Wireshark 4.7.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
wtap_module.h
Go to the documentation of this file.
1
9#ifndef __WTAP_MODULE_H__
10#define __WTAP_MODULE_H__
11
12#include "wtap.h"
13
14#include "wtap_opttypes.h"
15
16#include <wsutil/file_util.h>
17
26WS_DLL_PUBLIC
27int wtap_fstat(wtap *wth, ws_statb64 *statb, int *err);
28
39typedef bool (*subtype_read_func)(struct wtap* wtap, wtap_rec* rec,
40 int* err, char** err_info, int64_t* offset);
41
52typedef bool (*subtype_seek_read_func)(struct wtap* wtap, int64_t seek_off, wtap_rec* rec,
53 int* err, char** err_info);
54
116
122typedef void *WFILE_T;
123
133typedef bool (*subtype_add_idb_func)(struct wtap_dumper* dumper, wtap_block_t idb,
134 int* err, char** err_info);
135
145typedef bool (*subtype_write_func)(struct wtap_dumper* dumper, const wtap_rec* rec,
146 int* err, char** err_info);
147
156typedef bool (*subtype_finish_func)(struct wtap_dumper* dumper, int* err, char** err_info);
157
163struct wtap_dumper {
164 WFILE_T fh;
165 int file_type_subtype;
166 int snaplen;
167 int file_encap;
173 ws_compression_type compression_type;
174 bool needs_reload;
175 int64_t bytes_dumped;
177 void *priv;
178 void *wslua_data;
180 subtype_add_idb_func subtype_add_idb;
181 subtype_write_func subtype_write;
182 subtype_finish_func subtype_finish;
184 addrinfo_lists_t *addrinfo_lists;
185 GArray *shb_hdrs;
186 const GArray *shb_iface_to_global;
187 GArray *interface_data;
188 GArray *dsbs_initial;
190 /*
191 * Additional blocks that might grow as data is being collected.
192 * Subtypes should write these blocks before writing new packet blocks.
193 */
194 const GArray *nrbs_growing;
195 const GArray *dsbs_growing;
196 const GArray *mevs_growing;
197 const GArray *dpibs_growing;
198 unsigned nrbs_growing_written;
199 unsigned dsbs_growing_written;
200 unsigned mevs_growing_written;
201 unsigned dpibs_growing_written;
202};
203
213WS_DLL_PUBLIC bool wtap_dump_file_write(wtap_dumper *wdh, const void *buf,
214 size_t bufsize, int *err);
215
225WS_DLL_PUBLIC int64_t wtap_dump_file_seek(wtap_dumper *wdh, int64_t offset,
226 int whence, int *err);
227
235WS_DLL_PUBLIC int64_t wtap_dump_file_tell(wtap_dumper *wdh, int *err);
236
252WS_DLL_PUBLIC
253bool
254wtap_read_bytes_or_eof(FILE_T fh, void *buf, unsigned int count, int *err,
255 char **err_info);
256
271WS_DLL_PUBLIC
272bool
273wtap_read_bytes(FILE_T fh, void *buf, unsigned int count, int *err,
274 char **err_info);
275
292WS_DLL_PUBLIC
293bool
294wtap_read_bytes_buffer(FILE_T fh, Buffer *buf, unsigned length, int *err,
295 char **err_info);
296
309bool
310wtap_full_file_read(wtap *wth, wtap_rec *rec, int *err, char **err_info,
311 int64_t *data_offset);
312
325bool
326wtap_full_file_seek_read(wtap *wth, int64_t seek_off, wtap_rec *rec,
327 int *err, char **err_info);
328
337void
338wtap_add_idb(wtap *wth, wtap_block_t idb);
339
348void
349wtap_add_dpib(wtap *wth, wtap_block_t dpib);
350
359void
360wtapng_process_nrb(wtap *wth, wtap_block_t nrb);
361
370void
371wtapng_process_dsb(wtap *wth, wtap_block_t dsb);
372
381void
382wtap_register_compatibility_file_subtype_name(const char *old_name,
383 const char *new_name);
384
393void
394wtap_register_backwards_compatibility_lua_name(const char *name, int ft);
395
407WS_DLL_PUBLIC
408void wtap_add_generated_idb(wtap *wth);
409
422wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec);
423
424/* Macros to byte-swap possibly-unaligned 64-bit, 32-bit and 16-bit quantities;
425 * they take a pointer to the quantity, and byte-swap it in place.
