source: lib/libtrace.h @ 3436702

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivegetfragoffhelplibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since 3436702 was 3436702, checked in by Daniel Lawson <dlawson@…>, 16 years ago

autoconf test for attribute((pure))

  • Property mode set to 100644
File size: 22.6 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2004 The University of Waikato, Hamilton, New Zealand.
5 * Authors: Daniel Lawson
6 *          Perry Lorier
7 *         
8 * All rights reserved.
9 *
10 * This code has been developed by the University of Waikato WAND
11 * research group. For further information please see http://www.wand.net.nz/
12 *
13 * libtrace is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * libtrace is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with libtrace; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
26 *
27 * $Id$
28 *
29 */
30
31#ifndef LIBTRACE_H
32#define LIBTRACE_H
33
34#include <sys/types.h>
35#include <netinet/in.h>
36#include "config.h"
37
38/** API version as 2 byte hex digits, eg 0xXXYYZZ */
39#define LIBTRACE_API_VERSION 0x020016  /* 2.0.22 */
40
41#ifdef __cplusplus
42extern "C" { 
43#endif
44
45/* Function does not depend on anything but it's
46 * parameters, used to hint gcc's optimisations
47 */
48#ifdef HAVE_ATTR_PURE
49#  define SIMPLE_FUNCTION __attribute__((pure))
50#else
51#  define SIMPLE_FUNCTION
52#endif
53       
54
55/** @file
56 *
57 * @brief Trace file processing library header
58 *
59 * @author Daniel Lawson
60 * @author Perry Lorier
61 *
62 * @version $Id$
63 *
64 * This library provides a per packet interface into a trace file, or a live
65 * captures.  It supports ERF, DAG cards, WAG cards, WAG's event format,
66 * pcap etc.
67 *
68 * @par Usage
69 * See the example/ directory in the source distribution for some simple examples
70 * @par Linking
71 * To use this library you need to link against libtrace by passing -ltrace
72 * to your linker. You may also need to link against a version of libpcap
73 * and of zlib which are compiled for largefile support (if you wish to access
74 * traces larger than 2 GB). This is left as an exercise for the reader. Debian
75 * Woody, at least, does not support large file offsets.
76 *
77 */
78
79#define COLLECTOR_PORT 3435
80
81       
82/** Opaque structure holding information about an output trace */
83struct libtrace_out_t;
84       
85/** Opaque structure holding information about a trace */
86struct libtrace_t;
87       
88/** Opaque structure holding information about a bpf filter */
89struct libtrace_filter_t;
90
91/** Structure holding information about a packet */
92#define LIBTRACE_PACKET_BUFSIZE 65536
93struct libtrace_packet_t {
94        struct libtrace_t *trace;
95        //void *buffer;
96        char buffer[LIBTRACE_PACKET_BUFSIZE];
97        size_t size;
98        uint32_t status;
99};
100                     
101
102/** Enumeration of error codes */
103enum {E_NOERROR, E_BAD_FORMAT, E_NO_INIT, E_NO_INIT_OUT, E_URI_LONG, E_URI_NOCOLON, E_INIT_FAILED };
104
105/** Structure for dealing with IP packets */
106struct libtrace_ip
107{
108#if BYTE_ORDER == LITTLE_ENDIAN
109    unsigned int ip_hl:4;               /**< header length */
110    unsigned int ip_v:4;                /**< version */
111#elif BYTE_ORDER == BIG_ENDIAN
112    unsigned int ip_v:4;                /**< version */
113    unsigned int ip_hl:4;               /**< header length */
114#else
115#   error "Adjust your <bits/endian.h> defines"
116#endif
117    u_int8_t ip_tos;                    /**< type of service */
118    u_short ip_len;                     /**< total length */
119    u_short ip_id;                      /**< identification */
120    u_short ip_off;                     /**< fragment offset field */
121#define IP_RF 0x8000                    /**< reserved fragment flag */
122#define IP_DF 0x4000                    /**< dont fragment flag */
123#define IP_MF 0x2000                    /**< more fragments flag */
124#define IP_OFFMASK 0x1fff               /**< mask for fragmenting bits */
125    u_int8_t ip_ttl;                    /**< time to live */
126    u_int8_t ip_p;                      /**< protocol */
127    u_short ip_sum;                     /**< checksum */
128    struct in_addr ip_src;              /**< source address */
129    struct in_addr ip_dst;              /**< dest address */
130} __attribute__ ((packed));
131
132/** Structure for dealing with TCP packets */
133struct libtrace_tcp
134  {
135    u_int16_t source;           /**< Source Port */
136    u_int16_t dest;             /**< Destination port */
137    u_int32_t seq;              /**< Sequence number */
138    u_int32_t ack_seq;          /**< Acknowledgement Number */
139#  if BYTE_ORDER == LITTLE_ENDIAN
