WAND Trace processing  4.0.5
libtrace.h
Go to the documentation of this file.
1 /*
2  * This file is part of libtrace
3  *
4  * Copyright (c) 2007-2015 The University of Waikato, Hamilton,
5  * New Zealand.
6  *
7  * Authors: Daniel Lawson
8  * Perry Lorier
9  * Shane Alcock
10  * Richard Sanger
11  *
12  * All rights reserved.
13  *
14  * This code has been developed by the University of Waikato WAND
15  * research group. For further information please see http://www.wand.net.nz/
16  *
17  * libtrace is free software; you can redistribute it and/or modify
18  * it under the terms of the GNU General Public License as published by
19  * the Free Software Foundation; either version 2 of the License, or
20  * (at your option) any later version.
21  *
22  * libtrace is distributed in the hope that it will be useful,
23  * but WITHOUT ANY WARRANTY; without even the implied warranty of
24  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25  * GNU General Public License for more details.
26  *
27  * You should have received a copy of the GNU General Public License
28  * along with libtrace; if not, write to the Free Software
29  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30  *
31  * $Id$
32  *
33  */
34 
35 #ifndef LIBTRACE_H
36 #define LIBTRACE_H
37 
66 #include <sys/types.h>
67 #include <stddef.h>
68 #include <stdio.h>
69 /* Compile time assertion. Sourced from:
70  * http://www.pixelbeat.org/programming/gcc/static_assert.html */
71 #define ct_assert(e) extern char (*ct_assert(void)) [sizeof(char[1 - 2*!(e)])]
72 
73 #ifndef WIN32
74 #include <sys/time.h>
75 #endif
76 
77 /* Deal with missing byte order macros */
78 #include <sys/param.h>
79 
80 #if defined(BYTE_ORDER) && !defined(__BYTE_ORDER)
81 #define __BYTE_ORDER BYTE_ORDER
82 #endif
83 
84 #if defined(BIG_ENDIAN) && !defined(__BIG_ENDIAN)
85 #define __BIG_ENDIAN BIG_ENDIAN
86 #endif
87 
88 #if defined(LITTLE_ENDIAN) && !defined(__LITTLE_ENDIAN)
89 #define __LITTLE_ENDIAN LITTLE_ENDIAN
90 #endif
91 
92 #ifdef WIN32
93 # include <winsock2.h>
94 # include <ws2tcpip.h>
95  typedef short sa_family_t;
96  /* Make up for a lack of stdbool.h */
97 # define bool signed char
98 # define false 0
99 # define true 1
100 # if !defined(ssize_t)
101  /* XXX: Not 64-bit safe! */
102 # define ssize_t int
103 # endif
104 #else
105 # include <netinet/in.h>
106 
107 #ifndef __cplusplus
108 # include <stdbool.h>
109 #endif
110 
111 # include <sys/types.h>
112 # include <sys/socket.h>
113 #endif
114 
116 #define LIBTRACE_API_VERSION \
117  ((4<<16)|(0<<8)|(5))
118 
123 #define LIBTRACE_SVN_REVISION LIBTRACE_API_VERSION
124 
126 #define DAG_DRIVER_V ""
127 
134 #ifdef NDEBUG
135 #define ASSERT_RET(run, cond) run
136 #else
137 #define ASSERT_RET(run, cond) assert(run cond)
138 //#define ASSERT_RET(run, cond) run
139 #endif
140 
141 #ifdef __cplusplus
142 extern "C" {
143 #endif
144 
145 #ifdef _MSC_VER
146  /* define the following from MSVC's internal types */
147  typedef __int8 int8_t;
148  typedef __int16 int16_t;
149  typedef __int32 int32_t;
150  typedef __int64 int64_t;
151  typedef unsigned __int8 uint8_t;
152  typedef unsigned __int16 uint16_t;
153  typedef unsigned __int32 uint32_t;
154  typedef unsigned __int64 uint64_t;
155 
156  /* Windows pads bitfields out to to the size of their parent type
157  * however gcc warns that this doesn't meet with the iso C specification
158  * so produces warnings for this behaviour. sigh.
159  */
160  #define LT_BITFIELD8 uint8_t
161  #define LT_BITFIELD16 uint16_t
162  #define LT_BITFIELD32 uint32_t
163  #define LT_BITFIELD64 uint64_t
164 #else
165  #ifdef HAVE_STDINT_H
166  # include <stdint.h>
167  #endif
168  /* GCC warns if the bitfield type is not "unsigned int", however windows
169  * generates incorrect code for this (see above), so we define these
170  * macros. How Hideous. So much for C's portability.
171  */
172  #define LT_BITFIELD8 unsigned int
173  #define LT_BITFIELD16 unsigned int
174  #define LT_BITFIELD32 unsigned int
175  #define LT_BITFIELD64 unsigned int
176 #endif
177 
178 /* Ensure these gcc optimisation attributes are defined consistently,
179  * without requiring users to need to have access to the config.h
180  * generated by running configure.
181  */
182 
183 #define LT_USE_PACKED 1
184 #define LT_USE_UNUSED 1
185 #define LT_USE_DEPRECATED 1
186 #define LT_USE_PURE 1
187 #define LT_USE_PRINTF 1
188 #define LT_USE_VISIBILITY 1
189 
190 #if LT_USE_PACKED
191 # define PACKED __attribute__((packed))
192 #else
193 # define PACKED
194 #endif
195 
196 #if LT_USE_UNUSED
197 # define UNUSED __attribute__((unused))
198 #else
199 # define UNUSED
200 #endif
201 
202 #if LT_USE_DEPRECATED
203 # define DEPRECATED __attribute__((deprecated))
204 #else
205 # define DEPRECATED
206 #endif
207 
208 #if LT_USE_PURE
209 # define SIMPLE_FUNCTION __attribute__((pure))
210 #else
211 # define SIMPLE_FUNCTION
212 #endif
213 
214 #if LT_USE_PRINTF
215 # define PRINTF(formatpos, argpos) __attribute__((format(printf,formatpos, argpos)))
216 #else
217 # define PRINTF(formatpos, argpos)
218 #endif
219 
220 #ifndef CACHE_LINE_SIZE
221 #define CACHE_LINE_SIZE 64
222 #endif
223 #define ALIGN_STRUCT(x) __attribute__((aligned(x)))
224 
225 #ifdef _MSC_VER
226  #ifdef LT_BUILDING_DLL
227  #define DLLEXPORT __declspec(dllexport)
228  #else
229  #define DLLEXPORT __declspec(dllimport)
230  #endif
231  #define DLLLOCAL
232 #else
233  #ifndef DLLEXPORT
234  #if LT_USE_VISIBILITY && LT_BUILDING_DLL
235  #define DLLEXPORT __attribute__ ((visibility("default")))
236  #define DLLLOCAL __attribute__ ((visibility("hidden")))
237  #else
238  #define DLLEXPORT
239  #define DLLLOCAL
240  #endif
241  #endif
242 #endif
243 
244 
247 
249 typedef struct libtrace_t libtrace_t;
250 
253 
256 
259 
268 typedef enum {
271 } buf_control_t;
272 
274 #define LIBTRACE_PACKET_BUFSIZE 65536
275 
277 typedef struct trace_err_t{
278  int err_num;
279  char problem[1024];
281 
283 enum {
310 };
311 
314 typedef enum {
315  /* Special value used to indicate a failure to convert to libtrace
316  * DLT */
317  TRACE_DLT_ERROR = -1,
318 
323  TRACE_DLT_EN10MB = 1,
324  TRACE_DLT_PPP = 9,
325  TRACE_DLT_ATM_RFC1483 = 11,
326 
332 #ifdef __OpenBSD__
333  TRACE_DLT_OPENBSD_LOOP=12,
334  TRACE_DLT_RAW = 14,
335 #else
337  TRACE_DLT_OPENBSD_LOOP = 108,
338 #endif
339  TRACE_DLT_PPP_SERIAL = 50,
341  TRACE_DLT_C_HDLC = 104,
342  TRACE_DLT_IEEE802_11 = 105,
343  TRACE_DLT_LINUX_SLL = 113,
344  TRACE_DLT_PFLOG = 117,
346 } libtrace_dlt_t ;
347 
349 typedef enum {
352  /* TRACE_TYPE_LEGACY = 0 Obsolete */
360  /* TRACE_TYPE_LEGACY_DEFAULT Obsolete */
362  /* TRACE_TYPE_LEGACY_ATM Obsolete */
363  /* TRACE_TYPE_LEGACY_ETH Obsolete */
376 
403 };
404 
406 typedef enum {
432 
446  //TRACE_RT_DATA_BPF =TRACE_RT_DATA_SIMPLE+TRACE_FORMAT_BPF,
457 
458  TRACE_RT_DATA_ETSILI = TRACE_RT_DATA_SIMPLE + TRACE_FORMAT_ETSILIVE,
459 
486 
487  TRACE_RT_BPF_NULL = TRACE_RT_DATA_BPF+TRACE_DLT_NULL,
488  TRACE_RT_BPF_EN10MB = TRACE_RT_DATA_BPF+TRACE_DLT_EN10MB,
489  TRACE_RT_BPF_IEEE802_11 = TRACE_RT_DATA_BPF+TRACE_DLT_IEEE802_11,
490  TRACE_RT_BPF_PFLOG =TRACE_RT_DATA_BPF+TRACE_DLT_PFLOG,
491  TRACE_RT_BPF_ATM_RFC1483 =TRACE_RT_DATA_BPF+TRACE_DLT_ATM_RFC1483,
492 
493  TRACE_RT_DATA_BPF_END = 3999,
494 
495  TRACE_RT_DATA_PCAPNG = 4000,
496  TRACE_RT_DATA_PCAPNG_END = 4499,
501 
503 typedef enum {
524 
526 typedef enum {
527  /* Numbers <=1500 are of course, LLC/SNAP */
539 
543 typedef struct libtrace_packet_t {
544  struct libtrace_t *trace;
545  void *header;
546  void *payload;
547  void *buffer;
554  void *l2_header;
556  uint32_t l2_remaining;
557  void *l3_header;
558  uint16_t l3_ethertype;
559  uint32_t l3_remaining;
560  void *l4_header;
561  uint8_t transport_proto;
562  uint32_t l4_remaining;
563  uint64_t order;
564  uint64_t hash;
565  int error;
566  uint64_t internalid;
567  void *srcbucket;
568 
569  pthread_mutex_t ref_lock;
570  int refcount;
574 
575 #define IS_LIBTRACE_META_PACKET(packet) (packet->type < TRACE_RT_DATA_SIMPLE)
576 
577 
583 typedef enum {
589 
591 typedef enum {
606  TRACE_RADIOTAP_RX_FLAGS = 14,
612 
613 
620 #ifdef WIN32
621 #pragma pack(push)
622 #pragma pack(1)
623 #endif
624 
626 typedef struct libtrace_ip
627 {
628 #if __BYTE_ORDER == __LITTLE_ENDIAN
629  LT_BITFIELD8 ip_hl:4;
630  LT_BITFIELD8 ip_v:4;
631 #elif __BYTE_ORDER == __BIG_ENDIAN
632  LT_BITFIELD8 ip_v:4;
633  LT_BITFIELD8 ip_hl:4;
634 #else
635 # error "Adjust your <bits/endian.h> defines"
636 #endif
637  uint8_t ip_tos;
638  uint16_t ip_len;
639  int16_t ip_id;
640  uint16_t ip_off;
641  uint8_t ip_ttl;
642  uint8_t ip_p;
643  uint16_t ip_sum;
644  struct in_addr ip_src;
645  struct in_addr ip_dst;
646 } PACKED libtrace_ip_t;
647 
649 typedef struct libtrace_ip6_ext
650 {
651  uint8_t nxt;
652  uint8_t len;
653 } PACKED libtrace_ip6_ext_t;
654 
656 typedef struct libtrace_ip6_frag
657 {
658  uint8_t nxt;
659  uint8_t res;
660  uint16_t frag_off;
661  uint32_t ident;
662 } PACKED libtrace_ip6_frag_t;
663 
669 typedef struct libtrace_ip6
670 {
671  uint32_t flow;
672  uint16_t plen;
673  uint8_t nxt;
674  uint8_t hlim;
675  struct in6_addr ip_src;
676  struct in6_addr ip_dst;
677 } PACKED libtrace_ip6_t;
678 
680 typedef struct libtrace_tcp
681  {
682  uint16_t source;
683  uint16_t dest;
684  uint32_t seq;
685  uint32_t ack_seq;
686 # if __BYTE_ORDER == __LITTLE_ENDIAN
687  LT_BITFIELD8 ecn_ns:1;
688  LT_BITFIELD8 res1:3;
689  LT_BITFIELD8 doff:4;
690  LT_BITFIELD8 fin:1;
691  LT_BITFIELD8 syn:1;
692  LT_BITFIELD8 rst:1;
693  LT_BITFIELD8 psh:1;
694  LT_BITFIELD8 ack:1;
695  LT_BITFIELD8 urg:1;
696  LT_BITFIELD8 ece:1;
697  LT_BITFIELD8 cwr:1;
698 # elif __BYTE_ORDER == __BIG_ENDIAN
699  LT_BITFIELD8 doff:4;
700  LT_BITFIELD8 res1:3;
701  LT_BITFIELD8 ecn_ns:1;
702  LT_BITFIELD8 cwr:1;
703  LT_BITFIELD8 ece:1;
704  LT_BITFIELD8 urg:1;
705  LT_BITFIELD8 ack:1;
706  LT_BITFIELD8 psh:1;
707  LT_BITFIELD8 rst:1;
708  LT_BITFIELD8 syn:1;
709  LT_BITFIELD8 fin:1;
