trunk/src/lib/winpcap/Packet32.h
| r241403 | r241404 | |
|---|
| 1 | | /*
|
| 2 | | * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)
|
| 3 | | * Copyright (c) 2005 - 2007 CACE Technologies, Davis (California)
|
| 4 | | * All rights reserved.
|
| 5 | | *
|
| 6 | | * Redistribution and use in source and binary forms, with or without
|
| 7 | | * modification, are permitted provided that the following conditions
|
| 8 | | * are met:
|
| 9 | | *
|
| 10 | | * 1. Redistributions of source code must retain the above copyright
|
| 11 | | * notice, this list of conditions and the following disclaimer.
|
| 12 | | * 2. Redistributions in binary form must reproduce the above copyright
|
| 13 | | * notice, this list of conditions and the following disclaimer in the
|
| 14 | | * documentation and/or other materials provided with the distribution.
|
| 15 | | * 3. Neither the name of the Politecnico di Torino, CACE Technologies |
| 16 | | * nor the names of its contributors may be used to endorse or promote |
| 17 | | * products derived from this software without specific prior written |
| 18 | | * permission.
|
| 19 | | *
|
| 20 | | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
| 21 | | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
| 22 | | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
| 23 | | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
| 24 | | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
| 25 | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
| 26 | | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
| 27 | | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
| 28 | | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
| 29 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
| 30 | | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
| 31 | | *
|
| 32 | | */
|
| 33 | | |
| 34 | | /** @ingroup packetapi
|
| 35 | | * @{ |
| 36 | | */
|
| 37 | | |
| 38 | | /** @defgroup packet32h Packet.dll definitions and data structures
|
| 39 | | * Packet32.h contains the data structures and the definitions used by packet.dll.
|
| 40 | | * The file is used both by the Win9x and the WinNTx versions of packet.dll, and can be included
|
| 41 | | * by the applications that use the functions of this library
|
| 42 | | * @{
|
| 43 | | */
|
| 44 | | |
| 45 | | #ifndef __PACKET32
|
| 46 | | #define __PACKET32
|
| 47 | | |
| 48 | | #include <winsock2.h>
|
| 49 | | |
| 50 | | #ifdef HAVE_AIRPCAP_API
|
| 51 | | #include <airpcap.h>
|
| 52 | | #else
|
| 53 | | #if !defined(AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_)
|
| 54 | | #define AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_
|
| 55 | | typedef struct _AirpcapHandle *PAirpcapHandle;
|
| 56 | | #endif /* AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_ */
|
| 57 | | #endif /* HAVE_AIRPCAP_API */
|
| 58 | | |
| 59 | | #ifdef HAVE_DAG_API
|
| 60 | | #include <dagc.h>
|
| 61 | | #endif /* HAVE_DAG_API */
|
| 62 | | |
| 63 | | // Working modes
|
| 64 | | #define PACKET_MODE_CAPT 0x0 ///< Capture mode
|
| 65 | | #define PACKET_MODE_STAT 0x1 ///< Statistical mode
|
| 66 | | #define PACKET_MODE_MON 0x2 ///< Monitoring mode
|
| 67 | | #define PACKET_MODE_DUMP 0x10 ///< Dump mode
|
| 68 | | #define PACKET_MODE_STAT_DUMP MODE_DUMP | MODE_STAT ///< Statistical dump Mode
|
| 69 | | |
| 70 | | |
| 71 | | /// Alignment macro. Defines the alignment size.
|
| 72 | | #define Packet_ALIGNMENT sizeof(int)
|
| 73 | | /// Alignment macro. Rounds up to the next even multiple of Packet_ALIGNMENT. |
| 74 | | #define Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1))
|
| 75 | | |
| 76 | | #define NdisMediumNull -1 ///< Custom linktype: NDIS doesn't provide an equivalent
|
| 77 | | #define NdisMediumCHDLC -2 ///< Custom linktype: NDIS doesn't provide an equivalent
|
| 78 | | #define NdisMediumPPPSerial -3 ///< Custom linktype: NDIS doesn't provide an equivalent
|
| 79 | | #define NdisMediumBare80211 -4 ///< Custom linktype: NDIS doesn't provide an equivalent
|
| 80 | | #define NdisMediumRadio80211 -5 ///< Custom linktype: NDIS doesn't provide an equivalent
|
| 81 | | #define NdisMediumPpi -6 ///< Custom linktype: NDIS doesn't provide an equivalent
|
| 82 | | |
| 83 | | // Loopback behaviour definitions
|
| 84 | | #define NPF_DISABLE_LOOPBACK 1 ///< Drop the packets sent by the NPF driver
|
| 85 | | #define NPF_ENABLE_LOOPBACK 2 ///< Capture the packets sent by the NPF driver
|
| 86 | | |
| 87 | | /*!
|
| 88 | | \brief Network type structure.
|
| 89 | | |
| 90 | | This structure is used by the PacketGetNetType() function to return information on the current adapter's type and speed.
|
| 91 | | */
|
| 92 | | typedef struct NetType
|
| 93 | | {
|
| 94 | | UINT LinkType; ///< The MAC of the current network adapter (see function PacketGetNetType() for more information)
|
| 95 | | ULONGLONG LinkSpeed; ///< The speed of the network in bits per second
|
| 96 | | }NetType;
|
| 97 | | |
| 98 | | |
| 99 | | //some definitions stolen from libpcap
|
| 100 | | |
| 101 | | #ifndef BPF_MAJOR_VERSION
|
| 102 | | |
| 103 | | /*!