140    u_int16_t res1:4;           /**< Reserved bits */
141    u_int16_t doff:4;           
142    u_int16_t fin:1;            /**< FIN */
143    u_int16_t syn:1;            /**< SYN flag */
144    u_int16_t rst:1;            /**< RST flag */
145    u_int16_t psh:1;            /**< PuSH flag */
146    u_int16_t ack:1;            /**< ACK flag */
147    u_int16_t urg:1;            /**< URG flag */
148    u_int16_t res2:2;           /**< Reserved */
149#  elif BYTE_ORDER == BIG_ENDIAN
150    u_int16_t doff:4;           
151    u_int16_t res1:4;           /**< Reserved bits */
152    u_int16_t res2:2;           /**< Reserved */
153    u_int16_t urg:1;            /**< URG flag */
154    u_int16_t ack:1;            /**< ACK flag */
155    u_int16_t psh:1;            /**< PuSH flag */
156    u_int16_t rst:1;            /**< RST flag */
157    u_int16_t syn:1;            /**< SYN flag */
158    u_int16_t fin:1;            /**< FIN flag */
159#  else
160#   error "Adjust your <bits/endian.h> defines"
161#  endif
162    u_int16_t window;           /**< Window Size */
163    u_int16_t check;            /**< Checksum */
164    u_int16_t urg_ptr;          /**< Urgent Pointer */
165} __attribute__ ((packed));
166
167/** UDP Header for dealing with UDP packets */
168struct libtrace_udp {
169  u_int16_t     source;         /**< Source port */
170  u_int16_t     dest;           /**< Destination port */
171  u_int16_t     len;            /**< Length */
172  u_int16_t     check;          /**< Checksum */
173} __attribute__ ((packed));
174
175/** ICMP Header for dealing with icmp packets */
176struct libtrace_icmp
177{
178  u_int8_t type;                /**< message type */
179  u_int8_t code;                /**< type sub-code */
180  u_int16_t checksum;           /**< checksum */
181  union
182  {
183    struct
184    {
185      u_int16_t id;
186      u_int16_t sequence;
187    } echo;                     /**< echo datagram */
188    u_int32_t   gateway;        /**< gateway address */
189    struct
190    {
191      u_int16_t unused;
192      u_int16_t mtu;
193    } frag;                     /**< path mtu discovery */
194  } un;                         /**< Union for payloads of various icmp codes */
195} __attribute__ ((packed));
196
197/** 802.3 frame */
198struct libtrace_ether
199{
200  u_int8_t ether_dhost[6];      /* destination ether addr */
201  u_int8_t ether_shost[6];      /* source ether addr */
202  u_int16_t ether_type;         /* packet type ID field (next-header) */
203} __attribute__ ((packed));
204
205/** 802.1Q frame */
206struct libtrace_8021q
207{
208  u_int8_t  ether_dhost[6];      /* destination eth addr */
209  u_int8_t  ether_shost[6];      /* source ether addr    */
210  u_int16_t ether_type;          /* packet type ID field , 0x8100 for VLAN */
211  u_int16_t vlan_pri:3;          /* vlan user priority */
212  u_int16_t vlan_cfi:1;          /* vlan format indicator, 0 for ethernet, 1 for token ring */
213  u_int16_t vlan_id:12;          /* vlan id */
214  u_int16_t vlan_ether_type;     /* vlan sub-packet type ID field (next-header)*/
215} __attribute__ ((packed));
216
217/** Prints help information for libtrace
218 *
219 * Function prints out some basic help information regarding libtrace,
220 * and then prints out the help() function registered with each input module
221 */
222void trace_help();
223
224/** Gets the output format for a given output trace
225 *
226 * @param libtrace      the output trace to get the name of the format fo
227 * @returns callee-owned null-terminated char* containing the output format
228 *
229 */
230SIMPLE_FUNCTION
231char *trace_get_output_format(const struct libtrace_out_t *libtrace);
232
233/** Prints error information
234 *
235 * Prints out a descriptive error message for the currently set trace_err value
236 */
237void trace_perror(const char *caller);
238
239/** Create a trace file from a URI
240 *
241 * @param uri containing a valid libtrace URI
242 * @returns opaque pointer to a libtrace_t
243 *
244 * Valid URI's are:
245 *  - erf:/path/to/erf/file
246 *  - erf:/path/to/erf/file.gz
247 *  - erf:/path/to/rtclient/socket
248 *  - erf:-  (stdin)
249 *  - dag:/dev/dagcard                 
250 *  - pcapint:pcapinterface                (eg: pcap:eth0)
251 *  - pcap:/path/to/pcap/file
252 *  - pcap:-
253 *  - rtclient:hostname
254 *  - rtclient:hostname:port
255 *  - wag:-
256 *  - wag:/path/to/wag/file
257 *  - wag:/path/to/wag/file.gz
258 *  - wag:/path/to/wag/socket
259 *
260 *  If an error occured when attempting to open the trace file, NULL is returned
261 *  and trace_errno is set. Use trace_perror() to get more information
262 */
263struct libtrace_t *trace_create(const char *uri);
264
265/** Creates a "dummy" trace file that has only the format type set.
