/* wtap.h
*
- * $Id: wtap.h,v 1.51 1999/12/04 05:22:21 guy Exp $
+ * $Id: wtap.h,v 1.75 2000/07/26 06:04:34 guy Exp $
*
* Wiretap Library
- * Copyright (c) 1998 by Gilbert Ramirez <gram@verdict.uthscsa.edu>
+ * Copyright (c) 1998 by Gilbert Ramirez <gram@xiexie.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
#define WTAP_ENCAP_NULL 13
#define WTAP_ENCAP_ASCEND 14
#define WTAP_ENCAP_LAPD 15
+#define WTAP_ENCAP_V120 16
/* last WTAP_ENCAP_ value + 1 */
-#define WTAP_NUM_ENCAP_TYPES 16
+#define WTAP_NUM_ENCAP_TYPES 17
/* File types that can be read by wiretap.
We may eventually support writing some or all of these file types,
#define WTAP_FILE_UNKNOWN 0
#define WTAP_FILE_WTAP 1
#define WTAP_FILE_PCAP 2
-#define WTAP_FILE_PCAP_MODIFIED 3
-#define WTAP_FILE_LANALYZER 4
-#define WTAP_FILE_NGSNIFFER 5
-#define WTAP_FILE_SNOOP 6
-#define WTAP_FILE_IPTRACE_1_0 7
-#define WTAP_FILE_IPTRACE_2_0 8
-#define WTAP_FILE_NETMON_1_x 9
-#define WTAP_FILE_NETMON_2_x 10
-#define WTAP_FILE_NETXRAY_1_0 11
-#define WTAP_FILE_NETXRAY_1_1 12
-#define WTAP_FILE_NETXRAY_2_001 13
-#define WTAP_FILE_RADCOM 14
-#define WTAP_FILE_ASCEND 15
-#define WTAP_FILE_NETTL 16
-#define WTAP_FILE_TOSHIBA 17
+#define WTAP_FILE_PCAP_SS990417 3
+#define WTAP_FILE_PCAP_SS990915 4
+#define WTAP_FILE_PCAP_SS991029 5
+#define WTAP_FILE_LANALYZER 6
+#define WTAP_FILE_NGSNIFFER_UNCOMPRESSED 7
+#define WTAP_FILE_NGSNIFFER_COMPRESSED 8
+#define WTAP_FILE_SNOOP 9
+#define WTAP_FILE_IPTRACE_1_0 10
+#define WTAP_FILE_IPTRACE_2_0 11
+#define WTAP_FILE_NETMON_1_x 12
+#define WTAP_FILE_NETMON_2_x 13
+#define WTAP_FILE_NETXRAY_1_0 14
+#define WTAP_FILE_NETXRAY_1_1 15
+#define WTAP_FILE_NETXRAY_2_00x 16
+#define WTAP_FILE_RADCOM 17
+#define WTAP_FILE_ASCEND 18
+#define WTAP_FILE_NETTL 19
+#define WTAP_FILE_TOSHIBA 20
+#define WTAP_FILE_I4BTRACE 21
+
+/* last WTAP_FILE_ value + 1 */
+#define WTAP_NUM_FILE_TYPES 22
/*
* Maximum packet size we'll support.