|
| 104 | | \brief A BPF pseudo-assembly program.
|
| 105 | | |
| 106 | | The program will be injected in the kernel by the PacketSetBPF() function and applied to every incoming packet. |
| 107 | | */
|
| 108 | | struct bpf_program |
| 109 | | {
|
| 110 | | UINT bf_len; ///< Indicates the number of instructions of the program, i.e. the number of struct bpf_insn that will follow.
|
| 111 | | struct bpf_insn *bf_insns; ///< A pointer to the first instruction of the program.
|
| 112 | | };
|
| 113 | | |
| 114 | | /*!
|
| 115 | | \brief A single BPF pseudo-instruction.
|
| 116 | | |
| 117 | | bpf_insn contains a single instruction for the BPF register-machine. It is used to send a filter program to the driver.
|
| 118 | | */
|
| 119 | | struct bpf_insn |
| 120 | | {
|
| 121 | | USHORT code; ///< Instruction type and addressing mode.
|
| 122 | | UCHAR jt; ///< Jump if true
|
| 123 | | UCHAR jf; ///< Jump if false
|
| 124 | | int k; ///< Generic field used for various purposes.
|
| 125 | | };
|
| 126 | | |
| 127 | | /*!
|
| 128 | | \brief Structure that contains a couple of statistics values on the current capture.
|
| 129 | | |
| 130 | | It is used by packet.dll to return statistics about a capture session.
|
| 131 | | */
|
| 132 | | struct bpf_stat |
| 133 | | {
|
| 134 | | UINT bs_recv; ///< Number of packets that the driver received from the network adapter |
| 135 | | ///< from the beginning of the current capture. This value includes the packets |
| 136 | | ///< lost by the driver.
|
| 137 | | UINT bs_drop; ///< number of packets that the driver lost from the beginning of a capture. |
| 138 | | ///< Basically, a packet is lost when the the buffer of the driver is full. |
| 139 | | ///< In this situation the packet cannot be stored and the driver rejects it.
|
| 140 | | UINT ps_ifdrop; ///< drops by interface. XXX not yet supported
|
| 141 | | UINT bs_capt; ///< number of packets that pass the filter, find place in the kernel buffer and
|
| 142 | | ///< thus reach the application.
|
| 143 | | };
|
| 144 | | |
| 145 | | /*!
|
| 146 | | \brief Packet header.
|
| 147 | | |
| 148 | | This structure defines the header associated with every packet delivered to the application.
|
| 149 | | */
|
| 150 | | struct bpf_hdr |
| 151 | | {
|
| 152 | | struct timeval bh_tstamp; ///< The timestamp associated with the captured packet. |
| 153 | | ///< It is stored in a TimeVal structure.
|
| 154 | | UINT bh_caplen; ///< Length of captured portion. The captured portion <b>can be different</b>
|
| 155 | | ///< from the original packet, because it is possible (with a proper filter)
|
| 156 | | ///< to instruct the driver to capture only a portion of the packets.
|
| 157 | | UINT bh_datalen; ///< Original length of packet
|
| 158 | | USHORT bh_hdrlen; ///< Length of bpf header (this struct plus alignment padding). In some cases,
|
| 159 | | ///< a padding could be added between the end of this structure and the packet
|
| 160 | | ///< data for performance reasons. This filed can be used to retrieve the actual data |
| 161 | | ///< of the packet.
|
| 162 | | };
|
| 163 | | |
| 164 | | /*!
|
| 165 | | \brief Dump packet header.
|
| 166 | | |
| 167 | | This structure defines the header associated with the packets in a buffer to be used with PacketSendPackets().
|
| 168 | | It is simpler than the bpf_hdr, because it corresponds to the header associated by WinPcap and libpcap to a
|
| 169 | | packet in a dump file. This makes straightforward sending WinPcap dump files to the network.
|
| 170 | | */
|
| 171 | | struct dump_bpf_hdr{
|
| 172 | | struct timeval ts; ///< Time stamp of the packet
|
| 173 | | UINT caplen; ///< Length of captured portion. The captured portion can smaller than the |
| 174 | | ///< the original packet, because it is possible (with a proper filter) to |
| 175 | | ///< instruct the driver to capture only a portion of the packets. |
| 176 | | UINT len; ///< Length of the original packet (off wire).
|
| 177 | | };
|
| 178 | | |
| 179 | | |
| 180 | | #endif
|
| 181 | | |
| 182 | | struct bpf_stat;
|
| 183 | | |
| 184 | | #define DOSNAMEPREFIX TEXT("Packet_") ///< Prefix added to the adapters device names to create the WinPcap devices
|
| 185 | | #define MAX_LINK_NAME_LENGTH 64 //< Maximum length of the devices symbolic links
|
| 186 | | #define NMAX_PACKET 65535
|
| 187 | | |
| 188 | | /*!
|
| 189 | | \brief Addresses of a network adapter.
|
| 190 | | |
| 191 | | This structure is used by the PacketGetNetInfoEx() function to return the IP addresses associated with |
| 192 | | an adapter.
