search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Updates to Tomato RAF including NGINX && PHP
[tomato.git] / release / src / router / libpcap / pcap-int.h
blob3ef76592c92ad97cde79731e336eb15980767ce3
1 /*
2 * Copyright (c) 1994, 1995, 1996
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the Computer Systems
16 * Engineering Group at Lawrence Berkeley Laboratory.
17 * 4. Neither the name of the University nor of the Laboratory may be used
18 * to endorse or promote products derived from this software without
19 * specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 * @(#) $Header: /tcpdump/master/libpcap/pcap-int.h,v 1.94 2008-09-16 00:20:23 guy Exp $ (LBL)
34 */
35
36 #ifndef pcap_int_h
37 #define pcap_int_h
38
39 #include <pcap/pcap.h>
40
41 #ifdef __cplusplus
42 extern "C" {
43 #endif
44
45 #ifdef HAVE_LIBDLPI
46 #include <libdlpi.h>
47 #endif
48
49 #ifdef WIN32
50 #include <Packet32.h>
51 extern CRITICAL_SECTION g_PcapCompileCriticalSection;
52 #endif /* WIN32 */
53
54 #ifdef MSDOS
55 #include <fcntl.h>
56 #include <io.h>
57 #endif
58
59 #ifdef HAVE_SNF_API
60 #include <snf.h>
61 #endif
62
63 #if (defined(_MSC_VER) && (_MSC_VER <= 1200)) /* we are compiling with Visual Studio 6, that doesn't support the LL suffix*/
64
65 /*
66 * Swap byte ordering of unsigned long long timestamp on a big endian
67 * machine.
68 */
69 #define SWAPLL(ull) ((ull & 0xff00000000000000) >> 56) | \
70 ((ull & 0x00ff000000000000) >> 40) | \
71 ((ull & 0x0000ff0000000000) >> 24) | \
72 ((ull & 0x000000ff00000000) >> 8) | \
73 ((ull & 0x00000000ff000000) << 8) | \
74 ((ull & 0x0000000000ff0000) << 24) | \
75 ((ull & 0x000000000000ff00) << 40) | \
76 ((ull & 0x00000000000000ff) << 56)
77
78 #else /* A recent Visual studio compiler or not VC */
79
80 /*
81 * Swap byte ordering of unsigned long long timestamp on a big endian
82 * machine.
83 */
84 #define SWAPLL(ull) ((ull & 0xff00000000000000LL) >> 56) | \
85 ((ull & 0x00ff000000000000LL) >> 40) | \
86 ((ull & 0x0000ff0000000000LL) >> 24) | \
87 ((ull & 0x000000ff00000000LL) >> 8) | \
88 ((ull & 0x00000000ff000000LL) << 8) | \
89 ((ull & 0x0000000000ff0000LL) << 24) | \
90 ((ull & 0x000000000000ff00LL) << 40) | \
91 ((ull & 0x00000000000000ffLL) << 56)
92
93 #endif /* _MSC_VER */
94
95 /*
96 * Savefile
97 */
98 typedef enum {
99 NOT_SWAPPED,
100 SWAPPED,
101 MAYBE_SWAPPED
102 } swapped_type_t;
103
104 /*
105 * Used when reading a savefile.
106 */
107 struct pcap_sf {
108 FILE *rfile;
109 int (*next_packet_op)(pcap_t *, struct pcap_pkthdr *, u_char **);
110 int swapped;
111 size_t hdrsize;
112 swapped_type_t lengths_swapped;
113 int version_major;
114 int version_minor;
115 bpf_u_int32 ifcount; /* number of interfaces seen in this capture */
116 u_int tsresol; /* time stamp resolution */
117 u_int tsscale; /* scaling factor for resolution -> microseconds */
118 u_int64_t tsoffset; /* time stamp offset */
119 };
120
121 /*
122 * Used when doing a live capture.
