source: lib/libtrace.h @ a2a1fa5

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivegetfragoffhelplibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since a2a1fa5 was a2a1fa5, checked in by Shane Alcock <salcock@…>, 16 years ago

Return packet->status back to a uint32_t

  • Property mode set to 100644
File size: 22.6 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2004 The University of Waikato, Hamilton, New Zealand.
5 * Authors: Daniel Lawson
6 *          Perry Lorier
7 *         
8 * All rights reserved.
9 *
10 * This code has been developed by the University of Waikato WAND
11 * research group. For further information please see http://www.wand.net.nz/
12 *
13 * libtrace is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * libtrace is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with libtrace; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
26 *
27 * $Id$
28 *
29 */
30
31#ifndef LIBTRACE_H
32#define LIBTRACE_H
33
34#include <sys/types.h>
35#include <netinet/in.h>
36
37/** API version as 2 byte hex digits, eg 0xXXYYZZ */
38#define LIBTRACE_API_VERSION 0x020016  /* 2.0.22 */
39
40#ifdef __cplusplus
41extern "C" { 
42#endif
43
44/* Function does not depend on anything but it's
45 * parameters, used to hint gcc's optimisations
46 */
47#define SIMPLE_FUNCTION __attribute__((pure))
48
49/** @file
50 *
51 * @brief Trace file processing library header
52 *
53 * @author Daniel Lawson
54 * @author Perry Lorier
55 *
56 * @version $Id$
57 *
58 * This library provides a per packet interface into a trace file, or a live
59 * captures.  It supports ERF, DAG cards, WAG cards, WAG's event format,
60 * pcap etc.
61 *
62 * @par Usage
63 * See the example/ directory in the source distribution for some simple examples
64 * @par Linking
65 * To use this library you need to link against libtrace by passing -ltrace
66 * to your linker. You may also need to link against a version of libpcap
67 * and of zlib which are compiled for largefile support (if you wish to access
68 * traces larger than 2 GB). This is left as an exercise for the reader. Debian
69 * Woody, at least, does not support large file offsets.
70 *
71 */
72
73#define COLLECTOR_PORT 3435
74
75       
76/** Opaque structure holding information about an output trace */
77struct libtrace_out_t;
78       
79/** Opaque structure holding information about a trace */
80struct libtrace_t;
81       
82/** Opaque structure holding information about a bpf filter */
83struct libtrace_filter_t;
84
85/** Structure holding information about a packet */
86#define LIBTRACE_PACKET_BUFSIZE 65536
87struct libtrace_packet_t {
88        struct libtrace_t *trace;
89        //void *buffer;
90        char buffer[LIBTRACE_PACKET_BUFSIZE];
91        size_t size;
92        uint32_t status;
93};
94                     
95
96/** Enumeration of error codes */
97enum {E_NOERROR, E_BAD_FORMAT, E_NO_INIT, E_NO_INIT_OUT, E_URI_LONG, E_URI_NOCOLON, E_INIT_FAILED };
98
99/** Structure for dealing with IP packets */
100struct libtrace_ip
101{
102#if BYTE_ORDER == LITTLE_ENDIAN
103    unsigned int ip_hl:4;               /**< header length */
104    unsigned int ip_v:4;                /**< version */
105#elif BYTE_ORDER == BIG_ENDIAN
106    unsigned int ip_v:4;                /**< version */
107    unsigned int ip_hl:4;               /**< header length */
108#else
109#   error "Adjust your <bits/endian.h> defines"
110#endif
111    u_int8_t ip_tos;                    /**< type of service */
112    u_short ip_len;                     /**< total length */
113    u_short ip_id;                      /**< identification */
114    u_short ip_off;                     /**< fragment offset field */
115#define IP_RF 0x8000                    /**< reserved fragment flag */
116#define IP_DF 0x4000                    /**< dont fragment flag */
117#define IP_MF 0x2000                    /**< more fragments flag */
118#define IP_OFFMASK 0x1fff               /**< mask for fragmenting bits */
119    u_int8_t ip_ttl;                    /**< time to live */
120    u_int8_t ip_p;                      /**< protocol */
121    u_short ip_sum;                     /**< checksum */
122    struct in_addr ip_src;              /**< source address */
123    struct in_addr ip_dst;              /**< dest address */
124} __attribute__ ((__packed__));
125
126/** Structure for dealing with TCP packets */
127struct libtrace_tcp
128  {
129    u_int16_t source;           /**< Source Port */
130    u_int16_t dest;             /**< Destination port */
131    u_int32_t seq;              /**< Sequence number */
132    u_int32_t ack_seq;          /**< Acknowledgement Number */
133#  if BYTE_ORDER == LITTLE_ENDIAN
134    u_int16_t res1:4;           /**< Reserved bits */
