PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 05:29:02 +00:00
Code Issues Projects Releases Wiki Activity

Upgrade to Npcap 0.08 (libpcap 1.8.0 headers for Windows)

Browse Source
This commit is contained in:
dmiller
2016-08-13 20:04:05 +00:00
parent 2e191df64d
commit af13cef717
20 changed files with 3602 additions and 2434 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libdnet-stripped/libdnet-stripped.vcxproj
View File

@@ -51,7 +51,7 @@
<AdditionalOptions>/D "_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions> <AdditionalOptions>/D "_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
<Optimization>Disabled</Optimization> <Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>include;..\mswin32\pcap-include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>include;..\mswin32\pcap-include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;_LIB;BPF_MAJOR_VERSION;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild> <MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks> <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary> <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -68,7 +68,7 @@
<ClCompile> <ClCompile>
<AdditionalOptions>/D "_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions> <AdditionalOptions>/D "_CRT_SECURE_NO_DEPRECATE" %(AdditionalOptions)</AdditionalOptions>
<AdditionalIncludeDirectories>include;..\mswin32\pcap-include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>include;..\mswin32\pcap-include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;_LIB;BPF_MAJOR_VERSION;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PrecompiledHeader> <PrecompiledHeader>
</PrecompiledHeader> </PrecompiledHeader>
<WarningLevel>Level3</WarningLevel> <WarningLevel>Level3</WarningLevel>

6
libnetutil/libnetutil.vcxproj
View File

@@ -48,7 +48,7 @@
<ClCompile> <ClCompile>
<Optimization>Disabled</Optimization> <Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>..;../mswin32;../nbase;../mswin32/pcap-include;../libdnet-stripped/include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>..;../mswin32;../nbase;../mswin32/pcap-include;../libdnet-stripped/include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;BPF_MAJOR_VERSION;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<MinimalRebuild>true</MinimalRebuild> <MinimalRebuild>true</MinimalRebuild>
<BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks> <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
<RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary> <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -66,7 +66,7 @@
<Optimization>MaxSpeed</Optimization> <Optimization>MaxSpeed</Optimization>
<IntrinsicFunctions>true</IntrinsicFunctions> <IntrinsicFunctions>true</IntrinsicFunctions>
<AdditionalIncludeDirectories>..;../mswin32;../nbase;../mswin32/pcap-include;../libdnet-stripped/include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>..;../mswin32;../nbase;../mswin32/pcap-include;../libdnet-stripped/include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;BPF_MAJOR_VERSION;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<FunctionLevelLinking>true</FunctionLevelLinking> <FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader> <PrecompiledHeader>
</PrecompiledHeader> </PrecompiledHeader>
@@ -125,4 +125,4 @@
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets"> <ImportGroup Label="ExtensionTargets">
</ImportGroup> </ImportGroup>
</Project> </Project>

6
mswin32/nmap.vcxproj
View File

@@ -55,7 +55,7 @@
<ClCompile> <ClCompile>
<Optimization>Disabled</Optimization> <Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>.;..;..\liblua;..\nbase;..\libpcre;..\nsock\include;pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;..\liblinear;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>.;..;..\liblua;..\nbase;..\libpcre;..\nsock\include;pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;..\liblinear;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;_CONSOLE;BPF_MAJOR_VERSION;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessToFile>false</PreprocessToFile> <PreprocessToFile>false</PreprocessToFile>
<PreprocessSuppressLineNumbers>false</PreprocessSuppressLineNumbers> <PreprocessSuppressLineNumbers>false</PreprocessSuppressLineNumbers>
<PreprocessKeepComments>false</PreprocessKeepComments> <PreprocessKeepComments>false</PreprocessKeepComments>
@@ -102,7 +102,7 @@
<Optimization>MaxSpeed</Optimization> <Optimization>MaxSpeed</Optimization>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion> <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<AdditionalIncludeDirectories>.;..;..\liblua;..\nbase;..\libpcre;..\nsock\include;pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;..\liblinear;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>.;..;..\liblua;..\nbase;..\libpcre;..\nsock\include;pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;..\liblinear;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;_CONSOLE;BPF_MAJOR_VERSION;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<StringPooling>true</StringPooling> <StringPooling>true</StringPooling>
<FunctionLevelLinking>true</FunctionLevelLinking> <FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader> <PrecompiledHeader>
@@ -340,4 +340,4 @@
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets"> <ImportGroup Label="ExtensionTargets">
</ImportGroup> </ImportGroup>
</Project> </Project>

4
mswin32/pcap-include/pcap-bpf.h
View File

@@ -4,7 +4,7 @@
* *
* This code is derived from the Stanford/CMU enet packet filter, * This code is derived from the Stanford/CMU enet packet filter,
* (net/enet.c) distributed as part of 4.3BSD, and code contributed * (net/enet.c) distributed as part of 4.3BSD, and code contributed
* to Berkeley by Steven McCanne and Van Jacobson both of Lawrence * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
* Berkeley Laboratory. * Berkeley Laboratory.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
@@ -34,8 +34,6 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
*
* @(#) $Header: /tcpdump/master/libpcap/pcap-bpf.h,v 1.50 2007/04/01 21:43:55 guy Exp $ (LBL)
*/ */
/* /*