|
| 193 | | */
|
| 194 | | typedef struct npf_if_addr {
|
| 195 | | struct sockaddr_storage IPAddress; ///< IP address.
|
| 196 | | struct sockaddr_storage SubnetMask; ///< Netmask for that address.
|
| 197 | | struct sockaddr_storage Broadcast; ///< Broadcast address.
|
| 198 | | }npf_if_addr;
|
| 199 | | |
| 200 | | |
| 201 | | #define ADAPTER_NAME_LENGTH 256 + 12 ///< Maximum length for the name of an adapter. The value is the same used by the IP Helper API.
|
| 202 | | #define ADAPTER_DESC_LENGTH 128 ///< Maximum length for the description of an adapter. The value is the same used by the IP Helper API.
|
| 203 | | #define MAX_MAC_ADDR_LENGTH 8 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API.
|
| 204 | | #define MAX_NETWORK_ADDRESSES 16 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API.
|
| 205 | | |
| 206 | | |
| 207 | | typedef struct WAN_ADAPTER_INT WAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API
|
| 208 | | typedef WAN_ADAPTER *PWAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API
|
| 209 | | |
| 210 | | #define INFO_FLAG_NDIS_ADAPTER 0 ///< Flag for ADAPTER_INFO: this is a traditional ndis adapter
|
| 211 | | #define INFO_FLAG_NDISWAN_ADAPTER 1 ///< Flag for ADAPTER_INFO: this is a NdisWan adapter, and it's managed by WANPACKET
|
| 212 | | #define INFO_FLAG_DAG_CARD 2 ///< Flag for ADAPTER_INFO: this is a DAG card
|
| 213 | | #define INFO_FLAG_DAG_FILE 6 ///< Flag for ADAPTER_INFO: this is a DAG file
|
| 214 | | #define INFO_FLAG_DONT_EXPORT 8 ///< Flag for ADAPTER_INFO: when this flag is set, the adapter will not be listed or openend by winpcap. This allows to prevent exporting broken network adapters, like for example FireWire ones.
|
| 215 | | #define INFO_FLAG_AIRPCAP_CARD 16 ///< Flag for ADAPTER_INFO: this is an airpcap card
|
| 216 | | #define INFO_FLAG_NPFIM_DEVICE 32
|
| 217 | | |
| 218 | | /*!
|
| 219 | | \brief Describes an opened network adapter.
|
| 220 | | |
| 221 | | This structure is the most important for the functioning of packet.dll, but the great part of its fields
|
| 222 | | should be ignored by the user, since the library offers functions that avoid to cope with low-level parameters
|
| 223 | | */
|
| 224 | | typedef struct _ADAPTER { |
| 225 | | HANDLE hFile; ///< \internal Handle to an open instance of the NPF driver.
|
| 226 | | CHAR SymbolicLink[MAX_LINK_NAME_LENGTH]; ///< \internal A string containing the name of the network adapter currently opened.
|
| 227 | | int NumWrites; ///< \internal Number of times a packets written on this adapter will be repeated |
| 228 | | ///< on the wire.
|
| 229 | | HANDLE ReadEvent; ///< A notification event associated with the read calls on the adapter.
|
| 230 | | ///< It can be passed to standard Win32 functions (like WaitForSingleObject
|
| 231 | | ///< or WaitForMultipleObjects) to wait until the driver's buffer contains some |
| 232 | | ///< data. It is particularly useful in GUI applications that need to wait |
| 233 | | ///< concurrently on several events. In Windows NT/2000 the PacketSetMinToCopy()
|
| 234 | | ///< function can be used to define the minimum amount of data in the kernel buffer
|
| 235 | | ///< that will cause the event to be signalled. |
| 236 | |
|
| 237 | | UINT ReadTimeOut; ///< \internal The amount of time after which a read on the driver will be released and |
| 238 | | ///< ReadEvent will be signaled, also if no packets were captured
|
| 239 | | CHAR Name[ADAPTER_NAME_LENGTH];
|
| 240 | | PWAN_ADAPTER pWanAdapter;
|
| 241 | | UINT Flags; ///< Adapter's flags. Tell if this adapter must be treated in a different way, using the Netmon API or the dagc API.
|
| 242 | | |
| 243 | | #ifdef HAVE_AIRPCAP_API
|
| 244 | | PAirpcapHandle AirpcapAd;
|
| 245 | | #endif // HAVE_AIRPCAP_API
|
| 246 | | |
| 247 | | #ifdef HAVE_NPFIM_API
|
| 248 | | void* NpfImHandle;
|
| 249 | | #endif // HAVE_NPFIM_API
|
| 250 | | |
| 251 | | #ifdef HAVE_DAG_API
|
| 252 | | dagc_t *pDagCard; ///< Pointer to the dagc API adapter descriptor for this adapter
|
| 253 | | PCHAR DagBuffer; ///< Pointer to the buffer with the packets that is received from the DAG card
|
| 254 | | struct timeval DagReadTimeout; ///< Read timeout. The dagc API requires a timeval structure
|
| 255 | | unsigned DagFcsLen; ///< Length of the frame check sequence attached to any packet by the card. Obtained from the registry
|
| 256 | | DWORD DagFastProcess; ///< True if the user requests fast capture processing on this card. Higher level applications can use this value to provide a faster but possibly unprecise capture (for example, libpcap doesn't convert the timestamps).
