expert.h

Go to the documentation of this file.

 
#ifndef __EXPERT_H__
#define __EXPERT_H__
 
#include <epan/proto.h>
#include <epan/packet_info.h>
#include "value_string.h"
#include "ws_symbol_export.h"
 
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
 
typedef struct expert_info_s {
    guint32      packet_num;
    int          group;
    int          severity;
    int          hf_index; /* hf_index of the expert item. Might be -1. */
    const gchar *protocol;
    gchar       *summary;
    proto_item  *pitem;
} expert_info_t;
 
/* Expert Info and Display hf data */
typedef struct expert_field
{
    int ei;
    int hf;
} expert_field;
 
#define EI_INIT_EI -1
#define EI_INIT_HF -1
#define EI_INIT {EI_INIT_EI, EI_INIT_HF}
 
typedef struct expert_field_info {
    /* ---------- set by dissector --------- */
    const char       *name;
    int               group;
    int               severity;
    const gchar      *summary;
 
    /* ------- set by register routines (prefilled by EXPFILL macro, see below) ------ */
    int               id;
    const gchar      *protocol;
    int               orig_severity; /* Matches severity when registered, used to restore original severity
                      * if UAT severity entry is removed */
    hf_register_info  hf_info;
 
} expert_field_info;
 
#define EXPFILL 0, NULL, 0, \
        {0, {NULL, NULL, FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL}}
 
typedef struct ei_register_info {
    expert_field      *ids;         
    expert_field_info  eiinfo;      
} ei_register_info;
 
typedef struct expert_module expert_module_t;
 
#define PRE_ALLOC_EXPERT_FIELDS_MEM 5000
 
/* "proto_expert" is exported from libwireshark.dll.
 * Thus we need a special declaration.
 */
WS_DLL_PUBLIC int proto_expert;
 
extern void
expert_init(void);
 
extern void
expert_packet_init(void);
 
extern void
expert_cleanup(void);
 
extern void
expert_packet_cleanup(void);
 
WS_DLL_PUBLIC int
expert_get_highest_severity(void);
 
WS_DLL_PUBLIC void
expert_update_comment_count(guint64 count);
 
WS_DLL_PUBLIC proto_item *
expert_add_info(packet_info *pinfo, proto_item *pi, expert_field *eiindex);
 
WS_DLL_PUBLIC proto_item *
expert_add_info_format(packet_info *pinfo, proto_item *pi, expert_field *eiindex,
                       const char *format, ...) G_GNUC_PRINTF(4, 5);
 
WS_DLL_PUBLIC proto_item *
proto_tree_add_expert(proto_tree *tree, packet_info *pinfo, expert_field *eiindex,
        tvbuff_t *tvb, gint start, gint length);
 
WS_DLL_PUBLIC proto_item *
proto_tree_add_expert_format(proto_tree *tree, packet_info *pinfo, expert_field *eiindex,
        tvbuff_t *tvb, gint start, gint length, const char *format, ...) G_GNUC_PRINTF(7, 8);
 
/*
 * Register that a protocol has expert info.
 */
WS_DLL_PUBLIC expert_module_t *expert_register_protocol(int id);
 
void expert_deregister_expertinfo (const char *abbrev);
 
void expert_deregister_protocol (expert_module_t *module);
 
void expert_free_deregistered_expertinfos (void);
 
WS_DLL_PUBLIC const gchar* expert_get_summary(expert_field *eiindex);
 
WS_DLL_PUBLIC void
expert_register_field_array(expert_module_t *module, ei_register_info *ei, const int num_records);
 
#define EXPERT_CHECKSUM_DISABLED    -2
#define EXPERT_CHECKSUM_UNKNOWN     -1
#define EXPERT_CHECKSUM_GOOD        0
#define EXPERT_CHECKSUM_BAD         1
 
WS_DLL_PUBLIC const value_string expert_group_vals[];
 
WS_DLL_PUBLIC const value_string expert_severity_vals[];
 
WS_DLL_PUBLIC const value_string expert_checksum_vals[];
 
#ifdef __cplusplus
}
#endif /* __cplusplus */
 
#endif /* __EXPERT_H__ */
 
/*
 * Editor modelines  -  https://www.wireshark.org/tools/modelines.html
 *
 * Local variables:
 * c-basic-offset: 8
 * tab-width: 8
 * indent-tabs-mode: t
 * End:
 *
 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
 * :indentSize=8:tabSize=8:noTabs=false:
 */