source: lib/libtrace_int.h @ ac6ac7f

4.0.1-hotfixescachetimestampsdevelopdpdk-ndagetsilivelibtrace4ndag_formatpfringrc-4.0.1rc-4.0.2rc-4.0.3rc-4.0.4ringdecrementfixringperformanceringtimestampfixes
Last change on this file since ac6ac7f was c63bcdf, checked in by Richard Sanger <rsangerarj@…>, 6 years ago

Add pthread_spinlock so we can build on Apple's

  • Property mode set to 100644
File size: 41.8 KB
Line 
1/*
2 * This file is part of libtrace
3 *
4 * Copyright (c) 2007,2008,2009,2010 The University of Waikato, Hamilton,
5 * New Zealand.
6 *
7 * Authors: Daniel Lawson
8 *          Perry Lorier
9 *          Shane Alcock
10 *         
11 * All rights reserved.
12 *
13 * This code has been developed by the University of Waikato WAND
14 * research group. For further information please see http://www.wand.net.nz/
15 *
16 * libtrace is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 * libtrace is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24 * GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with libtrace; if not, write to the Free Software
28 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
29 *
30 * $Id$
31 *
32 */
33
34/** @file
35 *
36 * @brief Header file containing definitions for structures and functions that
37 * are internal
38 *
39 * @author Daniel Lawson
40 * @author Perry Lorier
41 * @author Shane Alcock
42 *
43 * @version $Id$
44 *
45 * All of the structures and functions defined in this header file are intended
46 * for internal use within Libtrace only. They should not be exported as part
47 * of the library API as we don't want users accessing things like the
48 * contents of the libtrace packet structure directly!
49 */
50#ifndef LIBTRACE_INT_H
51#define LIBTRACE_INT_H
52
53#ifdef __cplusplus
54extern "C" {
55#endif
56
57#include "config.h"
58#include "common.h"
59#include "libtrace_parallel.h"
60#include "wandio.h"
61#include "lt_bswap.h"
62
63#ifdef _MSC_VER
64// warning: deprecated function
65#pragma warning(disable:4996)
66// warning: benign redefinitions of types
67#pragma warning(disable:4142)
68#endif
69
70#ifdef HAVE_INTTYPES_H
71# include <inttypes.h>
72#else
73# include "lt_inttypes.h"
74#endif
75
76#ifdef HAVE_STDDEF_H
77# include <stddef.h>
78#else
79#ifndef WIN32
80# error "Can't find stddev.h -- do you define ptrdiff_t elsewhere?"
81#endif
82#endif
83
84
85#include "rt_protocol.h"
86       
87/* Prefer net/bpf.h over pcap-bpf.h for format_bpf.c on MacOS */
88#ifdef HAVE_NET_BPF_H
89#    include <net/bpf.h>
90#    define HAVE_BPF 1
91#else
92#ifdef HAVE_PCAP_BPF_H
93#  include <pcap-bpf.h>
94#  define HAVE_BPF 1
95#endif
96#endif
97
98#ifdef HAVE_PCAP_H
99#  include <pcap.h>
100#  ifdef HAVE_PCAP_INT_H
101#    include <pcap-int.h>
102#  endif
103#endif
104
105#ifdef HAVE_ZLIB_H
106#  include <zlib.h>
107#endif
108
109#ifndef HAVE_STRNDUP
110char *strndup(const char *s, size_t size);
111#endif
112
113#ifndef HAVE_STRNCASECMP
114# ifndef HAVE__STRNICMP
115/** A local implementation of strncasecmp (as some systems do not have it) */
116int strncasecmp(const char *str1, const char *str2, size_t n);
117# else
118# define strncasecmp _strnicmp
119# endif
120#endif
121
122#ifndef HAVE_SNPRINTF
123# ifndef HAVE_SPRINTF_S
124/** A local implementation of snprintf (as some systems do not have it) */
125int snprintf(char *str, size_t size, const char *format, ...);
126# else
127# define snprintf sprintf_s
128# endif
129#endif
130
131#include "daglegacy.h"
132       
133#ifdef HAVE_DAG_API
134#  include "dagnew.h"
135#  include "dagapi.h"
136#       if DAG_VERSION == 24
137#               include <erftypes.h>
138#       else
139#               include <daginf.h>
140#       endif
141#  include "erftypes.h"
142#else
143#  include "dagformat.h"
144#endif
145
146#ifdef HAVE_LLVM
147#include "bpf-jit/bpf-jit.h"
148#endif
149
150#include "data-struct/ring_buffer.h"
151#include "data-struct/object_cache.h"
152#include "data-struct/vector.h"
153#include "data-struct/message_queue.h"
154#include "data-struct/deque.h"
155#include "data-struct/linked_list.h"
156#include "data-struct/sliding_window.h"
157#include "pthread_spinlock.h"
158
159//#define RP_BUFSIZE 65536U
160
161/** Data about the most recent event from a trace file */
162struct libtrace_event_status_t {
163        /** A libtrace packet to store the packet when a PACKET event occurs */
164        libtrace_packet_t *packet;
165        /** Time between the timestamp for the current packet and the current
166         * walltime */
167        double tdelta;
168        /** The timestamp of the previous PACKET event */
169        double trace_last_ts;
170        /** The size of the current PACKET event */
171        int psize;
172        /** Whether there is a packet stored in *packet above waiting for an
173         * event to occur */
174        bool waiting;
175};
176
177enum thread_types {
178        THREAD_EMPTY,
179        THREAD_HASHER,
180        THREAD_PERPKT,
181        THREAD_REPORTER,
182        THREAD_KEEPALIVE
183};
184
185enum thread_states {
186        THREAD_RUNNING,
187        THREAD_FINISHING,
188        THREAD_FINISHED,
189        THREAD_PAUSED,
190        THREAD_STATE_MAX
191};
192
193/**
194 * Information of this thread
195 */
196struct libtrace_thread_t {
197        uint64_t accepted_packets; // The number of packets accepted only used if pread
198        uint64_t filtered_packets;
199        // is retreving packets
200        // Set to true once the first packet has been stored
201        bool recorded_first;
202        // For thread safety reason we actually must store this here
203        int64_t tracetime_offset_usec;
204        void* user_data; // TLS for the user to use
205        void* format_data; // TLS for the format to use
206        libtrace_message_queue_t messages; // Message handling
207        libtrace_ringbuffer_t rbuffer; // Input
208        libtrace_t * trace;
209        void* ret;
210        enum thread_types type;
211        enum thread_states state;
212        pthread_t tid;
213        int perpkt_num; // A number from 0-X that represents this perpkt threads number
214                                // in the table, intended to quickly identify this thread
215                                // -1 represents NA (such as the case this is not a perpkt thread)
216} ALIGN_STRUCT(CACHE_LINE_SIZE);
217
218/**
219 * Storage to note time value against each.