#include <glib.h>
#include <stdio.h>
-#ifdef HAVE_LIBZ
-#include "zlib.h"
-#define FILE_T gzFile
-#else /* No zLib */
-#define FILE_T FILE *
-#endif /* HAVE_LIBZ */
-
-typedef struct {
- double timeunit;
- time_t start;
- int is_atm;
-} ngsniffer_t;
-
-typedef struct {
- time_t start;
-} radcom_t;
-
-typedef struct {
- time_t start;
-} nettl_t;
-
-typedef struct {
- time_t start;
-} lanalyzer_t;
-
-typedef struct {
- gboolean byte_swapped;
- gboolean modified;
- guint16 version_major;
- guint16 version_minor;
-} libpcap_t;
-
-typedef struct {
- time_t start_secs;
- guint32 start_usecs;
- guint8 version_major;
- int end_offset;
-} netmon_t;
-
-typedef struct {
- time_t start_time;
- double timeunit;
- double start_timestamp;
- int wrapped;
- int end_offset;
- int version_major;
-} netxray_t;
-
-typedef struct {
- time_t inittime;
- int adjusted;
- int seek_add;
-} ascend_t;
-
/* Packet "pseudo-header" information for X.25 capture files. */
struct x25_phdr {
guint8 flags; /* ENCAP_LAPB : 1st bit means From DCE */
#define AHLT_VCMX_FRAGMENTS 0xc /* VCMX: Fragments */
#define AHLT_VCMX_BPDU 0xe /* VCMX: BPDU */
-union pseudo_header {
+union wtap_pseudo_header {
struct x25_phdr x25;
struct ngsniffer_atm_phdr ngsniffer_atm;
struct ascend_phdr ascend;
guint32 caplen;
guint32 len;
int pkt_encap;
- union pseudo_header pseudo_header;
};
typedef void (*wtap_handler)(u_char*, const struct wtap_pkthdr*,
- int, const u_char *);
+ int, union wtap_pseudo_header *pseudo_header, const u_char *);
struct wtap;
struct Buffer;
-
-typedef int (*subtype_read_func)(struct wtap*, int*);
-typedef struct wtap {
- FILE_T fh;
- int fd; /* File descriptor for cap file */
- int file_type;
- int snapshot_length;
- struct Buffer *frame_buffer;
- struct wtap_pkthdr phdr;
-
- long data_offset;
-
- union {
- libpcap_t *pcap;
- lanalyzer_t *lanalyzer;
- ngsniffer_t *ngsniffer;
- radcom_t *radcom;
- nettl_t *nettl;
- netmon_t *netmon;
- netxray_t *netxray;
- ascend_t *ascend;
- } capture;
-
- subtype_read_func subtype_read;
- int file_encap; /* per-file, for those
- file formats that have
- per-file encapsulation
- types */
-} wtap;
-
struct wtap_dumper;
-typedef gboolean (*subtype_write_func)(struct wtap_dumper*,
- const struct wtap_pkthdr*, const u_char*, int*);
-typedef gboolean (*subtype_close_func)(struct wtap_dumper*, int*);
-
-typedef struct {
- guint32 frame_table_offset;
- struct timeval first_record_time;
- gboolean got_first_record_time;
- guint32 *frame_table;
- int frame_table_index;
- int frame_table_size;
-} netmon_dump_t;
-
-typedef struct wtap_dumper {
- FILE* fh;
- int file_type;
- int snaplen;
- int encap;
-
- union {
- void *opaque;
- netmon_dump_t *netmon;
- } private;
-
- subtype_write_func subtype_write;
- subtype_close_func subtype_close;
-} wtap_dumper;
+typedef struct wtap wtap;
+typedef struct wtap_dumper wtap_dumper;
/*
* On failure, "wtap_open_offline()" returns NULL, and puts into the
*
* a negative number, indicating the type of error, on other failures.
*/
-wtap* wtap_open_offline(const char *filename, int *err);
+struct wtap* wtap_open_offline(const char *filename, int *err, gboolean do_random);
int wtap_loop(wtap *wth, int, wtap_handler, u_char*, int*);
+int wtap_read(wtap *wth, int *err);
+struct wtap_pkthdr *wtap_phdr(wtap *wth);
+union wtap_pseudo_header *wtap_pseudoheader(wtap *wth);
+guint8 *wtap_buf_ptr(wtap *wth);
FILE* wtap_file(wtap *wth);
int wtap_fd(wtap *wth);
int wtap_snapshot_length(wtap *wth); /* per file */
int wtap_file_type(wtap *wth);
int wtap_file_encap(wtap *wth);
-const char *wtap_file_type_string(wtap *wth);
+
+const char *wtap_file_type_string(int filetype);
+const char *wtap_file_type_short_string(int filetype);
+int wtap_short_string_to_file_type(const char *short_name);
+
