Wireshark
4.7.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
extcap
etl.h
Go to the documentation of this file.
1
12
#ifndef __W_ETL_H__
13
#define __W_ETL_H__
14
15
#include "
wiretap/wtap.h
"
16
#include "ws_symbol_export.h"
17
#include "
wiretap/wtap_module.h
"
18
19
#include <glib.h>
20
#include <stdlib.h>
21
22
#include <windows.h>
23
#include <winsock2.h>
24
#include <tdh.h>
25
#include <guiddef.h>
26
27
#define LOGGER_NAME L"wireshark etwdump"
28
29
typedef
struct
30
{
31
EVENT_TRACE_PROPERTIES prop;
32
char
padding[64];
33
}
SUPER_EVENT_TRACE_PROPERTIES
;
34
35
extern
wtap_open_return_val
etw_dump(
const
char
* etl_filename,
const
char
* pcapng_filename,
const
char
* params,
int
* err,
char
** err_info);
36
37
extern
void
wtap_etl_add_interface(
int
pkt_encap,
char
* interface_name,
unsigned
short
interface_name_length,
char
* interface_desc,
unsigned
short
interface_desc_length);
38
39
extern
void
wtap_etl_rec_dump(
char
* etl_record, ULONG total_packet_length, ULONG original_packet_length,
unsigned
int
interface_id, BOOLEAN is_inbound, ULARGE_INTEGER timestamp,
int
pkt_encap,
char
* comment,
unsigned
short
comment_length);
40
41
#endif
42
43
44
/*
45
* Editor modelines - https://www.wireshark.org/tools/modelines.html
46
*
47
* Local variables:
48
* c-basic-offset: 4
49
* tab-width: 8
50
* indent-tabs-mode: nil
51
* End:
52
*
53
* vi: set shiftwidth=4 tabstop=8 expandtab:
54
* :indentSize=4:tabSize=8:noTabs=true:
55
*/
SUPER_EVENT_TRACE_PROPERTIES
Definition
etl.h:30
wtap.h
wtap_open_return_val
wtap_open_return_val
For registering file types that we can open.
Definition
wtap.h:1750
wtap_module.h
Generated by
1.9.8
1.9.8