diff options
| author | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2002-01-29 08:44:53 +0000 |
|---|---|---|
| committer | guy <guy@f5534014-38df-0310-8fa8-9805f1628bb7> | 2002-01-29 08:44:53 +0000 |
| commit | ebeaa9513fe3932c4dc4adc9a64e4d8c3e26d922 (patch) | |
| tree | ad1052c0e6fa256db7900ff529de5064cb607e6e /wiretap | |
| parent | 5d8ea98df4945ca11883172430e7e19316708e84 (diff) | |
Support for capturing on, and reading captures from, OpenBSD firewall
logging virtual interface, from Mike Frantzen.
git-svn-id: http://anonsvn.wireshark.org/wireshark/trunk@4616 f5534014-38df-0310-8fa8-9805f1628bb7
Diffstat (limited to 'wiretap')
| -rw-r--r-- | wiretap/libpcap.c | 14 | ||||
| -rw-r--r-- | wiretap/wtap.c | 5 | ||||
| -rw-r--r-- | wiretap/wtap.h | 5 |
3 files changed, 20 insertions, 4 deletions
diff --git a/wiretap/libpcap.c b/wiretap/libpcap.c index b10d1d2317..b4c1bad05c 100644 --- a/wiretap/libpcap.c +++ b/wiretap/libpcap.c @@ -1,6 +1,6 @@ /* libpcap.c * - * $Id: libpcap.c,v 1.62 2001/12/04 07:32:05 guy Exp $ + * $Id: libpcap.c,v 1.63 2002/01/29 08:44:53 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -230,7 +230,12 @@ static const struct { /* * 17 is DLT_LANE8023 in SuSE 6.3 libpcap; we don't currently * handle it. + * It is also used as the PF (Packet Filter) logging format beginning + * with OpenBSD 3.0. */ +#if defined(DLT_PFLOG) && (DLT_PFLOG == 17) + { 17, WTAP_ENCAP_PFLOG }, +#endif /* * 18 is DLT_CIP in SuSE 6.3 libpcap; if it's the same as the @@ -366,6 +371,13 @@ static const struct { { 114, WTAP_ENCAP_LOCALTALK }, /* Localtalk */ + /* + * The tcpdump.org version of libpcap uses 117, rather than 17, + * for OpenBSD packet filter logging, so as to avoid conflicting + * with DLT_LANE8023 in SuSE 6.3 libpcap. + */ + { 117, WTAP_ENCAP_PFLOG }, + { 118, WTAP_ENCAP_CISCO_IOS }, { 119, WTAP_ENCAP_PRISM_HEADER }, /* Prism monitor mode hdr */ }; diff --git a/wiretap/wtap.c b/wiretap/wtap.c index 75f3f40326..253eda2159 100644 --- a/wiretap/wtap.c +++ b/wiretap/wtap.c @@ -1,6 +1,6 @@ /* wtap.c * - * $Id: wtap.c,v 1.58 2001/11/30 07:14:22 guy Exp $ + * $Id: wtap.c,v 1.59 2002/01/29 08:44:53 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -133,6 +133,9 @@ static const struct encap_type_info { /* WTAP_ENCAP_PRISM_HEADER */ { "IEEE 802.11 plus Prism II monitor mode header", "prism" }, + + /* WTAP_ENCAP_PFLOG */ + { "OpenBSD PF Firewall logs", "pflog" }, }; /* Name that should be somewhat descriptive. */ diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 6619956147..74df2e1c70 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1,6 +1,6 @@ /* wtap.h * - * $Id: wtap.h,v 1.101 2002/01/23 06:32:52 guy Exp $ + * $Id: wtap.h,v 1.102 2002/01/29 08:44:53 guy Exp $ * * Wiretap Library * Copyright (c) 1998 by Gilbert Ramirez <gram@alumni.rice.edu> @@ -101,9 +101,10 @@ #define WTAP_ENCAP_CISCO_IOS 22 #define WTAP_ENCAP_LOCALTALK 23 #define WTAP_ENCAP_PRISM_HEADER 24 +#define WTAP_ENCAP_PFLOG 25 /* last WTAP_ENCAP_ value + 1 */ -#define WTAP_NUM_ENCAP_TYPES 25 +#define WTAP_NUM_ENCAP_TYPES 26 /* File types that can be read by wiretap. We support writing some many of these file types, too, so we |