diff options
author | Guy Harris <gharris@sonic.net> | 2021-01-27 14:33:09 -0800 |
---|---|---|
committer | Guy Harris <gharris@sonic.net> | 2021-01-27 14:33:09 -0800 |
commit | 93a472575d939a09e4f4b94f530710bb93f1b8af (patch) | |
tree | 4fd83a0fd4b85116d5d3f8a8d0d7f9692739423c /extcap | |
parent | efcaa68807151b46e4352bb7dbdd4134057237a1 (diff) |
Rename WTAP_ENCAP_ETL to WTAP_ENCAP_ETW.
It corresponds to LINKTYPE_ETW in pcap and pcapng files; the structures
in the record format come from the Event Tracing for Windows (ETW) API
rather than directly from Event Trace Log files.
While we're at it, explain what extcap/etl does.
Diffstat (limited to 'extcap')
-rw-r--r-- | extcap/etl.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/extcap/etl.c b/extcap/etl.c index 0aac40751b..5e5fb39322 100644 --- a/extcap/etl.c +++ b/extcap/etl.c @@ -9,8 +9,10 @@ * SPDX-License-Identifier: GPL-2.0-or-later */ - /* - https://docs.microsoft.com/en-us/windows/win32/etw/event-tracing-portal +/* + * Reads an ETL file and writes out a pcap file with LINKTYPE_ETW. + * + * https://docs.microsoft.com/en-us/windows/win32/etw/event-tracing-portal */ #include "config.h" @@ -178,13 +180,13 @@ wtap_dumper* etw_dump_open(const char* pcapng_filename, int* err, gchar** err_in idb_data = wtap_block_create(WTAP_BLOCK_IF_DESCR); descr_mand = (wtapng_if_descr_mandatory_t*)wtap_block_get_mandatory_data(idb_data); descr_mand->tsprecision = WTAP_TSPREC_USEC; - descr_mand->wtap_encap = WTAP_ENCAP_ETL; + descr_mand->wtap_encap = WTAP_ENCAP_ETW; /* Timestamp for each pcapng packet is usec units, so time_units_per_second need be set to 10^6 */ descr_mand->time_units_per_second = G_USEC_PER_SEC; g_array_append_val(idb_datas, idb_data); idb_info->interface_data = idb_datas; - params.encap = WTAP_ENCAP_ETL; + params.encap = WTAP_ENCAP_ETW; params.snaplen = 0; params.tsprec = WTAP_TSPREC_USEC; params.shb_hdrs = shb_hdrs; @@ -280,7 +282,7 @@ void wtap_etl_rec_dump(ULARGE_INTEGER timestamp, WTAP_ETL_RECORD* etl_record, UL wtap_rec_init(&rec); rec.rec_header.packet_header.caplen = total_packet_length; rec.rec_header.packet_header.len = total_packet_length; - rec.rec_header.packet_header.pkt_encap = WTAP_ENCAP_ETL; + rec.rec_header.packet_header.pkt_encap = WTAP_ENCAP_ETW; rec.presence_flags = rec.presence_flags | WTAP_HAS_PACK_FLAGS; rec.rec_header.packet_header.pack_flags = is_inbound ? 1 : 2; /* Convert usec of the timestamp into nstime_t */ |