710 # else
711 # error "Adjust your <bits/endian.h> defines"
712 # endif
713  uint16_t window;
714  uint16_t check;
715  uint16_t urg_ptr;
716 } PACKED libtrace_tcp_t;
717 
719 typedef struct libtrace_udp {
720  uint16_t source;
721  uint16_t dest;
722  uint16_t len;
723  uint16_t check;
724 } PACKED libtrace_udp_t;
725 
727 typedef struct libtrace_icmp
728 {
729  uint8_t type;
730  uint8_t code;
731  uint16_t checksum;
732  union
733  {
734  struct
735  {
736  uint16_t id;
737  uint16_t sequence;
738  } echo;
739  uint32_t gateway;
740  struct
741  {
742  uint16_t unused;
743  uint16_t mtu;
744  } frag;
745  } un;
746 } PACKED libtrace_icmp_t;
747 
749 typedef struct libtrace_icmp6 {
750  uint8_t type;
751  uint8_t code;
752  uint16_t checksum;
754  union {
755  struct {
756  uint8_t length;
757  uint8_t unused;
758  uint8_t unused1;
759  } extend;
761  uint32_t mtu;
762  uint32_t pointer;
763  struct {
764  uint16_t id;
765  uint16_t sequence;
766  } echo;
767  } un;
768 } PACKED libtrace_icmp6_t;
769 
771 typedef struct libtrace_llcsnap
772 {
773 /* LLC */
774  uint8_t dsap;
775  uint8_t ssap;
776  uint8_t control;
777 /* SNAP */
778  LT_BITFIELD32 oui:24;
779  uint16_t type;
780 } PACKED libtrace_llcsnap_t;
781 
783 typedef struct libtrace_ether
784 {
785  uint8_t ether_dhost[6];
786  uint8_t ether_shost[6];
787  uint16_t ether_type;
788 } PACKED libtrace_ether_t;
789 
791 typedef struct libtrace_8021q
792 {
793  LT_BITFIELD16 vlan_pri:3;
794  LT_BITFIELD16 vlan_cfi:1;
796  LT_BITFIELD16 vlan_id:12;
797  uint16_t vlan_ether_type;
799 } PACKED libtrace_8021q_t;
800 
802 typedef struct libtrace_atm_cell
803 {
804  LT_BITFIELD32 gfc:4;
805  LT_BITFIELD32 vpi:8;
806  LT_BITFIELD32 vci:16;
807  LT_BITFIELD32 pt:3;
808  LT_BITFIELD32 clp:1;
809  LT_BITFIELD32 hec:8;
810 } PACKED libtrace_atm_cell_t;
811 
813 typedef struct libtrace_atm_nni_cell
814 {
815  LT_BITFIELD32 vpi:12;
816  LT_BITFIELD32 vci:16;
817  LT_BITFIELD32 pt:3;
818  LT_BITFIELD32 clp:1;
819  LT_BITFIELD32 hec:8;
820 } PACKED libtrace_atm_nni_cell_t;
821 
830 {
831  LT_BITFIELD32 gfc:4;
832  LT_BITFIELD32 vpi:8;
833  LT_BITFIELD32 vci:16;
834  LT_BITFIELD32 pt:3;
835  LT_BITFIELD32 clp:1;
837 
846 {
847  LT_BITFIELD32 vpi:12;
848  LT_BITFIELD32 vci:16;
849  LT_BITFIELD32 pt:3;
850  LT_BITFIELD32 clp:1;
851  LT_BITFIELD32 hec:8;
853 
855 typedef struct libtrace_ppp
856 {
857  /* I can't figure out where the hell these two variables come from. They're
858  * definitely not in RFC 1661 which defines PPP. Probably some weird thing
859  * relating to the lack of distinction between PPP, HDLC and CHDLC */
860 
861 /* uint8_t address; */
862 /* uint8_t header; */
863  uint16_t protocol;
864 } PACKED libtrace_ppp_t;
865 
867 typedef struct libtrace_pppoe
868 {
869  LT_BITFIELD8 version:4;
870  LT_BITFIELD8 type:4;
871  uint8_t code;
872  uint16_t session_id;
873  uint16_t length;
874 } PACKED libtrace_pppoe_t;
875 
879 typedef struct libtrace_gre_t
880 {
881  uint16_t flags;
882  uint16_t ethertype;
883  uint16_t checksum;
884  uint16_t reserved1;
885  uint16_t key;
886  uint16_t seq;
887 } PACKED libtrace_gre_t;
888 
889 #define LIBTRACE_GRE_FLAG_CHECKSUM 0x8000
890 #define LIBTRACE_GRE_FLAG_KEY 0x2000
891 #define LIBTRACE_GRE_FLAG_SEQ 0x1000
892 #define LIBTRACE_GRE_FLAG_VERMASK 0x0007
893 
894 
895 /* PPTP GRE (RFC2637) */
896 #define LIBTRACE_GRE_FLAG_ACK 0x0080
897 #define LIBTRACE_GRE_PPTP_VERSION 0x0001
898 
902 typedef struct libtrace_vxlan_t
903 {
904  uint8_t flags;
905  uint8_t reserved1[3];
906  uint8_t vni[3];
907  uint8_t reserved2;
908 } PACKED libtrace_vxlan_t;
909 
911 typedef struct libtrace_80211_t {
912 #if __BYTE_ORDER == __LITTLE_ENDIAN
913  LT_BITFIELD32 protocol:2;
914  LT_BITFIELD32 type:2;
915  LT_BITFIELD32 subtype:4;
916 #else
917  LT_BITFIELD32 subtype:4;
918  LT_BITFIELD32 type:2;
919  LT_BITFIELD32 protocol:2;
920 #endif
921 
922 #if __BYTE_ORDER == __LITTLE_ENDIAN
923  LT_BITFIELD32 to_ds:1;
924  LT_BITFIELD32 from_ds:1;
925  LT_BITFIELD32 more_frag:1;
926  LT_BITFIELD32 retry:1;
927  LT_BITFIELD32 power:1;
928  LT_BITFIELD32 more_data:1;
929  LT_BITFIELD32 wep:1;
930  LT_BITFIELD32 order:1;
931 #else
932  LT_BITFIELD32 order:1;
933  LT_BITFIELD32 wep:1;
934  LT_BITFIELD32 more_data:1;
935  LT_BITFIELD32 power:1;
936  LT_BITFIELD32 retry:1;
937  LT_BITFIELD32 more_frag:1;
938  LT_BITFIELD32 from_ds:1;
939  LT_BITFIELD32 to_ds:1;
940 #endif
941 
942  uint16_t duration;
943  uint8_t mac1[6];
944  uint8_t mac2[6];
945  uint8_t mac3[6];
946  uint16_t SeqCtl;
947  uint8_t mac4[6];
948 } PACKED libtrace_80211_t;
949 
957 typedef struct libtrace_radiotap_t {
958  uint8_t it_version;
959  uint8_t it_pad;
960  uint16_t it_len;
961  uint32_t it_present;
962 } PACKED libtrace_radiotap_t;
963 
965 typedef struct libtrace_ospf_v2_t
966 {
967  uint8_t ospf_v;
968  uint8_t type;
969  uint16_t ospf_len;
970  struct in_addr router;
971  struct in_addr area;
972  uint16_t sum;
973  uint16_t au_type;
974  uint16_t zero;
975  uint8_t au_key_id;
976  uint8_t au_data_len;
977  uint32_t au_seq_num;
978 } PACKED libtrace_ospf_v2_t;
979 
981 typedef struct libtrace_ospf_options_t {
982 #if __BYTE_ORDER == __LITTLE_ENDIAN
983  LT_BITFIELD8 unused1:1;
984  LT_BITFIELD8 e_bit:1;
985  LT_BITFIELD8 mc_bit:1;
986  LT_BITFIELD8 np_bit:1;
987  LT_BITFIELD8 ea_bit:1;
988  LT_BITFIELD8 dc_bit:1;
989  LT_BITFIELD8 unused2:2;
990 #elif __BYTE_ORDER == __BIG_ENDIAN
991  LT_BITFIELD8 unused2:2;
992  LT_BITFIELD8 dc_bit:1;
993  LT_BITFIELD8 ea_bit:1;
994  LT_BITFIELD8 np_bit:1;
995  LT_BITFIELD8 mc_bit:1;
996  LT_BITFIELD8 e_bit:1;
997  LT_BITFIELD8 unused1:1;
998 #endif
999 } PACKED libtrace_ospf_options_t;
1000 
1003 {
1004  uint16_t age;
1005  libtrace_ospf_options_t lsa_options;
1006  uint8_t lsa_type;
1007  struct in_addr ls_id;
1008  struct in_addr adv_router;
1009  uint32_t seq;
1010  uint16_t checksum;
1011  uint16_t length;
1012 } PACKED libtrace_ospf_lsa_v2_t;
1013 
1016 {
1017  struct in_addr mask;
1018  uint16_t interval;
1019  libtrace_ospf_options_t hello_options;
1020  uint8_t priority;
1021  uint32_t deadint;
1022  struct in_addr designated;
1023  struct in_addr backup;
1027 } PACKED libtrace_ospf_hello_v2_t;
1028 
1031 {
1032  uint16_t mtu;
1033  libtrace_ospf_options_t db_desc_options;
1034 #if __BYTE_ORDER == __LITTLE_ENDIAN
1035  LT_BITFIELD8 db_desc_ms:1;
1036  LT_BITFIELD8 db_desc_m:1;
1037  LT_BITFIELD8 db_desc_i:1;
1038  LT_BITFIELD8 zero:5;
1039 #elif __BYTE_ORDER == __BIG_ENDIAN
1040  LT_BITFIELD8 zero:5;
1041  LT_BITFIELD8 db_desc_i:1;
1042  LT_BITFIELD8 db_desc_m:1;
1043  LT_BITFIELD8 db_desc_ms:1;
1044 #endif
1045  uint32_t seq;
1047 
1050 {
1051  uint32_t ls_type;
1052  uint32_t ls_id;
1054 } PACKED libtrace_ospf_ls_req_t;
1055 
1058 {
1059  uint32_t ls_num_adv;
1061  /* Followed by LSAs, use API functions to access these */
1062 } PACKED libtrace_ospf_ls_update_t;
1063 
1066 {
1067  struct in_addr netmask;
1068 #if __BYTE_ORDER == __LITTLE_ENDIAN
1069  LT_BITFIELD8 tos:7;
1070  LT_BITFIELD8 e:1;
1071 #elif __BYTE_ORDER == __BIG_ENDIAN
1072  LT_BITFIELD8 e:1;
1073  LT_BITFIELD8 tos:7;
1074 #endif
1075  uint8_t metric_a;
1076  uint8_t metric_b;
1077  uint8_t metric_c;
1078  struct in_addr forwarding;
1079  uint32_t external_tag;
1081 
1084 {
1085  struct in_addr netmask;
1086  uint8_t zero;
1087  uint8_t metric_a;
1088  uint8_t metric_b;
1089  uint8_t metric_c;
1092 
1095 {
1096  struct in_addr netmask;
1097  /* Followed by IDs of attached routers */
1099 
1101 typedef struct libtrace_ospf_link_t
1102 {
1103  struct in_addr link_id;
1104  struct in_addr link_data;
1105  uint8_t type;
1106  uint8_t num_tos;
1107  uint16_t tos_metric;
1108 } PACKED libtrace_ospf_link_v2_t;
1109 
1112 {
1113 #if __BYTE_ORDER == __LITTLE_ENDIAN
1114  LT_BITFIELD8 b:1;
1115  LT_BITFIELD8 e:1;
1116  LT_BITFIELD8 v:1;
1117  LT_BITFIELD8 zero:5;
1118 #elif __BYTE_ORDER == __BIG_ENDIAN
1119  LT_BITFIELD8 zero:5;
1120  LT_BITFIELD8 v:1;
1121  LT_BITFIELD8 e:1;
1122  LT_BITFIELD8 b:1;
1123 #endif
1124  uint8_t zero2;
1125  uint16_t num_links;
1127 
1129 typedef enum {
1136 
1138 typedef enum {
1145 
1147 typedef struct libtrace_sll_header_t {
1148  uint16_t pkttype;
1149  uint16_t hatype;
1150  uint16_t halen;
1151  unsigned char addr[8];
1152  uint16_t protocol;
1154 
1155 
1156 /* SLL packet types */
1157 
1159 #define TRACE_SLL_HOST 0
1160 
1161 #define TRACE_SLL_BROADCAST 1
1162 
1163 #define TRACE_SLL_MULTICAST 2
1164 
1166 #define TRACE_SLL_OTHERHOST 3
1167 
1168 #define TRACE_SLL_OUTGOING 4
1169 
1170 
1171 #ifdef WIN32
1172 #pragma pack(pop)
1173 #endif
1174 
1175 
1183 DLLEXPORT void trace_help(void);
1184 
1200 DLLEXPORT void trace_interrupt(void);
1201 
1220 DLLEXPORT const char *trace_parse_uri(const char *uri, char **format);
1221 
1242 DLLEXPORT libtrace_t *trace_create(const char *uri);
1243 
1257 DLLEXPORT libtrace_t *trace_create_dead(const char *uri);
1258 
1272 DLLEXPORT libtrace_out_t *trace_create_output(const char *uri);
1273 
1283 DLLEXPORT int trace_start(libtrace_t *libtrace);
1284 
1294 DLLEXPORT int trace_pause(libtrace_t *libtrace);
1295 
1303 DLLEXPORT int trace_start_output(libtrace_out_t *libtrace);
1304 
1306 typedef enum {
1309 
1312 
1315 
1318 
1322 
1326 
1329 } trace_option_t;
1330 
1342 DLLEXPORT int trace_config(libtrace_t *libtrace,
1343  trace_option_t option,
1344  void *value);
1345 
1352 DLLEXPORT int trace_set_snaplen(libtrace_t *trace, int snaplen);
1353 
1360 DLLEXPORT int trace_set_promisc(libtrace_t *trace, bool promisc);
1361 
1368 DLLEXPORT int trace_set_filter(libtrace_t *trace, libtrace_filter_t *filter);
1369 
1376 DLLEXPORT int trace_set_meta_freq(libtrace_t *trace, int freq);
1377 
1385 DLLEXPORT int trace_set_event_realtime(libtrace_t *trace, bool realtime);
1386 
1390 typedef enum {
1396  TRACE_OPTION_COMPRESSTYPE_LAST
1398 
1400 typedef enum {
1409 
1410 /* To add a new stat field update this list, and the relevant places in
1411  * libtrace_stat_t structure.
