source: lib/libtrace_int.h @ 17f954f

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivegetfragoffhelplibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since 17f954f was 10f924c, checked in by Shane Alcock <salcock@…>, 7 years ago

Fixed broken -fvisibility check in configure

  • Added a m4 script that does this properly rather than our hax gcc version check.
  • Tidied up CFLAGS in configure so we aren't adding the same sets of flags multiple times
  • Created a wandio_internal.h file for storing global variables that shouldn't be made public

Thanks to Alistair King, whose patch to try and make this work for
non-gcc systems brought my attention to just how broken this was :)

  • Property mode set to 100644
File size: 33.5 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2007,2008,2009,2010 The University of Waikato, Hamilton,
5 * New Zealand.
6 *
7 * Authors: Daniel Lawson
8 *          Perry Lorier
9 *          Shane Alcock
10 *         
11 * All rights reserved.
12 *
13 * This code has been developed by the University of Waikato WAND
14 * research group. For further information please see http://www.wand.net.nz/
15 *
16 * libtrace is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 * libtrace is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24 * GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with libtrace; if not, write to the Free Software
28 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
29 *
30 * $Id$
31 *
32 */
33
34/** @file
35 *
36 * @brief Header file containing definitions for structures and functions that
37 * are internal
38 *
39 * @author Daniel Lawson
40 * @author Perry Lorier
41 * @author Shane Alcock
42 *
43 * @version $Id$
44 *
45 * All of the structures and functions defined in this header file are intended
46 * for internal use within Libtrace only. They should not be exported as part
47 * of the library API as we don't want users accessing things like the
48 * contents of the libtrace packet structure directly!
49 */
50#ifndef LIBTRACE_INT_H
51#define LIBTRACE_INT_H
52
53#ifdef __cplusplus
54extern "C" {
55#endif
56
57#include "config.h"
58#include "common.h"
59#include "libtrace.h"
60#include "wandio.h"
61#include "lt_bswap.h"
62
63#ifdef _MSC_VER
64// warning: deprecated function
65#pragma warning(disable:4996)
66// warning: benign redefinitions of types
67#pragma warning(disable:4142)
68#endif
69
70#ifdef HAVE_INTTYPES_H
71# include <inttypes.h>
72#else
73# include "lt_inttypes.h"
74#endif
75
76#ifdef HAVE_STDDEF_H
77# include <stddef.h>
78#else
79#ifndef WIN32
80# error "Can't find stddev.h -- do you define ptrdiff_t elsewhere?"
81#endif
82#endif
83
84
85#include "rt_protocol.h"
86       
87/* Prefer net/bpf.h over pcap-bpf.h for format_bpf.c on MacOS */
88#ifdef HAVE_NET_BPF_H
89#    include <net/bpf.h>
90#    define HAVE_BPF 1
91#else
92#ifdef HAVE_PCAP_BPF_H
93#  include <pcap-bpf.h>
94#  define HAVE_BPF 1
95#endif
96#endif
97
98#ifdef HAVE_PCAP_H
99#  include <pcap.h>
100#  ifdef HAVE_PCAP_INT_H
101#    include <pcap-int.h>
102#  endif
103#endif
104
105#ifdef HAVE_ZLIB_H
106#  include <zlib.h>
107#endif
108
109#ifndef HAVE_STRNDUP
110char *strndup(const char *s, size_t size);
111#endif
112
113#ifndef HAVE_STRNCASECMP
114# ifndef HAVE__STRNICMP
115/** A local implementation of strncasecmp (as some systems do not have it) */
116int strncasecmp(const char *str1, const char *str2, size_t n);
117# else
118# define strncasecmp _strnicmp
119# endif
120#endif
121
122#ifndef HAVE_SNPRINTF
123# ifndef HAVE_SPRINTF_S
124/** A local implementation of snprintf (as some systems do not have it) */
125int snprintf(char *str, size_t size, const char *format, ...);
126# else
127# define snprintf sprintf_s
128# endif
129#endif
130
131#include "daglegacy.h"
132       
133#ifdef HAVE_DAG_API
134#  include "dagnew.h"
135#  include "dagapi.h"
136#       if DAG_VERSION == 24
137#               include <erftypes.h>
138#       else
139#               include <daginf.h>
140#       endif
141#  include "erftypes.h"
142#else
143#  include "dagformat.h"
144#endif
145
146#ifdef HAVE_LLVM
147#include "bpf-jit/bpf-jit.h"
148#endif
149
150
151//#define RP_BUFSIZE 65536U
152
153/** Data about the most recent event from a trace file */
154struct libtrace_event_status_t {
155        /** A libtrace packet to store the packet when a PACKET event occurs */
156        libtrace_packet_t *packet;
157        /** Time between the timestamp for the current packet and the current
158         * walltime */
159        double tdelta;
160        /** The timestamp of the previous PACKET event */
161        double trace_last_ts;
162        /** The size of the current PACKET event */
163        int psize;
164        /** Whether there is a packet stored in *packet above waiting for an
165         * event to occur */