426 */
431#define PBSWAP64(p) \
432 { \
433 uint8_t tmp; \
434 tmp = (p)[7]; \
435 (p)[7] = (p)[0]; \
436 (p)[0] = tmp; \
437 tmp = (p)[6]; \
438 (p)[6] = (p)[1]; \
439 (p)[1] = tmp; \
440 tmp = (p)[5]; \
441 (p)[5] = (p)[2]; \
442 (p)[2] = tmp; \
443 tmp = (p)[4]; \
444 (p)[4] = (p)[3]; \
445 (p)[3] = tmp; \
446 }
447
452#define PBSWAP32(p) \
453 { \
454 uint8_t tmp; \
455 tmp = (p)[3]; \
456 (p)[3] = (p)[0]; \
457 (p)[0] = tmp; \
458 tmp = (p)[2]; \
459 (p)[2] = (p)[1]; \
460 (p)[1] = tmp; \
461 }
462
467#define PBSWAP16(p) \
468 { \
469 uint8_t tmp; \
470 tmp = (p)[1]; \
471 (p)[1] = (p)[0]; \
472 (p)[0] = tmp; \
473 }
474
475#endif /* __WTAP_MODULE_H__ */
476
477/*
478 * Editor modelines - https://www.wireshark.org/tools/modelines.html
479 *
480 * Local variables:
481 * c-basic-offset: 4
482 * tab-width: 8
483 * indent-tabs-mode: nil
484 * End:
485 *
486 * vi: set shiftwidth=4 tabstop=8 expandtab:
487 * :indentSize=4:tabSize=8:noTabs=true:
488 */
file_util.h
Buffer
A dynamic byte buffer with adjustable start and end positions.
Definition buffer.h:30
addrinfo_lists
Definition wtap.h:1603
idb
Definition pcapio.c:117
nstime_t
Definition nstime.h:26
wtap_block
Definition wtap_opttypes.h:272
wtap_dumper
Wiretap dumper handle and associated state.
Definition wtap_module.h:163
wtap_dumper::wslua_data
void * wslua_data
Definition wtap_module.h:178
wtap_dumper::dpibs_growing_written
unsigned dpibs_growing_written
Definition wtap_module.h:201
wtap_dumper::nrbs_growing_written
unsigned nrbs_growing_written
Definition wtap_module.h:198
wtap_dumper::dsbs_initial
GArray * dsbs_initial
Definition wtap_module.h:188
wtap_dumper::needs_reload
bool needs_reload
Definition wtap_module.h:174
wtap_dumper::interface_data
GArray * interface_data
Definition wtap_module.h:187
wtap_dumper::dsbs_growing
const GArray * dsbs_growing
Definition wtap_module.h:195
wtap_dumper::bytes_dumped
int64_t bytes_dumped
Definition wtap_module.h:175
wtap_dumper::subtype_write
subtype_write_func subtype_write
Definition wtap_module.h:181
wtap_dumper::fh
WFILE_T fh
Definition wtap_module.h:164
wtap_dumper::mevs_growing
const GArray * mevs_growing
Definition wtap_module.h:196
wtap_dumper::mevs_growing_written
unsigned mevs_growing_written
Definition wtap_module.h:200
wtap_dumper::snaplen
int snaplen
Definition wtap_module.h:166
wtap_dumper::shb_iface_to_global
const GArray * shb_iface_to_global
Definition wtap_module.h:186
wtap_dumper::compression_type
ws_compression_type compression_type
Definition wtap_module.h:173
wtap_dumper::dpibs_growing
const GArray * dpibs_growing
Definition wtap_module.h:197
wtap_dumper::dsbs_growing_written
unsigned dsbs_growing_written
Definition wtap_module.h:199
wtap_dumper::addrinfo_lists
addrinfo_lists_t * addrinfo_lists
Definition wtap_module.h:184
wtap_dumper::file_type_subtype
int file_type_subtype
Definition wtap_module.h:165
wtap_dumper::nrbs_growing
const GArray * nrbs_growing
Definition wtap_module.h:194
wtap_dumper::priv
void * priv
Definition wtap_module.h:177
wtap_dumper::subtype_finish
subtype_finish_func subtype_finish
Definition wtap_module.h:182
wtap_dumper::subtype_add_idb
subtype_add_idb_func subtype_add_idb
Definition wtap_module.h:180
wtap_dumper::shb_hdrs
GArray * shb_hdrs
Definition wtap_module.h:185
wtap_reader
Definition file_wrappers.c:97
wtap_rec
