Changeset a842286
- Timestamp:
- 04/06/06 20:50:57 (16 years ago)
- Branches:
- 4.0.1-hotfixes, cachetimestamps, develop, dpdk-ndag, etsilive, getfragoff, help, libtrace4, master, ndag_format, pfring, rc-4.0.1, rc-4.0.2, rc-4.0.3, rc-4.0.4, ringdecrementfix, ringperformance, ringtimestampfixes
- Children:
- 9231fe5
- Parents:
- 4029ce7
- Location:
- lib
- Files:
-
- 3 edited
-
libtrace.h (modified) (3 diffs)
-
protocols.c (modified) (10 diffs)
-
trace.c (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
lib/libtrace.h
r4af54d1 ra842286 178 178 } libtrace_ip_t; 179 179 180 typedef PACKED struct libtrace_ip6_ext 181 { 182 uint8_t nxt; 183 uint8_t len; 184 } libtrace_ip6_ext_t; 185 180 186 /** IPv6 header structure */ 181 187 typedef PACKED struct libtrace_ip6 182 { 183 #if BYTE_ORDER == LITTLE_ENDIAN 184 unsigned int flow:4; /**< Flow label */ 185 unsigned int tclass:8; /**< Traffic class */ 186 unsigned int version:4; /**< IP Version (6) */ 187 #elif BYTE_ORDER == BIG_ENDIAN 188 unsigned int version:4; /**< IP Version (6) */ 189 unsigned int tclass:8; /**< Traffic class */ 190 unsigned int flow:4; /**< Flow label */ 191 #else 192 # error "Adjust your <bits/endian.h> defines" 193 #endif 194 uint16_t peln; /**< Payload length */ 195 uint8_t nxthdr; /**< Next header */ 188 { 189 uint32_t flow; 190 uint16_t plen; /**< Payload length */ 191 uint8_t nxt; /**< Next header */ 196 192 uint8_t hlim; /**< Hop limit */ 197 193 struct in6_addr ip_src; /**< source address */ … … 659 655 /** Gets a pointer to the transport layer header (if any) 660 656 * @param packet a pointer to a libtrace_packet structure 657 * @param[out] proto transport layer protocol 661 658 * 662 659 * @return a pointer to the transport layer header, or NULL if there is no header 663 */ 664 void *trace_get_transport(const libtrace_packet_t *packet); 660 * 661 * @note proto may be NULL if proto is unneeded. 662 */ 663 void *trace_get_transport(const libtrace_packet_t *packet, uint8_t *proto); 665 664 666 665 /** Gets a pointer to the payload given a pointer to the IP header 667 666 * @param ip The IP Header 667 * @param[out] proto An output variable of the IP protocol 668 668 * @param[out] skipped An output variable of the number of bytes skipped 669 669 * … … 673 673 * @note This was called trace_get_transport_from_ip in libtrace2 674 674 */ 675 void *trace_get_payload_from_ip(libtrace_ip_t *ip, int *skipped); 675 void *trace_get_payload_from_ip(libtrace_ip_t *ip, uint8_t *proto, 676 int *skipped); 676 677 677 678 /** Gets a pointer to the payload given a pointer to a tcp header -
lib/protocols.c
r4af54d1 ra842286 1 /* This file has the various helper functions used to decode various protocols 2 * 3 * $Id$ 4 */ 1 5 #include "libtrace.h" 2 6 #include "libtrace_int.h" 3 7 #include "wag.h" 4 8 5 /* This file has the various helper functions used to decode various protocols */6 9 7 10 static void *trace_get_ip_from_ethernet(void *ethernet, int *skipped) … … 140 143 if (!sll) { 141 144 ipptr = NULL; 145 } else if (ntohs(sll->protocol)!=0x0800) { 146 ipptr = NULL; 147 } 148 else { 149 ipptr=(void*)((char*)sll+sizeof(*sll)); 150 } 151 } 152 break; 153 case TRACE_TYPE_PFLOG: 154 { 155 struct trace_pflog_header_t *pflog; 156 pflog = trace_get_link(packet); 157 if (!pflog) { 158 ipptr = NULL; 142 159 break; 143 160 } 144 if (ntohs(sll->protocol)!