source: lib/libtrace_int.h @ 12ae766

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivelibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since 12ae766 was 12ae766, checked in by Richard Sanger <rsangerarj@…>, 6 years ago

Move pthread register outside of the libtrace lock.
DAG does a decent amount of work in this step, which
can be done in parallel. Instead let formats grab a
lock if they need it.

  • Property mode set to 100644
File size: 40.8 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2007,2008,2009,2010 The University of Waikato, Hamilton,
5 * New Zealand.
6 *
7 * Authors: Daniel Lawson
8 *          Perry Lorier
9 *          Shane Alcock
10 *         
11 * All rights reserved.
12 *
13 * This code has been developed by the University of Waikato WAND
14 * research group. For further information please see http://www.wand.net.nz/
15 *
16 * libtrace is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 * libtrace is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24 * GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with libtrace; if not, write to the Free Software
28 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
29 *
30 * $Id$
31 *
32 */
33
34/** @file
35 *
36 * @brief Header file containing definitions for structures and functions that
37 * are internal
38 *
39 * @author Daniel Lawson
40 * @author Perry Lorier
41 * @author Shane Alcock
42 *
43 * @version $Id$
44 *
45 * All of the structures and functions defined in this header file are intended
46 * for internal use within Libtrace only. They should not be exported as part
47 * of the library API as we don't want users accessing things like the
48 * contents of the libtrace packet structure directly!
49 */
50#ifndef LIBTRACE_INT_H
51#define LIBTRACE_INT_H
52
53#ifdef __cplusplus
54extern "C" {
55#endif
56
57#include "config.h"
58#include "common.h"
59#include "libtrace.h"
60#include "wandio.h"
61#include "lt_bswap.h"
62
63#ifdef _MSC_VER
64// warning: deprecated function
65#pragma warning(disable:4996)
66// warning: benign redefinitions of types
67#pragma warning(disable:4142)
68#endif
69
70#ifdef HAVE_INTTYPES_H
71# include <inttypes.h>
72#else
73# include "lt_inttypes.h"
74#endif
75
76#ifdef HAVE_STDDEF_H
77# include <stddef.h>
78#else
79#ifndef WIN32
80# error "Can't find stddev.h -- do you define ptrdiff_t elsewhere?"
81#endif
82#endif
83
84
85#include "rt_protocol.h"
86       
87/* Prefer net/bpf.h over pcap-bpf.h for format_bpf.c on MacOS */
88#ifdef HAVE_NET_BPF_H
89#    include <net/bpf.h>
90#    define HAVE_BPF 1
91#else
92#ifdef HAVE_PCAP_BPF_H
93#  include <pcap-bpf.h>
94#  define HAVE_BPF 1
95#endif
96#endif
97
98#ifdef HAVE_PCAP_H
99#  include <pcap.h>
100#  ifdef HAVE_PCAP_INT_H
101#    include <pcap-int.h>
102#  endif
103#endif
104
105#ifdef HAVE_ZLIB_H
106#  include <zlib.h>
107#endif
108
109#ifndef HAVE_STRNDUP
110char *strndup(const char *s, size_t size);
111#endif
112
113#ifndef HAVE_STRNCASECMP
114# ifndef HAVE__STRNICMP
115/** A local implementation of strncasecmp (as some systems do not have it) */
116int strncasecmp(const char *str1, const char *str2, size_t n);
117# else
118# define strncasecmp _strnicmp
119# endif
120#endif
121
122#ifndef HAVE_SNPRINTF
123# ifndef HAVE_SPRINTF_S
124/** A local implementation of snprintf (as some systems do not have it) */
125int snprintf(char *str, size_t size, const char *format, ...);
126# else
127# define snprintf sprintf_s
128# endif
129#endif
130
131#include "daglegacy.h"
132       
133#ifdef HAVE_DAG_API
134#  include "dagnew.h"
135#  include "dagapi.h"
136#       if DAG_VERSION == 24
137#               include <erftypes.h>
138#       else
139#               include <daginf.h>
140#       endif
141#  include "erftypes.h"
142#else
143#  include "dagformat.h"
144#endif
145
146#ifdef HAVE_LLVM
147#include "bpf-jit/bpf-jit.h"
148#endif
149
150#include "data-struct/ring_buffer.h"
151#include "data-struct/object_cache.h"
152#include "data-struct/vector.h"
153#include "data-struct/message_queue.h"
154#include "data-struct/deque.h"
155#include "data-struct/sliding_window.h"
156
157//#define RP_BUFSIZE 65536U
158
159/** Data about the most recent event from a trace file */
160struct libtrace_event_status_t {
161        /** A libtrace packet to store the packet when a PACKET event occurs */
162        libtrace_packet_t *packet;
163        /** Time between the timestamp for the current packet and the current
164         * walltime */
165        double tdelta;
166        /** The timestamp of the previous PACKET event */
167        double trace_last_ts;
168        /** The size of the current PACKET event */
169        int psize;
170        /** Whether there is a packet stored in *packet above waiting for an
171         * event to occur */
172        bool waiting;
173};
174
175enum thread_types {
176        THREAD_EMPTY,
177        THREAD_HASHER,
178        THREAD_PERPKT,
179        THREAD_REPORTER,
180        THREAD_KEEPALIVE
181};
182
183enum thread_states {
184        THREAD_RUNNING,
185        THREAD_FINISHING,
186        THREAD_FINISHED,
187        THREAD_PAUSED,
188        THREAD_STATE_MAX
189};
190
191/**
192 * Information of this thread
193 */
194struct libtrace_thread_t {
195        uint64_t accepted_packets; // The number of packets accepted only used if pread
196        uint64_t filtered_packets;
197        // is retreving packets
198        // Set to true once the first packet has been stored
199        bool recorded_first;
200        // For thread safety reason we actually must store this here
201        int64_t tracetime_offset_usec;
202        void* user_data; // TLS for the user to use
203        void* format_data; // TLS for the format to use
204        libtrace_message_queue_t messages; // Message handling
205        libtrace_ringbuffer_t rbuffer; // Input
206        libtrace_t * trace;
207        void* ret;
208        enum thread_types type;
209        enum thread_states state;
210        pthread_t tid;
211        int perpkt_num; // A number from 0-X that represents this perpkt threads number
212                                // in the table, intended to quickly identify this thread
213                                // -1 represents NA (such as the case this is not a perpkt thread)
214};
215
216/**
217 * Storage to note time value against each.
