source: lib/libtrace_int.h @ 9de8150

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivegetfragoffhelplibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since 9de8150 was 9de8150, checked in by Perry Lorier <perry@…>, 15 years ago

A lot more documentation

  • Property mode set to 100644
File size: 11.1 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2004 The University of Waikato, Hamilton, New Zealand.
5 * Authors: Daniel Lawson
6 *          Perry Lorier
7 *         
8 * All rights reserved.
9 *
10 * This code has been developed by the University of Waikato WAND
11 * research group. For further information please see http://www.wand.net.nz/
12 *
13 * libtrace is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * libtrace is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with libtrace; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
26 *
27 * $Id$
28 *
29 */
30/** @file */
31
32#ifndef LIBTRACE_INT_H
33#define LIBTRACE_INT_H
34
35#ifdef __cplusplus
36extern "C" {
37#endif
38
39#include "common.h"
40#include "config.h"
41#include "libtrace.h"
42#include "fifo.h"
43       
44#if HAVE_PCAP_BPF_H
45#  include <pcap-bpf.h>
46#else
47#  ifdef HAVE_NET_BPF_H
48#    include <net/bpf.h>
49#  endif
50#endif
51
52#if HAVE_PCAP_H
53#  include <pcap.h>
54#  ifdef HAVE_PCAP_INT_H
55#    include <pcap-int.h>
56#  endif
57#endif
58
59#ifdef HAVE_ZLIB_H
60#  include <zlib.h>
61#endif
62
63
64#include "wag.h"
65#include "daglegacy.h"
66       
67#ifdef HAVE_DAG_API
68#  include "dagnew.h"
69#  include "dagapi.h"
70#else
71#  include "dagformat.h"
72#endif
73
74#include <stdbool.h>
75
76
77
78#define RP_BUFSIZE 65536
79
80struct libtrace_format_data_t;
81
82struct libtrace_event_t {
83        struct {
84                void *buffer;
85                int size;
86        } packet;
87        double tdelta;
88        double trace_last_ts;
89};
90
91/** The information about traces that are open
92 * @internal
93 */
94struct libtrace_t {
95        struct libtrace_format_t *format; /**< format driver pointer */
96        struct libtrace_format_data_t *format_data; /**<format data pointer */
97        bool started;                   /**< if this trace has started */
98        libtrace_err_t err;             /**< error information */
99        struct libtrace_event_t event;  /**< the next event */
100        char *uridata;                  /**< the uri of this trace */
101        struct tracefifo_t *fifo;       /**< fifo used in this trace */
102        struct libtrace_filter_t *filter; /**< used by libtrace if the module
103                                            * doesn't support filters natively
104                                            */
105        int snaplen;                    /**< used by libtrace if the module
106                                          * doesn't support snapping natively
107                                          */
108};
109
110/** Information about output traces
111 * @internal
112 */
113struct libtrace_out_t {
114        struct libtrace_format_t *format;       /**< format driver */
115        struct libtrace_format_data_out_t *format_data; /**< format data */
116        bool started;                   /**< trace started */
117        libtrace_err_t err;             /**< Associated error */
118        char *uridata;                  /**< URI associated with this trace */
119};
120
121void trace_set_err(libtrace_t *trace, int errcode,const char *msg,...);
122void trace_set_err_out(libtrace_out_t *trace, int errcode, const char *msg,...);
123
124struct trace_sll_header_t {
125        uint16_t pkttype;               /* packet type */
126        uint16_t hatype;                /* link-layer address type */
127        uint16_t halen;                 /* link-layer address length */
128        char addr[8];                   /* link-layer address */
129        uint16_t protocol;              /* protocol */
130};
131
132#ifndef PF_RULESET_NAME_SIZE
133#define PF_RULESET_NAME_SIZE 16
134#endif
135
136#ifndef IFNAMSIZ
137#define IFNAMSIZ 16
138#endif
139
140struct trace_pflog_header_t {
141        uint8_t    length;
142        sa_family_t   af;
143        uint8_t    action;
144        uint8_t    reason;
145        char       ifname[IFNAMSIZ];
146        char       ruleset[PF_RULESET_NAME_SIZE];
147        uint32_t   rulenr;
148        uint32_t   subrulenr;
149        uint8_t    dir;
150        uint8_t    pad[3];
151};
152
