aboutsummaryrefslogtreecommitdiffstats
path: root/wiretap/wtap.h
diff options
context:
space:
mode:
authorAnders Broman <anders.broman@ericsson.com>2007-10-08 11:41:21 +0000
committerAnders Broman <anders.broman@ericsson.com>2007-10-08 11:41:21 +0000
commitb9f9b33e0e543eb0c50593e7cc626ecc02de099d (patch)
tree9ed41766fa747dd14ab11abddc6df9e6ffff04f0 /wiretap/wtap.h
parent3862b87c9436a3137d7e5fdc773bf422044b71a3 (diff)
From Florent DROUIN:
This is a replacement of the existing decoding of ERF files (Extensible Record Format from Endace). For the decoding of the ERF files, according to the "type of record" given in the ERF header, several decoders can be used. Up to now, the decoder is determined according to an environment variable, or with a kind of heuristic. And, all the treatment is done during the file extraction. The new architecture, will separate the ERF file decoding, and the ERF record decoding. The ERF records will be decoded with a specific dissector. This dissector can be configured with options, to replace the environment variable. http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1839 svn path=/trunk/; revision=23092
Diffstat (limited to 'wiretap/wtap.h')
-rw-r--r--wiretap/wtap.h184
1 files changed, 106 insertions, 78 deletions
diff --git a/wiretap/wtap.h b/wiretap/wtap.h
index 9472a639bd..5b1da17e5d 100644
--- a/wiretap/wtap.h
+++ b/wiretap/wtap.h
@@ -157,41 +157,43 @@ extern "C" {
#define WTAP_ENCAP_USER15 60
#define WTAP_ENCAP_SYMANTEC 61
#define WTAP_ENCAP_APPLE_IP_OVER_IEEE1394 62
-#define WTAP_ENCAP_BACNET_MS_TP 63
-#define WTAP_ENCAP_NETTL_RAW_ICMP 64
-#define WTAP_ENCAP_NETTL_RAW_ICMPV6 65
-#define WTAP_ENCAP_GPRS_LLC 66
-#define WTAP_ENCAP_JUNIPER_ATM1 67
-#define WTAP_ENCAP_JUNIPER_ATM2 68
-#define WTAP_ENCAP_REDBACK 69
-#define WTAP_ENCAP_NETTL_RAW_IP 70
-#define WTAP_ENCAP_NETTL_ETHERNET 71
-#define WTAP_ENCAP_NETTL_TOKEN_RING 72
-#define WTAP_ENCAP_NETTL_FDDI 73
-#define WTAP_ENCAP_NETTL_UNKNOWN 74
-#define WTAP_ENCAP_MTP2_WITH_PHDR 75
+#define WTAP_ENCAP_BACNET_MS_TP 63
+#define WTAP_ENCAP_NETTL_RAW_ICMP 64
+#define WTAP_ENCAP_NETTL_RAW_ICMPV6 65
+#define WTAP_ENCAP_GPRS_LLC 66
+#define WTAP_ENCAP_JUNIPER_ATM1 67
+#define WTAP_ENCAP_JUNIPER_ATM2 68
+#define WTAP_ENCAP_REDBACK 69
+#define WTAP_ENCAP_NETTL_RAW_IP 70
+#define WTAP_ENCAP_NETTL_ETHERNET 71
+#define WTAP_ENCAP_NETTL_TOKEN_RING 72
+#define WTAP_ENCAP_NETTL_FDDI 73
+#define WTAP_ENCAP_NETTL_UNKNOWN 74
+#define WTAP_ENCAP_MTP2_WITH_PHDR 75
#define WTAP_ENCAP_JUNIPER_PPPOE 76
-#define WTAP_GCOM_TIE1 77
-#define WTAP_GCOM_SERIAL 78
-#define WTAP_ENCAP_NETTL_X25 79
-#define WTAP_ENCAP_K12 80
-#define WTAP_ENCAP_JUNIPER_MLPPP 81