218 * Used both internally to do trace time playback
219 * and can be used externally to assist applications which need
220 * a trace starting time such as tracertstats.
221 */
222struct first_packets {
223        pthread_spinlock_t lock;
224        size_t count; // If == perpkt_thread_count threads we have all
225        size_t first; // Valid if count != 0
226        struct __packet_storage_magic_type {
227                libtrace_packet_t * packet;
228                struct timeval tv;
229        } * packets;
230};
231
232#define TRACE_STATES \
233        X(STATE_NEW) \
234        X(STATE_RUNNING) \
235        X(STATE_PAUSING) \
236        X(STATE_PAUSED) \
237        X(STATE_FINSHED) \
238        X(STATE_DESTROYED) \
239        X(STATE_JOINED) \
240        X(STATE_ERROR)
241
242#define X(a) a,
243enum trace_state {
244        TRACE_STATES
245};
246#undef X
247
248#define X(a) case a: return #a;
249static inline char *get_trace_state_name(enum trace_state ts){
250        switch(ts) {
251                TRACE_STATES
252                default:
253                        return "UNKNOWN";
254        }
255}
256#undef X
257
258/** A libtrace input trace
259 * @internal
260 */
261struct libtrace_t {
262        /** The capture format for the input trace */
263        struct libtrace_format_t *format; 
264        /** Details of the most recent PACKET event reported by the trace */
265        struct libtrace_event_status_t event;
266        /** Pointer to the "global" data for the capture format module */       
267        void *format_data;             
268        /** A BPF filter to be applied to all packets read by the trace -
269         * used only if the capture format does not support filters natively */
270        struct libtrace_filter_t *filter; 
271        /** The snap length to be applied to all packets read by the trace -
272         * used only if the capture format does not support snapping natively */
273        size_t snaplen;                 
274        /** Count of the number of packets returned to the libtrace user */
275        uint64_t accepted_packets;     
276        /** Count of the number of packets filtered by libtrace */
277        uint64_t filtered_packets;     
278        /** The filename from the uri for the trace */
279        char *uridata;
280        /** The libtrace IO reader for this trace (if applicable) */
281        io_t *io;
282        /** Error information for the trace */
283        libtrace_err_t err;
284        /** Boolean flag indicating whether the trace has been started */
285        bool started;
286        /** Synchronise writes/reads across this format object and attached threads etc */
287        pthread_mutex_t libtrace_lock;
288        /** State */
289        enum trace_state state;
290        /** Use to control pausing threads and finishing threads etc always used with libtrace_lock */
291        pthread_cond_t perpkt_cond;
292        /* Keep track of counts of threads in any given state */
293        int perpkt_thread_states[THREAD_STATE_MAX]; 
294
295        /** Set to indicate a perpkt's queue is full as such the writing perpkt cannot proceed */
296        bool perpkt_queue_full;
297        /** Global storage for this trace, shared among all the threads  */
298        void* global_blob;
299        /** The actual freelist */
300        libtrace_ocache_t packet_freelist;
301        /** User defined per_pkt function called when a pkt is ready */
302        fn_per_pkt per_pkt;
303        /** User defined reporter function entry point XXX not hooked up */
304        fn_reporter reporter;
305        /** The hasher function */
306        enum hasher_types hasher_type;
307        /** The hasher function - NULL implies they don't care or balance */
308        fn_hasher hasher; // If valid using a separate thread
309        void *hasher_data;
310        /** The pread_packet choosen path for the configuration */
311        int (*pread)(libtrace_t *, libtrace_thread_t *, libtrace_packet_t **, size_t);
312
313        libtrace_thread_t hasher_thread;
314        libtrace_thread_t reporter_thread;
315        libtrace_thread_t keepalive_thread;
316        int perpkt_thread_count;
317        libtrace_thread_t * perpkt_threads; // All our perpkt threads
318        // Used to keep track of the first packet seen on each thread
319        struct first_packets first_packets;
320        int tracetime;
321
322        /*
323         * Caches statistic counters in the case that our trace is
324         * paused or stopped before this counter is taken
325         */
326        uint64_t dropped_packets;
327        uint64_t received_packets;
328        struct user_configuration config;
329        libtrace_combine_t combiner;
330};
331
332void trace_fin_packet(libtrace_packet_t *packet);
333void libtrace_zero_thread(libtrace_thread_t * t);
334void store_first_packet(libtrace_t *libtrace, libtrace_packet_t *packet, libtrace_thread_t *t);
335libtrace_thread_t * get_thread_table(libtrace_t *libtrace);
336int get_thread_table_num(libtrace_t *libtrace);
337
338
339/** A libtrace output trace
340 * @internal
341 */
342struct libtrace_out_t {
343        /** The capture format for the output trace */
344        struct libtrace_format_t *format;
345        /** Pointer to the "global" data for the capture format module */
346        void *format_data;             
347        /** The filename for the uri for the output trace */
348        char *uridata;                 
349        /** Error information for the output trace */
350        libtrace_err_t err;
351        /** Boolean flag indicating whether the trace has been started */
352        bool started;
353};
354
355/** Sets the error status on an input trace
356 *
357 * @param trace         The input trace to set the error status for
358 * @param errcode       The code for the error - can be a libtrace error code or a regular errno value
359 * @param msg           A message to print when reporting the error
360 */
361void trace_set_err(libtrace_t *trace, int errcode,const char *msg,...) 
