 |
Wireshark 4.7.2
The Wireshark network protocol analyzer
|
Loading...
Searching...
No Matches
|
Wireshark 4.7.2
The Wireshark network protocol analyzer
|
Represents a single capture record read from or written to a capture file, regardless of record type. More...
#include <wtap.h>
Public Attributes | |
| unsigned | rec_type |
| uint32_t | presence_flags |
| unsigned | section_number |
| nstime_t | ts |
| int | tsprec |
| const char * | rec_type_name |
| union { | |
| wtap_packet_header packet_header | |
| wtap_ft_specific_header ft_specific_header | |
| wtap_syscall_header syscall_header | |
| wtap_systemd_journal_export_header systemd_journal_export_header | |
| wtap_custom_block_header custom_block_header | |
| } | rec_header |
| Type-specific record header, interpreted according to rec_type. | |
| wtap_block_t | block |
| Block-level metadata associated with this record. | |
| bool | block_was_modified |
| Buffer | options_buf |
| Reusable buffer holding serialized file-type-specific option data for this record. | |
| Buffer | data |
Represents a single capture record read from or written to a capture file, regardless of record type.
| wtap_block_t wtap_rec::block |
Block-level metadata associated with this record.
Carries structured block information (options, etc.) that may overlap with or eventually supersede rec_header. NULL for record types that do not correspond to a pcapng block or equivalent construct.
| bool wtap_rec::block_was_modified |
True if any field or option within block has been modified since it was read.
| wtap_custom_block_header wtap_rec::custom_block_header |
Header for custom block records (REC_TYPE_CUSTOM_BLOCK).
| Buffer wtap_rec::data |
Raw bytes of the record payload (e.g. the captured packet data).
| wtap_ft_specific_header wtap_rec::ft_specific_header |
Header for file-type-specific event records (REC_TYPE_FT_SPECIFIC_EVENT or REC_TYPE_FT_SPECIFIC_REPORT).
| Buffer wtap_rec::options_buf |
Reusable buffer holding serialized file-type-specific option data for this record.
Using a persistent Buffer avoids per-record allocation and deallocation overhead for option payloads.
| wtap_packet_header wtap_rec::packet_header |
Header for standard captured network packets (REC_TYPE_PACKET).
| uint32_t wtap_rec::presence_flags |
Bitmask of WTAP_HAS_ flags indicating which optional fields are populated in this record.
| unsigned wtap_rec::rec_type |
Record type identifier (e.g. REC_TYPE_PACKET, REC_TYPE_FT_SPECIFIC_EVENT).
| const char* wtap_rec::rec_type_name |
Human-readable name of this record type, suitable for display and logging.
| unsigned wtap_rec::section_number |
Zero-based index of the section within the capture file that contains this record.
| wtap_syscall_header wtap_rec::syscall_header |
Header for system call event records (REC_TYPE_SYSCALL).
| wtap_systemd_journal_export_header wtap_rec::systemd_journal_export_header |
Header for systemd journal export records (REC_TYPE_SYSTEMD_JOURNAL_EXPORT).
| nstime_t wtap_rec::ts |
Timestamp at which this record was captured.
| int wtap_rec::tsprec |
Timestamp precision as a WTAP_TSPREC_ constant (e.g. WTAP_TSPREC_USEC, WTAP_TSPREC_NSEC).
1.15.0