/* wtap.c
*
- * $Id: wtap.c,v 1.26 1999/10/18 01:51:32 guy Exp $
+ * $Id$
*
* Wiretap Library
- * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
- *
+ * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu>
+ *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- *
*/
-#include <string.h>
-#include <errno.h>
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
-#include "wtap.h"
-#include "file.h"
-#include "buffer.h"
-#include "ascend.h"
-FILE* wtap_file(wtap *wth)
-{
- return wth->fh;
-}
+#include <string.h>
+#include <errno.h>
-int wtap_fd(wtap *wth)
+#include "wtap-int.h"
+#include "file_wrappers.h"
+#include "buffer.h"
+
+int
+wtap_fd(wtap *wth)
{
return wth->fd;
}
-int wtap_file_type(wtap *wth)
+int
+wtap_file_type(wtap *wth)
{
return wth->file_type;
}
-int wtap_snapshot_length(wtap *wth)
+int
+wtap_snapshot_length(wtap *wth)
{
return wth->snapshot_length;
}
-int wtap_file_encap(wtap *wth)
+int
+wtap_file_encap(wtap *wth)
{
return wth->file_encap;
}
-const char *wtap_file_type_string(wtap *wth)
-{
- switch (wth->file_type) {
- case WTAP_FILE_WTAP:
- return "wiretap";
+/* Table of the encapsulation types we know about. */
+static const struct encap_type_info {
+ const char *name;
+ const char *short_name;
+} encap_table[WTAP_NUM_ENCAP_TYPES] = {
+ /* WTAP_ENCAP_UNKNOWN */
+ { "Unknown", NULL },
+
+ /* WTAP_ENCAP_ETHERNET */
+ { "Ethernet", "ether" },
+
+ /* WTAP_ENCAP_TOKEN_RING */
+ { "Token Ring", "tr" },
+
+ /* WTAP_ENCAP_SLIP */
+ { "SLIP", "slip" },
+
+ /* WTAP_ENCAP_PPP */
+ { "PPP", "ppp" },
+
+ /* WTAP_ENCAP_FDDI */
+ { "FDDI", "fddi" },
+
+ /* WTAP_ENCAP_FDDI_BITSWAPPED */
+ { "FDDI with bit-swapped MAC addresses", "fddi-swapped" },
+
+ /* WTAP_ENCAP_RAW_IP */
+ { "Raw IP", "rawip" },
+
+ /* WTAP_ENCAP_ARCNET */
+ { "ARCNET", "arcnet" },
+
+ /* WTAP_ENCAP_ARCNET_LINUX */
+ { "Linux ARCNET", "arcnet_linux" },
+
+ /* WTAP_ENCAP_ATM_RFC1483 */
+ { "RFC 1483 ATM", "atm-rfc1483" },
+
+ /* WTAP_ENCAP_LINUX_ATM_CLIP */
+ { "Linux ATM CLIP", "linux-atm-clip" },
+
+ /* WTAP_ENCAP_LAPB */
+ { "LAPB", "lapb" },
+
+ /* WTAP_ENCAP_ATM_PDUS */
+ { "ATM PDUs", "atm-pdus" },
+
+ /* WTAP_ENCAP_ATM_PDUS_UNTRUNCATED */
+ { "ATM PDUs - untruncated", "atm-pdus-untruncated" },
+
+ /* WTAP_ENCAP_NULL */
+ { "NULL", "null" },
+
+ /* WTAP_ENCAP_ASCEND */
+ { "Lucent/Ascend access equipment", "ascend" },
+
+ /* WTAP_ENCAP_ISDN */
+ { "ISDN", "isdn" },
+
+ /* WTAP_ENCAP_IP_OVER_FC */
+ { "RFC 2625 IP-over-Fibre Channel", "ip-over-fc" },
+
+ /* WTAP_ENCAP_PPP_WITH_PHDR */
+ { "PPP with Directional Info", "ppp-with-direction" },
+
+ /* WTAP_ENCAP_IEEE_802_11 */
+ { "IEEE 802.11 Wireless LAN", "ieee-802-11" },
+
+ /* WTAP_ENCAP_PRISM_HEADER */
+ { "IEEE 802.11 plus Prism II monitor mode header", "prism" },
+
+ /* WTAP_ENCAP_IEEE_802_11_WITH_RADIO */
+ { "IEEE 802.11 Wireless LAN with radio information", "ieee-802-11-radio" },
+
+ /* WTAP_ENCAP_IEEE_802_11_WLAN_RADIOTAP */
+ { "IEEE 802.11 plus radiotap WLAN header", "ieee-802-11-radiotap" },
+
+ /* WTAP_ENCAP_IEEE_802_11_WLAN_AVS */
+ { "IEEE 802.11 plus AVS WLAN header", "ieee-802-11-avs" },
