Wireshark
4.7.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
extcap
etl.h
Go to the documentation of this file.
1
12
#ifndef __W_ETL_H__
13
#define __W_ETL_H__
14
15
#include "
wiretap/wtap.h
"
16
#include "ws_symbol_export.h"
17
#include "
wiretap/wtap-int.h
"
18
19
#include <glib.h>
20
#include <stdlib.h>
21
#include <tdh.h>
22
#include <guiddef.h>
23
24
#define LOGGER_NAME L"wireshark etwdump"
25
26
typedef
struct
27
{
28
EVENT_TRACE_PROPERTIES prop;
29
char
padding[64];
30
}
SUPER_EVENT_TRACE_PROPERTIES
;
31
32
extern
wtap_open_return_val etw_dump(
const
char
* etl_filename,
const
char
* pcapng_filename,
const
char
* params,
int
* err,
char
** err_info);
33
34
extern
void
wtap_etl_add_interface(
int
pkt_encap,
char
* interface_name,
unsigned
short
interface_name_length,
char
* interface_desc,
unsigned
short
interface_desc_length);
35
36
extern
void
wtap_etl_rec_dump(
char
* etl_record, ULONG total_packet_length, ULONG original_packet_length,
unsigned
int
interface_id, BOOLEAN is_inbound, ULARGE_INTEGER timestamp,
int
pkt_encap,
char
* comment,
unsigned
short
comment_length);
37
38
#endif
39
40
41
/*
42
* Editor modelines - https://www.wireshark.org/tools/modelines.html
43
*
44
* Local variables:
45
* c-basic-offset: 4
46
* tab-width: 8
47
* indent-tabs-mode: nil
48
* End:
49
*
50
* vi: set shiftwidth=4 tabstop=8 expandtab:
51
* :indentSize=4:tabSize=8:noTabs=true:
52
*/
SUPER_EVENT_TRACE_PROPERTIES
Definition
etl.h:27
wtap-int.h
wtap.h
Generated by
1.9.8
1.9.8