266 *
267 * @returns opaque pointer to a (sparsely initialised) libtrace_t
268 *
269 * IMPORTANT: Do not attempt to call trace_read_packet or other such functions with
270 * the dummy trace. Its intended purpose is to act as a packet->trace for libtrace_packet_t's
271 * that are not associated with a libtrace_t structure.
272 */
273struct libtrace_t *trace_create_dead(const char *uri);
274
275/** Creates a trace output file from a URI.
276 *
277 * @param uri   the uri string describing the output format and destination
278 * @returns opaque pointer to a libtrace_output_t
279 * @author Shane Alcock
280 *
281 * Valid URI's are:
282 *  - gzerf:/path/to/erf/file.gz
283 *  - gzerf:/path/to/erf/file
284 *  - rtserver:hostname
285 *  - rtserver:hostname:port
286 *
287 *  If an error occured when attempting to open the output trace, NULL is returned
288 *  and trace_errno is set. Use trace_perror() to get more information
289 */
290struct libtrace_out_t *trace_output_create(const char *uri);
291
292/** Parses an output options string and calls the appropriate function to deal with output options.
293 *
294 * @param libtrace      the output trace object to apply the options to
295 * @param options       the options string
296 * @returns -1 if option configuration failed, 0 otherwise
297 *
298 * @author Shane Alcock
299 */
300int trace_output_config(struct libtrace_out_t *libtrace, char *options);
301
302/** Close a trace file, freeing up any resources it may have been using
303 *
304 */
305void trace_destroy(struct libtrace_t *trace);
306
307/** Close a trace file, freeing up any resources it may have been using
308 * @param trace         trace file to be destroyed
309 */
310void trace_destroy_dead(struct libtrace_t *trace);
311
312/** Close a trace output file, freeing up any resources it may have been using
313 *
314 * @param trace         the output trace file to be destroyed
315 *
316 * @author Shane Alcock
317 */
318void trace_output_destroy(struct libtrace_out_t *trace);
319
320/** Read one packet from the trace into buffer
321 *
322 * @param trace         the libtrace opaque pointer
323 * @param packet        the packet opaque pointer
324 * @returns 0 on EOF, negative value on error
325 *
326 */
327int trace_read_packet(struct libtrace_t *trace, struct libtrace_packet_t *packet);
328
329/** Write one packet out to the output trace
330 *
331 * @param trace         the libtrace_out opaque pointer
332 * @param packet        the packet opaque pointer
333 * @returns the number of bytes written out, if zero or negative then an error has occured.
334 */
335int trace_write_packet(struct libtrace_out_t *trace, const struct libtrace_packet_t *packet);
336
337/** get a pointer to the link layer
338 * @param packet        the packet opaque pointer
339 *
340 * @returns a pointer to the link layer, or NULL if there is no link layer
341 *
342 * @note you should call getLinkType() to find out what type of link layer
343 * this is
344 */
345SIMPLE_FUNCTION
346void *trace_get_link(const struct libtrace_packet_t *packet);
347
348/** get a pointer to the IP header (if any)
349 * @param packet        the packet opaque pointer
350 *
351 * @returns a pointer to the IP header, or NULL if there is not an IP packet
352 */
353SIMPLE_FUNCTION
354struct libtrace_ip *trace_get_ip(const struct libtrace_packet_t *packet);
355
356/** get a pointer to the TCP header (if any)
357 * @param packet        the packet opaque pointer
358 *
359 * @returns a pointer to the TCP header, or NULL if there is not a TCP packet
360 */
361SIMPLE_FUNCTION
362struct libtrace_tcp *trace_get_tcp(const struct libtrace_packet_t *packet);
363
364/** get a pointer to the TCP header (if any) given a pointer to the IP header
365 * @param ip            The IP header
366 * @param[out] skipped  An output variable of the number of bytes skipped
367 *
368 * @returns a pointer to the TCP header, or NULL if this is not a TCP packet
369 *
370 * Skipped can be NULL, in which case it will be ignored by the program.
