libnetdude Manual
PrevNext

libnd_tcpdump

Name

libnd_tcpdump -- 

Synopsis



gboolean    libnd_tcpdump_init              (void);
gboolean    libnd_tcpdump_open              (LND_Trace *trace);
void        libnd_tcpdump_send_header       (LND_Trace *trace);
void        libnd_tcpdump_close             (LND_Trace *trace);
gboolean    libnd_tcpdump_get_packet_line   (const LND_Packet *packet,
                                             char *output,
                                             int output_len,
                                             gboolean find_context);
void        libnd_tcpdump_options_reset     (void);
void        libnd_tcpdump_options_add       (const char *option);

Description

Details

libnd_tcpdump_init ()

gboolean    libnd_tcpdump_init              (void);

This function initializes the communication system with tcpdump processes. Calling this is the job of the libnetdude bootstrapper, you do not need this function.

Returns :

TRUE if initialization was successful, FALSE otherwise.

libnd_tcpdump_open ()

gboolean    libnd_tcpdump_open              (LND_Trace *trace);

The function forks a new tcpdump process and send the pcap file header, if available. The tcpdump options you desire can be set using libnd_tcpdump_options_reset() and libnd_tcpdump_options_add() before calling this function. The -l and -r options are always passed; -nnn, -N, -q, and -e are set depending on the values of the tcpdump_resolve, tcpdump_domains, tcpdump_quick, and tcpdump_print_link preferences settings in the LND_DOM_NETDUDE domain. You can call this function repeatedly to kill an existing tcpdump connection and create a new one.

trace :

trace to create tcpdump process for.

Returns :

TRUE if operation was successful, FALSE otherwise.

libnd_tcpdump_send_header ()

void        libnd_tcpdump_send_header       (LND_Trace *trace);

If the trace's file header was not available at the time you opened the connection to tcpdump (using libnd_tcpdump_open()), you can use this function to now send it. NOTE: tcpdump expects the trace file header to be the first input data it receives, so you cannot use this function once you've sent packet data, and you cannot send packet data unless you've previously sent a trace file header.

trace :

trace whose header to send to the connected tcpdump process.

libnd_tcpdump_close ()

void        libnd_tcpdump_close             (LND_Trace *trace);

The function kills trace's existing tcpdump connection, if any.

trace :

trace whose tcpdump connection to close.

libnd_tcpdump_get_packet_line ()

gboolean    libnd_tcpdump_get_packet_line   (const LND_Packet *packet,
                                             char *output,
                                             int output_len,
                                             gboolean find_context);

The function sends packet's raw data to the connected tcpdump process and writes at most output_len bytes of the returned output into output. libnetdude can maintain state for TCP connections independently of tcpdump, so you can request contextual output (relative SYN and ACK numbers) using the find_context flag).

packet :

packet to retrieve tcpdump output of.

output :

string buffer that receives the tcpdump output.

output_len :

length of output.

find_context :

whether to look up context or not.

Returns :

TRUE on success, FALSE otherwise.

libnd_tcpdump_options_reset ()

void        libnd_tcpdump_options_reset     (void);

The function resets any tcpdump options set using libnd_tcpdump_options_add().

libnd_tcpdump_options_add ()

void        libnd_tcpdump_options_add       (const char *option);

The function registers option as an additional command line option to pass to future forks of tcpdump processes. The flags you have requested can be reset to the default (see libnd_tcpdump_open()) using libnd_tcpdump_options_reset().

option :

new command line option.

PrevHomeNext
libnd_registryUplibnd_timestamp