#include "wtap.h"

Classes
struct	capture_file_header

struct	tlv_header

struct	tlv_time_info

struct	tlv_network_load

struct	tlv_wireless_info

struct	tlv_capture_start_stop

struct	packet_entry_header

Macros
#define	CAPTURE_FILE_HEADER_FROM_LE_IN_PLACE(_capture_file_header) _capture_file_header.offset_to_first_packet = GUINT16_FROM_LE((_capture_file_header).offset_to_first_packet)

#define	CAPTURE_FILE_HEADER_TO_LE_IN_PLACE(_capture_file_header) _capture_file_header.offset_to_first_packet = GUINT16_TO_LE((_capture_file_header).offset_to_first_packet)

#define	TLV_HEADER_FROM_LE_IN_PLACE(_tlv_header)

#define	TLV_HEADER_TO_LE_IN_PLACE(_tlv_header)

#define	INFORMATION_TYPE_ALIAS_LIST 0x0001

#define	INFORMATION_TYPE_COMMENT 0x0002 /* ASCII text */

#define	INFORMATION_TYPE_TIME_INFO 0x0004

#define	INFORMATION_TYPE_REMOTE_PROBE 0x0005

#define	INFORMATION_TYPE_NETWORK_LOAD 0x0100

#define	INFORMATION_TYPE_WIRELESS 0x0101

#define	INFORMATION_TYPE_CAPTURE_START_STOP 0x0104

#define	TIME_INFO_LOCAL 0

#define	TIME_INFO_GMT 1

#define	TLV_TIME_INFO_FROM_LE_IN_PLACE(_tlv_time_info) (_tlv_time_info).time_format = GUINT32_FROM_LE((_tlv_time_info).time_format)

#define	TLV_TIME_INFO_TO_LE_IN_PLACE(_tlv_time_info) (_tlv_time_info).time_format = GUINT32_TO_LE((_tlv_time_info).time_format)

#define	TLV_NETWORK_LOAD_FROM_LE_IN_PLACE(_tlv_network_load)

#define	TLV_NETWORK_LOAD_TO_LE_IN_PLACE(_tlv_network_load)

#define	WIRELESS_WEP_SUCCESS 0x80

#define	START_STOP_TYPE_STOP 0

#define	START_STOP_TYPE_START 1

#define	PACKET_ENTRY_HEADER_FROM_LE_IN_PLACE(_packet_entry_header)

#define	PACKET_ENTRY_HEADER_TO_LE_IN_PLACE(_packet_entry_header)

#define	OBSERVER_UNDEFINED 0xFF

#define	OBSERVER_ETHERNET 0x00

#define	OBSERVER_TOKENRING 0x01

#define	OBSERVER_FIBRE_CHANNEL 0x08

#define	OBSERVER_WIRELESS_802_11 0x09

#define	PACKET_TYPE_DATA_PACKET 0

#define	PACKET_TYPE_EXPERT_INFORMATION_PACKET 1

Typedefs
typedef struct capture_file_header	capture_file_header

typedef struct tlv_header	tlv_header

typedef struct tlv_time_info	tlv_time_info

typedef struct tlv_network_load	tlv_network_load

typedef struct tlv_wireless_info	tlv_wireless_info

typedef struct tlv_capture_start_stop	tlv_capture_start_stop

typedef struct packet_entry_header	packet_entry_header

Functions
wtap_open_return_val	observer_open (wtap wth, int err, char **err_info)
	Opens a capture file using the observer format.

Detailed Description

observer.h - description

Macro Definition Documentation

◆ PACKET_ENTRY_HEADER_FROM_LE_IN_PLACE

#define PACKET_ENTRY_HEADER_FROM_LE_IN_PLACE ( _packet_entry_header )

Value:

    (_packet_entry_header).packet_magic            = GUINT32_FROM_LE((_packet_entry_header).packet_magic); \
    (_packet_entry_header).network_speed           = GUINT32_FROM_LE((_packet_entry_header).network_speed); \
    (_packet_entry_header).captured_size           = GUINT16_FROM_LE((_packet_entry_header).captured_size); \
    (_packet_entry_header).network_size            = GUINT16_FROM_LE((_packet_entry_header).network_size); \
    (_packet_entry_header).offset_to_frame         = GUINT16_FROM_LE((_packet_entry_header).offset_to_frame); \
    (_packet_entry_header).offset_to_next_packet   = GUINT16_FROM_LE((_packet_entry_header).offset_to_next_packet); \
    (_packet_entry_header).errors                  = GUINT16_FROM_LE((_packet_entry_header).errors); \
    (_packet_entry_header).reserved                = GUINT16_FROM_LE((_packet_entry_header).reserved); \
    (_packet_entry_header).packet_number           = GUINT64_FROM_LE((_packet_entry_header).packet_number); \
    (_packet_entry_header).original_packet_number  = GUINT64_FROM_LE((_packet_entry_header).original_packet_number); \
    (_packet_entry_header).nano_seconds_since_2000 = GUINT64_FROM_LE((_packet_entry_header).nano_seconds_since_2000)

◆ PACKET_ENTRY_HEADER_TO_LE_IN_PLACE

#define PACKET_ENTRY_HEADER_TO_LE_IN_PLACE ( _packet_entry_header )

