diff options
author | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2002-01-18 00:25:50 +0000 |
---|---|---|
committer | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2002-01-18 00:25:50 +0000 |
commit | 947d1bfba7138671b750d887b6e0420d088a870b (patch) | |
tree | f15e5e678f1a10af17842a6caa4f445f9d2e9a31 /wiretap | |
parent | c2360ac2de61794ededdbb5309c364d8c66aa9c3 (diff) |
In the EtherPeek file reader, keep the capture start time in a private
data structure attached to the "wtap" structure, rather than in a
pseudo-header structure; get rid of the EtherPeek pseudo-header
structure, as it's not actually used as a pseudo-header, it's just used
as private data for the EtherPeek reader.
Get rid of an extra level of indentation in switch statements.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4561 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'wiretap')
-rw-r--r-- | wiretap/etherpeek.c | 136 | ||||
-rw-r--r-- | wiretap/wtap-int.h | 7 | ||||
-rw-r--r-- | wiretap/wtap.h | 24 |
3 files changed, 99 insertions, 68 deletions
diff --git a/wiretap/etherpeek.c b/wiretap/etherpeek.c index f30f639e94..658d22fb43 100644 --- a/wiretap/etherpeek.c +++ b/wiretap/etherpeek.c @@ -2,7 +2,7 @@ * Routines for opening etherpeek files * Copyright (c) 2001, Daniel Thompson <d.thompson@gmx.net> * - * $Id: etherpeek.c,v 1.7 2001/12/05 07:19:11 guy Exp $ + * $Id: etherpeek.c,v 1.8 2002/01/18 00:25:50 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -127,10 +127,12 @@ static const etherpeek_encap_lookup_t etherpeek_encap[] = { static gboolean etherpeek_read_m7(wtap *wth, int *err, long *data_offset); static gboolean etherpeek_read_m56(wtap *wth, int *err, long *data_offset); +static void etherpeek_close(wtap *wth); int etherpeek_open(wtap *wth, int *err) { etherpeek_header_t ep_hdr; + struct timeval start_time; /* etherpeek files to not start with a magic value large enough * to be unique hence we use the following algorithm to determine @@ -149,69 +151,78 @@ int etherpeek_open(wtap *wth, int *err) /* switch on the file version */ switch (ep_hdr.master.version) { - case 5: - case 6: - case 7: - /* get the secondary header */ - g_assert(sizeof(ep_hdr.secondary.m567) == - ETHERPEEK_M567_HDR_SIZE); - wtap_file_read_unknown_bytes( - &ep_hdr.secondary.m567, - sizeof(ep_hdr.secondary.m567), wth->fh, err); - wth->data_offset += sizeof(ep_hdr.secondary.m567); + + case 5: + case 6: + case 7: + /* get the secondary header */ + g_assert(sizeof(ep_hdr.secondary.m567) == + ETHERPEEK_M567_HDR_SIZE); + wtap_file_read_unknown_bytes( + &ep_hdr.secondary.m567, + sizeof(ep_hdr.secondary.m567), wth->fh, err); + wth->data_offset += sizeof(ep_hdr.secondary.m567); - if ((0 != ep_hdr.secondary.m567.reserved[0]) || - (0 != ep_hdr.secondary.m567.reserved[1]) || - (0 != ep_hdr.secondary.m567.reserved[2]) || - (0 != ep_hdr.secondary.m567.reserved[3])) { - /* still unknown */ - return 0; - } - - /* we have a match for a Mac V5, V6 or V7, - * so it is worth preforming byte swaps - */ - ep_hdr.secondary.m567.filelength = - ntohl(ep_hdr.secondary.m567.filelength); - ep_hdr.secondary.m567.numPackets = - ntohl(ep_hdr.secondary.m567.numPackets); - ep_hdr.secondary.m567.timeDate = - ntohl(ep_hdr.secondary.m567.timeDate); - ep_hdr.secondary.m567.timeStart = - ntohl(ep_hdr.secondary.m567.timeStart); - ep_hdr.secondary.m567.timeStop = - ntohl(ep_hdr.secondary.m567.timeStop); - - /* populate the pseudo header */ - wth->pseudo_header.etherpeek.reference_time.tv_sec = - ep_hdr.secondary.m567.timeDate - mac2unix; - wth->pseudo_header.etherpeek.reference_time.tv_usec = - 0; - break; - default: + if ((0 != ep_hdr.secondary.m567.reserved[0]) || + (0 != ep_hdr.secondary.m567.reserved[1]) || + (0 != ep_hdr.secondary.m567.reserved[2]) || + (0 != ep_hdr.secondary.m567.reserved[3])) { + /* still unknown */ return 0; + } + + /* we have a match for a Mac V5, V6 or V7, + * so it is worth performing byte swaps + */ + ep_hdr.secondary.m567.filelength = + ntohl(ep_hdr.secondary.m567.filelength); + ep_hdr.secondary.m567.numPackets = + ntohl(ep_hdr.secondary.m567.numPackets); + ep_hdr.secondary.m567.timeDate = + ntohl(ep_hdr.secondary.m567.timeDate); + ep_hdr.secondary.m567.timeStart = + ntohl(ep_hdr.secondary.m567.timeStart); + ep_hdr.secondary.m567.timeStop = + ntohl(ep_hdr.secondary.m567.timeStop); + + /* Get the start time as a "struct timeval" */ + start_time.tv_sec = + ep_hdr.secondary.m567.timeDate - mac2unix; + start_time.tv_usec = 0; + break; + + default: + return 0; } - /* at this point we have