|
| 257 | | #endif // HAVE_DAG_API
|
| 258 | | } ADAPTER, *LPADAPTER;
|
| 259 | | |
| 260 | | /*!
|
| 261 | | \brief Structure that contains a group of packets coming from the driver.
|
| 262 | | |
| 263 | | This structure defines the header associated with every packet delivered to the application.
|
| 264 | | */
|
| 265 | | typedef struct _PACKET { |
| 266 | | HANDLE hEvent; ///< \deprecated Still present for compatibility with old applications.
|
| 267 | | OVERLAPPED OverLapped; ///< \deprecated Still present for compatibility with old applications.
|
| 268 | | PVOID Buffer; ///< Buffer with containing the packets. See the PacketReceivePacket() for
|
| 269 | | ///< details about the organization of the data in this buffer
|
| 270 | | UINT Length; ///< Length of the buffer
|
| 271 | | DWORD ulBytesReceived; ///< Number of valid bytes present in the buffer, i.e. amount of data
|
| 272 | | ///< received by the last call to PacketReceivePacket()
|
| 273 | | BOOLEAN bIoComplete; ///< \deprecated Still present for compatibility with old applications.
|
| 274 | | } PACKET, *LPPACKET;
|
| 275 | | |
| 276 | | /*!
|
| 277 | | \brief Structure containing an OID request.
|
| 278 | | |
| 279 | | It is used by the PacketRequest() function to send an OID to the interface card driver. |
| 280 | | It can be used, for example, to retrieve the status of the error counters on the adapter, its MAC address, |
| 281 | | the list of the multicast groups defined on it, and so on.
|
| 282 | | */
|
| 283 | | struct _PACKET_OID_DATA {
|
| 284 | | ULONG Oid; ///< OID code. See the Microsoft DDK documentation or the file ntddndis.h
|
| 285 | | ///< for a complete list of valid codes.
|
| 286 | | ULONG Length; ///< Length of the data field
|
| 287 | | UCHAR Data[1]; ///< variable-lenght field that contains the information passed to or received |
| 288 | | ///< from the adapter.
|
| 289 | | }; |
| 290 | | typedef struct _PACKET_OID_DATA PACKET_OID_DATA, *PPACKET_OID_DATA;
|
| 291 | | |
| 292 | | #ifdef __cplusplus
|
| 293 | | extern "C" {
|
| 294 | | #endif
|
| 295 | | |
| 296 | | /**
|
| 297 | | * @}
|
| 298 | | */
|
| 299 | | |
| 300 | | /*
|
| 301 | | BOOLEAN QueryWinPcapRegistryStringA(CHAR *SubKeyName,
|
| 302 | | CHAR *Value,
|
| 303 | | UINT *pValueLen,
|
| 304 | | CHAR *DefaultVal);
|
| 305 | | |
| 306 | | BOOLEAN QueryWinPcapRegistryStringW(WCHAR *SubKeyName,
|
| 307 | | WCHAR *Value,
|
| 308 | | UINT *pValueLen,
|
| 309 | | WCHAR *DefaultVal);
|
| 310 | | */
|
| 311 | |
|
| 312 | | //---------------------------------------------------------------------------
|
| 313 | | // EXPORTED FUNCTIONS
|
| 314 | | //---------------------------------------------------------------------------
|
| 315 | | |
| 316 | | PCHAR PacketGetVersion();
|
| 317 | | PCHAR PacketGetDriverVersion();
|
| 318 | | BOOLEAN PacketSetMinToCopy(LPADAPTER AdapterObject,int nbytes);
|
| 319 | | BOOLEAN PacketSetNumWrites(LPADAPTER AdapterObject,int nwrites);
|
| 320 | | BOOLEAN PacketSetMode(LPADAPTER AdapterObject,int mode);
|
| 321 | | BOOLEAN PacketSetReadTimeout(LPADAPTER AdapterObject,int timeout);
|
| 322 | | BOOLEAN PacketSetBpf(LPADAPTER AdapterObject,struct bpf_program *fp);
|
| 323 | | BOOLEAN PacketSetLoopbackBehavior(LPADAPTER AdapterObject, UINT LoopbackBehavior);
|
| 324 | | INT PacketSetSnapLen(LPADAPTER AdapterObject,int snaplen);
|
| 325 | | BOOLEAN PacketGetStats(LPADAPTER AdapterObject,struct bpf_stat *s);
|
| 326 | | BOOLEAN PacketGetStatsEx(LPADAPTER AdapterObject,struct bpf_stat *s);
|
| 327 | | BOOLEAN PacketSetBuff(LPADAPTER AdapterObject,int dim);
|
| 328 | | BOOLEAN PacketGetNetType (LPADAPTER AdapterObject,NetType *type);
|
| 329 | | LPADAPTER PacketOpenAdapter(PCHAR AdapterName);
|
| 330 | | BOOLEAN PacketSendPacket(LPADAPTER AdapterObject,LPPACKET pPacket,BOOLEAN Sync);
|
| 331 | | INT PacketSendPackets(LPADAPTER AdapterObject,PVOID PacketBuff,ULONG Size, BOOLEAN Sync);
|
| 332 | | LPPACKET PacketAllocatePacket(void);
|
| 333 | | VOID PacketInitPacket(LPPACKET lpPacket,PVOID Buffer,UINT Length);
|
| 334 | | VOID PacketFreePacket(LPPACKET lpPacket);
|
| 335 | | BOOLEAN PacketReceivePacket(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync);
|
| 336 | | BOOLEAN PacketSetHwFilter(LPADAPTER AdapterObject,ULONG Filter);
|
| 337 | | BOOLEAN PacketGetAdapterNames(PTSTR pStr,PULONG BufferSize);
|
| 338 | | BOOLEAN PacketGetNetInfoEx(PCHAR AdapterName, npf_if_addr* buffer, PLONG NEntries);