166        bool waiting;
167};
168
169/** A libtrace input trace
170 * @internal
171 */
172struct libtrace_t {
173        /** The capture format for the input trace */
174        struct libtrace_format_t *format; 
175        /** Details of the most recent PACKET event reported by the trace */
176        struct libtrace_event_status_t event;
177        /** Pointer to the "global" data for the capture format module */       
178        void *format_data;             
179        /** A BPF filter to be applied to all packets read by the trace -
180         * used only if the capture format does not support filters natively */
181        struct libtrace_filter_t *filter; 
182        /** The snap length to be applied to all packets read by the trace -
183         * used only if the capture format does not support snapping natively */
184        size_t snaplen;                 
185        /** Count of the number of packets returned to the libtrace user */
186        uint64_t accepted_packets;     
187        /** Count of the number of packets filtered by libtrace */
188        uint64_t filtered_packets;     
189        /** The filename from the uri for the trace */
190        char *uridata;                 
191        /** The libtrace IO reader for this trace (if applicable) */
192        io_t *io;                       
193        /** Error information for the trace */
194        libtrace_err_t err;             
195        /** Boolean flag indicating whether the trace has been started */
196        bool started;                   
197};
198
199/** A libtrace output trace
200 * @internal
201 */
202struct libtrace_out_t {
203        /** The capture format for the output trace */
204        struct libtrace_format_t *format;
205        /** Pointer to the "global" data for the capture format module */
206        void *format_data;             
207        /** The filename for the uri for the output trace */
208        char *uridata;                 
209        /** Error information for the output trace */
210        libtrace_err_t err;
211        /** Boolean flag indicating whether the trace has been started */
212        bool started;                   
213};
214
215/** Sets the error status on an input trace
216 *
217 * @param trace         The input trace to set the error status for
218 * @param errcode       The code for the error - can be a libtrace error code or a regular errno value
219 * @param msg           A message to print when reporting the error
220 */
221void trace_set_err(libtrace_t *trace, int errcode,const char *msg,...) 
222
223                                                                PRINTF(3,4);
224/** Sets the error status on an output trace
225 *
226 * @param trace         The output trace to set the error status for
227 * @param errcode       The code for the error - can be a libtrace error code or a regular errno value
228 * @param msg           A message to print when reporting the error
229 */
230void trace_set_err_out(libtrace_out_t *trace, int errcode, const char *msg,...)
231                                                                PRINTF(3,4);
232
233/** Clears the cached values for a libtrace packet
234 *
235 * @param packet        The libtrace packet that requires a cache reset
236 */
237void trace_clear_cache(libtrace_packet_t *packet);
238
239/** Converts the data provided in buffer into a valid libtrace packet
240 *
241 * @param trace         An input trace of the same format as the "packet"
242 *                      contained in the buffer
243 * @param packet        The libtrace packet to prepare
244 * @param buffer        A buffer containing the packet data, including the
245 *                      capture format header
246 * @param rt_type       The RT type for the packet that is being prepared
247 * @param flags         Used to specify options for the preparation function,
248 *                      e.g. who owns the packet buffer
249 *
250 * @return -1 if an error occurs, 0 otherwise
251 *
252 * Packet preparation is a tricky concept - the idea is to take the data
253 * pointed to by 'buffer' and treat it as a packet record of the same capture
254 * format as that used by the input trace. The provided libtrace packet then
255 * has its internal pointers and values set to describe the packet record in
256 * the buffer.
257 *
258 * The primary use of this function is to allow the RT packet reader to
259 * easily and safely convert packets from the RT format back into the format
260 * that they were originally captured with., essentially removing the RT
261 * encapsulation.
262 *
263 * We've decided not to make this function available via the exported API
264 * because there are several issues that can arise if it is not used very
265 * carefully and it is not very useful outside of internal contexts anyway.
