source: lib/libtrace_int.h @ 97e39a7

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivegetfragoffhelplibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since 97e39a7 was 97e39a7, checked in by Perry Lorier <perry@…>, 15 years ago

Port new linux native capture type from libtrace 2.
Fail if we try and decode a pcap link type and we don't have pcap installed.

  • Property mode set to 100644
File size: 11.7 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2004 The University of Waikato, Hamilton, New Zealand.
5 * Authors: Daniel Lawson
6 *          Perry Lorier
7 *         
8 * All rights reserved.
9 *
10 * This code has been developed by the University of Waikato WAND
11 * research group. For further information please see http://www.wand.net.nz/
12 *
13 * libtrace is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * libtrace is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with libtrace; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
26 *
27 * $Id$
28 *
29 */
30/** @file */
31
32#ifndef LIBTRACE_INT_H
33#define LIBTRACE_INT_H
34
35#ifdef __cplusplus
36extern "C" {
37#endif
38
39#include "common.h"
40#include "config.h"
41#include "libtrace.h"
42
43#ifdef _MSC_VER
44#pragma warning(disable:4996)
45#endif
46
47#ifdef HAVE_INTTYPES_H
48# include <inttypes.h>
49#else
50# include "lt_inttypes.h"
51#endif
52
53#ifdef HAVE_STDDEF_H
54# include <stddef.h>
55#else
56#ifndef WIN32
57# error "Can't find stddev.h -- do you define ptrdiff_t elsewhere?"
58#endif
59#endif
60
61
62#include "fifo.h"
63#include "rt_protocol.h"
64       
65#if HAVE_PCAP_BPF_H
66#  include <pcap-bpf.h>
67#else
68#  ifdef HAVE_NET_BPF_H
69#    include <net/bpf.h>
70#  endif
71#endif
72
73#if HAVE_PCAP_H
74#  include <pcap.h>
75#  ifdef HAVE_PCAP_INT_H
76#    include <pcap-int.h>
77#  endif
78#endif
79
80#ifdef HAVE_ZLIB_H
81#  include <zlib.h>
82#endif
83
84
85#include "wag.h"
86#include "daglegacy.h"
87       
88#ifdef HAVE_DAG_API
89#  include "dagnew.h"
90#  include "dagapi.h"
91#else
92#  include "dagformat.h"
93#endif
94
95#define RP_BUFSIZE 65536
96
97struct libtrace_event_status_t {
98        libtrace_packet_t *packet;
99        int psize;
100        double tdelta;
101        double trace_last_ts;
102};
103
104/** The information about traces that are open
105 * @internal
106 */
107struct libtrace_t {
108        struct libtrace_format_t *format; /**< format driver pointer */
109        void *format_data; /**<format data pointer */
110        bool started;                   /**< if this trace has started */
111        libtrace_err_t err;             /**< error information */
112        struct libtrace_event_status_t event;   /**< the next event */
113        char *uridata;                  /**< the uri of this trace */
114        struct tracefifo_t *fifo;       /**< fifo used in this trace */
115        struct libtrace_filter_t *filter; /**< used by libtrace if the module
116                                            * doesn't support filters natively
117                                            */
118        int snaplen;                    /**< used by libtrace if the module
119                                          * doesn't support snapping natively
120                                          */
121};
122
123/** Information about output traces
124 * @internal
125 */
126struct libtrace_out_t {
127        struct libtrace_format_t *format;       /**< format driver */
128        void *format_data;              /**< format data */
129        bool started;                   /**< trace started */
130        libtrace_err_t err;             /**< Associated error */
131        char *uridata;                  /**< URI associated with this trace */
132};
133
134void trace_set_err(libtrace_t *trace, int errcode,const char *msg,...);
135void trace_set_err_out(libtrace_out_t *trace, int errcode, const char *msg,...);
136
137typedef struct libtrace_sll_header_t {
138        uint16_t pkttype;               /* packet type */
139        uint16_t hatype;                /* link-layer address type */
140        uint16_t halen;                 /* link-layer address length */
141        char addr[8];                   /* link-layer address */
142        uint16_t protocol;              /* protocol */
143} libtrace_sll_header_t;
144
145#ifndef PF_RULESET_NAME_SIZE
146#define PF_RULESET_NAME_SIZE 16
147#endif
148
149#ifndef IFNAMSIZ
150#define IFNAMSIZ 16
151#endif
152
153typedef struct libtrace_pflog_header_t {
154        uint8_t    length;
155        sa_family_t   af;
156        uint8_t    action;
157        uint8_t    reason;
158        char       ifname[IFNAMSIZ];
159        char       ruleset[PF_RULESET_NAME_SIZE];
160        uint32_t   rulenr;
161        uint32_t   subrulenr;
162        uint8_t    dir;
163        uint8_t    pad[3];