220 * Used both internally to do trace time playback
221 * and can be used externally to assist applications which need
222 * a trace starting time such as tracertstats.
223 */
224struct first_packets {
225        pthread_spinlock_t lock;
226        size_t count; // If == perpkt_thread_count threads we have all
227        size_t first; // Valid if count != 0
228        struct {
229                libtrace_packet_t * packet;
230                struct timeval tv;
231        } * packets;
232};
233
234#define TRACE_STATES \
235        X(STATE_NEW) \
236        X(STATE_RUNNING) \
237        X(STATE_PAUSING) \
238        X(STATE_PAUSED) \
239        X(STATE_FINSHED) \
240        X(STATE_DESTROYED) \
241        X(STATE_JOINED) \
242        X(STATE_ERROR)
243
244#define X(a) a,
245enum trace_state {
246        TRACE_STATES
247};
248#undef X
249
250#define X(a) case a: return #a;
251static inline char *get_trace_state_name(enum trace_state ts){
252        switch(ts) {
253                TRACE_STATES
254                default:
255                        return "UNKNOWN";
256        }
257}
258#undef X
259
260#define READ_EOF 0
261#define READ_ERROR -1
262#define READ_MESSAGE -2
263// Used for inband tick message
264#define READ_TICK -3
265
266/**
267 * Tuning the parallel sizes
268 * See the user documentation trace_set_x
269 */
270struct user_configuration {
271        size_t cache_size;
272        size_t thread_cache_size;
273        bool fixed_count;
274        size_t burst_size;
275        size_t tick_interval;
276        size_t tick_count;
277        size_t perpkt_threads;
278        size_t hasher_queue_size;
279        bool hasher_polling;
280        bool reporter_polling;
281        size_t reporter_thold;
282        bool debug_state;
283};
284#define ZERO_USER_CONFIG(config) memset(&config, 0, sizeof(struct user_configuration));
285
286/** A libtrace input trace
287 * @internal
288 */
289struct libtrace_t {
290        /** The capture format for the input trace */
291        struct libtrace_format_t *format; 
292        /** Details of the most recent PACKET event reported by the trace */
293        struct libtrace_event_status_t event;
294        /** Pointer to the "global" data for the capture format module */       
295        void *format_data;             
296        /** A BPF filter to be applied to all packets read by the trace -
297         * used only if the capture format does not support filters natively */
298        struct libtrace_filter_t *filter; 
299        /** The snap length to be applied to all packets read by the trace -
300         * used only if the capture format does not support snapping natively */
301        size_t snaplen;                 
302        /** Count of the number of packets returned to the libtrace user */
303        uint64_t accepted_packets;     
304        /** Count of the number of packets filtered by libtrace */
305        uint64_t filtered_packets;     
306        /** The filename from the uri for the trace */
307        char *uridata;
308        /** The libtrace IO reader for this trace (if applicable) */
309        io_t *io;
310        /** Error information for the trace */
311        libtrace_err_t err;
312        /** Boolean flag indicating whether the trace has been started */
313        bool started;
314        /** Synchronise writes/reads across this format object and attached threads etc */
315        pthread_mutex_t libtrace_lock;
316        /** State */
317        enum trace_state state;
318        /** Use to control pausing threads and finishing threads etc always used with libtrace_lock */
319        pthread_cond_t perpkt_cond;
320        /* Keep track of counts of threads in any given state */
321        int perpkt_thread_states[THREAD_STATE_MAX]; 
322
323        /** Set to indicate a perpkt's queue is full as such the writing perpkt cannot proceed */
324        bool perpkt_queue_full;
325        /** Global storage for this trace, shared among all the threads  */
326        void* global_blob;
327        /** The actual freelist */
328        libtrace_ocache_t packet_freelist;
329        /** User defined per_pkt function called when a pkt is ready */
330        fn_per_pkt per_pkt;
331        /** User defined reporter function entry point XXX not hooked up */
332        fn_reporter reporter;
333        /** The hasher function */
334        enum hasher_types hasher_type;
335        /** The hasher function - NULL implies they don't care or balance */
336        fn_hasher hasher;
337        void *hasher_data;
338        /** The pread_packet choosen path for the configuration */
339        int (*pread)(libtrace_t *, libtrace_thread_t *, libtrace_packet_t **, size_t);
340
341        libtrace_thread_t hasher_thread;
342        libtrace_thread_t reporter_thread;
343        libtrace_thread_t keepalive_thread;
344        int perpkt_thread_count;
345        libtrace_thread_t * perpkt_threads; // All our perpkt threads
346        // Used to keep track of the first packet seen on each thread
347        struct first_packets first_packets;
348        int tracetime;
349
350        /*
351         * Caches statistic counters in the case that our trace is
352         * paused or stopped before this counter is taken
353         */
354        libtrace_stat_t *stats;
355        struct user_configuration config;
356        libtrace_combine_t combiner;
357};
358
359#define LIBTRACE_STAT_MAGIC 0x41
360
361void trace_fin_packet(libtrace_packet_t *packet);
362void libtrace_zero_thread(libtrace_thread_t * t);
363void store_first_packet(libtrace_t *libtrace, libtrace_packet_t *packet, libtrace_thread_t *t);
364libtrace_thread_t * get_thread_table(libtrace_t *libtrace);
365int get_thread_table_num(libtrace_t *libtrace);
366
367
368/** A libtrace output trace
369 * @internal
370 */
371struct libtrace_out_t {
372        /** The capture format for the output trace */
373        struct libtrace_format_t *format;
374        /** Pointer to the "global" data for the capture format module */
375        void *format_data;             
376        /** The filename for the uri for the output trace */
377        char *uridata;                 
378        /** Error information for the output trace */
379        libtrace_err_t err;
380        /** Boolean flag indicating whether the trace has been started */
381        bool started;
382};
383
384/** Sets the error status on an input trace
385 *
386 * @param trace         The input trace to set the error status for
387 * @param errcode       The code for the error - can be a libtrace error code or a regular errno value
388 * @param msg           A message to print when reporting the error
389 */
390void trace_set_err(libtrace_t *trace, int errcode,const char *msg,...) 