123 */
124 struct pcap_md {
125 struct pcap_stat stat;
126 /*XXX*/
127 int use_bpf; /* using kernel filter */
128 u_long TotPkts; /* can't oflow for 79 hrs on ether */
129 u_long TotAccepted; /* count accepted by filter */
130 u_long TotDrops; /* count of dropped packets */
131 long TotMissed; /* missed by i/f during this run */
132 long OrigMissed; /* missed by i/f before this run */
133 char *device; /* device name */
134 int timeout; /* timeout for buffering */
135 int must_do_on_close; /* stuff we must do when we close */
136 struct pcap *next; /* list of open pcaps that need stuff cleared on close */
137 #ifdef linux
138 int sock_packet; /* using Linux 2.0 compatible interface */
139 int cooked; /* using SOCK_DGRAM rather than SOCK_RAW */
140 int ifindex; /* interface index of device we're bound to */
141 int lo_ifindex; /* interface index of the loopback device */
142 u_int packets_read; /* count of packets read with recvfrom() */
143 bpf_u_int32 oldmode; /* mode to restore when turning monitor mode off */
144 char *mondevice; /* mac80211 monitor device we created */
145 u_char *mmapbuf; /* memory-mapped region pointer */
146 size_t mmapbuflen; /* size of region */
147 u_int tp_version; /* version of tpacket_hdr for mmaped ring */
148 u_int tp_hdrlen; /* hdrlen of tpacket_hdr for mmaped ring */
149 u_char *oneshot_buffer; /* buffer for copy of packet */
150 long proc_dropped; /* packets reported dropped by /proc/net/dev */
151 #endif /* linux */
152
153 #ifdef HAVE_DAG_API
154 #ifdef HAVE_DAG_STREAMS_API
155 u_char *dag_mem_bottom; /* DAG card current memory bottom pointer */
156 u_char *dag_mem_top; /* DAG card current memory top pointer */
157 #else /* HAVE_DAG_STREAMS_API */
158 void *dag_mem_base; /* DAG card memory base address */
159 u_int dag_mem_bottom; /* DAG card current memory bottom offset */
160 u_int dag_mem_top; /* DAG card current memory top offset */
161 #endif /* HAVE_DAG_STREAMS_API */
162 int dag_fcs_bits; /* Number of checksum bits from link layer */
163 int dag_offset_flags; /* Flags to pass to dag_offset(). */
164 int dag_stream; /* DAG stream number */
165 int dag_timeout; /* timeout specified to pcap_open_live.
166 * Same as in linux above, introduce
167 * generally? */
168 #endif /* HAVE_DAG_API */
169 #ifdef HAVE_SNF_API
170 snf_handle_t snf_handle; /* opaque device handle */
171 snf_ring_t snf_ring; /* opaque device ring handle */
172 int snf_timeout;
173 int snf_boardnum;
174 #endif /*HAVE_SNF_API*/
175
176 #ifdef HAVE_ZEROCOPY_BPF
177 /*
178 * Zero-copy read buffer -- for zero-copy BPF. 'buffer' above will
179 * alternative between these two actual mmap'd buffers as required.
180 * As there is a header on the front size of the mmap'd buffer, only
181 * some of the buffer is exposed to libpcap as a whole via bufsize;
182 * zbufsize is the true size. zbuffer tracks the current zbuf
183 * assocated with buffer so that it can be used to decide which the
184 * next buffer to read will be.
185 */
186 u_char *zbuf1, *zbuf2, *zbuffer;
187 u_int zbufsize;
188 u_int zerocopy;
189 u_int interrupted;
190 struct timespec firstsel;
191 /*
192 * If there's currently a buffer being actively processed, then it is
193 * referenced here; 'buffer' is also pointed at it, but offset by the
194 * size of the header.
195 */
196 struct bpf_zbuf_header *bzh;
197 #endif /* HAVE_ZEROCOPY_BPF */
198
199
200
201 #ifdef HAVE_REMOTE
202 /*!
203 There is really a mess with previous variables, and it seems to me that they are not used
204 (they are used in pcap_pf.c only). I think we have to start using them.
205 The meaning is the following:
206
207 - TotPkts: the amount of packets received by the bpf filter, *before* applying the filter
208 - TotAccepted: the amount of packets that satisfies the filter
209 - TotDrops: the amount of packet that were dropped into the kernel buffer because of lack of space
210 - TotMissed: the amount of packets that were dropped by the physical interface; it is basically
211 the value of the hardware counter into the card. This number is never put to zero, so this number
212 takes into account the *total* number of interface drops starting from the interface power-on.
213 - OrigMissed: the amount of packets that were dropped by the interface *when the capture begins*.
214 This value is used to detect the number of packets dropped by the interface *during the present
215 capture*, so that (ps_ifdrops= TotMissed - OrigMissed).
