Unleashed v1.4
[unleashed.git] / contrib / libpcap / remote-ext.h
blobed2f9bb2be849433fed09921d54a50d455611a39
1 /*
2 * Copyright (c) 2002 - 2003
3 * NetGroup, Politecnico di Torino (Italy)
4 * All rights reserved.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the Politecnico di Torino nor the names of its
16 * contributors may be used to endorse or promote products derived from
17 * this software without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
23 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
26 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
27 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 #ifndef __REMOTE_EXT_H__
35 #define __REMOTE_EXT_H__
38 #ifndef HAVE_REMOTE
39 #error Please do not include this file directly. Just define HAVE_REMOTE and then include pcap.h
40 #endif
42 /*// Definition for Microsoft Visual Studio */
43 #if _MSC_VER > 1000
44 #pragma once
45 #endif
47 #ifdef __cplusplus
48 extern "C" {
49 #endif
52 * \file remote-ext.h
54 * The goal of this file it to include most of the new definitions that should be
55 * placed into the pcap.h file.
57 * It includes all new definitions (structures and functions like pcap_open().
58 * Some of the functions are not really a remote feature, but, right now,
59 * they are placed here.
64 /*// All this stuff is public */
66 * \addtogroup remote_struct
67 * \{
74 * \brief Defines the maximum buffer size in which address, port, interface names are kept.
76 * In case the adapter name or such is larger than this value, it is truncated.
77 * This is not used by the user; however it must be aware that an hostname / interface
78 * name longer than this value will be truncated.
80 #define PCAP_BUF_SIZE 1024
84 * \addtogroup remote_source_ID
85 * \{
90 * \brief Internal representation of the type of source in use (file,
91 * remote/local interface).
93 * This indicates a file, i.e. the user want to open a capture from a local file.
95 #define PCAP_SRC_FILE 2
97 * \brief Internal representation of the type of source in use (file,
98 * remote/local interface).
100 * This indicates a local interface, i.e. the user want to open a capture from
101 * a local interface. This does not involve the RPCAP protocol.
103 #define PCAP_SRC_IFLOCAL 3
105 * \brief Internal representation of the type of source in use (file,
106 * remote/local interface).
108 * This indicates a remote interface, i.e. the user want to open a capture from
109 * an interface on a remote host. This does involve the RPCAP protocol.
111 #define PCAP_SRC_IFREMOTE 4
114 * \}
119 /* \addtogroup remote_source_string
121 * The formats allowed by the pcap_open() are the following:
122 * - file://path_and_filename [opens a local file]
123 * - rpcap://devicename [opens the selected device devices available on the local host, without using the RPCAP protocol]
124 * - rpcap://host/devicename [opens the selected device available on a remote host]
125 * - rpcap://host:port/devicename [opens the selected device available on a remote host, using a non-standard port for RPCAP]
126 * - adaptername [to open a local adapter; kept for compability, but it is strongly discouraged]
127 * - (NULL) [to open the first local adapter; kept for compability, but it is strongly discouraged]
129 * The formats allowed by the pcap_findalldevs_ex() are the following:
130 * - file://folder/ [lists all the files in the given folder]
131 * - rpcap:// [lists all local adapters]
132 * - rpcap://host:port/ [lists the devices available on a remote host]
134 * Referring to the 'host' and 'port' parameters, they can be either numeric or literal. Since
135 * IPv6 is fully supported, these are the allowed formats:
137 * - host (literal): e.g. host.foo.bar
138 * - host (numeric IPv4): e.g. 10.11.12.13
139 * - host (numeric IPv4, IPv6 style): e.g. [10.11.12.13]
140 * - host (numeric IPv6): e.g. [1:2:3::4]
141 * - port: can be either numeric (e.g. '80') or literal (e.g. 'http')
143 * Here you find some allowed examples:
144 * - rpcap://host.foo.bar/devicename [everything literal, no port number]
145 * - rpcap://host.foo.bar:1234/devicename [everything literal, with port number]
146 * - rpcap://10.11.12.13/devicename [IPv4 numeric, no port number]
147 * - rpcap://10.11.12.13:1234/devicename [IPv4 numeric, with port number]
148 * - rpcap://[10.11.12.13]:1234/devicename [IPv4 numeric with IPv6 format, with port number]
149 * - rpcap://[1:2:3::4]/devicename [IPv6 numeric, no port number]
150 * - rpcap://[1:2:3::4]:1234/devicename [IPv6 numeric, with port number]
151 * - rpcap://[1:2:3::4]:http/devicename [IPv6 numeric, with literal port number]
153 * \{
158 * \brief String that will be used to determine the type of source in use (file,
159 * remote/local interface).
161 * This string will be prepended to the interface name in order to create a string
162 * that contains all the information required to open the source.
