diff options
author | Gerald Combs <gerald@wireshark.org> | 2018-09-10 16:49:36 -0700 |
---|---|---|
committer | Gerald Combs <gerald@wireshark.org> | 2018-09-26 21:31:13 +0000 |
commit | 123bcb0362a21ee1b498328e0be7fcad2a14f133 (patch) | |
tree | 761846e3f76363fa57f57edd158d04cbc42fd06d /wiretap/wtap.c | |
parent | 56086e20b0c7de7eddb8db7901ad760a9139900b (diff) |
Make systemd journal entries events.
Treat systemd journal entries filetype-specific events instead of
packets.
Add support for reading and writing systemd journal entries to pcapng.
Note that pcapng IDBs should be optional.
Add support for REC_TYPE_FT_SPECIFIC_EVENT where needed.
Change-Id: Ided999b1732108f480c6c75323a0769a9d9ef09f
Reviewed-on: https://code.wireshark.org/review/29611
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Diffstat (limited to 'wiretap/wtap.c')
-rw-r--r-- | wiretap/wtap.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/wiretap/wtap.c b/wiretap/wtap.c index 259d3bf3f1..bac88d8be2 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -930,6 +930,9 @@ static struct encap_type_info encap_table_base[] = { /* WTAP_ENCAP_RFC7468 */ { "RFC 7468 file", "rfc7468" }, + + /* WTAP_ENCAP_SYSTEMD_JOURNAL */ + { "systemd journal", "sdjournal" } }; WS_DLL_LOCAL @@ -1363,8 +1366,12 @@ wtap_read_packet_bytes(FILE_T fh, Buffer *buf, guint length, int *err, gchar **err_info) { ws_buffer_assure_space(buf, length); - return wtap_read_bytes(fh, ws_buffer_start_ptr(buf), length, err, - err_info); + if (wtap_read_bytes(fh, ws_buffer_start_ptr(buf), length, err, + err_info)) { + ws_buffer_increase_length(buf, length); + return TRUE; + } + return FALSE; } /* |