Changeset a857389 for lib/linktypes.c


Ignore:
Timestamp:
02/15/18 17:59:50 (3 years ago)
Author:
Shane Alcock <salcock@…>
Branches:
cachetimestamps, develop, etsilive, master, rc-4.0.3, rc-4.0.4, ringdecrementfix, ringperformance
Children:
5a70a80
Parents:
3004d6c
git-author:
Anthony Coddington <anthony.coddington@…> (02/14/18 16:03:04)
git-committer:
Shane Alcock <salcock@…> (02/15/18 17:59:50)
Message:

Initial support for ERF provenance records

Update erftypes.h with TYPE_META (27).
Check for ERF_TYPE_MAX rather than some arbitrary type in ERF sanity checks. In Wireshark we recently completely removed these checks as there are only a few types before TYPE_PAD/ERF_TYPE_MAX, but leave them in for now.
Add TRACE_TYPE_ERF_META for provenance record payload.
Continue to use TRACE_RT_DATA_ERF as provenance is a valid ERF record. Note: this means that LIBTRACE_IS_META_PACKET() will currently return FALSE which may confuse some tools. Other places in the code also tend to check for TRACE_TYPE_NONDATA which isn't true here either.
Return zero for wire length of provenance records.
Don't allow snapping them (just return the same value).
Skip provenance records in l2 parsers and trace_get_payload_from_meta().
Return provenance payload for trace_get_packet_meta().

Also add support for a couple of missing ERF_TYPE_ETH_COLOR variants.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • lib/linktypes.c

    r4697684 ra857389  
    102102                /* Used for test traces within WAND */
    103103                case TRACE_TYPE_80211_PRISM:   
     104                /* Could use DLT_ERF, but would only really make sense with PCAP-NG */
     105                case TRACE_TYPE_ERF_META:
    104106                /* Probably == PPP */
    105107                /* TODO: We haven't researched these yet */
     
    169171                case TYPE_ATM:          return TRACE_TYPE_ATM;
    170172                case TYPE_AAL5:         return TRACE_TYPE_AAL5;
     173                case TYPE_COLOR_ETH:return TRACE_TYPE_ETH;
    171174                case TYPE_DSM_COLOR_ETH:return TRACE_TYPE_ETH;
     175                case TYPE_COLOR_HASH_ETH:return TRACE_TYPE_ETH;
    172176                case TYPE_IPV4:         return TRACE_TYPE_NONE;
    173177                case TYPE_IPV6:         return TRACE_TYPE_NONE;
     178                case TYPE_META:         return TRACE_TYPE_ERF_META;
    174179        }
    175180        return ~0U;
     
    183188                case TRACE_TYPE_ATM:    return TYPE_ATM;
    184189                case TRACE_TYPE_AAL5:   return TYPE_AAL5;
     190                case TRACE_TYPE_ERF_META: return TYPE_META;
    185191               
    186192                /* Not technically correct! Could be IPv6 packet
Note: See TracChangeset for help on using the changeset viewer.