enum LND_PacketObserverOp; gboolean (*LND_PacketFunc) (LND_Packet *packet, LND_ProtoData *pd, void *user_data); LND_Packet* libnd_packet_new (LND_TracePart *tp, guint data_size); void libnd_packet_free (LND_Packet *packet); void libnd_packet_remove (LND_Packet *packet); LND_Trace* libnd_packet_get_trace (const LND_Packet *packet); void libnd_packet_dump (const LND_Packet *packet, pcap_dumper_t *dumper); void libnd_packet_set_data (LND_Packet *packet, const struct pcap_pkthdr *hdr, const guchar *data); LND_Packet* libnd_packet_duplicate (LND_Packet *packet); void libnd_packet_set_filtered (LND_Packet *packet, gboolean filtered); gboolean libnd_packet_is_filtered (LND_Packet *packet); void libnd_packet_init (LND_Packet *packet); void libnd_packet_init_from_pcap (LND_Packet *packet, pcap_t *pcap); gboolean libnd_packet_is_complete (const LND_Packet *packet); void libnd_packet_update (LND_Packet *packet, LND_Protocol *proto, guint nesting); guchar* libnd_packet_get_data (const LND_Packet *packet, const LND_Protocol *proto, guint nesting); guchar* libnd_packet_get_data_end (const LND_Packet *packet, const LND_Protocol *proto, guint nesting); void libnd_packet_add_proto_data (LND_Packet *packet, LND_Protocol *proto, guchar *data, guchar *data_end); LND_ProtoData* libnd_packet_get_proto_data (const LND_Packet *packet, const LND_Protocol *proto, guint nesting); guchar* libnd_packet_get_end (const LND_Packet *packet); gboolean libnd_packet_has_complete_header (const LND_Packet *packet, const LND_Protocol *proto, guint nesting); gboolean libnd_packet_has_proto (const LND_Packet *packet, const LND_Protocol *proto); gboolean libnd_packet_has_proto_nested (const LND_Packet *packet, const LND_Protocol *proto, guint nesting); LND_ProtoData* libnd_packet_get_last_nonraw (const LND_Packet *packet); void libnd_packet_update_proto_state (LND_Packet *packet, int index); void libnd_packet_foreach_proto (LND_Packet *packet, LND_PacketFunc cb, void *user_data); void libnd_packet_foreach_proto_backward (LND_Packet *packet, LND_PacketFunc cb, void *user_data); void libnd_packet_modified (LND_Packet *packet); int libnd_packet_get_index (const LND_Packet *packet); int libnd_packet_get_proto_nesting (const LND_Packet *packet, const LND_Protocol *proto, guchar *data); gboolean libnd_packet_fix (LND_Packet *packet); LND_PacketObserver* libnd_packet_observer_new (void); void libnd_packet_observer_free (LND_PacketObserver *ob); void libnd_packet_add_observer (LND_PacketObserver *ob); void libnd_packet_del_observer (LND_PacketObserver *ob); void libnd_packet_tell_observers (LND_Packet *packet, LND_PacketObserverOp op, void *data); |
typedef enum {
LND_PACKET_INITIALIZED = (1 << 0), /* Packet got initialized */
LND_PACKET_MODIFIED = (1 << 1), /* Packet got modified */
LND_PACKET_DELETE_PRE = (1 << 2), /* Packet gets deleted (pre-action) */
LND_PACKET_DELETE_POST = (1 << 3), /* Packet got deleted (post-action) */
LND_PACKET_INSERT_PRE = (1 << 4), /* Packet gets inserted (pre-action) */
LND_PACKET_INSERT_POST = (1 << 5), /* Packet got inserted (post-action) */
LND_PACKET_DUPLICATED = (1 << 6), /* Packet got duplicated */
LND_PACKET_VISIBILITY = (1 << 7), /* Packet visibility changed */
LND_PACKET_UPDATED = (1 << 8), /* Packet got updated (partial initialization) */
LND_PACKET_FIXED = (1 << 9), /* Packet checksums got fixed */
LND_PACKET_LEN_CHANGED = (1 << 10), /* Packet's wire size changed */
LND_PACKET_CAPLEN_CHANGED = (1 << 11), /* Packet's caplen changed */
/* If you add something here, also add a callback invocation in
* libnd_packet_tell_observers().
