source: lib/libtrace_int.h @ 52c7cda

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivegetfragoffhelplibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since 52c7cda was 52c7cda, checked in by Scott Raynel <smr26@…>, 15 years ago

Added support for skipping Linux SLL headers to the trace_get_wireless functions, which means we can now use them on tcpdump captured traces.
Also reformatted link_wireless.c and cleaned up all of the compile warnings :)
Made trace_get_payload_from_linux_sll not static and added function prototypes for it and the new arphrd functions to libtrace_int.h

  • Property mode set to 100644
File size: 14.4 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2004 The University of Waikato, Hamilton, New Zealand.
5 * Authors: Daniel Lawson
6 *          Perry Lorier
7 *         
8 * All rights reserved.
9 *
10 * This code has been developed by the University of Waikato WAND
11 * research group. For further information please see http://www.wand.net.nz/
12 *
13 * libtrace is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * libtrace is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with libtrace; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
26 *
27 * $Id$
28 *
29 */
30/** @file */
31
32#ifndef LIBTRACE_INT_H
33#define LIBTRACE_INT_H
34
35#ifdef __cplusplus
36extern "C" {
37#endif
38
39#include "common.h"
40#include "config.h"
41#include "libtrace.h"
42
43#ifdef _MSC_VER
44#pragma warning(disable:4996)
45#endif
46
47#ifdef HAVE_INTTYPES_H
48# include <inttypes.h>
49#else
50# include "lt_inttypes.h"
51#endif
52
53#ifdef HAVE_STDDEF_H
54# include <stddef.h>
55#else
56#ifndef WIN32
57# error "Can't find stddev.h -- do you define ptrdiff_t elsewhere?"
58#endif
59#endif
60
61
62#include "fifo.h"
63#include "rt_protocol.h"
64       
65#ifdef HAVE_PCAP_BPF_H
66#  include <pcap-bpf.h>
67#  define HAVE_BPF 1
68#else
69#  ifdef HAVE_NET_BPF_H
70#    include <net/bpf.h>
71#    define HAVE_BPF 1
72#  endif
73#endif
74
75#ifdef HAVE_PCAP_H
76#  include <pcap.h>
77#  ifdef HAVE_PCAP_INT_H
78#    include <pcap-int.h>
79#  endif
80#endif
81
82#ifdef HAVE_ZLIB_H
83#  include <zlib.h>
84#endif
85
86#ifndef HAVE_STRNCASECMP
87# ifndef HAVE__STRNICMP
88int strncasecmp(const char *str1, const char *str2, size_t n);
89# else
90# define strncasecmp _strnicmp
91# endif
92#endif
93
94#ifndef HAVE_SNPRINTF
95# ifndef HAVE_SPRINTF_S
96int snprintf(char *str, size_t size, const char *format, ...);
97# else
98# define snprintf sprintf_s
99# endif
100#endif
101
102#include "wag.h"
103#include "daglegacy.h"
104       
105#ifdef HAVE_DAG_API
106#  include "dagnew.h"
107#  include "dagapi.h"
108#       ifndef DAG_VERSION_2_4
109#               include <daginf.h>
110#       endif
111#else
112#  include "dagformat.h"
113#endif
114
115#define RP_BUFSIZE 65536
116
117struct libtrace_event_status_t {
118        libtrace_packet_t *packet;
119        int psize;
120        double tdelta;
121        double trace_last_ts;
122};
123
124/** The information about traces that are open
125 * @internal
126 */
127struct libtrace_t {
128        struct libtrace_format_t *format; /**< format driver pointer */
129        void *format_data; /**<format data pointer */
130        bool started;                   /**< if this trace has started */
131        libtrace_err_t err;             /**< error information */
132        struct libtrace_event_status_t event;   /**< the next event */
133        char *uridata;                  /**< the uri of this trace */
134        struct tracefifo_t *fifo;       /**< fifo used in this trace */
135        struct libtrace_filter_t *filter; /**< used by libtrace if the module
136                                            * doesn't support filters natively
137                                            */
138        int snaplen;                    /**< used by libtrace if the module
139                                          * doesn't support snapping natively
140                                          */
141};
142
143/** Information about output traces
144 * @internal
145 */
146struct libtrace_out_t {
147        struct libtrace_format_t *format;       /**< format driver */
148        void *format_data;              /**< format data */
149        bool started;                   /**< trace started */
150        libtrace_err_t err;             /**< Associated error */
151        char *uridata;                  /**< URI associated with this trace */