135    u_int16_t doff:4;           
136    u_int16_t fin:1;            /**< FIN */
137    u_int16_t syn:1;            /**< SYN flag */
138    u_int16_t rst:1;            /**< RST flag */
139    u_int16_t psh:1;            /**< PuSH flag */
140    u_int16_t ack:1;            /**< ACK flag */
141    u_int16_t urg:1;            /**< URG flag */
142    u_int16_t res2:2;           /**< Reserved */
143#  elif BYTE_ORDER == BIG_ENDIAN
144    u_int16_t doff:4;           
145    u_int16_t res1:4;           /**< Reserved bits */
146    u_int16_t res2:2;           /**< Reserved */
147    u_int16_t urg:1;            /**< URG flag */
148    u_int16_t ack:1;            /**< ACK flag */
149    u_int16_t psh:1;            /**< PuSH flag */
150    u_int16_t rst:1;            /**< RST flag */
151    u_int16_t syn:1;            /**< SYN flag */
152    u_int16_t fin:1;            /**< FIN flag */
153#  else
154#   error "Adjust your <bits/endian.h> defines"
155#  endif
156    u_int16_t window;           /**< Window Size */
157    u_int16_t check;            /**< Checksum */
158    u_int16_t urg_ptr;          /**< Urgent Pointer */
159} __attribute__ ((__packed__));
160
161/** UDP Header for dealing with UDP packets */
162struct libtrace_udp {
163  u_int16_t     source;         /**< Source port */
164  u_int16_t     dest;           /**< Destination port */
165  u_int16_t     len;            /**< Length */
166  u_int16_t     check;          /**< Checksum */
167} __attribute__ ((__packed__));
168
169/** ICMP Header for dealing with icmp packets */
170struct libtrace_icmp
171{
172  u_int8_t type;                /**< message type */
173  u_int8_t code;                /**< type sub-code */
174  u_int16_t checksum;           /**< checksum */
175  union
176  {
177    struct
178    {
179      u_int16_t id;
180      u_int16_t sequence;
181    } echo;                     /**< echo datagram */
182    u_int32_t   gateway;        /**< gateway address */
183    struct
184    {
185      u_int16_t unused;
186      u_int16_t mtu;
187    } frag;                     /**< path mtu discovery */
188  } un;                         /**< Union for payloads of various icmp codes */
189} __attribute__ ((__packed__));
190
191/** 802.3 frame */
192struct libtrace_ether
193{
194  u_int8_t ether_dhost[6];      /* destination ether addr */
195  u_int8_t ether_shost[6];      /* source ether addr */
196  u_int16_t ether_type;         /* packet type ID field (next-header) */
197} __attribute__ ((__packed__));
198
199/** 802.1Q frame */
200struct libtrace_8021q
201{
202  u_int8_t  ether_dhost[6];      /* destination eth addr */
203  u_int8_t  ether_shost[6];      /* source ether addr    */
204  u_int16_t ether_type;          /* packet type ID field , 0x8100 for VLAN */
205  u_int16_t vlan_pri:3;          /* vlan user priority */
206  u_int16_t vlan_cfi:1;          /* vlan format indicator, 0 for ethernet, 1 for token ring */
207  u_int16_t vlan_id:12;          /* vlan id */
208  u_int16_t vlan_ether_type;     /* vlan sub-packet type ID field (next-header)*/
209} __attribute__ ((__packed__));
210
211/** Prints help information for libtrace
212 *
213 * Function prints out some basic help information regarding libtrace,
214 * and then prints out the help() function registered with each input module
215 */
216void trace_help();
217
218/** Gets the output format for a given output trace
219 *
220 * @param libtrace      the output trace to get the name of the format fo
221 * @returns callee-owned null-terminated char* containing the output format
222 *
223 */
224SIMPLE_FUNCTION
225char *trace_get_output_format(const struct libtrace_out_t *libtrace);
226
227/** Prints error information
228 *
229 * Prints out a descriptive error message for the currently set trace_err value
230 */
231void trace_perror(const char *caller);
232
233/** Create a trace file from a URI
234 *
235 * @param uri containing a valid libtrace URI
236 * @returns opaque pointer to a libtrace_t
237 *
238 * Valid URI's are:
239 *  - erf:/path/to/erf/file
240 *  - erf:/path/to/erf/file.gz
241 *  - erf:/path/to/rtclient/socket
242 *  - erf:-  (stdin)
243 *  - dag:/dev/dagcard                 
244 *  - pcapint:pcapinterface                (eg: pcap:eth0)
245 *  - pcap:/path/to/pcap/file
246 *  - pcap:-
247 *  - rtclient:hostname
248 *  - rtclient:hostname:port
249 *  - wag:-
250 *  - wag:/path/to/wag/file
251 *  - wag:/path/to/wag/file.gz
252 *  - wag:/path/to/wag/socket
253 *
254 *  If an error occured when attempting to open the trace file, NULL is returned
255 *  and trace_errno is set. Use trace_perror() to get more information
256 */
257struct libtrace_t *trace_create(const char *uri);
258
259/** Creates a "dummy" trace file that has only the format type set.