153/** Module definition structure */
154struct libtrace_format_t {
155        /** the uri name of this module */
156        char *name;
157        /** the version of this module */
158        char *version;
159        /** the RT protocol type of this module */
160        enum base_format_t type;
161        /** stuff that deals with input @{ */
162        /** initialise an trace (or NULL if input is not supported) */
163        int (*init_input)(libtrace_t *libtrace);
164        /** configure an trace (or NULL if input is not supported) */
165        int (*config_input)(libtrace_t *libtrace,trace_option_t option,void *value);
166        /** start/unpause an trace (or NULL if input not supported) */
167        int (*start_input)(libtrace_t *libtrace);
168        /** pause an trace (or NULL if input not supported) */
169        int (*pause_input)(libtrace_t *libtrace);
170        /** @} */
171        /** stuff that deals with output @{ */
172        /** initialise output traces (or NULL if output not supported) */
173        int (*init_output)(libtrace_out_t *libtrace);
174        /** configure output traces (or NULL if output not supported) */
175        int (*config_output)(libtrace_out_t *libtrace, trace_option_output_t, void *);
176        /** start output traces (or NULL if output not supported)
177         * There is no pause for output traces, as packets are not arriving
178         * asyncronously
179         */
180        int (*start_output)(libtrace_out_t *libtrace);
181        /** @} */
182        /** finish an input trace, cleanup (or NULL if input not supported) */
183        int (*fin_input)(libtrace_t *libtrace);
184        /** finish an output trace, cleanup (or NULL if output not supported) */
185        int (*fin_output)(libtrace_out_t *libtrace);
186        /** read a packet from a trace into the provided packet structure
187         * @returns -1 on error, or get_framing_length()+get_capture_length() \
188         * on success.
189         * if this function is not supported, this field may be NULL.
190         */
191        int (*read_packet)(libtrace_t *libtrace, struct libtrace_packet_t *packet);
192        /** write a packet to a trace from the provided packet
193         * (or NULL if output not supported)
194         */
195        int (*write_packet)(libtrace_out_t *libtrace, const libtrace_packet_t *packet);
196        /** return the libtrace link type for this packet
197         * @return the libtrace link type, or -1 if this link type is unknown
198         */ 
199        libtrace_linktype_t (*get_link_type)(const libtrace_packet_t *packet);
200        /** return the direction of this packet
201         * This function pointer may be NULL if the format does not support
202         * getting a direction.
203         */ 
204        int8_t (*get_direction)(const libtrace_packet_t *packet);
205        /** set the direction of this packet
206         * This function pointer may be NULL if the format does not support
207         * setting a direction.
208         */ 
209        int8_t (*set_direction)(const libtrace_packet_t *packet, int8_t direction);
210        /** return the erf timestamp of the packet.
211         * @return the 64bit erf timestamp
212         * This field may be NULL in the structure, and libtrace will
213         * synthesise the result from get_timeval or get_seconds if they
214         * exist.  AT least one of get_erf_timestamp, get_timeval or
215         * get_seconds must be implemented.
216         */
217        uint64_t (*get_erf_timestamp)(const libtrace_packet_t *packet);
218        /** return the timeval of this packet.
219         * @return the timeval
220         * This field may be NULL in the structure, and libtrace will
221         * synthesise the result from get_erf_timestamp or get_seconds if they
222         * exist.  AT least one of get_erf_timestamp, get_timeval or
223         * get_seconds must be implemented.
224         */
225        struct timeval (*get_timeval)(const libtrace_packet_t *packet);
226        /** return the timestamp of this packet.
227         * @return the floating point seconds since 1970-01-01 00:00:00
228         * This field may be NULL in the structure, and libtrace will
229         * synthesise the result from get_timeval or get_erf_timestamp if they
230         * exist.  AT least one of get_erf_timestamp, get_timeval or
231         * get_seconds must be implemented.