483
mswin32/pcap-include/pcap-int.h
View File

@@ -29,8 +29,6 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
*
* @(#) $Header: /tcpdump/master/libpcap/pcap-int.h,v 1.85.2.9 2008-09-16 00:21:08 guy Exp $ (LBL)
*/ */
#ifndef pcap_int_h #ifndef pcap_int_h
@@ -42,22 +40,16 @@
extern "C" { extern "C" {
#endif #endif
#ifdef HAVE_LIBDLPI #if defined(_WIN32)
#include <libdlpi.h> /*
#endif * Make sure Packet32.h doesn't define BPF structures that we've
* probably already defined as a result of including <pcap/pcap.h>.
#ifdef WIN32 */
#include <Packet32.h> #define BPF_MAJOR_VERSION
extern CRITICAL_SECTION g_PcapCompileCriticalSection; #include <Packet32.h>
#endif /* WIN32 */ #elif defined(MSDOS)
#include <fcntl.h>
#ifdef HAVE_TC_API #include <io.h>
#include "pcap-tc.h"
#endif
#ifdef MSDOS
#include <fcntl.h>
#include <io.h>
#endif #endif
#if (defined(_MSC_VER) && (_MSC_VER <= 1200)) /* we are compiling with Visual Studio 6, that doesn't support the LL suffix*/ #if (defined(_MSC_VER) && (_MSC_VER <= 1200)) /* we are compiling with Visual Studio 6, that doesn't support the LL suffix*/
@@ -93,154 +85,39 @@ extern CRITICAL_SECTION g_PcapCompileCriticalSection;
#endif /* _MSC_VER */ #endif /* _MSC_VER */
/* /*
* Savefile * Maximum snapshot length.
*
* Somewhat arbitrary, but chosen to be:
*
* 1) big enough for maximum-size Linux loopback packets (65549)
* and some USB packets captured with USBPcap:
*
* http://desowin.org/usbpcap/
*
* (> 131072, < 262144)
*
* and
*
* 2) small enough not to cause attempts to allocate huge amounts of
* memory; some applications might use the snapshot length in a
* savefile header to control the size of the buffer they allocate,
* so a size of, say, 2^31-1 might not work well.
*
* We don't enforce this in pcap_set_snaplen(), but we use it internally.
*/ */
typedef enum { #define MAXIMUM_SNAPLEN 262144
NOT_SWAPPED,
SWAPPED,
MAYBE_SWAPPED
} swapped_type_t;
/*
* Used when reading a savefile.
*/
struct pcap_sf {
FILE *rfile;
int swapped;
size_t hdrsize;
swapped_type_t lengths_swapped;
int version_major;
int version_minor;
u_char *base;
};
/*
* Used when doing a live capture.
*/
struct pcap_md {
struct pcap_stat stat;
/*XXX*/
int use_bpf; /* using kernel filter */
u_long TotPkts; /* can't oflow for 79 hrs on ether */
u_long TotAccepted; /* count accepted by filter */
u_long TotDrops; /* count of dropped packets */
long TotMissed; /* missed by i/f during this run */
long OrigMissed; /* missed by i/f before this run */
char *device; /* device name */
int timeout; /* timeout for buffering */
int must_clear; /* stuff we must clear when we close */
struct pcap *next; /* list of open pcaps that need stuff cleared on close */
#ifdef linux
int sock_packet; /* using Linux 2.0 compatible interface */
int cooked; /* using SOCK_DGRAM rather than SOCK_RAW */
int ifindex; /* interface index of device we're bound to */
int lo_ifindex; /* interface index of the loopback device */
u_int packets_read; /* count of packets read with recvfrom() */
bpf_u_int32 oldmode; /* mode to restore when turning monitor mode off */
u_int tp_version; /* version of tpacket_hdr for mmaped ring */
u_int tp_hdrlen; /* hdrlen of tpacket_hdr for mmaped ring */
#endif /* linux */
#ifdef HAVE_DAG_API
#ifdef HAVE_DAG_STREAMS_API
u_char *dag_mem_bottom; /* DAG card current memory bottom pointer */
u_char *dag_mem_top; /* DAG card current memory top pointer */
#else /* HAVE_DAG_STREAMS_API */
void *dag_mem_base; /* DAG card memory base address */
u_int dag_mem_bottom; /* DAG card current memory bottom offset */
u_int dag_mem_top; /* DAG card current memory top offset */
#endif /* HAVE_DAG_STREAMS_API */
int dag_fcs_bits; /* Number of checksum bits from link layer */
int dag_offset_flags; /* Flags to pass to dag_offset(). */
int dag_stream; /* DAG stream number */
int dag_timeout; /* timeout specified to pcap_open_live.
* Same as in linux above, introduce
* generally? */
#endif /* HAVE_DAG_API */
#ifdef HAVE_ZEROCOPY_BPF
/*
* Zero-copy read buffer -- for zero-copy BPF. 'buffer' above will
* alternative between these two actual mmap'd buffers as required.
* As there is a header on the front size of the mmap'd buffer, only
* some of the buffer is exposed to libpcap as a whole via bufsize;
* zbufsize is the true size. zbuffer tracks the current zbuf
* assocated with buffer so that it can be used to decide which the
* next buffer to read will be.
*/
u_char *zbuf1, *zbuf2, *zbuffer;
u_int zbufsize;
u_int zerocopy;
u_int interrupted;
struct timespec firstsel;
/*
* If there's currently a buffer being actively processed, then it is
* referenced here; 'buffer' is also pointed at it, but offset by the
* size of the header.
*/
struct bpf_zbuf_header *bzh;
#endif /* HAVE_ZEROCOPY_BPF */
#ifdef HAVE_REMOTE
/*!
There is really a mess with previous variables, and it seems to me that they are not used
(they are used in pcap_pf.c only). I think we have to start using them.
The meaning is the following:
- TotPkts: the amount of packets received by the bpf filter, *before* applying the filter
- TotAccepted: the amount of packets that satisfies the filter
- TotDrops: the amount of packet that were dropped into the kernel buffer because of lack of space
- TotMissed: the amount of packets that were dropped by the physical interface; it is basically
the value of the hardware counter into the card. This number is never put to zero, so this number
takes into account the *total* number of interface drops starting from the interface power-on.
- OrigMissed: the amount of packets that were dropped by the interface *when the capture begins*.
This value is used to detect the number of packets dropped by the interface *during the present
capture*, so that (ps_ifdrops= TotMissed - OrigMissed).
*/
unsigned int TotNetDrops; //!< keeps the number of packets that have been dropped by the network
/*!
\brief It keeps the number of packets that have been received by the application.
Packets dropped by the kernel buffer are not counted in this variable. The variable is always
equal to (TotAccepted - TotDrops), exept for the case of remote capture, in which we have also
packets in fligh, i.e. that have been transmitted by the remote host, but that have not been
received (yet) from the client. In this case, (TotAccepted - TotDrops - TotNetDrops) gives a
wrong result, since this number does not corresponds always to the number of packet received by
the application. For this reason, in the remote capture we need another variable that takes
into account of the number of packets actually received by the application.
*/
unsigned int TotCapt;
#endif /* HAVE_REMOTE */
};
/*
* Stuff to clear when we close.
*/
#define MUST_CLEAR_PROMISC 0x00000001 /* promiscuous mode */
#define MUST_CLEAR_RFMON 0x00000002 /* rfmon (monitor) mode */
struct pcap_opt { struct pcap_opt {
int buffer_size; char *device;
char *source; int timeout; /* timeout for buffering */
u_int buffer_size;
int promisc; int promisc;
int rfmon; int rfmon; /* monitor mode */
int immediate; /* immediate mode - deliver packets as soon as they arrive */
int tstamp_type;
int tstamp_precision;
}; };
/*
* Ultrix, DEC OSF/1^H^H^H^H^H^H^H^H^HDigital UNIX^H^H^H^H^H^H^H^H^H^H^H^H
* Tru64 UNIX, and some versions of NetBSD pad FDDI packets to make everything
* line up on a nice boundary.
*/
#ifdef __NetBSD__
#include <sys/param.h> /* needed to declare __NetBSD_Version__ */
#endif
#if defined(ultrix) || defined(__osf__) || (defined(__NetBSD__) && __NetBSD_Version__ > 106000000)
#define PCAP_FDDIPAD 3
#endif
typedef int (*activate_op_t)(pcap_t *); typedef int (*activate_op_t)(pcap_t *);
typedef int (*can_set_rfmon_op_t)(pcap_t *); typedef int (*can_set_rfmon_op_t)(pcap_t *);
typedef int (*read_op_t)(pcap_t *, int cnt, pcap_handler, u_char *); typedef int (*read_op_t)(pcap_t *, int cnt, pcap_handler, u_char *);
@@ -251,34 +128,70 @@ typedef int (*set_datalink_op_t)(pcap_t *, int);
typedef int (*getnonblock_op_t)(pcap_t *, char *); typedef int (*getnonblock_op_t)(pcap_t *, char *);
typedef int (*setnonblock_op_t)(pcap_t *, int, char *); typedef int (*setnonblock_op_t)(pcap_t *, int, char *);
typedef int (*stats_op_t)(pcap_t *, struct pcap_stat *); typedef int (*stats_op_t)(pcap_t *, struct pcap_stat *);
#ifdef WIN32 #ifdef _WIN32
typedef struct pcap_stat *(*stats_ex_op_t)(pcap_t *, int *);
typedef int (*setbuff_op_t)(pcap_t *, int); typedef int (*setbuff_op_t)(pcap_t *, int);
typedef int (*setmode_op_t)(pcap_t *, int); typedef int (*setmode_op_t)(pcap_t *, int);
typedef int (*setmintocopy_op_t)(pcap_t *, int); typedef int (*setmintocopy_op_t)(pcap_t *, int);
typedef HANDLE (*getevent_op_t)(pcap_t *);
typedef int (*oid_get_request_op_t)(pcap_t *, bpf_u_int32, void *, size_t *);
typedef int (*oid_set_request_op_t)(pcap_t *, bpf_u_int32, const void *, size_t *);
typedef u_int (*sendqueue_transmit_op_t)(pcap_t *, pcap_send_queue *, int);
typedef int (*setuserbuffer_op_t)(pcap_t *, int);
typedef int (*live_dump_op_t)(pcap_t *, char *, int, int);
typedef int (*live_dump_ended_op_t)(pcap_t *, int);
typedef PAirpcapHandle (*get_airpcap_handle_op_t)(pcap_t *);
#endif #endif
typedef void (*cleanup_op_t)(pcap_t *); typedef void (*cleanup_op_t)(pcap_t *);
/*
* We put all the stuff used in the read code path at the beginning,
* to try to keep it together in the same cache line or lines.
*/
struct pcap { struct pcap {
#ifdef WIN32 /*
* Method to call to read packets on a live capture.
*/
read_op_t read_op;
/*
* Method to call to read packets from a savefile.
*/
int (*next_packet_op)(pcap_t *, struct pcap_pkthdr *, u_char **);
#ifdef _WIN32
ADAPTER *adapter; ADAPTER *adapter;
LPPACKET Packet;
int nonblock;
#else #else
int fd; int fd;
int selectable_fd; int selectable_fd;
int send_fd; #endif /* _WIN32 */
#endif /* WIN32 */
#ifdef HAVE_TC_API /*
TC_INSTANCE TcInstance; * Read buffer.
TC_PACKETS_BUFFER TcPacketsBuffer; */
ULONG TcAcceptedCount; u_int bufsize;
PCHAR PpiPacket; void *buffer;
#endif u_char *bp;
int cc;
int break_loop; /* flag set to force break from packet-reading loop */
void *priv; /* private data for methods */
int swapped;
FILE *rfile; /* null if live capture, non-null if savefile */
u_int fddipad;
struct pcap *next; /* list of open pcaps that need stuff cleared on close */
/*
* File version number; meaningful only for a savefile, but we
* keep it here so that apps that (mistakenly) ask for the
* version numbers will get the same zero values that they
* always did.
*/
int version_major;
int version_minor;
#ifdef HAVE_LIBDLPI
dlpi_handle_t dlpi_hd;
#endif
int snapshot; int snapshot;
int linktype; /* Network linktype */ int linktype; /* Network linktype */
int linktype_ext; /* Extended information stored in the linktype field of a file */ int linktype_ext; /* Extended information stored in the linktype field of a file */
@@ -287,60 +200,24 @@ struct pcap {
int activated; /* true if the capture is really started */ int activated; /* true if the capture is really started */
int oldstyle; /* if we're opening with pcap_open_live() */ int oldstyle; /* if we're opening with pcap_open_live() */
int break_loop; /* flag set to force break from packet-reading loop */
#ifdef PCAP_FDDIPAD
int fddipad;
#endif
#ifdef MSDOS
void (*wait_proc)(void); /* call proc while waiting */
#endif
struct pcap_sf sf;
struct pcap_md md;
struct pcap_opt opt; struct pcap_opt opt;
/*
* Read buffer.
*/
int bufsize;
u_char *buffer;
u_char *bp;
int cc;
/* /*
* Place holder for pcap_next(). * Place holder for pcap_next().
*/ */
u_char *pkt; u_char *pkt;
#ifdef _WIN32
struct pcap_stat stat; /* used for pcap_stats_ex() */
#endif
/* We're accepting only packets in this direction/these directions. */ /* We're accepting only packets in this direction/these directions. */
pcap_direction_t direction; pcap_direction_t direction;
/* /*
* Methods. * Flags to affect BPF code generation.
*/ */
activate_op_t activate_op; int bpf_codegen_flags;
can_set_rfmon_op_t can_set_rfmon_op;
read_op_t read_op;
inject_op_t inject_op;
setfilter_op_t setfilter_op;
setdirection_op_t setdirection_op;
set_datalink_op_t set_datalink_op;
getnonblock_op_t getnonblock_op;
setnonblock_op_t setnonblock_op;
stats_op_t stats_op;
#ifdef WIN32
/*
* These are, at least currently, specific to the Win32 NPF
* driver.
*/
setbuff_op_t setbuff_op;
setmode_op_t setmode_op;
setmintocopy_op_t setmintocopy_op;
#endif
cleanup_op_t cleanup_op;
/* /*
* Placeholder for filter code if bpf not in kernel. * Placeholder for filter code if bpf not in kernel.
@@ -350,23 +227,57 @@ struct pcap {
char errbuf[PCAP_ERRBUF_SIZE + 1]; char errbuf[PCAP_ERRBUF_SIZE + 1];
int dlt_count; int dlt_count;
u_int *dlt_list; u_int *dlt_list;
int tstamp_type_count;
u_int *tstamp_type_list;
int tstamp_precision_count;
u_int *tstamp_precision_list;
struct pcap_pkthdr pcap_header; /* This is needed for the pcap_next_ex() to work */ struct pcap_pkthdr pcap_header; /* This is needed for the pcap_next_ex() to work */
#ifdef HAVE_REMOTE /*
/*! \brief '1' if we're the network client; needed by several functions (like pcap_setfilter() ) to know if * More methods.
they have to use the socket or they have to open the local adapter. */ */
int rmt_clientside; activate_op_t activate_op;
can_set_rfmon_op_t can_set_rfmon_op;
inject_op_t inject_op;
setfilter_op_t setfilter_op;
setdirection_op_t setdirection_op;
set_datalink_op_t set_datalink_op;
getnonblock_op_t getnonblock_op;
setnonblock_op_t setnonblock_op;
stats_op_t stats_op;
SOCKET rmt_sockctrl; //!< socket ID of the socket used for the control connection /*
SOCKET rmt_sockdata; //!< socket ID of the socket used for the data connection * Routine to use as callback for pcap_next()/pcap_next_ex().
int rmt_flags; //!< we have to save flags, since they are passed by the pcap_open_live(), but they are used by the pcap_startcapture() */
int rmt_capstarted; //!< 'true' if the capture is already started (needed to knoe if we have to call the pcap_startcapture() pcap_handler oneshot_callback;
struct pcap_samp rmt_samp; //!< Keeps the parameters related to the sampling process.
char *currentfilter; //!< Pointer to a buffer (allocated at run-time) that stores the current filter. Needed when flag PCAP_OPENFLAG_NOCAPTURE_RPCAP is turned on. #ifdef _WIN32
#endif /* HAVE_REMOTE */ /*
* These are, at least currently, specific to the Win32 NPF
* driver.
*/
stats_ex_op_t stats_ex_op;
setbuff_op_t setbuff_op;
setmode_op_t setmode_op;
setmintocopy_op_t setmintocopy_op;
getevent_op_t getevent_op;
oid_get_request_op_t oid_get_request_op;
oid_set_request_op_t oid_set_request_op;
sendqueue_transmit_op_t sendqueue_transmit_op;
setuserbuffer_op_t setuserbuffer_op;
live_dump_op_t live_dump_op;
live_dump_ended_op_t live_dump_ended_op;
get_airpcap_handle_op_t get_airpcap_handle_op;
#endif
cleanup_op_t cleanup_op;
}; };
/*
* BPF code generation flags.
*/
#define BPF_SPECIAL_VLAN_HANDLING 0x00000001 /* special VLAN handling for Linux */
/* /*
* This is a timeval as stored in a savefile. * This is a timeval as stored in a savefile.
* It has to use the same types everywhere, independent of the actual * It has to use the same types everywhere, independent of the actual
@@ -403,12 +314,13 @@ struct pcap_timeval {
* the old record header as well as files with the new record header * the old record header as well as files with the new record header
* (using the magic number to determine the header format). * (using the magic number to determine the header format).
* *
* Then supply the changes as a patch at * Then supply the changes by forking the branch at
* *
* http://sourceforge.net/projects/libpcap/ * https://github.com/the-tcpdump-group/libpcap/issues
* *
* so that future versions of libpcap and programs that use it (such as * and issuing a pull request, so that future versions of libpcap and
* tcpdump) will be able to read your new capture file format. * programs that use it (such as tcpdump) will be able to read your new
* capture file format.
*/ */
struct pcap_sf_pkthdr { struct pcap_sf_pkthdr {
@@ -436,71 +348,114 @@ struct pcap_sf_patched_pkthdr {
unsigned char pkt_type; unsigned char pkt_type;
}; };
int yylex(void); /*
* User data structure for the one-shot callback used for pcap_next()
* and pcap_next_ex().
*/
struct oneshot_userdata {
struct pcap_pkthdr *hdr;
const u_char **pkt;
pcap_t *pd;
};
#ifndef min #ifndef min
#define min(a, b) ((a) > (b) ? (b) : (a)) #define min(a, b) ((a) > (b) ? (b) : (a))
#endif #endif
/* XXX should these be in pcap.h? */
int pcap_offline_read(pcap_t *, int, pcap_handler, u_char *); int pcap_offline_read(pcap_t *, int, pcap_handler, u_char *);
int pcap_read(pcap_t *, int cnt, pcap_handler, u_char *);
#ifndef HAVE_STRLCPY
#define strlcpy(x, y, z) \
(strncpy((x), (y), (z)), \
((z) <= 0 ? 0 : ((x)[(z) - 1] = '\0')), \
strlen((y)))
#endif
#include <stdarg.h> #include <stdarg.h>
#if !defined(HAVE_SNPRINTF) #include "portability.h"
#define snprintf pcap_snprintf
extern int snprintf (char *, size_t, const char *, ...);
#endif
#if !defined(HAVE_VSNPRINTF) /*
#define vsnprintf pcap_vsnprintf * Does the packet count argument to a module's read routine say
extern int vsnprintf (char *, size_t, const char *, va_list ap); * "supply packets until you run out of packets"?
#endif */
#define PACKET_COUNT_IS_UNLIMITED(count) ((count) <= 0)
/* /*
* Routines that most pcap implementations can use for non-blocking mode. * Routines that most pcap implementations can use for non-blocking mode.
*/ */
#if !defined(WIN32) && !defined(MSDOS) #if !defined(_WIN32) && !defined(MSDOS)
int pcap_getnonblock_fd(pcap_t *, char *); int pcap_getnonblock_fd(pcap_t *, char *);
int pcap_setnonblock_fd(pcap_t *p, int, char *); int pcap_setnonblock_fd(pcap_t *p, int, char *);
#endif #endif
pcap_t *pcap_create_common(const char *, char *); /*
* Internal interfaces for "pcap_create()".
*
* "pcap_create_interface()" is the routine to do a pcap_create on
* a regular network interface. There are multiple implementations
* of this, one for each platform type (Linux, BPF, DLPI, etc.),
* with the one used chosen by the configure script.
*
* "pcap_create_common()" allocates and fills in a pcap_t, for use
* by pcap_create routines.
*/
pcap_t *pcap_create_interface(const char *, char *);
pcap_t *pcap_create_common(char *, size_t);
int pcap_do_addexit(pcap_t *); int pcap_do_addexit(pcap_t *);
void pcap_add_to_pcaps_to_close(pcap_t *); void pcap_add_to_pcaps_to_close(pcap_t *);
void pcap_remove_from_pcaps_to_close(pcap_t *); void pcap_remove_from_pcaps_to_close(pcap_t *);
void pcap_cleanup_live_common(pcap_t *); void pcap_cleanup_live_common(pcap_t *);
int pcap_not_initialized(pcap_t *);
int pcap_check_activated(pcap_t *); int pcap_check_activated(pcap_t *);
/* /*
* Internal interfaces for "pcap_findalldevs()". * Internal interfaces for "pcap_findalldevs()".
* *
* "pcap_platform_finddevs()" is a platform-dependent routine to * "pcap_platform_finddevs()" is a platform-dependent routine to
* add devices not found by the "standard" mechanisms (SIOCGIFCONF, * find local network interfaces.
* "getifaddrs()", etc..
* *
* "pcap_add_if()" adds an interface to the list of interfaces. * "pcap_findalldevs_interfaces()" is a helper to find those interfaces
* using the "standard" mechanisms (SIOCGIFCONF, "getifaddrs()", etc.).
*
* "pcap_add_if()" adds an interface to the list of interfaces, for
* use by various "find interfaces" routines.
*/ */
int pcap_platform_finddevs(pcap_if_t **, char *); int pcap_platform_finddevs(pcap_if_t **, char *);
int add_addr_to_iflist(pcap_if_t **, const char *, u_int, struct sockaddr *, #if !defined(_WIN32) && !defined(MSDOS)
size_t, struct sockaddr *, size_t, struct sockaddr *, size_t, int pcap_findalldevs_interfaces(pcap_if_t **, char *,
struct sockaddr *, size_t, char *); int (*)(const char *));
int pcap_add_if(pcap_if_t **, const char *, u_int, const char *, char *); #endif
struct sockaddr *dup_sockaddr(struct sockaddr *, size_t); int add_addr_to_iflist(pcap_if_t **, const char *, bpf_u_int32,
int add_or_find_if(pcap_if_t **, pcap_if_t **, const char *, u_int, struct sockaddr *, size_t, struct sockaddr *, size_t,
struct sockaddr *, size_t, struct sockaddr *, size_t, char *);
int add_addr_to_dev(pcap_if_t *, struct sockaddr *, size_t,
struct sockaddr *, size_t, struct sockaddr *, size_t,
struct sockaddr *dstaddr, size_t, char *errbuf);
int pcap_add_if(pcap_if_t **, const char *, bpf_u_int32, const char *,
char *);
int add_or_find_if(pcap_if_t **, pcap_if_t **, const char *, bpf_u_int32,
const char *, char *); const char *, char *);
#ifndef _WIN32
bpf_u_int32 if_flags_to_pcap_flags(const char *, u_int);
#endif
#ifdef WIN32 /*
char *pcap_win32strerror(void); * Internal interfaces for "pcap_open_offline()".
*
* "pcap_open_offline_common()" allocates and fills in a pcap_t, for use
* by pcap_open_offline routines.
*
* "sf_cleanup()" closes the file handle associated with a pcap_t, if
* appropriate, and frees all data common to all modules for handling
* savefile types.
*/
pcap_t *pcap_open_offline_common(char *ebuf, size_t size);
void sf_cleanup(pcap_t *p);
/*
* Internal interfaces for both "pcap_create()" and routines that
* open savefiles.
*
* "pcap_oneshot()" is the standard one-shot callback for "pcap_next()"
* and "pcap_next_ex()".
*/
void pcap_oneshot(u_char *, const struct pcap_pkthdr *, const u_char *);
#ifdef _WIN32
void pcap_win32_err_to_str(DWORD, char *);
#endif #endif
int install_bpf_program(pcap_t *, struct bpf_program *); int install_bpf_program(pcap_t *, struct bpf_program *);

82
mswin32/pcap-include/pcap-namedb.h
View File

@@ -1,42 +1,40 @@
/* /*
* Copyright (c) 1994, 1996 * Copyright (c) 1994, 1996
* The Regents of the University of California. All rights reserved. * The Regents of the University of California. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software * 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement: * must display the following acknowledgement:
* This product includes software developed by the Computer Systems * This product includes software developed by the Computer Systems
* Engineering Group at Lawrence Berkeley Laboratory. * Engineering Group at Lawrence Berkeley Laboratory.
* 4. Neither the name of the University nor of the Laboratory may be used * 4. Neither the name of the University nor of the Laboratory may be used
* to endorse or promote products derived from this software without * to endorse or promote products derived from this software without
* specific prior written permission. * specific prior written permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* */
* @(#) $Header: /tcpdump/master/libpcap/pcap-namedb.h,v 1.13 2006/10/04 18:13:32 guy Exp $ (LBL)
*/ /*
* For backwards compatibility.
/* *
* For backwards compatibility. * Note to OS vendors: do NOT get rid of this file! Some applications
* * might expect to be able to include <pcap-namedb.h>.
* Note to OS vendors: do NOT get rid of this file! Some applications */
* might expect to be able to include <pcap-namedb.h>. #include <pcap/namedb.h>
*/
#include <pcap/namedb.h>

