3 * $Id: wtap.h,v 1.20 1999/07/13 02:53:26 gram Exp $
6 * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
27 /* Encapsulation types. Choose names that truly reflect
28 * what is contained in the packet trace file. */
29 #define WTAP_ENCAP_NONE 0
30 #define WTAP_ENCAP_ETHERNET 1
31 #define WTAP_ENCAP_TR 2
32 #define WTAP_ENCAP_SLIP 3
33 #define WTAP_ENCAP_PPP 4
34 #define WTAP_ENCAP_FDDI 5
35 #define WTAP_ENCAP_RAW_IP 6
36 #define WTAP_ENCAP_ARCNET 7
37 #define WTAP_ENCAP_ATM_RFC1483 8
39 /* last WTAP_ENCAP_ value + 1 */
40 #define WTAP_NUM_ENCAP_TYPES 9
42 /* File types that can be read by wiretap */
43 #define WTAP_FILE_UNKNOWN 0
44 #define WTAP_FILE_WTAP 1
45 #define WTAP_FILE_PCAP 2
46 #define WTAP_FILE_LANALYZER 3
47 #define WTAP_FILE_NGSNIFFER 4
48 #define WTAP_FILE_SNOOP 6
49 #define WTAP_FILE_IPTRACE 7
50 #define WTAP_FILE_NETMON 8
51 #define WTAP_FILE_NETXRAY 9
53 /* Filter types that wiretap can create. An 'offline' filter is really
54 * a BPF filter, but it is treated specially because wiretap might not know
55 * in advance the datalink type(s) needed.
57 #define WTAP_FILTER_NONE 0
58 #define WTAP_FILTER_OFFLINE 1
59 #define WTAP_FILTER_BPF 2
61 #include <sys/types.h>
63 #ifdef HAVE_SYS_TIME_H
92 guint16 version_major;
93 guint16 version_minor;
106 double start_timestamp;
119 typedef void (*wtap_handler)(u_char*, const struct wtap_pkthdr*,
120 int, const u_char *);
123 struct bpf_instruction;
126 typedef int (*subtype_func)(struct wtap*);
127 typedef struct wtap {
131 struct Buffer *frame_buffer;
132 struct wtap_pkthdr phdr;
136 lanalyzer_t *lanalyzer;
137 ngsniffer_t *ngsniffer;
142 subtype_func subtype_read;
143 int file_encap; /* per-file, for those
144 file formats that have
145 per-file encapsulation
150 wtap* wtap_open_offline(char *filename);
151 void wtap_loop(wtap *wth, int, wtap_handler, u_char*);
153 FILE* wtap_file(wtap *wth);
154 int wtap_snapshot_length(wtap *wth); /* per file */
155 int wtap_file_type(wtap *wth);
156 void wtap_close(wtap *wth);
159 /* Pointer versions of ntohs and ntohl. Given a pointer to a member of a
160 * byte array, returns the value of the two or four bytes at the pointer.
161 * The pletoh[sl] versions return the little-endian representation.
165 #define pntohs(p) ((guint16) \
166 ((guint16)*((guint8 *)p+0)<<8| \
167 (guint16)*((guint8 *)p+1)<<0))
171 #define pntohl(p) ((guint32)*((guint8 *)p+0)<<24| \
172 (guint32)*((guint8 *)p+1)<<16| \
173 (guint32)*((guint8 *)p+2)<<8| \
174 (guint32)*((guint8 *)p+3)<<0)
178 #define phtons(p) ((guint16) \
179 ((guint16)*((guint8 *)p+0)<<8| \
180 (guint16)*((guint8 *)p+1)<<0))
184 #define phtonl(p) ((guint32)*((guint8 *)p+0)<<24| \
185 (guint32)*((guint8 *)p+1)<<16| \
186 (guint32)*((guint8 *)p+2)<<8| \
187 (guint32)*((guint8 *)p+3)<<0)
191 #define pletohs(p) ((guint16) \
192 ((guint16)*((guint8 *)p+1)<<8| \
193 (guint16)*((guint8 *)p+0)<<0))
197 #define pletohl(p) ((guint32)*((guint8 *)p+3)<<24| \
198 (guint32)*((guint8 *)p+2)<<16| \
199 (guint32)*((guint8 *)p+1)<<8| \
200 (guint32)*((guint8 *)p+0)<<0)
203 #endif /* __WTAP_H__ */