164 * This string indicates that the user wants to open a capture from a local file.
166 #define PCAP_SRC_FILE_STRING "file://"
168 * \brief String that will be used to determine the type of source in use (file,
169 * remote/local interface).
171 * This string will be prepended to the interface name in order to create a string
172 * that contains all the information required to open the source.
174 * This string indicates that the user wants to open a capture from a network interface.
175 * This string does not necessarily involve the use of the RPCAP protocol. If the
176 * interface required resides on the local host, the RPCAP protocol is not involved
177 * and the local functions are used.
179 #define PCAP_SRC_IF_STRING "rpcap://"
182 * \}
190 * \addtogroup remote_open_flags
191 * \{
195 * \brief Defines if the adapter has to go in promiscuous mode.
197 * It is '1' if you have to open the adapter in promiscuous mode, '0' otherwise.
198 * Note that even if this parameter is false, the interface could well be in promiscuous
199 * mode for some other reason (for example because another capture process with
200 * promiscuous mode enabled is currently using that interface).
201 * On on Linux systems with 2.2 or later kernels (that have the "any" device), this
202 * flag does not work on the "any" device; if an argument of "any" is supplied,
203 * the 'promisc' flag is ignored.
205 #define PCAP_OPENFLAG_PROMISCUOUS 1
208 * \brief Defines if the data transfer (in case of a remote
209 * capture) has to be done with UDP protocol.
211 * If it is '1' if you want a UDP data connection, '0' if you want
212 * a TCP data connection; control connection is always TCP-based.
213 * A UDP connection is much lighter, but it does not guarantee that all
214 * the captured packets arrive to the client workstation. Moreover,
215 * it could be harmful in case of network congestion.
216 * This flag is meaningless if the source is not a remote interface.
217 * In that case, it is simply ignored.
219 #define PCAP_OPENFLAG_DATATX_UDP 2
223 * \brief Defines if the remote probe will capture its own generated traffic.
225 * In case the remote probe uses the same interface to capture traffic and to send
226 * data back to the caller, the captured traffic includes the RPCAP traffic as well.
227 * If this flag is turned on, the RPCAP traffic is excluded from the capture, so that
228 * the trace returned back to the collector is does not include this traffic.
230 #define PCAP_OPENFLAG_NOCAPTURE_RPCAP 4
233 * \brief Defines if the local adapter will capture its own generated traffic.
235 * This flag tells the underlying capture driver to drop the packets that were sent by itself.
236 * This is useful when building applications like bridges, that should ignore the traffic
237 * they just sent.
239 #define PCAP_OPENFLAG_NOCAPTURE_LOCAL 8
242 * \brief This flag configures the adapter for maximum responsiveness.
244 * In presence of a large value for nbytes, WinPcap waits for the arrival of several packets before
245 * copying the data to the user. This guarantees a low number of system calls, i.e. lower processor usage,
246 * i.e. better performance, which is good for applications like sniffers. If the user sets the
247 * PCAP_OPENFLAG_MAX_RESPONSIVENESS flag, the capture driver will copy the packets as soon as the application
248 * is ready to receive them. This is suggested for real time applications (like, for example, a bridge)
249 * that need the best responsiveness.
251 #define PCAP_OPENFLAG_MAX_RESPONSIVENESS 16
254 * \}
259 * \addtogroup remote_samp_methods
260 * \{
264 *\brief No sampling has to be done on the current capture.
266 * In this case, no sampling algorithms are applied to the current capture.
268 #define PCAP_SAMP_NOSAMP 0
271 * \brief It defines that only 1 out of N packets must be returned to the user.
273 * In this case, the 'value' field of the 'pcap_samp' structure indicates the
274 * number of packets (minus 1) that must be discarded before one packet got accepted.
275 * In other words, if 'value = 10', the first packet is returned to the caller, while
276 * the following 9 are discarded.
278 #define PCAP_SAMP_1_EVERY_N 1
281 * \brief It defines that we have to return 1 packet every N milliseconds.
283 * In this case, the 'value' field of the 'pcap_samp' structure indicates the 'waiting
284 * time' in milliseconds before one packet got accepted.
285 * In other words, if 'value = 10', the first packet is returned to the caller; the next
286 * returned one will be the first packet that arrives when 10ms have elapsed.
288 #define PCAP_SAMP_FIRST_AFTER_N_MS 2
291 * \}
296 * \addtogroup remote_auth_methods
297 * \{
301 * \brief It defines the NULL authentication.
303 * This value has to be used within the 'type' member of the pcap_rmtauth structure.
304 * The 'NULL' authentication has to be equal to 'zero', so that old applications
305 * can just put every field of struct pcap_rmtauth to zero, and it does work.