Definition wtap.h:1507
wtap
Definition wtap_module.h:58
wtap::interface_data
GArray * interface_data
Definition wtap_module.h:66
wtap::ispipe
bool ispipe
Definition wtap_module.h:61
wtap::file_start_ts
nstime_t file_start_ts
Definition wtap_module.h:99
wtap::next_dpib_id
unsigned next_dpib_id
Definition wtap_module.h:72
wtap::add_new_secrets
wtap_new_secrets_callback_t add_new_secrets
Definition wtap_module.h:113
wtap::file_tsprec
int file_tsprec
Definition wtap_module.h:89
wtap::app_env_var_prefix
const char * app_env_var_prefix
Definition wtap_module.h:74
wtap::subtype_read
subtype_read_func subtype_read
Definition wtap_module.h:79
wtap::file_end_ts
nstime_t file_end_ts
Definition wtap_module.h:105
wtap::shb_iface_to_global
GArray * shb_iface_to_global
Definition wtap_module.h:65
wtap::snapshot_length
unsigned snapshot_length
Definition wtap_module.h:63
wtap::fast_seek
GPtrArray * fast_seek
Definition wtap_module.h:114
wtap::subtype_seek_read
subtype_seek_read_func subtype_seek_read
Definition wtap_module.h:80
wtap::file_encap
int file_encap
Definition wtap_module.h:83
wtap::subtype_sequential_close
void(* subtype_sequential_close)(struct wtap *)
Definition wtap_module.h:81
wtap::random_fh
FILE_T random_fh
Definition wtap_module.h:60
wtap::fh
FILE_T fh
Definition wtap_module.h:59
wtap::next_interface_data
unsigned next_interface_data
Definition wtap_module.h:67
wtap::nrbs
GArray * nrbs
Definition wtap_module.h:68
wtap::shb_hdrs
GArray * shb_hdrs
Definition wtap_module.h:64
wtap::dpibs
GArray * dpibs
Definition wtap_module.h:71
wtap::pathname
char * pathname
Definition wtap_module.h:73
wtap::file_type_subtype
int file_type_subtype
Definition wtap_module.h:62
wtap::add_new_ipv4
wtap_new_ipv4_callback_t add_new_ipv4
Definition wtap_module.h:111
wtap::meta_events
GArray * meta_events
Definition wtap_module.h:70
wtap::add_new_ipv6
wtap_new_ipv6_callback_t add_new_ipv6
Definition wtap_module.h:112
wtap::priv
void * priv
Definition wtap_module.h:76
wtap::wslua_data
void * wslua_data
Definition wtap_module.h:77
wtap::subtype_close
void(* subtype_close)(struct wtap *)
Definition wtap_module.h:82
wtap::dsbs
GArray * dsbs
Definition wtap_module.h:69
wtap_new_secrets_callback_t
void(* wtap_new_secrets_callback_t)(uint32_t secrets_type, const void *secrets, unsigned size)
Callback type for receiving new decryption secrets.
Definition wtap.h:2089
wtap_new_ipv6_callback_t
void(* wtap_new_ipv6_callback_t)(const ws_in6_addr *addrp, const char *name, const bool static_entry)
Callback type for registering new IPv6 hostnames.
Definition wtap.h:2065
wtap_new_ipv4_callback_t
void(* wtap_new_ipv4_callback_t)(const unsigned addr, const char *name, const bool static_entry)
Callback type for registering new IPv4 hostnames.
Definition wtap.h:2041
wtap_register_backwards_compatibility_lua_name
void wtap_register_backwards_compatibility_lua_name(const char *name, int ft)
Register a backwards compatibility Lua name for a file type.
Definition file_access.c:2871
wtap_dump_file_write
WS_DLL_PUBLIC bool wtap_dump_file_write(wtap_dumper *wdh, const void *buf, size_t bufsize, int *err)
Write raw data to the dump file.
Definition file_access.c:2730
wtapng_process_nrb
void wtapng_process_nrb(wtap *wth, wtap_block_t nrb)
Invoke the registered callback with a Name Resolution Block (NRB).