1412  */
1414 #define LIBTRACE_STAT_FIELDS \
1415  X(accepted) \
1416  X(filtered) \
1417  X(received) \
1418  X(dropped) \
1419  X(captured) \
1420  X(missing) \
1421  X(errors)
1422 
1432 typedef struct libtrace_stat_t {
1433 #define X(name) LT_BITFIELD64 name ##_valid : 1;
1435 #undef X
1436  /* We use the remaining space as magic to ensure the structure
1437  * was alloc'd by us. We can easily decrease the no. bits without
1438  * problems as long as we update any asserts as needed */
1439  LT_BITFIELD64 reserved1: 25;
1440  LT_BITFIELD64 reserved2: 24;
1441  LT_BITFIELD64 magic: 8;
1444  /* These must all be uint64_t's, match this order with the X macro */
1455  uint64_t accepted;
1456 
1462  uint64_t filtered;
1463 
1472  uint64_t received;
1473 
1480  uint64_t dropped;
1481 
1490  uint64_t captured;
1491 
1500  uint64_t missing;
1501 
1506  uint64_t errors;
1507 } libtrace_stat_t;
1508 
1509 ct_assert(offsetof(libtrace_stat_t, accepted) == 8);
1510 
1520 DLLEXPORT int trace_config_output(libtrace_out_t *libtrace,
1521  trace_option_output_t option,
1522  void *value
1523  );
1524 
1530 DLLEXPORT void trace_destroy(libtrace_t *trace);
1531 
1535 DLLEXPORT void trace_destroy_dead(libtrace_t *trace);
1536 
1540 DLLEXPORT void trace_destroy_output(libtrace_out_t *trace);
1541 
1545 DLLEXPORT int trace_flush_output(libtrace_out_t *libtrace);
1546 
1554 DLLEXPORT libtrace_err_t trace_get_err(libtrace_t *trace);
1555 
1562 DLLEXPORT bool trace_is_err(libtrace_t *trace);
1563 
1571 DLLEXPORT void trace_perror(libtrace_t *trace, const char *msg,...) PRINTF(2,3);
1572 
1581 
1588 DLLEXPORT bool trace_is_err_output(libtrace_out_t *trace);
1589 
1596 DLLEXPORT void trace_perror_output(libtrace_out_t *trace, const char *msg,...)
1597  PRINTF(2,3);
1598 
1611 DLLEXPORT DEPRECATED
1612 uint64_t trace_get_received_packets(libtrace_t *trace);
1613 
1625 DLLEXPORT DEPRECATED
1626 uint64_t trace_get_filtered_packets(libtrace_t *trace);
1627 
1639 DLLEXPORT DEPRECATED
1640 uint64_t trace_get_dropped_packets(libtrace_t *trace);
1641 
1653 DLLEXPORT DEPRECATED
1654 uint64_t trace_get_accepted_packets(libtrace_t *trace);
1655 
1674 DLLEXPORT
1676 
1677 
1693 DLLEXPORT
1695  libtrace_stat_t *stats);
1696 
1708 DLLEXPORT libtrace_stat_t* trace_create_statistics(void);
1709 
1716 DLLEXPORT
1718 
1727 DLLEXPORT
1729  const libtrace_stat_t *b, libtrace_stat_t *c);
1730 
1739 DLLEXPORT
1741  const libtrace_stat_t *b, libtrace_stat_t *c);
1742 
1756 DLLEXPORT
1757 int trace_print_statistics(const libtrace_stat_t *s, FILE *f,
1758  const char *format);
1759 
1760 
1774 DLLEXPORT libtrace_packet_t *trace_create_packet(void);
1775 
1788 DLLEXPORT libtrace_packet_t *trace_copy_packet(const libtrace_packet_t *packet);
1789 
1794 DLLEXPORT void trace_destroy_packet(libtrace_packet_t *packet);
1795 
1813 DLLEXPORT int trace_read_packet(libtrace_t *trace, libtrace_packet_t *packet);
1814 
1844 DLLEXPORT int trace_prepare_packet(libtrace_t *trace, libtrace_packet_t *packet,
1845  void *buffer, libtrace_rt_types_t rt_type, uint32_t flags);
1846 
1848 enum {
1852 
1856 };
1857 
1858 
1862 typedef enum {
1868 
1870 typedef struct libtrace_eventobj_t {
1874  int fd;
1876  double seconds;
1878  int size;
1880 
1892 DLLEXPORT libtrace_eventobj_t trace_event(libtrace_t *trace,
1893  libtrace_packet_t *packet);
1894 
1895 
1902 DLLEXPORT int trace_write_packet(libtrace_out_t *trace, libtrace_packet_t *packet);
1903 
1912 DLLEXPORT
1913 enum base_format_t trace_get_format(struct libtrace_packet_t *packet);
1914 
1927 DLLEXPORT
1929  libtrace_linktype_t linktype, const void *data, uint16_t len);
1930 
1977 DLLEXPORT void *trace_get_packet_buffer(const libtrace_packet_t *packet,
1978  libtrace_linktype_t *linktype, uint32_t *remaining);
1979 
1990 DLLEXPORT SIMPLE_FUNCTION DEPRECATED
1991 void *trace_get_link(const libtrace_packet_t *packet);
1992 
2017 
2028 DLLEXPORT SIMPLE_FUNCTION
2029 libtrace_ip_t *trace_get_ip(libtrace_packet_t *packet);
2030 
2041 DLLEXPORT SIMPLE_FUNCTION
2042 libtrace_ip6_t *trace_get_ip6(libtrace_packet_t *packet);
2043 
2066 DLLEXPORT void *trace_get_packet_meta(const libtrace_packet_t *packet,
2067  libtrace_linktype_t *linktype,
2068  uint32_t *remaining);
2069 
2107 DLLEXPORT void *trace_get_payload_from_meta(const void *meta,
2108  libtrace_linktype_t *linktype,
2109  uint32_t *remaining);
2110 
2111 
2128 DLLEXPORT void *trace_get_layer2(const libtrace_packet_t *packet,
2129  libtrace_linktype_t *linktype,
2130  uint32_t *remaining);
2131 
2155 DLLEXPORT void *trace_get_payload_from_layer2(void *l2,
2156  libtrace_linktype_t linktype,
2157  uint16_t *ethertype,
2158  uint32_t *remaining);
2159 
2160 
2174 DLLEXPORT
2175 void *trace_get_layer3(const libtrace_packet_t *packet,
2176  uint16_t *ethertype, uint32_t *remaining);
2177 
2195 DLLEXPORT uint16_t *trace_checksum_layer3(libtrace_packet_t *packet,
2196  uint16_t *csum);
2197 
2225 DLLEXPORT uint16_t *trace_checksum_transport(libtrace_packet_t *packet,
2226  uint16_t *csum);
2227 
2245 DLLEXPORT uint16_t trace_get_fragment_offset(const libtrace_packet_t *packet,
2246  uint8_t *more);
2247 
2264 DLLEXPORT void *trace_get_transport(const libtrace_packet_t *packet,
2265  uint8_t *proto, uint32_t *remaining);
2266 
2290 DLLEXPORT void *trace_get_payload_from_ip(libtrace_ip_t *ip, uint8_t *proto,
2291  uint32_t *remaining);
2292 
2315 DLLEXPORT void *trace_get_payload_from_ip6(libtrace_ip6_t *ipptr,
2316  uint8_t *proto, uint32_t *remaining);
2317 
2336 DLLEXPORT void *trace_get_payload_from_link(void *linkptr,
2337  libtrace_linktype_t linktype,
2338  uint16_t *type, uint32_t *remaining);
2339 
2363 DLLEXPORT void *trace_get_payload_from_vlan(
2364  void *vlan, uint16_t *type, uint32_t *remaining);
2365 
2395 DLLEXPORT void *trace_get_payload_from_mpls(
2396  void *mpls, uint16_t *type, uint32_t *remaining);
2397 
2424 DLLEXPORT void *trace_get_payload_from_pppoe(
2425  void *pppoe, uint16_t *type, uint32_t *remaining);
2426 
2445 DLLEXPORT void *trace_get_payload_from_tcp(libtrace_tcp_t *tcp,
2446  uint32_t *remaining);
2447 
2466 DLLEXPORT void *trace_get_payload_from_udp(libtrace_udp_t *udp, uint32_t *remaining);
2467 
2490 DLLEXPORT void *trace_get_payload_from_icmp(libtrace_icmp_t *icmp,
2491  uint32_t *remaining);
2492 
2515 DLLEXPORT void *trace_get_payload_from_icmp6(libtrace_icmp6_t *icmp,
2516  uint32_t *remaining);
2517 
2535 DLLEXPORT void *trace_get_payload_from_gre(libtrace_gre_t *gre,
2536  uint32_t *remaining);
2537 
2546 DLLEXPORT libtrace_vxlan_t *trace_get_vxlan_from_udp(libtrace_udp_t *udp,
2547  uint32_t *remaining);
2548 
2567 DLLEXPORT void *trace_get_payload_from_vxlan(libtrace_vxlan_t *vxlan,
2568  uint32_t *remaining);
2569 
2583 DLLEXPORT SIMPLE_FUNCTION
2584 libtrace_tcp_t *trace_get_tcp(libtrace_packet_t *packet);
2585 
2610 DLLEXPORT SIMPLE_FUNCTION
2611 libtrace_tcp_t *trace_get_tcp_from_ip(libtrace_ip_t *ip, uint32_t *remaining);
2612 
2626 DLLEXPORT SIMPLE_FUNCTION
2627 libtrace_udp_t *trace_get_udp(libtrace_packet_t *packet);
2628 
2653 DLLEXPORT SIMPLE_FUNCTION
2654 libtrace_udp_t *trace_get_udp_from_ip(libtrace_ip_t *ip,uint32_t *remaining);
2655 
2669 DLLEXPORT SIMPLE_FUNCTION
2670 libtrace_icmp_t *trace_get_icmp(libtrace_packet_t *packet);
2671 
2685 DLLEXPORT SIMPLE_FUNCTION
2686 libtrace_icmp6_t *trace_get_icmp6(libtrace_packet_t *packet);
2687 
2712 DLLEXPORT SIMPLE_FUNCTION
2713 libtrace_icmp_t *trace_get_icmp_from_ip(libtrace_ip_t *ip,uint32_t *remaining);
2714 
2737 DLLEXPORT SIMPLE_FUNCTION
2738 void *trace_get_ospf_header(libtrace_packet_t *packet, uint8_t *version,
2739  uint32_t *remaining);
2740 
2765 DLLEXPORT SIMPLE_FUNCTION
2766 void *trace_get_ospf_contents_v2(libtrace_ospf_v2_t *header,
2767  uint8_t *ospf_type, uint32_t *remaining);
2768 
2787 DLLEXPORT SIMPLE_FUNCTION
2789  libtrace_ospf_ls_update_t *ls_update,
2790  uint32_t *remaining);
2791 
2810 DLLEXPORT SIMPLE_FUNCTION
2812  libtrace_ospf_db_desc_v2_t *db_desc,
2813  uint32_t *remaining);
2814 
2834 DLLEXPORT SIMPLE_FUNCTION
2836  libtrace_ospf_router_lsa_v2_t *lsa,
2837  uint32_t *remaining);
2838 
2868 DLLEXPORT SIMPLE_FUNCTION
2869 int trace_get_next_ospf_link_v2(unsigned char **current,
2870  libtrace_ospf_link_v2_t **link,
2871  uint32_t *remaining,
2872  uint32_t *link_len);
2873 
2915 DLLEXPORT SIMPLE_FUNCTION
2916 int trace_get_next_ospf_lsa_v2(unsigned char **current,
2917  libtrace_ospf_lsa_v2_t **lsa_hdr,
2918  unsigned char **lsa_body,
2919  uint32_t *remaining,
2920  uint8_t *lsa_type,
2921  uint16_t *lsa_length);
2922 
2958 DLLEXPORT SIMPLE_FUNCTION
2959 int trace_get_next_ospf_lsa_header_v2(unsigned char **current,
2960  libtrace_ospf_lsa_v2_t **lsa_hdr,
2961  uint32_t *remaining,
2962  uint8_t *lsa_type,
2963  uint16_t *lsa_length);
2964 
2974 DLLEXPORT SIMPLE_FUNCTION
2976  libtrace_ospf_as_external_lsa_v2_t *as_lsa);
2977 
2987 DLLEXPORT SIMPLE_FUNCTION
2989  libtrace_ospf_summary_lsa_v2_t *sum_lsa);
2990 
2991 
3002 DLLEXPORT SIMPLE_FUNCTION
3004 
3015 DLLEXPORT SIMPLE_FUNCTION
3016 uint8_t *trace_get_source_mac(libtrace_packet_t *packet);
3017 
3031 DLLEXPORT SIMPLE_FUNCTION
3032 struct sockaddr *trace_get_source_address(const libtrace_packet_t *packet,
3033  struct sockaddr *addr);
3034 
3051 DLLEXPORT SIMPLE_FUNCTION
3053  char *space, int spacelen);
3054 
3068 DLLEXPORT SIMPLE_FUNCTION
3069 struct sockaddr *trace_get_destination_address(const libtrace_packet_t *packet,
3070  struct sockaddr *addr);
3071 
3088 DLLEXPORT SIMPLE_FUNCTION
3090  char *space, int spacelen);
3091 
3109 DLLEXPORT int trace_get_next_option(unsigned char **ptr,int *len,
3110  unsigned char *type,
3111  unsigned char *optlen,
3112  unsigned char **data);
3113 
3128 DLLEXPORT SIMPLE_FUNCTION
3129 uint64_t trace_get_erf_timestamp(const libtrace_packet_t *packet);
3130 
3136 DLLEXPORT SIMPLE_FUNCTION
3137 struct timeval trace_get_timeval(const libtrace_packet_t *packet);
3138 
3144 DLLEXPORT SIMPLE_FUNCTION
3145 struct timespec trace_get_timespec(const libtrace_packet_t *packet);
3146 
3153 DLLEXPORT SIMPLE_FUNCTION
3154 double trace_get_seconds(const libtrace_packet_t *packet);
3155 
3172 DLLEXPORT int trace_seek_seconds(libtrace_t *trace, double seconds);
3173 
3187 DLLEXPORT int trace_seek_timeval(libtrace_t *trace, struct timeval tv);
3188 
3206 DLLEXPORT int trace_seek_erf_timestamp(libtrace_t *trace, uint64_t ts);
3207 
3236 DLLEXPORT SIMPLE_FUNCTION
3237 size_t trace_get_capture_length(const libtrace_packet_t *packet);
3238 
3255 DLLEXPORT SIMPLE_FUNCTION
3256 size_t trace_get_wire_length(const libtrace_packet_t *packet);
3257 
3266 DLLEXPORT SIMPLE_FUNCTION
3267 size_t trace_get_framing_length(const libtrace_packet_t *packet);
3268 
3283 DLLEXPORT SIMPLE_FUNCTION
3284 size_t trace_get_payload_length(const libtrace_packet_t *packet);
3285 
3300 DLLEXPORT size_t trace_set_capture_length(libtrace_packet_t *packet, size_t size);
3301 
3310 DLLEXPORT SIMPLE_FUNCTION
3312 
3324 
3340 DLLEXPORT SIMPLE_FUNCTION
3342 
3356 DLLEXPORT SIMPLE_FUNCTION
3357 libtrace_filter_t *trace_create_filter(const char *filterstring);
3358 
3368 DLLEXPORT libtrace_filter_t *
3369 trace_create_filter_from_bytecode(void *bf_insns, unsigned int bf_len);
3370 
3382 DLLEXPORT int trace_apply_filter(libtrace_filter_t *filter,
3383  const libtrace_packet_t *packet);
3384 
3390 DLLEXPORT void trace_destroy_filter(libtrace_filter_t *filter);
3416 DLLEXPORT char *trace_ether_ntoa(const uint8_t *addr, char *buf);
3417 
3435 DLLEXPORT uint8_t *trace_ether_aton(const char *buf, uint8_t *addr);
3436 
3447 typedef enum {
3450 } serverport_t;
3451 
3465 DLLEXPORT SIMPLE_FUNCTION
3466 uint16_t trace_get_source_port(const libtrace_packet_t *packet);
3467 
3483 DLLEXPORT SIMPLE_FUNCTION
3484 uint16_t trace_get_destination_port(const libtrace_packet_t *packet);
3485 
3502 DLLEXPORT SIMPLE_FUNCTION
3503 int8_t trace_get_server_port(uint8_t protocol, uint16_t source, uint16_t dest);
3504 
3524 #ifndef ARPHRD_80211_RADIOTAP
3525 
3526 #define ARPHRD_80211_RADIOTAP 803
3527 #endif
3528 
3540 DLLEXPORT bool trace_get_wireless_tsft(void *linkptr,
3541  libtrace_linktype_t linktype, uint64_t *tsft);
3542 
3550 DLLEXPORT bool trace_get_wireless_rate(void *linkptr,
3551  libtrace_linktype_t linktype, uint8_t *rate);
3552 
3560 DLLEXPORT bool trace_get_wireless_freq(void *linkptr,
3561  libtrace_linktype_t linktype, uint16_t *freq);
3562 
3570 DLLEXPORT bool trace_get_wireless_signal_strength_dbm(void *linkptr,
3571  libtrace_linktype_t linktype, int8_t *strength);
3572 
3580 DLLEXPORT bool trace_get_wireless_noise_strength_dbm(void *linkptr,
3581  libtrace_linktype_t linktype, int8_t *strength);
3582 
3590 DLLEXPORT bool trace_get_wireless_signal_strength_db(void *linkptr,
3591  libtrace_linktype_t linktype, uint8_t *strength);
3592 
3600 DLLEXPORT bool trace_get_wireless_noise_strength_db(void *linkptr,
3601  libtrace_linktype_t linktype, uint8_t *strength);
3602 
3611 DLLEXPORT bool trace_get_wireless_tx_attenuation(void *linkptr,
3612  libtrace_linktype_t linktype, uint16_t *attenuation);
3613 
3621 DLLEXPORT bool trace_get_wireless_tx_attenuation_db(void *linkptr,
3622  libtrace_linktype_t linktype, uint16_t *attenuation);
3623 
3631 DLLEXPORT bool trace_get_wireless_tx_power_dbm(void *linkptr,
3632  libtrace_linktype_t linktype, int8_t *txpower);
3633 
3641 DLLEXPORT bool trace_get_wireless_antenna(void *linkptr,
3642  libtrace_linktype_t linktype, uint8_t *antenna);
3643 
3646 #ifdef __cplusplus
3647 } /* extern "C" */
3648 #endif /* #ifdef __cplusplus */
3649 #endif /* LIBTRACE_H_ */
struct libtrace_ospf_v2_t libtrace_ospf_v2_t
OSPF header.