=0x86DD) { 161 if (pflog->af != AF_INET6) { 162 ipptr = NULL; 163 } else { 164 ipptr = (void*)((char*)pflog+ 165 sizeof(*pflog)); 166 } 167 } 168 break; 169 case TRACE_TYPE_LEGACY_POS: 170 { 171 /* 64 byte capture. */ 172 struct libtrace_pos *pos = 173 trace_get_link(packet); 174 if (ntohs(pos->ether_type) == 0x0800) { 175 ipptr=(void*)((char *)pos+sizeof(*pos)); 176 } else { 177 ipptr=NULL; 178 } 179 break; 180 181 } 182 case TRACE_TYPE_LEGACY_ATM: 183 case TRACE_TYPE_ATM: 184 { 185 /* 64 byte capture. */ 186 struct libtrace_llcsnap *llc = 187 trace_get_link(packet); 188 189 /* advance the llc ptr +4 into the link layer. 190 * need to check what is in these 4 bytes. 191 * don't have time! 192 */ 193 llc = (void*)((char *)llc + 4); 194 if (ntohs(llc->type) == 0x0800) { 195 ipptr=(void*)((char*)llc+sizeof(*llc)); 196 } else { 197 ipptr = NULL; 198 } 199 break; 200 } 201 default: 202 fprintf(stderr,"Don't understand link layer type %i in trace_get_ip6()\n", 203 trace_get_link_type(packet)); 204 ipptr=NULL; 205 break; 206 } 207 208 return ipptr; 209 } 210 211 /* TODO: split these cases into get_*_from_* functions */ 212 struct libtrace_ip6 *trace_get_ip6(const struct libtrace_packet_t *packet) { 213 libtrace_ip6_t *ipptr = 0; 214 215 switch(trace_get_link_type(packet)) { 216 case TRACE_TYPE_80211_PRISM: 217 { 218 ipptr = trace_get_ip6_from_80211( 219 (char*)trace_get_link(packet)+144, NULL); 220 } 221 break; 222 case TRACE_TYPE_80211: 223 ipptr = trace_get_ip6_from_80211( 224 trace_get_link(packet), 225 NULL); 226 break; 227 case TRACE_TYPE_ETH: 228 case TRACE_TYPE_LEGACY_ETH: 229 { 230 ipptr = trace_get_ip6_from_ethernet( 231 trace_get_link(packet), 232 NULL); 233 break; 234 } 235 case TRACE_TYPE_NONE: 236 ipptr = trace_get_link(packet); 237 break; 238 case TRACE_TYPE_LINUX_SLL: 239 { 240 trace_sll_header_t *sll; 241 242 sll = trace_get_link(packet); 243 if (!sll) { 244 ipptr = NULL; 245 } else if (ntohs(sll->protocol)!=0x86DD) { 145 246 ipptr = NULL; 146 247 } … … 159 260 break; 160 261 } 161 if (pflog->af != AF_INET 6) {262 if (pflog->af != AF_INET) { 162 263 ipptr = NULL; 163 264 } else { … … 200 301 } 201 302 default: 202 fprintf(stderr,"Don't understand link layer type %i in trace_get_ip6()\n",203 trace_get_link_type(packet));204 ipptr=NULL;205 break;206 }207 208 return ipptr;209 }210 211 /* TODO: split these cases into get_*_from_* functions */212 struct libtrace_ip6 *trace_get_ip6(const struct libtrace_packet_t *packet) {213 libtrace_ip6_t *ipptr = 0;214 215 switch(trace_get_link_type(packet)) {216 case TRACE_TYPE_80211_PRISM:217 {218 ipptr = trace_get_ip6_from_80211(219 (char*)trace_get_link(packet)+144, NULL);220 }221 break;222 case TRACE_TYPE_80211:223 ipptr = trace_get_ip6_from_80211(224 trace_get_link(packet),225 NULL);226 break;227 case TRACE_TYPE_ETH:228 case TRACE_TYPE_LEGACY_ETH:229 {230 ipptr = trace_get_ip6_from_ethernet(231 trace_get_link(packet),232 NULL);233 break;234 }235 case TRACE_TYPE_NONE:236 ipptr = trace_get_link(packet);237 break;238 case TRACE_TYPE_LINUX_SLL:239 {240 trace_sll_header_t *sll;241 242 sll = trace_get_link(packet);243 if (!sll) {244 ipptr = NULL;245 break;246 }247 if (ntohs(sll->protocol)!