391
392                                                                PRINTF(3,4);
393/** Sets the error status on an output trace
394 *
395 * @param trace         The output trace to set the error status for
396 * @param errcode       The code for the error - can be a libtrace error code or a regular errno value
397 * @param msg           A message to print when reporting the error
398 */
399void trace_set_err_out(libtrace_out_t *trace, int errcode, const char *msg,...)
400                                                                PRINTF(3,4);
401
402/** Clears the cached values for a libtrace packet
403 *
404 * @param packet        The libtrace packet that requires a cache reset
405 */
406void trace_clear_cache(libtrace_packet_t *packet);
407
408/** Converts the data provided in buffer into a valid libtrace packet
409 *
410 * @param trace         An input trace of the same format as the "packet"
411 *                      contained in the buffer
412 * @param packet        The libtrace packet to prepare
413 * @param buffer        A buffer containing the packet data, including the
414 *                      capture format header
415 * @param rt_type       The RT type for the packet that is being prepared
416 * @param flags         Used to specify options for the preparation function,
417 *                      e.g. who owns the packet buffer
418 *
419 * @return -1 if an error occurs, 0 otherwise
420 *
421 * Packet preparation is a tricky concept - the idea is to take the data
422 * pointed to by 'buffer' and treat it as a packet record of the same capture
423 * format as that used by the input trace. The provided libtrace packet then
424 * has its internal pointers and values set to describe the packet record in
425 * the buffer.
426 *
427 * The primary use of this function is to allow the RT packet reader to
428 * easily and safely convert packets from the RT format back into the format
429 * that they were originally captured with., essentially removing the RT
430 * encapsulation.
431 *
432 * We've decided not to make this function available via the exported API
433 * because there are several issues that can arise if it is not used very
434 * carefully and it is not very useful outside of internal contexts anyway.
435 */
436int trace_prepare_packet(libtrace_t *trace, libtrace_packet_t *packet,
437                void *buffer, libtrace_rt_types_t rt_type, uint32_t flags);
438
439/** Flags for prepare_packet functions */
440enum {
441        /** The buffer memory has been allocated by libtrace and should be
442         * freed when the packet is destroyed. */
443        TRACE_PREP_OWN_BUFFER           =1,
444       
445        /** The buffer memory is externally-owned and must not be freed by
446         * libtrace when the packet is destroyed. */
447        TRACE_PREP_DO_NOT_OWN_BUFFER    =0
448};
449
450
451#ifndef PF_RULESET_NAME_SIZE
452#define PF_RULESET_NAME_SIZE 16
453#endif
454
455#ifndef IFNAMSIZ
456#define IFNAMSIZ 16
457#endif
458
459
460/** A local definition of a PFLOG header */
461typedef struct libtrace_pflog_header_t {
462        uint8_t    length;     
463        sa_family_t   af;
464        uint8_t    action;
465        uint8_t    reason;
466        char       ifname[IFNAMSIZ];
467        char       ruleset[PF_RULESET_NAME_SIZE];
468        uint32_t   rulenr;
469        uint32_t   subrulenr;
470        uint8_t    dir;
471        uint8_t    pad[3];
472} PACKED libtrace_pflog_header_t;
473
474/** A libtrace capture format module */
475/* All functions should return -1, or NULL on failure */
476struct libtrace_format_t {
477        /** The name of this module, used in the libtrace URI to identify the
478         * capture format */
479        const char *name;
480        /** The version of this module */
481        const char *version;
482        /** The RT protocol type of this module */
483        enum base_format_t type;
484
485
486        /** Given a filename, return if this is the most likely capture format
487         * (used for devices). Used to "guess" the capture format when the
488         * URI is not fully specified.
489         *
490         * @param fname         The name of the device or file to examine
491         * @return 1 if the name matches the capture format, 0 otherwise
492         */
493        int (*probe_filename)(const char *fname);
494       
495        /** Given a file, looks at the start of the file to determine if this
496         * is the capture format. Used to "guess" the capture format when the
497         * URI is not fully specified.
498         *
499         * @param io            An open libtrace IO reader for the file to check
500         * @return 1 if the file matches the capture format, 0 otherwise
501         */
502        int (*probe_magic)(io_t *io);
503
504        /** Initialises an input trace using the capture format.
505         *
506         * @param libtrace      The input trace to be initialised
507         * @return 0 if successful, -1 in the event of error
508         */
509        int (*init_input)(libtrace_t *libtrace);
510       
511        /** Applies a configuration option to an input trace.