struct in_addr netmask
Netmask for the destination.
Definition: libtrace.h:1085
uint8_t au_data_len
Authentication Data Length.
Definition: libtrace.h:976
DLLEXPORT size_t trace_set_capture_length(libtrace_packet_t *packet, size_t size)
Truncate ("snap") the packet to the suggested length.
Definition: trace.c:1859
Buffer memory is owned by an external source.
Definition: libtrace.h:270
Ok, so OpenBSD has a different value for DLT_RAW as the rest of the planet, so detect this...
Definition: libtrace.h:336
uint16_t zero
Always zero.
Definition: libtrace.h:974
RT is encapsulating a Legacy POS capture record.
Definition: libtrace.h:440
802.11 frames
Definition: libtrace.h:356
libtrace_linktype_t
Enumeration of link layer types supported by libtrace.
Definition: libtrace.h:349
DLLEXPORT void trace_destroy(libtrace_t *trace)
Close an input trace, freeing up any resources it may have been using.
Definition: trace.c:707
uint16_t session_id
Session Identifier.
Definition: libtrace.h:872
File flags to use when opening an output file, e.g.
Definition: libtrace.h:1402
Wait on the given file descriptor.
Definition: libtrace.h:1863
LT_BITFIELD8 ack
ACK flag.
Definition: libtrace.h:694
struct libtrace_pppoe libtrace_pppoe_t
PPPoE header.
HDLC over POS.
Definition: libtrace.h:353
Wireless flags (uint8)
Definition: libtrace.h:593
struct libtrace_ip6_ext libtrace_ip6_ext_t
IPv6 header extension structure.
Generic IPv6 header structure.
Definition: libtrace.h:669
uint64_t missing
The number of packets (or aggregated records) that have been lost between the original capture device...
Definition: libtrace.h:1500
uint16_t id
Echo Identifier.
Definition: libtrace.h:764
OSPF Network LSA.
Definition: libtrace.h:1140
struct libtrace_ospf_lsa_v2_t libtrace_ospf_lsa_v2_t
LSA Header for OSPFv2.
uint8_t unused
Unused.
Definition: libtrace.h:757
Metadata for a PCAP NG input source.
Definition: libtrace.h:428
struct in_addr forwarding
Forwarding address.
Definition: libtrace.h:1078
uint32_t ls_type
Link State Type.
Definition: libtrace.h:1051
struct libtrace_atm_capture_cell libtrace_atm_capture_cell_t
Captured UNI cell.
DLLEXPORT DEPRECATED uint64_t trace_get_dropped_packets(libtrace_t *trace)
Returns the number of packets that have been dropped on an input trace due to lack of buffer space on...
Definition: trace.c:2215
int fd
If the event is IOWAIT, the file descriptor to wait on.
Definition: libtrace.h:1874
uint16_t it_len
Length in bytes of the entire Radiotap header.
Definition: libtrace.h:960
OSPF header.
Definition: libtrace.h:965
Compression level: 0 = no compression, 1 = faster compression, 9 = better compression.
Definition: libtrace.h:1405
DLLEXPORT const char * trace_parse_uri(const char *uri, char **format)
Takes a uri and splits it into a format and uridata component.
Definition: trace.c:1877
uint8_t mac1[6]
MAC Address 1.
Definition: libtrace.h:943
LT_BITFIELD32 oui
Organisationally Unique Identifier (scope)
Definition: libtrace.h:778
Packets originating "inside".
Definition: libtrace.h:584
Noise power in dBm (int8)
Definition: libtrace.h:598
BPF does not store the linktype with the packet, so we need a separate RT type for each supported DLT...
Definition: libtrace.h:485
uint16_t num_links
Number of links in LSA.
Definition: libtrace.h:1125
Timer synchronisation function, in microseconds (uint64)
Definition: libtrace.h:592
struct libtrace_ospf_router_lsa_t libtrace_ospf_router_lsa_v2_t
OSPFv2 Router LSA.
uint32_t ls_id
Link State Id.
Definition: libtrace.h:1052
uint8_t mac3[6]
MAC Address 3.
Definition: libtrace.h:945
DLLEXPORT SIMPLE_FUNCTION struct timespec trace_get_timespec(const libtrace_packet_t *packet)
Get the packet timestamp as a struct timespec.
Definition: trace.c:1259
LT_BITFIELD32 vpi
Virtual Path Identifier.
Definition: libtrace.h:815
DAG multicast over a network, received via DPDK.
Definition: libtrace.h:401
uint8_t metric_b
Byte 2 of the Metric field.
Definition: libtrace.h:1076
uint16_t halen
Link-layer address length.
Definition: libtrace.h:1150
Data acknowledgement.
Definition: libtrace.h:410
OSPF Link State Request Packet.
Definition: libtrace.h:1049
uint16_t check
Checksum.
Definition: libtrace.h:714
DLLEXPORT SIMPLE_FUNCTION int trace_get_next_ospf_lsa_header_v2(unsigned char **current, libtrace_ospf_lsa_v2_t **lsa_hdr, uint32_t *remaining, uint8_t *lsa_type, uint16_t *lsa_length)
Parses an OSPF LSA header and finds the next LSA (if there is one)
Definition: protocols_ospf.c:192
The Intel Data Plane Development Kit format.
Definition: libtrace.h:398
struct libtrace_atm_cell libtrace_atm_cell_t
ATM User Network Interface (UNI) Cell.
uint8_t ip_p
Protocol.
Definition: libtrace.h:642
DLLEXPORT void * trace_get_payload_from_gre(libtrace_gre_t *gre, uint32_t *remaining)
Gets a pointer to the payload following a GRE header.
Definition: protocols_transport.c:575
OSPF Router LSA.
Definition: libtrace.h:1139
struct libtrace_8021q libtrace_8021q_t
802.1Q frame
DLLEXPORT SIMPLE_FUNCTION libtrace_icmp_t * trace_get_icmp_from_ip(libtrace_ip_t *ip, uint32_t *remaining)
Get a pointer to the ICMP header following an IPv4 header (if present)
Definition: protocols_transport.c:336
DLLEXPORT void * trace_get_payload_from_udp(libtrace_udp_t *udp, uint32_t *remaining)
Gets a pointer to the payload following a UDP header.
Definition: protocols_transport.c:348
DLLEXPORT SIMPLE_FUNCTION size_t trace_get_framing_length(const libtrace_packet_t *packet)
Get the length of the capture framing headers (in bytes).
Definition: trace.c:1380
uint16_t checksum
Checksum.
Definition: libtrace.h:731
DLLEXPORT bool trace_get_wireless_antenna(void *linkptr, libtrace_linktype_t linktype, uint8_t *antenna)
Get the wireless antenna.
Definition: link_wireless.c:577
802.3 style Ethernet
Definition: libtrace.h:354
PPP frames.
Definition: libtrace.h:369
RT is encapsulating a PCAP capture record with an AAL5 linktype.
Definition: libtrace.h:478
LT_BITFIELD16 vlan_pri
VLAN User Priority.
Definition: libtrace.h:793
DLLEXPORT SIMPLE_FUNCTION uint64_t trace_get_erf_timestamp(const libtrace_packet_t *packet)
Get the packet timestamp in the DAG time format.
Definition: trace.c:1184
uint8_t len
Length of the current header.
Definition: libtrace.h:652
Radiotap + 802.11.
Definition: libtrace.h:367
uint8_t metric_a
Byte 1 of the Metric field.
Definition: libtrace.h:1075
GZip Compression.
Definition: libtrace.h:1392
User Datagram Protocol.
Definition: libtrace.h:509
DLLEXPORT int trace_set_event_realtime(libtrace_t *trace, bool realtime)
If enabled, the libtrace event API will ignore time gaps between packets when reading from a trace fi...
Definition: trace.c:686
DLLEXPORT void * trace_get_payload_from_mpls(void *mpls, uint16_t *type, uint32_t *remaining)
Gets a pointer to the payload following an MPLS header.
Definition: protocols_l2.c:195
struct libtrace_80211_t libtrace_80211_t
802.11 header
uint32_t seq
LS sequence number.
Definition: libtrace.h:1009
struct trace_err_t libtrace_err_t
Libtrace error information.
DLLEXPORT void trace_construct_packet(libtrace_packet_t *packet, libtrace_linktype_t linktype, const void *data, uint16_t len)
Construct a libtrace packet from a buffer containing the packet payload.
Definition: trace.c:2101
DLLEXPORT void * trace_get_payload_from_pppoe(void *pppoe, uint16_t *type, uint32_t *remaining)
Gets a pointer to the payload following a PPPoE header.
Definition: protocols_l2.c:327
OSPF Link State Update Packet.
Definition: libtrace.h:1057
DLLEXPORT int trace_set_promisc(libtrace_t *trace, bool promisc)
If enabled, places a live capture interface into promiscuous mode.
Definition: trace.c:673
void * l3_header
Cached l3 header.
Definition: libtrace.h:557
struct libtrace_ospf_as_external_lsa_t libtrace_ospf_as_external_lsa_v2_t
OSPFv2 AS External LSA Body.
uint8_t type
OSPF Packet Type.
Definition: libtrace.h:968
OSPFv2 Summary LSA Body.
Definition: libtrace.h:1083
General Routing Encapsulation.
Definition: libtrace.h:514
void * l4_header
Cached transport header.
Definition: libtrace.h:560
DLLEXPORT bool trace_get_wireless_tx_power_dbm(void *linkptr, libtrace_linktype_t linktype, int8_t *txpower)
Get the wireless transmit power in dBm.
Definition: link_wireless.c:552
DLLEXPORT libtrace_t * trace_create(const char *uri)
Create an input trace from a URI.
Definition: trace.c:241
Unused value marking the end of the valid range for all RT packet types.
Definition: libtrace.h:499
Wandio has returned an error.
Definition: libtrace.h:309
DLLEXPORT void * trace_get_payload_from_icmp(libtrace_icmp_t *icmp, uint32_t *remaining)
Gets a pointer to the payload following a ICMP header.
Definition: protocols_transport.c:373
Legacy ERF for ATM capture.
Definition: libtrace.h:387
struct libtrace_icmp::@16::@18 frag
Path MTU Discovery.
libtrace_direction_t
Trace directions.
Definition: libtrace.h:583
PPPoE Session Messages.
Definition: libtrace.h:537
Connection has been denied.
Definition: libtrace.h:415
DLLEXPORT SIMPLE_FUNCTION unsigned char * trace_get_first_ospf_lsa_from_db_desc_v2(libtrace_ospf_db_desc_v2_t *db_desc, uint32_t *remaining)
Get a pointer to the start of the first LSA contained within an Database Description packet...