Value:

    (_packet_entry_header).packet_magic            = GUINT32_TO_LE((_packet_entry_header).packet_magic); \
    (_packet_entry_header).network_speed           = GUINT32_TO_LE((_packet_entry_header).network_speed); \
    (_packet_entry_header).captured_size           = GUINT16_TO_LE((_packet_entry_header).captured_size); \
    (_packet_entry_header).network_size            = GUINT16_TO_LE((_packet_entry_header).network_size); \
    (_packet_entry_header).offset_to_frame         = GUINT16_TO_LE((_packet_entry_header).offset_to_frame); \
    (_packet_entry_header).offset_to_next_packet   = GUINT16_TO_LE((_packet_entry_header).offset_to_next_packet); \
    (_packet_entry_header).errors                  = GUINT16_TO_LE((_packet_entry_header).errors); \
    (_packet_entry_header).reserved                = GUINT16_TO_LE((_packet_entry_header).reserved); \
    (_packet_entry_header).packet_number           = GUINT64_TO_LE((_packet_entry_header).packet_number); \
    (_packet_entry_header).original_packet_number  = GUINT64_TO_LE((_packet_entry_header).original_packet_number); \
    (_packet_entry_header).nano_seconds_since_2000 = GUINT64_TO_LE((_packet_entry_header).nano_seconds_since_2000)

◆ TLV_HEADER_FROM_LE_IN_PLACE

#define TLV_HEADER_FROM_LE_IN_PLACE ( _tlv_header )

Value:

(_tlv_header).type = GUINT16_FROM_LE((_tlv_header).type); \

(_tlv_header).length = GUINT16_FROM_LE((_tlv_header).length)

◆ TLV_HEADER_TO_LE_IN_PLACE

#define TLV_HEADER_TO_LE_IN_PLACE ( _tlv_header )

Value:

(_tlv_header).type = GUINT16_TO_LE((_tlv_header).type); \

(_tlv_header).length = GUINT16_TO_LE((_tlv_header).length)

◆ TLV_NETWORK_LOAD_FROM_LE_IN_PLACE

#define TLV_NETWORK_LOAD_FROM_LE_IN_PLACE ( _tlv_network_load )

Value:

    (_tlv_network_load).utilization = GUINT32_FROM_LE((_tlv_network_load).utilization); \
    (_tlv_network_load).unknown1 = GUINT32_FROM_LE((_tlv_network_load).unknown1); \
    (_tlv_network_load).unknown2 = GUINT32_FROM_LE((_tlv_network_load).unknown2); \
    (_tlv_network_load).packets_per_second = GUINT32_FROM_LE((_tlv_network_load).packets_per_second); \
    (_tlv_network_load).unknown3 = GUINT32_FROM_LE((_tlv_network_load).unknown3); \
    (_tlv_network_load).bytes_per_second = GUINT32_FROM_LE((_tlv_network_load).bytes_per_second); \
    (_tlv_network_load).unknown4 = GUINT32_FROM_LE((_tlv_network_load).unknown4) \

◆ TLV_NETWORK_LOAD_TO_LE_IN_PLACE

#define TLV_NETWORK_LOAD_TO_LE_IN_PLACE ( _tlv_network_load )

Value:

    (_tlv_network_load).utilization = GUINT32_TO_LE((_tlv_network_load).utilization); \
    (_tlv_network_load).unknown1 = GUINT32_TO_LE((_tlv_network_load).unknown1); \
    (_tlv_network_load).unknown2 = GUINT32_TO_LE((_tlv_network_load).unknown2); \
    (_tlv_network_load).packets_per_second = GUINT32_TO_LE((_tlv_network_load).packets_per_second); \
    (_tlv_network_load).unknown3 = GUINT32_TO_LE((_tlv_network_load).unknown3); \
    (_tlv_network_load).bytes_per_second = GUINT32_TO_LE((_tlv_network_load).bytes_per_second); \
    (_tlv_network_load).unknown4 = GUINT32_TO_LE((_tlv_network_load).unknown4) \

Function Documentation

◆ observer_open()

wtap_open_return_val observer_open	(	wtap *	wth,
		int *	err,
		char **	err_info
	)

Opens a capture file using the observer format.

This function attempts to open and read the header of a capture file in the observer format.

Parameters

wth	Pointer to the wtap structure that will hold the file information.
err	Pointer to an integer where any error code will be stored if an error occurs.
err_info	Pointer to a char pointer where any error message will be stored if an error occurs.

Returns: A value indicating whether the file was successfully opened or not.

Classes

Macros

Typedefs

Functions

Detailed Description

observer.h - description

Macro Definition Documentation

◆ PACKET_ENTRY_HEADER_FROM_LE_IN_PLACE

◆ PACKET_ENTRY_HEADER_TO_LE_IN_PLACE

◆ TLV_HEADER_FROM_LE_IN_PLACE

◆ TLV_HEADER_TO_LE_IN_PLACE

◆ TLV_NETWORK_LOAD_FROM_LE_IN_PLACE

◆ TLV_NETWORK_LOAD_TO_LE_IN_PLACE

Function Documentation

◆ observer_open()