232         */
233        double (*get_seconds)(const libtrace_packet_t *packet);
234        /** move the pointer within the trace.
235         * @return 0 on success, -1 on failure.
236         * The next packet returned by read_packet be the first
237         * packet in the trace to have a timestamp equal or greater than
238         * timestamp.
239         * @note this function may be NULL if the format does not support
240         * this feature.  If the format implements seek_timeval and/or
241         * seek_seconds then libtrace will call those functions instead.
242         */
243        int (*seek_erf)(libtrace_t *trace, uint64_t timestamp);
244        /** move the pointer within the trace.
245         * @return 0 on success, -1 on failure.
246         * The next packet returned by read_packet be the first
247         * packet in the trace to have a timestamp equal or greater than
248         * timestamp.
249         * @note this function may be NULL if the format does not support
250         * this feature.  If the format implements seek_erf and/or
251         * seek_seconds then libtrace will call those functions instead.
252         */
253        int (*seek_timeval)(libtrace_t *trace, struct timeval tv);
254        /** move the pointer within the trace.
255         * @return 0 on success, -1 on failure.
256         * The next packet returned by read_packet be the first
257         * packet in the trace to have a timestamp equal or greater than
258         * tv.
259         * @note this function may be NULL if the format does not support
260         * this feature.  If the format implements seek_erf and/or
261         * seek_timeval then libtrace will call those functions instead.
262         */
263        int (*seek_seconds)(libtrace_t *trace, double seconds);
264        /** return the captured payload length
265         * @return the amount of data captured in a trace.
266         * This is the number of bytes actually in the trace.  This does not
267         * include the trace framing length.  This is usually shorter or
268         * equal to the wire length.
269         */
270        int (*get_capture_length)(const libtrace_packet_t *packet);
271        /** return the original length of the packet on the wire.
272         * @return the length of the packet on the wire before truncation.
273         * This is the number of bytes actually in the trace.  This does not
274         * include the trace framing length.  This is usually shorter or
275         * equal to the wire length.
276         */
277        int (*get_wire_length)(const libtrace_packet_t *packet);
278        /** return the length of the trace framing header
279         * @return the length of the framing header
280         * The framing header is the extra metadata a trace stores about
281         * a packet.  This does not include the wire or capture length
282         * of the packet.  Usually get_framing_length()+get_capture_length()
283         * is the size returned by read_packet
284         */
285        int (*get_framing_length)(const libtrace_packet_t *packet);
286        /** truncate (snap) the packet
287         * @returns the new size
288         * @note This callback may be NULL if not supported.
289         */
290        size_t (*set_capture_length)(struct libtrace_packet_t *packet,size_t size);
291        /** return the filedescriptor associated with this interface.
292         * @note This callback may be NULL if not supported.
293         * This function is only needed if you use trace_event_interface
294         * as the pointer for trace_event
295         */
296        int (*get_fd)(const libtrace_t *trace);
297        /** return the next event from this source
298         * @note may be NULL if not supported.
299         */
300        struct libtrace_eventobj_t (*trace_event)(libtrace_t *trace, libtrace_packet_t *packet);       
301        /** return information about this trace format to standard out */
302        void (*help)();
303};
304
305extern struct libtrace_format_t *form;
306
307void register_format(struct libtrace_format_t *format);
308
309libtrace_linktype_t pcap_dlt_to_libtrace(int dlt);
310char libtrace_to_pcap_dlt(libtrace_linktype_t type);
311libtrace_linktype_t erf_type_to_libtrace(char erf);
312char libtrace_to_erf_type(libtrace_linktype_t linktype);
313
314#if HAVE_BPF
315/* A type encapsulating a bpf filter
316 * This type covers the compiled bpf filter, as well as the original filter
317 * string
318 *
319 */
320struct libtrace_filter_t {
321        struct bpf_program filter;
322        int flag;
323        char * filterstring;
324};
325#endif
326       
327#ifdef __cplusplus
328}
329#endif
330
331#endif /* LIBTRACE_INT_H */
Note: See TracBrowser for help on using the repository browser.