Definition: protocols_ospf.c:102
libtrace_event_t type
Event type (iowait,sleep,packet)
Definition: libtrace.h:1871
RT is encapsulating a PCAP capture record with an 802.11 linktype.
Definition: libtrace.h:471
DLLEXPORT void * trace_get_payload_from_vxlan(libtrace_vxlan_t *vxlan, uint32_t *remaining)
Gets a pointer to the payload following a VXLAN header.
Definition: protocols_application.c:30
uint32_t deadint
Interval before declaring a router down.
Definition: libtrace.h:1021
LT_BITFIELD32 from_ds
Packet from Distribution Service.
Definition: libtrace.h:924
struct libtrace_eventobj_t libtrace_eventobj_t
Structure returned by libtrace_event explaining what the current event is.
DLLEXPORT int trace_set_filter(libtrace_t *trace, libtrace_filter_t *filter)
Apply this filter to all packets read from this trace.
Definition: trace.c:678
DLLEXPORT bool trace_get_wireless_tx_attenuation_db(void *linkptr, libtrace_linktype_t linktype, uint16_t *attenuation)
Get the wireless transmit attenuation in dB.
Definition: link_wireless.c:528
DLLEXPORT libtrace_packet_t * trace_create_packet(void)
Create a new packet object.
Definition: trace.c:835
DLLEXPORT void trace_destroy_dead(libtrace_t *trace)
Close a dummy trace file, freeing up any resources it may have been using.
Definition: trace.c:797
struct libtrace_atm_nni_capture_cell libtrace_atm_nni_capture_cell_t
Captured NNI cell.
Unable to determine link type.
Definition: libtrace.h:351
FHSS hop set (uint8) and hopping pattern (uint8)
Definition: libtrace.h:596
uint32_t ack_seq
Acknowledgement Number.
Definition: libtrace.h:685
int framing_length
Cached framing length.
Definition: libtrace.h:553
uint8_t mac4[6]
MAC Address 4.
Definition: libtrace.h:947
uint16_t id
ID of the Echo request.
Definition: libtrace.h:736
DLLEXPORT int trace_config(libtrace_t *libtrace, trace_option_t option, void *value)
Sets an input config option.
Definition: trace.c:578
DLLEXPORT bool trace_get_wireless_tsft(void *linkptr, libtrace_linktype_t linktype, uint64_t *tsft)
Get the wireless Timer Synchronisation Function.
Definition: link_wireless.c:169
LT_BITFIELD8 psh
PuSH flag.
Definition: libtrace.h:693
trace_option_compresstype_t
Valid compression types Note, this must be kept in sync with WANDIO_COMPRESS_* numbers in wandio...
Definition: libtrace.h:1390
The trace failed to initialise.
Definition: libtrace.h:289
Radiotap.
Definition: libtrace.h:345
libtrace_event_t
Event types see libtrace_eventobj_t and trace_event.
Definition: libtrace.h:1862
DLLEXPORT DEPRECATED uint64_t trace_get_accepted_packets(libtrace_t *trace)
Returns the number of packets that have been read from the input trace using trace_read_packet().
Definition: trace.c:2238
uint16_t sequence
Sequence number of the Echo request.
Definition: libtrace.h:737
Internet Group Management Protocol.
Definition: libtrace.h:506
DLLEXPORT libtrace_t * trace_create_dead(const char *uri)
Creates a "dummy" trace file that has only the format type set.
Definition: trace.c:369
uint64_t errors
The number of packets that have been discarded by the network card because they are invalid...
Definition: libtrace.h:1506
struct libtrace_icmp libtrace_icmp_t
Generic ICMP header structure.
DLLEXPORT bool trace_is_err_output(libtrace_out_t *trace)
Indicates if there is an error on an output trace.
Definition: trace.c:1954
uint16_t source
Source port.
Definition: libtrace.h:720
Dag 2.4 Duck.
Definition: libtrace.h:421
Packet contains server meta-data.
Definition: libtrace.h:426
A libtrace input trace.
Definition: libtrace_int.h:306
void * header
Pointer to the framing header.
Definition: libtrace.h:545
TX attenuation as unitless distance from max power (uint16)
Definition: libtrace.h:600
Ethernet Loopback.
Definition: libtrace.h:528
LT_BITFIELD32 clp
Cell Loss Priority.
Definition: libtrace.h:808
struct in_addr backup
Backup designated router.
Definition: libtrace.h:1023
libtrace_dlt_t
Enumeration of DLTs supported by libtrace.
Definition: libtrace.h:314
int err_num
error code
Definition: libtrace.h:278
#define LIBTRACE_STAT_FIELDS
An X Macro set for libtrace stat fields.
Definition: libtrace.h:1414
Destination port is the server port.
Definition: libtrace.h:3448
DLLEXPORT libtrace_err_t trace_get_err(libtrace_t *trace)
Check (and clear) the current error state of an input trace.
Definition: trace.c:1907
uint32_t au_seq_num
Cryptographic Sequence Number.
Definition: libtrace.h:977
Failed to compile a BPF filter.
Definition: libtrace.h:303
LT_BITFIELD32 vci
Virtual Channel Identifier.
Definition: libtrace.h:816
RT is encapsulating a Legacy ETH capture record.
Definition: libtrace.h:442
Request for data transmission to begin.
Definition: libtrace.h:408
This output uri cannot write packets of this type.
Definition: libtrace.h:293
uint16_t duration
Duration value for NAV calculation.
Definition: libtrace.h:942
Noise power in dB from a fixed reference (uint8)
Definition: libtrace.h:605
uint8_t type
Message Type.
Definition: libtrace.h:750
LT_BITFIELD32 hec
Header Error Control.
Definition: libtrace.h:819
LT_BITFIELD32 retry
Packet is a retry.
Definition: libtrace.h:926
OSPF Database Description.
Definition: libtrace.h:1131
ICMPv6.
Definition: libtrace.h:517
DLLEXPORT int trace_prepare_packet(libtrace_t *trace, libtrace_packet_t *packet, void *buffer, libtrace_rt_types_t rt_type, uint32_t flags)
Converts the data provided in buffer into a valid libtrace packet.
Definition: trace.c:1051
LT_BITFIELD8 res1
Reserved bits.
Definition: libtrace.h:688
DAG multicast over a network.
Definition: libtrace.h:400
struct in_addr area
Area the packet belongs to.
Definition: libtrace.h:971
Dag 5.0 Duck.
Definition: libtrace.h:427
LT_BITFIELD32 hec
Header Error Control.
Definition: libtrace.h:809
LT_BITFIELD32 pt
Payload Type.
Definition: libtrace.h:807
int payload_length
Cached payload length.
Definition: libtrace.h:552
BSD native interface capture.
Definition: libtrace.h:392
uint8_t priority
Router Priority.
Definition: libtrace.h:1020
LT_BITFIELD8 cwr
ECN CWR.
Definition: libtrace.h:697
DLLEXPORT enum base_format_t trace_get_format(struct libtrace_packet_t *packet)
Gets the capture format for a given packet.
Definition: trace.c:1900
This packet is corrupt, or unusable for the action required.
Definition: libtrace.h:295
DLLEXPORT int trace_set_snaplen(libtrace_t *trace, int snaplen)
Maximum number of bytes to be captured for any given packet.
Definition: trace.c:669
DLLEXPORT int trace_start_output(libtrace_out_t *libtrace)
Start an output trace.
Definition: trace.c:544
Buffer memory is owned by the packet.
Definition: libtrace.h:269
Resource Reservation Protocol.
Definition: libtrace.h:513
Not actually used - all DATA types begin from this value.
Definition: libtrace.h:431
LT_BITFIELD32 clp
Cell Loss Priority.
Definition: libtrace.h:850
uint16_t length
Total Length of the PPP packet.
Definition: libtrace.h:873
double seconds
If the event is SLEEP, the amount of time to sleep for in seconds.
Definition: libtrace.h:1876
DLLEXPORT SIMPLE_FUNCTION libtrace_udp_t * trace_get_udp_from_ip(libtrace_ip_t *ip, uint32_t *remaining)
Get a pointer to the UDP header following an IPv4 header (if present)
Definition: protocols_transport.c:288
DLLEXPORT void * trace_get_payload_from_icmp6(libtrace_icmp6_t *icmp, uint32_t *remaining)
Gets a pointer to the payload following a ICMPv6 header.
Definition: protocols_transport.c:385
uint16_t checksum
Checksum.
Definition: libtrace.h:752
DLLEXPORT SIMPLE_FUNCTION uint8_t * trace_get_source_mac(libtrace_packet_t *packet)
Gets the source MAC address for a given packet.
Definition: protocols_l2.c:669
int which_trace_start
Used to match packet to a started instance of the parent trace.
Definition: libtrace.h:571
DLLEXPORT SIMPLE_FUNCTION double trace_get_seconds(const libtrace_packet_t *packet)
Get the packet timestamp in floating point seconds.
Definition: trace.c:1299
ETSI LI over a network.
Definition: libtrace.h:402
uint8_t reserved1[3]
Reserved.
Definition: libtrace.h:905
DLLEXPORT libtrace_stat_t * trace_get_statistics(libtrace_t *trace, libtrace_stat_t *stats)
Returns statistic counters for a trace, for a parallel trace this is a combined total.
Definition: trace.c:2254
Linux native interface capture.
Definition: libtrace.h:390
Signal power in dBm (int8)
Definition: libtrace.h:597
RT network protocol.
Definition: libtrace.h:386
Special format for reading uncompressed ERF traces without checking for compression.
Definition: libtrace.h:397
DLLEXPORT SIMPLE_FUNCTION void * trace_get_ospf_header(libtrace_packet_t *packet, uint8_t *version, uint32_t *remaining)
Get a pointer to the OSPF header (if present)
Definition: protocols_ospf.c:33
uint16_t frag_off
Fragment Offset (includes M flag)
Definition: libtrace.h:660
DLLEXPORT void * trace_get_payload_from_meta(const void *meta, libtrace_linktype_t *linktype, uint32_t *remaining)
Returns the payload of a metadata header.
Definition: protocols_pktmeta.c:196
Generic LLC/SNAP header structure.
Definition: libtrace.h:771
OSPF Summary LSA.
Definition: libtrace.h:1141
uint16_t au_type
Authentication procedure.
Definition: libtrace.h:973
uint16_t interval
Interval between Hello packets (secs)
Definition: libtrace.h:1018
DLLEXPORT libtrace_out_t * trace_create_output(const char *uri)
Creates a trace output file from a URI.
Definition: trace.c:453
LT_BITFIELD32 clp
Cell Loss Priority.
Definition: libtrace.h:818
Packet contents are not valid.
Definition: libtrace.h:350
Reliable client was lost.
Definition: libtrace.h:425
DLLEXPORT bool trace_is_err(libtrace_t *trace)
Indicate if there has been an error on an input trace.
Definition: trace.c:1915
Unused value marking the end of the valid range for PCAP RT encapsulation.
Definition: libtrace.h:481
Reliable server has been restarted.
Definition: libtrace.h:424
uint8_t unused1
Unused.
Definition: libtrace.h:758
LSA Header for OSPFv2.
Definition: libtrace.h:1002
WAG live capture (Obsolete)
Definition: libtrace.h:385
RT is encapsulating a Intel DPDK capture record.
Definition: libtrace.h:456
Definition: libtrace_int.h:289
uint16_t plen
Payload length.
Definition: libtrace.h:672
Options Field present in some OSPFv2 packets.
Definition: libtrace.h:981
Libtrace error information.
Definition: libtrace.h:277
Client is exiting message.
Definition: libtrace.h:414
struct in_addr netmask
Netmask for the destination.
Definition: libtrace.h:1067
802.1Q frame
Definition: libtrace.h:791
Encapsulated Security Payload [RFC2406].
Definition: libtrace.h:515
LT_BITFIELD8 db_desc_ms
If set, this router is the master.
Definition: libtrace.h:1035
FreeBSD's PFlog.
Definition: libtrace.h:359
DLLEXPORT SIMPLE_FUNCTION struct sockaddr * trace_get_destination_address(const libtrace_packet_t *packet, struct sockaddr *addr)
Get the destination IP address for a given packet.
Definition: protocols_l3.c:604
libtrace_rt_types_t type
RT protocol type for the packet.
Definition: libtrace.h:548
LT_BITFIELD8 v
Virtual Endpoint Flag.
Definition: libtrace.h:1116
LT_BITFIELD32 vpi
Virtual Path Identifier.
Definition: libtrace.h:832
LT_BITFIELD32 power
Power Management mode.
Definition: libtrace.h:927
uint16_t ip_sum
Checksum.
Definition: libtrace.h:643
int16_t ip_id
Identification.
Definition: libtrace.h:639
ATM Adaptation Layer 5 frames.
Definition: libtrace.h:365
OSPF Summary LSA (ASBR)
Definition: libtrace.h:1142
uint16_t ip_off
IP Fragment offset (and flags)
Definition: libtrace.h:640
LT_BITFIELD32 clp
Cell Loss Priority.
Definition: libtrace.h:835
uint16_t unused
Unused.
Definition: libtrace.h:742
buf_control_t buf_control
Describes memory ownership.
Definition: libtrace.h:549
IPv6 no next header.
Definition: libtrace.h:518
Option request.
Definition: libtrace.h:419
uint8_t flags
Flags.
Definition: libtrace.h:904
uint16_t length
Length of the LSA including LSA header.
Definition: libtrace.h:1011
DLLEXPORT SIMPLE_FUNCTION libtrace_linktype_t trace_get_link_type(const libtrace_packet_t *packet)
Gets the link layer type for a packet.
Definition: trace.c:1402
uint8_t zero
Always zero.
Definition: libtrace.h:1086
Legacy ERF for POS capture.
Definition: libtrace.h:388
IP pseudo protocol number.
Definition: libtrace.h:504
libtrace_ospf_types_t
OSPF message types.
Definition: libtrace.h:1129
libtrace_ospf_ls_types_t
OSPF link state acknowledgement types.
Definition: libtrace.h:1138
DLLEXPORT SIMPLE_FUNCTION libtrace_ip6_t * trace_get_ip6(libtrace_packet_t *packet)
get a pointer to the IPv6 header (if any)
Definition: protocols_l3.c:79
uint8_t res
Reserved.
