1 /* cfile.h 2 * capture_file definition & GUI-independent manipulation 3 * 4 * Wireshark - Network traffic analyzer 5 * By Gerald Combs <gerald@wireshark.org> 6 * Copyright 1998 Gerald Combs 7 * 8 * SPDX-License-Identifier: GPL-2.0-or-later 9 */ 10 11 #ifndef __CFILE_H__ 12 #define __CFILE_H__ 13 14 #include <epan/epan.h> 15 #include <epan/column-info.h> 16 #include <epan/dfilter/dfilter.h> 17 #include <epan/frame_data.h> 18 #include <epan/frame_data_sequence.h> 19 #include <wiretap/wtap.h> 20 21 #ifdef __cplusplus 22 extern "C" { 23 #endif /* __cplusplus */ 24 25 /* Current state of file. */ 26 typedef enum { 27 FILE_CLOSED, /* No file open */ 28 FILE_READ_IN_PROGRESS, /* Reading a file we've opened */ 29 FILE_READ_ABORTED, /* Read aborted by user */ 30 FILE_READ_DONE /* Read completed */ 31 } file_state; 32 33 /* Requested packets rescan action. */ 34 typedef enum { 35 RESCAN_NONE = 0, /* No rescan requested */ 36 RESCAN_SCAN, /* Request rescan without full redissection. */ 37 RESCAN_REDISSECT /* Request full redissection. */ 38 } rescan_type; 39 40 /* Character set for text search. */ 41 typedef enum { 42 SCS_NARROW_AND_WIDE, 43 SCS_NARROW, 44 SCS_WIDE 45 /* add EBCDIC when it's implemented */ 46 } search_charset_t; 47 48 typedef enum { 49 SD_FORWARD, 50 SD_BACKWARD 51 } search_direction; 52 53 /* 54 * Packet provider for programs using a capture file. 55 */ 56 struct packet_provider_data { 57 wtap *wth; /* Wiretap session */ 58 const frame_data *ref; 59 frame_data *prev_dis; 60 frame_data *prev_cap; 61 frame_data_sequence *frames; /* Sequence of frames, if we're keeping that information */ 62 GTree *frames_modified_blocks; /* BST with modified blocks for frames (key = frame_data) */ 63 }; 64 65 typedef struct _capture_file { 66 epan_t *epan; 67 file_state state; /* Current state of capture file */ 68 gchar *filename; /* Name of capture file */ 69 gchar *source; /* Temp file source, e.g. "Pipe from elsewhere" */ 70 gboolean is_tempfile; /* Is capture file a temporary file? */ 71 gboolean unsaved_changes; /* Does the capture file have changes that have not been saved? */ 72 gboolean stop_flag; /* Stop current processing (loading, searching, etc.) */ 73 74 gint64 f_datalen; /* Size of capture file data (uncompressed) */ 75 guint16 cd_t; /* File type of capture file */ 76 unsigned int open_type; /* open_routine index+1 used, if selected, or WTAP_TYPE_AUTO */ 77 wtap_compression_type compression_type; /* Compression type of the file, or uncompressed */ 78 int lnk_t; /* File link-layer type; could be WTAP_ENCAP_PER_PACKET */ 79 GArray *linktypes; /* Array of packet link-layer types */ 80 guint32 count; /* Total number of frames */ 81 guint64 packet_comment_count; /* Number of comments in frames (could be >1 per frame... */ 82 guint32 displayed_count; /* Number of displayed frames */ 83 guint32 marked_count; /* Number of marked frames */ 84 guint32 ignored_count; /* Number of ignored frames */ 85 guint32 ref_time_count; /* Number of time referenced frames */ 86 gboolean drops_known; /* TRUE if we know how many packets were dropped */ 87 guint32 drops; /* Dropped packets */ 88 nstime_t elapsed_time; /* Elapsed time */ 89 int snap; /* Maximum captured packet length; 0 if unknown */ 90 dfilter_t *rfcode; /* Compiled read filter program */ 91 dfilter_t *dfcode; /* Compiled display filter program */ 92 gchar *dfilter; /* Display filter string */ 93 gboolean redissecting; /* TRUE if currently redissecting (cf_redissect_packets) */ 94 gboolean read_lock; /* TRUE if currently processing a file (cf_read) */ 95 rescan_type redissection_queued; /* Queued redissection type. */ 96 /* search */ 97 gchar *sfilter; /* Filter, hex value, or string being searched */ 98 gboolean hex; /* TRUE if "Hex value" search was last selected */ 99 gboolean string; /* TRUE if "String" search was last selected */ 100 gboolean summary_data; /* TRUE if "String" search in "Packet list" (Info column) was last selected */ 101 gboolean decode_data; /* TRUE if "String" search in "Packet details" was last selected */ 102 gboolean packet_data; /* TRUE if "String" search in "Packet data" was last selected */ 103 guint32 search_pos; /* Byte position of last byte found in a hex search */ 104 guint32 search_len; /* Length of bytes matching the search */ 105 gboolean case_type; /* TRUE if case-insensitive text search */ 106 GRegex *regex; /* Set if regular expression search */ 107 search_charset_t scs_type; /* Character set for text search */ 108 search_direction dir; /* Direction in which to do searches */ 109 gboolean search_in_progress; /* TRUE if user just clicked OK in the Find dialog or hit <control>N/B */ 110 /* packet provider */ 111 struct packet_provider_data provider; 112 /* frames */ 113 guint32 first_displayed; /* Frame number of first frame displayed */ 114 guint32 last_displayed; /* Frame number of last frame displayed */ 115 /* Data for currently selected frame */ 116 column_info cinfo; /* Column formatting information */ 117 frame_data *current_frame; /* Frame data */ 118 gint current_row; /* Row number */ 119 epan_dissect_t *edt; /* Protocol dissection */ 120 field_info *finfo_selected; /* Field info */ 121 wtap_rec rec; /* Record header */ 122 Buffer buf; /* Record data */ 123 124 gpointer window; /* Top-level window associated with file */ 125 gulong computed_elapsed; /* Elapsed time to load the file (in msec). */ 126 127 guint32 cum_bytes; 128 } capture_file; 129 130 extern void cap_file_init(capture_file *cf); 131 132 const char *cap_file_provider_get_interface_name(struct packet_provider_data *prov, guint32 interface_id); 133 const char *cap_file_provider_get_interface_description(struct packet_provider_data *prov, guint32 interface_id); 134 wtap_block_t cap_file_provider_get_modified_block(struct packet_provider_data *prov, const frame_data *fd); 135 void cap_file_provider_set_modified_block(struct packet_provider_data *prov, frame_data *fd, const wtap_block_t new_block); 136 137 #ifdef __cplusplus 138 } 139 #endif /* __cplusplus */ 140 141 #endif /* cfile.h */ 142 143 /* 144 * Editor modelines - https://www.wireshark.org/tools/modelines.html 145 * 146 * Local Variables: 147 * c-basic-offset: 2 148 * tab-width: 8 149 * indent-tabs-mode: nil 150 * End: 151 * 152 * vi: set shiftwidth=2 tabstop=8 expandtab: 153 * :indentSize=2:tabSize=8:noTabs=true: 154 */ 155