=0x0800) {248 ipptr = NULL;249 }250 else {251 ipptr = (void*)((char*)sll+252 sizeof(*sll));253 }254 }255 break;256 case TRACE_TYPE_PFLOG:257 {258 struct trace_pflog_header_t *pflog;259 pflog = trace_get_link(packet);260 if (!pflog) {261 ipptr = NULL;262 break;263 }264 if (pflog->af != AF_INET) {265 ipptr = NULL;266 } else {267 ipptr = (void*)((char*)pflog+268 sizeof(*pflog));269 }270 }271 break;272 case TRACE_TYPE_LEGACY_POS:273 {274 /* 64 byte capture. */275 struct libtrace_pos *pos =276 trace_get_link(packet);277 if (ntohs(pos->ether_type) == 0x0800) {278 ipptr=(void*)((char *)pos+sizeof(*pos));279 } else {280 ipptr=NULL;281 }282 break;283 284 }285 case TRACE_TYPE_LEGACY_ATM:286 case TRACE_TYPE_ATM:287 {288 /* 64 byte capture. */289 struct libtrace_llcsnap *llc =290 trace_get_link(packet);291 292 /* advance the llc ptr +4 into the link layer.293 * need to check what is in these 4 bytes.294 * don't have time!295 */296 llc = (void*)((char *)llc + 4);297 if (ntohs(llc->type) == 0x0800) {298 ipptr=(void*)((char*)llc+sizeof(*llc));299 } else {300 ipptr = NULL;301 }302 break;303 }304 default:305 303 fprintf(stderr,"Don't understand link layer type %i in trace_get_ip()\n", 306 304 trace_get_link_type(packet)); … … 314 312 #define SW_IP_OFFMASK 0xff1f 315 313 316 void *trace_get_payload_from_ip(libtrace_ip_t *ipptr, int *skipped) 314 void *trace_get_payload_from_ip(libtrace_ip_t *ipptr, uint8_t *prot, 315 int *skipped) 317 316 { 318 317 void *trans_ptr = 0; … … 321 320 if (skipped) *skipped=(ipptr->ip_hl * 4); 322 321 trans_ptr = (void *)((char *)ipptr + (ipptr->ip_hl * 4)); 322 if (prot) *prot = ipptr->ip_p; 323 323 } 324 324 return trans_ptr; 325 325 } 326 326 327 void *trace_get_transport(const struct libtrace_packet_t *packet) 328 { 329 struct libtrace_ip *ipptr = 0; 327 void *trace_get_payload_from_ip6(libtrace_ip6_t *ipptr, uint8_t *prot, 328 int *skipped) 329 { 330 void *payload = (char*)ipptr+sizeof(libtrace_ip6_t); 331 uint8_t nxt = ipptr->nxt; 332 333 if (skipped) skipped+=sizeof(libtrace_ip6_t); 334 335 while(1) { 336 switch (nxt) { 337 case 0: /* hop by hop options */ 338 case 43: /* routing */ 339 case 44: /* fragment */ 340 case 50: /* ESP */ 341 case 51: /* AH */ 342 case 60: /* Destination options */ 343 { 344 uint16_t len=((libtrace_ip6_ext_t*)payload)->len 345 +sizeof(libtrace_ip6_ext_t); 346 347 if (skipped) 348 *skipped+=len; 349 350 payload=(char*)payload+len; 351 nxt=((libtrace_ip6_ext_t*)payload)->nxt; 352 continue; 353 } 354 default: 355 if (prot) *prot=nxt; 356 return payload; 357 } 358 } 359 } 360 361 static void *trace_get_ip4_transport(const libtrace_packet_t *packet, 362 uint8_t *proto) 363 { 364 libtrace_ip_t *ipptr = 0; 330 365 331 366 if (!(ipptr = trace_get_ip(packet))) { … … 333 368 } 334 369 335 return trace_get_payload_from_ip(ipptr,NULL); 336 } 337 338 libtrace_tcp_t *trace_get_tcp(const libtrace_packet_t *packet) { 339 struct libtrace_tcp *tcpptr = 0; 340 struct libtrace_ip *ipptr = 0; 341 342 if(!(ipptr = trace_get_ip(packet))) { 343 return 0; 344 } 345 if (ipptr->ip_p == 6) { 346 tcpptr = (struct libtrace_tcp *)trace_get_payload_from_ip(ipptr, 0); 347 } 348 return tcpptr; 349 } 350 351 libtrace_tcp_t *trace_get_tcp_from_ip(libtrace_ip_t *ip, int *skipped) 352 { 353 struct libtrace_tcp *tcpptr = 0; 354 355 if (ip->ip_p == 6) { 356 tcpptr = (struct libtrace_tcp *)trace_get_payload_from_ip(ip, skipped); 357 } 358 359 return tcpptr; 360 } 361 362 libtrace_udp_t *trace_get_udp(libtrace_packet_t *packet) { 363 struct libtrace_udp *udpptr = 0; 364 struct libtrace_ip *ipptr = 0; 365 366 if(!