152};
153
154void trace_set_err(libtrace_t *trace, int errcode,const char *msg,...);
155void trace_set_err_out(libtrace_out_t *trace, int errcode, const char *msg,...);
156
157typedef struct libtrace_sll_header_t {
158        uint16_t pkttype;               /* packet type */
159        uint16_t hatype;                /* link-layer address type */
160        uint16_t halen;                 /* link-layer address length */
161        char addr[8];                   /* link-layer address */
162        uint16_t protocol;              /* protocol */
163} libtrace_sll_header_t;
164
165#define TRACE_SLL_HOST          0
166#define TRACE_SLL_BROADCAST     1
167#define TRACE_SLL_MULTICAST     2
168#define TRACE_SLL_OTHERHOST     3
169#define TRACE_SLL_OUTGOING      4
170
171#ifndef PF_RULESET_NAME_SIZE
172#define PF_RULESET_NAME_SIZE 16
173#endif
174
175#ifndef IFNAMSIZ
176#define IFNAMSIZ 16
177#endif
178
179typedef struct libtrace_pflog_header_t {
180        uint8_t    length;
181        sa_family_t   af;
182        uint8_t    action;
183        uint8_t    reason;
184        char       ifname[IFNAMSIZ];
185        char       ruleset[PF_RULESET_NAME_SIZE];
186        uint32_t   rulenr;
187        uint32_t   subrulenr;
188        uint8_t    dir;
189        uint8_t    pad[3];
190} libtrace_pflog_header_t;
191
192
193
194/** Module definition structure */
195/* all of these should return -1, or NULL on failure */
196struct libtrace_format_t {
197        /** the uri name of this module */
198        char *name;
199        /** the version of this module */
200        char *version;
201        /** the RT protocol type of this module */
202        enum base_format_t type;
203        /** stuff that deals with input @{ */
204        /** initialise an trace (or NULL if input is not supported) */
205        int (*init_input)(libtrace_t *libtrace);
206        /** configure an trace (or NULL if input is not supported) */
207        int (*config_input)(libtrace_t *libtrace,trace_option_t option,void *value);
208        /** start/unpause an trace (or NULL if input not supported) */
209        int (*start_input)(libtrace_t *libtrace);
210        /** pause an trace (or NULL if input not supported) */
211        int (*pause_input)(libtrace_t *libtrace);
212        /** @} */
213        /** stuff that deals with output @{ */
214        /** initialise output traces (or NULL if output not supported) */
215        int (*init_output)(libtrace_out_t *libtrace);
216        /** configure output traces (or NULL if output not supported) */
217        int (*config_output)(libtrace_out_t *libtrace, trace_option_output_t option, void *);
218        /** start output traces (or NULL if output not supported)
219         * There is no pause for output traces, as packets are not arriving
220         * asyncronously
221         */
222        int (*start_output)(libtrace_out_t *libtrace);
223        /** @} */
224        /** finish an input trace, cleanup (or NULL if input not supported)
225         * if the trace is not paused, libtrace will pause the trace before
226         * calling this function.
227         */
228        int (*fin_input)(libtrace_t *libtrace);
229        /** finish an output trace, cleanup (or NULL if output not supported) */
230        int (*fin_output)(libtrace_out_t *libtrace);
231        /** read a packet from a trace into the provided packet structure
232         * @returns -1 on error, or get_framing_length()+get_capture_length() \
233         * on success.
234         * if this function is not supported, this field may be NULL.
235         */
236        int (*read_packet)(libtrace_t *libtrace, libtrace_packet_t *packet);
237        /** finalise a packet
238         * cleanup any resources used by a packet that can't be reused for
239         * the next packet.
240         */
241        void (*fin_packet)(libtrace_packet_t *packet);
242        /** write a packet to a trace from the provided packet
243         * (or NULL if output not supported)
244         */
245        int (*write_packet)(libtrace_out_t *libtrace, libtrace_packet_t *packet);
246        /** return the libtrace link type for this packet
247         * @return the libtrace link type, or -1 if this link type is unknown
248         */ 
249        libtrace_linktype_t (*get_link_type)(const libtrace_packet_t *packet);
250        /** return the direction of this packet
251         * @note This callback may be NULL if not supported.