|
| 339 | | BOOLEAN PacketRequest(LPADAPTER AdapterObject,BOOLEAN Set,PPACKET_OID_DATA OidData);
|
| 340 | | HANDLE PacketGetReadEvent(LPADAPTER AdapterObject);
|
| 341 | | BOOLEAN PacketSetDumpName(LPADAPTER AdapterObject, void *name, int len);
|
| 342 | | BOOLEAN PacketSetDumpLimits(LPADAPTER AdapterObject, UINT maxfilesize, UINT maxnpacks);
|
| 343 | | BOOLEAN PacketIsDumpEnded(LPADAPTER AdapterObject, BOOLEAN sync);
|
| 344 | | BOOL PacketStopDriver();
|
| 345 | | VOID PacketCloseAdapter(LPADAPTER lpAdapter);
|
| 346 | | BOOLEAN PacketStartOem(PCHAR errorString, UINT errorStringLength);
|
| 347 | | BOOLEAN PacketStartOemEx(PCHAR errorString, UINT errorStringLength, ULONG flags);
|
| 348 | | PAirpcapHandle PacketGetAirPcapHandle(LPADAPTER AdapterObject);
|
| 349 | | |
| 350 | | //
|
| 351 | | // Used by PacketStartOemEx
|
| 352 | | //
|
| 353 | | #define PACKET_START_OEM_NO_NETMON 0x00000001
|
| 354 | | |
| 355 | | #ifdef __cplusplus
|
| 356 | | }
|
| 357 | | #endif |
| 358 | | |
| 359 | | #endif //__PACKET32
|
| 1 | /* |
| 2 | * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy) |
| 3 | * Copyright (c) 2005 - 2007 CACE Technologies, Davis (California) |
| 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions |
| 8 | * are met: |
| 9 | * |
| 10 | * 1. Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * 2. Redistributions in binary form must reproduce the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer in the |
| 14 | * documentation and/or other materials provided with the distribution. |
| 15 | * 3. Neither the name of the Politecnico di Torino, CACE Technologies |
| 16 | * nor the names of its contributors may be used to endorse or promote |
| 17 | * products derived from this software without specific prior written |
| 18 | * permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 | * |
| 32 | */ |
| 33 | |
| 34 | /** @ingroup packetapi |
| 35 | * @{ |
| 36 | */ |
| 37 | |
| 38 | /** @defgroup packet32h Packet.dll definitions and data structures |
| 39 | * Packet32.h contains the data structures and the definitions used by packet.dll. |
| 40 | * The file is used both by the Win9x and the WinNTx versions of packet.dll, and can be included |
| 41 | * by the applications that use the functions of this library |
| 42 | * @{ |
| 43 | */ |
| 44 | |
| 45 | #ifndef __PACKET32 |
| 46 | #define __PACKET32 |
| 47 | |
| 48 | #include <winsock2.h> |
| 49 | |
| 50 | #ifdef HAVE_AIRPCAP_API |
| 51 | #include <airpcap.h> |
| 52 | #else |
| 53 | #if !defined(AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_) |
| 54 | #define AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_ |
| 55 | typedef struct _AirpcapHandle *PAirpcapHandle; |
| 56 | #endif /* AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_ */ |
| 57 | #endif /* HAVE_AIRPCAP_API */ |
| 58 | |
| 59 | #ifdef HAVE_DAG_API |
| 60 | #include <dagc.h> |
| 61 | #endif /* HAVE_DAG_API */ |
| 62 | |
| 63 | // Working modes |
| 64 | #define PACKET_MODE_CAPT 0x0 ///< Capture mode |
| 65 | #define PACKET_MODE_STAT 0x1 ///< Statistical mode |
| 66 | #define PACKET_MODE_MON 0x2 ///< Monitoring mode |
| 67 | #define PACKET_MODE_DUMP 0x10 ///< Dump mode |
| 68 | #define PACKET_MODE_STAT_DUMP MODE_DUMP | MODE_STAT ///< Statistical dump Mode |
| 69 | |
| 70 | |
| 71 | /// Alignment macro. Defines the alignment size. |
| 72 | #define Packet_ALIGNMENT sizeof(int) |
| 73 | /// Alignment macro. Rounds up to the next even multiple of Packet_ALIGNMENT. |
| 74 | #define Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1)) |
| 75 | |
| 76 | #define NdisMediumNull -1 ///< Custom linktype: NDIS doesn't provide an equivalent |
| 77 | #define NdisMediumCHDLC -2 ///< Custom linktype: NDIS doesn't provide an equivalent |
| 78 | #define NdisMediumPPPSerial -3 ///< Custom linktype: NDIS doesn't provide an equivalent |
| 79 | #define NdisMediumBare80211 -4 ///< Custom linktype: NDIS doesn't provide an equivalent |
| 80 | #define NdisMediumRadio80211 -5 ///< Custom linktype: NDIS doesn't provide an equivalent |
| 81 | #define NdisMediumPpi -6 ///< Custom linktype: NDIS doesn't provide an equivalent |
| 82 | |
| 83 | // Loopback behaviour definitions |
| 84 | #define NPF_DISABLE_LOOPBACK 1 ///< Drop the packets sent by the NPF driver |
| 85 | #define NPF_ENABLE_LOOPBACK 2 ///< Capture the packets sent by the NPF driver |
| 86 | |