512         *
513         * @param libtrace      The input trace to apply the option to
514         * @param option        The option that is being configured
515         * @param value         A pointer to the value that the option is to be
516         *                      set to
517         * @return 0 if successful, -1 if the option is unsupported or an error
518         * occurs
519         */
520        int (*config_input)(libtrace_t *libtrace,trace_option_t option,void *value);
521        /** Starts or unpauses an input trace - note that this function is
522         * often the one that opens the file or device for reading.
523         *
524         * @param libtrace      The input trace to be started or unpaused
525         * @return 0 if successful, -1 in the event of error */
526        int (*start_input)(libtrace_t *libtrace);
527
528        /** Pauses an input trace - this function should close or detach the
529         * file or device that is being read from.
530         *
531         * @param libtrace      The input trace to be paused
532         * @return 0 if successful, -1 in the event of error
533         */
534        int (*pause_input)(libtrace_t *libtrace);
535
536        /** Initialises an output trace using the capture format.
537         *
538         * @param libtrace      The output trace to be initialised
539         * @return 0 if successful, -1 in the event of error
540         */
541        int (*init_output)(libtrace_out_t *libtrace);
542       
543        /** Applies a configuration option to an output trace.
544         *
545         * @param libtrace      The output trace to apply the option to
546         * @param option        The option that is being configured
547         * @param value         A pointer to the value that the option is to be
548         *                      set to
549         * @return 0 if successful, -1 if the option is unsupported or an error
550         * occurs
551         * */
552        int (*config_output)(libtrace_out_t *libtrace, trace_option_output_t option, void *value);
553
554        /** Starts an output trace - note that this function is often the one
555         * that opens the file or device for writing.
556         *
557         * @param libtrace      The output trace to be started
558         * @return 0 if successful, -1 if an error occurs
559         *
560         * There is no pause for output traces, as writing is not performed
561         * asynchronously.
562         */
563        int (*start_output)(libtrace_out_t *libtrace);
564
565        /** Concludes an input trace and cleans up the capture format data.
566         *
567         * @param libtrace      The input trace to be concluded
568         * @return 0 if successful, -1 if an error occurs
569         *
570         * Libtrace will call the pause_input function if the input trace is
571         * currently active prior to calling this function.
572         */
573        int (*fin_input)(libtrace_t *libtrace);
574
575        /** Concludes an output trace and cleans up the capture format data.
576         *
577         * @param libtrace      The output trace to be concluded
578         * @return 0 if successful, -1 if an error occurs
579         */
580        int (*fin_output)(libtrace_out_t *libtrace);
581
582        /** Reads the next packet from an input trace into the provided packet
583         * structure.
584         *
585         * @param libtrace      The input trace to read from
586         * @param packet        The libtrace packet to read into
587         * @return The size of the packet read (in bytes) including the capture
588         * framing header, or -1 if an error occurs. 0 is returned in the
589         * event of an EOF.
590         *
591         * If no packets are available for reading, this function should block
592         * until one appears or return 0 if the end of a trace file has been
593         * reached.
594         */
595        int (*read_packet)(libtrace_t *libtrace, libtrace_packet_t *packet);
596       
597        /** Converts a buffer containing a packet record into a libtrace packet
598         *
599         * @param libtrace      An input trace in the capture format for the
600         *                      packet
601         * @param packet        A libtrace packet to put the prepared packet
602         *                      into
603         * @param buffer        The buffer containing the packet record
604         *                      (including the capture format header)
605         * @param rt_type       The RT type for the packet
606         * @param flags         Flags describing properties that should be
607         *                      applied to the new packet
608         * @return 0 if successful, -1 if an error occurs.
609         *
610         * Updates internal trace and packet details, such as payload pointers,
611         * loss counters and packet types to match the packet record provided
612         * in the buffer. This is a zero-copy function.
613         *
614         * Intended (at this stage) only for internal use, particularly by
615         * RT which needs to decapsulate RT packets */
616        int (*prepare_packet)(libtrace_t *libtrace, libtrace_packet_t *packet,
617                        void *buffer, libtrace_rt_types_t rt_type, 
618                        uint32_t flags);
619       
620        /** Frees any resources allocated by the capture format module for a
621         * libtrace packet.
622         *
623         * @param The packet to be finalised
624         *       */
625        void (*fin_packet)(libtrace_packet_t *packet);
626
627        /** Write a libtrace packet to an output trace.
628         *
629         * @param libtrace      The output trace to write the packet to
630         * @param packet        The packet to be written out
631         * @return The number of bytes written, or -1 if an error occurs
632         */
633        int (*write_packet)(libtrace_out_t *libtrace, libtrace_packet_t *packet);
634        /** Returns the libtrace link type for a packet.
635         *
636         * @param packet        The packet to get the link type for
637         * @return The libtrace link type, or -1 if this link type is unknown
638         */ 
639        libtrace_linktype_t (*get_link_type)(const libtrace_packet_t *packet);
640
641        /** Returns the direction of a packet.
642         *
643         * @param packet        The packet to get the direction for
644         * @return The direction of the packet, or -1 if no direction tag is
645         * present or an error occurs
646         */ 
647        libtrace_direction_t (*get_direction)(const libtrace_packet_t *packet);
648       
649        /** Sets the direction of a packet.
650         *
651         * @param packet        The packet to set the direction for
652         * @param direction     The direction to assign to the packet
653         * @return The updated direction for the packet, or -1 if an error
654         * occurs
655         *
656         * @note Some capture formats do not feature direction tagging, so it
657         * will not make sense to implement a set_direction function for them.
658         */ 
659        libtrace_direction_t (*set_direction)(libtrace_packet_t *packet, libtrace_direction_t direction);
660       
661        /** Returns the timestamp for a packet in the ERF timestamp format.