+
+ /* WTAP_ENCAP_SLL */
+ { "Linux cooked-mode capture", "linux-sll" },
+
+ /* WTAP_ENCAP_FRELAY */
+ { "Frame Relay", "frelay" },
+
+ /* WTAP_ENCAP_FRELAY_WITH_PHDR */
+ { "Frame Relay with Directional Info", "frelay-with-direction" },
+
+ /* WTAP_ENCAP_CHDLC */
+ { "Cisco HDLC", "chdlc" },
+
+ /* WTAP_ENCAP_CISCO_IOS */
+ { "Cisco IOS internal", "ios" },
+
+ /* WTAP_ENCAP_LOCALTALK */
+ { "Localtalk", "ltalk" },
+
+ /* WTAP_ENCAP_OLD_PFLOG */
+ { "OpenBSD PF Firewall logs, pre-3.4", "pflog-old" },
+
+ /* WTAP_ENCAP_HHDLC */
+ { "HiPath HDLC", "hhdlc" },
+
+ /* WTAP_ENCAP_DOCSIS */
+ { "Data Over Cable Service Interface Specification", "docsis" },
+
+ /* WTAP_ENCAP_COSINE */
+ { "CoSine L2 debug log", "cosine" },
+
+ /* WTAP_ENCAP_WFLEET_HDLC */
+ { "Wellfleet HDLC", "whdlc" },
+
+ /* WTAP_ENCAP_SDLC */
+ { "SDLC", "sdlc" },
+
+ /* WTAP_ENCAP_TZSP */
+ { "Tazmen sniffer protocol", "tzsp" },
+
+ /* WTAP_ENCAP_ENC */
+ { "OpenBSD enc(4) encapsulating interface", "enc" },
+
+ /* WTAP_ENCAP_PFLOG */
+ { "OpenBSD PF Firewall logs", "pflog" },
+
+ /* WTAP_ENCAP_CHDLC_WITH_PHDR */
+ { "Cisco HDLC with Directional Info", "chdlc-with-direction" },
+
+ /* WTAP_ENCAP_BLUETOOTH_H4 */
+ { "Bluetooth H4", "bluetooth-h4" },
+
+ /* WTAP_ENCAP_MTP2 */
+ { "SS7 MTP2", "mtp2" },
- case WTAP_FILE_PCAP:
- return "pcap";
+ /* WTAP_ENCAP_MTP3 */
+ { "SS7 MTP3", "mtp3" },
- case WTAP_FILE_LANALYZER:
- return "Novell LANalyzer";
+ /* WTAP_ENCAP_IRDA */
+ { "IrDA", "irda" },
- case WTAP_FILE_NGSNIFFER:
- return "Network Associates Sniffer (DOS-based)";
+ /* WTAP_ENCAP_USER0 */
+ { "USER 0", "user0" },
- case WTAP_FILE_SNOOP:
- return "snoop";
+ /* WTAP_ENCAP_USER1 */
+ { "USER 1", "user1" },
- case WTAP_FILE_IPTRACE:
- return "iptrace";
+ /* WTAP_ENCAP_USER2 */
+ { "USER 2", "user2" },
- case WTAP_FILE_NETMON_1_x:
- return "Microsoft Network Monitor 1.x";
+ /* WTAP_ENCAP_USER3 */
+ { "USER 3", "user3" },
- case WTAP_FILE_NETMON_2_x:
- return "Microsoft Network Monitor 2.x";
+ /* WTAP_ENCAP_USER4 */
+ { "USER 4", "user4" },
- case WTAP_FILE_NETXRAY_1_0:
- return "Cinco Networks NetXRay";
+ /* WTAP_ENCAP_USER5 */
+ { "USER 5", "user5" },
- case WTAP_FILE_NETXRAY_1_1:
- return "Network Associates Sniffer (Windows-based) 1.1";
+ /* WTAP_ENCAP_USER6 */
+ { "USER 6", "user6" },
- case WTAP_FILE_NETXRAY_2_001:
- return "Network Associates Sniffer (Windows-based) 2.001";
+ /* WTAP_ENCAP_USER7 */
+ { "USER 7", "user7" },
- case WTAP_FILE_RADCOM:
- return "RADCOM WAN/LAN analyzer";
+ /* WTAP_ENCAP_USER8 */
+ { "USER 8", "user8" },
- case WTAP_FILE_ASCEND:
- return "Lucent/Ascend access server trace";
+ /* WTAP_ENCAP_USER9 */
+ { "USER 9", "user9" },
- case WTAP_FILE_NETTL:
- return "HP-UX nettl traces";
+ /* WTAP_ENCAP_USER10 */
+ { "USER 10", "user10" },
- default:
- g_error("Unknown capture file type %d", wth->file_type);
- return NULL;
+ /* WTAP_ENCAP_USER11 */
+ { "USER 11", "user11" },
+
+ /* WTAP_ENCAP_USER12 */
+ { "USER 12", "user12" },
+
+ /* WTAP_ENCAP_USER13 */
+ { "USER 13", "user13" },
+
+ /* WTAP_ENCAP_USER14 */
+ { "USER 14", "user14" },