362
363                                                                PRINTF(3,4);
364/** Sets the error status on an output trace
365 *
366 * @param trace         The output trace to set the error status for
367 * @param errcode       The code for the error - can be a libtrace error code or a regular errno value
368 * @param msg           A message to print when reporting the error
369 */
370void trace_set_err_out(libtrace_out_t *trace, int errcode, const char *msg,...)
371                                                                PRINTF(3,4);
372
373/** Clears the cached values for a libtrace packet
374 *
375 * @param packet        The libtrace packet that requires a cache reset
376 */
377void trace_clear_cache(libtrace_packet_t *packet);
378
379/** Converts the data provided in buffer into a valid libtrace packet
380 *
381 * @param trace         An input trace of the same format as the "packet"
382 *                      contained in the buffer
383 * @param packet        The libtrace packet to prepare
384 * @param buffer        A buffer containing the packet data, including the
385 *                      capture format header
386 * @param rt_type       The RT type for the packet that is being prepared
387 * @param flags         Used to specify options for the preparation function,
388 *                      e.g. who owns the packet buffer
389 *
390 * @return -1 if an error occurs, 0 otherwise
391 *
392 * Packet preparation is a tricky concept - the idea is to take the data
393 * pointed to by 'buffer' and treat it as a packet record of the same capture
394 * format as that used by the input trace. The provided libtrace packet then
395 * has its internal pointers and values set to describe the packet record in
396 * the buffer.
397 *
398 * The primary use of this function is to allow the RT packet reader to
399 * easily and safely convert packets from the RT format back into the format
400 * that they were originally captured with., essentially removing the RT
401 * encapsulation.
402 *
403 * We've decided not to make this function available via the exported API
404 * because there are several issues that can arise if it is not used very
405 * carefully and it is not very useful outside of internal contexts anyway.
406 */
407int trace_prepare_packet(libtrace_t *trace, libtrace_packet_t *packet,
408                void *buffer, libtrace_rt_types_t rt_type, uint32_t flags);
409
410/** Flags for prepare_packet functions */
411enum {
412        /** The buffer memory has been allocated by libtrace and should be
413         * freed when the packet is destroyed. */
414        TRACE_PREP_OWN_BUFFER           =1,
415       
416        /** The buffer memory is externally-owned and must not be freed by
417         * libtrace when the packet is destroyed. */
418        TRACE_PREP_DO_NOT_OWN_BUFFER    =0
419};
420
421
422#ifndef PF_RULESET_NAME_SIZE
423#define PF_RULESET_NAME_SIZE 16
424#endif
425
426#ifndef IFNAMSIZ
427#define IFNAMSIZ 16
428#endif
429
430
431/** A local definition of a PFLOG header */
432typedef struct libtrace_pflog_header_t {
433        uint8_t    length;     
434        sa_family_t   af;
435        uint8_t    action;
436        uint8_t    reason;
437        char       ifname[IFNAMSIZ];
438        char       ruleset[PF_RULESET_NAME_SIZE];
439        uint32_t   rulenr;
440        uint32_t   subrulenr;
441        uint8_t    dir;
442        uint8_t    pad[3];
443} PACKED libtrace_pflog_header_t;
444
445/** A libtrace capture format module */
446/* All functions should return -1, or NULL on failure */
447struct libtrace_format_t {
448        /** The name of this module, used in the libtrace URI to identify the
449         * capture format */
450        const char *name;
451        /** The version of this module */
452        const char *version;
453        /** The RT protocol type of this module */
454        enum base_format_t type;
455
456
457        /** Given a filename, return if this is the most likely capture format
458         * (used for devices). Used to "guess" the capture format when the
459         * URI is not fully specified.
460         *
461         * @param fname         The name of the device or file to examine
462         * @return 1 if the name matches the capture format, 0 otherwise
463         */
464        int (*probe_filename)(const char *fname);
465       
466        /** Given a file, looks at the start of the file to determine if this
467         * is the capture format. Used to "guess" the capture format when the
468         * URI is not fully specified.
469         *
470         * @param io            An open libtrace IO reader for the file to check
471         * @return 1 if the file matches the capture format, 0 otherwise
472         */
473        int (*probe_magic)(io_t *io);
474
475        /** Initialises an input trace using the capture format.
476         *
477         * @param libtrace      The input trace to be initialised
478         * @return 0 if successful, -1 in the event of error
479         */
480        int (*init_input)(libtrace_t *libtrace);
481       
482        /** Applies a configuration option to an input trace.
483         *
484         * @param libtrace      The input trace to apply the option to
485         * @param option        The option that is being configured
486         * @param value         A pointer to the value that the option is to be
487         *                      set to
488         * @return 0 if successful, -1 if the option is unsupported or an error
489         * occurs
490         */
491        int (*config_input)(libtrace_t *libtrace,trace_option_t option,void *value);
492        /** Starts or unpauses an input trace - note that this function is
493         * often the one that opens the file or device for reading.
