/usr/include/wireshark/epan/epan.h is in libwireshark-dev 2.0.2+ga16e22e-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 | /* epan.h
*
* Wireshark Protocol Analyzer Library
*
* Copyright (c) 2001 by Gerald Combs <gerald@wireshark.org>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef __EPAN_H__
#define __EPAN_H__
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
#include <glib.h>
#include "frame_data.h"
#include "register.h"
#include "ws_symbol_export.h"
typedef struct epan_dissect epan_dissect_t;
struct epan_dfilter;
struct epan_column_info;
/**
@mainpage Wireshark EPAN the packet analyzing engine. Source code can be found in the epan directory
@section Introduction
XXX
@b Sections:
*/
/*
Ref 1
Epan
Ethereal Packet ANalyzer (XXX - is this correct?) the packet analyzing engine. Source code can be found in the epan directory.
Protocol-Tree - Keep data of the capture file protocol information.
Dissectors - The various protocol dissectors in epan/dissectors.
Plugins - Some of the protocol dissectors are implemented as plugins. Source code can be found at plugins.
Display-Filters - the display filter engine at epan/dfilter
Ref2 for further edits - delete when done
\section Introduction
This document describes the data structures and the functions exported by the CACE Technologies AirPcap library.
The AirPcap library provides low-level access to the AirPcap driver including advanced capabilities such as channel setting,
link type control and WEP configuration.<br>
This manual includes the following sections:
\note throughout this documentation, \e device refers to a physical USB AirPcap device, while \e adapter is an open API
instance. Most of the AirPcap API operations are adapter-specific but some of them, like setting the channel, are
per-device and will be reflected on all the open adapters. These functions will have "Device" in their name, e.g.
AirpcapSetDeviceChannel().
\b Sections:
- \ref airpcapfuncs
- \ref airpcapdefs
- \ref radiotap
*/
/*
* Register all the plugin types that are part of libwireshark.
*
* Must be called before init_plugins(), which must be called before
* any registration routines are called, i.e. before epan_init().
*
* Must be called only once in a program.
*/
WS_DLL_PUBLIC void epan_register_plugin_types(void);
/** init the whole epan module, this is used to be called only once in a program */
WS_DLL_PUBLIC
void epan_init(void (*register_all_protocols_func)(register_cb cb, gpointer client_data),
void (*register_all_handoffs_func)(register_cb cb, gpointer client_data),
register_cb cb, void *client_data);
/** cleanup the whole epan module, this is used to be called only once in a program */
WS_DLL_PUBLIC
void epan_cleanup(void);
/**
* Initialize the table of conversations. Conversations are identified by
* their endpoints; they are used for protocols such as IP, TCP, and UDP,
* where packets contain endpoint information but don't contain a single
* value indicating to which flow the packet belongs.
*/
void epan_conversation_init(void);
void epan_conversation_cleanup(void);
/**
* Initialize the table of circuits. Circuits are identified by a
* circuit ID; they are used for protocols where packets *do* contain
* a circuit ID value indicating to which flow the packet belongs.
*
* We might want to make a superclass for both endpoint-specified
* conversations and circuit ID-specified circuits, so we can attach
* information either to a circuit or a conversation with common
* code.
*/
void epan_circuit_init(void);
void epan_circuit_cleanup(void);
/** A client will create one epan_t for an entire dissection session.
* A single epan_t will be used to analyze the entire sequence of packets,
* sequentially, in a single session. A session corresponds to a single
* packet trace file. The reaons epan_t exists is that some packets in
* some protocols cannot be decoded without knowledge of previous packets.
* This inter-packet "state" is stored in the epan_t.
*/
typedef struct epan_session epan_t;
WS_DLL_PUBLIC epan_t *epan_new(void);
WS_DLL_PUBLIC const char *epan_get_user_comment(const epan_t *session, const frame_data *fd);
WS_DLL_PUBLIC const char *epan_get_interface_name(const epan_t *session, guint32 interface_id);
const nstime_t *epan_get_frame_ts(const epan_t *session, guint32 frame_num);
WS_DLL_PUBLIC void epan_free(epan_t *session);
WS_DLL_PUBLIC const gchar*
epan_get_version(void);
/**
* Set/unset the tree to always be visible when epan_dissect_init() is called.