266 */
267int trace_prepare_packet(libtrace_t *trace, libtrace_packet_t *packet,
268                void *buffer, libtrace_rt_types_t rt_type, uint32_t flags);
269
270/** Flags for prepare_packet functions */
271enum {
272        /** The buffer memory has been allocated by libtrace and should be
273         * freed when the packet is destroyed. */
274        TRACE_PREP_OWN_BUFFER           =1,
275       
276        /** The buffer memory is externally-owned and must not be freed by
277         * libtrace when the packet is destroyed. */
278        TRACE_PREP_DO_NOT_OWN_BUFFER    =0
279};
280
281
282#ifndef PF_RULESET_NAME_SIZE
283#define PF_RULESET_NAME_SIZE 16
284#endif
285
286#ifndef IFNAMSIZ
287#define IFNAMSIZ 16
288#endif
289
290
291/** A local definition of a PFLOG header */
292typedef struct libtrace_pflog_header_t {
293        uint8_t    length;     
294        sa_family_t   af;
295        uint8_t    action;
296        uint8_t    reason;
297        char       ifname[IFNAMSIZ];
298        char       ruleset[PF_RULESET_NAME_SIZE];
299        uint32_t   rulenr;
300        uint32_t   subrulenr;
301        uint8_t    dir;
302        uint8_t    pad[3];
303} PACKED libtrace_pflog_header_t;
304
305
306
307/** A libtrace capture format module */
308/* All functions should return -1, or NULL on failure */
309struct libtrace_format_t {
310        /** The name of this module, used in the libtrace URI to identify the
311         * capture format */
312        const char *name;
313        /** The version of this module */
314        const char *version;
315        /** The RT protocol type of this module */
316        enum base_format_t type;
317
318
319        /** Given a filename, return if this is the most likely capture format
320         * (used for devices). Used to "guess" the capture format when the
321         * URI is not fully specified.
322         *
323         * @param fname         The name of the device or file to examine
324         * @return 1 if the name matches the capture format, 0 otherwise
325         */
326        int (*probe_filename)(const char *fname);
327       
328        /** Given a file, looks at the start of the file to determine if this
329         * is the capture format. Used to "guess" the capture format when the
330         * URI is not fully specified.
331         *
332         * @param io            An open libtrace IO reader for the file to check
333         * @return 1 if the file matches the capture format, 0 otherwise
334         */
335        int (*probe_magic)(io_t *io);
336
337        /** Initialises an input trace using the capture format.
338         *
339         * @param libtrace      The input trace to be initialised
340         * @return 0 if successful, -1 in the event of error
341         */
342        int (*init_input)(libtrace_t *libtrace);
343       
344        /** Applies a configuration option to an input trace.
345         *
346         * @param libtrace      The input trace to apply the option to
347         * @param option        The option that is being configured
348         * @param value         A pointer to the value that the option is to be
349         *                      set to
350         * @return 0 if successful, -1 if the option is unsupported or an error
351         * occurs
352         */
353        int (*config_input)(libtrace_t *libtrace,trace_option_t option,void *value);
354        /** Starts or unpauses an input trace - note that this function is
355         * often the one that opens the file or device for reading.
356         *
357         * @param libtrace      The input trace to be started or unpaused
358         * @return 0 if successful, -1 in the event of error */
359        int (*start_input)(libtrace_t *libtrace);
360
361        /** Pauses an input trace - this function should close or detach the
362         * file or device that is being read from.
363         *
364         * @param libtrace      The input trace to be paused
365         * @return 0 if successful, -1 in the event of error
366         */
367        int (*pause_input)(libtrace_t *libtrace);
368
369        /** Initialises an output trace using the capture format.
370         *
371         * @param libtrace      The output trace to be initialised
372         * @return 0 if successful, -1 in the event of error
373         */
374        int (*init_output)(libtrace_out_t *libtrace);
375       
376        /** Applies a configuration option to an output trace.
377         *
378         * @param libtrace      The output trace to apply the option to
379         * @param option        The option that is being configured
380         * @param value         A pointer to the value that the option is to be
381         *                      set to
382         * @return 0 if successful, -1 if the option is unsupported or an error
383         * occurs
384         * */
385        int (*config_output)(libtrace_out_t *libtrace, trace_option_output_t option, void *value);
386
387        /** Starts an output trace - note that this function is often the one
388         * that opens the file or device for writing.
389         *
390         * @param libtrace      The output trace to be started
391         * @return 0 if successful, -1 if an error occurs
392         *
393         * There is no pause for output traces, as writing is not performed
394         * asynchronously.
395         */
396        int (*start_output)(libtrace_out_t *libtrace);
397
398        /** Concludes an input trace and cleans up the capture format data.