494         *
495         * @param libtrace      The input trace to be started or unpaused
496         * @return 0 if successful, -1 in the event of error */
497        int (*start_input)(libtrace_t *libtrace);
498
499        /** Pauses an input trace - this function should close or detach the
500         * file or device that is being read from.
501         *
502         * @param libtrace      The input trace to be paused
503         * @return 0 if successful, -1 in the event of error
504         */
505        int (*pause_input)(libtrace_t *libtrace);
506
507        /** Initialises an output trace using the capture format.
508         *
509         * @param libtrace      The output trace to be initialised
510         * @return 0 if successful, -1 in the event of error
511         */
512        int (*init_output)(libtrace_out_t *libtrace);
513       
514        /** Applies a configuration option to an output trace.
515         *
516         * @param libtrace      The output trace to apply the option to
517         * @param option        The option that is being configured
518         * @param value         A pointer to the value that the option is to be
519         *                      set to
520         * @return 0 if successful, -1 if the option is unsupported or an error
521         * occurs
522         * */
523        int (*config_output)(libtrace_out_t *libtrace, trace_option_output_t option, void *value);
524
525        /** Starts an output trace - note that this function is often the one
526         * that opens the file or device for writing.
527         *
528         * @param libtrace      The output trace to be started
529         * @return 0 if successful, -1 if an error occurs
530         *
531         * There is no pause for output traces, as writing is not performed
532         * asynchronously.
533         */
534        int (*start_output)(libtrace_out_t *libtrace);
535
536        /** Concludes an input trace and cleans up the capture format data.
537         *
538         * @param libtrace      The input trace to be concluded
539         * @return 0 if successful, -1 if an error occurs
540         *
541         * Libtrace will call the pause_input function if the input trace is
542         * currently active prior to calling this function.
543         */
544        int (*fin_input)(libtrace_t *libtrace);
545
546        /** Concludes an output trace and cleans up the capture format data.
547         *
548         * @param libtrace      The output trace to be concluded
549         * @return 0 if successful, -1 if an error occurs
550         */
551        int (*fin_output)(libtrace_out_t *libtrace);
552
553        /** Reads the next packet from an input trace into the provided packet
554         * structure.
555         *
556         * @param libtrace      The input trace to read from
557         * @param packet        The libtrace packet to read into
558         * @return The size of the packet read (in bytes) including the capture
559         * framing header, or -1 if an error occurs. 0 is returned in the
560         * event of an EOF.
561         *
562         * If no packets are available for reading, this function should block
563         * until one appears or return 0 if the end of a trace file has been
564         * reached.
565         */
566        int (*read_packet)(libtrace_t *libtrace, libtrace_packet_t *packet);
567       
568        /** Converts a buffer containing a packet record into a libtrace packet
569         *
570         * @param libtrace      An input trace in the capture format for the
571         *                      packet
572         * @param packet        A libtrace packet to put the prepared packet
573         *                      into
574         * @param buffer        The buffer containing the packet record
575         *                      (including the capture format header)
576         * @param rt_type       The RT type for the packet
577         * @param flags         Flags describing properties that should be
578         *                      applied to the new packet
579         * @return 0 if successful, -1 if an error occurs.
580         *
581         * Updates internal trace and packet details, such as payload pointers,
582         * loss counters and packet types to match the packet record provided
583         * in the buffer. This is a zero-copy function.
584         *
585         * Intended (at this stage) only for internal use, particularly by
586         * RT which needs to decapsulate RT packets */
587        int (*prepare_packet)(libtrace_t *libtrace, libtrace_packet_t *packet,
588                        void *buffer, libtrace_rt_types_t rt_type, 
589                        uint32_t flags);
590       
591        /** Frees any resources allocated by the capture format module for a
592         * libtrace packet.
593         *
594         * @param The packet to be finalised
595         *       */
596        void (*fin_packet)(libtrace_packet_t *packet);
597
598        /** Write a libtrace packet to an output trace.
599         *
600         * @param libtrace      The output trace to write the packet to
601         * @param packet        The packet to be written out
602         * @return The number of bytes written, or -1 if an error occurs
603         */
604        int (*write_packet)(libtrace_out_t *libtrace, libtrace_packet_t *packet);
605        /** Returns the libtrace link type for a packet.
606         *
607         * @param packet        The packet to get the link type for
608         * @return The libtrace link type, or -1 if this link type is unknown
609         */ 
610        libtrace_linktype_t (*get_link_type)(const libtrace_packet_t *packet);
611
612        /** Returns the direction of a packet.
613         *
614         * @param packet        The packet to get the direction for
615         * @return The direction of the packet, or -1 if no direction tag is
616         * present or an error occurs
617         */ 
618        libtrace_direction_t (*get_direction)(const libtrace_packet_t *packet);
619       
620        /** Sets the direction of a packet.
621         *
622         * @param packet        The packet to set the direction for
623         * @param direction     The direction to assign to the packet
624         * @return The updated direction for the packet, or -1 if an error
625         * occurs
626         *
627         * @note Some capture formats do not feature direction tagging, so it
628         * will not make sense to implement a set_direction function for them.
629         */ 
630        libtrace_direction_t (*set_direction)(libtrace_packet_t *packet, libtrace_direction_t direction);
631       
632        /** Returns the timestamp for a packet in the ERF timestamp format.
633         *
634         * @param packet        The packet to get the timestamp from
635         * @return The 64-bit ERF timestamp
636         *
637         * @note Each format must implement at least one of the four "get
638         * timestamp" functions.
639         *
640         * If not implemented, libtrace will convert the result of one of the
641         * other timestamp functions into the appropriate format instead.