216 */
217 unsigned int TotNetDrops; //!< keeps the number of packets that have been dropped by the network
218 /*!
219 \brief It keeps the number of packets that have been received by the application.
220
221 Packets dropped by the kernel buffer are not counted in this variable. The variable is always
222 equal to (TotAccepted - TotDrops), exept for the case of remote capture, in which we have also
223 packets in fligh, i.e. that have been transmitted by the remote host, but that have not been
224 received (yet) from the client. In this case, (TotAccepted - TotDrops - TotNetDrops) gives a
225 wrong result, since this number does not corresponds always to the number of packet received by
226 the application. For this reason, in the remote capture we need another variable that takes
227 into account of the number of packets actually received by the application.
228 */
229 unsigned int TotCapt;
230 #endif /* HAVE_REMOTE */
231
232 };
233
234 /*
235 * Stuff to do when we close.
236 */
237 #define MUST_CLEAR_PROMISC 0x00000001 /* clear promiscuous mode */
238 #define MUST_CLEAR_RFMON 0x00000002 /* clear rfmon (monitor) mode */
239 #define MUST_DELETE_MONIF 0x00000004 /* delete monitor-mode interface */
240
241 struct pcap_opt {
242 int buffer_size;
243 char *source;
244 int promisc;
245 int rfmon;
246 int tstamp_type;
247 };
248
249 /*
250 * Ultrix, DEC OSF/1^H^H^H^H^H^H^H^H^HDigital UNIX^H^H^H^H^H^H^H^H^H^H^H^H
251 * Tru64 UNIX, and some versions of NetBSD pad FDDI packets to make everything
252 * line up on a nice boundary.
253 */
254 #ifdef __NetBSD__
255 #include <sys/param.h> /* needed to declare __NetBSD_Version__ */
256 #endif
257
258 #if defined(ultrix) || defined(__osf__) || (defined(__NetBSD__) && __NetBSD_Version__ > 106000000)
259 #define PCAP_FDDIPAD 3
260 #endif
261
262 typedef int (*activate_op_t)(pcap_t *);
263 typedef int (*can_set_rfmon_op_t)(pcap_t *);
264 typedef int (*read_op_t)(pcap_t *, int cnt, pcap_handler, u_char *);
265 typedef int (*inject_op_t)(pcap_t *, const void *, size_t);
266 typedef int (*setfilter_op_t)(pcap_t *, struct bpf_program *);
267 typedef int (*setdirection_op_t)(pcap_t *, pcap_direction_t);
268 typedef int (*set_datalink_op_t)(pcap_t *, int);
269 typedef int (*getnonblock_op_t)(pcap_t *, char *);
270 typedef int (*setnonblock_op_t)(pcap_t *, int, char *);
271 typedef int (*stats_op_t)(pcap_t *, struct pcap_stat *);
272 #ifdef WIN32
273 typedef int (*setbuff_op_t)(pcap_t *, int);
274 typedef int (*setmode_op_t)(pcap_t *, int);
275 typedef int (*setmintocopy_op_t)(pcap_t *, int);
276 #endif
277 typedef void (*cleanup_op_t)(pcap_t *);
278
279 struct pcap {
280 #ifdef WIN32
281 ADAPTER *adapter;
282 LPPACKET Packet;
283 int nonblock;
284 #else
285 int fd;
286 int selectable_fd;
287 int send_fd;
288 #endif /* WIN32 */
289
290 #ifdef HAVE_LIBDLPI
291 dlpi_handle_t dlpi_hd;
292 #endif
293 int snapshot;
294 int linktype; /* Network linktype */
295 int linktype_ext; /* Extended information stored in the linktype field of a file */
296 int tzoff; /* timezone offset */
297 int offset; /* offset for proper alignment */
298 int activated; /* true if the capture is really started */
299 int oldstyle; /* if we're opening with pcap_open_live() */
300
301 int break_loop; /* flag set to force break from packet-reading loop */
302
303 #ifdef PCAP_FDDIPAD
304 int fddipad;
305 #endif
306
307 #ifdef MSDOS
308 void (*wait_proc)(void); /* call proc while waiting */
309 #endif
310
311 struct pcap_sf sf;
312 struct pcap_md md;
313 struct pcap_opt opt;
314
315 /*
316 * Read buffer.