| 87 | /*! |
| 88 | \brief Network type structure. |
| 89 | |
| 90 | This structure is used by the PacketGetNetType() function to return information on the current adapter's type and speed. |
| 91 | */ |
| 92 | typedef struct NetType |
| 93 | { |
| 94 | UINT LinkType; ///< The MAC of the current network adapter (see function PacketGetNetType() for more information) |
| 95 | ULONGLONG LinkSpeed; ///< The speed of the network in bits per second |
| 96 | }NetType; |
| 97 | |
| 98 | |
| 99 | //some definitions stolen from libpcap |
| 100 | |
| 101 | #ifndef BPF_MAJOR_VERSION |
| 102 | |
| 103 | /*! |
| 104 | \brief A BPF pseudo-assembly program. |
| 105 | |
| 106 | The program will be injected in the kernel by the PacketSetBPF() function and applied to every incoming packet. |
| 107 | */ |
| 108 | struct bpf_program |
| 109 | { |
| 110 | UINT bf_len; ///< Indicates the number of instructions of the program, i.e. the number of struct bpf_insn that will follow. |
| 111 | struct bpf_insn *bf_insns; ///< A pointer to the first instruction of the program. |
| 112 | }; |
| 113 | |
| 114 | /*! |
| 115 | \brief A single BPF pseudo-instruction. |
| 116 | |
| 117 | bpf_insn contains a single instruction for the BPF register-machine. It is used to send a filter program to the driver. |
| 118 | */ |
| 119 | struct bpf_insn |
| 120 | { |
| 121 | USHORT code; ///< Instruction type and addressing mode. |
| 122 | UCHAR jt; ///< Jump if true |
| 123 | UCHAR jf; ///< Jump if false |
| 124 | int k; ///< Generic field used for various purposes. |
| 125 | }; |
| 126 | |
| 127 | /*! |
| 128 | \brief Structure that contains a couple of statistics values on the current capture. |
| 129 | |
| 130 | It is used by packet.dll to return statistics about a capture session. |
| 131 | */ |
| 132 | struct bpf_stat |
| 133 | { |
| 134 | UINT bs_recv; ///< Number of packets that the driver received from the network adapter |
| 135 | ///< from the beginning of the current capture. This value includes the packets |
| 136 | ///< lost by the driver. |
| 137 | UINT bs_drop; ///< number of packets that the driver lost from the beginning of a capture. |
| 138 | ///< Basically, a packet is lost when the the buffer of the driver is full. |
| 139 | ///< In this situation the packet cannot be stored and the driver rejects it. |
| 140 | UINT ps_ifdrop; ///< drops by interface. XXX not yet supported |
| 141 | UINT bs_capt; ///< number of packets that pass the filter, find place in the kernel buffer and |
| 142 | ///< thus reach the application. |
| 143 | }; |
| 144 | |
| 145 | /*! |
| 146 | \brief Packet header. |
| 147 | |
| 148 | This structure defines the header associated with every packet delivered to the application. |
| 149 | */ |
| 150 | struct bpf_hdr |
| 151 | { |
| 152 | struct timeval bh_tstamp; ///< The timestamp associated with the captured packet. |
| 153 | ///< It is stored in a TimeVal structure. |
| 154 | UINT bh_caplen; ///< Length of captured portion. The captured portion <b>can be different</b> |
| 155 | ///< from the original packet, because it is possible (with a proper filter) |
| 156 | ///< to instruct the driver to capture only a portion of the packets. |
| 157 | UINT bh_datalen; ///< Original length of packet |
| 158 | USHORT bh_hdrlen; ///< Length of bpf header (this struct plus alignment padding). In some cases, |
| 159 | ///< a padding could be added between the end of this structure and the packet |
| 160 | ///< data for performance reasons. This filed can be used to retrieve the actual data |
| 161 | ///< of the packet. |
| 162 | }; |
| 163 | |
| 164 | /*! |
| 165 | \brief Dump packet header. |
| 166 | |
| 167 | This structure defines the header associated with the packets in a buffer to be used with PacketSendPackets(). |
| 168 | It is simpler than the bpf_hdr, because it corresponds to the header associated by WinPcap and libpcap to a |
| 169 | packet in a dump file. This makes straightforward sending WinPcap dump files to the network. |
| 170 | */ |
| 171 | struct dump_bpf_hdr{ |
| 172 | struct timeval ts; ///< Time stamp of the packet |
| 173 | UINT caplen; ///< Length of captured portion. The captured portion can smaller than the |
| 174 | ///< the original packet, because it is possible (with a proper filter) to |
| 175 | ///< instruct the driver to capture only a portion of the packets. |
| 176 | UINT len; ///< Length of the original packet (off wire). |