Definition: libtrace.h:659
LT_BITFIELD64 magic
A number stored against the format to ensure the struct was allocated correctly.
Definition: libtrace.h:1441
Open Shortest Path First routing protocol.
Definition: libtrace.h:520
OSPFv2 AS External LSA Body.
Definition: libtrace.h:1065
void * payload
Pointer to the link layer.
Definition: libtrace.h:546
LT_BITFIELD32 order
Strictly-Ordered class indicator.
Definition: libtrace.h:930
struct libtrace_tcp libtrace_tcp_t
Generic TCP header structure.
Raw IP frames.
Definition: libtrace.h:357
Captured NNI cell.
Definition: libtrace.h:845
struct in6_addr ip_src
Source address.
Definition: libtrace.h:675
uint8_t metric_b
Byte 2 of the Metric field.
Definition: libtrace.h:1088
DLLEXPORT int trace_get_next_option(unsigned char **ptr, int *len, unsigned char *type, unsigned char *optlen, unsigned char **data)
Parses an IP or TCP option.
Definition: protocols_l3.c:310
LT_BITFIELD32 hec
Header Error Control.
Definition: libtrace.h:851
DLLEXPORT SIMPLE_FUNCTION libtrace_filter_t * trace_create_filter(const char *filterstring)
Creates a BPF filter.
Definition: trace.c:1492
uint16_t checksum
Checksum.
Definition: libtrace.h:1010
If enabled, places a live capture interface into promiscuous mode.
Definition: libtrace.h:1311
OSPF Link State Update.
Definition: libtrace.h:1133
DLLEXPORT char * trace_ether_ntoa(const uint8_t *addr, char *buf)
Converts an ethernet address to a printable string.
Definition: trace.c:2063
uint32_t l4_remaining
Cached transport remaining.
Definition: libtrace.h:562
LT_BITFIELD32 vpi
Virtual Path Identifier.
Definition: libtrace.h:847
uint8_t code
Type Sub-code.
Definition: libtrace.h:751
DLLEXPORT libtrace_eventobj_t trace_event(libtrace_t *trace, libtrace_packet_t *packet)
Processes the next libtrace event from an input trace.
Definition: trace.c:1429
void * buffer
Allocated buffer.
Definition: libtrace.h:547
LZO Compression.
Definition: libtrace.h:1395
uint8_t ether_dhost[6]
Destination Ether Addr.
Definition: libtrace.h:785
Compression type, see trace_option_compresstype_t.
Definition: libtrace.h:1407
union libtrace_icmp::@16 un
Union for Payloads of Various ICMP Codes.
struct libtrace_ospf_hello_v2_t libtrace_ospf_hello_v2_t
OSPFv2 Hello Packet.
uint16_t dest
Destination port.
Definition: libtrace.h:721
trace_option_t
Valid configuration options for input traces.
Definition: libtrace.h:1306
DLLEXPORT SIMPLE_FUNCTION libtrace_direction_t trace_get_direction(const libtrace_packet_t *packet)
Get the direction flag for a packet, if it has one.
Definition: trace.c:1721
Antenna frame was rx'd or tx'd on (uint8)
Definition: libtrace.h:603
uint32_t mtu
MTU from Packet Too Big Message.
Definition: libtrace.h:761
Packets with an unknown direction, or one that's unknown.
Definition: libtrace.h:586
uint8_t it_version
Radiotap version.
Definition: libtrace.h:958
Stream Control Transmission Protocol.
Definition: libtrace.h:522
DLLEXPORT void * trace_get_layer2(const libtrace_packet_t *packet, libtrace_linktype_t *linktype, uint32_t *remaining)
Get a pointer to the layer 2 header.
Definition: protocols_l2.c:433
struct libtrace_gre_t libtrace_gre_t
Libtrace local definition of GRE (Generalised Routing Protocol) header RFC2890.
DLLEXPORT SIMPLE_FUNCTION struct timeval trace_get_timeval(const libtrace_packet_t *packet)
Get the packet timestamp as a struct timeval.
Definition: trace.c:1222
struct in_addr ip_src
Source Address.
Definition: libtrace.h:644
RT communication breakdown.
Definition: libtrace.h:305
Legacy ERF for ETH capture.
Definition: libtrace.h:389
base_format_t
RT protocol base format identifiers.
Definition: libtrace.h:381
uint8_t ether_shost[6]
Source Ether Addr.
Definition: libtrace.h:786
uint16_t ip_len
Total Length.
Definition: libtrace.h:638
DLLEXPORT bool trace_get_wireless_rate(void *linkptr, libtrace_linktype_t linktype, uint8_t *rate)
Get the wireless data rate.
Definition: link_wireless.c:228
uint16_t check
Checksum.
Definition: libtrace.h:723
If enabled, the libtrace event API will ignore time gaps between packets when reading from a trace fi...
Definition: libtrace.h:1321
LZO Compression.
Definition: libtrace.h:1394
libtrace_ospf_options_t hello_options
Options.
Definition: libtrace.h:1019
MPLS Multicast traffic.
Definition: libtrace.h:535
LT_BITFIELD8 ip_v
Version.
Definition: libtrace.h:630
libtrace_linktype_t link_type
Cached link type.
Definition: libtrace.h:555
RT is encapsulating an ERF capture record.
Definition: libtrace.h:434
struct libtrace_ip6 libtrace_ip6_t
Generic IPv6 header structure.
struct libtrace_ospf_ls_req_t libtrace_ospf_ls_req_t
OSPF Link State Request Packet.
uint16_t mtu
Next-hop MTU.
Definition: libtrace.h:743
Barker Code lock quality (uint16)
Definition: libtrace.h:599
DLLEXPORT void * trace_get_payload_from_link(void *linkptr, libtrace_linktype_t linktype, uint16_t *type, uint32_t *remaining)
Gets a pointer to the payload following a link header.
Definition: protocols_l2.c:417
OSPFv2 Hello Packet.
Definition: libtrace.h:1015
DLLEXPORT int trace_config_output(libtrace_out_t *libtrace, trace_option_output_t option, void *value)
Sets an output config option.
Definition: trace.c:691
The URI passed to trace_create() is unsupported, or badly formed.
Definition: libtrace.h:287
uint16_t type
Protocol within OUI.
Definition: libtrace.h:779
IPv6.
Definition: libtrace.h:533
uint8_t transport_proto
Cached transport protocol.
Definition: libtrace.h:561
uint16_t SeqCtl
Sequence Control.
Definition: libtrace.h:946
Reverse ARP.
Definition: libtrace.h:531
struct libtrace_llcsnap libtrace_llcsnap_t
Generic LLC/SNAP header structure.
OpenBSD loopback.
Definition: libtrace.h:372
Properties of received frame (uint16)
Definition: libtrace.h:607
The buffer memory is externally-owned and must not be freed by libtrace when the packet is destroyed...
Definition: libtrace.h:1855
IPv6 header extension structure.
Definition: libtrace.h:649
IPv6 over IPv4.
Definition: libtrace.h:510
Live PCAP capture.
Definition: libtrace.h:383
Generic ICMPv6 header structure.
Definition: libtrace.h:749
DLLEXPORT SIMPLE_FUNCTION libtrace_udp_t * trace_get_udp(libtrace_packet_t *packet)
Get a pointer to the UDP header (if present)
Definition: protocols_transport.c:270
As PCAP does not store the linktype with the packet, we need to create a separate RT type for each su...
Definition: libtrace.h:463
DLLEXPORT libtrace_stat_t * trace_create_statistics(void)
Creates and returns a zeroed libtrace_stat_t structure.
Definition: trace.c:2329
Defines the frequency of meta-data reporting, e.g.
Definition: libtrace.h:1317
uint64_t accepted
The number of packets that have been read from the input trace using trace_read_packet().
Definition: libtrace.h:1455
802.11 Prism frames
Definition: libtrace.h:364
int capture_length
Cached capture length.
Definition: libtrace.h:550
uint8_t ip_ttl
Time to Live.
Definition: libtrace.h:641
trace_option_output_t
Valid configuration options for output traces.
Definition: libtrace.h:1400
See TRACE_DLT_RAW for explanations of pain.
Definition: libtrace.h:340
ATM Network Node/Network Interface (NNI) Cell.
Definition: libtrace.h:813
Generic TCP header structure.
Definition: libtrace.h:680
LT_BITFIELD8 b
Area Border Router Flag.
Definition: libtrace.h:1114
DLLEXPORT int trace_write_packet(libtrace_out_t *trace, libtrace_packet_t *packet)
Write one packet out to the output trace.
Definition: trace.c:1088
uint64_t hash
A hash of the packet as supplied by the user.
Definition: libtrace.h:564
uint32_t flow
Flow label.
Definition: libtrace.h:671
int refcount
Reference counter.
Definition: libtrace.h:570
Connection accepted.
Definition: libtrace.h:407
DLLEXPORT SIMPLE_FUNCTION size_t trace_get_wire_length(const libtrace_packet_t *packet)
Get the size of the packet as it was originally seen on the wire (in bytes).
Definition: trace.c:1355
struct libtrace_t * trace
Pointer to the trace.
Definition: libtrace.h:544
uint64_t dropped
The number of packets that have been dropped on an input trace due to lack of buffer space on the cap...
Definition: libtrace.h:1480
DLLEXPORT void * trace_get_payload_from_ip6(libtrace_ip6_t *ipptr, uint8_t *proto, uint32_t *remaining)
Gets a pointer to the payload following an IPv6 header.
Definition: protocols_l3.c:138
DLLEXPORT SIMPLE_FUNCTION void * trace_get_ospf_contents_v2(libtrace_ospf_v2_t *header, uint8_t *ospf_type, uint32_t *remaining)
Get a pointer to the contents of the OSPF packet after the OSPF header.
Definition: protocols_ospf.c:58
uint16_t ether_type
Packet Type ID Field (next-header)
Definition: libtrace.h:787
uint16_t mtu
Interface MTU.
Definition: libtrace.h:1032
RT is encapsulating a Legacy NZIX capture record.
Definition: libtrace.h:452
Speed up trace file replays (via trace_event()) by this factor.
Definition: libtrace.h:1328
Not a data packet.
Definition: libtrace.h:371
LT_BITFIELD8 type
PPPoE Type.
Definition: libtrace.h:870
PPP header.
Definition: libtrace.h:855
DLLEXPORT bool trace_get_wireless_noise_strength_db(void *linkptr, libtrace_linktype_t linktype, uint8_t *strength)
Get the wireless noise strength in dB.
Definition: link_wireless.c:448
DLLEXPORT int trace_read_packet(libtrace_t *trace, libtrace_packet_t *packet)
Read the next packet from an input trace.
Definition: trace.c:958
DLLEXPORT libtrace_packet_t * trace_copy_packet(const libtrace_packet_t *packet)
Copy a packet object.
Definition: trace.c:850
Unknown config option.
Definition: libtrace.h:291
uint16_t ospf_len
Packet length, including OSPF header.
Definition: libtrace.h:969
Properties of transmitted frame (uint16)
Definition: libtrace.h:608
802.1q VLAN Extended Header
Definition: libtrace.h:532
DLLEXPORT void trace_clear_statistics(libtrace_stat_t *s)
Clear all fields of given statistic.
Definition: trace.c:2339
The hasher function for a parallel libtrace.
Definition: libtrace.h:1325
LT_BITFIELD32 pt
Payload Type.
Definition: libtrace.h:849
The libtrace packet structure.
Definition: libtrace.h:543
unsigned char addr[8]
Link-layer address.
Definition: libtrace.h:1151
Linux native interface capture PACKET_MMAP.
Definition: libtrace.h:396
libtrace_radiotap_field_t
Enumeration of Radiotap fields.
Definition: libtrace.h:591
uint8_t ospf_v
OSPF Version, should be 2.
Definition: libtrace.h:967
DLLEXPORT SIMPLE_FUNCTION int trace_get_next_ospf_lsa_v2(unsigned char **current, libtrace_ospf_lsa_v2_t **lsa_hdr, unsigned char **lsa_body, uint32_t *remaining, uint8_t *lsa_type, uint16_t *lsa_length)
Parses an OSPF LSA and finds the next LSA (if there is one)
Definition: protocols_ospf.c:242
IPv6 fragmentation header.
Definition: libtrace.h:656
uint16_t checksum
Optional checksum.
Definition: libtrace.h:883
Information of this thread.
Definition: libtrace_int.h:198
struct in_addr router
Router ID of the packet source.
Definition: libtrace.h:970
Dag 2.5 Duck.
Definition: libtrace.h:422
DLLEXPORT SIMPLE_FUNCTION uint16_t trace_get_source_port(const libtrace_packet_t *packet)
Gets the source port for a given packet.
Definition: protocols_transport.c:399
struct libtrace_icmp::@16::@17 echo
Echo Datagram.
uint8_t metric_c
Byte 3 of the Metric field.
Definition: libtrace.h:1077
uint8_t hlim
Hop limit.
Definition: libtrace.h:674
DLLEXPORT bool trace_get_wireless_freq(void *linkptr, libtrace_linktype_t linktype, uint16_t *freq)
Get the wireless channel frequency.
Definition: link_wireless.c:252
IPv6 Fragmentation header.
Definition: libtrace.h:512
DLLEXPORT void trace_add_statistics(const libtrace_stat_t *a, const libtrace_stat_t *b, libtrace_stat_t *c)
Performs operation c=a+b accounting for valid fields.
Definition: trace.c:2364
DLLEXPORT SIMPLE_FUNCTION char * trace_get_source_address_string(const libtrace_packet_t *packet, char *space, int spacelen)
Get the source IP address for a packet and convert it into a string.
Definition: protocols_l3.c:517
LT_BITFIELD32 vpi
Virtual Path Identifier.
Definition: libtrace.h:805
libtrace_rt_types_t
RT protocol packet types.
Definition: libtrace.h:406
DLLEXPORT void * trace_get_layer3(const libtrace_packet_t *packet, uint16_t *ethertype, uint32_t *remaining)
Get a pointer to the layer 3 (e.g.
Definition: protocols_l3.c:208
uint32_t advertising_router
Advertising Router.
Definition: libtrace.h:1053
Structure returned by libtrace_event explaining what the current event is.
Definition: libtrace.h:1870
OSPFv2 Router LSA.
Definition: libtrace.h:1111
uint16_t len
Length.
Definition: libtrace.h:722
Dag duck info packet.