317 */
318 int bufsize;
319 u_char *buffer;
320 u_char *bp;
321 int cc;
322
323 /*
324 * Place holder for pcap_next().
325 */
326 u_char *pkt;
327
328 /* We're accepting only packets in this direction/these directions. */
329 pcap_direction_t direction;
330
331 /*
332 * Methods.
333 */
334 activate_op_t activate_op;
335 can_set_rfmon_op_t can_set_rfmon_op;
336 read_op_t read_op;
337 inject_op_t inject_op;
338 setfilter_op_t setfilter_op;
339 setdirection_op_t setdirection_op;
340 set_datalink_op_t set_datalink_op;
341 getnonblock_op_t getnonblock_op;
342 setnonblock_op_t setnonblock_op;
343 stats_op_t stats_op;
344
345 /*
346 * Routine to use as callback for pcap_next()/pcap_next_ex().
347 */
348 pcap_handler oneshot_callback;
349
350 #ifdef WIN32
351 /*
352 * These are, at least currently, specific to the Win32 NPF
353 * driver.
354 */
355 setbuff_op_t setbuff_op;
356 setmode_op_t setmode_op;
357 setmintocopy_op_t setmintocopy_op;
358 #endif
359 cleanup_op_t cleanup_op;
360
361 /*
362 * Placeholder for filter code if bpf not in kernel.
363 */
364 struct bpf_program fcode;
365
366 char errbuf[PCAP_ERRBUF_SIZE + 1];
367 int dlt_count;
368 u_int *dlt_list;
369 int tstamp_type_count;
370 u_int *tstamp_type_list;
371
372 struct pcap_pkthdr pcap_header; /* This is needed for the pcap_next_ex() to work */
373
374 #ifdef HAVE_REMOTE
375 /*! \brief '1' if we're the network client; needed by several functions (like pcap_setfilter() ) to know if
376 they have to use the socket or they have to open the local adapter. */
377 int rmt_clientside;
378
379 SOCKET rmt_sockctrl; //!< socket ID of the socket used for the control connection
380 SOCKET rmt_sockdata; //!< socket ID of the socket used for the data connection
381 int rmt_flags; //!< we have to save flags, since they are passed by the pcap_open_live(), but they are used by the pcap_startcapture()
382 int rmt_capstarted; //!< 'true' if the capture is already started (needed to knoe if we have to call the pcap_startcapture()
383 struct pcap_samp rmt_samp; //!< Keeps the parameters related to the sampling process.
384 char *currentfilter; //!< Pointer to a buffer (allocated at run-time) that stores the current filter. Needed when flag PCAP_OPENFLAG_NOCAPTURE_RPCAP is turned on.
385 #endif /* HAVE_REMOTE */
386 };
387
388 /*
389 * This is a timeval as stored in a savefile.
390 * It has to use the same types everywhere, independent of the actual
391 * `struct timeval'; `struct timeval' has 32-bit tv_sec values on some
392 * platforms and 64-bit tv_sec values on other platforms, and writing
393 * out native `struct timeval' values would mean files could only be
394 * read on systems with the same tv_sec size as the system on which
395 * the file was written.
396 */
397
398 struct pcap_timeval {
399 bpf_int32 tv_sec; /* seconds */
400 bpf_int32 tv_usec; /* microseconds */
401 };
402
403 /*
404 * This is a `pcap_pkthdr' as actually stored in a savefile.
405 *
406 * Do not change the format of this structure, in any way (this includes
407 * changes that only affect the length of fields in this structure),
408 * and do not make the time stamp anything other than seconds and
409 * microseconds (e.g., seconds and nanoseconds). Instead:
410 *
411 * introduce a new structure for the new format;
412 *
413 * send mail to "tcpdump-workers@lists.tcpdump.org", requesting
414 * a new magic number for your new capture file format, and, when
415 * you get the new magic number, put it in "savefile.c";
416 *
417 * use that magic number for save files with the changed record
418 * header;
419 *
420 * make the code in "savefile.c" capable of reading files with
421 * the old record header as well as files with the new record header
422 * (using the magic number to determine the header format).
423 *
424 * Then supply the changes as a patch at
425 *
426 * http://sourceforge.net/projects/libpcap/
427 *
428 * so that future versions of libpcap and programs that use it (such as
429 * tcpdump) will be able to read your new capture file format.
