forked from wireshark/wireshark
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcfile.h
158 lines (143 loc) · 6.98 KB
/
cfile.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
/* cfile.h
* capture_file definition & GUI-independent manipulation
*
* Wireshark - Network traffic analyzer
* By Gerald Combs <[email protected]>
* Copyright 1998 Gerald Combs
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __CFILE_H__
#define __CFILE_H__
#include <epan/epan.h>
#include <epan/column-info.h>
#include <epan/dfilter/dfilter.h>
#include <epan/frame_data.h>
#include <epan/frame_data_sequence.h>
#include <wiretap/wtap.h>
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
/* Current state of file. */
typedef enum {
FILE_CLOSED, /* No file open */
FILE_READ_IN_PROGRESS, /* Reading a file we've opened */
FILE_READ_ABORTED, /* Read aborted by user */
FILE_READ_DONE /* Read completed */
} file_state;
/* Character set for text search. */
typedef enum {
SCS_NARROW_AND_WIDE,
SCS_NARROW,
SCS_WIDE
/* add EBCDIC when it's implemented */
} search_charset_t;
typedef enum {
SD_FORWARD,
SD_BACKWARD
} search_direction;
#ifdef WANT_PACKET_EDITOR
/* XXX, where this struct should go? */
typedef struct {
struct wtap_pkthdr phdr; /**< Modified packet header */
char *pd; /**< Modified packet data */
} modified_frame_data;
#endif
typedef struct _capture_file {
epan_t *epan;
file_state state; /* Current state of capture file */
gchar *filename; /* Name of capture file */
gchar *source; /* Temp file source, e.g. "Pipe from elsewhere" */
gboolean is_tempfile; /* Is capture file a temporary file? */
gboolean unsaved_changes; /* Does the capture file have changes that have not been saved? */
gboolean stop_flag; /* Stop current processing (loading, searching, etc.) */
gint64 f_datalen; /* Size of capture file data (uncompressed) */
guint16 cd_t; /* File type of capture file */
unsigned int open_type; /* open_routine index+1 used, if selected, or WTAP_TYPE_AUTO */
gboolean iscompressed; /* TRUE if the file is compressed */
int lnk_t; /* File link-layer type; could be WTAP_ENCAP_PER_PACKET */
GArray *linktypes; /* Array of packet link-layer types */
guint32 count; /* Total number of frames */
guint64 packet_comment_count; /* Number of comments in frames (could be >1 per frame... */
guint32 displayed_count; /* Number of displayed frames */
guint32 marked_count; /* Number of marked frames */
guint32 ignored_count; /* Number of ignored frames */
guint32 ref_time_count; /* Number of time referenced frames */
gboolean drops_known; /* TRUE if we know how many packets were dropped */
guint32 drops; /* Dropped packets */
nstime_t elapsed_time; /* Elapsed time */
int snap; /* Maximum captured packet length; 0 if unknown */
wtap *wth; /* Wiretap session */
dfilter_t *rfcode; /* Compiled read filter program */
dfilter_t *dfcode; /* Compiled display filter program */
gchar *dfilter; /* Display filter string */
gboolean redissecting; /* TRUE if currently redissecting (cf_redissect_packets) */
/* search */
gchar *sfilter; /* Filter, hex value, or string being searched */
gboolean hex; /* TRUE if "Hex value" search was last selected */
gboolean string; /* TRUE if "String" search was last selected */
gboolean summary_data; /* TRUE if "String" search in "Packet list" (Info column) was last selected */
gboolean decode_data; /* TRUE if "String" search in "Packet details" was last selected */
gboolean packet_data; /* TRUE if "String" search in "Packet data" was last selected */
guint32 search_pos; /* Byte position of last byte found in a hex search */
guint32 search_len; /* Length of bytes matching the search */
gboolean case_type; /* TRUE if case-insensitive text search */
GRegex *regex; /* Set if regular expression search */
search_charset_t scs_type; /* Character set for text search */
search_direction dir; /* Direction in which to do searches */
gboolean search_in_progress; /* TRUE if user just clicked OK in the Find dialog or hit <control>N/B */
/* packet data */
struct wtap_pkthdr phdr; /* Packet header */
Buffer buf; /* Packet data */
/* frames */
frame_data_sequence *frames; /* Sequence of frames, if we're keeping that information */
guint32 first_displayed; /* Frame number of first frame displayed */
guint32 last_displayed; /* Frame number of last frame displayed */
column_info cinfo; /* Column formatting information */
gboolean columns_changed; /**< Have the columns been changed in the prefs? (GTK+ only) */
frame_data *current_frame; /* Frame data for current frame */
gint current_row; /* Row number for current frame */
epan_dissect_t *edt; /* Protocol dissection for currently selected packet */
field_info *finfo_selected; /* Field info for currently selected field */
#ifdef WANT_PACKET_EDITOR
GTree *edited_frames; /* BST with modified frames */
#endif
gpointer window; /* Top-level window associated with file */
GTree *frames_user_comments; /* BST with user comments for frames (key = frame_data) */
gulong computed_elapsed;
guint32 cum_bytes;
const frame_data *ref;
frame_data *prev_dis;
frame_data *prev_cap;
} capture_file;
extern void cap_file_init(capture_file *cf);
extern const char *cap_file_get_interface_name(void *data, guint32 interface_id);
extern const char *cap_file_get_interface_description(void *data, guint32 interface_id);
#ifdef __cplusplus
}
#endif /* __cplusplus */
#endif /* cfile.h */
/*
* Editor modelines - http://www.wireshark.org/tools/modelines.html
*
* Local Variables:
* c-basic-offset: 2
* tab-width: 8
* indent-tabs-mode: nil
* End:
*
* vi: set shiftwidth=2 tabstop=8 expandtab:
* :indentSize=2:tabSize=8:noTabs=true:
*/