260 *
261 * @returns opaque pointer to a (sparsely initialised) libtrace_t
262 *
263 * IMPORTANT: Do not attempt to call trace_read_packet or other such functions with
264 * the dummy trace. Its intended purpose is to act as a packet->trace for libtrace_packet_t's
265 * that are not associated with a libtrace_t structure.
266 */
267struct libtrace_t *trace_create_dead(const char *uri);
268
269/** Creates a trace output file from a URI.
270 *
271 * @param uri   the uri string describing the output format and destination
272 * @returns opaque pointer to a libtrace_output_t
273 * @author Shane Alcock
274 *
275 * Valid URI's are:
276 *  - gzerf:/path/to/erf/file.gz
277 *  - gzerf:/path/to/erf/file
278 *  - rtserver:hostname
279 *  - rtserver:hostname:port
280 *
281 *  If an error occured when attempting to open the output trace, NULL is returned
282 *  and trace_errno is set. Use trace_perror() to get more information
283 */
284struct libtrace_out_t *trace_output_create(const char *uri);
285
286/** Parses an output options string and calls the appropriate function to deal with output options.
287 *
288 * @param libtrace      the output trace object to apply the options to
289 * @param options       the options string
290 * @returns -1 if option configuration failed, 0 otherwise
291 *
292 * @author Shane Alcock
293 */
294int trace_output_config(struct libtrace_out_t *libtrace, char *options);
295
296/** Close a trace file, freeing up any resources it may have been using
297 *
298 */
299void trace_destroy(struct libtrace_t *trace);
300
301/** Close a trace file, freeing up any resources it may have been using
302 * @param trace         trace file to be destroyed
303 */
304void trace_destroy_dead(struct libtrace_t *trace);
305
306/** Close a trace output file, freeing up any resources it may have been using
307 *
308 * @param trace         the output trace file to be destroyed
309 *
310 * @author Shane Alcock
311 */
312void trace_output_destroy(struct libtrace_out_t *trace);
313
314/** Read one packet from the trace into buffer
315 *
316 * @param trace         the libtrace opaque pointer
317 * @param packet        the packet opaque pointer
318 * @returns 0 on EOF, negative value on error
319 *
320 */
321int trace_read_packet(struct libtrace_t *trace, struct libtrace_packet_t *packet);
322
323/** Write one packet out to the output trace
324 *
325 * @param trace         the libtrace_out opaque pointer
326 * @param packet        the packet opaque pointer
327 * @returns the number of bytes written out, if zero or negative then an error has occured.
328 */
329int trace_write_packet(struct libtrace_out_t *trace, const struct libtrace_packet_t *packet);
330
331/** get a pointer to the link layer
332 * @param packet        the packet opaque pointer
333 *
334 * @returns a pointer to the link layer, or NULL if there is no link layer
335 *
336 * @note you should call getLinkType() to find out what type of link layer
337 * this is
338 */
339SIMPLE_FUNCTION
340void *trace_get_link(const struct libtrace_packet_t *packet);
341
342/** get a pointer to the IP header (if any)
343 * @param packet        the packet opaque pointer
344 *
345 * @returns a pointer to the IP header, or NULL if there is not an IP packet
346 */
347SIMPLE_FUNCTION
348struct libtrace_ip *trace_get_ip(const struct libtrace_packet_t *packet);
349
350/** get a pointer to the TCP header (if any)
351 * @param packet        the packet opaque pointer
352 *
353 * @returns a pointer to the TCP header, or NULL if there is not a TCP packet
354 */
355SIMPLE_FUNCTION
356struct libtrace_tcp *trace_get_tcp(const struct libtrace_packet_t *packet);
357
358/** get a pointer to the TCP header (if any) given a pointer to the IP header
359 * @param ip            The IP header
360 * @param[out] skipped  An output variable of the number of bytes skipped
361 *
362 * @returns a pointer to the TCP header, or NULL if this is not a TCP packet
363 *
364 * Skipped can be NULL, in which case it will be ignored by the program.
