1 /* Copyright: (c) 2009-2010 by Robert David Graham */ 2 #ifndef PREPROCESS_H 3 #define PREPROCESS_H 4 #include "massip-addr.h" 5 6 7 enum { 8 FOUND_NOTHING=0, 9 FOUND_ETHERNET, 10 FOUND_IPV4, 11 FOUND_IPV6, 12 FOUND_ICMP, 13 FOUND_TCP, 14 FOUND_UDP, 15 FOUND_SCTP, 16 FOUND_DNS, 17 FOUND_IPV6_HOP, 18 FOUND_8021Q, 19 FOUND_MPLS, 20 FOUND_WIFI_DATA, 21 FOUND_WIFI, 22 FOUND_RADIOTAP, 23 FOUND_PRISM, 24 FOUND_LLC, 25 FOUND_ARP, 26 FOUND_SLL, /* Linux SLL */ 27 FOUND_OPROTO, /* some other IP protocol */ 28 FOUND_IGMP, 29 FOUND_NDPv6, 30 }; 31 struct PreprocessedInfo { 32 const unsigned char *mac_src; 33 const unsigned char *mac_dst; 34 const unsigned char *mac_bss; 35 unsigned ip_offset; /* 14 for normal Ethernet */ 36 unsigned ip_version; /* 4 or 6 */ 37 unsigned ip_protocol; /* 6 for TCP, 11 for UDP */ 38 unsigned ip_length; /* length of total packet */ 39 unsigned ip_ttl; 40 const unsigned char *_ip_src; 41 const unsigned char *_ip_dst; 42 ipaddress src_ip; 43 ipaddress dst_ip; 44 unsigned transport_offset; /* 34 for normal Ethernet */ 45 unsigned transport_length; 46 union { 47 unsigned port_src; 48 unsigned opcode; 49 }; 50 unsigned port_dst; 51 52 unsigned app_offset; /* start of TCP payload */ 53 unsigned app_length; /* length of TCP payload */ 54 55 int found; 56 int found_offset; 57 }; 58 59 /** 60 * @return 1 if useful stuff found, 0 otherwise 61 */ 62 unsigned 63 preprocess_frame(const unsigned char *px, unsigned length, unsigned link_type, struct PreprocessedInfo *info); 64 65 #endif 66