131
mswin32/pcap-include/pcap-stdinc.h
View File

@@ -27,71 +27,100 @@
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* @(#) $Header: /tcpdump/master/libpcap/pcap-stdinc.h,v 1.10.2.1 2008-10-06 15:38:39 gianluca Exp $ (LBL)
*/ */
#define SIZEOF_CHAR 1 /*
#define SIZEOF_SHORT 2 * Copyright (C) 1999 WIDE Project.
#define SIZEOF_INT 4 * All rights reserved.
#ifndef _MSC_EXTENSIONS *
#define SIZEOF_LONG_LONG 8 * Redistribution and use in source and binary forms, with or without
#endif * modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef pcap_stdinc_h
#define pcap_stdinc_h
/* /*
* Avoids a compiler warning in case this was already defined * Avoids a compiler warning in case this was already defined
* (someone defined _WINSOCKAPI_ when including 'windows.h', in order * (someone defined _WINSOCKAPI_ when including 'windows.h', in order
* to prevent it from including 'winsock.h') * to prevent it from including 'winsock.h')
*/ */
#ifdef _WINSOCKAPI_ #ifdef _WINSOCKAPI_
#undef _WINSOCKAPI_ #undef _WINSOCKAPI_
#endif #endif
#include <winsock2.h> #include <winsock2.h>
#include <fcntl.h> #include <fcntl.h>
#include "bittypes.h"
#include <time.h> #include <time.h>
#include <io.h> #include <io.h>
#ifndef __MINGW32__ #include <ws2tcpip.h>
#include "IP6_misc.h"
#if defined(_MSC_VER)
/*
* MSVC.
*/
#if _MSC_VER >= 1800
/*
* VS 2013 or newer; we have <inttypes.h>.
*/
#include <inttypes.h>
#define u_int8_t uint8_t
#define u_int16_t uint16_t
#define u_int32_t uint32_t
#define u_int64_t uint64_t
#else
/*
* Earlier VS; we have to define this stuff ourselves.
*/
#ifndef HAVE_U_INT8_T
typedef unsigned char u_int8_t;
typedef signed char int8_t;
#endif
#ifndef HAVE_U_INT16_T
typedef unsigned short u_int16_t;
typedef signed short int16_t;
#endif
#ifndef HAVE_U_INT32_T
typedef unsigned int u_int32_t;
typedef signed int int32_t;
#endif
#ifndef HAVE_U_INT64_T
#ifdef _MSC_EXTENSIONS
typedef unsigned _int64 u_int64_t;
typedef _int64 int64_t;
#else /* _MSC_EXTENSIONS */
typedef unsigned long long u_int64_t;
typedef long long int64_t;
#endif
#endif
#endif
#elif defined(__MINGW32__)
#include <stdint.h>
#endif #endif
#define caddr_t char* #endif /* pcap_stdinc_h */
#if _MSC_VER < 1500
#define snprintf _snprintf
#define vsnprintf _vsnprintf
#define strdup _strdup
#endif
#ifndef __cplusplus
/* C++ has the inline keyword.
* Additionally, C++11 forbids redefining a keyword as a macro */
#define inline __inline
#endif
#ifdef __MINGW32__
#include <stdint.h>
#else /*__MINGW32__*/
/* MSVC compiler */
#ifndef _UINTPTR_T_DEFINED
#ifdef _WIN64
typedef unsigned __int64 uintptr_t;
#else
typedef _W64 unsigned int uintptr_t;
#endif
#define _UINTPTR_T_DEFINED
#endif
#ifndef _INTPTR_T_DEFINED
#ifdef _WIN64
typedef __int64 intptr_t;
#else
typedef _W64 int intptr_t;
#endif
#define _INTPTR_T_DEFINED
#endif
#endif /*__MINGW32__*/

2
mswin32/pcap-include/pcap.h
View File

@@ -29,8 +29,6 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
*
* @(#) $Header: /tcpdump/master/libpcap/pcap.h,v 1.59 2006/10/04 18:09:22 guy Exp $ (LBL)
*/ */
/* /*

103
mswin32/pcap-include/pcap/bluetooth.h
View File

@@ -1,48 +1,55 @@
/* /*
* Copyright (c) 2006 Paolo Abeni (Italy) * Copyright (c) 2006 Paolo Abeni (Italy)
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* *
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote * 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written * products derived from this software without specific prior written
* permission. * permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* *
* bluetooth data struct * bluetooth data struct
* By Paolo Abeni <paolo.abeni@email.it> * By Paolo Abeni <paolo.abeni@email.it>
* */
* @(#) $Header: /tcpdump/master/libpcap/pcap/bluetooth.h,v 1.1 2007/09/22 02:10:17 guy Exp $
*/ #ifndef lib_pcap_bluetooth_h
#define lib_pcap_bluetooth_h
#ifndef _PCAP_BLUETOOTH_STRUCTS_H__
#define _PCAP_BLUETOOTH_STRUCTS_H__ /*
* Header prepended libpcap to each bluetooth h4 frame,
/* * fields are in network byte order
* Header prepended libpcap to each bluetooth h:4 frame. */
* fields are in network byte order typedef struct _pcap_bluetooth_h4_header {
*/ u_int32_t direction; /* if first bit is set direction is incoming */
typedef struct _pcap_bluetooth_h4_header { } pcap_bluetooth_h4_header;
u_int32_t direction; /* if first bit is set direction is incoming */
} pcap_bluetooth_h4_header; /*
* Header prepended libpcap to each bluetooth linux monitor frame,
* fields are in network byte order
#endif */
typedef struct _pcap_bluetooth_linux_monitor_header {
u_int16_t adapter_id;
u_int16_t opcode;
} pcap_bluetooth_linux_monitor_header;
#endif

1214
mswin32/pcap-include/pcap/bpf.h
View File

File diff suppressed because it is too large Load Diff

1332
mswin32/pcap-include/pcap/dlt.h Normal file
View File

File diff suppressed because it is too large Load Diff

108
mswin32/pcap-include/pcap/export-defs.h Normal file
View File

@@ -0,0 +1,108 @@
/* -*- Mode: c; tab-width: 8; indent-tabs-mode: 1; c-basic-offset: 8; -*- */
/*
* Copyright (c) 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Computer Systems
* Engineering Group at Lawrence Berkeley Laboratory.
* 4. Neither the name of the University nor of the Laboratory may be used
* to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef lib_pcap_export_defs_h
#define lib_pcap_export_defs_h
/*
* PCAP_API_DEF must be used when defining *data* exported from
* libpcap. It can be used when defining *functions* exported
* from libpcap, but it doesn't have to be used there. It
* should not be used in declarations in headers.
*
* PCAP_API must be used when *declaring* data or functions
* exported from libpcap; PCAP_API_DEF won't work on all platforms.
*/
/*
* Check whether this is GCC major.minor or a later release, or some
* compiler that claims to be "just like GCC" of that version or a
* later release.
*/
#define IS_AT_LEAST_GNUC_VERSION(major, minor) \
(defined(__GNUC__) && \
(__GNUC__ > (major) || \
(__GNUC__ == (major) && __GNUC_MINOR__ >= (minor))))
#if defined(_WIN32)
#ifdef BUILDING_PCAP
/*
* We're compiling libpcap, so we should export functions in our
* API.
*/
#define PCAP_API_DEF __declspec(dllexport)
#else
#define PCAP_API_DEF __declspec(dllimport)
#endif
#elif defined(MSDOS)
/* XXX - does this need special treatment? */
#define PCAP_API_DEF
#else /* UN*X */
#ifdef BUILDING_PCAP
/*
* We're compiling libpcap, so we should export functions in our API.
* The compiler might be configured not to export functions from a
* shared library by default, so we might have to explicitly mark
* functions as exported.
*/
#if IS_AT_LEAST_GNUC_VERSION(3, 4)
/*
* GCC 3.4 or later, or some compiler asserting compatibility with
* GCC 3.4 or later, so we have __attribute__((visibility()).
*/
#define PCAP_API_DEF __attribute__((visibility("default")))
#elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
/*
* Sun C 5.5 or later, so we have __global.
* (Sun C 5.9 and later also have __attribute__((visibility()),
* but there's no reason to prefer it with Sun C.)
*/
#define PCAP_API_DEF __global
#else
/*
* We don't have anything to say.
*/
#define PCAP_API_DEF
#endif
#else
/*
* We're not building libpcap.
*/
#define PCAP_API_DEF
#endif
#endif /* _WIN32/MSDOS/UN*X */
#define PCAP_API PCAP_API_DEF extern
#endif /* lib_pcap_export_defs_h */

174
mswin32/pcap-include/pcap/namedb.h
View File

@@ -1,89 +1,85 @@
/* /*
* Copyright (c) 1994, 1996 * Copyright (c) 1994, 1996
* The Regents of the University of California. All rights reserved. * The Regents of the University of California. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software * 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement: * must display the following acknowledgement:
* This product includes software developed by the Computer Systems * This product includes software developed by the Computer Systems
* Engineering Group at Lawrence Berkeley Laboratory. * Engineering Group at Lawrence Berkeley Laboratory.
* 4. Neither the name of the University nor of the Laboratory may be used * 4. Neither the name of the University nor of the Laboratory may be used
* to endorse or promote products derived from this software without * to endorse or promote products derived from this software without
* specific prior written permission. * specific prior written permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* */
* @(#) $Header: /tcpdump/master/libpcap/pcap/namedb.h,v 1.1 2006/10/04 18:09:22 guy Exp $ (LBL)
*/ #ifndef lib_pcap_namedb_h
#define lib_pcap_namedb_h
#ifndef lib_pcap_namedb_h
#define lib_pcap_namedb_h #ifdef __cplusplus
extern "C" {
#ifdef __cplusplus #endif
extern "C" {
#endif /*
* As returned by the pcap_next_etherent()
/* * XXX this stuff doesn't belong in this interface, but this
* As returned by the pcap_next_etherent() * library already must do name to address translation, so
* XXX this stuff doesn't belong in this interface, but this * on systems that don't have support for /etc/ethers, we
* library already must do name to address translation, so * export these hooks since they're already being used by
* on systems that don't have support for /etc/ethers, we * some applications (such as tcpdump) and already being
* export these hooks since they'll * marked as exported in some OSes offering libpcap (such
*/ * as Debian).
struct pcap_etherent { */
u_char addr[6]; struct pcap_etherent {
char name[122]; u_char addr[6];
}; char name[122];
#ifndef PCAP_ETHERS_FILE };
#define PCAP_ETHERS_FILE "/etc/ethers" #ifndef PCAP_ETHERS_FILE
#endif #define PCAP_ETHERS_FILE "/etc/ethers"
struct pcap_etherent *pcap_next_etherent(FILE *); #endif
u_char *pcap_ether_hostton(const char*); PCAP_API struct pcap_etherent *pcap_next_etherent(FILE *);
u_char *pcap_ether_aton(const char *); PCAP_API u_char *pcap_ether_hostton(const char*);
PCAP_API u_char *pcap_ether_aton(const char *);
bpf_u_int32 **pcap_nametoaddr(const char *);
#ifdef INET6 PCAP_API bpf_u_int32 **pcap_nametoaddr(const char *);
struct addrinfo *pcap_nametoaddrinfo(const char *); #ifdef INET6
#endif PCAP_API struct addrinfo *pcap_nametoaddrinfo(const char *);
bpf_u_int32 pcap_nametonetaddr(const char *); #endif
PCAP_API bpf_u_int32 pcap_nametonetaddr(const char *);
int pcap_nametoport(const char *, int *, int *);
int pcap_nametoportrange(const char *, int *, int *, int *); PCAP_API int pcap_nametoport(const char *, int *, int *);
int pcap_nametoproto(const char *); PCAP_API int pcap_nametoportrange(const char *, int *, int *, int *);
int pcap_nametoeproto(const char *); PCAP_API int pcap_nametoproto(const char *);
int pcap_nametollc(const char *); PCAP_API int pcap_nametoeproto(const char *);
/* PCAP_API int pcap_nametollc(const char *);
* If a protocol is unknown, PROTO_UNDEF is returned. /*
* Also, pcap_nametoport() returns the protocol along with the port number. * If a protocol is unknown, PROTO_UNDEF is returned.
* If there are ambiguous entried in /etc/services (i.e. domain * Also, pcap_nametoport() returns the protocol along with the port number.
* can be either tcp or udp) PROTO_UNDEF is returned. * If there are ambiguous entried in /etc/services (i.e. domain
*/ * can be either tcp or udp) PROTO_UNDEF is returned.
#define PROTO_UNDEF -1 */
#define PROTO_UNDEF -1
/* XXX move these to pcap-int.h? */
int __pcap_atodn(const char *, bpf_u_int32 *); #ifdef __cplusplus
int __pcap_atoin(const char *, bpf_u_int32 *); }
u_short __pcap_nametodnaddr(const char *); #endif
#ifdef __cplusplus #endif
}
#endif
#endif

