docs/wsar_html/epan_8h_source.html

#ifndef __EPAN_H__

#define __EPAN_H__


#include <wsutil/feature_list.h>

#include <epan/tvbuff.h>

#include <epan/prefs.h>

#include <epan/frame_data.h>

#include <epan/register.h>

#include <wiretap/wtap_opttypes.h>


#ifdef __cplusplus

extern "C" {

#endif /* __cplusplus */


extern bool wireshark_abort_on_dissector_bug;

extern bool wireshark_abort_on_too_many_items;


WS_DLL_PUBLIC void ws_dissector_bug(const char *format, ...)

    G_GNUC_PRINTF(1,2);


#define ws_dissector_oops(_fmt, ...) ws_dissector_bug("OOPS: " _fmt, __VA_ARGS__)


typedef struct epan_dissect epan_dissect_t;


struct epan_dfilter;

struct epan_column_info;


struct packet_provider_data;


struct packet_provider_funcs {

    const nstime_t *(*get_frame_ts)(struct packet_provider_data *prov, uint32_t frame_num);

    const nstime_t *(*get_start_ts)(struct packet_provider_data *prov);

    const nstime_t *(*get_end_ts)(struct packet_provider_data *prov);

    const char *(*get_interface_name)(struct packet_provider_data *prov, uint32_t interface_id, unsigned section_number);

    const char *(*get_interface_description)(struct packet_provider_data *prov, uint32_t interface_id, unsigned section_number);

    wtap_block_t (*get_modified_block)(struct packet_provider_data *prov, const frame_data *fd);

    int32_t(*get_process_id)(struct packet_provider_data *prov, uint32_t process_info_id, unsigned section_number);

    const char *(*get_process_name)(struct packet_provider_data *prov, uint32_t process_info_id, unsigned section_number);

    const uint8_t *(*get_process_uuid)(struct packet_provider_data *prov, uint32_t process_info_id, unsigned section_number, size_t *uuid_size);

};


/*

Ref 1

Epan

Enhanced Packet ANalyzer, aka the packet analyzing engine. Source code can be found in the epan directory.


Protocol-Tree - Keep data of the capture file protocol information.


Dissectors - The various protocol dissectors in epan/dissectors.


Plugins - Some of the protocol dissectors are implemented as plugins. Source code can be found at plugins.


Display-Filters - the display filter engine at epan/dfilter


*/


WS_DLL_PUBLIC

bool epan_init(register_cb cb, void *client_data, bool load_plugins);


WS_DLL_PUBLIC

e_prefs *epan_load_settings(void);


WS_DLL_PUBLIC

void epan_cleanup(void);


typedef struct {

    void (*init)(void);     /* Called before proto_init() */

    void (*post_init)(void);    /* Called at the end of epan_init() */

    void (*dissect_init)(epan_dissect_t *);

    void (*dissect_cleanup)(epan_dissect_t *);

    void (*cleanup)(void);

    void (*register_all_protocols)(register_cb, void *);

    void (*register_all_handoffs)(register_cb, void *);

    void (*register_all_tap_listeners)(void);

} epan_plugin;


WS_DLL_PUBLIC void epan_register_plugin(const epan_plugin *plugin);


WS_DLL_PUBLIC int epan_plugins_supported(void);


void epan_conversation_init(void);


typedef struct epan_session epan_t;

typedef struct epan_session epan_t;


WS_DLL_PUBLIC epan_t *epan_new(struct packet_provider_data *prov,

    const struct packet_provider_funcs *funcs);


WS_DLL_PUBLIC wtap_block_t epan_get_modified_block(const epan_t *session, const frame_data *fd);


WS_DLL_PUBLIC const char *epan_get_interface_name(const epan_t *session, uint32_t interface_id, unsigned section_number);


WS_DLL_PUBLIC const char *epan_get_interface_description(const epan_t *session, uint32_t interface_id, unsigned section_number);


WS_DLL_PUBLIC int32_t epan_get_process_id(const epan_t *session, uint32_t process_info_id, unsigned section_number);


WS_DLL_PUBLIC const char *epan_get_process_name(const epan_t *session, uint32_t process_info_id, unsigned section_number);