365 *
366 * @author Perry Lorier
367 */
368SIMPLE_FUNCTION
369struct libtrace_tcp *trace_get_tcp_from_ip(const struct libtrace_ip *ip,int *skipped);
370
371/** get a pointer to the UDP header (if any)
372 * @param packet        the packet opaque pointer
373 *
374 * @returns a pointer to the UDP header, or NULL if this is not a UDP packet
375 */
376SIMPLE_FUNCTION
377struct libtrace_udp *trace_get_udp(const struct libtrace_packet_t *packet);
378
379/** get a pointer to the UDP header (if any) given a pointer to the IP header
380 * @param       ip      The IP header
381 * @param[out]  skipped An output variable of the number of bytes skipped
382 *
383 * @returns a pointer to the UDP header, or NULL if this is not an UDP packet
384 *
385 * Skipped may be NULL, in which case it will be ignored by this function.
386 */
387SIMPLE_FUNCTION
388struct libtrace_udp *trace_get_udp_from_ip(const struct libtrace_ip *ip,int *skipped);
389
390/** get a pointer to the ICMP header (if any)
391 * @param packet        the packet opaque pointer
392 *
393 * @returns a pointer to the ICMP header, or NULL if this is not a ICMP packet
394 */
395SIMPLE_FUNCTION
396struct libtrace_icmp *trace_get_icmp(const struct libtrace_packet_t *packet);
397
398/** get a pointer to the ICMP header (if any) given a pointer to the IP header
399 * @param ip            The IP header
400 * @param[out] skipped  An output variable of the number of bytes skipped
401 *
402 * @returns a pointer to the ICMP header, or NULL if this is not an ICMP packet
403 *
404 * Skipped may be NULL, in which case it will be ignored by this function
405 */
406SIMPLE_FUNCTION
407struct libtrace_icmp *trace_get_icmp_from_ip(const struct libtrace_ip *ip,int *skipped);
408
409/** parse an ip or tcp option
410 * @param[in,out] ptr   the pointer to the current option
411 * @param[in,out] len   the length of the remaining buffer
412 * @param[out] type     the type of the option
413 * @param[out] optlen   the length of the option
414 * @param[out] data     the data of the option
415 *
416 * @returns bool true if there is another option (and the fields are filled in)
417 *               or false if this was the last option.
418 *
419 * This updates ptr to point to the next option after this one, and updates
420 * len to be the number of bytes remaining in the options area.  Type is updated
421 * to be the code of this option, and data points to the data of this option,
422 * with optlen saying how many bytes there are.
423 *
424 * @note Beware of fragmented packets.
425 */
426int trace_get_next_option(unsigned char **ptr,int *len,
427                        unsigned char *type,
428                        unsigned char *optlen,
429                        unsigned char **data);
430
431
432/** Get the current time in DAG time format
433 * @param packet        the packet opaque pointer
434 *
435 * @returns a 64 bit timestamp in DAG ERF format (upper 32 bits are the seconds
436 * past 1970-01-01, the lower 32bits are partial seconds)
437 * @author Daniel Lawson
438 */
439SIMPLE_FUNCTION
440uint64_t trace_get_erf_timestamp(const struct libtrace_packet_t *packet);
441
442/** Get the current time in struct timeval
443 * @param packet        the packet opaque pointer
444 *
445 * @returns time that this packet was seen in a struct timeval
446 * @author Daniel Lawson
447 * @author Perry Lorier
448 */ 
449SIMPLE_FUNCTION
450struct timeval trace_get_timeval(const struct libtrace_packet_t *packet);
451
452/** Get the current time in floating point seconds
453 * @param packet        the packet opaque pointer
454 *
455 * @returns time that this packet was seen in 64bit floating point seconds
456 * @author Daniel Lawson
457 * @author Perry Lorier
458 */
459SIMPLE_FUNCTION
460double trace_get_seconds(const struct libtrace_packet_t *packet);
461
462/** Get the size of the packet in the trace
463 * @param packet        the packet opaque pointer
464 * @returns the size of the packet in the trace
465 * @author Perry Lorier
466 * @note Due to this being a header capture, or anonymisation, this may not
467 * be the same size as the original packet.  See get_wire_length() for the original
468 * size of the packet.