164} libtrace_pflog_header_t;
165
166
167
168/** Module definition structure */
169/* all of these should return -1, or NULL on failure */
170struct libtrace_format_t {
171        /** the uri name of this module */
172        char *name;
173        /** the version of this module */
174        char *version;
175        /** the RT protocol type of this module */
176        enum base_format_t type;
177        /** stuff that deals with input @{ */
178        /** initialise an trace (or NULL if input is not supported) */
179        int (*init_input)(libtrace_t *libtrace);
180        /** configure an trace (or NULL if input is not supported) */
181        int (*config_input)(libtrace_t *libtrace,trace_option_t option,void *value);
182        /** start/unpause an trace (or NULL if input not supported) */
183        int (*start_input)(libtrace_t *libtrace);
184        /** pause an trace (or NULL if input not supported) */
185        int (*pause_input)(libtrace_t *libtrace);
186        /** @} */
187        /** stuff that deals with output @{ */
188        /** initialise output traces (or NULL if output not supported) */
189        int (*init_output)(libtrace_out_t *libtrace);
190        /** configure output traces (or NULL if output not supported) */
191        int (*config_output)(libtrace_out_t *libtrace, trace_option_output_t option, void *);
192        /** start output traces (or NULL if output not supported)
193         * There is no pause for output traces, as packets are not arriving
194         * asyncronously
195         */
196        int (*start_output)(libtrace_out_t *libtrace);
197        /** @} */
198        /** finish an input trace, cleanup (or NULL if input not supported)
199         * if the trace is not paused, libtrace will pause the trace before
200         * calling this function.
201         */
202        int (*fin_input)(libtrace_t *libtrace);
203        /** finish an output trace, cleanup (or NULL if output not supported) */
204        int (*fin_output)(libtrace_out_t *libtrace);
205        /** read a packet from a trace into the provided packet structure
206         * @returns -1 on error, or get_framing_length()+get_capture_length() \
207         * on success.
208         * if this function is not supported, this field may be NULL.
209         */
210        int (*read_packet)(libtrace_t *libtrace, libtrace_packet_t *packet);
211        /** finalise a packet
212         * cleanup any resources used by a packet that can't be reused for
213         * the next packet.
214         */
215        void (*fin_packet)(libtrace_packet_t *packet);
216        /** write a packet to a trace from the provided packet
217         * (or NULL if output not supported)
218         */
219        int (*write_packet)(libtrace_out_t *libtrace, const libtrace_packet_t *packet);
220        /** return the libtrace link type for this packet
221         * @return the libtrace link type, or -1 if this link type is unknown
222         */ 
223        libtrace_linktype_t (*get_link_type)(const libtrace_packet_t *packet);
224        /** return the direction of this packet
225         * @note This callback may be NULL if not supported.
226         */ 
227        int8_t (*get_direction)(const libtrace_packet_t *packet);
228        /** set the direction of this packet
229         * @note This callback may be NULL if not supported.
230         */ 
231        int8_t (*set_direction)(const libtrace_packet_t *packet, int8_t direction);
232        /** return the erf timestamp of the packet.
233         * @return the 64bit erf timestamp
234         * This field may be NULL in the structure, and libtrace will
235         * synthesise the result from get_timeval or get_seconds if they
236         * exist.  AT least one of get_erf_timestamp, get_timeval or
237         * get_seconds must be implemented.
238         */
239        uint64_t (*get_erf_timestamp)(const libtrace_packet_t *packet);
240        /** return the timeval of this packet.
241         * @return the timeval
242         * This field may be NULL in the structure, and libtrace will
243         * synthesise the result from get_erf_timestamp or get_seconds if they
244         * exist.  AT least one of get_erf_timestamp, get_timeval or
245         * get_seconds must be implemented.
246         */
247        struct timeval (*get_timeval)(const libtrace_packet_t *packet);
248        /** return the timestamp of this packet.
249         * @return the floating point seconds since 1970-01-01 00:00:00
250         * This field may be NULL in the structure, and libtrace will
251         * synthesise the result from get_timeval or get_erf_timestamp if they
252         * exist.  AT least one of get_erf_timestamp, get_timeval or
253         * get_seconds must be implemented.
