1 /* 2 * Copyright (c) 2003 3 * NetGroup, Politecnico di Torino (Italy) 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the Politecnico di Torino nor the names of its 16 * contributors may be used to endorse or promote products derived from 17 * this software without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 * 31 */ 32 33 #define DAGC_ERRBUF_SIZE 512 34 #define FILEBUFSIZE 65536 35 #define MAXDAGCARDS 32 36 37 #ifndef _WIN32 38 39 typedef long long long_long; 40 typedef long long ull_t; 41 #define TRUE 1 42 #define devicestring "/dev/dag%d" 43 #define dagc_sleepms(_MS) usleep(_MS * 1000) 44 #else /* _WIN32 */ 45 46 typedef LONGLONG long_long; 47 typedef ULONGLONG ull_t; 48 #define dagc_sleepms(_MS) Sleep(_MS) 49 #define devicestring "\\\\.\\dag%d" 50 51 #endif /* _WIN32 */ 52 53 #define MIN_DAG_SNAPLEN 12 54 #define MAX_DAG_SNAPLEN 2040 55 56 #define erffilestring "erffile://" 57 58 59 #define ATM_SNAPLEN 48 60 /* Size of ATM payload */ 61 #define ATM_WLEN(h) ATM_SNAPLEN 62 #define ATM_SLEN(h) ATM_SNAPLEN 63 64 /* Size Ethernet payload */ 65 #define ETHERNET_WLEN(h, b) ((u_int)ntohs((h)->wlen) - ((b) >> 3)) 66 #define ETHERNET_SLEN(h, b) min(ETHERNET_WLEN(h, b), \ 67 (u_int)ntohs((h)->rlen) - dag_record_size - 2) 68 69 /* Size of HDLC payload */ 70 #define HDLC_WLEN(h, b) ((u_int)ntohs((h)->wlen) - ((b) >> 3)) 71 #define HDLC_SLEN(h, b) min(HDLC_WLEN(h, b), \ 72 (u_int)ntohs((h)->rlen) - dag_record_size) 73 74 /* Flags for dagc_open */ 75 #define DAGC_OPEN_SHARED 1 76 #define DAGC_OPEN_EXCLUSIVE 2 77 78 #define TYPE_LEGACY 0 79 #define TYPE_HDLC_POS 1 80 #define TYPE_ETH 2 81 #define TYPE_ATM 3 82 #define TYPE_AAL5 4 83 84 /* 85 * Card statistics. 86 */ 87 typedef struct dagc_stats_t 88 { 89 ull_t received; /* (NOT IMPLEMENTED) total number of frames received by the DAG */ 90 ull_t dropped; /* number of frames dropped for buffer full */ 91 ull_t captured; /* (NOT IMPLEMENTED) number of frames that actually reach the 92 application, i.e that are not filtered or dropped */ 93 } dagc_stats_t; 94 95 /* 96 * Descriptor of an open session. 97 * Note: the dagc_t descriptor is completely opaque to the application. It can be compared 98 * to a file descriptor. 99 */ 100 typedef struct dagc dagc_t; 101 102 /* 103 * Card description. 104 */ 105 typedef struct dagc_if_t 106 { 107 struct dagc_if_t *next; 108 char *name; /* pointer to a string to pass to dagc_open*/ 109 char *description; /* human-understandable description (e.g. Endace 3.5e Fast 110 Ethernet Card) */ 111 } dagc_if_t; 112 113 114 115 /* 116 * returns a string with last dagc lib error 117 */ 118 #define dagc_getlasterror(dagcfd) dagcfd->errbuf 119 120 /* 121 * returns a linked list with the cards available on the systems. For every card, it scans the 122 * card type and converts it to a human-understandable string, in order to provide a description 123 * useful for example when a system has more than one card 124 */ 125 int dagc_finddevs (dagc_if_t **alldevsp, char *ebuf); 126 127 128 /* 129 * frees the card list. 130 */ 131 void dagc_freedevs (dagc_if_t *alldevsp); 132 133 134 /* 135 * Opens a card (or a file) for capture. Snaplen is the portion of packet delivered to the 136 * application, flags can contain specific settings (for example promisc mode??), minbufsize 137 * is the smallest buffer that the API can provide to the application (to limit CPU waste 138 * with several small buffers under moderated network throughputs) 139 */ 140 dagc_t* dagc_open(const char *source, unsigned flags, char *ebuf); 141 142 /* 143 * Sets the snaplen of a card 144 * Returns -1 on failure. On success, the actual snaplen is returned (snap len has to be a multiple of 4 145 * with DAG cards). 146 */ 147 int dagc_setsnaplen(dagc_t *dagcfd, unsigned snaplen); 148 149 /* 150 * closes a capture instance 151 */ 152 void dagc_close(dagc_t *dagcfd); 153 154 155 /* 156 * returns the linktype of a card 157 */ 158 int dagc_getlinktype(dagc_t *dagcfd); 159 160 161 /* 162 * returns the link speed of the adapter, in MB/s. 163 * If the link speed of the card is unknown, -1 is returned. 164 * XXX NOTE: Currently, there is no consistent way to get linkspeed querying the card. 165 * As a consequence, we determine this value statically from the card model. For cards that can run at 166 * different speeds, we report only the *maximum* speed. 167 */ 168 int dagc_getlinkspeed(dagc_t *dagcfd); 169 170 171 /* 172 * Returns the length of the CRC checksum that the card associates with any packet in the hole. This 173 * information will be used to understand the actual length of the packet on the wire. 174 * Note: this information is not provided consistently by DAG cards, so we gather it from an environment 175 * variable in Unix and from a registry key in Windows. 176 */ 177 unsigned dagc_getfcslen(dagc_t *dagcfd); 178 179 /* 180 * provides a buffer with the new packets (from the board or from the file) and its size. 181 * On success, the return value is 0. If an error has occurred, the return value is -1. 182 * If EOF has reached, the return value is -2. Note that this function always returns 183 * immediately, eventually with an empty buffer, so it is possible to have a success (0) 184 * return value and bufsize = 0. 185 */ 186 int dagc_receive(dagc_t *dagcfd, u_char **buffer, u_int *bufsize); 187 188 189 /* 190 * returns nonzero if any data is available from dagcfd, -1 if an error occurred. Waits until almost the time 191 * specified by timeout has past or any data is available. If timeout=0, returns immediately. 192 * If timeout=NULL, blocks until a packet arrives. 193 */ 194 int dagc_wait(dagc_t *dagcfd, struct timeval *timeout); 195 196 197 /* 198 * returns statistics about current capture session 199 */ 200 int dagc_stats(dagc_t *dagcfd, dagc_stats_t *ps); 201 202 203 /* 204 * Opens a dump file to store the data of this capture. 205 * Returns 0 on success. 206 * NOTE: currently, dagc_dumpfile_open, dagc_dumpfile_close and dagc_dump are simply wrappers 207 * for open, close and write. However, if the programmer uses these functions, he is more protected 208 * against file format changes (for example if the file format will have an header in the future). 209 * Moreover, assuming that the user knows the file format is a bad practice: providing 210 * simple simple save functionality is more intuitive and user-friendly. 211 */ 212 int dagc_dumpfile_open(dagc_t *dagcfd, char* name); 213 214 215 /* 216 * Closes a dump file 217 */ 218 int dagc_dumpfile_close(dagc_t *dagcfd); 219 220 221 /* 222 * Writes a buffer of packets to a dump file 223 * Returns 0 on success. 224 */ 225 int dagc_dump(dagc_t *dagcfd, u_char *buffer, u_int bufsize); 226