+
+ /* WTAP_ENCAP_USER15 */
+ { "USER 15", "user15" },
+
+ /* WTAP_ENCAP_SYMANTEC */
+ { "Symantec Enterprise Firewall", "symantec" },
+
+ /* WTAP_ENCAP_APPLE_IP_OVER_IEEE1394 */
+ { "Apple IP-over-IEEE 1394", "ap1394" },
+
+ /* WTAP_ENCAP_BACNET_MS_TP */
+ { "BACnet MS/TP", "bacnet-ms-tp" },
+
+ /* WTAP_ENCAP_RAW_ICMP */
+ { "Raw ICMP", "raw-icmp" },
+
+ /* WTAP_ENCAP_RAW_ICMPV6 */
+ { "Raw ICMPv6", "raw-icmpv6" },
+};
+
+/* Name that should be somewhat descriptive. */
+const char
+*wtap_encap_string(int encap)
+{
+ if (encap < 0 || encap >= WTAP_NUM_ENCAP_TYPES)
+ return NULL;
+ else
+ return encap_table[encap].name;
+}
+
+/* Name to use in, say, a command-line flag specifying the type. */
+const char
+*wtap_encap_short_string(int encap)
+{
+ if (encap < 0 || encap >= WTAP_NUM_ENCAP_TYPES)
+ return NULL;
+ else
+ return encap_table[encap].short_name;
+}
+
+/* Translate a short name to a capture file type. */
+int
+wtap_short_string_to_encap(const char *short_name)
+{
+ int encap;
+
+ for (encap = 0; encap < WTAP_NUM_ENCAP_TYPES; encap++) {
+ if (encap_table[encap].short_name != NULL &&
+ strcmp(short_name, encap_table[encap].short_name) == 0)
+ return encap;
}
+ return -1; /* no such encapsulation type */
}
static const char *wtap_errlist[] = {
- "The file isn't a plain file",
+ "The file isn't a plain file or pipe",
+ "The file is being opened for random access but is a pipe",
"The file isn't a capture file in a known format",
"File contains record data we don't support",
+ "That file format cannot be written to a pipe",
NULL,
"Files can't be saved in that format",
"Files from that network type can't be saved in that format",
- "That format doesn't support per-packet encapsulations",
+ "That file format doesn't support per-packet encapsulations",
NULL,
NULL,
"Less data was read than was expected",
"File contains a record that's not valid",
- "Less data was written than was requested"
+ "Less data was written than was requested",
+ "Uncompression error: data oddly truncated",
+ "Uncompression error: data would overflow buffer",
+ "Uncompression error: bad LZ77 offset",
};
#define WTAP_ERRLIST_SIZE (sizeof wtap_errlist / sizeof wtap_errlist[0])
-const char *wtap_strerror(int err)
+const char
+*wtap_strerror(int err)
{
- static char errbuf[6+11+1]; /* "Error %d" */
- int wtap_errlist_index;
+ static char errbuf[128];
+ unsigned int wtap_errlist_index;
if (err < 0) {
#ifdef HAVE_LIBZ
return strerror(err);
}
-void wtap_close(wtap *wth)
+/* Close only the sequential side, freeing up memory it uses.
+
+ Note that we do *not* want to call the subtype's close function,
+ as it would free any per-subtype data, and that data may be
+ needed by the random-access side.
+
+ Instead, if the subtype has a "sequential close" function, we call it,
+ to free up stuff used only by the sequential side. */
+void
+wtap_sequential_close(wtap *wth)
{
- /* free up memory. If any capture structure ever allocates
- * its own memory, it would be better to make a *close() function
- * for each filetype, like pcap_close(0, lanalyzer_close(), etc.