371 *
372 * @author Perry Lorier
373 */
374SIMPLE_FUNCTION
375struct libtrace_tcp *trace_get_tcp_from_ip(const struct libtrace_ip *ip,int *skipped);
376
377/** get a pointer to the UDP header (if any)
378 * @param packet        the packet opaque pointer
379 *
380 * @returns a pointer to the UDP header, or NULL if this is not a UDP packet
381 */
382SIMPLE_FUNCTION
383struct libtrace_udp *trace_get_udp(const struct libtrace_packet_t *packet);
384
385/** get a pointer to the UDP header (if any) given a pointer to the IP header
386 * @param       ip      The IP header
387 * @param[out]  skipped An output variable of the number of bytes skipped
388 *
389 * @returns a pointer to the UDP header, or NULL if this is not an UDP packet
390 *
391 * Skipped may be NULL, in which case it will be ignored by this function.
392 */
393SIMPLE_FUNCTION
394struct libtrace_udp *trace_get_udp_from_ip(const struct libtrace_ip *ip,int *skipped);
395
396/** get a pointer to the ICMP header (if any)
397 * @param packet        the packet opaque pointer
398 *
399 * @returns a pointer to the ICMP header, or NULL if this is not a ICMP packet
400 */
401SIMPLE_FUNCTION
402struct libtrace_icmp *trace_get_icmp(const struct libtrace_packet_t *packet);
403
404/** get a pointer to the ICMP header (if any) given a pointer to the IP header
405 * @param ip            The IP header
406 * @param[out] skipped  An output variable of the number of bytes skipped
407 *
408 * @returns a pointer to the ICMP header, or NULL if this is not an ICMP packet
409 *
410 * Skipped may be NULL, in which case it will be ignored by this function
411 */
412SIMPLE_FUNCTION
413struct libtrace_icmp *trace_get_icmp_from_ip(const struct libtrace_ip *ip,int *skipped);
414
415/** parse an ip or tcp option
416 * @param[in,out] ptr   the pointer to the current option
417 * @param[in,out] len   the length of the remaining buffer
418 * @param[out] type     the type of the option
419 * @param[out] optlen   the length of the option
420 * @param[out] data     the data of the option
421 *
422 * @returns bool true if there is another option (and the fields are filled in)
423 *               or false if this was the last option.
424 *
425 * This updates ptr to point to the next option after this one, and updates
426 * len to be the number of bytes remaining in the options area.  Type is updated
427 * to be the code of this option, and data points to the data of this option,
428 * with optlen saying how many bytes there are.
429 *
430 * @note Beware of fragmented packets.
431 */
432int trace_get_next_option(unsigned char **ptr,int *len,
433                        unsigned char *type,
434                        unsigned char *optlen,
435                        unsigned char **data);
436
437
438/** Get the current time in DAG time format
439 * @param packet        the packet opaque pointer
440 *
441 * @returns a 64 bit timestamp in DAG ERF format (upper 32 bits are the seconds
442 * past 1970-01-01, the lower 32bits are partial seconds)
443 * @author Daniel Lawson
444 */
445SIMPLE_FUNCTION
446uint64_t trace_get_erf_timestamp(const struct libtrace_packet_t *packet);
447
448/** Get the current time in struct timeval
449 * @param packet        the packet opaque pointer
450 *
451 * @returns time that this packet was seen in a struct timeval
452 * @author Daniel Lawson
453 * @author Perry Lorier
454 */ 
455SIMPLE_FUNCTION
456struct timeval trace_get_timeval(const struct libtrace_packet_t *packet);
457
458/** Get the current time in floating point seconds
459 * @param packet        the packet opaque pointer
460 *
461 * @returns time that this packet was seen in 64bit floating point seconds
462 * @author Daniel Lawson
463 * @author Perry Lorier
464 */
465SIMPLE_FUNCTION
466double trace_get_seconds(const struct libtrace_packet_t *packet);
467
468/** Get the size of the packet in the trace
469 * @param packet        the packet opaque pointer
470 * @returns the size of the packet in the trace
471 * @author Perry Lorier
472 * @note Due to this being a header capture, or anonymisation, this may not
473 * be the same size as the original packet.  See get_wire_length() for the original
474 * size of the packet.