642         * This means each capture format only needs to implement the most
643         * sensible of the four and let libtrace handle any conversions.
644         *
645         */
646        uint64_t (*get_erf_timestamp)(const libtrace_packet_t *packet);
647
648        /** Returns the timestamp for a packet in the timeval format
649         *
650         * @param packet        The packet to get the timestamp from
651         * @return The timestamp from the packet as a timeval
652         *
653         * @note Each format must implement at least one of the four "get
654         * timestamp" functions.
655         *
656         * If not implemented, libtrace will convert the result of one of the
657         * other timestamp functions into the appropriate format instead.
658         * This means each capture format only needs to implement the most
659         * sensible of the four and let libtrace handle any conversions.
660         */
661        struct timeval (*get_timeval)(const libtrace_packet_t *packet);
662       
663        /** Returns the timestamp for a packet in the timespec format.
664         *
665         * @param packet        The packet to get the timestamp from
666         * @return The timestamp from the packet as a timespec
667         *
668         * @note Each format must implement at least one of the four "get
669         * timestamp" functions.
670         *
671         * If not implemented, libtrace will convert the result of one of the
672         * other timestamp functions into the appropriate format instead.
673         * This means each capture format only needs to implement the most
674         * sensible of the four and let libtrace handle any conversions.
675         */
676        struct timespec (*get_timespec)(const libtrace_packet_t *packet);
677       
678        /** Returns the timestamp for a packet in floating point seconds.
679         *
680         * @param packet        The packet to get the timestamp from
681         * @return The timestamp from the packet as a floating point number of
682         * seconds since 1970-01-01 00:00:00 UTC
683         *
684         * @note Each format must implement at least one of the four "get
685         * timestamp" functions.
686         *
687         * If not implemented, libtrace will convert the result of one of the
688         * other timestamp functions into the appropriate format instead.
689         * This means each capture format only needs to implement the most
690         * sensible of the four and let libtrace handle any conversions.
691         */
692        double (*get_seconds)(const libtrace_packet_t *packet);
693       
694        /** Moves the read pointer to a certain ERF timestamp within an input
695         * trace file.
696         *
697         * @param trace         The input trace to seek within
698         * @param timestamp     The timestamp to seek to, as an ERF timestamp
699         *
700         * @return 0 on success, -1 on failure.
701         *
702         * The next packet read from this trace will now be the first packet
703         * to have a timestamp equal to or greater than the provided timestamp.
704         *
705         * @note Each format that supports seeking must implement at least one
706         * of the seek functions.
707         *
708         * If not implemented, libtrace will convert the timestamp into the
709         * appropriate format to use a seek function that has been implemented.
710         * This means each capture format only needs to implement the seek
711         * function that matches the native timestamp format for that capture.
712         *
713         */
714        int (*seek_erf)(libtrace_t *trace, uint64_t timestamp);
715        /** Moves the read pointer to a certain timestamp represented using a
716         * timeval within an input trace file.
717         *
718         * @param trace         The input trace to seek within
719         * @param timestamp     The timestamp to seek to, as a timeval
720         *
721         * @return 0 on success, -1 on failure.
722         *
723         * The next packet read from this trace will now be the first packet
724         * to have a timestamp equal to or greater than the provided timestamp.
725         *
726         * @note Each format that supports seeking must implement at least one
727         * of the seek functions.
728         *
729         * If not implemented, libtrace will convert the timestamp into the
730         * appropriate format to use a seek function that has been implemented.
731         * This means each capture format only needs to implement the seek
732         * function that matches the native timestamp format for that capture.
733         *
734         */
735        int (*seek_timeval)(libtrace_t *trace, struct timeval tv);
736       
737        /** Moves the read pointer to a certain timestamp represented using
738         * floating point seconds within an input trace file.
739         *
740         * @param trace         The input trace to seek within
741         * @param timestamp     The timestamp to seek to, as floating point
742         *                      seconds since 1970-01-01 00:00:00 UTC
743         *
744         * @return 0 on success, -1 on failure.
745         *
746         * The next packet read from this trace will now be the first packet
747         * to have a timestamp equal to or greater than the provided timestamp.
748         *
749         * @note Each format that supports seeking must implement at least one
750         * of the seek functions.
751         *
752         * If not implemented, libtrace will convert the timestamp into the
753         * appropriate format to use a seek function that has been implemented.
754         * This means each capture format only needs to implement the seek
755         * function that matches the native timestamp format for that capture.
756         *
757         */
758        int (*seek_seconds)(libtrace_t *trace, double seconds);
759       
760        /** Returns the payload length of the captured packet record.
761         *
762         * @param packet        The packet to get the capture length from
763         * @return The capture length for the packet, or -1 if an error occurs
764         *
765         * Capture length is the current size of the packet record itself,
766         * following any truncation that may have occurred during the capture
767         * process. This length does not include the capture format framing
768         * header.
769         */
770        int (*get_capture_length)(const libtrace_packet_t *packet);
771
772        /** Returns the original length of the packet as it was on the wire.
773         *
774         * @param packet        The packet to get the wire length from
775         * @return The length of the packet on the wire at the time of capture,
776         * or -1 if an error occurs
777         *
778         * Wire length is the original size of the packet prior to any
779         * truncation that may have occurred as part of the capture process.
780         * This length does not include the capture format framing header.
781         */
782        int (*get_wire_length)(const libtrace_packet_t *packet);
783       
784        /** Returns the length of the capture format framing header
785         *
786         * @param packet        The packet to get the framing length from
787         * @return The length of the framing header, or -1 if an error occurs
788         *
789         * The framing header is the extra metadata that the capture process
790         * records about a packet.  The framing length does not include any
791         * of the packet payload itself. The total size of the packet record
792         * can be calculated be adding this value with the capture length.