+const char *wtap_encap_string(int encap);
+const char *wtap_encap_short_string(int encap);
+int wtap_short_string_to_encap(const char *short_name);
+
const char *wtap_strerror(int err);
+void wtap_sequential_close(wtap *wth);
void wtap_close(wtap *wth);
-int wtap_seek_read (int file_type, FILE *fh, int seek_off, guint8 *pd, int len);
-int wtap_def_seek_read (FILE *fh, int seek_off, guint8 *pd, int len);
+int wtap_seek_read (wtap *wth, int seek_off,
+ union wtap_pseudo_header *pseudo_header, guint8 *pd, int len);
+int wtap_def_seek_read (wtap *wth, int seek_off,
+ union wtap_pseudo_header *pseudo_header, guint8 *pd, int len);
+gboolean wtap_dump_can_open(int filetype);
+gboolean wtap_dump_can_write_encap(int filetype, int encap);
wtap_dumper* wtap_dump_open(const char *filename, int filetype, int encap,
int snaplen, int *err);
wtap_dumper* wtap_dump_fdopen(int fd, int filetype, int encap, int snaplen,
int *err);
-gboolean wtap_dump(wtap_dumper *, const struct wtap_pkthdr *, const u_char *,
- int *err);
+gboolean wtap_dump(wtap_dumper *, const struct wtap_pkthdr *,
+ const union wtap_pseudo_header *pseudo_header, const u_char *, int *err);
FILE* wtap_dump_file(wtap_dumper *);
gboolean wtap_dump_close(wtap_dumper *, int *);
#define WTAP_ERR_UNSUPPORTED_FILE_TYPE -5
/* Wiretap can't save files in the specified format */
#define WTAP_ERR_UNSUPPORTED_ENCAP -6
- /* Wiretap can't save files in the specified format with the
+ /* Wiretap can't read or save files in the specified format with the
specified encapsulation */
#define WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED -7
/* The specified format doesn't support per-packet encapsulations */
/* We read an invalid record */
#define WTAP_ERR_SHORT_WRITE -12
/* An attempt to write wrote less data than it should have */
+#define WTAP_ERR_UNC_TRUNCATED -13
+ /* Sniffer compressed data was oddly truncated */
+#define WTAP_ERR_UNC_OVERFLOW -14
+ /* Uncompressing Sniffer data would overflow buffer */
+#define WTAP_ERR_UNC_BAD_OFFSET -15
+ /* LZ77 compressed data has bad offset to string */
/* Errors from zlib; zlib error Z_xxx turns into Wiretap error
WTAP_ERR_ZLIB + Z_xxx.
#define WTAP_ERR_ZLIB_MAX -100
#define WTAP_ERR_ZLIB_MIN -300
-/* Turn host-byte-order values into little-endian values. */
-#ifdef WORDS_BIGENDIAN
-#define htoles(s) ((guint16) \
- ((guint16)((s) & 0x00FF)<<8| \
- (guint16)((s) & 0xFF00)>>8))
-
-#define htolel(l) ((guint32)((l) & 0x000000FF)<<24| \
- (guint32)((l) & 0x0000FF00)<<8| \
- (guint32)((l) & 0x00FF0000)>>8| \
- (guint32)((l) & 0xFF000000)>>24)
-#else
-#define htoles(s) (s)
-#define htolel(l) (l)
-#endif
-
-/* Pointer versions of ntohs and ntohl. Given a pointer to a member of a
- * byte array, returns the value of the two or four bytes at the pointer.
- * The pletoh[sl] versions return the little-endian representation.
- */
-
-#ifndef pntohs
-#define pntohs(p) ((guint16) \
- ((guint16)*((guint8 *)p+0)<<8| \
- (guint16)*((guint8 *)p+1)<<0))
-#endif
-
-#ifndef pntohl
-#define pntohl(p) ((guint32)*((guint8 *)p+0)<<24| \
- (guint32)*((guint8 *)p+1)<<16| \
- (guint32)*((guint8 *)p+2)<<8| \
- (guint32)*((guint8 *)p+3)<<0)
-#endif
-
-#ifndef phtons
-#define phtons(p) ((guint16) \
- ((guint16)*((guint8 *)p+0)<<8| \
- (guint16)*((guint8 *)p+1)<<0))
-#endif
-
-#ifndef phtonl
-#define phtonl(p) ((guint32)*((guint8 *)p+0)<<24| \
- (guint32)*((guint8 *)p+1)<<16| \
- (guint32)*((guint8 *)p+2)<<8| \
- (guint32)*((guint8 *)p+3)<<0)
-#endif
-
-#ifndef pletohs
-#define pletohs(p) ((guint16) \
- ((guint16)*((guint8 *)p+1)<<8| \
- (guint16)*((guint8 *)p+0)<<0))
-#endif
-
-#ifndef plethol
-#define pletohl(p) ((guint32)*((guint8 *)p+3)<<24| \
- (guint32)*((guint8 *)p+2)<<16| \
- (guint32)*((guint8 *)p+1)<<8| \
- (guint32)*((guint8 *)p+0)<<0)
-#endif
#endif /* __WTAP_H__ */