* This state change sticks until cleared, rather than being done per function call.
* This is currently used when Lua scripts request all fields be generated.
* By default it only becomes visible if epan_dissect_init() makes it so, usually
* only when a packet is selected.
* Setting this overrides that so it's always visible, although it will still not be
* created if create_proto_tree is false in the call to epan_dissect_init().
* Clearing this reverts the decision to epan_dissect_init() and proto_tree_visible.
*/
void epan_set_always_visible(gboolean force);
/** initialize an existing single packet dissection */
WS_DLL_PUBLIC
epan_dissect_t*
epan_dissect_init(epan_dissect_t *edt, epan_t *session, const gboolean create_proto_tree, const gboolean proto_tree_visible);
/** get a new single packet dissection
* should be freed using epan_dissect_free() after packet dissection completed
*/
WS_DLL_PUBLIC
epan_dissect_t*
epan_dissect_new(epan_t *session, const gboolean create_proto_tree, const gboolean proto_tree_visible);
WS_DLL_PUBLIC
void
epan_dissect_reset(epan_dissect_t *edt);
/** Indicate whether we should fake protocols or not */
WS_DLL_PUBLIC
void
epan_dissect_fake_protocols(epan_dissect_t *edt, const gboolean fake_protocols);
/** run a single packet dissection */
WS_DLL_PUBLIC
void
epan_dissect_run(epan_dissect_t *edt, int file_type_subtype,
struct wtap_pkthdr *phdr, tvbuff_t *tvb, frame_data *fd,
struct epan_column_info *cinfo);
WS_DLL_PUBLIC
void
epan_dissect_run_with_taps(epan_dissect_t *edt, int file_type_subtype,
struct wtap_pkthdr *phdr, tvbuff_t *tvb, frame_data *fd,
struct epan_column_info *cinfo);
/** run a single file packet dissection */
WS_DLL_PUBLIC
void
epan_dissect_file_run(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
tvbuff_t *tvb, frame_data *fd, struct epan_column_info *cinfo);
WS_DLL_PUBLIC
void
epan_dissect_file_run_with_taps(epan_dissect_t *edt, struct wtap_pkthdr *phdr,
tvbuff_t *tvb, frame_data *fd, struct epan_column_info *cinfo);
/** Prime a proto_tree using the fields/protocols used in a dfilter. */
WS_DLL_PUBLIC
void
epan_dissect_prime_dfilter(epan_dissect_t *edt, const struct epan_dfilter *dfcode);
/** fill the dissect run output into the packet list columns */
WS_DLL_PUBLIC
void
epan_dissect_fill_in_columns(epan_dissect_t *edt, const gboolean fill_col_exprs, const gboolean fill_fd_colums);
/** Check whether a dissected packet contains a given named field */
WS_DLL_PUBLIC
gboolean
epan_dissect_packet_contains_field(epan_dissect_t* edt,
const char *field_name);
/** releases resources attached to the packet dissection. DOES NOT free the actual pointer */
WS_DLL_PUBLIC
void
epan_dissect_cleanup(epan_dissect_t* edt);
/** free a single packet dissection */
WS_DLL_PUBLIC
void
epan_dissect_free(epan_dissect_t* edt);
/** Sets custom column */
const gchar *
epan_custom_set(epan_dissect_t *edt, GSList *ids, gint occurrence,
gchar *result, gchar *expr, const int size);
/**
* Get compile-time information for libraries used by libwireshark.
*/
WS_DLL_PUBLIC
void
epan_get_compiled_version_info(GString *str);
/**
* Get runtime information for libraries used by libwireshark.
*/
WS_DLL_PUBLIC
void
epan_get_runtime_version_info(GString *str);
#ifdef __cplusplus
}
#endif /* __cplusplus */
#endif /* __EPAN_H__ */
|