399         *
400         * @param libtrace      The input trace to be concluded
401         * @return 0 if successful, -1 if an error occurs
402         *
403         * Libtrace will call the pause_input function if the input trace is
404         * currently active prior to calling this function.
405         */
406        int (*fin_input)(libtrace_t *libtrace);
407
408        /** Concludes an output trace and cleans up the capture format data.
409         *
410         * @param libtrace      The output trace to be concluded
411         * @return 0 if successful, -1 if an error occurs
412         */
413        int (*fin_output)(libtrace_out_t *libtrace);
414
415        /** Reads the next packet from an input trace into the provided packet
416         * structure.
417         *
418         * @param libtrace      The input trace to read from
419         * @param packet        The libtrace packet to read into
420         * @return The size of the packet read (in bytes) including the capture
421         * framing header, or -1 if an error occurs. 0 is returned in the
422         * event of an EOF.
423         *
424         * If no packets are available for reading, this function should block
425         * until one appears or return 0 if the end of a trace file has been
426         * reached.
427         */
428        int (*read_packet)(libtrace_t *libtrace, libtrace_packet_t *packet);
429       
430        /** Converts a buffer containing a packet record into a libtrace packet
431         *
432         * @param libtrace      An input trace in the capture format for the
433         *                      packet
434         * @param packet        A libtrace packet to put the prepared packet
435         *                      into
436         * @param buffer        The buffer containing the packet record
437         *                      (including the capture format header)
438         * @param rt_type       The RT type for the packet
439         * @param flags         Flags describing properties that should be
440         *                      applied to the new packet
441         * @return 0 if successful, -1 if an error occurs.
442         *
443         * Updates internal trace and packet details, such as payload pointers,
444         * loss counters and packet types to match the packet record provided
445         * in the buffer. This is a zero-copy function.
446         *
447         * Intended (at this stage) only for internal use, particularly by
448         * RT which needs to decapsulate RT packets */
449        int (*prepare_packet)(libtrace_t *libtrace, libtrace_packet_t *packet,
450                        void *buffer, libtrace_rt_types_t rt_type, 
451                        uint32_t flags);
452       
453        /** Frees any resources allocated by the capture format module for a
454         * libtrace packet.
455         *
456         * @param The packet to be finalised
457         *       */
458        void (*fin_packet)(libtrace_packet_t *packet);
459
460        /** Write a libtrace packet to an output trace.
461         *
462         * @param libtrace      The output trace to write the packet to
463         * @param packet        The packet to be written out
464         * @return The number of bytes written, or -1 if an error occurs
465         */
466        int (*write_packet)(libtrace_out_t *libtrace, libtrace_packet_t *packet);
467        /** Returns the libtrace link type for a packet.
468         *
469         * @param packet        The packet to get the link type for
470         * @return The libtrace link type, or -1 if this link type is unknown
471         */ 
472        libtrace_linktype_t (*get_link_type)(const libtrace_packet_t *packet);
473
474        /** Returns the direction of a packet.
475         *
476         * @param packet        The packet to get the direction for
477         * @return The direction of the packet, or -1 if no direction tag is
478         * present or an error occurs
479         */ 
480        libtrace_direction_t (*get_direction)(const libtrace_packet_t *packet);
481       
482        /** Sets the direction of a packet.
483         *
484         * @param packet        The packet to set the direction for
485         * @param direction     The direction to assign to the packet
486         * @return The updated direction for the packet, or -1 if an error
487         * occurs
488         *
489         * @note Some capture formats do not feature direction tagging, so it
490         * will not make sense to implement a set_direction function for them.
491         */ 
492        libtrace_direction_t (*set_direction)(libtrace_packet_t *packet, libtrace_direction_t direction);
493       
494        /** Returns the timestamp for a packet in the ERF timestamp format.
495         *
496         * @param packet        The packet to get the timestamp from
497         * @return The 64-bit ERF timestamp
498         *
499         * @note Each format must implement at least one of the four "get
500         * timestamp" functions.
501         *
502         * If not implemented, libtrace will convert the result of one of the
503         * other timestamp functions into the appropriate format instead.
504         * This means each capture format only needs to implement the most
505         * sensible of the four and let libtrace handle any conversions.
506         *
507         */
508        uint64_t (*get_erf_timestamp)(const libtrace_packet_t *packet);
509
510        /** Returns the timestamp for a packet in the timeval format
511         *
512         * @param packet        The packet to get the timestamp from
513         * @return The timestamp from the packet as a timeval
514         *
515         * @note Each format must implement at least one of the four "get
516         * timestamp" functions.