WS_DLL_PUBLIC const uint8_t *epan_get_process_uuid(const epan_t *session, uint32_t process_info_id, unsigned section_number, size_t *uuid_size);


const nstime_t *epan_get_frame_ts(const epan_t *session, uint32_t frame_num);


const nstime_t *epan_get_start_ts(const epan_t *session);


WS_DLL_PUBLIC void epan_free(epan_t *session);


WS_DLL_PUBLIC const char* epan_get_version(void);


WS_DLL_PUBLIC void epan_get_version_number(int *major, int *minor, int *micro);


WS_DLL_PUBLIC

void epan_set_always_visible(bool force);


WS_DLL_PUBLIC

void

epan_dissect_init(epan_dissect_t *edt, epan_t *session, const bool create_proto_tree, const bool proto_tree_visible);


WS_DLL_PUBLIC

epan_dissect_t*

epan_dissect_new(epan_t *session, const bool create_proto_tree, const bool proto_tree_visible);


WS_DLL_PUBLIC

void

epan_dissect_reset(epan_dissect_t *edt);


WS_DLL_PUBLIC

void

epan_dissect_fake_protocols(epan_dissect_t *edt, const bool fake_protocols);


WS_DLL_PUBLIC

void

epan_dissect_run(epan_dissect_t *edt, int file_type_subtype,

        wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo);


WS_DLL_PUBLIC

void

epan_dissect_run_with_taps(epan_dissect_t *edt, int file_type_subtype,

        wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo);


WS_DLL_PUBLIC

void

epan_dissect_file_run(epan_dissect_t *edt, wtap_rec *rec,

        frame_data *fd, struct epan_column_info *cinfo);


WS_DLL_PUBLIC

void

epan_dissect_file_run_with_taps(epan_dissect_t *edt, wtap_rec *rec,

        frame_data *fd, struct epan_column_info *cinfo);


WS_DLL_PUBLIC

void

epan_dissect_prime_with_dfilter(epan_dissect_t *edt, const struct epan_dfilter *dfcode);


WS_DLL_PUBLIC

void

epan_dissect_prime_with_dfilter_print(epan_dissect_t *edt, const struct epan_dfilter *dfcode);


WS_DLL_PUBLIC

void

epan_dissect_prime_with_hfid(epan_dissect_t *edt, int hfid);


WS_DLL_PUBLIC

void

epan_dissect_prime_with_hfid_array(epan_dissect_t *edt, GArray *hfids);


WS_DLL_PUBLIC

void

epan_dissect_fill_in_columns(epan_dissect_t *edt, const bool fill_col_exprs, const bool fill_fd_colums);


WS_DLL_PUBLIC

bool

epan_dissect_packet_contains_field(epan_dissect_t* edt,

                                   const char *field_name);


WS_DLL_PUBLIC

void

epan_dissect_cleanup(epan_dissect_t* edt);


WS_DLL_PUBLIC

void

epan_dissect_free(epan_dissect_t* edt);


const char *

epan_custom_set(epan_dissect_t *edt, GSList *ids, int occurrence, bool display_details,

                char *result, char *expr, const int size);


WS_DLL_PUBLIC

void

epan_gather_compile_info(feature_list l);


WS_DLL_PUBLIC

void

epan_gather_runtime_info(feature_list l);


#ifdef __cplusplus

}

#endif /* __cplusplus */


#endif /* __EPAN_H__ */

epan_dissect_init
WS_DLL_PUBLIC void epan_dissect_init(epan_dissect_t *edt, epan_t *session, const bool create_proto_tree, const bool proto_tree_visible)
Initialize an existing single packet dissection.
Definition epan.c:626

epan_dissect_fake_protocols
WS_DLL_PUBLIC void epan_dissect_fake_protocols(epan_dissect_t *edt, const bool fake_protocols)
Indicate whether protocols should be faked during dissection.
Definition epan.c:697

epan_get_process_id
WS_DLL_PUBLIC int32_t epan_get_process_id(const epan_t *session, uint32_t process_info_id, unsigned section_number)
Retrieve the process ID associated with a given process info record.
Definition epan.c:558

epan_conversation_init
void epan_conversation_init(void)
Initialize the table of conversations.
Definition epan.c:605

