search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
FIXUP: WIP: verification_trailer
[wireshark-wip.git] / epan / packet_info.h
blobb4d48cb5683166f832db1679694bfd0b88decbad
1 /* packet_info.h
2 * Definitions for packet info structures and routines
3 *
4 * $Id$
5 *
6 * Wireshark - Network traffic analyzer
7 * By Gerald Combs <gerald@wireshark.org>
8 * Copyright 1998 Gerald Combs
9 *
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version 2
13 * of the License, or (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
24
25 #ifndef __PACKET_INFO_H__
26 #define __PACKET_INFO_H__
27
28 #include "frame_data.h"
29 #include "tvbuff.h"
30 #include "address.h"
31
32 /** @file
33 * Dissected packet data and metadata.
34 */
35
36 /** @defgroup packetinfo Packet Data and Metadata
37 *
38 * @{
39 */
40
41 /* Also defined in wiretap/wtap.h */
42 #define P2P_DIR_UNKNOWN -1
43 #define P2P_DIR_SENT 0
44 #define P2P_DIR_RECV 1
45
46 /* Link direction */
47 #define LINK_DIR_UNKNOWN -1
48 #define P2P_DIR_UL 0
49 #define P2P_DIR_DL 1
50
51 #define PINFO_SOF_FIRST_FRAME 0x1
52 #define PINFO_SOF_SOFF 0x2
53 #define PINFO_EOF_LAST_FRAME 0x80
54 #define PINFO_EOF_INVALID 0x40
55 #define MAX_NUMBER_OF_PPIDS 2
56
57 typedef struct _packet_info {
58 const char *current_proto; /**< name of protocol currently being dissected */
59 column_info *cinfo; /**< Column formatting information */
60 frame_data *fd;
61 union wtap_pseudo_header *pseudo_header;
62 struct wtap_pkthdr *phdr;
63 GSList *data_src; /**< Frame data sources */
64 address dl_src; /**< link-layer source address */
65 address dl_dst; /**< link-layer destination address */
66 address net_src; /**< network-layer source address */
67 address net_dst; /**< network-layer destination address */
68 address src; /**< source address (net if present, DL otherwise )*/
69 address dst; /**< destination address (net if present, DL otherwise )*/
70 guint32 ethertype; /**< Ethernet Type Code, if this is an Ethernet packet */
71 guint32 ipproto; /**< IP protocol, if this is an IP packet */
72 guint32 mpls_label; /**< last mpls label in label stack, if this is a MPLS packet */
73 circuit_type ctype; /**< type of circuit, for protocols with a VC identifier */
74 guint32 circuit_id; /**< circuit ID, for protocols with a VC identifier */
75 const char *noreassembly_reason; /**< reason why reassembly wasn't done, if any */
76 gboolean fragmented; /**< TRUE if the protocol is only a fragment */
77 struct {
78 guint32 in_error_pkt:1; /**< TRUE if we're inside an {ICMP,CLNP,...} error packet */
79 guint32 in_gre_pkt:1; /**< TRUE if we're encapsulated inside a GRE packet */
80 } flags;
81 port_type ptype; /**< type of the following two port numbers */
82 guint32 srcport; /**< source port */
83 guint32 destport; /**< destination port */
84 guint32 match_uint; /**< matched uint for calling subdissector from table */
85 const char *match_string; /**< matched string for calling subdissector from table */
86 guint16 can_desegment; /**< >0 if this segment could be desegmented.
87 A dissector that can offer this API (e.g.
88 TCP) sets can_desegment=2, then
89 can_desegment is decremented by 1 each time
90 we pass to the next subdissector. Thus only
91 the dissector immediately above the
92 protocol which sets the flag can use it*/
93 guint16 saved_can_desegment; /**< Value of can_desegment before current
94 dissector was called. Supplied so that
95 dissectors for proxy protocols such as
96 SOCKS can restore it, allowing the
97 dissectors that they call to use the
98 TCP dissector's desegmentation (SOCKS
99 just retransmits TCP segments once it's
100 finished setting things up, so the TCP
101 desegmentor can desegment its payload). */
102 int desegment_offset; /**< offset to stuff needing desegmentation */
103 #define DESEGMENT_ONE_MORE_SEGMENT 0x0fffffff
104 #define DESEGMENT_UNTIL_FIN 0x0ffffffe
105 guint32 desegment_len; /**< requested desegmentation additional length
106 or
107 DESEGMENT_ONE_MORE_SEGMENT:
108 Desegment one more full segment
109 (warning! only partially implemented)
110 DESEGMENT_UNTIL_FIN:
111 Desgment all data for this tcp session
112 until the FIN segment.
113 */
114 guint16 want_pdu_tracking; /**< >0 if the subdissector has specified
115 a value in 'bytes_until_next_pdu'.
116 When a dissector detects that the next PDU
117 will start beyond the start of the next
118 segment, it can set this value to 2
119 and 'bytes_until_next_pdu' to the number of
120 bytes beyond the next segment where the
121 next PDU starts.