945
mswin32/pcap-include/pcap/pcap.h
View File

@@ -1,407 +1,538 @@
/* -*- Mode: c; tab-width: 8; indent-tabs-mode: 1; c-basic-offset: 8; -*- */ /* -*- Mode: c; tab-width: 8; indent-tabs-mode: 1; c-basic-offset: 8; -*- */
/* /*
* Copyright (c) 1993, 1994, 1995, 1996, 1997 * Copyright (c) 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved. * The Regents of the University of California. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software * 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement: * must display the following acknowledgement:
* This product includes software developed by the Computer Systems * This product includes software developed by the Computer Systems
* Engineering Group at Lawrence Berkeley Laboratory. * Engineering Group at Lawrence Berkeley Laboratory.
* 4. Neither the name of the University nor of the Laboratory may be used * 4. Neither the name of the University nor of the Laboratory may be used
* to endorse or promote products derived from this software without * to endorse or promote products derived from this software without
* specific prior written permission. * specific prior written permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* */
* @(#) $Header: /tcpdump/master/libpcap/pcap/pcap.h,v 1.4.2.11 2008-10-06 15:38:39 gianluca Exp $ (LBL)
*/ #ifndef lib_pcap_pcap_h
#define lib_pcap_pcap_h
#ifndef lib_pcap_pcap_h
#define lib_pcap_pcap_h #include <pcap/export-defs.h>
#if defined(WIN32) #if defined(_WIN32)
#include <pcap-stdinc.h> #include <pcap-stdinc.h>
#elif defined(MSDOS) #elif defined(MSDOS)
#include <sys/types.h> #include <sys/types.h>
#include <sys/socket.h> /* u_int, u_char etc. */ #include <sys/socket.h> /* u_int, u_char etc. */
#else /* UN*X */ #else /* UN*X */
#include <sys/types.h> #include <sys/types.h>
#include <sys/time.h> #include <sys/time.h>
#endif /* WIN32/MSDOS/UN*X */ #endif /* _WIN32/MSDOS/UN*X */
#ifndef PCAP_DONT_INCLUDE_PCAP_BPF_H #ifndef PCAP_DONT_INCLUDE_PCAP_BPF_H
#include <pcap/bpf.h> #include <pcap/bpf.h>
#endif #endif
#include <stdio.h> #include <stdio.h>
#ifdef HAVE_REMOTE #ifdef __cplusplus
// We have to define the SOCKET here, although it has been defined in sockutils.h extern "C" {
// This is to avoid the distribution of the 'sockutils.h' file around #endif
// (for example in the WinPcap developer's pack)
#ifndef SOCKET /*
#ifdef WIN32 * Version number of the current version of the pcap file format.
#define SOCKET unsigned int *
#else * NOTE: this is *NOT* the version number of the libpcap library.
#define SOCKET int * To fetch the version information for the version of libpcap
#endif * you're using, use pcap_lib_version().
#endif */
#endif #define PCAP_VERSION_MAJOR 2
#define PCAP_VERSION_MINOR 4
#ifdef __cplusplus
extern "C" { #define PCAP_ERRBUF_SIZE 256
#endif
/*
#define PCAP_VERSION_MAJOR 2 * Compatibility for systems that have a bpf.h that
#define PCAP_VERSION_MINOR 4 * predates the bpf typedefs for 64-bit support.
*/
#define PCAP_ERRBUF_SIZE 256 #if BPF_RELEASE - 0 < 199406
typedef int bpf_int32;
/* typedef u_int bpf_u_int32;
* Compatibility for systems that have a bpf.h that #endif
* predates the bpf typedefs for 64-bit support.
*/ typedef struct pcap pcap_t;
#if BPF_RELEASE - 0 < 199406 typedef struct pcap_dumper pcap_dumper_t;
typedef int bpf_int32; typedef struct pcap_if pcap_if_t;
typedef u_int bpf_u_int32; typedef struct pcap_addr pcap_addr_t;
#endif
/*
typedef struct pcap pcap_t; * The first record in the file contains saved values for some
typedef struct pcap_dumper pcap_dumper_t; * of the flags used in the printout phases of tcpdump.
typedef struct pcap_if pcap_if_t; * Many fields here are 32 bit ints so compilers won't insert unwanted
typedef struct pcap_addr pcap_addr_t; * padding; these files need to be interchangeable across architectures.
*
/* * Do not change the layout of this structure, in any way (this includes
* The first record in the file contains saved values for some * changes that only affect the length of fields in this structure).
* of the flags used in the printout phases of tcpdump. *
* Many fields here are 32 bit ints so compilers won't insert unwanted * Also, do not change the interpretation of any of the members of this
* padding; these files need to be interchangeable across architectures. * structure, in any way (this includes using values other than
* * LINKTYPE_ values, as defined in "savefile.c", in the "linktype"
* Do not change the layout of this structure, in any way (this includes * field).
* changes that only affect the length of fields in this structure). *
* * Instead:
* Also, do not change the interpretation of any of the members of this *
* structure, in any way (this includes using values other than * introduce a new structure for the new format, if the layout
* LINKTYPE_ values, as defined in "savefile.c", in the "linktype" * of the structure changed;
* field). *
* * send mail to "tcpdump-workers@lists.tcpdump.org", requesting
* Instead: * a new magic number for your new capture file format, and, when
* * you get the new magic number, put it in "savefile.c";
* introduce a new structure for the new format, if the layout *
* of the structure changed; * use that magic number for save files with the changed file
* * header;
* send mail to "tcpdump-workers@lists.tcpdump.org", requesting *
* a new magic number for your new capture file format, and, when * make the code in "savefile.c" capable of reading files with
* you get the new magic number, put it in "savefile.c"; * the old file header as well as files with the new file header
* * (using the magic number to determine the header format).
* use that magic number for save files with the changed file *
* header; * Then supply the changes by forking the branch at
* *
* make the code in "savefile.c" capable of reading files with * https://github.com/the-tcpdump-group/libpcap/issues
* the old file header as well as files with the new file header *
* (using the magic number to determine the header format). * and issuing a pull request, so that future versions of libpcap and
* * programs that use it (such as tcpdump) will be able to read your new
* Then supply the changes as a patch at * capture file format.
* */
* http://sourceforge.net/projects/libpcap/ struct pcap_file_header {
* bpf_u_int32 magic;
* so that future versions of libpcap and programs that use it (such as u_short version_major;
* tcpdump) will be able to read your new capture file format. u_short version_minor;
*/ bpf_int32 thiszone; /* gmt to local correction */
struct pcap_file_header { bpf_u_int32 sigfigs; /* accuracy of timestamps */
bpf_u_int32 magic; bpf_u_int32 snaplen; /* max length saved portion of each pkt */
u_short version_major; bpf_u_int32 linktype; /* data link type (LINKTYPE_*) */
u_short version_minor; };
bpf_int32 thiszone; /* gmt to local correction */
bpf_u_int32 sigfigs; /* accuracy of timestamps */ /*
bpf_u_int32 snaplen; /* max length saved portion of each pkt */ * Macros for the value returned by pcap_datalink_ext().
bpf_u_int32 linktype; /* data link type (LINKTYPE_*) */ *
}; * If LT_FCS_LENGTH_PRESENT(x) is true, the LT_FCS_LENGTH(x) macro
* gives the FCS length of packets in the capture.
/* */
* Macros for the value returned by pcap_datalink_ext(). #define LT_FCS_LENGTH_PRESENT(x) ((x) & 0x04000000)
* #define LT_FCS_LENGTH(x) (((x) & 0xF0000000) >> 28)
* If LT_FCS_LENGTH_PRESENT(x) is true, the LT_FCS_LENGTH(x) macro #define LT_FCS_DATALINK_EXT(x) ((((x) & 0xF) << 28) | 0x04000000)
* gives the FCS length of packets in the capture.
*/ typedef enum {
#define LT_FCS_LENGTH_PRESENT(x) ((x) & 0x04000000) PCAP_D_INOUT = 0,
#define LT_FCS_LENGTH(x) (((x) & 0xF0000000) >> 28) PCAP_D_IN,
#define LT_FCS_DATALINK_EXT(x) ((((x) & 0xF) << 28) | 0x04000000) PCAP_D_OUT
} pcap_direction_t;
typedef enum {
PCAP_D_INOUT = 0, /*
PCAP_D_IN, * Generic per-packet information, as supplied by libpcap.
PCAP_D_OUT *
} pcap_direction_t; * The time stamp can and should be a "struct timeval", regardless of
* whether your system supports 32-bit tv_sec in "struct timeval",
/* * 64-bit tv_sec in "struct timeval", or both if it supports both 32-bit
* Generic per-packet information, as supplied by libpcap. * and 64-bit applications. The on-disk format of savefiles uses 32-bit
* * tv_sec (and tv_usec); this structure is irrelevant to that. 32-bit
* The time stamp can and should be a "struct timeval", regardless of * and 64-bit versions of libpcap, even if they're on the same platform,
* whether your system supports 32-bit tv_sec in "struct timeval", * should supply the appropriate version of "struct timeval", even if
* 64-bit tv_sec in "struct timeval", or both if it supports both 32-bit * that's not what the underlying packet capture mechanism supplies.
* and 64-bit applications. The on-disk format of savefiles uses 32-bit */
* tv_sec (and tv_usec); this structure is irrelevant to that. 32-bit struct pcap_pkthdr {
* and 64-bit versions of libpcap, even if they're on the same platform, struct timeval ts; /* time stamp */
* should supply the appropriate version of "struct timeval", even if bpf_u_int32 caplen; /* length of portion present */
* that's not what the underlying packet capture mechanism supplies. bpf_u_int32 len; /* length this packet (off wire) */
*/ };
struct pcap_pkthdr {
struct timeval ts; /* time stamp */ /*
bpf_u_int32 caplen; /* length of portion present */ * As returned by the pcap_stats()
bpf_u_int32 len; /* length this packet (off wire) */ */
}; struct pcap_stat {
u_int ps_recv; /* number of packets received */
/* u_int ps_drop; /* number of packets dropped */
* As returned by the pcap_stats() u_int ps_ifdrop; /* drops by interface -- only supported on some platforms */
*/ #if defined(_WIN32) && defined(HAVE_REMOTE)
struct pcap_stat { u_int ps_capt; /* number of packets that reach the application */
u_int ps_recv; /* number of packets received */ u_int ps_sent; /* number of packets sent by the server on the network */
u_int ps_drop; /* number of packets dropped */ u_int ps_netdrop; /* number of packets lost on the network */
u_int ps_ifdrop; /* drops by interface XXX not yet supported */ #endif /* _WIN32 && HAVE_REMOTE */
#ifdef HAVE_REMOTE };
u_int ps_capt; /* number of packets that are received by the application; please get rid off the Win32 ifdef */
u_int ps_sent; /* number of packets sent by the server on the network */ #ifdef MSDOS
u_int ps_netdrop; /* number of packets lost on the network */ /*
#endif /* HAVE_REMOTE */ * As returned by the pcap_stats_ex()
}; */
struct pcap_stat_ex {
#ifdef MSDOS u_long rx_packets; /* total packets received */
/* u_long tx_packets; /* total packets transmitted */
* As returned by the pcap_stats_ex() u_long rx_bytes; /* total bytes received */
*/ u_long tx_bytes; /* total bytes transmitted */
struct pcap_stat_ex { u_long rx_errors; /* bad packets received */
u_long rx_packets; /* total packets received */ u_long tx_errors; /* packet transmit problems */
u_long tx_packets; /* total packets transmitted */ u_long rx_dropped; /* no space in Rx buffers */
u_long rx_bytes; /* total bytes received */ u_long tx_dropped; /* no space available for Tx */
u_long tx_bytes; /* total bytes transmitted */ u_long multicast; /* multicast packets received */
u_long rx_errors; /* bad packets received */ u_long collisions;
u_long tx_errors; /* packet transmit problems */
u_long rx_dropped; /* no space in Rx buffers */ /* detailed rx_errors: */
u_long tx_dropped; /* no space available for Tx */ u_long rx_length_errors;
u_long multicast; /* multicast packets received */ u_long rx_over_errors; /* receiver ring buff overflow */
u_long collisions; u_long rx_crc_errors; /* recv'd pkt with crc error */
u_long rx_frame_errors; /* recv'd frame alignment error */
/* detailed rx_errors: */ u_long rx_fifo_errors; /* recv'r fifo overrun */
u_long rx_length_errors; u_long rx_missed_errors; /* recv'r missed packet */
u_long rx_over_errors; /* receiver ring buff overflow */
u_long rx_crc_errors; /* recv'd pkt with crc error */ /* detailed tx_errors */
u_long rx_frame_errors; /* recv'd frame alignment error */ u_long tx_aborted_errors;
u_long rx_fifo_errors; /* recv'r fifo overrun */ u_long tx_carrier_errors;
u_long rx_missed_errors; /* recv'r missed packet */ u_long tx_fifo_errors;
u_long tx_heartbeat_errors;
/* detailed tx_errors */ u_long tx_window_errors;
u_long tx_aborted_errors; };
u_long tx_carrier_errors; #endif
u_long tx_fifo_errors;
u_long tx_heartbeat_errors; /*
u_long tx_window_errors; * Item in a list of interfaces.
}; */
#endif struct pcap_if {
struct pcap_if *next;
/* char *name; /* name to hand to "pcap_open_live()" */
* Item in a list of interfaces. char *description; /* textual description of interface, or NULL */
*/ struct pcap_addr *addresses;
struct pcap_if { bpf_u_int32 flags; /* PCAP_IF_ interface flags */
struct pcap_if *next; };
char *name; /* name to hand to "pcap_open_live()" */
char *description; /* textual description of interface, or NULL */ #define PCAP_IF_LOOPBACK 0x00000001 /* interface is loopback */
struct pcap_addr *addresses; #define PCAP_IF_UP 0x00000002 /* interface is up */
bpf_u_int32 flags; /* PCAP_IF_ interface flags */ #define PCAP_IF_RUNNING 0x00000004 /* interface is running */
};
/*
#define PCAP_IF_LOOPBACK 0x00000001 /* interface is loopback */ * Representation of an interface address.
*/
/* struct pcap_addr {
* Representation of an interface address. struct pcap_addr *next;
*/ struct sockaddr *addr; /* address */
struct pcap_addr { struct sockaddr *netmask; /* netmask for that address */
struct pcap_addr *next; struct sockaddr *broadaddr; /* broadcast address for that address */
struct sockaddr *addr; /* address */ struct sockaddr *dstaddr; /* P2P destination address for that address */
struct sockaddr *netmask; /* netmask for that address */ };
struct sockaddr *broadaddr; /* broadcast address for that address */
struct sockaddr *dstaddr; /* P2P destination address for that address */ typedef void (*pcap_handler)(u_char *, const struct pcap_pkthdr *,
}; const u_char *);
typedef void (*pcap_handler)(u_char *, const struct pcap_pkthdr *, /*
const u_char *); * Error codes for the pcap API.
* These will all be negative, so you can check for the success or
/* * failure of a call that returns these codes by checking for a
* Error codes for the pcap API. * negative value.
* These will all be negative, so you can check for the success or */
* failure of a call that returns these codes by checking for a #define PCAP_ERROR -1 /* generic error code */
* negative value. #define PCAP_ERROR_BREAK -2 /* loop terminated by pcap_breakloop */
*/ #define PCAP_ERROR_NOT_ACTIVATED -3 /* the capture needs to be activated */
#define PCAP_ERROR -1 /* generic error code */ #define PCAP_ERROR_ACTIVATED -4 /* the operation can't be performed on already activated captures */
#define PCAP_ERROR_BREAK -2 /* loop terminated by pcap_breakloop */ #define PCAP_ERROR_NO_SUCH_DEVICE -5 /* no such device exists */
#define PCAP_ERROR_NOT_ACTIVATED -3 /* the capture needs to be activated */ #define PCAP_ERROR_RFMON_NOTSUP -6 /* this device doesn't support rfmon (monitor) mode */
#define PCAP_ERROR_ACTIVATED -4 /* the operation can't be performed on already activated captures */ #define PCAP_ERROR_NOT_RFMON -7 /* operation supported only in monitor mode */
#define PCAP_ERROR_NO_SUCH_DEVICE -5 /* no such device exists */ #define PCAP_ERROR_PERM_DENIED -8 /* no permission to open the device */
