Changeset a857389 for lib/protocols_l2.c


Ignore:
Timestamp:
02/15/18 17:59:50 (3 years ago)
Author:
Shane Alcock <salcock@…>
Branches:
cachetimestamps, develop, etsilive, master, rc-4.0.3, rc-4.0.4, ringdecrementfix, ringperformance
Children:
5a70a80
Parents:
3004d6c
git-author:
Anthony Coddington <anthony.coddington@…> (02/14/18 16:03:04)
git-committer:
Shane Alcock <salcock@…> (02/15/18 17:59:50)
Message:

Initial support for ERF provenance records

Update erftypes.h with TYPE_META (27).
Check for ERF_TYPE_MAX rather than some arbitrary type in ERF sanity checks. In Wireshark we recently completely removed these checks as there are only a few types before TYPE_PAD/ERF_TYPE_MAX, but leave them in for now.
Add TRACE_TYPE_ERF_META for provenance record payload.
Continue to use TRACE_RT_DATA_ERF as provenance is a valid ERF record. Note: this means that LIBTRACE_IS_META_PACKET() will currently return FALSE which may confuse some tools. Other places in the code also tend to check for TRACE_TYPE_NONDATA which isn't true here either.
Return zero for wire length of provenance records.
Don't allow snapping them (just return the same value).
Skip provenance records in l2 parsers and trace_get_payload_from_meta().
Return provenance payload for trace_get_packet_meta().

Also add support for a couple of missing ERF_TYPE_ETH_COLOR variants.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • lib/protocols_l2.c

    r99351e3 ra857389  
    482482                case TRACE_TYPE_80211_PRISM:
    483483                case TRACE_TYPE_PFLOG:
     484                case TRACE_TYPE_ERF_META:
    484485                        break;
    485486                case TRACE_TYPE_UNKNOWN:
     
    517518                                case TRACE_TYPE_80211_PRISM:
    518519                                case TRACE_TYPE_PFLOG:
     520                                case TRACE_TYPE_ERF_META:
    519521                                        break;
    520522                                case TRACE_TYPE_UNKNOWN:
     
    583585                case TRACE_TYPE_METADATA:
    584586                case TRACE_TYPE_NONDATA:
     587                case TRACE_TYPE_ERF_META:
    585588                case TRACE_TYPE_UNKNOWN:
    586589                        return NULL;
     
    685688                case TRACE_TYPE_NONDATA:
    686689                case TRACE_TYPE_OPENBSD_LOOP:
     690                case TRACE_TYPE_ERF_META:
    687691                case TRACE_TYPE_UNKNOWN:
    688692                        return NULL;
     
    734738                case TRACE_TYPE_NONDATA:
    735739                case TRACE_TYPE_OPENBSD_LOOP:
     740                case TRACE_TYPE_ERF_META:
    736741                case TRACE_TYPE_UNKNOWN:
    737742                        /* No MAC address */
Note: See TracChangeset for help on using the changeset viewer.