430 */
431
432 struct pcap_sf_pkthdr {
433 struct pcap_timeval ts; /* time stamp */
434 bpf_u_int32 caplen; /* length of portion present */
435 bpf_u_int32 len; /* length this packet (off wire) */
436 };
437
438 /*
439 * How a `pcap_pkthdr' is actually stored in savefiles written
440 * by some patched versions of libpcap (e.g. the ones in Red
441 * Hat Linux 6.1 and 6.2).
442 *
443 * Do not change the format of this structure, in any way (this includes
444 * changes that only affect the length of fields in this structure).
445 * Instead, introduce a new structure, as per the above.
446 */
447
448 struct pcap_sf_patched_pkthdr {
449 struct pcap_timeval ts; /* time stamp */
450 bpf_u_int32 caplen; /* length of portion present */
451 bpf_u_int32 len; /* length this packet (off wire) */
452 int index;
453 unsigned short protocol;
454 unsigned char pkt_type;
455 };
456
457 /*
458 * User data structure for the one-shot callback used for pcap_next()
459 * and pcap_next_ex().
460 */
461 struct oneshot_userdata {
462 struct pcap_pkthdr *hdr;
463 const u_char **pkt;
464 pcap_t *pd;
465 };
466
467 int yylex(void);
468
469 #ifndef min
470 #define min(a, b) ((a) > (b) ? (b) : (a))
471 #endif
472
473 /* XXX should these be in pcap.h? */
474 int pcap_offline_read(pcap_t *, int, pcap_handler, u_char *);
475 int pcap_read(pcap_t *, int cnt, pcap_handler, u_char *);
476
477 #ifndef HAVE_STRLCPY
478 #define strlcpy(x, y, z) \
479 (strncpy((x), (y), (z)), \
480 ((z) <= 0 ? 0 : ((x)[(z) - 1] = '\0')), \
481 strlen((y)))
482 #endif
483
484 #include <stdarg.h>
485
486 #if !defined(HAVE_SNPRINTF)
487 #define snprintf pcap_snprintf
488 extern int snprintf (char *, size_t, const char *, ...);
489 #endif
490
491 #if !defined(HAVE_VSNPRINTF)
492 #define vsnprintf pcap_vsnprintf
493 extern int vsnprintf (char *, size_t, const char *, va_list ap);
494 #endif
495
496 /*
497 * Routines that most pcap implementations can use for non-blocking mode.
498 */
499 #if !defined(WIN32) && !defined(MSDOS)
500 int pcap_getnonblock_fd(pcap_t *, char *);
501 int pcap_setnonblock_fd(pcap_t *p, int, char *);
502 #endif
503
504 pcap_t *pcap_create_common(const char *, char *);
505 int pcap_do_addexit(pcap_t *);
506 void pcap_add_to_pcaps_to_close(pcap_t *);
507 void pcap_remove_from_pcaps_to_close(pcap_t *);
508 void pcap_cleanup_live_common(pcap_t *);
509 int pcap_not_initialized(pcap_t *);
510 int pcap_check_activated(pcap_t *);
511
512 /*
513 * Internal interfaces for "pcap_findalldevs()".
514 *
515 * "pcap_platform_finddevs()" is a platform-dependent routine to
516 * add devices not found by the "standard" mechanisms (SIOCGIFCONF,
517 * "getifaddrs()", etc..
518 *
519 * "pcap_add_if()" adds an interface to the list of interfaces.
520 */
521 int pcap_platform_finddevs(pcap_if_t **, char *);
522 int add_addr_to_iflist(pcap_if_t **, const char *, u_int, struct sockaddr *,
523 size_t, struct sockaddr *, size_t, struct sockaddr *, size_t,
524 struct sockaddr *, size_t, char *);
525 int pcap_add_if(pcap_if_t **, const char *, u_int, const char *, char *);
526 struct sockaddr *dup_sockaddr(struct sockaddr *, size_t);
527 int add_or_find_if(pcap_if_t **, pcap_if_t **, const char *, u_int,
528 const char *, char *);
529
530 #ifdef WIN32
531 char *pcap_win32strerror(void);
532 #endif
533
534 int install_bpf_program(pcap_t *, struct bpf_program *);
535
536 int pcap_strcasecmp(const char *, const char *);
537
538 #ifdef __cplusplus
539 }
540 #endif
541
542 #endif
Tomato firmware and modifications.