475 * @note This can (and often is) different for different packets in a trace!
476 * @par
477 *  This is sometimes called the "snaplen".
478 */
479SIMPLE_FUNCTION
480int trace_get_capture_length(const struct libtrace_packet_t *packet);
481
482/** Get the size of the packet as it was seen on the wire.
483 * @param packet        the packet opaque pointer
484 * @returns the size of the packet as it was on the wire.
485 * @author Perry Lorier
486 * @author Daniel Lawson
487 * @note Due to the trace being a header capture, or anonymisation this may
488 * not be the same as the Capture Len.
489 */ 
490SIMPLE_FUNCTION
491int trace_get_wire_length(const struct libtrace_packet_t *packet);
492
493/** Link layer types
494 * This enumates the various different link types that libtrace understands
495 */
496typedef enum { 
497       TRACE_TYPE_LEGACY,       
498       TRACE_TYPE_HDLC_POS, 
499       TRACE_TYPE_ETH,                  /**< 802.3 style Ethernet */
500       TRACE_TYPE_ATM,
501       TRACE_TYPE_80211,                /**< 802.11 frames */
502       TRACE_TYPE_NONE,
503       TRACE_TYPE_LINUX_SLL,            /**< Linux "null" framing */
504       TRACE_TYPE_PFLOG,                /**< FreeBSD's PFlug */
505       TRACE_TYPE_LEGACY_DEFAULT,
506       TRACE_TYPE_LEGACY_POS,
507       TRACE_TYPE_LEGACY_ATM,
508       TRACE_TYPE_LEGACY_ETH
509     } libtrace_linktype_t;
510
511/** Get the type of the link layer
512 * @param packet        the packet opaque pointer
513 * @returns libtrace_linktype_t
514 * @author Perry Lorier
515 * @author Daniel Lawson
516 */
517SIMPLE_FUNCTION
518inline libtrace_linktype_t trace_get_link_type(const struct libtrace_packet_t *packet);
519
520/** Get the destination MAC addres
521 * @param packet        the packet opaque pointer
522 * @returns a pointer to the destination mac, (or NULL if there is no
523 * destination MAC)
524 * @author Perry Lorier
525 */
526SIMPLE_FUNCTION
527uint8_t *trace_get_destination_mac(const struct libtrace_packet_t *packet);
528
529/** Get the source MAC addres
530 * @param packet        the packet opaque pointer
531 * @returns a pointer to the source mac, (or NULL if there is no source MAC)
532 * @author Perry Lorier
533 */
534SIMPLE_FUNCTION
535uint8_t *trace_get_source_mac(const struct libtrace_packet_t *packet);
536
537/** Truncate the packet at the suggested length
538 * @param packet        the packet opaque pointer
539 * @param size          the new length of the packet
540 * @returns the new length of the packet, or the original length of the
541 * packet if unchanged
542 * @author Daniel Lawson
543 */
544size_t trace_set_capture_length(struct libtrace_packet_t *packet, size_t size);
545
546/** Set the direction flag, if it has one
547 * @param packet        the packet opaque pointer
548 * @param direction     the new direction (0,1,2,3)
549 * @returns a signed value containing the direction flag, or -1 if this is not supported
550 * @author Daniel Lawson
551 */
552int8_t trace_set_direction(struct libtrace_packet_t *packet, int8_t direction);
553
554/** Get the direction flag, if it has one
555 * @param packet        the packet opaque pointer
556 * @returns a signed value containing the direction flag, or -1 if this is not supported
557 * The direction is defined as 0 for packets originating locally (ie, outbound)
558 * and 1 for packets originating remotely (ie, inbound).
559 * Other values are possible, which might be overloaded to mean special things
560 * for a special trace.