662         *
663         * @param packet        The packet to get the timestamp from
664         * @return The 64-bit ERF timestamp
665         *
666         * @note Each format must implement at least one of the four "get
667         * timestamp" functions.
668         *
669         * If not implemented, libtrace will convert the result of one of the
670         * other timestamp functions into the appropriate format instead.
671         * This means each capture format only needs to implement the most
672         * sensible of the four and let libtrace handle any conversions.
673         *
674         */
675        uint64_t (*get_erf_timestamp)(const libtrace_packet_t *packet);
676
677        /** Returns the timestamp for a packet in the timeval format
678         *
679         * @param packet        The packet to get the timestamp from
680         * @return The timestamp from the packet as a timeval
681         *
682         * @note Each format must implement at least one of the four "get
683         * timestamp" functions.
684         *
685         * If not implemented, libtrace will convert the result of one of the
686         * other timestamp functions into the appropriate format instead.
687         * This means each capture format only needs to implement the most
688         * sensible of the four and let libtrace handle any conversions.
689         */
690        struct timeval (*get_timeval)(const libtrace_packet_t *packet);
691       
692        /** Returns the timestamp for a packet in the timespec format.
693         *
694         * @param packet        The packet to get the timestamp from
695         * @return The timestamp from the packet as a timespec
696         *
697         * @note Each format must implement at least one of the four "get
698         * timestamp" functions.
699         *
700         * If not implemented, libtrace will convert the result of one of the
701         * other timestamp functions into the appropriate format instead.
702         * This means each capture format only needs to implement the most
703         * sensible of the four and let libtrace handle any conversions.
704         */
705        struct timespec (*get_timespec)(const libtrace_packet_t *packet);
706       
707        /** Returns the timestamp for a packet in floating point seconds.
708         *
709         * @param packet        The packet to get the timestamp from
710         * @return The timestamp from the packet as a floating point number of
711         * seconds since 1970-01-01 00:00:00 UTC
712         *
713         * @note Each format must implement at least one of the four "get
714         * timestamp" functions.
715         *
716         * If not implemented, libtrace will convert the result of one of the
717         * other timestamp functions into the appropriate format instead.
718         * This means each capture format only needs to implement the most
719         * sensible of the four and let libtrace handle any conversions.
720         */
721        double (*get_seconds)(const libtrace_packet_t *packet);
722       
723        /** Moves the read pointer to a certain ERF timestamp within an input
724         * trace file.
725         *
726         * @param trace         The input trace to seek within
727         * @param timestamp     The timestamp to seek to, as an ERF timestamp
728         *
729         * @return 0 on success, -1 on failure.
730         *
731         * The next packet read from this trace will now be the first packet
732         * to have a timestamp equal to or greater than the provided timestamp.
733         *
734         * @note Each format that supports seeking must implement at least one
735         * of the seek functions.
736         *
737         * If not implemented, libtrace will convert the timestamp into the
738         * appropriate format to use a seek function that has been implemented.
739         * This means each capture format only needs to implement the seek
740         * function that matches the native timestamp format for that capture.
741         *
742         */
743        int (*seek_erf)(libtrace_t *trace, uint64_t timestamp);
744        /** Moves the read pointer to a certain timestamp represented using a
745         * timeval within an input trace file.
746         *
747         * @param trace         The input trace to seek within
748         * @param timestamp     The timestamp to seek to, as a timeval
749         *
750         * @return 0 on success, -1 on failure.
751         *
752         * The next packet read from this trace will now be the first packet
753         * to have a timestamp equal to or greater than the provided timestamp.
754         *
755         * @note Each format that supports seeking must implement at least one
756         * of the seek functions.
757         *
758         * If not implemented, libtrace will convert the timestamp into the
759         * appropriate format to use a seek function that has been implemented.
760         * This means each capture format only needs to implement the seek
761         * function that matches the native timestamp format for that capture.
762         *
763         */
764        int (*seek_timeval)(libtrace_t *trace, struct timeval tv);
765       
766        /** Moves the read pointer to a certain timestamp represented using
767         * floating point seconds within an input trace file.
768         *
769         * @param trace         The input trace to seek within
770         * @param timestamp     The timestamp to seek to, as floating point
771         *                      seconds since 1970-01-01 00:00:00 UTC
772         *
773         * @return 0 on success, -1 on failure.
774         *
775         * The next packet read from this trace will now be the first packet
776         * to have a timestamp equal to or greater than the provided timestamp.
777         *
778         * @note Each format that supports seeking must implement at least one
779         * of the seek functions.
780         *
781         * If not implemented, libtrace will convert the timestamp into the
782         * appropriate format to use a seek function that has been implemented.
783         * This means each capture format only needs to implement the seek
784         * function that matches the native timestamp format for that capture.
785         *
786         */
787        int (*seek_seconds)(libtrace_t *trace, double seconds);
788       
789        /** Returns the payload length of the captured packet record.
790         *
791         * @param packet        The packet to get the capture length from
792         * @return The capture length for the packet, or -1 if an error occurs
793         *
794         * Capture length is the current size of the packet record itself,
795         * following any truncation that may have occurred during the capture
796         * process. This length does not include the capture format framing
797         * header.
798         */
799        int (*get_capture_length)(const libtrace_packet_t *packet);
800
801        /** Returns the original length of the packet as it was on the wire.
802         *
803         * @param packet        The packet to get the wire length from
804         * @return The length of the packet on the wire at the time of capture,
805         * or -1 if an error occurs
806         *
807         * Wire length is the original size of the packet prior to any
808         * truncation that may have occurred as part of the capture process.
809         * This length does not include the capture format framing header.