#define PCAP_ERROR_RFMON_NOTSUP -6 /* this device doesn't support rfmon (monitor) mode */ #define PCAP_ERROR_IFACE_NOT_UP -9 /* interface isn't up */
#define PCAP_ERROR_NOT_RFMON -7 /* operation supported only in monitor mode */ #define PCAP_ERROR_CANTSET_TSTAMP_TYPE -10 /* this device doesn't support setting the time stamp type */
#define PCAP_ERROR_PERM_DENIED -8 /* no permission to open the device */ #define PCAP_ERROR_PROMISC_PERM_DENIED -11 /* you don't have permission to capture in promiscuous mode */
#define PCAP_ERROR_IFACE_NOT_UP -9 /* interface isn't up */ #define PCAP_ERROR_TSTAMP_PRECISION_NOTSUP -12 /* the requested time stamp precision is not supported */
/* /*
* Warning codes for the pcap API. * Warning codes for the pcap API.
* These will all be positive and non-zero, so they won't look like * These will all be positive and non-zero, so they won't look like
* errors. * errors.
*/ */
#define PCAP_WARNING 1 /* generic warning code */ #define PCAP_WARNING 1 /* generic warning code */
#define PCAP_WARNING_PROMISC_NOTSUP 2 /* this device doesn't support promiscuous mode */ #define PCAP_WARNING_PROMISC_NOTSUP 2 /* this device doesn't support promiscuous mode */
#define PCAP_WARNING_TSTAMP_TYPE_NOTSUP 3 /* the requested time stamp type is not supported */
char *pcap_lookupdev(char *);
int pcap_lookupnet(const char *, bpf_u_int32 *, bpf_u_int32 *, char *); /*
* Value to pass to pcap_compile() as the netmask if you don't know what
pcap_t *pcap_create(const char *, char *); * the netmask is.
int pcap_set_snaplen(pcap_t *, int); */
int pcap_set_promisc(pcap_t *, int); #define PCAP_NETMASK_UNKNOWN 0xffffffff
int pcap_can_set_rfmon(pcap_t *);
int pcap_set_rfmon(pcap_t *, int); PCAP_API char *pcap_lookupdev(char *);
int pcap_set_timeout(pcap_t *, int); PCAP_API int pcap_lookupnet(const char *, bpf_u_int32 *, bpf_u_int32 *, char *);
int pcap_set_buffer_size(pcap_t *, int);
int pcap_activate(pcap_t *); PCAP_API pcap_t *pcap_create(const char *, char *);
PCAP_API int pcap_set_snaplen(pcap_t *, int);
pcap_t *pcap_open_live(const char *, int, int, int, char *); PCAP_API int pcap_set_promisc(pcap_t *, int);
pcap_t *pcap_open_dead(int, int); PCAP_API int pcap_can_set_rfmon(pcap_t *);
pcap_t *pcap_open_offline(const char *, char *); PCAP_API int pcap_set_rfmon(pcap_t *, int);
#if defined(WIN32) PCAP_API int pcap_set_timeout(pcap_t *, int);
pcap_t *pcap_hopen_offline(intptr_t, char *); PCAP_API int pcap_set_tstamp_type(pcap_t *, int);
#if !defined(LIBPCAP_EXPORTS) PCAP_API int pcap_set_immediate_mode(pcap_t *, int);
#define pcap_fopen_offline(f,b) \ PCAP_API int pcap_set_buffer_size(pcap_t *, int);
pcap_hopen_offline(_get_osfhandle(_fileno(f)), b) PCAP_API int pcap_set_tstamp_precision(pcap_t *, int);
#else /*LIBPCAP_EXPORTS*/ PCAP_API int pcap_get_tstamp_precision(pcap_t *);
static pcap_t *pcap_fopen_offline(FILE *, char *); PCAP_API int pcap_activate(pcap_t *);
#endif
#else /*WIN32*/ PCAP_API int pcap_list_tstamp_types(pcap_t *, int **);
pcap_t *pcap_fopen_offline(FILE *, char *); PCAP_API void pcap_free_tstamp_types(int *);
#endif /*WIN32*/ PCAP_API int pcap_tstamp_type_name_to_val(const char *);
PCAP_API const char *pcap_tstamp_type_val_to_name(int);
void pcap_close(pcap_t *); PCAP_API const char *pcap_tstamp_type_val_to_description(int);
int pcap_loop(pcap_t *, int, pcap_handler, u_char *);
int pcap_dispatch(pcap_t *, int, pcap_handler, u_char *); /*
const u_char* * Time stamp types.
pcap_next(pcap_t *, struct pcap_pkthdr *); * Not all systems and interfaces will necessarily support all of these.
int pcap_next_ex(pcap_t *, struct pcap_pkthdr **, const u_char **); *
void pcap_breakloop(pcap_t *); * A system that supports PCAP_TSTAMP_HOST is offering time stamps
int pcap_stats(pcap_t *, struct pcap_stat *); * provided by the host machine, rather than by the capture device,
int pcap_setfilter(pcap_t *, struct bpf_program *); * but not committing to any characteristics of the time stamp;
int pcap_setdirection(pcap_t *, pcap_direction_t); * it will not offer any of the PCAP_TSTAMP_HOST_ subtypes.
int pcap_getnonblock(pcap_t *, char *); *
int pcap_setnonblock(pcap_t *, int, char *); * PCAP_TSTAMP_HOST_LOWPREC is a time stamp, provided by the host machine,
int pcap_inject(pcap_t *, const void *, size_t); * that's low-precision but relatively cheap to fetch; it's normally done
int pcap_sendpacket(pcap_t *, const u_char *, int); * using the system clock, so it's normally synchronized with times you'd
const char *pcap_statustostr(int); * fetch from system calls.
const char *pcap_strerror(int); *
char *pcap_geterr(pcap_t *); * PCAP_TSTAMP_HOST_HIPREC is a time stamp, provided by the host machine,
void pcap_perror(pcap_t *, char *); * that's high-precision; it might be more expensive to fetch. It might
int pcap_compile(pcap_t *, struct bpf_program *, const char *, int, * or might not be synchronized with the system clock, and might have
bpf_u_int32); * problems with time stamps for packets received on different CPUs,
int pcap_compile_nopcap(int, int, struct bpf_program *, * depending on the platform.
const char *, int, bpf_u_int32); *
void pcap_freecode(struct bpf_program *); * PCAP_TSTAMP_ADAPTER is a high-precision time stamp supplied by the
int pcap_offline_filter(struct bpf_program *, const struct pcap_pkthdr *, * capture device; it's synchronized with the system clock.
const u_char *); *
int pcap_datalink(pcap_t *); * PCAP_TSTAMP_ADAPTER_UNSYNCED is a high-precision time stamp supplied by
int pcap_datalink_ext(pcap_t *); * the capture device; it's not synchronized with the system clock.
int pcap_list_datalinks(pcap_t *, int **); *
int pcap_set_datalink(pcap_t *, int); * Note that time stamps synchronized with the system clock can go
void pcap_free_datalinks(int *); * backwards, as the system clock can go backwards. If a clock is
int pcap_datalink_name_to_val(const char *); * not in sync with the system clock, that could be because the
const char *pcap_datalink_val_to_name(int); * system clock isn't keeping accurate time, because the other
const char *pcap_datalink_val_to_description(int); * clock isn't keeping accurate time, or both.
int pcap_snapshot(pcap_t *); *
int pcap_is_swapped(pcap_t *); * Note that host-provided time stamps generally correspond to the
int pcap_major_version(pcap_t *); * time when the time-stamping code sees the packet; this could
int pcap_minor_version(pcap_t *); * be some unknown amount of time after the first or last bit of
* the packet is received by the network adapter, due to batching
/* XXX */ * of interrupts for packet arrival, queueing delays, etc..
FILE *pcap_file(pcap_t *); */
int pcap_fileno(pcap_t *); #define PCAP_TSTAMP_HOST 0 /* host-provided, unknown characteristics */
#define PCAP_TSTAMP_HOST_LOWPREC 1 /* host-provided, low precision */
pcap_dumper_t *pcap_dump_open(pcap_t *, const char *); #define PCAP_TSTAMP_HOST_HIPREC 2 /* host-provided, high precision */
pcap_dumper_t *pcap_dump_fopen(pcap_t *, FILE *fp); #define PCAP_TSTAMP_ADAPTER 3 /* device-provided, synced with the system clock */
FILE *pcap_dump_file(pcap_dumper_t *); #define PCAP_TSTAMP_ADAPTER_UNSYNCED 4 /* device-provided, not synced with the system clock */
long pcap_dump_ftell(pcap_dumper_t *);
int pcap_dump_flush(pcap_dumper_t *); /*
void pcap_dump_close(pcap_dumper_t *); * Time stamp resolution types.
void pcap_dump(u_char *, const struct pcap_pkthdr *, const u_char *); * Not all systems and interfaces will necessarily support all of these
* resolutions when doing live captures; all of them can be requested
int pcap_findalldevs(pcap_if_t **, char *); * when reading a savefile.
void pcap_freealldevs(pcap_if_t *); */
#define PCAP_TSTAMP_PRECISION_MICRO 0 /* use timestamps with microsecond precision, default */
const char *pcap_lib_version(void); #define PCAP_TSTAMP_PRECISION_NANO 1 /* use timestamps with nanosecond precision */
/* XXX this guy lives in the bpf tree */ PCAP_API pcap_t *pcap_open_live(const char *, int, int, int, char *);
u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int); PCAP_API pcap_t *pcap_open_dead(int, int);
int bpf_validate(const struct bpf_insn *f, int len); PCAP_API pcap_t *pcap_open_dead_with_tstamp_precision(int, int, u_int);
char *bpf_image(const struct bpf_insn *, int); PCAP_API pcap_t *pcap_open_offline_with_tstamp_precision(const char *, u_int, char *);
void bpf_dump(const struct bpf_program *, int); PCAP_API pcap_t *pcap_open_offline(const char *, char *);
#ifdef _WIN32
#if defined(WIN32) PCAP_API pcap_t *pcap_hopen_offline_with_tstamp_precision(intptr_t, u_int, char *);
PCAP_API pcap_t *pcap_hopen_offline(intptr_t, char *);
/* /*
* Win32 definitions * If we're building libpcap, these are internal routines in savefile.c,
*/ * so we mustn't define them as macros.
*/
int pcap_setbuff(pcap_t *p, int dim); #ifndef BUILDING_PCAP
int pcap_setmode(pcap_t *p, int mode); #define pcap_fopen_offline_with_tstamp_precision(f,p,b) \
int pcap_setmintocopy(pcap_t *p, int size); pcap_hopen_offline_with_tstamp_precision(_get_osfhandle(_fileno(f)), p, b)
#define pcap_fopen_offline(f,b) \
#ifdef WPCAP pcap_hopen_offline(_get_osfhandle(_fileno(f)), b)
/* Include file with the wpcap-specific extensions */ #endif
#include <Win32-Extensions.h> #else /*_WIN32*/
#endif /* WPCAP */ PCAP_API pcap_t *pcap_fopen_offline_with_tstamp_precision(FILE *, u_int, char *);
PCAP_API pcap_t *pcap_fopen_offline(FILE *, char *);
#define MODE_CAPT 0 #endif /*_WIN32*/
#define MODE_STAT 1
#define MODE_MON 2 PCAP_API void pcap_close(pcap_t *);
PCAP_API int pcap_loop(pcap_t *, int, pcap_handler, u_char *);
#elif defined(MSDOS) PCAP_API int pcap_dispatch(pcap_t *, int, pcap_handler, u_char *);
PCAP_API const u_char *pcap_next(pcap_t *, struct pcap_pkthdr *);
/* PCAP_API int pcap_next_ex(pcap_t *, struct pcap_pkthdr **, const u_char **);
* MS-DOS definitions PCAP_API void pcap_breakloop(pcap_t *);
*/ PCAP_API int pcap_stats(pcap_t *, struct pcap_stat *);
PCAP_API int pcap_setfilter(pcap_t *, struct bpf_program *);
int pcap_stats_ex (pcap_t *, struct pcap_stat_ex *); PCAP_API int pcap_setdirection(pcap_t *, pcap_direction_t);
void pcap_set_wait (pcap_t *p, void (*yield)(void), int wait); PCAP_API int pcap_getnonblock(pcap_t *, char *);
u_long pcap_mac_packets (void); PCAP_API int pcap_setnonblock(pcap_t *, int, char *);
PCAP_API int pcap_inject(pcap_t *, const void *, size_t);
#else /* UN*X */ PCAP_API int pcap_sendpacket(pcap_t *, const u_char *, int);
PCAP_API const char *pcap_statustostr(int);
/* PCAP_API const char *pcap_strerror(int);
* UN*X definitions PCAP_API char *pcap_geterr(pcap_t *);
*/ PCAP_API void pcap_perror(pcap_t *, const char *);
PCAP_API int pcap_compile(pcap_t *, struct bpf_program *, const char *, int,
int pcap_get_selectable_fd(pcap_t *); bpf_u_int32);
PCAP_API int pcap_compile_nopcap(int, int, struct bpf_program *,
#endif /* WIN32/MSDOS/UN*X */ const char *, int, bpf_u_int32);
PCAP_API void pcap_freecode(struct bpf_program *);
#ifdef HAVE_REMOTE PCAP_API int pcap_offline_filter(const struct bpf_program *,
/* Includes most of the public stuff that is needed for the remote capture */ const struct pcap_pkthdr *, const u_char *);
#include <remote-ext.h> PCAP_API int pcap_datalink(pcap_t *);
#endif /* HAVE_REMOTE */ PCAP_API int pcap_datalink_ext(pcap_t *);
PCAP_API int pcap_list_datalinks(pcap_t *, int **);
#ifdef __cplusplus PCAP_API int pcap_set_datalink(pcap_t *, int);
} PCAP_API void pcap_free_datalinks(int *);
#endif PCAP_API int pcap_datalink_name_to_val(const char *);
PCAP_API const char *pcap_datalink_val_to_name(int);
#endif PCAP_API const char *pcap_datalink_val_to_description(int);
PCAP_API int pcap_snapshot(pcap_t *);
PCAP_API int pcap_is_swapped(pcap_t *);
PCAP_API int pcap_major_version(pcap_t *);
PCAP_API int pcap_minor_version(pcap_t *);
/* XXX */
PCAP_API FILE *pcap_file(pcap_t *);
PCAP_API int pcap_fileno(pcap_t *);
#ifdef _WIN32
PCAP_API int pcap_wsockinit(void);
#endif
PCAP_API pcap_dumper_t *pcap_dump_open(pcap_t *, const char *);
PCAP_API pcap_dumper_t *pcap_dump_fopen(pcap_t *, FILE *fp);
PCAP_API pcap_dumper_t *pcap_dump_open_append(pcap_t *, const char *);
PCAP_API FILE *pcap_dump_file(pcap_dumper_t *);
PCAP_API long pcap_dump_ftell(pcap_dumper_t *);
PCAP_API int pcap_dump_flush(pcap_dumper_t *);
PCAP_API void pcap_dump_close(pcap_dumper_t *);
PCAP_API void pcap_dump(u_char *, const struct pcap_pkthdr *, const u_char *);
PCAP_API int pcap_findalldevs(pcap_if_t **, char *);
PCAP_API void pcap_freealldevs(pcap_if_t *);
PCAP_API const char *pcap_lib_version(void);
/*
* On at least some versions of NetBSD and QNX, we don't want to declare
* bpf_filter() here, as it's also be declared in <net/bpf.h>, with a
* different signature, but, on other BSD-flavored UN*Xes, it's not
* declared in <net/bpf.h>, so we *do* want to declare it here, so it's
* declared when we build pcap-bpf.c.
*/
#if !defined(__NetBSD__) && !defined(__QNX__)
PCAP_API u_int bpf_filter(const struct bpf_insn *, const u_char *, u_int, u_int);
#endif
PCAP_API int bpf_validate(const struct bpf_insn *f, int len);
PCAP_API char *bpf_image(const struct bpf_insn *, int);
PCAP_API void bpf_dump(const struct bpf_program *, int);
#if defined(_WIN32)
/*
* Win32 definitions
*/
/*!
\brief A queue of raw packets that will be sent to the network with pcap_sendqueue_transmit().
*/
struct pcap_send_queue
{
u_int maxlen; /* Maximum size of the the queue, in bytes. This
variable contains the size of the buffer field. */
u_int len; /* Current size of the queue, in bytes. */
char *buffer; /* Buffer containing the packets to be sent. */
};
typedef struct pcap_send_queue pcap_send_queue;
/*!
\brief This typedef is a support for the pcap_get_airpcap_handle() function
*/
#if !defined(AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_)
#define AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_
typedef struct _AirpcapHandle *PAirpcapHandle;
#endif
PCAP_API int pcap_setbuff(pcap_t *p, int dim);
PCAP_API int pcap_setmode(pcap_t *p, int mode);
PCAP_API int pcap_setmintocopy(pcap_t *p, int size);
PCAP_API HANDLE pcap_getevent(pcap_t *p);
PCAP_API int pcap_oid_get_request(pcap_t *, bpf_u_int32, void *, size_t *);
PCAP_API int pcap_oid_set_request(pcap_t *, bpf_u_int32, const void *, size_t *);
PCAP_API pcap_send_queue* pcap_sendqueue_alloc(u_int memsize);
PCAP_API void pcap_sendqueue_destroy(pcap_send_queue* queue);
PCAP_API int pcap_sendqueue_queue(pcap_send_queue* queue, const struct pcap_pkthdr *pkt_header, const u_char *pkt_data);
PCAP_API u_int pcap_sendqueue_transmit(pcap_t *p, pcap_send_queue* queue, int sync);
PCAP_API struct pcap_stat *pcap_stats_ex(pcap_t *p, int *pcap_stat_size);
PCAP_API int pcap_setuserbuffer(pcap_t *p, int size);
PCAP_API int pcap_live_dump(pcap_t *p, char *filename, int maxsize, int maxpacks);
PCAP_API int pcap_live_dump_ended(pcap_t *p, int sync);
PCAP_API int pcap_start_oem(char* err_str, int flags);
PCAP_API PAirpcapHandle pcap_get_airpcap_handle(pcap_t *p);
#define MODE_CAPT 0
#define MODE_STAT 1
#define MODE_MON 2
#elif defined(MSDOS)
/*
* MS-DOS definitions
*/
PCAP_API int pcap_stats_ex (pcap_t *, struct pcap_stat_ex *);
PCAP_API void pcap_set_wait (pcap_t *p, void (*yield)(void), int wait);
PCAP_API u_long pcap_mac_packets (void);
#else /* UN*X */
/*
* UN*X definitions
*/
PCAP_API int pcap_get_selectable_fd(pcap_t *);
#endif /* _WIN32/MSDOS/UN*X */
#ifdef HAVE_REMOTE
/* Includes most of the public stuff that is needed for the remote capture */
#include <remote-ext.h>
#endif /* HAVE_REMOTE */
#ifdef __cplusplus
}
#endif
#endif /* lib_pcap_pcap_h */