517         *
518         * If not implemented, libtrace will convert the result of one of the
519         * other timestamp functions into the appropriate format instead.
520         * This means each capture format only needs to implement the most
521         * sensible of the four and let libtrace handle any conversions.
522         */
523        struct timeval (*get_timeval)(const libtrace_packet_t *packet);
524       
525        /** Returns the timestamp for a packet in the timespec format.
526         *
527         * @param packet        The packet to get the timestamp from
528         * @return The timestamp from the packet as a timespec
529         *
530         * @note Each format must implement at least one of the four "get
531         * timestamp" functions.
532         *
533         * If not implemented, libtrace will convert the result of one of the
534         * other timestamp functions into the appropriate format instead.
535         * This means each capture format only needs to implement the most
536         * sensible of the four and let libtrace handle any conversions.
537         */
538        struct timespec (*get_timespec)(const libtrace_packet_t *packet);
539       
540        /** Returns the timestamp for a packet in floating point seconds.
541         *
542         * @param packet        The packet to get the timestamp from
543         * @return The timestamp from the packet as a floating point number of
544         * seconds since 1970-01-01 00:00:00 UTC
545         *
546         * @note Each format must implement at least one of the four "get
547         * timestamp" functions.
548         *
549         * If not implemented, libtrace will convert the result of one of the
550         * other timestamp functions into the appropriate format instead.
551         * This means each capture format only needs to implement the most
552         * sensible of the four and let libtrace handle any conversions.
553         */
554        double (*get_seconds)(const libtrace_packet_t *packet);
555       
556        /** Moves the read pointer to a certain ERF timestamp within an input
557         * trace file.
558         *
559         * @param trace         The input trace to seek within
560         * @param timestamp     The timestamp to seek to, as an ERF timestamp
561         *
562         * @return 0 on success, -1 on failure.
563         *
564         * The next packet read from this trace will now be the first packet
565         * to have a timestamp equal to or greater than the provided timestamp.
566         *
567         * @note Each format that supports seeking must implement at least one
568         * of the seek functions.
569         *
570         * If not implemented, libtrace will convert the timestamp into the
571         * appropriate format to use a seek function that has been implemented.
572         * This means each capture format only needs to implement the seek
573         * function that matches the native timestamp format for that capture.
574         *
575         */
576        int (*seek_erf)(libtrace_t *trace, uint64_t timestamp);
577        /** Moves the read pointer to a certain timestamp represented using a
578         * timeval within an input trace file.
579         *
580         * @param trace         The input trace to seek within
581         * @param timestamp     The timestamp to seek to, as a timeval
582         *
583         * @return 0 on success, -1 on failure.
584         *
585         * The next packet read from this trace will now be the first packet
586         * to have a timestamp equal to or greater than the provided timestamp.
587         *
588         * @note Each format that supports seeking must implement at least one
589         * of the seek functions.
590         *
591         * If not implemented, libtrace will convert the timestamp into the
592         * appropriate format to use a seek function that has been implemented.
593         * This means each capture format only needs to implement the seek
594         * function that matches the native timestamp format for that capture.
595         *
596         */
597        int (*seek_timeval)(libtrace_t *trace, struct timeval tv);
598       
599        /** Moves the read pointer to a certain timestamp represented using
600         * floating point seconds within an input trace file.
601         *
602         * @param trace         The input trace to seek within
603         * @param timestamp     The timestamp to seek to, as floating point
604         *                      seconds since 1970-01-01 00:00:00 UTC
605         *
606         * @return 0 on success, -1 on failure.
607         *
608         * The next packet read from this trace will now be the first packet
609         * to have a timestamp equal to or greater than the provided timestamp.
610         *
611         * @note Each format that supports seeking must implement at least one
612         * of the seek functions.
613         *
614         * If not implemented, libtrace will convert the timestamp into the
615         * appropriate format to use a seek function that has been implemented.
616         * This means each capture format only needs to implement the seek
617         * function that matches the native timestamp format for that capture.
618         *
619         */
620        int (*seek_seconds)(libtrace_t *trace, double seconds);
621       
622        /** Returns the payload length of the captured packet record.
623         *
624         * @param packet        The packet to get the capture length from
625         * @return The capture length for the packet, or -1 if an error occurs
626         *
627         * Capture length is the current size of the packet record itself,
628         * following any truncation that may have occurred during the capture
629         * process. This length does not include the capture format framing
630         * header.