307 #define RPCAP_RMTAUTH_NULL 0
309 * \brief It defines the username/password authentication.
311 * With this type of authentication, the RPCAP protocol will use the username/
312 * password provided to authenticate the user on the remote machine. If the
313 * authentication is successful (and the user has the right to open network devices)
314 * the RPCAP connection will continue; otherwise it will be dropped.
316 * This value has to be used within the 'type' member of the pcap_rmtauth structure.
318 #define RPCAP_RMTAUTH_PWD 1
321 * \}
328 * \brief This structure keeps the information needed to autheticate
329 * the user on a remote machine.
331 * The remote machine can either grant or refuse the access according
332 * to the information provided.
333 * In case the NULL authentication is required, both 'username' and
334 * 'password' can be NULL pointers.
336 * This structure is meaningless if the source is not a remote interface;
337 * in that case, the functions which requires such a structure can accept
338 * a NULL pointer as well.
340 struct pcap_rmtauth
343 * \brief Type of the authentication required.
345 * In order to provide maximum flexibility, we can support different types
346 * of authentication based on the value of this 'type' variable. The currently
347 * supported authentication methods are defined into the
348 * \link remote_auth_methods Remote Authentication Methods Section\endlink.
350 int type;
352 * \brief Zero-terminated string containing the username that has to be
353 * used on the remote machine for authentication.
355 * This field is meaningless in case of the RPCAP_RMTAUTH_NULL authentication
356 * and it can be NULL.
358 char *username;
360 * \brief Zero-terminated string containing the password that has to be
361 * used on the remote machine for authentication.
363 * This field is meaningless in case of the RPCAP_RMTAUTH_NULL authentication
364 * and it can be NULL.
366 char *password;
371 * \brief This structure defines the information related to sampling.
373 * In case the sampling is requested, the capturing device should read
374 * only a subset of the packets coming from the source. The returned packets depend
375 * on the sampling parameters.
377 * \warning The sampling process is applied <strong>after</strong> the filtering process.
378 * In other words, packets are filtered first, then the sampling process selects a
379 * subset of the 'filtered' packets and it returns them to the caller.
381 struct pcap_samp
384 * Method used for sampling. Currently, the supported methods are listed in the
385 * \link remote_samp_methods Sampling Methods Section\endlink.
387 int method;
390 * This value depends on the sampling method defined. For its meaning, please check
391 * at the \link remote_samp_methods Sampling Methods Section\endlink.
393 int value;
399 // Maximum length of an host name (needed for the RPCAP active mode)
400 #define RPCAP_HOSTLIST_SIZE 1024
404 * \}
405 */ // end of public documentation
408 // Exported functions
413 * \name New WinPcap functions
415 * This section lists the new functions that are able to help considerably in writing
416 * WinPcap programs because of their easiness of use.
418 // \{
419 PCAP_API pcap_t *pcap_open(const char *source, int snaplen, int flags, int read_timeout, struct pcap_rmtauth *auth, char *errbuf);
420 PCAP_API int pcap_createsrcstr(char *source, int type, const char *host, const char *port, const char *name, char *errbuf);
421 PCAP_API int pcap_parsesrcstr(const char *source, int *type, char *host, char *port, char *name, char *errbuf);
422 PCAP_API int pcap_findalldevs_ex(char *source, struct pcap_rmtauth *auth, pcap_if_t **alldevs, char *errbuf);
423 PCAP_API struct pcap_samp *pcap_setsampling(pcap_t *p);
425 // \}
426 // End of new WinPcap functions
429 * \name Remote Capture functions
433 * Some minor differences between UN*X sockets and and Winsock sockets.
435 #ifndef _WIN32
437 * \brief In Winsock, a socket handle is of type SOCKET; in UN*X, it's
438 * a file descriptor, and therefore a signed integer.
439 * We define SOCKET to be a signed integer on UN*X, so that it can
440 * be used on both platforms.
442 #define SOCKET int
445 * \brief In Winsock, the error return if socket() fails is INVALID_SOCKET;
446 * in UN*X, it's -1.
447 * We define INVALID_SOCKET to be -1 on UN*X, so that it can be used on
448 * both platforms.
450 #define INVALID_SOCKET -1
451 #endif
453 // \{
454 PCAP_API SOCKET pcap_remoteact_accept(const char *address, const char *port, const char *hostlist, char *connectinghost, struct pcap_rmtauth *auth, char *errbuf);
455 PCAP_API int pcap_remoteact_list(char *hostlist, char sep, int size, char *errbuf);
456 PCAP_API int pcap_remoteact_close(const char *host, char *errbuf);
457 PCAP_API void pcap_remoteact_cleanup();
458 // \}
459 // End of remote capture functions
461 #ifdef __cplusplus
463 #endif
466 #endif