(ipptr = trace_get_ip(packet))) { 370 return trace_get_payload_from_ip(ipptr,proto,NULL); 371 } 372 373 static void *trace_get_ip6_transport(const libtrace_packet_t *packet, 374 uint8_t *proto) 375 { 376 libtrace_ip6_t *ipptr = 0; 377 378 if (!(ipptr = trace_get_ip6(packet))) { 367 379 return 0; 368 380 } 369 if (ipptr->ip_p == 17) { 370 udpptr = (struct libtrace_udp *)trace_get_payload_from_ip(ipptr, 0); 371 } 372 373 return udpptr; 381 382 return trace_get_payload_from_ip6(ipptr,proto,NULL); 383 } 384 385 void *trace_get_transport(const struct libtrace_packet_t *packet, 386 uint8_t *proto) 387 { 388 void *transport; 389 uint8_t dummy; 390 391 if (!proto) proto=&dummy; 392 393 transport=trace_get_ip4_transport(packet,proto); 394 if (transport) { 395 if (*proto == 41) { 396 trace_get_payload_from_ip6(transport,proto,NULL); 397 } 398 return transport; 399 } 400 401 return trace_get_ip6_transport(packet,proto); 402 } 403 404 libtrace_tcp_t *trace_get_tcp(const libtrace_packet_t *packet) { 405 uint8_t proto; 406 libtrace_tcp_t *tcp; 407 408 tcp=trace_get_transport(packet,&proto); 409 410 if (proto != 6) 411 return NULL; 412 413 return tcp; 414 } 415 416 libtrace_tcp_t *trace_get_tcp_from_ip(libtrace_ip_t *ip, int *skipped) 417 { 418 struct libtrace_tcp *tcpptr = 0; 419 420 if (ip->ip_p == 6) { 421 tcpptr = (struct libtrace_tcp *) 422 trace_get_payload_from_ip(ip, NULL, skipped); 423 } 424 425 return tcpptr; 426 } 427 428 libtrace_udp_t *trace_get_udp(libtrace_packet_t *packet) { 429 uint8_t proto; 430 libtrace_udp_t *udp; 431 432 udp=trace_get_transport(packet,&proto); 433 434 if (proto != 17) 435 return NULL; 436 437 return udp; 374 438 } 375 439 … … 379 443 380 444 if (ip->ip_p == 17) { 381 udpptr = (libtrace_udp_t *)trace_get_payload_from_ip(ip, skipped); 445 udpptr = (libtrace_udp_t *) 446 trace_get_payload_from_ip(ip, NULL, skipped); 382 447 } 383 448 … … 386 451 387 452 libtrace_icmp_t *trace_get_icmp(const libtrace_packet_t *packet) { 388 struct libtrace_icmp *icmpptr = 0; 389 struct libtrace_ip *ipptr = 0; 390 391 if(!(ipptr = trace_get_ip(packet))) { 392 return 0; 393 } 394 if (ipptr->ip_p == 1){ 395 icmpptr = (libtrace_icmp_t *)trace_get_payload_from_ip(ipptr, 0); 396 } 397 return icmpptr; 453 uint8_t proto; 454 libtrace_icmp_t *icmp; 455 456 icmp=trace_get_transport(packet,&proto); 457 458 if (proto != 1) 459 return NULL; 460 461 return icmp; 398 462 } 399 463 … … 403 467 404 468 if (ip->ip_p == 1) { 405 icmpptr = (libtrace_icmp_t *)trace_get_payload_from_ip(ip, skipped);469 icmpptr = (libtrace_icmp_t *)trace_get_payload_from_ip(ip, NULL, skipped); 406 470 } 407 471 -
lib/trace.c
r4af54d1 ra842286 1125 1125 uint16_t trace_get_source_port(const struct libtrace_packet_t *packet) 1126 1126 { 1127 struct ports_t *port = trace_get_transport(packet );1127 struct ports_t *port = trace_get_transport(packet, NULL); 1128 1128 1129 1129 return ntohs(port->src); … … 1133 1133 uint16_t trace_get_destination_port(const struct libtrace_packet_t *packet) 1134 1134 { 1135 struct ports_t *port = trace_get_transport(packet );1135 struct ports_t *port = trace_get_transport(packet, NULL); 1136 1136 1137 1137 return ntohs(port->dst);
Note: See TracChangeset
for help on using the changeset viewer.