recognised the file type and have populated - * the whole ep_hdr structure in host byte order + /* + * This is an EtherPeek (or TokenPeek?) file. + * + * At this point we have recognised the file type and have populated + * the whole ep_hdr structure in host byte order. */ - + wth->capture.etherpeek = g_malloc(sizeof(etherpeek_t)); + wth->capture.etherpeek->start_timestamp = start_time; + wth->subtype_close = etherpeek_close; switch (ep_hdr.master.version) { - case 5: - case 6: - wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V56; - wth->subtype_read = etherpeek_read_m56; - wth->subtype_seek_read = wtap_def_seek_read; - break; - case 7: - wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V7; - wth->subtype_read = etherpeek_read_m7; - wth->subtype_seek_read = wtap_def_seek_read; - break; - default: - /* this is impossible */ - g_assert_not_reached(); - }; + + case 5: + case 6: + wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V56; + wth->subtype_read = etherpeek_read_m56; + wth->subtype_seek_read = wtap_def_seek_read; + break; + + case 7: + wth->file_type = WTAP_FILE_ETHERPEEK_MAC_V7; + wth->subtype_read = etherpeek_read_m7; + wth->subtype_seek_read = wtap_def_seek_read; + break; + + default: + /* this is impossible */ + g_assert_not_reached(); + } wth->file_encap = WTAP_ENCAP_PER_PACKET; wth->snapshot_length = 16384; /* just guessing */ @@ -219,6 +230,11 @@ int etherpeek_open(wtap *wth, int *err) return 1; } +static void etherpeek_close(wtap *wth) +{ + g_free(wth->capture.etherpeek); +} + static gboolean etherpeek_read_m7(wtap *wth, int *err, long *data_offset) { guchar ep_pkt[ETHERPEEK_M7_PKT_SIZE]; @@ -328,8 +344,8 @@ static gboolean etherpeek_read_m56(wtap *wth, int *err, long *data_offset) wth->phdr.len = length; wth->phdr.caplen = sliceLength; /* timestamp is in milliseconds since reference_time */ - wth->phdr.ts.tv_sec = wth->pseudo_header.etherpeek. - reference_time.tv_sec + (timestamp / 1000); + wth->phdr.ts.tv_sec = wth->capture.etherpeek->start_timestamp.tv_sec + + (timestamp / 1000); wth->phdr.ts.tv_usec = 1000 * (timestamp % 1000); wth->phdr.pkt_encap = WTAP_ENCAP_UNKNOWN; diff --git a/wiretap/wtap-int.h b/wiretap/wtap-int.h index b52ee068e9..5e947f68ac 100644 --- a/wiretap/wtap-int.h +++ b/wiretap/wtap-int.h @@ -1,6 +1,6 @@ /* wtap-int.h * - * $Id: wtap-int.h,v 1.18 2001/12/13 05:49:13 gram Exp $ + * $Id: wtap-int.h,v 1.19 2002/01/18 00:25:50 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -116,6 +116,10 @@ typedef struct { gboolean byteswapped; } csids_t; +typedef struct { + struct timeval start_timestamp; +} etherpeek_t; + typedef int (*subtype_read_func)(struct wtap*, int*, long*); typedef int (*subtype_seek_read_func)(struct wtap*, long, union wtap_pseudo_header*, guint8*, int); @@ -141,6 +145,7 @@ struct wtap { netxray_t *netxray; ascend_t *ascend; csids_t *csids; + etherpeek_t *etherpeek; void *generic; } capture; diff --git a/wiretap/wtap.h b/wiretap/wtap.h index ccf5493923..eaa0fa2314 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.99 2001/12/04 22:28:19 guy Exp $ + * $Id: wtap.h,v 1.100 2002/01/18 00:25:50 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -163,6 +163,22 @@ #include <glib.h> #include <stdio.h> +/* + * "Pseudo-headers" are used to supply to the clients of wiretap + * per-packet information that's not part of the packet payload + * proper. + * + * NOTE: do not use pseudo-header structures to hold information + * used by the code to read a particular capture file type; to + * keep that sort of state information, add a new structure for + * that private information to "wtap-int.h", add a pointer to that + * type of structure to the "capture" member of the "struct wtap" + * structure, and allocate one of those structures and set that member + * in the "open" routine for that capture file type if the open + * succeeds. See various other capture file type handlers for examples + * of that. + */ + /* Packet "pseudo-header" information for X.25 capture files. */ struct x25_phdr { guint8 flags; /* ENCAP_LAPB : 1st bit means From DCE */ @@ -199,11 +215,6 @@ struct ascend_phdr { guint32 task; /* Task number */ }; -/* Packet "pseudo_header" for etherpeek capture files. */ -struct etherpeek_phdr { - struct timeval reference_time; -}; - struct p2p_phdr { gboolean sent; /* TRUE=sent, FALSE=received */ }; @@ -265,7 +276,6 @@ union wtap_pseudo_header { struct x25_phdr x25; struct ngsniffer_atm_phdr ngsniffer_atm; struct ascend_phdr ascend; - struct etherpeek_phdr etherpeek; struct p2p_phdr p2p; }; |