631         */
632        int (*get_capture_length)(const libtrace_packet_t *packet);
633
634        /** Returns the original length of the packet as it was on the wire.
635         *
636         * @param packet        The packet to get the wire length from
637         * @return The length of the packet on the wire at the time of capture,
638         * or -1 if an error occurs
639         *
640         * Wire length is the original size of the packet prior to any
641         * truncation that may have occurred as part of the capture process.
642         * This length does not include the capture format framing header.
643         */
644        int (*get_wire_length)(const libtrace_packet_t *packet);
645       
646        /** Returns the length of the capture format framing header
647         *
648         * @param packet        The packet to get the framing length from
649         * @return The length of the framing header, or -1 if an error occurs
650         *
651         * The framing header is the extra metadata that the capture process
652         * records about a packet.  The framing length does not include any
653         * of the packet payload itself. The total size of the packet record
654         * can be calculated be adding this value with the capture length.
655         */
656        int (*get_framing_length)(const libtrace_packet_t *packet);
657
658        /** Sets the capture length for a packet.
659         *
660         * @param packet        The packet to adjust the capture length for.
661         * @param size          The new capture length
662         * @return The new capture length of the packet, or -1 if an error
663         * occurs
664         *
665         * @note This function should only reduce the capture length. If the
666         * provided length is larger than the current capture length, -1 should
667         * be returned.
668         */
669        size_t (*set_capture_length)(struct libtrace_packet_t *packet,size_t size);
670        /** Returns the number of packets observed by an input trace.
671         *
672         * @param trace         The input trace to get the packet count for
673         * @return The number of packets observed by an input trace, or
674         * UINT64_MAX if the number is unknown
675         *
676         * This count includes packets that have been filtered and dropped.
677         */
678        uint64_t (*get_received_packets)(libtrace_t *trace);
679
680        /** Returns the number of packets filtered by an input trace.
681         *
682         * @param trace         The input trace to get the filtered count for
683         * @return The number of packets filtered by the input trace, or
684         * UINT64_MAX if the number is unknown
685         *
686         */
687        uint64_t (*get_filtered_packets)(libtrace_t *trace);
688       
689        /** Returns the number of packets dropped by an input trace.
690         *
691         * @param trace         The input trace to get the dropped count for
692         * @return The number of packets dropped by the input trace, or
693         * UINT64_MAX if the number is unknown
694         *
695         */
696        uint64_t (*get_dropped_packets)(libtrace_t *trace);
697       
698        /** Returns the number of packets captured and returned by an input
699         * trace.
700         *
701         * @param trace         The input trace to get the capture count for
702         * @return The number of packets returned to the libtrace user, or
703         * UINT64_MAX if the number is unknown
704         *
705         * This is the number of packets that have been successfully returned
706         * to the libtrace user via the read_packet() function.
707         *
708         */
709        uint64_t (*get_captured_packets)(libtrace_t *trace);
710       
711        /** Returns the file descriptor used by the input trace.
712         *
713         * @param trace         The input trace to get the file descriptor for
714         * @return The file descriptor used by the input trace to read packets
715         *
716         */
717        int (*get_fd)(const libtrace_t *trace);
718       
719        /** Returns the next libtrace event for the input trace.
720         *
721         * @param trace         The input trace to get the next event from
722         * @param packet        A libtrace packet to read a packet into
723         * @return A libtrace event describing the event that occured
724         *
725         * The event API allows for non-blocking reading of packets from an
726         * input trace. If a packet is available and ready to be read, a packet
727         * event should be returned. Otherwise a sleep or fd event should be
728         * returned to indicate that the caller needs to wait. If the input
729         * trace has an error or reaches EOF, a terminate event should be
730         * returned.
731         */
732        struct libtrace_eventobj_t (*trace_event)(libtrace_t *trace, libtrace_packet_t *packet);       
733
734        /** Prints some useful help information to standard output. */
735        void (*help)(void);
736
737        /** Next pointer, should always be NULL - used by the format module
738         * manager. */
739        struct libtrace_format_t *next;
740};
741
742/** The list of registered capture formats */
743//extern struct libtrace_format_t *form;
744
745/** Specifies whether any blocking packet readers should cease reading
746 * immediately
747 */
748extern int libtrace_halt;
749
750/** Registers a new capture format module.
751 *
752 * @param format        The format module to be registered
753 */
754void register_format(struct libtrace_format_t *format);
755
756/** Converts a PCAP DLT into a libtrace link type.