- * But for now this will work. */
- switch(wth->file_type) {
- case WTAP_FILE_PCAP:
- g_free(wth->capture.pcap);
- break;
+ if (wth->subtype_sequential_close != NULL)
+ (*wth->subtype_sequential_close)(wth);
- case WTAP_FILE_LANALYZER:
- g_free(wth->capture.lanalyzer);
- break;
+ if (wth->fh != NULL) {
+ file_close(wth->fh);
+ wth->fh = NULL;
+ }
- case WTAP_FILE_NGSNIFFER:
- g_free(wth->capture.ngsniffer);
- break;
+ if (wth->frame_buffer) {
+ buffer_free(wth->frame_buffer);
+ g_free(wth->frame_buffer);
+ wth->frame_buffer = NULL;
+ }
+}
- case WTAP_FILE_RADCOM:
- g_free(wth->capture.radcom);
- break;
+void
+wtap_close(wtap *wth)
+{
+ wtap_sequential_close(wth);
- case WTAP_FILE_NETMON_1_x:
- case WTAP_FILE_NETMON_2_x:
- g_free(wth->capture.netmon);
- break;
+ if (wth->subtype_close != NULL)
+ (*wth->subtype_close)(wth);
- case WTAP_FILE_NETXRAY_1_0:
- case WTAP_FILE_NETXRAY_1_1:
- case WTAP_FILE_NETXRAY_2_001:
- g_free(wth->capture.netxray);
- break;
+ if (wth->random_fh != NULL)
+ file_close(wth->random_fh);
- case WTAP_FILE_ASCEND:
- g_free(wth->capture.ascend);
- break;
+ g_free(wth);
+}
- case WTAP_FILE_NETTL:
- g_free(wth->capture.nettl);
- break;
+gboolean
+wtap_read(wtap *wth, int *err, gchar **err_info, long *data_offset)
+{
+ /*
+ * Set the packet encapsulation to the file's encapsulation
+ * value; if that's not WTAP_ENCAP_PER_PACKET, it's the
+ * right answer (and means that the read routine for this
+ * capture file type doesn't have to set it), and if it
+ * *is* WTAP_ENCAP_PER_PACKET, the caller needs to set it
+ * anyway.
+ */
+ wth->phdr.pkt_encap = wth->file_encap;
+
+ if (!wth->subtype_read(wth, err, err_info, data_offset))
+ return FALSE; /* failure */
- /* default:
- nothing */
- }
+ /*
+ * It makes no sense for the captured data length to be bigger
+ * than the actual data length.
+ */
+ if (wth->phdr.caplen > wth->phdr.len)
+ wth->phdr.caplen = wth->phdr.len;
+
+ /*
+ * Make sure that it's not WTAP_ENCAP_PER_PACKET, as that
+ * probably means the file has that encapsulation type
+ * but the read routine didn't set this packet's
+ * encapsulation type.
+ */
+ g_assert(wth->phdr.pkt_encap != WTAP_ENCAP_PER_PACKET);
+
+ return TRUE; /* success */
+}
+
+struct wtap_pkthdr*
+wtap_phdr(wtap *wth)
+{
+ return &wth->phdr;
+}
- file_close(wth->fh);
+union wtap_pseudo_header*
+wtap_pseudoheader(wtap *wth)
+{
+ return &wth->pseudo_header;
}
-int wtap_loop(wtap *wth, int count, wtap_handler callback, u_char* user,
- int *err)
+guint8*
+wtap_buf_ptr(wtap *wth)
{
- int data_offset, loop = 0;
+ return buffer_start_ptr(wth->frame_buffer);
+}
- while ((data_offset = wth->subtype_read(wth, err)) > 0) {
+gboolean
+wtap_loop(wtap *wth, int count, wtap_handler callback, guchar* user, int *err,
+ gchar **err_info)
+{
+ long data_offset;
+ int loop = 0;
+
+ /* Start by clearing error flag */
+ *err = 0;
+
+ while ( (wtap_read(wth, err, err_info, &data_offset)) ) {
callback(user, &wth->phdr, data_offset,
- buffer_start_ptr(wth->frame_buffer));
+ &wth->pseudo_header, buffer_start_ptr(wth->frame_buffer));
if (count > 0 && ++loop >= count)
break;
}
- if (data_offset < 0)
- return FALSE; /* failure */
- else
+
+ if (*err == 0)
return TRUE; /* success */
+ else
+ return FALSE; /* failure */
}
-int wtap_seek_read(int encaps, FILE *fh, int seek_off, guint8 *pd, int len)
+gboolean
+wtap_seek_read(wtap *wth, long seek_off,
+ union wtap_pseudo_header *pseudo_header, guint8 *pd, int len,
+ int *err, gchar **err_info)
{
- switch (encaps) {
-
- case WTAP_ENCAP_ASCEND:
- return ascend_seek_read(fh, seek_off, pd, len);
-
- default:
- return wtap_def_seek_read(fh, seek_off, pd, len);
- }
+ return wth->subtype_seek_read(wth, seek_off, pseudo_header, pd, len,
+ err, err_info);
}