793         */
794        int (*get_framing_length)(const libtrace_packet_t *packet);
795
796        /** Sets the capture length for a packet.
797         *
798         * @param packet        The packet to adjust the capture length for.
799         * @param size          The new capture length
800         * @return The new capture length of the packet, or -1 if an error
801         * occurs
802         *
803         * @note This function should only reduce the capture length. If the
804         * provided length is larger than the current capture length, -1 should
805         * be returned.
806         */
807        size_t (*set_capture_length)(struct libtrace_packet_t *packet,size_t size);
808        /** Returns the number of packets observed by an input trace.
809         *
810         * @param trace         The input trace to get the packet count for
811         * @return The number of packets observed by an input trace, or
812         * UINT64_MAX if the number is unknown
813         *
814         * This count includes packets that have been filtered and dropped.
815         */
816        uint64_t (*get_received_packets)(libtrace_t *trace);
817
818        /** Returns the number of packets filtered by an input trace.
819         *
820         * @param trace         The input trace to get the filtered count for
821         * @return The number of packets filtered by the input trace, or
822         * UINT64_MAX if the number is unknown
823         *
824         */
825        uint64_t (*get_filtered_packets)(libtrace_t *trace);
826       
827        /** Returns the number of packets dropped by an input trace.
828         *
829         * @param trace         The input trace to get the dropped count for
830         * @return The number of packets dropped by the input trace, or
831         * UINT64_MAX if the number is unknown
832         *
833         */
834        uint64_t (*get_dropped_packets)(libtrace_t *trace);
835       
836        /** Returns the number of packets captured and returned by an input
837         * trace.
838         *
839         * @param trace         The input trace to get the capture count for
840         * @return The number of packets returned to the libtrace user, or
841         * UINT64_MAX if the number is unknown
842         *
843         * This is the number of packets that have been successfully returned
844         * to the libtrace user via the read_packet() function.
845         *
846         */
847        uint64_t (*get_captured_packets)(libtrace_t *trace);
848       
849        /** Returns the file descriptor used by the input trace.
850         *
851         * @param trace         The input trace to get the file descriptor for
852         * @return The file descriptor used by the input trace to read packets
853         *
854         */
855        int (*get_fd)(const libtrace_t *trace);
856       
857        /** Returns the next libtrace event for the input trace.
858         *
859         * @param trace         The input trace to get the next event from
860         * @param packet        A libtrace packet to read a packet into
861         * @return A libtrace event describing the event that occured
862         *
863         * The event API allows for non-blocking reading of packets from an
864         * input trace. If a packet is available and ready to be read, a packet
865         * event should be returned. Otherwise a sleep or fd event should be
866         * returned to indicate that the caller needs to wait. If the input
867         * trace has an error or reaches EOF, a terminate event should be
868         * returned.
869         */
870        struct libtrace_eventobj_t (*trace_event)(libtrace_t *trace, libtrace_packet_t *packet);       
871
872        /** Prints some useful help information to standard output. */
873        void (*help)(void);
874       
875        /** Next pointer, should always be NULL - used by the format module
876         * manager. */
877        struct libtrace_format_t *next;
878
879        /** Holds information about the trace format */
880        struct libtrace_info_t info;
881
882        /**
883         * Starts or unpauses an input trace in parallel mode - note that
884         * this function is often the one that opens the file or device for
885         * reading.
886         *
887         * @param libtrace      The input trace to be started or unpaused
888         * @return 0 upon success.
889         *         Otherwise in event of an error -1 is returned.
890         *
891         */
892        int (*pstart_input)(libtrace_t *trace);
893       
894        /**
895         * Read a batch of packets from the input stream related to thread.
896         * At most read nb_packets, however should return with less if packets
897         * are not waiting. However still must return at least 1, 0 still indicates
898         * EOF.
899         *
900         * @param libtrace      The input trace
901         * @param t     The thread
902         * @param packets       An array of packets
903         * @param nb_packets    The number of packets in the array (the maximum to read)
904         * @return The number of packets read, or 0 in the case of EOF or -1 in error or -2 to represent
905         * interrupted due to message waiting before packets had been read.
906         */
907        int (*pread_packets)(libtrace_t *trace, libtrace_thread_t *t, libtrace_packet_t **packets, size_t nb_packets);
908       
909        /** Pause a parallel trace
910         *
911         * @param libtrace      The input trace to be paused
912         */
913        int (*ppause_input)(libtrace_t *trace);
914       
915        /** Called after all threads have been paused, Finish (close) a parallel trace
916         *
917         * @param libtrace      The input trace to be stopped
918         */
919        int (*pfin_input)(libtrace_t *trace);
920       
921        /** Applies a configuration option to an input trace.
922         *
923         * @param libtrace      The input trace to apply the option to
924         * @param option        The option that is being configured
925         * @param value         A pointer to the value that the option is to be
926         *                      set to
927         * @return 0 if successful, -1 if the option is unsupported or an error
928         * occurs
929         */
930        int (*pconfig_input)(libtrace_t *libtrace,trace_parallel_option_t option,void *value);
931
932        /**
933         * Register a thread for use with the format or using the packets produced
934         * by it. This is NOT only used for threads reading packets in fact all
935         * threads use this.
936         *
937         * The libtrace lock is not held by this format but can be aquired
938         * by the format.
939         *
940         * Some use cases include setting up any thread local storage required for
941         * to read packets and free packets. For DPDK we require any thread that
942         * may release or read a packet to have have an internal number associated
943         * with it.