*/
} LND_PacketObserverOp; |
gboolean (*LND_PacketFunc) (LND_Packet *packet,
LND_ProtoData *pd,
void *user_data); |
Functions of this signature are used to iterate over the
protocols that are contained in packtes. See
libnd_packet_foreach_proto() and libnd_packet_foreach_proto_backward().
the packet over whose protocol data is iterated.
iterated protocol data.
arbitrary data passed through to this callback.
TRUE if the iteration is to continue, FALSE on abort.
LND_Packet* libnd_packet_new (LND_TracePart *tp,
guint data_size); |
The function creates a packet and returns it. Each packet must belong to a trace. The function does not register the packet in the trace, because a packet could be inserted anywhere.
trace part the new packet belongs to.
amount of payload the new packet holds.
fresh packet.
void libnd_packet_free (LND_Packet *packet); |
This function removes packet from its trace's packet lists, then frees packet.
packet to delete.
LND_Trace* libnd_packet_get_trace (const LND_Packet *packet); |
packet whose trace to return.
the trace that packet belongs to, or NULL if packet currently belongs to no trace.
void libnd_packet_dump (const LND_Packet *packet,
pcap_dumper_t *dumper); |
The function writes packet to dumper. Always use this function when you want to save some packet's content and don't use the data and ph fields yourself, as the resulting saved packet would contain bogus data.
packet to write.
dumper to write to.
void libnd_packet_set_data (LND_Packet *packet,
const struct pcap_pkthdr *hdr,
const guchar *data); |
The function copies the amount of bytes specified by hdr into packet, starting at data. Less is copied if packet was created for fewer bytes.
packet to set content of.
pcap header structure.
packet data copied into packet.
LND_Packet* libnd_packet_duplicate (LND_Packet *packet); |
Returns a deep copy of a packet, but with the list pointers set to NULL (i.e. the copy does not belong to any packet list). It also doesn't belong to any trace part (i.e., packet->part == NULL).
packet to copy.
packet copy or NULL when error occured.
void libnd_packet_set_filtered (LND_Packet *packet,
gboolean filtered); |
The function marks the given packet as filtered (if filtered is TRUE) or unfiltered (if filtered is FALSE).
packet to (un)filter.
filtering status.
gboolean libnd_packet_is_filtered (LND_Packet *packet); |
packet to query.
TRUE when the packet is currently filtered, FALSE otherwise.
void libnd_packet_init (LND_Packet *packet); |
The function initializes a packet, its data offset pointers, and the protocol types for the protcol stack. It cleans up before adjusting internal settings, so you can call this repeatedly without any cleanups etc.
packet to initialize.
void libnd_packet_init_from_pcap (LND_Packet *packet,
pcap_t *pcap); |
The function initializes a packet using information provided
in the given pcap handle. Use this if you want to initialize
a standalone packet that is not part of an LND_Trace. Other
than that, it's just like libnd_packet_init().
packet to initialize.
pcap handle.
gboolean libnd_packet_is_complete (const LND_Packet *packet); |
The predicate returns TRUE if the packet was captured completely (i.e. pcap's caplen == len) and FALSE otherwise.
packet to check.
completeness result.
void libnd_packet_update (LND_Packet *packet,
LND_Protocol *proto,
guint nesting); |
This is libnd_packet_init()'s little brother. It doesn't initialize
the whole packet, but only the part starting at proto with
nesting level nesting.
packet to update.
protocol where to start update.
at what nesting of proto to update.
guchar* libnd_packet_get_data (const LND_Packet *packet,
const LND_Protocol *proto,
guint nesting); |
The function returns a pointer to the packet data containing the start of proto's data at the given nesting level. If the packet doesn't contain any such data, NULL is returned.
packet to query.
protocol to look up.
nesting level of proto to use.
data pointer.
guchar* libnd_packet_get_data_end (const LND_Packet *packet,
const LND_Protocol *proto,
guint nesting); |
The function returns a pointer to the first byte after the data containing the start of proto's data at the given nesting level. If the packet doesn't contain any such data, NULL is returned.
packet to query.
protocol to look up.
nesting level of proto to use.
data pointer.
void libnd_packet_add_proto_data (LND_Packet *packet,
LND_Protocol *proto,
guchar *data,
guchar *data_end); |
Each packet internally maintains a list of data offsets which
store info about the protocol type, nesting etc. This function
appends a new chunk information to that list. It is called from
libnd_packet_init() and libnd_packet_update(), chances are you want
these functions instead.
packet to update.
protocol type of data chunk
start of protocol data.
first byte of data after protocol data.