-#define WTAP_ENCAP_JUNIPER_MLFR 82
-#define WTAP_ENCAP_JUNIPER_ETHER 83
-#define WTAP_ENCAP_JUNIPER_PPP 84
-#define WTAP_ENCAP_JUNIPER_FRELAY 85
-#define WTAP_ENCAP_JUNIPER_CHDLC 86
-#define WTAP_ENCAP_JUNIPER_GGSN 87
-#define WTAP_ENCAP_LINUX_LAPD 88
-#define WTAP_ENCAP_CATAPULT_DCT2000 89
-#define WTAP_ENCAP_BER 90
-#define WTAP_ENCAP_JUNIPER_VP 91
-#define WTAP_ENCAP_USB 92
+#define WTAP_GCOM_TIE1 77
+#define WTAP_GCOM_SERIAL 78
+#define WTAP_ENCAP_NETTL_X25 79
+#define WTAP_ENCAP_K12 80
+#define WTAP_ENCAP_JUNIPER_MLPPP 81
+#define WTAP_ENCAP_JUNIPER_MLFR 82
+#define WTAP_ENCAP_JUNIPER_ETHER 83
+#define WTAP_ENCAP_JUNIPER_PPP 84
+#define WTAP_ENCAP_JUNIPER_FRELAY 85
+#define WTAP_ENCAP_JUNIPER_CHDLC 86
+#define WTAP_ENCAP_JUNIPER_GGSN 87
+#define WTAP_ENCAP_LINUX_LAPD 88
+#define WTAP_ENCAP_CATAPULT_DCT2000 89
+#define WTAP_ENCAP_BER 90
+#define WTAP_ENCAP_JUNIPER_VP 91
+#define WTAP_ENCAP_USB 92
#define WTAP_ENCAP_IEEE802_16_MAC_CPS 93
-#define WTAP_ENCAP_NETTL_RAW_TELNET 94
-#define WTAP_ENCAP_USB_LINUX 95
-#define WTAP_ENCAP_MPEG 96
-#define WTAP_ENCAP_PPI 97
+#define WTAP_ENCAP_NETTL_RAW_TELNET 94
+#define WTAP_ENCAP_USB_LINUX 95
+#define WTAP_ENCAP_MPEG 96
+#define WTAP_ENCAP_PPI 97
+#define WTAP_ENCAP_ERF 98
+
#define WTAP_NUM_ENCAP_TYPES wtap_get_num_encap_types()
@@ -199,54 +201,54 @@ extern "C" {
We support writing some many of these file types, too, so we
distinguish between different versions of them. */
#define WTAP_FILE_UNKNOWN 0
-#define WTAP_FILE_WTAP 1
-#define WTAP_FILE_PCAP 2
-#define WTAP_FILE_PCAP_NSEC 3
-#define WTAP_FILE_PCAP_AIX 4
-#define WTAP_FILE_PCAP_SS991029 5
-#define WTAP_FILE_PCAP_NOKIA 6
-#define WTAP_FILE_PCAP_SS990417 7
-#define WTAP_FILE_PCAP_SS990915 8
-#define WTAP_FILE_5VIEWS 9
-#define WTAP_FILE_IPTRACE_1_0 10
-#define WTAP_FILE_IPTRACE_2_0 11
-#define WTAP_FILE_BER 12
-#define WTAP_FILE_HCIDUMP 13
-#define WTAP_FILE_CATAPULT_DCT2000 14
-#define WTAP_FILE_NETXRAY_OLD 15
-#define WTAP_FILE_NETXRAY_1_0 16
-#define WTAP_FILE_COSINE 17
-#define WTAP_FILE_CSIDS 18
-#define WTAP_FILE_DBS_ETHERWATCH 19
-#define WTAP_FILE_ERF 20
-#define WTAP_FILE_EYESDN 21
-#define WTAP_FILE_NETTL 22
-#define WTAP_FILE_ISERIES 23
-#define WTAP_FILE_ISERIES_UNICODE 24
-#define WTAP_FILE_I4BTRACE 25
-#define WTAP_FILE_ASCEND 26
-#define WTAP_FILE_NETMON_1_x 27
-#define WTAP_FILE_NETMON_2_x 28
+#define WTAP_FILE_WTAP 1
+#define WTAP_FILE_PCAP 2
+#define WTAP_FILE_PCAP_NSEC 3
+#define WTAP_FILE_PCAP_AIX 4
+#define WTAP_FILE_PCAP_SS991029 5
+#define WTAP_FILE_PCAP_NOKIA 6
+#define WTAP_FILE_PCAP_SS990417 7
+#define WTAP_FILE_PCAP_SS990915 8
+#define WTAP_FILE_5VIEWS 9
+#define WTAP_FILE_IPTRACE_1_0 10