469 * @note This can (and often is) different for different packets in a trace!
470 * @par
471 *  This is sometimes called the "snaplen".
472 */
473SIMPLE_FUNCTION
474int trace_get_capture_length(const struct libtrace_packet_t *packet);
475
476/** Get the size of the packet as it was seen on the wire.
477 * @param packet        the packet opaque pointer
478 * @returns the size of the packet as it was on the wire.
479 * @author Perry Lorier
480 * @author Daniel Lawson
481 * @note Due to the trace being a header capture, or anonymisation this may
482 * not be the same as the Capture Len.
483 */ 
484SIMPLE_FUNCTION
485int trace_get_wire_length(const struct libtrace_packet_t *packet);
486
487/** Link layer types
488 * This enumates the various different link types that libtrace understands
489 */
490typedef enum { 
491       TRACE_TYPE_LEGACY,       
492       TRACE_TYPE_HDLC_POS, 
493       TRACE_TYPE_ETH,                  /**< 802.3 style Ethernet */
494       TRACE_TYPE_ATM,
495       TRACE_TYPE_80211,                /**< 802.11 frames */
496       TRACE_TYPE_NONE,
497       TRACE_TYPE_LINUX_SLL,            /**< Linux "null" framing */
498       TRACE_TYPE_PFLOG,                /**< FreeBSD's PFlug */
499       TRACE_TYPE_LEGACY_DEFAULT,
500       TRACE_TYPE_LEGACY_POS,
501       TRACE_TYPE_LEGACY_ATM,
502       TRACE_TYPE_LEGACY_ETH
503     } libtrace_linktype_t;
504
505/** Get the type of the link layer
506 * @param packet        the packet opaque pointer
507 * @returns libtrace_linktype_t
508 * @author Perry Lorier
509 * @author Daniel Lawson
510 */
511SIMPLE_FUNCTION
512inline libtrace_linktype_t trace_get_link_type(const struct libtrace_packet_t *packet);
513
514/** Get the destination MAC addres
515 * @param packet        the packet opaque pointer
516 * @returns a pointer to the destination mac, (or NULL if there is no
517 * destination MAC)
518 * @author Perry Lorier
519 */
520SIMPLE_FUNCTION
521uint8_t *trace_get_destination_mac(const struct libtrace_packet_t *packet);
522
523/** Get the source MAC addres
524 * @param packet        the packet opaque pointer
525 * @returns a pointer to the source mac, (or NULL if there is no source MAC)
526 * @author Perry Lorier
527 */
528SIMPLE_FUNCTION
529uint8_t *trace_get_source_mac(const struct libtrace_packet_t *packet);
530
531/** Truncate the packet at the suggested length
532 * @param packet        the packet opaque pointer
533 * @param size          the new length of the packet
534 * @returns the new length of the packet, or the original length of the
535 * packet if unchanged
536 * @author Daniel Lawson
537 */
538size_t trace_set_capture_length(struct libtrace_packet_t *packet, size_t size);
539
540/** Set the direction flag, if it has one
541 * @param packet        the packet opaque pointer
542 * @param direction     the new direction (0,1,2,3)
543 * @returns a signed value containing the direction flag, or -1 if this is not supported
544 * @author Daniel Lawson
545 */
546int8_t trace_set_direction(struct libtrace_packet_t *packet, int8_t direction);
547
548/** Get the direction flag, if it has one
549 * @param packet        the packet opaque pointer
550 * @returns a signed value containing the direction flag, or -1 if this is not supported
551 * The direction is defined as 0 for packets originating locally (ie, outbound)
552 * and 1 for packets originating remotely (ie, inbound).
553 * Other values are possible, which might be overloaded to mean special things
554 * for a special trace.