| 177 | }; |
| 178 | |
| 179 | |
| 180 | #endif |
| 181 | |
| 182 | struct bpf_stat; |
| 183 | |
| 184 | #define DOSNAMEPREFIX TEXT("Packet_") ///< Prefix added to the adapters device names to create the WinPcap devices |
| 185 | #define MAX_LINK_NAME_LENGTH 64 //< Maximum length of the devices symbolic links |
| 186 | #define NMAX_PACKET 65535 |
| 187 | |
| 188 | /*! |
| 189 | \brief Addresses of a network adapter. |
| 190 | |
| 191 | This structure is used by the PacketGetNetInfoEx() function to return the IP addresses associated with |
| 192 | an adapter. |
| 193 | */ |
| 194 | typedef struct npf_if_addr { |
| 195 | struct sockaddr_storage IPAddress; ///< IP address. |
| 196 | struct sockaddr_storage SubnetMask; ///< Netmask for that address. |
| 197 | struct sockaddr_storage Broadcast; ///< Broadcast address. |
| 198 | }npf_if_addr; |
| 199 | |
| 200 | |
| 201 | #define ADAPTER_NAME_LENGTH 256 + 12 ///< Maximum length for the name of an adapter. The value is the same used by the IP Helper API. |
| 202 | #define ADAPTER_DESC_LENGTH 128 ///< Maximum length for the description of an adapter. The value is the same used by the IP Helper API. |
| 203 | #define MAX_MAC_ADDR_LENGTH 8 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API. |
| 204 | #define MAX_NETWORK_ADDRESSES 16 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API. |
| 205 | |
| 206 | |
| 207 | typedef struct WAN_ADAPTER_INT WAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API |
| 208 | typedef WAN_ADAPTER *PWAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API |
| 209 | |
| 210 | #define INFO_FLAG_NDIS_ADAPTER 0 ///< Flag for ADAPTER_INFO: this is a traditional ndis adapter |
| 211 | #define INFO_FLAG_NDISWAN_ADAPTER 1 ///< Flag for ADAPTER_INFO: this is a NdisWan adapter, and it's managed by WANPACKET |
| 212 | #define INFO_FLAG_DAG_CARD 2 ///< Flag for ADAPTER_INFO: this is a DAG card |
| 213 | #define INFO_FLAG_DAG_FILE 6 ///< Flag for ADAPTER_INFO: this is a DAG file |
| 214 | #define INFO_FLAG_DONT_EXPORT 8 ///< Flag for ADAPTER_INFO: when this flag is set, the adapter will not be listed or openend by winpcap. This allows to prevent exporting broken network adapters, like for example FireWire ones. |
| 215 | #define INFO_FLAG_AIRPCAP_CARD 16 ///< Flag for ADAPTER_INFO: this is an airpcap card |
| 216 | #define INFO_FLAG_NPFIM_DEVICE 32 |
| 217 | |
| 218 | /*! |
| 219 | \brief Describes an opened network adapter. |
| 220 | |
| 221 | This structure is the most important for the functioning of packet.dll, but the great part of its fields |
| 222 | should be ignored by the user, since the library offers functions that avoid to cope with low-level parameters |
| 223 | */ |
| 224 | typedef struct _ADAPTER { |
| 225 | HANDLE hFile; ///< \internal Handle to an open instance of the NPF driver. |
| 226 | CHAR SymbolicLink[MAX_LINK_NAME_LENGTH]; ///< \internal A string containing the name of the network adapter currently opened. |
| 227 | int NumWrites; ///< \internal Number of times a packets written on this adapter will be repeated |
| 228 | ///< on the wire. |
| 229 | HANDLE ReadEvent; ///< A notification event associated with the read calls on the adapter. |
| 230 | ///< It can be passed to standard Win32 functions (like WaitForSingleObject |
| 231 | ///< or WaitForMultipleObjects) to wait until the driver's buffer contains some |
| 232 | ///< data. It is particularly useful in GUI applications that need to wait |
| 233 | ///< concurrently on several events. In Windows NT/2000 the PacketSetMinToCopy() |
| 234 | ///< function can be used to define the minimum amount of data in the kernel buffer |
| 235 | ///< that will cause the event to be signalled. |
| 236 | |
| 237 | UINT ReadTimeOut; ///< \internal The amount of time after which a read on the driver will be released and |
| 238 | ///< ReadEvent will be signaled, also if no packets were captured |
| 239 | CHAR Name[ADAPTER_NAME_LENGTH]; |
| 240 | PWAN_ADAPTER pWanAdapter; |
| 241 | UINT Flags; ///< Adapter's flags. Tell if this adapter must be treated in a different way, using the Netmon API or the dagc API. |
| 242 | |
| 243 | #ifdef HAVE_AIRPCAP_API |
| 244 | PAirpcapHandle AirpcapAd; |
| 245 | #endif // HAVE_AIRPCAP_API |
| 246 | |
| 247 | #ifdef HAVE_NPFIM_API |
| 248 | void* NpfImHandle; |
| 249 | #endif // HAVE_NPFIM_API |
| 250 | |
| 251 | #ifdef HAVE_DAG_API |