561 * @author Daniel Lawson
562 */
563SIMPLE_FUNCTION
564int8_t trace_get_direction(const struct libtrace_packet_t *packet);
565
566/** Event types
567 * see \ref libtrace_eventobj_t and \ref trace_event
568 */
569typedef enum {
570        TRACE_EVENT_IOWAIT,     /**< Need to block on fd */
571        TRACE_EVENT_SLEEP,      /**< Sleep for some time */
572        TRACE_EVENT_PACKET,     /**< packet has arrived */
573        TRACE_EVENT_TERMINATE   /**< End of trace */
574} libtrace_event_t;
575
576/** structure returned by libtrace_event explaining what the current event is */
577struct libtrace_eventobj_t {
578        libtrace_event_t type; /**< event type (iowait,sleep,packet) */
579        int fd;                /**< if IOWAIT, the fd to sleep on */
580        double seconds;        /**< if SLEEP, the amount of time to sleep for */
581        int size;              /**< if PACKET, the value returned from trace_read_packet */
582};
583
584/** process a libtrace event
585 * @param trace the libtrace opaque pointer
586 * @param packet the libtrace_packet opaque pointer
587 * @returns libtrace_event struct containing the type, and potential
588 *      fd or seconds to sleep on
589 *
590 * Type can be:
591 *  TRACE_EVENT_IOWAIT  Waiting on I/O on fd
592 *  TRACE_EVENT_SLEEP   Next event in seconds
593 *  TRACE_EVENT_PACKET  Packet arrived in buffer with size size
594 *  TRACE_EVENT_TERMINATE Trace terminated (perhaps with an error condition)
595 */
596struct libtrace_eventobj_t trace_event(struct libtrace_t *trace,
597                struct libtrace_packet_t *packet);
598
599/** setup a BPF filter
600 * @param filterstring a char * containing the bpf filter string
601 * @returns opaque pointer pointer to a libtrace_filter_t object
602 * @author Daniel Lawson
603 * @note The filter is not actually compiled at this point, so no correctness
604 * tests are performed here. trace_bpf_setfilter will always return ok, but
605 * if the filter is poorly constructed an error will be generated when the
606 * filter is actually used
607 */
608SIMPLE_FUNCTION
609struct libtrace_filter_t *trace_bpf_setfilter(const char *filterstring);
610
611/** apply a BPF filter
612 * @param filter        the filter opaque pointer
613 * @param packet        the packet opaque pointer
614 * @returns 0 if the filter fails, 1 if it succeeds
615 * @author Daniel Lawson
616 * @note Due to the way BPF filters are built, the filter is not actually compiled
617 * until the first time trace_bpf_filter is called. If your filter is incorrect, it will generate an error message and assert, exiting the program. This behaviour may change to more graceful handling of this error in the future.
618 */
619int trace_bpf_filter(struct libtrace_filter_t *filter,
620                const struct libtrace_packet_t *packet);
621
622
623/** Which port is the server port */
624typedef enum {
625        USE_DEST,       /**< Destination port is the server port */
626        USE_SOURCE      /**< Source port is the server port */
627} serverport_t;
628
629/** Get the source port
630 * @param packet        the packet to read from
631 * @returns a port in \em HOST byte order, or equivilent to ports for this
632 * protocol, or 0 if this protocol has no ports.
633 * @author Perry Lorier
634 */
635SIMPLE_FUNCTION
636uint16_t trace_get_source_port(const struct libtrace_packet_t *packet);
637
638/** Get the destination port
639 * @param packet        the packet to read from
640 * @returns a port in \em HOST byte order, or equivilent to ports for this
641 * protocol, or 0 if this protocol has no ports.
642 * @author Perry Lorier
643 */
644SIMPLE_FUNCTION
645uint16_t trace_get_destination_port(const struct libtrace_packet_t *packet);
646
647/** hint at the server port in specified protocol
648 * @param protocol      the IP layer protocol, eg 6 (tcp), 17 (udp)
649 * @param source        the source port from the packet
650 * @param dest          the destination port from the packet
651 * @returns one of USE_SOURCE or USE_DEST depending on which one you should use
652 * @note ports must be in \em HOST byte order!
653 * @author Daniel Lawson
654 */
655SIMPLE_FUNCTION
656int8_t trace_get_server_port(uint8_t protocol, uint16_t source, uint16_t dest);
657
658/** Takes a uri and splits it into a format and uridata component.
659 * Primarily for internal use but made available for external use.
660 * @param uri           the uri to be parsed
661 * @param format        destination location for the format component of the uri
662 * @returns 0 if an error occured, otherwise returns the uridata component
663 * @author Shane Alcock
664 */
665const char *trace_parse_uri(const char *uri, char **format);
666#ifdef __cplusplus
667} // extern "C"
668#endif // #ifdef __cplusplus
669#endif // LIBTRACE_H_
Note: See TracBrowser for help on using the repository browser.