1 files changed, 105 insertions, 0 deletions

diff --git a/dfilter.h b/dfilter.h
new file mode 100644
index 0000000000..6a60af55ab
--- /dev/null
+++ b/dfilter.h
@@ -0,0 +1,105 @@
+/* dfilter.h
+ * Definitions for display filters
+ *
+ * $Id: dfilter.h,v 1.1 1999/07/07 22:51:37 gram Exp $
+ *
+ * Ethereal - Network traffic analyzer
+ * By Gerald Combs <gerald@zing.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * 
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#ifndef __DFILTER_H__
+#define __DFILTER_H__
+
+void dfilter_init(void);
+void dfilter_cleanup(void);
+int dfilter_compile(char* dfilter_text, GNode** p_dfcode);
+gboolean dfilter_apply(GNode *dfcode, proto_tree *ptree, guint8* pd);
+
+/* Here we provide interfaces to make our scanner act and look like lex */
+int yylex(void);
+void yyerror(char *s);
+void dfilter_yyerror(char *fmt, ...);
+
+/* functions that dfilter-grammar.y needs during parsing*/
+gboolean check_relation_numeric(gint operand, GArray *a, GArray *b);
+gboolean check_relation_ether(gint operand, GArray *a, GArray *b);
+gboolean check_relation_bytes(gint operand, GArray *a, GArray *b);
+gboolean check_relation_boolean(gint operand, GArray *a, GArray *b);
+
+gboolean fill_array_numeric_value(GNode *gnode, gpointer data);
+gboolean fill_array_numeric_variable(GNode *gnode, gpointer data);
+gboolean fill_array_ether_value(GNode *gnode, gpointer data);
+gboolean fill_array_ether_variable(GNode *gnode, gpointer data);
+gboolean fill_array_bytes_value(GNode *gnode, gpointer data);
+gboolean fill_array_bytes_variable(GNode *gnode, gpointer data);
+gboolean fill_array_boolean_value(GNode *gnode, gpointer data);
+gboolean fill_array_boolean_variable(GNode *gnode, gpointer data);
+
+enum node_type {
+	relation,	/* eq, ne, gt, ge, lt, le */
+	logical,	/* and, or, not, xor */
+	variable,	/* protocol or header field id */
+	existence,	/* existence of a variable (protocol or hf) */
+	alternation,	/* &, | */
+	boolean,	/* true, false */
+	numeric,	/* uint8, uint16, or uint32 value */
+	abs_time,
+	string,
+	ether,
+	ether_vendor,
+	bytes,
+	ipv4
+};
+
+typedef gboolean(*CheckRelationFunc) (gint operand, GArray *a, GArray *b);
+
+/* This struct is the parse tree node created by this grammary and used
+ * directly in the display filter routines to filter packets.
+ */
+typedef struct dfilter_node {
+	enum node_type			ntype; /* from dfilter-grammar.h */
+	int				elem_size; /* computed at dfilter parse time rather than
+						when finding elements for each packet. Saves time
+						in get_values_from_ptree() */
+	CheckRelationFunc		check_relation_func;
+	GNodeTraverseFunc		fill_array_func;
+
+	/* copied from proto.h */
+	union {
+		gint		relation; /* if type == relation (eq, ne, gt, ge, lt, le) */
+		gint		logical;  /* if type == logical (and, or, not, xor) */
+		gint		variable; /* if type == variable (protocol or header field abbrev) */
+		gint		alternation; /* if type == alternation (& or |) */
+
+		gboolean	boolean;
+		guint32		numeric;
+		struct timeval	abs_time; /* the whole struct, not a pointer */
+		gchar		*string;
+		guint8		ether[6];
+		GByteArray	*bytes;
+	}				value;
+
+	/* used for byte-ranges */
+	int				offset;
+	int				length;
+} dfilter_node;
+
+
+
+#endif /* ! __DFILTER_H__ */