810         */
811        int (*get_wire_length)(const libtrace_packet_t *packet);
812       
813        /** Returns the length of the capture format framing header
814         *
815         * @param packet        The packet to get the framing length from
816         * @return The length of the framing header, or -1 if an error occurs
817         *
818         * The framing header is the extra metadata that the capture process
819         * records about a packet.  The framing length does not include any
820         * of the packet payload itself. The total size of the packet record
821         * can be calculated be adding this value with the capture length.
822         */
823        int (*get_framing_length)(const libtrace_packet_t *packet);
824
825        /** Sets the capture length for a packet.
826         *
827         * @param packet        The packet to adjust the capture length for.
828         * @param size          The new capture length
829         * @return The new capture length of the packet, or -1 if an error
830         * occurs
831         *
832         * @note This function should only reduce the capture length. If the
833         * provided length is larger than the current capture length, -1 should
834         * be returned.
835         */
836        size_t (*set_capture_length)(struct libtrace_packet_t *packet,size_t size);
837        /** Returns the number of packets observed by an input trace.
838         *
839         * @param trace         The input trace to get the packet count for
840         * @return The number of packets observed by an input trace, or
841         * UINT64_MAX if the number is unknown
842         *
843         * This count includes packets that have been filtered and dropped.
844         */
845        uint64_t (*get_received_packets)(libtrace_t *trace);
846
847        /** Returns the number of packets filtered by an input trace.
848         *
849         * @param trace         The input trace to get the filtered count for
850         * @return The number of packets filtered by the input trace, or
851         * UINT64_MAX if the number is unknown
852         *
853         */
854        uint64_t (*get_filtered_packets)(libtrace_t *trace);
855       
856        /** Returns the number of packets dropped by an input trace.
857         *
858         * @param trace         The input trace to get the dropped count for
859         * @return The number of packets dropped by the input trace, or
860         * UINT64_MAX if the number is unknown
861         *
862         */
863        uint64_t (*get_dropped_packets)(libtrace_t *trace);
864
865        /** Returns statistics about a trace.
866         *
867         * @param trace The libtrace object
868         * @param stat [in,out] A statistics structure ready to be filled
869         *
870         * The filtered and accepted statistics will be set to the values
871         * stored in the library. All other statistics are not set.
872         *
873         * @note If filtering of packets is performed by a trace and the number
874         * of filtered packets is unknown this should be marked as invalid by
875         * the format.
876         */
877        void (*get_statistics)(libtrace_t *trace, libtrace_stat_t *stat);
878       
879        /** Returns the file descriptor used by the input trace.
880         *
881         * @param trace         The input trace to get the file descriptor for
882         * @return The file descriptor used by the input trace to read packets
883         *
884         */
885        int (*get_fd)(const libtrace_t *trace);
886       
887        /** Returns the next libtrace event for the input trace.
888         *
889         * @param trace         The input trace to get the next event from
890         * @param packet        A libtrace packet to read a packet into
891         * @return A libtrace event describing the event that occured
892         *
893         * The event API allows for non-blocking reading of packets from an
894         * input trace. If a packet is available and ready to be read, a packet
895         * event should be returned. Otherwise a sleep or fd event should be
896         * returned to indicate that the caller needs to wait. If the input
897         * trace has an error or reaches EOF, a terminate event should be
898         * returned.
899         */
900        struct libtrace_eventobj_t (*trace_event)(libtrace_t *trace, libtrace_packet_t *packet);       
901
902        /** Prints some useful help information to standard output. */
903        void (*help)(void);
904       
905        /** Next pointer, should always be NULL - used by the format module
906         * manager. */
907        struct libtrace_format_t *next;
908
909        /** Holds information about the trace format */
910        struct libtrace_info_t info;
911
912        /**
913         * Starts or unpauses an input trace in parallel mode - note that
914         * this function is often the one that opens the file or device for
915         * reading.
916         *
917         * @param libtrace      The input trace to be started or unpaused
918         * @return 0 upon success.
919         *         Otherwise in event of an error -1 is returned.
920         *
921         */
922        int (*pstart_input)(libtrace_t *trace);
923       
924        /**
925         * Read a batch of packets from the input stream related to thread.
926         * At most read nb_packets, however should return with less if packets
927         * are not waiting. However still must return at least 1, 0 still indicates
928         * EOF.
929         *
930         * @param libtrace      The input trace
931         * @param t     The thread
932         * @param packets       An array of packets
933         * @param nb_packets    The number of packets in the array (the maximum to read)
934         * @return The number of packets read, or 0 in the case of EOF or -1 in error or -2 to represent
935         * interrupted due to message waiting before packets had been read.
936         */
937        int (*pread_packets)(libtrace_t *trace, libtrace_thread_t *t, libtrace_packet_t **packets, size_t nb_packets);
938       
939        /** Pause a parallel trace
940         *
941         * @param libtrace      The input trace to be paused
942         */
943        int (*ppause_input)(libtrace_t *trace);
944       
945        /** Called after all threads have been paused, Finish (close) a parallel trace
946         *
947         * @param libtrace      The input trace to be stopped
948         */
949        int (*pfin_input)(libtrace_t *trace);
950
951        /**
952         * Register a thread for use with the format or using the packets produced
953         * by it. This is NOT only used for threads reading packets in fact all
954         * threads use this.
955         *
956         * The libtrace lock is not held by this format but can be aquired
957         * by the format.
958         *
959         * Some use cases include setting up any thread local storage required for
960         * to read packets and free packets. For DPDK we require any thread that
961         * may release or read a packet to have have an internal number associated
962         * with it.
963         *
964         * The thread type can be used to see if this thread is going to be used
965         * to read packets or otherwise.
966         *
967         * @return 0 if successful, -1 if the option is unsupported or an error
968         * occurs (such as a maximum of threads being reached)
969         */
970        int (*pregister_thread)(libtrace_t *libtrace, libtrace_thread_t *t, bool reader);
971
972        /**
973         * If needed any memory allocated with pregister_thread can be released
974         * in this function. The thread will be destroyed directly after this
975         * function is called.