944         *
945         * The thread type can be used to see if this thread is going to be used
946         * to read packets or otherwise.
947         *
948         * @return 0 if successful, -1 if the option is unsupported or an error
949         * occurs (such as a maximum of threads being reached)
950         */
951        int (*pregister_thread)(libtrace_t *libtrace, libtrace_thread_t *t, bool reader);
952
953        /**
954         * If needed any memory allocated with pregister_thread can be released
955         * in this function. The thread will be destroyed directly after this
956         * function is called.
957         */
958        void (*punregister_thread)(libtrace_t *libtrace, libtrace_thread_t *t);
959};
960
961/** Macro to zero out a single thread format */
962#define NON_PARALLEL(live) \
963{live, 1},              /* trace info */ \
964NULL,                   /* pstart_input */ \
965NULL,                   /* pread_packet */ \
966NULL,                   /* ppause_input */ \
967NULL,                   /* pfin_input */ \
968NULL,                   /* pconfig_input */ \
969NULL,                   /* pregister_thread */ \
970NULL                    /* punregister_thread */
971
972/** The list of registered capture formats */
973//extern struct libtrace_format_t *form;
974
975/** Specifies whether any blocking packet readers should cease reading
976 * immediately
977 */
978extern volatile int libtrace_halt;
979
980/** Registers a new capture format module.
981 *
982 * @param format        The format module to be registered
983 */
984void register_format(struct libtrace_format_t *format);
985
986/** Converts a PCAP DLT into a libtrace link type.
987 *
988 * @param linktype      The PCAP DLT to be converted
989 * @return The libtrace link type that is equivalent to the provided DLT, or
990 * -1 if the DLT is unknown
991 */
992libtrace_linktype_t pcap_linktype_to_libtrace(libtrace_dlt_t linktype);
993
994/** Converts a PCAP DLT into an RT protocol type.
995 *
996 * @param linktype      The PCAP DLT to be converted
997 * @return The RT type that is equivalent to the provided DLT
998 */
999libtrace_rt_types_t pcap_linktype_to_rt(libtrace_dlt_t linktype);
1000
1001/** Converts a libtrace link type into a PCAP linktype.
1002 *
1003 * @param type          The libtrace link type to be converted
1004 * @return The PCAP linktype that is equivalent to the provided libtrace link
1005 * type, or -1 if the link type is unknown
1006 */
1007libtrace_dlt_t libtrace_to_pcap_linktype(libtrace_linktype_t type);
1008
1009/** Converts a libtrace link type into a PCAP DLT.
1010 *
1011 * @param type          The libtrace link type to be converted
1012 * @return The PCAP DLT that is equivalent to the provided libtrace link
1013 * type, or -1 if the link type is unknown
1014 */
1015libtrace_dlt_t libtrace_to_pcap_dlt(libtrace_linktype_t type);
1016
1017/** Converts an RT protocol type into a PCAP DLT.
1018 *
1019 * @param rt_type       The RT type to be converted
1020 * @return The PCAP DLT that is equivalent to the provided RT protocol
1021 */
1022libtrace_dlt_t rt_to_pcap_linktype(libtrace_rt_types_t rt_type);
1023
1024/** Converts a PCAP DLT into an RT protocol type for the BPF format.
1025 *
1026 * @param linktype      The PCAP DLT to be converted
1027 * @return The RT type that is equivalent to the provided DLT for BPF
1028 */
1029libtrace_rt_types_t bpf_linktype_to_rt(libtrace_dlt_t linktype);
1030
1031/** Converts an ERF type into a libtrace link type.
1032 *
1033 * @param erf           The ERF type to be converted
1034 * @return The libtrace link type that is equivalent to the provided ERF type,
1035 * or -1 if the ERF type is unknown
1036 */
1037libtrace_linktype_t erf_type_to_libtrace(uint8_t erf);
1038
1039/** Converts a libtrace link type into an ERF type.
1040 *
1041 * @param linktype      The libtrace link type to be converted
1042 * @return The ERF type that is equivalent to the provided libtrace link type,
1043 * or -1 if the link type cannot be matched to an ERF type.
1044 */
1045uint8_t libtrace_to_erf_type(libtrace_linktype_t linktype);
1046
1047/** Converts an ARPHRD type into a libtrace link type.
1048 *
1049 * @param arphrd        The ARPHRD type to be converted
1050 * @return The libtrace link type that is equivalent to the provided ARPHRD
1051 * type, or -1 if the ARPHRD type is unknown
1052 */
1053libtrace_linktype_t arphrd_type_to_libtrace(unsigned int arphrd);
1054
1055/** Converts a libtrace link type into an ARPHRD type.
1056 *
1057 * @param type          The libtrace link type to be converted
1058 * @return The ARPHRD type that is equivalent to the provided libtrace link
1059 * type, or -1 if the link type cannot be matched to an ARPHRD type
1060 */
1061unsigned int libtrace_to_arphrd_type(libtrace_linktype_t type);
1062
1063/** Converts a libtrace packet to the Linux SLL type.
1064 *
1065 * @param packet        The packet to be promoted
1066 *
1067 * @note This will involve memcpy() so use sparingly.
1068 *
1069 * This function prepends a Linux SLL header to a packet so that we can store
1070 * direction tagging information.
1071 */
1072void promote_packet(libtrace_packet_t *packet);
1073
1074/** Attempts to demote a packet by removing the first header.
1075 *
1076 * @param packet        The packet to be demoted
1077 * @return True if the packet was demoted, false otherwise.