Definition wtap.c:1712
wtap_full_file_read
bool wtap_full_file_read(wtap *wth, wtap_rec *rec, int *err, char **err_info, int64_t *data_offset)
Read entire file contents as a single packet (sequential mode).
Definition wtap.c:2164
subtype_seek_read_func
bool(* subtype_seek_read_func)(struct wtap *wtap, int64_t seek_off, wtap_rec *rec, int *err, char **err_info)
Function pointer type for seeking and reading a record.
Definition wtap_module.h:52
subtype_read_func
bool(* subtype_read_func)(struct wtap *wtap, wtap_rec *rec, int *err, char **err_info, int64_t *offset)
Function pointer type for reading a record.
Definition wtap_module.h:39
wtapng_process_dsb
void wtapng_process_dsb(wtap *wth, wtap_block_t dsb)
Invoke the registered callback with a Decryption Secrets Block (DSB).
Definition wtap.c:1736
wtap_fstat
WS_DLL_PUBLIC int wtap_fstat(wtap *wth, ws_statb64 *statb, int *err)
Retrieve file statistics for a wiretap handle.
Definition wtap.c:95
WFILE_T
void * WFILE_T
Abstract file handle for writing.
Definition wtap_module.h:122
wtap_read_bytes_or_eof
WS_DLL_PUBLIC bool wtap_read_bytes_or_eof(FILE_T fh, void *buf, unsigned int count, int *err, char **err_info)
Read a specified number of bytes from a file or discard them.
Definition wtap.c:1915
wtap_rec_generate_idb
wtap_block_t wtap_rec_generate_idb(const wtap_rec *rec)
Generate an IDB, given a packet record, using the records's encapsulation type and time stamp resolut...
Definition wtap.c:2051
wtap_read_bytes_buffer
WS_DLL_PUBLIC bool wtap_read_bytes_buffer(FILE_T fh, Buffer *buf, unsigned length, int *err, char **err_info)
Read a specified number of bytes into a Buffer, growing it as needed.
Definition wtap.c:1970
wtap_full_file_seek_read
bool wtap_full_file_seek_read(wtap *wth, int64_t seek_off, wtap_rec *rec, int *err, char **err_info)
Read entire file contents as a single packet (seek mode).
Definition wtap.c:2180
wtap_dump_file_seek
WS_DLL_PUBLIC int64_t wtap_dump_file_seek(wtap_dumper *wdh, int64_t offset, int whence, int *err)
Seek to a position in the dump file.
Definition file_access.c:2797
subtype_write_func
bool(* subtype_write_func)(struct wtap_dumper *dumper, const wtap_rec *rec, int *err, char **err_info)
Function pointer type for writing a record.
Definition wtap_module.h:145
wtap_dump_file_tell
WS_DLL_PUBLIC int64_t wtap_dump_file_tell(wtap_dumper *wdh, int *err)
Get current position in the dump file.
Definition file_access.c:2817
wtap_read_bytes
WS_DLL_PUBLIC bool wtap_read_bytes(FILE_T fh, void *buf, unsigned int count, int *err, char **err_info)
Read a specified number of bytes from a file or discard them.
Definition wtap.c:1944
wtap_add_generated_idb
WS_DLL_PUBLIC void wtap_add_generated_idb(wtap *wth)
Generate an IDB, given a wiretap handle for the file, using the file's encapsulation type,...
Definition wtap.c:384
subtype_add_idb_func
bool(* subtype_add_idb_func)(struct wtap_dumper *dumper, wtap_block_t idb, int *err, char **err_info)
Function pointer type for adding an Interface Description Block (IDB).
Definition wtap_module.h:133
subtype_finish_func
bool(* subtype_finish_func)(struct wtap_dumper *dumper, int *err, char **err_info)
Function pointer type for finalizing a dump file.
Definition wtap_module.h:156
wtap_add_dpib
void wtap_add_dpib(wtap *wth, wtap_block_t dpib)
Add a DPIB to the dpibs list for a file.
Definition wtap.c:308
wtap_add_idb
void wtap_add_idb(wtap *wth, wtap_block_t idb)
Add an Interface Description Block (IDB) to a wiretap handle.
Definition wtap.c:302
wtap_register_compatibility_file_subtype_name
void wtap_register_compatibility_file_subtype_name(const char *old_name, const char *new_name)
Register a compatibility alias for a file subtype name.
Definition file_access.c:1657
wtap_opttypes.h
Generated by doxygen 1.9.8