757 *
758 * @param linktype      The PCAP DLT to be converted
759 * @return The libtrace link type that is equivalent to the provided DLT, or
760 * -1 if the DLT is unknown
761 */
762libtrace_linktype_t pcap_linktype_to_libtrace(libtrace_dlt_t linktype);
763
764/** Converts a PCAP DLT into an RT protocol type.
765 *
766 * @param linktype      The PCAP DLT to be converted
767 * @return The RT type that is equivalent to the provided DLT
768 */
769libtrace_rt_types_t pcap_linktype_to_rt(libtrace_dlt_t linktype);
770
771/** Converts a libtrace link type into a PCAP linktype.
772 *
773 * @param type          The libtrace link type to be converted
774 * @return The PCAP linktype that is equivalent to the provided libtrace link
775 * type, or -1 if the link type is unknown
776 */
777libtrace_dlt_t libtrace_to_pcap_linktype(libtrace_linktype_t type);
778
779/** Converts a libtrace link type into a PCAP DLT.
780 *
781 * @param type          The libtrace link type to be converted
782 * @return The PCAP DLT that is equivalent to the provided libtrace link
783 * type, or -1 if the link type is unknown
784 */
785libtrace_dlt_t libtrace_to_pcap_dlt(libtrace_linktype_t type);
786
787/** Converts an RT protocol type into a PCAP DLT.
788 *
789 * @param rt_type       The RT type to be converted
790 * @return The PCAP DLT that is equivalent to the provided RT protocol
791 */
792libtrace_dlt_t rt_to_pcap_linktype(libtrace_rt_types_t rt_type);
793
794/** Converts a PCAP DLT into an RT protocol type for the BPF format.
795 *
796 * @param linktype      The PCAP DLT to be converted
797 * @return The RT type that is equivalent to the provided DLT for BPF
798 */
799libtrace_rt_types_t bpf_linktype_to_rt(libtrace_dlt_t linktype);
800
801/** Converts an ERF type into a libtrace link type.
802 *
803 * @param erf           The ERF type to be converted
804 * @return The libtrace link type that is equivalent to the provided ERF type,
805 * or -1 if the ERF type is unknown
806 */
807libtrace_linktype_t erf_type_to_libtrace(uint8_t erf);
808
809/** Converts a libtrace link type into an ERF type.
810 *
811 * @param linktype      The libtrace link type to be converted
812 * @return The ERF type that is equivalent to the provided libtrace link type,
813 * or -1 if the link type cannot be matched to an ERF type.
814 */
815uint8_t libtrace_to_erf_type(libtrace_linktype_t linktype);
816
817/** Converts an ARPHRD type into a libtrace link type.
818 *
819 * @param arphrd        The ARPHRD type to be converted
820 * @return The libtrace link type that is equivalent to the provided ARPHRD
821 * type, or -1 if the ARPHRD type is unknown
822 */
823libtrace_linktype_t arphrd_type_to_libtrace(unsigned int arphrd);
824
825/** Converts a libtrace link type into an ARPHRD type.
826 *
827 * @param type          The libtrace link type to be converted
828 * @return The ARPHRD type that is equivalent to the provided libtrace link
829 * type, or -1 if the link type cannot be matched to an ARPHRD type
830 */
831unsigned int libtrace_to_arphrd_type(libtrace_linktype_t type);
832
833/** Converts a libtrace packet to the Linux SLL type.
834 *
835 * @param packet        The packet to be promoted
836 *
837 * @note This will involve memcpy() so use sparingly.
838 *
839 * This function prepends a Linux SLL header to a packet so that we can store
840 * direction tagging information.
841 */
842void promote_packet(libtrace_packet_t *packet);
843
844/** Attempts to demote a packet by removing the first header.
845 *
846 * @param packet        The packet to be demoted
847 * @return True if the packet was demoted, false otherwise.
848 *
849 * Essentially the opposite of promote_packet, except that it will also remove
850 * an ATM header as well as Linux SLL.
851 *
852 */
853bool demote_packet(libtrace_packet_t *packet);
854
855/** Returns a pointer to the header following a Linux SLL header.
856 *
857 * @param link          A pointer to the Linux SLL header to be skipped
858 * @param[out] arphrd_type      The arp hardware type of the packet
859 * @param[out] next_header      The ethertype of the next header
860 * @param[in,out] remaining     Updated with the number of captured bytes
861 *                              remaining
862 * @return A pointer to the header following the Linux SLL header, or NULL if
863 * no subsequent header is present.
864 *
865 * Remaining must point to the number of bytes captured from the Linux SLL
866 * header and beyond.  It will be decremented by the number of bytes skipped
867 * to find the payload.