Definition: libtrace.h:412
DLLEXPORT void trace_perror(libtrace_t *trace, const char *msg,...) PRINTF(2
Outputs the error message for an input trace to stderr and clear the error status.
DLLEXPORT int trace_set_meta_freq(libtrace_t *trace, int freq)
Defines the frequency of meta-data reporting, e.g.
Definition: trace.c:682
uint16_t hatype
Link-layer address type.
Definition: libtrace.h:1149
uint8_t code
Type Sub-code.
Definition: libtrace.h:730
uint16_t protocol
< PPP Address (0xFF - All stations)
Definition: libtrace.h:863
struct libtrace_ip libtrace_ip_t
Generic IP header structure.
uint8_t metric_c
Byte 3 of the Metric field.
Definition: libtrace.h:1089
Maximum number of bytes to be captured for any given packet.
Definition: libtrace.h:1308
LT_BITFIELD16 vlan_id
VLAN Id.
Definition: libtrace.h:796
LT_BITFIELD32 vci
Virtual Channel Identifier.
Definition: libtrace.h:806
Libtrace local definition of VXLAN Header (draft-mahalingam-dutt-dcops-vxlan)
Definition: libtrace.h:902
DLLEXPORT void trace_destroy_packet(libtrace_packet_t *packet)
Destroy a packet object.
Definition: trace.c:890
struct libtrace_sll_header_t libtrace_sll_header_t
A local definition of an SLL header.
uint8_t nxt
Next header.
Definition: libtrace.h:651
uint16_t age
Time in seconds since LSA originated.
Definition: libtrace.h:1004
RT is encapsulating a PCAP capture record with a Linux SLL linktype.
Definition: libtrace.h:474
struct libtrace_ospf_summary_lsa libtrace_ospf_summary_lsa_v2_t
OSPFv2 Summary LSA Body.
Signal power in dB from a fixed reference (uint8)
Definition: libtrace.h:604
uint8_t mac2[6]
MAC Address 2.
Definition: libtrace.h:944
DLLEXPORT bool trace_get_wireless_noise_strength_dbm(void *linkptr, libtrace_linktype_t linktype, int8_t *strength)
Get the wireless noise strength in dBm.
Definition: link_wireless.c:400
libtrace_ospf_options_t db_desc_options
Options.
Definition: libtrace.h:1033
uint8_t control
Control field.
Definition: libtrace.h:776
uint16_t window
Window Size.
Definition: libtrace.h:713
DLLEXPORT void * trace_get_transport(const libtrace_packet_t *packet, uint8_t *proto, uint32_t *remaining)
Gets a pointer to the transport layer header (if any)
Definition: protocols_transport.c:170
PCAP trace file.
Definition: libtrace.h:384
uint16_t protocol
Protocol.
Definition: libtrace.h:1152
Option known, but unsupported by this format.
Definition: libtrace.h:297
uint32_t l3_remaining
Cached l3 remaining.
Definition: libtrace.h:559
LT_BITFIELD8 version
Protocol version number.
Definition: libtrace.h:869
No direction information available.
Definition: libtrace.h:587
uint16_t vlan_ether_type
VLAN Sub-packet Type ID Field (next-header)
Definition: libtrace.h:797
char problem[1024]
the format, uri etc that caused the error for reporting purposes
Definition: libtrace.h:279
DLLEXPORT void * trace_get_packet_meta(const libtrace_packet_t *packet, libtrace_linktype_t *linktype, uint32_t *remaining)
Return a pointer to the first metadata header in a packet, if present.
Definition: protocols_pktmeta.c:152
Packets originating "outside".
Definition: libtrace.h:585
LT_BITFIELD32 pt
Payload Type.
Definition: libtrace.h:834
DLLEXPORT void trace_get_thread_statistics(libtrace_t *trace, libtrace_thread_t *t, libtrace_stat_t *stats)
Returns statistic counters for a single thread of a trace.
Definition: trace.c:2308
serverport_t
An indication of which port is the "server" port for a given port pair.
Definition: libtrace.h:3447
struct libtrace_ospf_ls_update_t libtrace_ospf_ls_update_t
OSPF Link State Update Packet.
DLLEXPORT bool trace_get_wireless_signal_strength_dbm(void *linkptr, libtrace_linktype_t linktype, int8_t *strength)
Get the wireless signal strength in dBm.
Definition: link_wireless.c:376
DLLEXPORT int trace_flush_output(libtrace_out_t *libtrace)
Flush an output trace, forcing any buffered packets to be written.
Definition: trace.c:825
Captured UNI cell.
Definition: libtrace.h:829
Transmission Control Protocol.
Definition: libtrace.h:508
TX attenuation as dB from max power (uint16)
Definition: libtrace.h:601
int error
The error status of pread_packet.
Definition: libtrace.h:565
LIBTRACE_STAT_FIELDS LT_BITFIELD64 reserved1
Bits reserved for future fields.
Definition: libtrace.h:1439
DLLEXPORT uint16_t trace_get_fragment_offset(const libtrace_packet_t *packet, uint8_t *more)
Calculates the fragment offset in bytes for an IP packet.
Definition: protocols_l3.c:724
DLLEXPORT void * trace_get_payload_from_tcp(libtrace_tcp_t *tcp, uint32_t *remaining)
Gets a pointer to the payload following a TCP header.
Definition: protocols_transport.c:360
LT_BITFIELD32 more_data
More data is buffered at station.
Definition: libtrace.h:928
DLLEXPORT SIMPLE_FUNCTION unsigned char * trace_get_first_ospf_lsa_from_update_v2(libtrace_ospf_ls_update_t *ls_update, uint32_t *remaining)
Get a pointer to the start of the first LSA contained within an LS Update packet. ...
Definition: protocols_ospf.c:121
uint8_t vni[3]
VXLAN Network Identifier (VNI)
Definition: libtrace.h:906
uint64_t captured
The number of received packets that have not been dropped.
Definition: libtrace.h:1490
struct in_addr adv_router
Router that originated this LSA.
Definition: libtrace.h:1008
Compression format unsupported.
Definition: libtrace.h:307
uint8_t zero2
Always zero.
Definition: libtrace.h:1124
BZip2 Compression.
Definition: libtrace.h:1393
Generic ICMP header structure.
Definition: libtrace.h:727
ETSI Lawful Intercept.
Definition: libtrace.h:374
DLLEXPORT void * trace_get_payload_from_vlan(void *vlan, uint16_t *type, uint32_t *remaining)
Gets a pointer to the payload following an 802.1q (VLAN) header.
Definition: protocols_l2.c:74
LT_BITFIELD32 gfc
Generic Flow Control.
Definition: libtrace.h:804
uint32_t seq
Sequence number.
Definition: libtrace.h:684
Internet Control Message protocol.
Definition: libtrace.h:505
uint16_t pkttype
Packet type.
Definition: libtrace.h:1148
LT_BITFIELD8 db_desc_i
If set, this is the first packet in sequence.
Definition: libtrace.h:1037
DLLEXPORT uint16_t * trace_checksum_transport(libtrace_packet_t *packet, uint16_t *csum)
Calculates the expected checksum for the transport header in a packet.
Definition: protocols_transport.c:469
uint8_t ip_tos
Type of Service.
Definition: libtrace.h:637
Statistic counters are cumulative from the time the trace is started.
Definition: libtrace.h:1432
No Error has occurred....
Definition: libtrace.h:285
802.3 frame
Definition: libtrace.h:783
LT_BITFIELD32 vci
Virtual Channel Identifier.
Definition: libtrace.h:833
uint8_t length
Length of original datagram content in 64 bit words.
Definition: libtrace.h:756
BPF not supported by this system, but we still need to define a structure for the filter...
Definition: libtrace_int.h:1221
Protocol Independant Multicast.
Definition: libtrace.h:521
RT is encapsulating a BSD native capture record.
Definition: libtrace.h:448
DLLEXPORT SIMPLE_FUNCTION libtrace_icmp_t * trace_get_icmp(libtrace_packet_t *packet)
Get a pointer to the ICMP header (if present)
Definition: protocols_transport.c:300
LT_BITFIELD8 e
If set, metric is Type 2.
Definition: libtrace.h:1070
uint8_t nxt
Next header.
Definition: libtrace.h:658
DLLEXPORT SIMPLE_FUNCTION int8_t trace_get_server_port(uint8_t protocol, uint16_t source, uint16_t dest)
Hint at which of the two provided ports is the server port.
uint8_t lsa_type
LSA type.
Definition: libtrace.h:1006
libtrace_ethertype_t
Ethertypes supported by Libtrace.
Definition: libtrace.h:526
uint16_t source
Source Port.
Definition: libtrace.h:682
struct libtrace_vxlan_t libtrace_vxlan_t
Libtrace local definition of VXLAN Header (draft-mahalingam-dutt-dcops-vxlan)
struct libtrace_icmp6 libtrace_icmp6_t
Generic ICMPv6 header structure.
uint8_t dsap
Destination Service Access Point.
Definition: libtrace.h:774
DLLEXPORT void trace_subtract_statistics(const libtrace_stat_t *a, const libtrace_stat_t *b, libtrace_stat_t *c)
Performs the operation c=a-b accounting for valid fields.
Definition: trace.c:2344
ERF (DAG capture format)
Definition: libtrace.h:382
LT_BITFIELD8 ece
ECN Echo.
Definition: libtrace.h:696
Packet-over-SONET.
Definition: libtrace.h:361
This feature is unsupported.
Definition: libtrace.h:299
LT_BITFIELD8 urg
URG flag.
Definition: libtrace.h:695
struct in_addr ls_id
Link State ID.
Definition: libtrace.h:1007
DLLEXPORT bool trace_get_wireless_signal_strength_db(void *linkptr, libtrace_linktype_t linktype, uint8_t *strength)
Get the wireless signal strength in dB.
Definition: link_wireless.c:424
pcap documents this as having the Address Family value in host byte order as the framing.
Definition: libtrace.h:322
DLLEXPORT SIMPLE_FUNCTION size_t trace_get_capture_length(const libtrace_packet_t *packet)
Get the current size of the packet (in bytes), taking into account any truncation or snapping that ma...
Definition: trace.c:1329
DLLEXPORT int trace_seek_timeval(libtrace_t *trace, struct timeval tv)
Seek within an input trace to a time specified as a timeval.
Definition: trace.c:2040
DLLEXPORT libtrace_direction_t trace_set_direction(libtrace_packet_t *packet, libtrace_direction_t direction)
Set the direction flag for a packet, if the capture format supports direction tagging.
Definition: trace.c:1703
DLLEXPORT SIMPLE_FUNCTION size_t trace_get_payload_length(const libtrace_packet_t *packet)
Get the length of the original payload content of the packet (in bytes).
Definition: protocols_transport.c:54
Libtrace local definition of GRE (Generalised Routing Protocol) header RFC2890.
Definition: libtrace.h:879
Raw LLC/SNAP.
Definition: libtrace.h:368
DLLEXPORT SIMPLE_FUNCTION uint16_t trace_get_destination_port(const libtrace_packet_t *packet)
Gets the destination port for a given packet.
Definition: protocols_transport.c:435
The buffer memory has been allocated by libtrace and should be freed when the packet is destroyed...
Definition: libtrace.h:1851
buf_control_t
If the packet has allocated its own memory the buffer_control should be set to TRACE_CTRL_PACKET, so that the memory will be freed when the packet is destroyed.
Definition: libtrace.h:268
Pseudo link layer for DUCK packets.
Definition: libtrace.h:366
uint8_t code
PPPoE Code.
Definition: libtrace.h:871
LT_BITFIELD32 to_ds
Packet to Distribution Service.
Definition: libtrace.h:923
DLLEXPORT libtrace_packet_t * trace_strip_packet(libtrace_packet_t *packet)
Strips layer 2.5 headers from a given packet.
Definition: protocols_l2.c:95
WDCAP-style meta-data.
Definition: libtrace.h:370
uint8_t au_key_id
Authentication Key ID.
Definition: libtrace.h:975
uint64_t received
The total number of good packets which have been received.
Definition: libtrace.h:1472
MPLS Unicast traffic.
Definition: libtrace.h:534
DLLEXPORT int trace_print_statistics(const libtrace_stat_t *s, FILE *f, const char *format)
Prints all valid stats to a file stream, (which could be stdout/err).
Definition: trace.c:2384
uint64_t filtered
The number of packets that were captured, but discarded for not matching a provided filter...
Definition: libtrace.h:1462
RT is encapsulating a PCAP capture record with a PFlog linktype.
Definition: libtrace.h:476
PCAP-NG trace file.
Definition: libtrace.h:399
uint16_t dest
Destination port.
Definition: libtrace.h:683
DLLEXPORT SIMPLE_FUNCTION char * trace_get_destination_address_string(const libtrace_packet_t *packet, char *space, int spacelen)
Get the destination IP address for a packet and convert it into a string.
Definition: protocols_l3.c:656
LT_BITFIELD32 subtype
Frame Subtype.
Definition: libtrace.h:915
struct libtrace_ppp libtrace_ppp_t
PPP header.
uint16_t l3_ethertype
Cached l3 ethertype.
Definition: libtrace.h:558
DLLEXPORT void * trace_get_packet_buffer(const libtrace_packet_t *packet, libtrace_linktype_t *linktype, uint32_t *remaining)
Gets a pointer to the first byte of the packet as it was captured and returns its corresponding linkt...
Definition: trace.c:1113
Illegal use of the API.
Definition: libtrace.h:301
DLLEXPORT libtrace_vxlan_t * trace_get_vxlan_from_udp(libtrace_udp_t *udp, uint32_t *remaining)
Gets a pointer to the payload following a VXLAN header.
Definition: protocols_application.c:45
Fifo status packet.
Definition: libtrace.h:411
ATM frame.
Definition: libtrace.h:355
DLLEXPORT void trace_interrupt(void)
Causes a libtrace reader to stop blocking whilst waiting on new packets and immediately return EOF...
Definition: trace.c:2420
struct libtrace_stat_t libtrace_stat_t
Statistic counters are cumulative from the time the trace is started.
Legacy format used for NZIX traces.
Definition: libtrace.h:395
struct libtrace_ospf_options_t libtrace_ospf_options_t
Options Field present in some OSPFv2 packets.
RT is encapsulating a Linux native PACKET_MMAP capture record.
Definition: libtrace.h:454
libtrace_ospf_options_t lsa_options
Options.