254         */
255        double (*get_seconds)(const libtrace_packet_t *packet);
256        /** move the pointer within the trace.
257         * @return 0 on success, -1 on failure.
258         * The next packet returned by read_packet be the first
259         * packet in the trace to have a timestamp equal or greater than
260         * timestamp.
261         * @note this function may be NULL if the format does not support
262         * this feature.  If the format implements seek_timeval and/or
263         * seek_seconds then libtrace will call those functions instead.
264         */
265        int (*seek_erf)(libtrace_t *trace, uint64_t timestamp);
266        /** move the pointer within the trace.
267         * @return 0 on success, -1 on failure.
268         * The next packet returned by read_packet be the first
269         * packet in the trace to have a timestamp equal or greater than
270         * timestamp.
271         * @note this function may be NULL if the format does not support
272         * this feature.  If the format implements seek_erf and/or
273         * seek_seconds then libtrace will call those functions instead.
274         */
275        int (*seek_timeval)(libtrace_t *trace, struct timeval tv);
276        /** move the pointer within the trace.
277         * @return 0 on success, -1 on failure.
278         * The next packet returned by read_packet be the first
279         * packet in the trace to have a timestamp equal or greater than
280         * tv.
281         * @note this function may be NULL if the format does not support
282         * this feature.  If the format implements seek_erf and/or
283         * seek_timeval then libtrace will call those functions instead.
284         */
285        int (*seek_seconds)(libtrace_t *trace, double seconds);
286        /** return the captured payload length
287         * @return the amount of data captured in a trace.
288         * This is the number of bytes actually in the trace.  This does not
289         * include the trace framing length.  This is usually shorter or
290         * equal to the wire length.
291         */
292        int (*get_capture_length)(const libtrace_packet_t *packet);
293        /** return the original length of the packet on the wire.
294         * @return the length of the packet on the wire before truncation.
295         * This is the number of bytes actually in the trace.  This does not
296         * include the trace framing length.  This is usually shorter or
297         * equal to the wire length.
298         */
299        int (*get_wire_length)(const libtrace_packet_t *packet);
300        /** return the length of the trace framing header
301         * @return the length of the framing header
302         * The framing header is the extra metadata a trace stores about
303         * a packet.  This does not include the wire or capture length
304         * of the packet.  Usually get_framing_length()+get_capture_length()
305         * is the size returned by read_packet
306         */
307        int (*get_framing_length)(const libtrace_packet_t *packet);
308        /** truncate (snap) the packet
309         * @returns the new size
310         * @note This callback may be NULL if not supported.
311         */
312        size_t (*set_capture_length)(struct libtrace_packet_t *packet,size_t size);
313        /** return the filedescriptor associated with this interface.
314         * @note This callback may be NULL if not supported.
315         * This function is only needed if you use trace_event_interface
316         * as the pointer for trace_event
317         */
318        int (*get_fd)(const libtrace_t *trace);
319        /** return the next event from this source
320         * @note may be NULL if not supported.
321         */
322        struct libtrace_eventobj_t (*trace_event)(libtrace_t *trace, libtrace_packet_t *packet);       
323        /** return information about this trace format to standard out */
324        void (*help)();
325        /** next pointer, should be NULL */
326        struct libtrace_format_t *next;
327};
328
329extern struct libtrace_format_t *form;
330
331void register_format(struct libtrace_format_t *format);
332
333libtrace_linktype_t pcap_dlt_to_libtrace(int dlt);
334char libtrace_to_pcap_dlt(libtrace_linktype_t type);
335enum rt_field_t pcap_dlt_to_rt(int dlt);
336int rt_to_pcap_dlt(enum rt_field_t rt_type);
337libtrace_linktype_t erf_type_to_libtrace(char erf);
338char libtrace_to_erf_type(libtrace_linktype_t linktype);
339
340#if HAVE_BPF
341/* A type encapsulating a bpf filter
342 * This type covers the compiled bpf filter, as well as the original filter
343 * string
344 *
345 */
346struct libtrace_filter_t {
347        struct bpf_program filter;
348        int flag;
349        char * filterstring;
350};
351#endif
352       
353#ifdef __cplusplus
354}
355#endif
356
357#endif /* LIBTRACE_INT_H */
Note: See TracBrowser for help on using the repository browser.