122
123 If the protocol dissector below this
124 one is capable of PDU tracking it can
125 use this hint to detect PDUs that starts
126 unaligned to the segment boundaries.
127 The TCP dissector is using this hint from
128 (some) protocols to detect when a new PDU
129 starts in the middle of a tcp segment.
130
131 There is intelligence in the glue between
132 dissector layers to make sure that this
133 request is only passed down to the protocol
134 immediately below the current one and not
135 any further.
136 */
137 guint32 bytes_until_next_pdu;
138
139 guint8 ip_ttl; /**< IP time to live */
140 int p2p_dir; /**< Packet was captured as an
141 outbound (P2P_DIR_SENT)
142 inbound (P2P_DIR_RECV)
143 unknown (P2P_DIR_UNKNOWN) */
144 guint16 oxid; /**< next 2 fields reqd to identify fibre */
145 guint16 rxid; /**< channel conversations */
146 guint8 r_ctl; /**< R_CTL field in Fibre Channel Protocol */
147 guint8 sof_eof; /**< FC's SOF/EOF encoding passed to FC decoder
148 * Bit 7 set if Last frame in sequence
149 * Bit 6 set if invalid frame content
150 * Bit 2 set if SOFf
151 * Bit 1 set if first frame in sequence
152 */
153
154 /* Extra data for DCERPC handling and tracking of context ids */
155 guint16 dcectxid; /**< Context ID (DCERPC-specific) */
156 int dcetransporttype; /**< Transport type
157 * Value -1 means "not a DCERPC packet"
158 */
159 guint16 dcetransportsalt; /**< fid: if transporttype==DCE_CN_TRANSPORT_SMBPIPE */
160
161 /**< Extra data for handling of decryption of GSSAPI wrapped tvbuffs.
162 Caller sets decrypt_gssapi_tvb if this service is requested.
163 If gssapi_encrypted_tvb is NULL, then the rest of the tvb data following
164 the gssapi blob itself is decrypted othervise the gssapi_encrypted_tvb
165 tvb will be decrypted (DCERPC has the data before the gssapi blob)
166 If, on return, gssapi_data_encrypted is FALSE, the wrapped tvbuff
167 was signed (i.e., an encrypted signature was present, to check
168 whether the data was modified by a man in the middle) but not sealed
169 (i.e., the data itself wasn't encrypted).
170 */
171 #define DECRYPT_GSSAPI_NORMAL 1
172 #define DECRYPT_GSSAPI_DCE 2
173 guint16 decrypt_gssapi_tvb;
174 tvbuff_t *gssapi_wrap_tvb;
175 tvbuff_t *gssapi_encrypted_tvb;
176 tvbuff_t *gssapi_decrypted_tvb;
177 gboolean gssapi_data_encrypted;
178
179 guint32 ppid; /**< SCTP PPI of current DATA chunk */
180 /** This is a valid PPID, but we use it to mark the end of the list */
181 #define LAST_PPID 0xffffffff
182 guint32 ppids[MAX_NUMBER_OF_PPIDS]; /**< The first NUMBER_OF_PPIDS PPIDS which are present
183 * in the SCTP packet
184 */
185 void *private_data; /**< pointer to data passed from one dissector to another */
186 GHashTable *private_table; /**< a hash table passed from one dissector to another */
187
188 wmem_list_t *layers; /**< layers of each protocol */
189 guint8 curr_layer_num; /**< The current "depth" or layer number in the current frame */
190 guint16 link_number;
191 guint8 annex_a_used; /**< used in packet-mtp2.c
192 * defined in wtap.h
193 * MTP2_ANNEX_A_NOT_USED 0
194 * MTP2_ANNEX_A_USED 1
195 * MTP2_ANNEX_A_USED_UNKNOWN 2
196 */
197 guint16 profinet_type; /**< the type of PROFINET packet (0: not a PROFINET packet) */
198
199 const char *dcerpc_procedure_name; /* Used by PIDL to store the name of the current dcerpc procedure */
200
201 struct _sccp_msg_info_t* sccp_info;
202 guint16 clnp_srcref; /**< clnp/cotp source reference (can't use srcport, this would confuse tpkt) */
203 guint16 clnp_dstref; /**< clnp/cotp destination reference (can't use dstport, this would confuse tpkt) */
204
205 int link_dir; /**< 3GPP messages are sometime different UP link(UL) or Downlink(DL) */
206 GSList* dependent_frames; /**< A list of frames which this one depends on */
207
208 GSList *frame_end_routines;
209
210 wmem_allocator_t *pool; /**< Memory pool scoped to the pinfo struct */
211 struct epan_session *epan;
212 nstime_t rel_ts; /**< Relative timestamp (yes, it can be negative) */
213 const gchar *pkt_comment; /**< NULL if not available */
214 } packet_info;
215
216 /** @} */
217
218 #endif /* __PACKET_INFO_H__ */