1078 *
1079 * Essentially the opposite of promote_packet, except that it will also remove
1080 * an ATM header as well as Linux SLL.
1081 *
1082 */
1083bool demote_packet(libtrace_packet_t *packet);
1084
1085/** Returns a pointer to the header following a Linux SLL header.
1086 *
1087 * @param link          A pointer to the Linux SLL header to be skipped
1088 * @param[out] arphrd_type      The arp hardware type of the packet
1089 * @param[out] next_header      The ethertype of the next header
1090 * @param[in,out] remaining     Updated with the number of captured bytes
1091 *                              remaining
1092 * @return A pointer to the header following the Linux SLL header, or NULL if
1093 * no subsequent header is present.
1094 *
1095 * Remaining must point to the number of bytes captured from the Linux SLL
1096 * header and beyond.  It will be decremented by the number of bytes skipped
1097 * to find the payload.
1098 *
1099 * If the Linux SLL header is complete but there are zero bytes of payload
1100 * after the end of the header, a pointer to where the payload would be is
1101 * returned and remaining will be set to zero. If the Linux SLL header is
1102 * incomplete (truncated), then NULL is returned and remaining will be set to
1103 * 0. Therefore, it is very important to check the value of remaining after
1104 * calling this function.
1105 */     
1106void *trace_get_payload_from_linux_sll(const void *link,
1107                uint16_t *arphrd_type, 
1108                uint16_t *next_header, 
1109                uint32_t *remaining);
1110
1111/** Returns a pointer to the header following an ATM header.
1112 *
1113 * @param link          A pointer to the ATM header to be skipped
1114 * @param[out] type     The ethertype of the next header
1115 * @param[in,out] remaining     Updated with the number of captured bytes
1116 *                              remaining
1117 * @return A pointer to the header following the ATM header, or NULL if
1118 * no subsequent header is present.
1119 *
1120 * Remaining must point to the number of bytes captured from the ATM header
1121 * and beyond.  It will be decremented by the number of bytes skipped to find
1122 * the payload.
1123 *
1124 * If the ATM header is complete but there are zero bytes of payload
1125 * after the end of the header, a pointer to where the payload would be is
1126 * returned and remaining will be set to zero. If the ATM header is
1127 * incomplete (truncated), then NULL is returned and remaining will be set to
1128 * 0. Therefore, it is very important to check the value of remaining after
1129 * calling this function.
1130 */     
1131DLLEXPORT void *trace_get_payload_from_atm(void *link, uint8_t *type, 
1132                uint32_t *remaining);
1133
1134
1135#ifdef HAVE_BPF
1136/* A type encapsulating a bpf filter
1137 * This type covers the compiled bpf filter, as well as the original filter
1138 * string
1139 *
1140 */
1141
1142/** Internal representation of a BPF filter */
1143struct libtrace_filter_t {
1144        struct bpf_program filter;      /**< The BPF program itself */
1145        char * filterstring;            /**< The filter string */
1146        int flag;                       /**< Indicates if the filter is valid */
1147        struct bpf_jit_t *jitfilter;
1148};
1149#else
1150/** BPF not supported by this system, but we still need to define a structure
1151 * for the filter */
1152struct libtrace_filter_t {};
1153#endif
1154
1155/** Local definition of a PCAP header */
1156typedef struct libtrace_pcapfile_pkt_hdr_t {
1157        uint32_t ts_sec;        /* Seconds portion of the timestamp */
1158        uint32_t ts_usec;       /* Microseconds portion of the timestamp */
1159        uint32_t caplen;        /* Capture length of the packet */
1160        uint32_t wirelen;       /* The wire length of the packet */
1161} libtrace_pcapfile_pkt_hdr_t;
1162
1163#ifdef HAVE_DAG
1164/** Constructor for the DAG format module */
1165void dag_constructor(void);
1166#endif
1167/** Constructor for the ERF format module */
1168void erf_constructor(void);
1169/** Constructor for the TSH format module */
1170void tsh_constructor(void);
1171/** Constructor for the Legacy DAG format module */
1172void legacy_constructor(void);
1173/** Constructor for the Linux Native format module */
1174void linuxnative_constructor(void);
1175/** Constructor for the PCAP format module */
1176void pcap_constructor(void);
1177/** Constructor for the PCAP File format module */
1178void pcapfile_constructor(void);
1179/** Constructor for the RT format module */
1180void rt_constructor(void);
1181/** Constructor for the DUCK format module */
1182void duck_constructor(void);
1183/** Constructor for the ATM Header format module */
1184void atmhdr_constructor(void);
1185#ifdef HAVE_BPF
1186/** Constructor for the BPF format module */
1187void bpf_constructor(void);
1188#endif
1189#if HAVE_DPDK
1190/** Constructor for Intels DPDK format module */
1191void dpdk_constructor(void);
1192#endif
1193
1194/** Extracts the RadioTap flags from a wireless link header
1195 *
1196 * @param link          A pointer to the wireless link header
1197 * @param linktype      The link type of the wireless header
1198 * @param[out] flags    Space to store the extracted flags
1199 * @return True if libtrace was able to extract flags from the link header,
1200 * false otherwise.
1201 *
1202 * This function has been left internal because it is not portable across
1203 * drivers.
1204 */
1205bool trace_get_wireless_flags(void *link, libtrace_linktype_t linktype, uint8_t *flags);
1206#define TRACE_RADIOTAP_F_FCS 0x10
1207       
1208#ifdef __cplusplus
1209}
1210#endif
1211
1212#endif /* LIBTRACE_INT_H */
Note: See TracBrowser for help on using the repository browser.