252         */ 
253        libtrace_direction_t (*get_direction)(const libtrace_packet_t *packet);
254        /** set the direction of this packet
255         * @note This callback may be NULL if not supported.
256         */ 
257        libtrace_direction_t (*set_direction)(libtrace_packet_t *packet, libtrace_direction_t direction);
258        /** return the erf timestamp of the packet.
259         * @return the 64bit erf timestamp
260         * This field may be NULL in the structure, and libtrace will
261         * synthesise the result from get_timeval or get_seconds if they
262         * exist.  AT least one of get_erf_timestamp, get_timeval or
263         * get_seconds must be implemented.
264         */
265        uint64_t (*get_erf_timestamp)(const libtrace_packet_t *packet);
266        /** return the timeval of this packet.
267         * @return the timeval
268         * This field may be NULL in the structure, and libtrace will
269         * synthesise the result from get_erf_timestamp or get_seconds if they
270         * exist.  AT least one of get_erf_timestamp, get_timeval or
271         * get_seconds must be implemented.
272         */
273        struct timeval (*get_timeval)(const libtrace_packet_t *packet);
274        /** return the timestamp of this packet.
275         * @return the floating point seconds since 1970-01-01 00:00:00
276         * This field may be NULL in the structure, and libtrace will
277         * synthesise the result from get_timeval or get_erf_timestamp if they
278         * exist.  AT least one of get_erf_timestamp, get_timeval or
279         * get_seconds must be implemented.
280         */
281        double (*get_seconds)(const libtrace_packet_t *packet);
282        /** move the pointer within the trace.
283         * @return 0 on success, -1 on failure.
284         * The next packet returned by read_packet be the first
285         * packet in the trace to have a timestamp equal or greater than
286         * timestamp.
287         * @note this function may be NULL if the format does not support
288         * this feature.  If the format implements seek_timeval and/or
289         * seek_seconds then libtrace will call those functions instead.
290         */
291        int (*seek_erf)(libtrace_t *trace, uint64_t timestamp);
292        /** move the pointer within the trace.
293         * @return 0 on success, -1 on failure.
294         * The next packet returned by read_packet be the first
295         * packet in the trace to have a timestamp equal or greater than
296         * timestamp.
297         * @note this function may be NULL if the format does not support
298         * this feature.  If the format implements seek_erf and/or
299         * seek_seconds then libtrace will call those functions instead.
300         */
301        int (*seek_timeval)(libtrace_t *trace, struct timeval tv);
302        /** move the pointer within the trace.
303         * @return 0 on success, -1 on failure.
304         * The next packet returned by read_packet be the first
305         * packet in the trace to have a timestamp equal or greater than
306         * tv.
307         * @note this function may be NULL if the format does not support
308         * this feature.  If the format implements seek_erf and/or
309         * seek_timeval then libtrace will call those functions instead.
310         */
311        int (*seek_seconds)(libtrace_t *trace, double seconds);
312        /** return the captured payload length
313         * @return the amount of data captured in a trace.
314         * This is the number of bytes actually in the trace.  This does not
315         * include the trace framing length.  This is usually shorter or
316         * equal to the wire length.
317         */
318        int (*get_capture_length)(const libtrace_packet_t *packet);
319        /** return the original length of the packet on the wire.
320         * @return the length of the packet on the wire before truncation.
321         * This is the number of bytes actually in the trace.  This does not
322         * include the trace framing length.  This is usually shorter or
323         * equal to the wire length.
324         */
325        int (*get_wire_length)(const libtrace_packet_t *packet);
326        /** return the length of the trace framing header
327         * @return the length of the framing header
328         * The framing header is the extra metadata a trace stores about
329         * a packet.  This does not include the wire or capture length
330         * of the packet.  Usually get_framing_length()+get_capture_length()
331         * is the size returned by read_packet
332         */
333        int (*get_framing_length)(const libtrace_packet_t *packet);
334        /** truncate (snap) the packet
335         * @returns the new size
336         * @note This callback may be NULL if not supported.
337         */
338        size_t (*set_capture_length)(struct libtrace_packet_t *packet,size_t size);
339        /** return the filedescriptor associated with this interface.
340         * @note This callback may be NULL if not supported.
341         * This function is only needed if you use trace_event_interface
342         * as the pointer for trace_event
343         */
344        int (*get_fd)(const libtrace_t *trace);
345        /** return the next event from this source
346         * @note may be NULL if not supported.