555 * @author Daniel Lawson
556 */
557SIMPLE_FUNCTION
558int8_t trace_get_direction(const struct libtrace_packet_t *packet);
559
560/** Event types
561 * see \ref libtrace_eventobj_t and \ref trace_event
562 */
563typedef enum {
564        TRACE_EVENT_IOWAIT,     /**< Need to block on fd */
565        TRACE_EVENT_SLEEP,      /**< Sleep for some time */
566        TRACE_EVENT_PACKET,     /**< packet has arrived */
567        TRACE_EVENT_TERMINATE   /**< End of trace */
568} libtrace_event_t;
569
570/** structure returned by libtrace_event explaining what the current event is */
571struct libtrace_eventobj_t {
572        libtrace_event_t type; /**< event type (iowait,sleep,packet) */
573        int fd;                /**< if IOWAIT, the fd to sleep on */
574        double seconds;        /**< if SLEEP, the amount of time to sleep for */
575        int size;              /**< if PACKET, the value returned from trace_read_packet */
576};
577
578/** process a libtrace event
579 * @param trace the libtrace opaque pointer
580 * @param packet the libtrace_packet opaque pointer
581 * @returns libtrace_event struct containing the type, and potential
582 *      fd or seconds to sleep on
583 *
584 * Type can be:
585 *  TRACE_EVENT_IOWAIT  Waiting on I/O on fd
586 *  TRACE_EVENT_SLEEP   Next event in seconds
587 *  TRACE_EVENT_PACKET  Packet arrived in buffer with size size
588 *  TRACE_EVENT_TERMINATE Trace terminated (perhaps with an error condition)
589 */
590struct libtrace_eventobj_t trace_event(struct libtrace_t *trace,
591                struct libtrace_packet_t *packet);
592
593/** setup a BPF filter
594 * @param filterstring a char * containing the bpf filter string
595 * @returns opaque pointer pointer to a libtrace_filter_t object
596 * @author Daniel Lawson
597 * @note The filter is not actually compiled at this point, so no correctness
598 * tests are performed here. trace_bpf_setfilter will always return ok, but
599 * if the filter is poorly constructed an error will be generated when the
600 * filter is actually used
601 */
602SIMPLE_FUNCTION
603struct libtrace_filter_t *trace_bpf_setfilter(const char *filterstring);
604
605/** apply a BPF filter
606 * @param filter        the filter opaque pointer
607 * @param packet        the packet opaque pointer
608 * @returns 0 if the filter fails, 1 if it succeeds
609 * @author Daniel Lawson
610 * @note Due to the way BPF filters are built, the filter is not actually compiled
611 * until the first time trace_bpf_filter is called. If your filter is incorrect, it will generate an error message and assert, exiting the program. This behaviour may change to more graceful handling of this error in the future.
612 */
613int trace_bpf_filter(struct libtrace_filter_t *filter,
614                const struct libtrace_packet_t *packet);
615
616
617/** Which port is the server port */
618typedef enum {
619        USE_DEST,       /**< Destination port is the server port */
620        USE_SOURCE      /**< Source port is the server port */
621} serverport_t;
622
623/** Get the source port
624 * @param packet        the packet to read from
625 * @returns a port in \em HOST byte order, or equivilent to ports for this
626 * protocol, or 0 if this protocol has no ports.
627 * @author Perry Lorier
628 */
629SIMPLE_FUNCTION
630uint16_t trace_get_source_port(const struct libtrace_packet_t *packet);
631
632/** Get the destination port
633 * @param packet        the packet to read from
634 * @returns a port in \em HOST byte order, or equivilent to ports for this
635 * protocol, or 0 if this protocol has no ports.
636 * @author Perry Lorier
637 */
638SIMPLE_FUNCTION
639uint16_t trace_get_destination_port(const struct libtrace_packet_t *packet);
640
641/** hint at the server port in specified protocol
642 * @param protocol      the IP layer protocol, eg 6 (tcp), 17 (udp)
643 * @param source        the source port from the packet
644 * @param dest          the destination port from the packet
645 * @returns one of USE_SOURCE or USE_DEST depending on which one you should use
646 * @note ports must be in \em HOST byte order!
647 * @author Daniel Lawson
648 */
649SIMPLE_FUNCTION
650int8_t trace_get_server_port(uint8_t protocol, uint16_t source, uint16_t dest);
651
652/** Takes a uri and splits it into a format and uridata component.
653 * Primarily for internal use but made available for external use.
654 * @param uri           the uri to be parsed
655 * @param format        destination location for the format component of the uri
656 * @returns 0 if an error occured, otherwise returns the uridata component
657 * @author Shane Alcock
658 */
659SIMPLE_FUNCTION
660char *trace_parse_uri(const char *uri, char **format);
661#ifdef __cplusplus
662} // extern "C"
663#endif // #ifdef __cplusplus
664#endif // LIBTRACE_H_
Note: See TracBrowser for help on using the repository browser.