868 *
869 * If the Linux SLL header is complete but there are zero bytes of payload
870 * after the end of the header, a pointer to where the payload would be is
871 * returned and remaining will be set to zero. If the Linux SLL header is
872 * incomplete (truncated), then NULL is returned and remaining will be set to
873 * 0. Therefore, it is very important to check the value of remaining after
874 * calling this function.
875 */     
876void *trace_get_payload_from_linux_sll(const void *link,
877                uint16_t *arphrd_type, 
878                uint16_t *next_header, 
879                uint32_t *remaining);
880
881/** Returns a pointer to the header following an ATM header.
882 *
883 * @param link          A pointer to the ATM header to be skipped
884 * @param[out] type     The ethertype of the next header
885 * @param[in,out] remaining     Updated with the number of captured bytes
886 *                              remaining
887 * @return A pointer to the header following the ATM header, or NULL if
888 * no subsequent header is present.
889 *
890 * Remaining must point to the number of bytes captured from the ATM header
891 * and beyond.  It will be decremented by the number of bytes skipped to find
892 * the payload.
893 *
894 * If the ATM header is complete but there are zero bytes of payload
895 * after the end of the header, a pointer to where the payload would be is
896 * returned and remaining will be set to zero. If the ATM header is
897 * incomplete (truncated), then NULL is returned and remaining will be set to
898 * 0. Therefore, it is very important to check the value of remaining after
899 * calling this function.
900 */     
901DLLEXPORT void *trace_get_payload_from_atm(void *link, uint8_t *type, 
902                uint32_t *remaining);
903
904
905#ifdef HAVE_BPF
906/* A type encapsulating a bpf filter
907 * This type covers the compiled bpf filter, as well as the original filter
908 * string
909 *
910 */
911
912/** Internal representation of a BPF filter */
913struct libtrace_filter_t {
914        struct bpf_program filter;      /**< The BPF program itself */
915        char * filterstring;            /**< The filter string */
916        int flag;                       /**< Indicates if the filter is valid */
917        struct bpf_jit_t *jitfilter;
918};
919#else
920/** BPF not supported by this system, but we still need to define a structure
921 * for the filter */
922struct libtrace_filter_t {};
923#endif
924
925/** Local definition of a PCAP header */
926typedef struct libtrace_pcapfile_pkt_hdr_t {
927        uint32_t ts_sec;        /* Seconds portion of the timestamp */
928        uint32_t ts_usec;       /* Microseconds portion of the timestamp */
929        uint32_t caplen;        /* Capture length of the packet */
930        uint32_t wirelen;       /* The wire length of the packet */
931} libtrace_pcapfile_pkt_hdr_t;
932
933#ifdef HAVE_DAG
934/** Constructor for the DAG format module */
935void dag_constructor(void);
936#endif
937/** Constructor for the ERF format module */
938void erf_constructor(void);
939/** Constructor for the TSH format module */
940void tsh_constructor(void);
941/** Constructor for the Legacy DAG format module */
942void legacy_constructor(void);
943/** Constructor for the Linux Native format module */
944void linuxnative_constructor(void);
945/** Constructor for the PCAP format module */
946void pcap_constructor(void);
947/** Constructor for the PCAP File format module */
948void pcapfile_constructor(void);
949/** Constructor for the RT format module */
950void rt_constructor(void);
951/** Constructor for the DUCK format module */
952void duck_constructor(void);
953/** Constructor for the ATM Header format module */
954void atmhdr_constructor(void);
955#ifdef HAVE_BPF
956/** Constructor for the BPF format module */
957void bpf_constructor(void);
958#endif
959#if HAVE_DPDK
960/** Constructor for Intels DPDK format module */
961void dpdk_constructor(void);
962#endif
963
964/** Extracts the RadioTap flags from a wireless link header
965 *
966 * @param link          A pointer to the wireless link header
967 * @param linktype      The link type of the wireless header
968 * @param[out] flags    Space to store the extracted flags
969 * @return True if libtrace was able to extract flags from the link header,
970 * false otherwise.
971 *
972 * This function has been left internal because it is not portable across
973 * drivers.
974 */
975bool trace_get_wireless_flags(void *link, libtrace_linktype_t linktype, uint8_t *flags);
976#define TRACE_RADIOTAP_F_FCS 0x10
977       
978#ifdef __cplusplus
979}
980#endif
981
982#endif /* LIBTRACE_INT_H */
Note: See TracBrowser for help on using the repository browser.