Definition: libtrace.h:1005
DLLEXPORT int trace_seek_erf_timestamp(libtrace_t *trace, uint64_t ts)
Seek within an input trace to a time specified as an ERF timestamp.
Definition: trace.c:1980
LT_BITFIELD32 type
Frame Type.
Definition: libtrace.h:914
uint16_t sequence
Echo Sequence Number.
Definition: libtrace.h:765
struct libtrace_atm_nni_cell libtrace_atm_nni_cell_t
ATM Network Node/Network Interface (NNI) Cell.
uint16_t reserved1
Optional reserved.
Definition: libtrace.h:884
LT_BITFIELD8 rst
RST flag.
Definition: libtrace.h:692
IP encapsulated in IP.
Definition: libtrace.h:507
RT is encapsulating a Linux native capture record.
Definition: libtrace.h:444
uint32_t pointer
Pointer from Parameter Problem Message.
Definition: libtrace.h:762
LT_BITFIELD32 gfc
Generic Flow Control.
Definition: libtrace.h:831
Bitrate in units of 500kbps (uint8)
Definition: libtrace.h:594
ERF Provenance metadata record.
Definition: libtrace.h:373
RT is encapsulating a WAG capture record.
Definition: libtrace.h:436
LT_BITFIELD32 pt
Payload Type.
Definition: libtrace.h:817
Number of unicast retries a transmitted frame used (uint8)
Definition: libtrace.h:610
uint16_t key
Optional key (or Tenant Network ID)
Definition: libtrace.h:885
Address resolution protocol.
Definition: libtrace.h:530
OSPF AS External LSA.
Definition: libtrace.h:1143
struct in_addr designated
Designated router for the network.
Definition: libtrace.h:1022
uint8_t type
Message Type.
Definition: libtrace.h:729
End of input trace.
Definition: libtrace.h:1866
LT_BITFIELD8 ecn_ns
ECN Nonce Sum.
Definition: libtrace.h:687
DLLEXPORT SIMPLE_FUNCTION struct sockaddr * trace_get_source_address(const libtrace_packet_t *packet, struct sockaddr *addr)
Get the source IP address for a given packet.
Definition: protocols_l3.c:463
Authentication Header [RFC2402].
Definition: libtrace.h:516
uint32_t external_tag
External Route Tag.
Definition: libtrace.h:1079
DLLEXPORT SIMPLE_FUNCTION uint32_t trace_get_ospf_metric_from_as_external_lsa_v2(libtrace_ospf_as_external_lsa_v2_t *as_lsa)
Extracts the metric field from an AS External LSA packet.
Definition: protocols_ospf.c:140
int wire_length
Cached wire length.
Definition: libtrace.h:551
ATM User Network Interface (UNI) Cell.
Definition: libtrace.h:802
struct in_addr mask
Network mask for this interface.
Definition: libtrace.h:1017
LT_BITFIELD8 fin
FIN.
Definition: libtrace.h:690
DAG Clock information.
Definition: libtrace.h:391
struct libtrace_ospf_link_t libtrace_ospf_link_v2_t
OSPFv2 Router Link structure.
DLLEXPORT int trace_seek_seconds(libtrace_t *trace, double seconds)
Seek within an input trace to a time specified in floating point seconds.
Definition: trace.c:2015
Request server to suspend sending data.
Definition: libtrace.h:416
DLLEXPORT DEPRECATED uint64_t trace_get_filtered_packets(libtrace_t *trace)
Returns the number of packets that were captured, but discarded for not matching a provided filter...
Definition: trace.c:2184
Apply this filter to all packets read from this trace.
Definition: libtrace.h:1314
TX Power in dBm (int8)
Definition: libtrace.h:602
DLLEXPORT void * trace_get_payload_from_layer2(void *l2, libtrace_linktype_t linktype, uint16_t *ethertype, uint32_t *remaining)
Gets a pointer to the next header following a layer 2 header.
Definition: protocols_l2.c:562
DLLEXPORT SIMPLE_FUNCTION uint8_t * trace_get_destination_mac(libtrace_packet_t *packet)
Gets the destination MAC address for a given packet.
Definition: protocols_l2.c:715
uint32_t l2_remaining
Cached link remaining.
Definition: libtrace.h:556
uint16_t ethertype
Payload ethertype.
Definition: libtrace.h:882
IPv6 destination options.
Definition: libtrace.h:519
RT is encapsulating an ATM header capture record.
Definition: libtrace.h:450
LT_BITFIELD32 protocol
Protocol Version.
Definition: libtrace.h:913
uint8_t nxt
Next header.
Definition: libtrace.h:673
uint16_t sum
Checksum.
Definition: libtrace.h:972
DLLEXPORT void trace_destroy_filter(libtrace_filter_t *filter)
Destroy a BPF filter.
Definition: trace.c:1506
A local definition of an SLL header.
Definition: libtrace.h:1147
Linux "null" framing.
Definition: libtrace.h:358
DLLEXPORT SIMPLE_FUNCTION unsigned char * trace_get_first_ospf_link_from_router_lsa_v2(libtrace_ospf_router_lsa_v2_t *lsa, uint32_t *remaining)
Get a pointer to the start of the first link contained within a Router LSA.
Definition: protocols_ospf.c:84
LT_BITFIELD8 doff
Data Offset.
Definition: libtrace.h:689
PPPoE Service Discovery.
Definition: libtrace.h:536
DLLEXPORT void trace_destroy_output(libtrace_out_t *trace)
Close an output trace, freeing up any resources it may have been using.
Definition: trace.c:815
DLLEXPORT SIMPLE_FUNCTION uint32_t trace_get_ospf_metric_from_summary_lsa_v2(libtrace_ospf_summary_lsa_v2_t *sum_lsa)
Extracts the metric field from a Summary LSA packet.
Definition: protocols_ospf.c:154
Server is exiting message.
Definition: libtrace.h:413
struct libtrace_udp libtrace_udp_t
Generic UDP header structure.
Packet has been read from input trace.
Definition: libtrace.h:1865
IPv4.
Definition: libtrace.h:529
LT_BITFIELD64 reserved2
Bits reserved for future fields.
Definition: libtrace.h:1440
uint64_t order
Notes the order of this packet in relation to the input.
Definition: libtrace.h:563
DLLEXPORT void * trace_get_payload_from_ip(libtrace_ip_t *ip, uint8_t *proto, uint32_t *remaining)
Gets a pointer to the payload following an IPv4 header.
Definition: protocols_l3.c:100
struct libtrace_ether libtrace_ether_t
802.3 frame
DLLEXPORT int trace_start(libtrace_t *libtrace)
Start an input trace.
Definition: trace.c:527
struct libtrace_packet_t libtrace_packet_t
The libtrace packet structure.
uint32_t ls_num_adv
Number of LSAs in this packet.
Definition: libtrace.h:1059
OSPF Hello.
Definition: libtrace.h:1130
DLLEXPORT SIMPLE_FUNCTION libtrace_tcp_t * trace_get_tcp(libtrace_packet_t *packet)
Get a pointer to the TCP header (if present)
Definition: protocols_transport.c:232
libtrace_ipproto_t
IP Protocol values.
Definition: libtrace.h:503
OSPFv2 Network LSA Body.
Definition: libtrace.h:1094
uint32_t it_present
Which Radiotap fields are present.
Definition: libtrace.h:961
struct libtrace_radiotap_t libtrace_radiotap_t
The Radiotap header pre-amble.
uint8_t metric_a
Byte 1 of the Metric field.
Definition: libtrace.h:1087
OSPF Link State Request.
Definition: libtrace.h:1132
DLLEXPORT SIMPLE_FUNCTION libtrace_icmp6_t * trace_get_icmp6(libtrace_packet_t *packet)
Get a pointer to the ICMPv6 header (if present)
Definition: protocols_transport.c:318
uint16_t seq
Optional sequence number.
Definition: libtrace.h:886
DLLEXPORT libtrace_filter_t * trace_create_filter_from_bytecode(void *bf_insns, unsigned int bf_len)
Create a BPF filter based on pre-compiled byte-code.
Definition: trace.c:1464
uint8_t ssap
Source Service Access Point.
Definition: libtrace.h:775
DLLEXPORT SIMPLE_FUNCTION DEPRECATED void * trace_get_link(const libtrace_packet_t *packet)
Get a pointer to the link layer for a given packet.
Definition: trace.c:1175
struct in_addr ip_dst
Destination Address.
Definition: libtrace.h:645
struct libtrace_ospf_network_lsa_t libtrace_ospf_network_lsa_v2_t
OSPFv2 Network LSA Body.
struct in6_addr ip_dst
Destination address.
Definition: libtrace.h:676
Flags.
Definition: dagformat.h:81
uint16_t flags
Flags and version.
Definition: libtrace.h:881
void * l2_header
Cached link header.
Definition: libtrace.h:554
No compression.
Definition: libtrace.h:1391
Server is paused message.
Definition: libtrace.h:418
struct libtrace_icmp6::@19::@20 extend
Extensions added in RFC 4884 for Time Exceeded and Destination Unreachable Messages.
TSH trace format.
Definition: libtrace.h:393
Sleep for the given amount of time.
Definition: libtrace.h:1864
Generic IP header structure.
Definition: libtrace.h:626
DLLEXPORT bool trace_get_wireless_tx_attenuation(void *linkptr, libtrace_linktype_t linktype, uint16_t *attenuation)
Get the wireless transmit attenuation.
Definition: link_wireless.c:504
RT is encapsulating a Legacy ATM capture record.
Definition: libtrace.h:438
IPv6 Routing header.
Definition: libtrace.h:511
DLLEXPORT void DLLEXPORT libtrace_err_t trace_get_err_output(libtrace_out_t *trace)
Checks (and clears) the current error state for an output trace.
Definition: trace.c:1946
DLLEXPORT uint16_t * trace_checksum_layer3(libtrace_packet_t *packet, uint16_t *csum)
Calculates the expected IP checksum for a packet.
Definition: protocols_l3.c:678
DLLEXPORT SIMPLE_FUNCTION libtrace_tcp_t * trace_get_tcp_from_ip(libtrace_ip_t *ip, uint32_t *remaining)
Get a pointer to the TCP header following an IPv4 header (if present)
Definition: protocols_transport.c:258
PPPoE header.
Definition: libtrace.h:867
Source port is the server port.
Definition: libtrace.h:3449
Legacy ATM header capture.
Definition: libtrace.h:394
RT is encapsulating a PCAP capture record with an Ethernet linktype.
Definition: libtrace.h:468
uint16_t urg_ptr
Urgent Pointer.
Definition: libtrace.h:715
DLLEXPORT int trace_apply_filter(libtrace_filter_t *filter, const libtrace_packet_t *packet)
Apply a BPF filter to a packet.
Definition: trace.c:1595
uint8_t it_pad
Padding for natural alignment.
Definition: libtrace.h:959
uint32_t seq
Sequence number for DD packets.
Definition: libtrace.h:1045
DLLEXPORT void DLLEXPORT DEPRECATED uint64_t trace_get_received_packets(libtrace_t *trace)
Returns the number of packets observed on an input trace.
Definition: trace.c:2161
OSPFv2 Database Description packet.
Definition: libtrace.h:1030
802.11 header
Definition: libtrace.h:911
The Radiotap header pre-amble.
Definition: libtrace.h:957
LT_BITFIELD8 e
External Router Flag.
Definition: libtrace.h:1115
Number of rts retries frame used (uint8)
Definition: libtrace.h:609
LT_BITFIELD8 syn
SYN flag.
Definition: libtrace.h:691
uint32_t gateway
Gateway Address.
Definition: libtrace.h:739
Generic UDP header structure.
Definition: libtrace.h:719
Lost connection to server.
Definition: libtrace.h:423
DLLEXPORT uint8_t * trace_ether_aton(const char *buf, uint8_t *addr)
Convert a string to an ethernet address.
Definition: trace.c:2075
DLLEXPORT void trace_help(void)
Prints help information for libtrace.
Definition: trace.c:174
A libtrace output trace.
Definition: libtrace_int.h:407
LT_BITFIELD32 wep
WEP encryption indicator.
Definition: libtrace.h:929
LT_BITFIELD16 vlan_cfi
VLAN Format Indicator, 0 for ethernet, 1 for token ring.
Definition: libtrace.h:794
struct in_addr netmask
Netmask for the network.
Definition: libtrace.h:1096
OSPF Link State Acknowledgement.
Definition: libtrace.h:1134
struct libtrace_ip6_frag libtrace_ip6_frag_t
IPv6 fragmentation header.
DLLEXPORT void trace_perror_output(libtrace_out_t *trace, const char *msg,...) PRINTF(2
Outputs the error message for an output trace to stderr and clear the error status.
LT_BITFIELD32 vci
Virtual Channel Identifier.
Definition: libtrace.h:848
LT_BITFIELD8 db_desc_m
If set, more packets to follow.
Definition: libtrace.h:1036
void * srcbucket
Internal identifier for the pkt.
Definition: libtrace.h:567
struct libtrace_ospf_db_desc_v2_t libtrace_ospf_db_desc_v2_t
OSPFv2 Database Description packet.
DLLEXPORT SIMPLE_FUNCTION int trace_get_next_ospf_link_v2(unsigned char **current, libtrace_ospf_link_v2_t **link, uint32_t *remaining, uint32_t *link_len)
Parses an OSPF Router LSA Link and finds the next Link (if there is one)
Definition: protocols_ospf.c:168
DLLEXPORT int trace_pause(libtrace_t *libtrace)
Pauses an input trace.
Definition: trace.c:558
LT_BITFIELD8 ip_hl
Header Length.
Definition: libtrace.h:629
DLLEXPORT SIMPLE_FUNCTION libtrace_ip_t * trace_get_ip(libtrace_packet_t *packet)
Get a pointer to the IPv4 header (if any) for a given packet.
Definition: protocols_l3.c:56
RT is encapsulating a PCAP capture record with a NULL linktype.
Definition: libtrace.h:465
struct libtrace_icmp6::@19::@21 echo
Data required for Echo Request and Reply messages.
Frequency in MHz (uint16) and channel flags (uint16)
Definition: libtrace.h:595
Anonymisation key has changed.
Definition: libtrace.h:420
pthread_mutex_t ref_lock
Lock for reference counter.
Definition: libtrace.h:569
LT_BITFIELD32 more_frag
Packet has more fragments.
Definition: libtrace.h:925
int size
If the event is PACKET, the value returned by trace_read_packet()
Definition: libtrace.h:1878