976         */
977        void (*punregister_thread)(libtrace_t *libtrace, libtrace_thread_t *t);
978
979        /** Returns statistics for a single thread.
980         *
981         * @param trace The libtrace object
982         * @param t The thread to return statistics for
983         * @param stat [in,out] A statistics structure ready to be filled
984         *
985         * The filtered and accepted statistics will be set to the values
986         * stored in the library. All other statistics are not set.
987         *
988         * @note If filtering of packets is performed by a trace and the number
989         * of filtered packets is unknown this should be marked as invalid by
990         * the format.
991         */
992        void (*get_thread_statistics)(libtrace_t *libtrace,
993                                      libtrace_thread_t *t,
994                                      libtrace_stat_t *stat);
995};
996
997/** Macro to zero out a single thread format */
998#define NON_PARALLEL(live) \
999        {live, 1},              /* trace info */ \
1000        NULL,                   /* pstart_input */ \
1001        NULL,                   /* pread_packet */ \
1002        NULL,                   /* ppause_input */ \
1003        NULL,                   /* pfin_input */ \
1004        NULL,                   /* pregister_thread */ \
1005        NULL,                   /* punregister_thread */ \
1006        NULL,                   /* get_thread_statistics */
1007
1008/** The list of registered capture formats */
1009//extern struct libtrace_format_t *form;
1010
1011/** Specifies whether any blocking packet readers should cease reading
1012 * immediately
1013 */
1014extern volatile int libtrace_halt;
1015
1016/** Registers a new capture format module.
1017 *
1018 * @param format        The format module to be registered
1019 */
1020void register_format(struct libtrace_format_t *format);
1021
1022/** Converts a PCAP DLT into a libtrace link type.
1023 *
1024 * @param linktype      The PCAP DLT to be converted
1025 * @return The libtrace link type that is equivalent to the provided DLT, or
1026 * -1 if the DLT is unknown
1027 */
1028libtrace_linktype_t pcap_linktype_to_libtrace(libtrace_dlt_t linktype);
1029
1030/** Converts a PCAP DLT into an RT protocol type.
1031 *
1032 * @param linktype      The PCAP DLT to be converted
1033 * @return The RT type that is equivalent to the provided DLT
1034 */
1035libtrace_rt_types_t pcap_linktype_to_rt(libtrace_dlt_t linktype);
1036
1037/** Converts a libtrace link type into a PCAP linktype.
1038 *
1039 * @param type          The libtrace link type to be converted
1040 * @return The PCAP linktype that is equivalent to the provided libtrace link
1041 * type, or -1 if the link type is unknown
1042 */
1043libtrace_dlt_t libtrace_to_pcap_linktype(libtrace_linktype_t type);
1044
1045/** Converts a libtrace link type into a PCAP DLT.
1046 *
1047 * @param type          The libtrace link type to be converted
1048 * @return The PCAP DLT that is equivalent to the provided libtrace link
1049 * type, or -1 if the link type is unknown
1050 */
1051libtrace_dlt_t libtrace_to_pcap_dlt(libtrace_linktype_t type);
1052
1053/** Converts an RT protocol type into a PCAP DLT.
1054 *
1055 * @param rt_type       The RT type to be converted
1056 * @return The PCAP DLT that is equivalent to the provided RT protocol
1057 */
1058libtrace_dlt_t rt_to_pcap_linktype(libtrace_rt_types_t rt_type);
1059
1060/** Converts a PCAP DLT into an RT protocol type for the BPF format.
1061 *
1062 * @param linktype      The PCAP DLT to be converted
1063 * @return The RT type that is equivalent to the provided DLT for BPF
1064 */
1065libtrace_rt_types_t bpf_linktype_to_rt(libtrace_dlt_t linktype);
1066
1067/** Converts an ERF type into a libtrace link type.
1068 *
1069 * @param erf           The ERF type to be converted
1070 * @return The libtrace link type that is equivalent to the provided ERF type,
1071 * or -1 if the ERF type is unknown
1072 */
1073libtrace_linktype_t erf_type_to_libtrace(uint8_t erf);
1074
1075/** Converts a libtrace link type into an ERF type.
1076 *
1077 * @param linktype      The libtrace link type to be converted
1078 * @return The ERF type that is equivalent to the provided libtrace link type,
1079 * or -1 if the link type cannot be matched to an ERF type.
1080 */
1081uint8_t libtrace_to_erf_type(libtrace_linktype_t linktype);
1082
1083/** Converts an ARPHRD type into a libtrace link type.
1084 *
1085 * @param arphrd        The ARPHRD type to be converted
1086 * @return The libtrace link type that is equivalent to the provided ARPHRD
1087 * type, or -1 if the ARPHRD type is unknown
1088 */
1089libtrace_linktype_t arphrd_type_to_libtrace(unsigned int arphrd);
1090
1091/** Converts a libtrace link type into an ARPHRD type.
1092 *
1093 * @param type          The libtrace link type to be converted
1094 * @return The ARPHRD type that is equivalent to the provided libtrace link
1095 * type, or -1 if the link type cannot be matched to an ARPHRD type
1096 */
1097unsigned int libtrace_to_arphrd_type(libtrace_linktype_t type);
1098
1099/** Converts a libtrace packet to the Linux SLL type.
1100 *
1101 * @param packet        The packet to be promoted
1102 *
1103 * @note This will involve memcpy() so use sparingly.
1104 *
1105 * This function prepends a Linux SLL header to a packet so that we can store
1106 * direction tagging information.
1107 */
1108void promote_packet(libtrace_packet_t *packet);
1109
1110/** Attempts to demote a packet by removing the first header.