347         */
348        struct libtrace_eventobj_t (*trace_event)(libtrace_t *trace, libtrace_packet_t *packet);       
349        /** return information about this trace format to standard out */
350        void (*help)();
351        /** next pointer, should be NULL */
352        struct libtrace_format_t *next;
353};
354
355extern struct libtrace_format_t *form;
356
357void register_format(struct libtrace_format_t *format);
358
359libtrace_linktype_t pcap_dlt_to_libtrace(libtrace_dlt_t dlt);
360libtrace_dlt_t libtrace_to_pcap_dlt(libtrace_linktype_t type);
361enum rt_field_t pcap_dlt_to_rt(libtrace_dlt_t dlt);
362libtrace_dlt_t rt_to_pcap_dlt(enum rt_field_t rt_type);
363libtrace_linktype_t erf_type_to_libtrace(char erf);
364char libtrace_to_erf_type(libtrace_linktype_t linktype);
365libtrace_linktype_t arphrd_type_to_libtrace(unsigned int);
366unsigned int libtrace_to_arphrd_type(libtrace_linktype_t);
367
368void promote_packet(libtrace_packet_t *packet);
369bool demote_packet(libtrace_packet_t *packet);
370
371void *trace_get_payload_from_linux_sll(void *, uint16_t *, uint32_t *);
372
373uint64_t byteswap64(uint64_t num);
374uint32_t byteswap32(uint32_t num);
375uint16_t byteswap16(uint16_t num);
376
377/* Because some traces/protocols are defined as
378 * being "big endian" or "little endian" we have
379 * this series of macros.
380 */
381#if BYTE_ORDER == BIG_ENDIAN
382#define bswap_host_to_be64(num) ((uint64_t)(num))
383#define bswap_host_to_le64(num) byteswap64(num)
384#define bswap_host_to_be32(num) ((uint32_t)(num))
385#define bswap_host_to_le32(num) byteswap32(num)
386#define bswap_host_to_be16(num) ((uint16_t)(num))
387#define bswap_host_to_le16(num) byteswap16(num)
388
389#define bswap_be_to_host64(num) ((uint64_t)(num))
390#define bswap_le_to_host64(num) byteswap64(num)
391#define bswap_be_to_host32(num) ((uint32_t)(num))
392#define bswap_le_to_host32(num) byteswap32(num)
393#define bswap_be_to_host16(num) ((uint16_t)(num))
394#define bswap_le_to_host16(num) byteswap16(num)
395
396/* We use ntoh*() here, because the compiler may
397 * attempt to optimise it
398 */
399#elif BYTE_ORDER == LITTLE_ENDIAN
400#define bswap_host_to_be64(num) (byteswap64(num))
401#define bswap_host_to_le64(num) ((uint64_t)(num))
402#define bswap_host_to_be32(num) (htonl(num))
403#define bswap_host_to_le32(num) ((uint32_t)(num))
404#define bswap_host_to_be16(num) (htons(num))
405#define bswap_host_to_le16(num) ((uint16_t)(num))
406
407#define bswap_be_to_host64(num) (byteswap64(num))
408#define bswap_le_to_host64(num) ((uint64_t)(num))
409#define bswap_be_to_host32(num) (ntohl(num))
410#define bswap_le_to_host32(num) ((uint32_t)(num))
411#define bswap_be_to_host16(num) (ntohs(num))
412#define bswap_le_to_host16(num) ((uint16_t)(num))
413
414#else
415#error "Unknown byte order"
416#endif
417
418#ifdef HAVE_BPF
419/* A type encapsulating a bpf filter
420 * This type covers the compiled bpf filter, as well as the original filter
421 * string
422 *
423 */
424struct libtrace_filter_t {
425        struct bpf_program filter;
426        int flag;
427        char * filterstring;
428};
429#else
430struct libtrace_filter_t {};
431#endif
432
433/** libtrace packet
434 */
435typedef struct libtrace_pcapfile_pkt_hdr_t {
436        uint32_t ts_sec;
437        uint32_t ts_usec;
438        uint32_t caplen;
439        uint32_t wirelen;
440} libtrace_pcapfile_pkt_hdr_t;
441
442       
443#ifdef __cplusplus
444}
445#endif
446
447#endif /* LIBTRACE_INT_H */
Note: See TracBrowser for help on using the repository browser.