epan_dissect_file_run
WS_DLL_PUBLIC void epan_dissect_file_run(epan_dissect_t *edt, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo)
Run a dissection of file-based packet data.
Definition epan.c:734

wireshark_abort_on_dissector_bug
bool wireshark_abort_on_dissector_bug
Definition epan.c:119

epan_gather_compile_info
WS_DLL_PUBLIC void epan_gather_compile_info(feature_list l)
Get compile-time information for libraries used by libwireshark.
Definition epan.c:867

epan_dissect_cleanup
WS_DLL_PUBLIC void epan_dissect_cleanup(epan_dissect_t *edt)
Release resources associated with a packet dissection context.
Definition epan.c:761

epan_get_process_name
WS_DLL_PUBLIC const char * epan_get_process_name(const epan_t *session, uint32_t process_info_id, unsigned section_number)
Retrieve the name of a process associated with a given process info record.
Definition epan.c:576

epan_new
WS_DLL_PUBLIC epan_t * epan_new(struct packet_provider_data *prov, const struct packet_provider_funcs *funcs)
Create a new epan dissection session.
Definition epan.c:485

epan_get_interface_description
WS_DLL_PUBLIC const char * epan_get_interface_description(const epan_t *session, uint32_t interface_id, unsigned section_number)
Retrieve the description of a network interface.
Definition epan.c:518

epan_load_settings
WS_DLL_PUBLIC e_prefs * epan_load_settings(void)
Load all settings from the current profile that affect epan.
Definition epan.c:386

epan_free
WS_DLL_PUBLIC void epan_free(epan_t *session)
Free an epan dissection session.
Definition epan.c:594

epan_dissect_prime_with_hfid
WS_DLL_PUBLIC void epan_dissect_prime_with_hfid(epan_dissect_t *edt, int hfid)
Prime a dissection context's protocol tree with a specific field or protocol.
Definition epan.c:810

epan_dissect_reset
WS_DLL_PUBLIC void epan_dissect_reset(epan_dissect_t *edt)
Reset a dissection context for reuse.
Definition epan.c:655

epan_init
WS_DLL_PUBLIC bool epan_init(register_cb cb, void *client_data, bool load_plugins)
Initialize the entire epan module.
Definition epan.c:257

epan_plugins_supported
WS_DLL_PUBLIC int epan_plugins_supported(void)
Check plugin support status for libwireshark components.
Definition epan.c:240

epan_cleanup
WS_DLL_PUBLIC void epan_cleanup(void)
Clean up the entire epan module.
Definition epan.c:405

epan_dissect_free
WS_DLL_PUBLIC void epan_dissect_free(epan_dissect_t *edt)
Free a single packet dissection context.
Definition epan.c:791

epan_dissect_fill_in_columns
WS_DLL_PUBLIC void epan_dissect_fill_in_columns(epan_dissect_t *edt, const bool fill_col_exprs, const bool fill_fd_colums)
Populate packet list columns with dissection output.
Definition epan.c:838

epan_get_version_number
WS_DLL_PUBLIC void epan_get_version_number(int *major, int *minor, int *micro)
Retrieve the version number of the epan library.
Definition epan.c:149

epan_get_modified_block
WS_DLL_PUBLIC wtap_block_t epan_get_modified_block(const epan_t *session, const frame_data *fd)
Retrieve a modified capture block associated with a specific frame.
Definition epan.c:500

ws_dissector_bug
WS_DLL_PUBLIC void ws_dissector_bug(const char *format,...) G_GNUC_PRINTF(1
Report a dissector bug (and optionally abort).

epan_dissect_packet_contains_field
WS_DLL_PUBLIC bool epan_dissect_packet_contains_field(epan_dissect_t *edt, const char *field_name)
Check whether a dissected packet contains a specific named field.
Definition epan.c:845

epan_get_frame_ts
const nstime_t * epan_get_frame_ts(const epan_t *session, uint32_t frame_num)
Retrieve the timestamp of a specific frame.
Definition epan.c:527

epan_dissect_prime_with_dfilter
WS_DLL_PUBLIC void epan_dissect_prime_with_dfilter(epan_dissect_t *edt, const struct epan_dfilter *dfcode)
Prime a dissection context's protocol tree using a display filter.