+#define WTAP_FILE_IPTRACE_2_0 11
+#define WTAP_FILE_BER 12
+#define WTAP_FILE_HCIDUMP 13
+#define WTAP_FILE_CATAPULT_DCT2000 14
+#define WTAP_FILE_NETXRAY_OLD 15
+#define WTAP_FILE_NETXRAY_1_0 16
+#define WTAP_FILE_COSINE 17
+#define WTAP_FILE_CSIDS 18
+#define WTAP_FILE_DBS_ETHERWATCH 19
+#define WTAP_FILE_ERF 20
+#define WTAP_FILE_EYESDN 21
+#define WTAP_FILE_NETTL 22
+#define WTAP_FILE_ISERIES 23
+#define WTAP_FILE_ISERIES_UNICODE 24
+#define WTAP_FILE_I4BTRACE 25
+#define WTAP_FILE_ASCEND 26
+#define WTAP_FILE_NETMON_1_x 27
+#define WTAP_FILE_NETMON_2_x 28
#define WTAP_FILE_NGSNIFFER_UNCOMPRESSED 29
#define WTAP_FILE_NGSNIFFER_COMPRESSED 30
-#define WTAP_FILE_NETXRAY_1_1 31
-#define WTAP_FILE_NETXRAY_2_00x 32
+#define WTAP_FILE_NETXRAY_1_1 31
+#define WTAP_FILE_NETXRAY_2_00x 32
#define WTAP_FILE_NETWORK_INSTRUMENTS_V9 33
-#define WTAP_FILE_LANALYZER 34
-#define WTAP_FILE_PPPDUMP 35
-#define WTAP_FILE_RADCOM 36
-#define WTAP_FILE_SNOOP 37
-#define WTAP_FILE_SHOMITI 38
-#define WTAP_FILE_VMS 39
-#define WTAP_FILE_K12 40
-#define WTAP_FILE_TOSHIBA 41
-#define WTAP_FILE_VISUAL_NETWORKS 42
-#define WTAP_FILE_ETHERPEEK_V56 43
-#define WTAP_FILE_ETHERPEEK_V7 44
-#define WTAP_FILE_AIROPEEK_V9 45
-#define WTAP_FILE_MPEG 46
-#define WTAP_FILE_K12TEXT 47
-#define WTAP_FILE_NETSCREEN 48
+#define WTAP_FILE_LANALYZER 34
+#define WTAP_FILE_PPPDUMP 35
+#define WTAP_FILE_RADCOM 36
+#define WTAP_FILE_SNOOP 37
+#define WTAP_FILE_SHOMITI 38
+#define WTAP_FILE_VMS 39
+#define WTAP_FILE_K12 40
+#define WTAP_FILE_TOSHIBA 41
+#define WTAP_FILE_VISUAL_NETWORKS 42
+#define WTAP_FILE_ETHERPEEK_V56 43
+#define WTAP_FILE_ETHERPEEK_V7 44
+#define WTAP_FILE_AIROPEEK_V9 45
+#define WTAP_FILE_MPEG 46
+#define WTAP_FILE_K12TEXT 47
+#define WTAP_FILE_NETSCREEN 48
#define WTAP_NUM_FILE_TYPES wtap_get_num_file_types()
@@ -607,6 +609,31 @@ struct linux_usb_phdr {
guint32 data_len; /* amount of urb data really present in this event*/
};
+/*
+ * Endace Record Format pseudo header
+ */
+struct erf_phdr {
+ guint64 ts; /* Time stamp */
+ guint8 type;
+ guint8 flags;
+ guint16 rlen;
+ guint16 lctr;
+ guint16 wlen;
+};
+
+/*
+ * ERF pseudo header with optional subheader
+ * (Multichannel or Ethernet)
+ */
+struct erf_mc_phdr {
+ struct erf_phdr phdr;
+ union
+ {
+ guint16 eth_hdr;
+ guint32 mc_hdr;
+ } subhdr;
+};
+
union wtap_pseudo_header {
struct eth_phdr eth;
struct x25_phdr x25;
@@ -623,6 +650,7 @@ union wtap_pseudo_header {
struct lapd_phdr lapd;
struct catapult_dct2000_phdr dct2000;
struct linux_usb_phdr linux_usb;
+ struct erf_mc_phdr erf;
};
struct wtap_nstime {
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-25 16:52:33 +0000