1111 *
1112 * @param packet        The packet to be demoted
1113 * @return True if the packet was demoted, false otherwise.
1114 *
1115 * Essentially the opposite of promote_packet, except that it will also remove
1116 * an ATM header as well as Linux SLL.
1117 *
1118 */
1119bool demote_packet(libtrace_packet_t *packet);
1120
1121/** Returns a pointer to the header following a Linux SLL header.
1122 *
1123 * @param link          A pointer to the Linux SLL header to be skipped
1124 * @param[out] arphrd_type      The arp hardware type of the packet
1125 * @param[out] next_header      The ethertype of the next header
1126 * @param[in,out] remaining     Updated with the number of captured bytes
1127 *                              remaining
1128 * @return A pointer to the header following the Linux SLL header, or NULL if
1129 * no subsequent header is present.
1130 *
1131 * Remaining must point to the number of bytes captured from the Linux SLL
1132 * header and beyond.  It will be decremented by the number of bytes skipped
1133 * to find the payload.
1134 *
1135 * If the Linux SLL header is complete but there are zero bytes of payload
1136 * after the end of the header, a pointer to where the payload would be is
1137 * returned and remaining will be set to zero. If the Linux SLL header is
1138 * incomplete (truncated), then NULL is returned and remaining will be set to
1139 * 0. Therefore, it is very important to check the value of remaining after
1140 * calling this function.
1141 */     
1142void *trace_get_payload_from_linux_sll(const void *link,
1143                uint16_t *arphrd_type, 
1144                uint16_t *next_header, 
1145                uint32_t *remaining);
1146
1147/** Returns a pointer to the header following an ATM header.
1148 *
1149 * @param link          A pointer to the ATM header to be skipped
1150 * @param[out] type     The ethertype of the next header
1151 * @param[in,out] remaining     Updated with the number of captured bytes
1152 *                              remaining
1153 * @return A pointer to the header following the ATM header, or NULL if
1154 * no subsequent header is present.
1155 *
1156 * Remaining must point to the number of bytes captured from the ATM header
1157 * and beyond.  It will be decremented by the number of bytes skipped to find
1158 * the payload.
1159 *
1160 * If the ATM header is complete but there are zero bytes of payload
1161 * after the end of the header, a pointer to where the payload would be is
1162 * returned and remaining will be set to zero. If the ATM header is
1163 * incomplete (truncated), then NULL is returned and remaining will be set to
1164 * 0. Therefore, it is very important to check the value of remaining after
1165 * calling this function.
1166 */     
1167DLLEXPORT void *trace_get_payload_from_atm(void *link, uint8_t *type, 
1168                uint32_t *remaining);
1169
1170
1171#ifdef HAVE_BPF
1172/* A type encapsulating a bpf filter
1173 * This type covers the compiled bpf filter, as well as the original filter
1174 * string
1175 *
1176 */
1177
1178/** Internal representation of a BPF filter */
1179struct libtrace_filter_t {
1180        struct bpf_program filter;      /**< The BPF program itself */
1181        char * filterstring;            /**< The filter string */
1182        int flag;                       /**< Indicates if the filter is valid */
1183        struct bpf_jit_t *jitfilter;
1184};
1185#else
1186/** BPF not supported by this system, but we still need to define a structure
1187 * for the filter */
1188struct libtrace_filter_t {};
1189#endif
1190
1191/** Local definition of a PCAP header */
1192typedef struct libtrace_pcapfile_pkt_hdr_t {
1193        uint32_t ts_sec;        /* Seconds portion of the timestamp */
1194        uint32_t ts_usec;       /* Microseconds portion of the timestamp */
1195        uint32_t caplen;        /* Capture length of the packet */
1196        uint32_t wirelen;       /* The wire length of the packet */
1197} libtrace_pcapfile_pkt_hdr_t;
1198
1199#ifdef HAVE_DAG
1200/** Constructor for the DAG format module */
1201void dag_constructor(void);
1202#endif
1203/** Constructor for the ERF format module */
1204void erf_constructor(void);
1205/** Constructor for the TSH format module */
1206void tsh_constructor(void);
1207/** Constructor for the Legacy DAG format module */
1208void legacy_constructor(void);
1209/** Constructor for the Linux Native format module */
1210void linuxnative_constructor(void);
1211/** Constructor for the Linux Ring format module */
1212void linuxring_constructor(void);
1213/** Constructor for the PCAP format module */
1214void pcap_constructor(void);
1215/** Constructor for the PCAP File format module */
1216void pcapfile_constructor(void);
1217/** Constructor for the RT format module */
1218void rt_constructor(void);
1219/** Constructor for the DUCK format module */
1220void duck_constructor(void);
1221/** Constructor for the ATM Header format module */
1222void atmhdr_constructor(void);
1223#ifdef HAVE_BPF
1224/** Constructor for the BPF format module */
1225void bpf_constructor(void);
1226#endif
1227#if HAVE_DPDK
1228/** Constructor for Intels DPDK format module */
1229void dpdk_constructor(void);
1230#endif
1231
1232/** Extracts the RadioTap flags from a wireless link header
1233 *
1234 * @param link          A pointer to the wireless link header
1235 * @param linktype      The link type of the wireless header
1236 * @param[out] flags    Space to store the extracted flags
1237 * @return True if libtrace was able to extract flags from the link header,
1238 * false otherwise.
1239 *
1240 * This function has been left internal because it is not portable across
1241 * drivers.
1242 */
1243bool trace_get_wireless_flags(void *link, libtrace_linktype_t linktype, uint8_t *flags);
1244#define TRACE_RADIOTAP_F_FCS 0x10
1245       
1246#ifdef __cplusplus
1247}
1248#endif
1249
1250#endif /* LIBTRACE_INT_H */
Note: See TracBrowser for help on using the repository browser.