epan_get_process_uuid
WS_DLL_PUBLIC const uint8_t * epan_get_process_uuid(const epan_t *session, uint32_t process_info_id, unsigned section_number, size_t *uuid_size)
Retrieve the UUID of a process associated with a given process info record.
Definition epan.c:585

epan_get_start_ts
const nstime_t * epan_get_start_ts(const epan_t *session)
Retrieve the start timestamp of the capture session.
Definition epan.c:542

epan_dissect_run
WS_DLL_PUBLIC void epan_dissect_run(epan_dissect_t *edt, int file_type_subtype, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo)
Run a single packet dissection.
Definition epan.c:704

epan_gather_runtime_info
WS_DLL_PUBLIC void epan_gather_runtime_info(feature_list l)
Get runtime information for libraries used by libwireshark.
Definition epan.c:976

epan_dissect_prime_with_hfid_array
WS_DLL_PUBLIC void epan_dissect_prime_with_hfid_array(epan_dissect_t *edt, GArray *hfids)
Prime a dissection context's protocol tree with a set of fields or protocols.
Definition epan.c:816

epan_get_version
WS_DLL_PUBLIC const char * epan_get_version(void)
Retrieve the epan library's version as a string.
Definition epan.c:144

epan_dissect_new
WS_DLL_PUBLIC epan_dissect_t * epan_dissect_new(epan_t *session, const bool create_proto_tree, const bool proto_tree_visible)
Create a new single packet dissection.
Definition epan.c:686

epan_dissect_prime_with_dfilter_print
WS_DLL_PUBLIC void epan_dissect_prime_with_dfilter_print(epan_dissect_t *edt, const struct epan_dfilter *dfcode)
Prime a dissection context's protocol tree using a display filter, marking fields for print output.

epan_dissect_file_run_with_taps
WS_DLL_PUBLIC void epan_dissect_file_run_with_taps(epan_dissect_t *edt, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo)
Run a dissection of file-based packet data and invoke tap listeners.
Definition epan.c:748

epan_set_always_visible
WS_DLL_PUBLIC void epan_set_always_visible(bool force)
Set or unset the tree to always be visible when epan_dissect_init() is called.
Definition epan.c:617

epan_dissect_run_with_taps
WS_DLL_PUBLIC void epan_dissect_run_with_taps(epan_dissect_t *edt, int file_type_subtype, wtap_rec *rec, frame_data *fd, struct epan_column_info *cinfo)
Run a single packet dissection and invoke tap listeners.
Definition epan.c:721

epan_custom_set
const char * epan_custom_set(epan_dissect_t *edt, GSList *ids, int occurrence, bool display_details, char *result, char *expr, const int size)
Set the value of a custom column based on specified fields and expression.
Definition epan.c:828

epan_register_plugin
WS_DLL_PUBLIC void epan_register_plugin(const epan_plugin *plugin)
Register an epan plugin with the dissection engine.

epan_get_interface_name
WS_DLL_PUBLIC const char * epan_get_interface_name(const epan_t *session, uint32_t interface_id, unsigned section_number)
Retrieve the name of a network interface.
Definition epan.c:509

feature_list.h

feature_list
GList ** feature_list
Semi-opaque handle to a list of features or dependencies.
Definition feature_list.h:33

frame_data.h

prefs.h

register_all_protocols
void register_all_protocols(register_cb cb, void *client_data)
Definition register.c:65

register.h

_e_prefs
Definition prefs.h:174

_plugin
Definition plugins.c:29

epan_column_info
Definition column-info.h:62

epan_dfilter
Definition dfilter-int.h:35

epan_dissect
Definition epan_dissect.h:28

epan_plugin
Definition epan.h:138

epan_session
Definition epan.c:479

nstime_t
Definition nstime.h:26

packet_provider_data
Definition cfile.h:58

packet_provider_funcs
Structure containing pointers to functions supplied by the user of libwireshark.
Definition epan.h:72

wtap_block
Definition wtap_opttypes.h:272

wtap_rec
Definition wtap.h:1442

tvbuff.h

wtap_opttypes.h