256
mswin32/pcap-include/pcap/sll.h
View File

@@ -1,129 +1,127 @@
/*- /*-
* Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved. * The Regents of the University of California. All rights reserved.
* *
* This code is derived from the Stanford/CMU enet packet filter, * This code is derived from the Stanford/CMU enet packet filter,
* (net/enet.c) distributed as part of 4.3BSD, and code contributed * (net/enet.c) distributed as part of 4.3BSD, and code contributed
* to Berkeley by Steven McCanne and Van Jacobson both of Lawrence * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
* Berkeley Laboratory. * Berkeley Laboratory.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software * 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement: * must display the following acknowledgement:
* This product includes software developed by the University of * This product includes software developed by the University of
* California, Berkeley and its contributors. * California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors * 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software * may be used to endorse or promote products derived from this software
* without specific prior written permission. * without specific prior written permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* */
* @(#) $Header: /tcpdump/master/libpcap/pcap/sll.h,v 1.2.2.1 2008-05-30 01:36:06 guy Exp $ (LBL)
*/ /*
* For captures on Linux cooked sockets, we construct a fake header
/* * that includes:
* For captures on Linux cooked sockets, we construct a fake header *
* that includes: * a 2-byte "packet type" which is one of:
* *
* a 2-byte "packet type" which is one of: * LINUX_SLL_HOST packet was sent to us
* * LINUX_SLL_BROADCAST packet was broadcast
* LINUX_SLL_HOST packet was sent to us * LINUX_SLL_MULTICAST packet was multicast
* LINUX_SLL_BROADCAST packet was broadcast * LINUX_SLL_OTHERHOST packet was sent to somebody else
* LINUX_SLL_MULTICAST packet was multicast * LINUX_SLL_OUTGOING packet was sent *by* us;
* LINUX_SLL_OTHERHOST packet was sent to somebody else *
* LINUX_SLL_OUTGOING packet was sent *by* us; * a 2-byte Ethernet protocol field;
* *
* a 2-byte Ethernet protocol field; * a 2-byte link-layer type;
* *
* a 2-byte link-layer type; * a 2-byte link-layer address length;
* *
* a 2-byte link-layer address length; * an 8-byte source link-layer address, whose actual length is
* * specified by the previous value.
* an 8-byte source link-layer address, whose actual length is *
* specified by the previous value. * All fields except for the link-layer address are in network byte order.
* *
* All fields except for the link-layer address are in network byte order. * DO NOT change the layout of this structure, or change any of the
* * LINUX_SLL_ values below. If you must change the link-layer header
* DO NOT change the layout of this structure, or change any of the * for a "cooked" Linux capture, introduce a new DLT_ type (ask
* LINUX_SLL_ values below. If you must change the link-layer header * "tcpdump-workers@lists.tcpdump.org" for one, so that you don't give it
* for a "cooked" Linux capture, introduce a new DLT_ type (ask * a value that collides with a value already being used), and use the
* "tcpdump-workers@lists.tcpdump.org" for one, so that you don't give it * new header in captures of that type, so that programs that can
* a value that collides with a value already being used), and use the * handle DLT_LINUX_SLL captures will continue to handle them correctly
* new header in captures of that type, so that programs that can * without any change, and so that capture files with different headers
* handle DLT_LINUX_SLL captures will continue to handle them correctly * can be told apart and programs that read them can dissect the
* without any change, and so that capture files with different headers * packets in them.
* can be told apart and programs that read them can dissect the */
* packets in them.
*/ #ifndef lib_pcap_sll_h
#define lib_pcap_sll_h
#ifndef lib_pcap_sll_h
#define lib_pcap_sll_h /*
* A DLT_LINUX_SLL fake link-layer header.
/* */
* A DLT_LINUX_SLL fake link-layer header. #define SLL_HDR_LEN 16 /* total header length */
*/ #define SLL_ADDRLEN 8 /* length of address field */
#define SLL_HDR_LEN 16 /* total header length */
#define SLL_ADDRLEN 8 /* length of address field */ struct sll_header {
u_int16_t sll_pkttype; /* packet type */
struct sll_header { u_int16_t sll_hatype; /* link-layer address type */
u_int16_t sll_pkttype; /* packet type */ u_int16_t sll_halen; /* link-layer address length */
u_int16_t sll_hatype; /* link-layer address type */ u_int8_t sll_addr[SLL_ADDRLEN]; /* link-layer address */
u_int16_t sll_halen; /* link-layer address length */ u_int16_t sll_protocol; /* protocol */
u_int8_t sll_addr[SLL_ADDRLEN]; /* link-layer address */ };
u_int16_t sll_protocol; /* protocol */
}; /*
* The LINUX_SLL_ values for "sll_pkttype"; these correspond to the
/* * PACKET_ values on Linux, but are defined here so that they're
* The LINUX_SLL_ values for "sll_pkttype"; these correspond to the * available even on systems other than Linux, and so that they
* PACKET_ values on Linux, but are defined here so that they're * don't change even if the PACKET_ values change.
* available even on systems other than Linux, and so that they */
* don't change even if the PACKET_ values change. #define LINUX_SLL_HOST 0
*/ #define LINUX_SLL_BROADCAST 1
#define LINUX_SLL_HOST 0 #define LINUX_SLL_MULTICAST 2
#define LINUX_SLL_BROADCAST 1 #define LINUX_SLL_OTHERHOST 3
#define LINUX_SLL_MULTICAST 2 #define LINUX_SLL_OUTGOING 4
#define LINUX_SLL_OTHERHOST 3
#define LINUX_SLL_OUTGOING 4 /*
* The LINUX_SLL_ values for "sll_protocol"; these correspond to the
/* * ETH_P_ values on Linux, but are defined here so that they're
* The LINUX_SLL_ values for "sll_protocol"; these correspond to the * available even on systems other than Linux. We assume, for now,
* ETH_P_ values on Linux, but are defined here so that they're * that the ETH_P_ values won't change in Linux; if they do, then:
* available even on systems other than Linux. We assume, for now, *
* that the ETH_P_ values won't change in Linux; if they do, then: * if we don't translate them in "pcap-linux.c", capture files
* * won't necessarily be readable if captured on a system that
* if we don't translate them in "pcap-linux.c", capture files * defines ETH_P_ values that don't match these values;
* won't necessarily be readable if captured on a system that *
* defines ETH_P_ values that don't match these values; * if we do translate them in "pcap-linux.c", that makes life
* * unpleasant for the BPF code generator, as the values you test
* if we do translate them in "pcap-linux.c", that makes life * for in the kernel aren't the values that you test for when
* unpleasant for the BPF code generator, as the values you test * reading a capture file, so the fixup code run on BPF programs
* for in the kernel aren't the values that you test for when * handed to the kernel ends up having to do more work.
* reading a capture file, so the fixup code run on BPF programs *
* handed to the kernel ends up having to do more work. * Add other values here as necessary, for handling packet types that
* * might show up on non-Ethernet, non-802.x networks. (Not all the ones
* Add other values here as necessary, for handling packet types that * in the Linux "if_ether.h" will, I suspect, actually show up in
* might show up on non-Ethernet, non-802.x networks. (Not all the ones * captures.)
* in the Linux "if_ether.h" will, I suspect, actually show up in */
* captures.) #define LINUX_SLL_P_802_3 0x0001 /* Novell 802.3 frames without 802.2 LLC header */
*/ #define LINUX_SLL_P_802_2 0x0004 /* 802.2 frames (not D/I/X Ethernet) */
#define LINUX_SLL_P_802_3 0x0001 /* Novell 802.3 frames without 802.2 LLC header */
#define LINUX_SLL_P_802_2 0x0004 /* 802.2 frames (not D/I/X Ethernet) */ #endif
#endif

231
mswin32/pcap-include/pcap/usb.h
View File

@@ -1,90 +1,141 @@
/* /*
* Copyright (c) 2006 Paolo Abeni (Italy) * Copyright (c) 2006 Paolo Abeni (Italy)
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* *
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote * 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written * products derived from this software without specific prior written
* permission. * permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* *
* Basic USB data struct * Basic USB data struct
* By Paolo Abeni <paolo.abeni@email.it> * By Paolo Abeni <paolo.abeni@email.it>
* */
* @(#) $Header: /tcpdump/master/libpcap/pcap/usb.h,v 1.6 2007/09/22 02:06:08 guy Exp $
*/ #ifndef lib_pcap_usb_h
#define lib_pcap_usb_h
#ifndef _PCAP_USB_STRUCTS_H__
#define _PCAP_USB_STRUCTS_H__ /*
* possible transfer mode
/* */
* possible transfer mode #define URB_TRANSFER_IN 0x80
*/ #define URB_ISOCHRONOUS 0x0
#define URB_TRANSFER_IN 0x80 #define URB_INTERRUPT 0x1
#define URB_ISOCHRONOUS 0x0 #define URB_CONTROL 0x2
#define URB_INTERRUPT 0x1 #define URB_BULK 0x3
#define URB_CONTROL 0x2
#define URB_BULK 0x3 /*
* possible event type
/* */
* possible event type #define URB_SUBMIT 'S'
*/ #define URB_COMPLETE 'C'
#define URB_SUBMIT 'S' #define URB_ERROR 'E'
#define URB_COMPLETE 'C'
#define URB_ERROR 'E' /*
* USB setup header as defined in USB specification.
/* * Appears at the front of each Control S-type packet in DLT_USB captures.
* USB setup header as defined in USB specification. */
* Appears at the front of each packet in DLT_USB captures. typedef struct _usb_setup {
*/ u_int8_t bmRequestType;
typedef struct _usb_setup { u_int8_t bRequest;
u_int8_t bmRequestType; u_int16_t wValue;
u_int8_t bRequest; u_int16_t wIndex;
u_int16_t wValue; u_int16_t wLength;
u_int16_t wIndex; } pcap_usb_setup;
u_int16_t wLength;
} pcap_usb_setup; /*
* Information from the URB for Isochronous transfers.
*/
/* typedef struct _iso_rec {
* Header prepended by linux kernel to each event. int32_t error_count;
* Appears at the front of each packet in DLT_USB_LINUX captures. int32_t numdesc;
*/ } iso_rec;
typedef struct _usb_header {
u_int64_t id; /*
u_int8_t event_type; * Header prepended by linux kernel to each event.
u_int8_t transfer_type; * Appears at the front of each packet in DLT_USB_LINUX captures.
u_int8_t endpoint_number; */
u_int8_t device_address; typedef struct _usb_header {
u_int16_t bus_id; u_int64_t id;
char setup_flag;/*if !=0 the urb setup header is not present*/ u_int8_t event_type;
char data_flag; /*if !=0 no urb data is present*/ u_int8_t transfer_type;
int64_t ts_sec; u_int8_t endpoint_number;
int32_t ts_usec; u_int8_t device_address;
int32_t status; u_int16_t bus_id;
u_int32_t urb_len; char setup_flag;/*if !=0 the urb setup header is not present*/
u_int32_t data_len; /* amount of urb data really present in this event*/ char data_flag; /*if !=0 no urb data is present*/
pcap_usb_setup setup; int64_t ts_sec;
} pcap_usb_header; int32_t ts_usec;
int32_t status;
u_int32_t urb_len;
#endif u_int32_t data_len; /* amount of urb data really present in this event*/
pcap_usb_setup setup;
} pcap_usb_header;
/*
* Header prepended by linux kernel to each event for the 2.6.31
* and later kernels; for the 2.6.21 through 2.6.30 kernels, the
* "iso_rec" information, and the fields starting with "interval"
* are zeroed-out padding fields.
*
* Appears at the front of each packet in DLT_USB_LINUX_MMAPPED captures.
*/
typedef struct _usb_header_mmapped {
u_int64_t id;
u_int8_t event_type;
u_int8_t transfer_type;
u_int8_t endpoint_number;
u_int8_t device_address;
u_int16_t bus_id;
char setup_flag;/*if !=0 the urb setup header is not present*/
char data_flag; /*if !=0 no urb data is present*/
int64_t ts_sec;
int32_t ts_usec;
int32_t status;
u_int32_t urb_len;
u_int32_t data_len; /* amount of urb data really present in this event*/
union {
pcap_usb_setup setup;
iso_rec iso;
} s;
int32_t interval; /* for Interrupt and Isochronous events */
int32_t start_frame; /* for Isochronous events */
u_int32_t xfer_flags; /* copy of URB's transfer flags */
u_int32_t ndesc; /* number of isochronous descriptors */
} pcap_usb_header_mmapped;
/*
* Isochronous descriptors; for isochronous transfers there might be
* one or more of these at the beginning of the packet data. The
* number of descriptors is given by the "ndesc" field in the header;
* as indicated, in older kernels that don't put the descriptors at
* the beginning of the packet, that field is zeroed out, so that field
* can be trusted even in captures from older kernels.
*/
typedef struct _usb_isodesc {
int32_t status;
u_int32_t offset;
u_int32_t len;
u_int8_t pad[4];
} usb_isodesc;
#endif

90
mswin32/pcap-include/pcap/vlan.h
View File

@@ -1,46 +1,44 @@
/*- /*-
* Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
* The Regents of the University of California. All rights reserved. * The Regents of the University of California. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software * 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement: * must display the following acknowledgement:
* This product includes software developed by the University of * This product includes software developed by the University of
* California, Berkeley and its contributors. * California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors * 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software * may be used to endorse or promote products derived from this software
* without specific prior written permission. * without specific prior written permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. * SUCH DAMAGE.
* */
* @(#) $Header: /tcpdump/master/libpcap/pcap/vlan.h,v 1.1.2.2 2008-08-06 07:45:59 guy Exp $
*/ #ifndef lib_pcap_vlan_h
#define lib_pcap_vlan_h
#ifndef lib_pcap_vlan_h
#define lib_pcap_vlan_h struct vlan_tag {
u_int16_t vlan_tpid; /* ETH_P_8021Q */
struct vlan_tag { u_int16_t vlan_tci; /* VLAN TCI */
u_int16_t vlan_tpid; /* ETH_P_8021Q */ };
u_int16_t vlan_tci; /* VLAN TCI */
}; #define VLAN_TAG_LEN 4
#define VLAN_TAG_LEN 4 #endif
#endif