LND_ProtoData* libnd_packet_get_proto_data (const LND_Packet *packet,
const LND_Protocol *proto,
guint nesting); |
This function is like libnd_packet_get_data, but does not only
return the data pointer but the full
packet to query.
protocol to look up.
nesting level for proto.
protocol data or NULL if n/a.
guchar* libnd_packet_get_end (const LND_Packet *packet); |
The function returns a ponter to the byte following the last byte of the captured data.
packet to query.
data pointer.
gboolean libnd_packet_has_complete_header
(const LND_Packet *packet,
const LND_Protocol *proto,
guint nesting); |
The predicate returns TRUE when a packet contains a complete header
of the requested protocol, FALSE otherwise. The implementation of
the check itself is up to the implementation of proto's plug-in.
If you only need to know whether a protocol is present in the packet
at all, use libnd_packet_has_proto(), which is faster.
packet to query.
protocol to check for.
nesting level for proto.
check result.
gboolean libnd_packet_has_proto (const LND_Packet *packet,
const LND_Protocol *proto); |
The predicate returns TRUE when a packet contains data of the
given protocol. It may contain multiple instances of a protocol,
but the function only checks if a protocol is present at all.
If you need to find out whether a protocol is present at a given
nesting level (e.g. whether a packet contains IP in IP), use
libnd_packet_has_complete_header() or libnd_packet_has_proto_nested().
packet to query.
protocol to check for.
check result.
gboolean libnd_packet_has_proto_nested (const LND_Packet *packet,
const LND_Protocol *proto,
guint nesting); |
The predicate returns TRUE when a packet contains data of the
given protocol at the requested nesting level.
If you only need to find out whether a protocol is present at all,
use libnd_packet_has_proto() instead, which is faster.
packet to query.
protocol to check for.
nesting level of proto.
check result.
LND_ProtoData* libnd_packet_get_last_nonraw (const LND_Packet *packet); |
The function tries to find the innermost protocol in the packet coming before any uninterpreted raw data.
packet to query.
the protocol data before raw data, if there is both raw data interpreted data coming before it, or NULL if either is missing.
void libnd_packet_update_proto_state (LND_Packet *packet,
int index); |
void libnd_packet_foreach_proto (LND_Packet *packet,
LND_PacketFunc cb,
void *user_data); |
The function iterates over the protocols in the packet, from outer- to the innermost, and calls cb with that the corresponding packet, protocol data and user_data.
packet whose protocols to iterate.
callback to call.
arbitrary data passed to cb.
void libnd_packet_foreach_proto_backward
(LND_Packet *packet,
LND_PacketFunc cb,
void *user_data); |
The function iterates over the protocols in the packet, from inner- to the outermost, and calls cb with that the corresponding packet, protocol data and user_data.
packet whose protocols to iterate.
callback to call.
arbitrary data passed to cb.
void libnd_packet_modified (LND_Packet *packet); |
The function marks a packet as modified and updates the GUI accordingly.
packet to mark.
int libnd_packet_get_index (const LND_Packet *packet); |
The function returns the index of the packet in it's trace, the first packet has index 0.
packet to query.
index, or -1 if error occurred.
int libnd_packet_get_proto_nesting (const LND_Packet *packet,
const LND_Protocol *proto,
guchar *data); |
The function returns the nesting level of proto at the given data offset. The first occurrence of a protocol has nesting level 0. So, if you call this for IP and the data pointer points to somewhere in or after the IP header in an ICMP error message, the nesting level will be 1.
packet to query.
protocol whose nesting level to find.
data pointer.
nesting level, or -1 when an error occurred.
gboolean libnd_packet_fix (LND_Packet *packet); |
The function calls the fix_packet callback of every protocol that is contained in packet, iterating from the inner- to the outermost protocol.
packet to fix.
TRUE if packet got modified, FALSE otherwise.
LND_PacketObserver* libnd_packet_observer_new
(void); |
The function allocates a new, empty packet observer. You should
then fill in callbacks for the events you're interested in,
and register the thing using libnd_packet_add_observer().
new packet observer with dummy callbacks.
void libnd_packet_observer_free (LND_PacketObserver *ob); |
The function releases all memory associated with ob.
observer to delete.
void libnd_packet_add_observer (LND_PacketObserver *ob); |
The function registers the new observer for notifications about future changes to packets.
new observer to register.
void libnd_packet_del_observer (LND_PacketObserver *ob); |
The function stops packet operations from being reported to
ob. It does not release ob's memory, use libnd_packet_observer_free()
for that.
observer to drop.
void libnd_packet_tell_observers (LND_Packet *packet,
LND_PacketObserverOp op,
void *data); |