * If G_HAVE_GINT64 is defined, so we can use "gint64" and "guint64" to
268 * refer to 64-bit integral quantities, we also provide pntohll and
269 * phtolell, which extract 64-bit integral quantities.
273 #define pntohs(p) ((guint16) \
274 ((guint16)*((const guint8 *)(p)+0)<<8| \
275 (guint16)*((const guint8 *)(p)+1)<<0))
279 #define pntoh24(p) ((guint32)*((const guint8 *)(p)+0)<<16| \
280 (guint32)*((const guint8 *)(p)+1)<<8| \
281 (guint32)*((const guint8 *)(p)+2)<<0)
285 #define pntohl(p) ((guint32)*((const guint8 *)(p)+0)<<24| \
286 (guint32)*((const guint8 *)(p)+1)<<16| \
287 (guint32)*((const guint8 *)(p)+2)<<8| \
288 (guint32)*((const guint8 *)(p)+3)<<0)
293 #define pntohll(p) ((guint64)*((const guint8 *)(p)+0)<<56| \
294 (guint64)*((const guint8 *)(p)+1)<<48| \
295 (guint64)*((const guint8 *)(p)+2)<<40| \
296 (guint64)*((const guint8 *)(p)+3)<<32| \
297 (guint64)*((const guint8 *)(p)+4)<<24| \
298 (guint64)*((const guint8 *)(p)+5)<<16| \
299 (guint64)*((const guint8 *)(p)+6)<<8| \
300 (guint64)*((const guint8 *)(p)+7)<<0)
306 #define phtons(p) ((guint16) \
307 ((guint16)*((const guint8 *)(p)+0)<<8| \
308 (guint16)*((const guint8 *)(p)+1)<<0))
312 #define phtonl(p) ((guint32)*((const guint8 *)(p)+0)<<24| \
313 (guint32)*((const guint8 *)(p)+1)<<16| \
314 (guint32)*((const guint8 *)(p)+2)<<8| \
315 (guint32)*((const guint8 *)(p)+3)<<0)
319 #define pletohs(p) ((guint16) \
320 ((guint16)*((const guint8 *)(p)+1)<<8| \
321 (guint16)*((const guint8 *)(p)+0)<<0))
325 #define pletoh24(p) ((guint32)*((const guint8 *)(p)+2)<<16| \
326 (guint32)*((const guint8 *)(p)+1)<<8| \
327 (guint32)*((const guint8 *)(p)+0)<<0)
332 #define pletohl(p) ((guint32)*((const guint8 *)(p)+3)<<24| \
333 (guint32)*((const guint8 *)(p)+2)<<16| \
334 (guint32)*((const guint8 *)(p)+1)<<8| \
335 (guint32)*((const guint8 *)(p)+0)<<0)
341 #define pletohll(p) ((guint64)*((const guint8 *)(p)+7)<<56| \
342 (guint64)*((const guint8 *)(p)+6)<<48| \
343 (guint64)*((const guint8 *)(p)+5)<<40| \
344 (guint64)*((const guint8 *)(p)+4)<<32| \
345 (guint64)*((const guint8 *)(p)+3)<<24| \
346 (guint64)*((const guint8 *)(p)+2)<<16| \
347 (guint64)*((const guint8 *)(p)+1)<<8| \
348 (guint64)*((const guint8 *)(p)+0)<<0)
352 #define wtap_file_read_unknown_bytes(target, num_bytes, fh, err) \
356 _bytes_read = file_read((target), 1, (num_bytes), (fh)); \
357 if (_bytes_read != (int) (num_bytes)) { \
358 *(err) = file_error((fh)); \
364 #define wtap_file_read_expected_bytes(target, num_bytes, fh, err) \
368 _bytes_read = file_read((target), 1, (num_bytes), (fh)); \
369 if (_bytes_read != (int) (num_bytes)) { \
370 *(err) = file_error((fh)); \
371 if (*(err) == 0 && _bytes_read > 0) { \
372 *(err) = WTAP_ERR_SHORT_READ; \
379 /* glib doesn't have g_ptr_array_len of all things!*/
380 #ifndef g_ptr_array_len
381 #define g_ptr_array_len(a) ((a)->len)
384 #endif /* __WTAP_INT_H__ */