200
mswin32/pcap-include/portability.h Normal file
View File

@@ -0,0 +1,200 @@
/*
* Copyright (c) 1994, 1995, 1996
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Computer Systems
* Engineering Group at Lawrence Berkeley Laboratory.
* 4. Neither the name of the University nor of the Laboratory may be used
* to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef portability_h
#define portability_h
/*
* Helpers for portability between Windows and UN*X and between different
* flavors of UN*X.
*/
#ifdef __cplusplus
extern "C" {
#endif
#ifndef HAVE_STRLCPY
/*
* Macro that does the same thing as strlcpy().
*/
#ifdef _WIN32
/*
* strncpy_s() is supported at least back to Visual
* Studio 2005.
*/
#define strlcpy(x, y, z) \
strncpy_s((x), (z), (y), _TRUNCATE)
#else
#define strlcpy(x, y, z) \
(strncpy((x), (y), (z)), \
((z) <= 0 ? 0 : ((x)[(z) - 1] = '\0')), \
(void) strlen((y)))
#endif
#endif
/*
* For flagging arguments as format strings in MSVC.
*/
#if _MSC_VER >= 1400
#include <sal.h>
#if _MSC_VER > 1400
#define FORMAT_STRING(p) _Printf_format_string_ p
#else
#define FORMAT_STRING(p) __format_string p
#endif
#else
#define FORMAT_STRING(p) p
#endif
#ifdef _MSC_VER
#define strdup _strdup
#define sscanf sscanf_s
#define strltok(x, y) \
strtok((x), (y))
#define strlcat(x, y, z) \
strncat_s((x), (z), (y), _TRUNCATE)
#define setbuf(x, y) \
setvbuf((x), (y), _IONBF, 0)
#define fopen(x, y) \
fopen_safe((x), (y))
FILE *fopen_safe(const char *filename, const char* mode);
#else
#define strltok strtok
#endif
#ifdef _MSC_VER
/*
* MSVC.
*/
#if _MSC_VER >= 1900
/*
* VS 2015 or newer; we have snprintf() function.
*/
#define HAVE_SNPRINTF
#endif
#endif
/*
* On Windows, snprintf(), with that name and with C99 behavior - i.e.,
* guaranteeing that the formatted string is null-terminated - didn't
* appear until Visual Studio 2015. Prior to that, the C runtime had
* only _snprintf(), which *doesn't* guarantee that the string is
* null-terminated if it is truncated due to the buffer being too
* small. We therefore can't just define snprintf to be _snprintf
* and define vsnprintf to be _vsnprintf, as we're relying on null-
* termination of strings in all cases.
*
* We also want to allow this to be built with versions of Visual Studio
* prior to VS 2015, so we can't rely on snprintf() being present.
*
* And we want to make sure that, if we support plugins in the future,
* a routine with C99 snprintf() behavior will be available to them.
* We also don't want it to collide with the C library snprintf() if
* there is one.
*
* So we make pcap_snprintf() and pcap_vsnprintf() available, either by
* #defining them to be snprintf or vsnprintf, respectively, or by
* defining our own versions and exporting them.
*/
#ifdef HAVE_SNPRINTF
#define pcap_snprintf snprintf
#else
extern int pcap_snprintf(char *, size_t, FORMAT_STRING(const char *), ...)
#ifdef __ATTRIBUTE___FORMAT_OK
__attribute__((format (printf, 3, 4)))
#endif /* __ATTRIBUTE___FORMAT_OK */
;
#endif
#ifdef HAVE_VSNPRINTF
#define pcap_vsnprintf vsnprintf
#else
extern int pcap_vsnprintf(char *, size_t, const char *, va_list ap);
#endif
#ifdef _WIN32
/*
* These may be defined by <inttypes.h>.
*
* XXX - for MSVC, we always want the _MSC_EXTENSIONS versions.
* What about other compilers? If, as the MinGW Web site says MinGW
* does, the other compilers just use Microsoft's run-time library,
* then they should probably use the _MSC_EXTENSIONS even if the
* compiler doesn't define _MSC_EXTENSIONS.
*
* XXX - we currently aren't using any of these, but this allows
* their use in the future.
*/
#ifndef PRId64
#ifdef _MSC_EXTENSIONS
#define PRId64 "I64d"
#else
#define PRId64 "lld"
#endif
#endif /* PRId64 */
#ifndef PRIo64
#ifdef _MSC_EXTENSIONS
#define PRIo64 "I64o"
#else
#define PRIo64 "llo"
#endif
#endif /* PRIo64 */
#ifndef PRIx64
#ifdef _MSC_EXTENSIONS
#define PRIx64 "I64x"
#else
#define PRIx64 "llx"
#endif
#endif
#ifndef PRIu64
#ifdef _MSC_EXTENSIONS
#define PRIu64 "I64u"
#else
#define PRIu64 "llu"
#endif
#endif
#if !defined(__cplusplus)
#define inline __inline
#endif
#endif /* _WIN32 */
#ifdef __cplusplus
}
#endif
#endif

659
mswin32/pcap-include/remote-ext.h
View File

@@ -2,32 +2,32 @@
* Copyright (c) 2002 - 2003 * Copyright (c) 2002 - 2003
* NetGroup, Politecnico di Torino (Italy) * NetGroup, Politecnico di Torino (Italy)
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* *
* 1. Redistributions of source code must retain the above copyright * 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer. * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the * notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution. * documentation and/or other materials provided with the distribution.
* 3. Neither the name of the Politecnico di Torino nor the names of its * 3. Neither the name of the Politecnico di Torino nor the names of its
* contributors may be used to endorse or promote products derived from * contributors may be used to endorse or promote products derived from
* this software without specific prior written permission. * this software without specific prior written permission.
* *
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
* *
*/ */
@@ -39,7 +39,7 @@
#error Please do not include this file directly. Just define HAVE_REMOTE and then include pcap.h #error Please do not include this file directly. Just define HAVE_REMOTE and then include pcap.h
#endif #endif
// Definition for Microsoft Visual Studio /*// Definition for Microsoft Visual Studio */
#if _MSC_VER > 1000 #if _MSC_VER > 1000
#pragma once #pragma once
#endif #endif
@@ -48,391 +48,414 @@
extern "C" { extern "C" {
#endif #endif
/*! /*
\file remote-ext.h * \file remote-ext.h
*
The goal of this file it to include most of the new definitions that should be * The goal of this file it to include most of the new definitions that should be
placed into the pcap.h file. * placed into the pcap.h file.
*
It includes all new definitions (structures and functions like pcap_open(). * It includes all new definitions (structures and functions like pcap_open().
Some of the functions are not really a remote feature, but, right now, * Some of the functions are not really a remote feature, but, right now,
they are placed here. * they are placed here.
*/ */
// All this stuff is public /*// All this stuff is public */
/*! \addtogroup remote_struct /*
\{ * \addtogroup remote_struct
*/ * \{
*/
/*! /*
\brief Defines the maximum buffer size in which address, port, interface names are kept. * \brief Defines the maximum buffer size in which address, port, interface names are kept.
*
In case the adapter name or such is larger than this value, it is truncated. * In case the adapter name or such is larger than this value, it is truncated.
This is not used by the user; however it must be aware that an hostname / interface * This is not used by the user; however it must be aware that an hostname / interface
name longer than this value will be truncated. * name longer than this value will be truncated.
*/ */
#define PCAP_BUF_SIZE 1024 #define PCAP_BUF_SIZE 1024
/*! \addtogroup remote_source_ID /*
\{ * \addtogroup remote_source_ID
*/ * \{
*/
/*! /*
\brief Internal representation of the type of source in use (file, * \brief Internal representation of the type of source in use (file,
remote/local interface). * remote/local interface).
*
This indicates a file, i.e. the user want to open a capture from a local file. * This indicates a file, i.e. the user want to open a capture from a local file.
*/ */
#define PCAP_SRC_FILE 2 #define PCAP_SRC_FILE 2
/*! /*
\brief Internal representation of the type of source in use (file, * \brief Internal representation of the type of source in use (file,
remote/local interface). * remote/local interface).
*
This indicates a local interface, i.e. the user want to open a capture from * This indicates a local interface, i.e. the user want to open a capture from
a local interface. This does not involve the RPCAP protocol. * a local interface. This does not involve the RPCAP protocol.
*/ */
#define PCAP_SRC_IFLOCAL 3 #define PCAP_SRC_IFLOCAL 3
/*! /*
\brief Internal representation of the type of source in use (file, * \brief Internal representation of the type of source in use (file,
remote/local interface). * remote/local interface).
*
This indicates a remote interface, i.e. the user want to open a capture from * This indicates a remote interface, i.e. the user want to open a capture from
an interface on a remote host. This does involve the RPCAP protocol. * an interface on a remote host. This does involve the RPCAP protocol.
*/ */
#define PCAP_SRC_IFREMOTE 4 #define PCAP_SRC_IFREMOTE 4
/*! /*
\} * \}
*/ */
/*! \addtogroup remote_source_string /* \addtogroup remote_source_string
*
The formats allowed by the pcap_open() are the following: * The formats allowed by the pcap_open() are the following:
- file://path_and_filename [opens a local file] * - file://path_and_filename [opens a local file]
- rpcap://devicename [opens the selected device devices available on the local host, without using the RPCAP protocol] * - rpcap://devicename [opens the selected device devices available on the local host, without using the RPCAP protocol]
- rpcap://host/devicename [opens the selected device available on a remote host] * - rpcap://host/devicename [opens the selected device available on a remote host]
- rpcap://host:port/devicename [opens the selected device available on a remote host, using a non-standard port for RPCAP] * - rpcap://host:port/devicename [opens the selected device available on a remote host, using a non-standard port for RPCAP]
- adaptername [to open a local adapter; kept for compability, but it is strongly discouraged] * - adaptername [to open a local adapter; kept for compability, but it is strongly discouraged]
- (NULL) [to open the first local adapter; kept for compability, but it is strongly discouraged] * - (NULL) [to open the first local adapter; kept for compability, but it is strongly discouraged]
*
The formats allowed by the pcap_findalldevs_ex() are the following: * The formats allowed by the pcap_findalldevs_ex() are the following:
- file://folder/ [lists all the files in the given folder] * - file://folder/ [lists all the files in the given folder]
- rpcap:// [lists all local adapters] * - rpcap:// [lists all local adapters]
- rpcap://host:port/ [lists the devices available on a remote host] * - rpcap://host:port/ [lists the devices available on a remote host]
*
Referring to the 'host' and 'port' paramters, they can be either numeric or literal. Since * Referring to the 'host' and 'port' parameters, they can be either numeric or literal. Since
IPv6 is fully supported, these are the allowed formats: * IPv6 is fully supported, these are the allowed formats:
*
- host (literal): e.g. host.foo.bar * - host (literal): e.g. host.foo.bar
- host (numeric IPv4): e.g. 10.11.12.13 * - host (numeric IPv4): e.g. 10.11.12.13
- host (numeric IPv4, IPv6 style): e.g. [10.11.12.13] * - host (numeric IPv4, IPv6 style): e.g. [10.11.12.13]
- host (numeric IPv6): e.g. [1:2:3::4] * - host (numeric IPv6): e.g. [1:2:3::4]
- port: can be either numeric (e.g. '80') or literal (e.g. 'http') * - port: can be either numeric (e.g. '80') or literal (e.g. 'http')
*
Here you find some allowed examples: * Here you find some allowed examples:
- rpcap://host.foo.bar/devicename [everything literal, no port number] * - rpcap://host.foo.bar/devicename [everything literal, no port number]
- rpcap://host.foo.bar:1234/devicename [everything literal, with port number] * - rpcap://host.foo.bar:1234/devicename [everything literal, with port number]
- rpcap://10.11.12.13/devicename [IPv4 numeric, no port number] * - rpcap://10.11.12.13/devicename [IPv4 numeric, no port number]
- rpcap://10.11.12.13:1234/devicename [IPv4 numeric, with port number] * - rpcap://10.11.12.13:1234/devicename [IPv4 numeric, with port number]
- rpcap://[10.11.12.13]:1234/devicename [IPv4 numeric with IPv6 format, with port number] * - rpcap://[10.11.12.13]:1234/devicename [IPv4 numeric with IPv6 format, with port number]
- rpcap://[1:2:3::4]/devicename [IPv6 numeric, no port number] * - rpcap://[1:2:3::4]/devicename [IPv6 numeric, no port number]
- rpcap://[1:2:3::4]:1234/devicename [IPv6 numeric, with port number] * - rpcap://[1:2:3::4]:1234/devicename [IPv6 numeric, with port number]
- rpcap://[1:2:3::4]:http/devicename [IPv6 numeric, with literal port number] * - rpcap://[1:2:3::4]:http/devicename [IPv6 numeric, with literal port number]
*
\{ * \{
*/ */
/*! /*
\brief String that will be used to determine the type of source in use (file, * \brief String that will be used to determine the type of source in use (file,
remote/local interface). * remote/local interface).
*
This string will be prepended to the interface name in order to create a string * This string will be prepended to the interface name in order to create a string
that contains all the information required to open the source. * that contains all the information required to open the source.
*
This string indicates that the user wants to open a capture from a local file. * This string indicates that the user wants to open a capture from a local file.
*/ */
#define PCAP_SRC_FILE_STRING "file://" #define PCAP_SRC_FILE_STRING "file://"
/*! /*
\brief String that will be used to determine the type of source in use (file, * \brief String that will be used to determine the type of source in use (file,
remote/local interface). * remote/local interface).
*
This string will be prepended to the interface name in order to create a string * This string will be prepended to the interface name in order to create a string
that contains all the information required to open the source. * that contains all the information required to open the source.
*
This string indicates that the user wants to open a capture from a network interface. * This string indicates that the user wants to open a capture from a network interface.
This string does not necessarily involve the use of the RPCAP protocol. If the * This string does not necessarily involve the use of the RPCAP protocol. If the
interface required resides on the local host, the RPCAP protocol is not involved * interface required resides on the local host, the RPCAP protocol is not involved
and the local functions are used. * and the local functions are used.
*/ */
#define PCAP_SRC_IF_STRING "rpcap://" #define PCAP_SRC_IF_STRING "rpcap://"
/*! /*
\} * \}
*/ */
/*! /*
\addtogroup remote_open_flags * \addtogroup remote_open_flags
\{ * \{
*/ */
/*! /*
\brief Defines if the adapter has to go in promiscuous mode. * \brief Defines if the adapter has to go in promiscuous mode.
*
It is '1' if you have to open the adapter in promiscuous mode, '0' otherwise. * It is '1' if you have to open the adapter in promiscuous mode, '0' otherwise.
Note that even if this parameter is false, the interface could well be in promiscuous * Note that even if this parameter is false, the interface could well be in promiscuous
mode for some other reason (for example because another capture process with * mode for some other reason (for example because another capture process with
promiscuous mode enabled is currently using that interface). * promiscuous mode enabled is currently using that interface).
On on Linux systems with 2.2 or later kernels (that have the "any" device), this * On on Linux systems with 2.2 or later kernels (that have the "any" device), this
flag does not work on the "any" device; if an argument of "any" is supplied, * flag does not work on the "any" device; if an argument of "any" is supplied,
the 'promisc' flag is ignored. * the 'promisc' flag is ignored.
*/ */
#define PCAP_OPENFLAG_PROMISCUOUS 1 #define PCAP_OPENFLAG_PROMISCUOUS 1
/*! /*
\brief Defines if the data trasfer (in case of a remote * \brief Defines if the data transfer (in case of a remote
capture) has to be done with UDP protocol. * capture) has to be done with UDP protocol.
*
If it is '1' if you want a UDP data connection, '0' if you want * If it is '1' if you want a UDP data connection, '0' if you want
a TCP data connection; control connection is always TCP-based. * a TCP data connection; control connection is always TCP-based.
A UDP connection is much lighter, but it does not guarantee that all * A UDP connection is much lighter, but it does not guarantee that all
the captured packets arrive to the client workstation. Moreover, * the captured packets arrive to the client workstation. Moreover,
it could be harmful in case of network congestion. * it could be harmful in case of network congestion.
This flag is meaningless if the source is not a remote interface. * This flag is meaningless if the source is not a remote interface.
In that case, it is simply ignored. * In that case, it is simply ignored.
*/ */
#define PCAP_OPENFLAG_DATATX_UDP 2 #define PCAP_OPENFLAG_DATATX_UDP 2
/*! /*
\brief Defines if the remote probe will capture its own generated traffic. * \brief Defines if the remote probe will capture its own generated traffic.
*
In case the remote probe uses the same interface to capture traffic and to send * In case the remote probe uses the same interface to capture traffic and to send
data back to the caller, the captured traffic includes the RPCAP traffic as well. * data back to the caller, the captured traffic includes the RPCAP traffic as well.
If this flag is turned on, the RPCAP traffic is excluded from the capture, so that * If this flag is turned on, the RPCAP traffic is excluded from the capture, so that
the trace returned back to the collector is does not include this traffic. * the trace returned back to the collector is does not include this traffic.
*/ */
#define PCAP_OPENFLAG_NOCAPTURE_RPCAP 4 #define PCAP_OPENFLAG_NOCAPTURE_RPCAP 4
/*! /*
\brief Defines if the local adapter will capture its own generated traffic. * \brief Defines if the local adapter will capture its own generated traffic.
*
This flag tells the underlying capture driver to drop the packets that were sent by itself. * This flag tells the underlying capture driver to drop the packets that were sent by itself.
This is usefult when building applications like bridges, that should ignore the traffic * This is useful when building applications like bridges, that should ignore the traffic
they just sent. * they just sent.
*/ */
#define PCAP_OPENFLAG_NOCAPTURE_LOCAL 8 #define PCAP_OPENFLAG_NOCAPTURE_LOCAL 8
/*! /*
\brief This flag configures the adapter for maximum responsiveness. * \brief This flag configures the adapter for maximum responsiveness.
*
In presence of a large value for nbytes, WinPcap waits for the arrival of several packets before * In presence of a large value for nbytes, WinPcap waits for the arrival of several packets before
copying the data to the user. This guarantees a low number of system calls, i.e. lower processor usage, * copying the data to the user. This guarantees a low number of system calls, i.e. lower processor usage,
i.e. better performance, which is good for applications like sniffers. If the user sets the * i.e. better performance, which is good for applications like sniffers. If the user sets the
PCAP_OPENFLAG_MAX_RESPONSIVENESS flag, the capture driver will copy the packets as soon as the application * PCAP_OPENFLAG_MAX_RESPONSIVENESS flag, the capture driver will copy the packets as soon as the application
is ready to receive them. This is suggested for real time applications (like, for example, a bridge) * is ready to receive them. This is suggested for real time applications (like, for example, a bridge)
that need the best responsiveness.*/ * that need the best responsiveness.
*/
#define PCAP_OPENFLAG_MAX_RESPONSIVENESS 16 #define PCAP_OPENFLAG_MAX_RESPONSIVENESS 16
/*! /*
\} * \}
*/ */
/*! /*
\addtogroup remote_samp_methods * \addtogroup remote_samp_methods
\{ * \{
*/ */
/*! /*
\brief No sampling has to be done on the current capture. *\brief No sampling has to be done on the current capture.
*
In this case, no sampling algorithms are applied to the current capture. * In this case, no sampling algorithms are applied to the current capture.
*/ */
#define PCAP_SAMP_NOSAMP 0 #define PCAP_SAMP_NOSAMP 0
/*! /*
\brief It defines that only 1 out of N packets must be returned to the user. * \brief It defines that only 1 out of N packets must be returned to the user.
*
In this case, the 'value' field of the 'pcap_samp' structure indicates the * In this case, the 'value' field of the 'pcap_samp' structure indicates the
number of packets (minus 1) that must be discarded before one packet got accepted. * number of packets (minus 1) that must be discarded before one packet got accepted.
In other words, if 'value = 10', the first packet is returned to the caller, while * In other words, if 'value = 10', the first packet is returned to the caller, while
the following 9 are discarded. * the following 9 are discarded.
*/ */
#define PCAP_SAMP_1_EVERY_N 1 #define PCAP_SAMP_1_EVERY_N 1
/*! /*
\brief It defines that we have to return 1 packet every N milliseconds. * \brief It defines that we have to return 1 packet every N milliseconds.
*
In this case, the 'value' field of the 'pcap_samp' structure indicates the 'waiting * In this case, the 'value' field of the 'pcap_samp' structure indicates the 'waiting
time' in milliseconds before one packet got accepted. * time' in milliseconds before one packet got accepted.
In other words, if 'value = 10', the first packet is returned to the caller; the next * In other words, if 'value = 10', the first packet is returned to the caller; the next
returned one will be the first packet that arrives when 10ms have elapsed. * returned one will be the first packet that arrives when 10ms have elapsed.
*/ */
#define PCAP_SAMP_FIRST_AFTER_N_MS 2 #define PCAP_SAMP_FIRST_AFTER_N_MS 2
/*! /*
\} * \}
*/ */
/*! /*
\addtogroup remote_auth_methods * \addtogroup remote_auth_methods
\{ * \{
*/ */
/*! /*
\brief It defines the NULL authentication. * \brief It defines the NULL authentication.
*
This value has to be used within the 'type' member of the pcap_rmtauth structure. * This value has to be used within the 'type' member of the pcap_rmtauth structure.
The 'NULL' authentication has to be equal to 'zero', so that old applications * The 'NULL' authentication has to be equal to 'zero', so that old applications
can just put every field of struct pcap_rmtauth to zero, and it does work. * can just put every field of struct pcap_rmtauth to zero, and it does work.
*/ */
#define RPCAP_RMTAUTH_NULL 0 #define RPCAP_RMTAUTH_NULL 0
/*! /*
\brief It defines the username/password authentication. * \brief It defines the username/password authentication.
*
With this type of authentication, the RPCAP protocol will use the username/ * With this type of authentication, the RPCAP protocol will use the username/
password provided to authenticate the user on the remote machine. If the * password provided to authenticate the user on the remote machine. If the
authentication is successful (and the user has the right to open network devices) * authentication is successful (and the user has the right to open network devices)
the RPCAP connection will continue; otherwise it will be dropped. * the RPCAP connection will continue; otherwise it will be dropped.
*
This value has to be used within the 'type' member of the pcap_rmtauth structure. * This value has to be used within the 'type' member of the pcap_rmtauth structure.
*/ */
#define RPCAP_RMTAUTH_PWD 1 #define RPCAP_RMTAUTH_PWD 1
/*! /*
\} * \}
*/ */
/*! /*
* \brief This structure keeps the information needed to autheticate
\brief This structure keeps the information needed to autheticate * the user on a remote machine.
the user on a remote machine. *
* The remote machine can either grant or refuse the access according
The remote machine can either grant or refuse the access according * to the information provided.
to the information provided. * In case the NULL authentication is required, both 'username' and
In case the NULL authentication is required, both 'username' and * 'password' can be NULL pointers.
'password' can be NULL pointers. *
* This structure is meaningless if the source is not a remote interface;
This structure is meaningless if the source is not a remote interface; * in that case, the functions which requires such a structure can accept
in that case, the functions which requires such a structure can accept * a NULL pointer as well.
a NULL pointer as well. */
*/
struct pcap_rmtauth struct pcap_rmtauth
{ {
/*! /*
\brief Type of the authentication required. * \brief Type of the authentication required.
*
In order to provide maximum flexibility, we can support different types * In order to provide maximum flexibility, we can support different types
of authentication based on the value of this 'type' variable. The currently * of authentication based on the value of this 'type' variable. The currently
supported authentication methods are defined into the * supported authentication methods are defined into the
\link remote_auth_methods Remote Authentication Methods Section\endlink. * \link remote_auth_methods Remote Authentication Methods Section\endlink.
*/
*/
int type; int type;
/*! /*
\brief Zero-terminated string containing the username that has to be * \brief Zero-terminated string containing the username that has to be
used on the remote machine for authentication. * used on the remote machine for authentication.
*
This field is meaningless in case of the RPCAP_RMTAUTH_NULL authentication * This field is meaningless in case of the RPCAP_RMTAUTH_NULL authentication
and it can be NULL. * and it can be NULL.
*/ */
char *username; char *username;
/*! /*
\brief Zero-terminated string containing the password that has to be * \brief Zero-terminated string containing the password that has to be
used on the remote machine for authentication. * used on the remote machine for authentication.
*
This field is meaningless in case of the RPCAP_RMTAUTH_NULL authentication * This field is meaningless in case of the RPCAP_RMTAUTH_NULL authentication
and it can be NULL. * and it can be NULL.
*/ */
char *password; char *password;
}; };
/*! /*
\brief This structure defines the information related to sampling. * \brief This structure defines the information related to sampling.
*
In case the sampling is requested, the capturing device should read * In case the sampling is requested, the capturing device should read
only a subset of the packets coming from the source. The returned packets depend * only a subset of the packets coming from the source. The returned packets depend
on the sampling parameters. * on the sampling parameters.
*
\warning The sampling process is applied <strong>after</strong> the filtering process. * \warning The sampling process is applied <strong>after</strong> the filtering process.
In other words, packets are filtered first, then the sampling process selects a * In other words, packets are filtered first, then the sampling process selects a
subset of the 'filtered' packets and it returns them to the caller. * subset of the 'filtered' packets and it returns them to the caller.
*/ */
struct pcap_samp struct pcap_samp
{ {
/*! /*
Method used for sampling. Currently, the supported methods are listed in the * Method used for sampling. Currently, the supported methods are listed in the
\link remote_samp_methods Sampling Methods Section\endlink. * \link remote_samp_methods Sampling Methods Section\endlink.
*/ */
int method; int method;
/*! /*
This value depends on the sampling method defined. For its meaning, please check * This value depends on the sampling method defined. For its meaning, please check
at the \link remote_samp_methods Sampling Methods Section\endlink. * at the \link remote_samp_methods Sampling Methods Section\endlink.
*/ */
int value; int value;
}; };
//! Maximum length of an host name (needed for the RPCAP active mode) // Maximum length of an host name (needed for the RPCAP active mode)
#define RPCAP_HOSTLIST_SIZE 1024 #define RPCAP_HOSTLIST_SIZE 1024
/*! /*
\} * \}
*/ // end of public documentation */ // end of public documentation
// Exported functions // Exported functions
/** \name New WinPcap functions /*
* \name New WinPcap functions
This section lists the new functions that are able to help considerably in writing *
WinPcap programs because of their easiness of use. * This section lists the new functions that are able to help considerably in writing
* WinPcap programs because of their easiness of use.
*/ */
//\{ // \{
pcap_t *pcap_open(const char *source, int snaplen, int flags, int read_timeout, struct pcap_rmtauth *auth, char *errbuf); PCAP_API pcap_t *pcap_open(const char *source, int snaplen, int flags, int read_timeout, struct pcap_rmtauth *auth, char *errbuf);
int pcap_createsrcstr(char *source, int type, const char *host, const char *port, const char *name, char *errbuf); PCAP_API int pcap_createsrcstr(char *source, int type, const char *host, const char *port, const char *name, char *errbuf);
int pcap_parsesrcstr(const char *source, int *type, char *host, char *port, char *name, char *errbuf); PCAP_API int pcap_parsesrcstr(const char *source, int *type, char *host, char *port, char *name, char *errbuf);
int pcap_findalldevs_ex(char *source, struct pcap_rmtauth *auth, pcap_if_t **alldevs, char *errbuf); PCAP_API int pcap_findalldevs_ex(char *source, struct pcap_rmtauth *auth, pcap_if_t **alldevs, char *errbuf);
struct pcap_samp *pcap_setsampling(pcap_t *p); PCAP_API struct pcap_samp *pcap_setsampling(pcap_t *p);
//\} // \}
// End of new winpcap functions // End of new WinPcap functions
/*
* \name Remote Capture functions
/** \name Remote Capture functions
*/ */
//\{
SOCKET pcap_remoteact_accept(const char *address, const char *port, const char *hostlist, char *connectinghost, struct pcap_rmtauth *auth, char *errbuf); /*
int pcap_remoteact_list(char *hostlist, char sep, int size, char *errbuf); * Some minor differences between UN*X sockets and and Winsock sockets.
int pcap_remoteact_close(const char *host, char *errbuf); */
void pcap_remoteact_cleanup(); #ifndef _WIN32
//\} /*!
* \brief In Winsock, a socket handle is of type SOCKET; in UN*X, it's
* a file descriptor, and therefore a signed integer.
* We define SOCKET to be a signed integer on UN*X, so that it can
* be used on both platforms.
*/
#define SOCKET int
/*!
* \brief In Winsock, the error return if socket() fails is INVALID_SOCKET;
* in UN*X, it's -1.
* We define INVALID_SOCKET to be -1 on UN*X, so that it can be used on
* both platforms.
*/
#define INVALID_SOCKET -1
#endif
// \{
PCAP_API SOCKET pcap_remoteact_accept(const char *address, const char *port, const char *hostlist, char *connectinghost, struct pcap_rmtauth *auth, char *errbuf);
PCAP_API int pcap_remoteact_list(char *hostlist, char sep, int size, char *errbuf);
PCAP_API int pcap_remoteact_close(const char *host, char *errbuf);
PCAP_API void pcap_remoteact_cleanup();
// \}
// End of remote capture functions // End of remote capture functions
#ifdef __cplusplus #ifdef __cplusplus

6
nping/nping.vcxproj
View File

@@ -57,7 +57,7 @@
<ClCompile> <ClCompile>
<Optimization>Disabled</Optimization> <Optimization>Disabled</Optimization>
<AdditionalIncludeDirectories>.;..;..\mswin32;../nbase;..\nsock\include;..\mswin32\pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>.;..;..\mswin32;../nbase;..\nsock\include;..\mswin32\pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;_CONSOLE;BPF_MAJOR_VERSION;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<PreprocessToFile>false</PreprocessToFile> <PreprocessToFile>false</PreprocessToFile>
<PreprocessSuppressLineNumbers>false</PreprocessSuppressLineNumbers> <PreprocessSuppressLineNumbers>false</PreprocessSuppressLineNumbers>
<PreprocessKeepComments>false</PreprocessKeepComments> <PreprocessKeepComments>false</PreprocessKeepComments>
@@ -103,7 +103,7 @@
<Optimization>MaxSpeed</Optimization> <Optimization>MaxSpeed</Optimization>
<InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion> <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
<AdditionalIncludeDirectories>.;..;..\mswin32;../nbase;..\nsock\include;..\mswin32\pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories> <AdditionalIncludeDirectories>.;..;..\mswin32;../nbase;..\nsock\include;..\mswin32\pcap-include;..\libdnet-stripped\include;..\..\nmap-mswin32-aux\OpenSSL\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<PreprocessorDefinitions>WIN32;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions> <PreprocessorDefinitions>WIN32;_CONSOLE;BPF_MAJOR_VERSION;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<StringPooling>true</StringPooling> <StringPooling>true</StringPooling>
<FunctionLevelLinking>true</FunctionLevelLinking> <FunctionLevelLinking>true</FunctionLevelLinking>
<PrecompiledHeader> <PrecompiledHeader>
@@ -195,4 +195,4 @@
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets"> <ImportGroup Label="ExtensionTargets">
</ImportGroup> </ImportGroup>
</Project> </Project>