| 252 | dagc_t *pDagCard; ///< Pointer to the dagc API adapter descriptor for this adapter |
| 253 | PCHAR DagBuffer; ///< Pointer to the buffer with the packets that is received from the DAG card |
| 254 | struct timeval DagReadTimeout; ///< Read timeout. The dagc API requires a timeval structure |
| 255 | unsigned DagFcsLen; ///< Length of the frame check sequence attached to any packet by the card. Obtained from the registry |
| 256 | DWORD DagFastProcess; ///< True if the user requests fast capture processing on this card. Higher level applications can use this value to provide a faster but possibly unprecise capture (for example, libpcap doesn't convert the timestamps). |
| 257 | #endif // HAVE_DAG_API |
| 258 | } ADAPTER, *LPADAPTER; |
| 259 | |
| 260 | /*! |
| 261 | \brief Structure that contains a group of packets coming from the driver. |
| 262 | |
| 263 | This structure defines the header associated with every packet delivered to the application. |
| 264 | */ |
| 265 | typedef struct _PACKET { |
| 266 | HANDLE hEvent; ///< \deprecated Still present for compatibility with old applications. |
| 267 | OVERLAPPED OverLapped; ///< \deprecated Still present for compatibility with old applications. |
| 268 | PVOID Buffer; ///< Buffer with containing the packets. See the PacketReceivePacket() for |
| 269 | ///< details about the organization of the data in this buffer |
| 270 | UINT Length; ///< Length of the buffer |
| 271 | DWORD ulBytesReceived; ///< Number of valid bytes present in the buffer, i.e. amount of data |
| 272 | ///< received by the last call to PacketReceivePacket() |
| 273 | BOOLEAN bIoComplete; ///< \deprecated Still present for compatibility with old applications. |
| 274 | } PACKET, *LPPACKET; |
| 275 | |
| 276 | /*! |
| 277 | \brief Structure containing an OID request. |
| 278 | |
| 279 | It is used by the PacketRequest() function to send an OID to the interface card driver. |
| 280 | It can be used, for example, to retrieve the status of the error counters on the adapter, its MAC address, |
| 281 | the list of the multicast groups defined on it, and so on. |
| 282 | */ |
| 283 | struct _PACKET_OID_DATA { |
| 284 | ULONG Oid; ///< OID code. See the Microsoft DDK documentation or the file ntddndis.h |
| 285 | ///< for a complete list of valid codes. |
| 286 | ULONG Length; ///< Length of the data field |
| 287 | UCHAR Data[1]; ///< variable-lenght field that contains the information passed to or received |
| 288 | ///< from the adapter. |
| 289 | }; |
| 290 | typedef struct _PACKET_OID_DATA PACKET_OID_DATA, *PPACKET_OID_DATA; |
| 291 | |
| 292 | #ifdef __cplusplus |
| 293 | extern "C" { |
| 294 | #endif |
| 295 | |
| 296 | /** |
| 297 | * @} |
| 298 | */ |
| 299 | |
| 300 | /* |
| 301 | BOOLEAN QueryWinPcapRegistryStringA(CHAR *SubKeyName, |
| 302 | CHAR *Value, |
| 303 | UINT *pValueLen, |
| 304 | CHAR *DefaultVal); |
| 305 | |
| 306 | BOOLEAN QueryWinPcapRegistryStringW(WCHAR *SubKeyName, |
| 307 | WCHAR *Value, |
| 308 | UINT *pValueLen, |
| 309 | WCHAR *DefaultVal); |
| 310 | */ |
| 311 | |
| 312 | //--------------------------------------------------------------------------- |
| 313 | // EXPORTED FUNCTIONS |
| 314 | //--------------------------------------------------------------------------- |
| 315 | |
| 316 | PCHAR PacketGetVersion(); |
| 317 | PCHAR PacketGetDriverVersion(); |
| 318 | BOOLEAN PacketSetMinToCopy(LPADAPTER AdapterObject,int nbytes); |
| 319 | BOOLEAN PacketSetNumWrites(LPADAPTER AdapterObject,int nwrites); |
| 320 | BOOLEAN PacketSetMode(LPADAPTER AdapterObject,int mode); |
| 321 | BOOLEAN PacketSetReadTimeout(LPADAPTER AdapterObject,int timeout); |
| 322 | BOOLEAN PacketSetBpf(LPADAPTER AdapterObject,struct bpf_program *fp); |
| 323 | BOOLEAN PacketSetLoopbackBehavior(LPADAPTER AdapterObject, UINT LoopbackBehavior); |
| 324 | INT PacketSetSnapLen(LPADAPTER AdapterObject,int snaplen); |
| 325 | BOOLEAN PacketGetStats(LPADAPTER AdapterObject,struct bpf_stat *s); |
| 326 | BOOLEAN PacketGetStatsEx(LPADAPTER AdapterObject,struct bpf_stat *s); |
| 327 | BOOLEAN PacketSetBuff(LPADAPTER AdapterObject,int dim); |
| 328 | BOOLEAN PacketGetNetType (LPADAPTER AdapterObject,NetType *type); |
| 329 | LPADAPTER PacketOpenAdapter(PCHAR AdapterName); |
| 330 | BOOLEAN PacketSendPacket(LPADAPTER AdapterObject,LPPACKET pPacket,BOOLEAN Sync); |
| 331 | INT PacketSendPackets(LPADAPTER AdapterObject,PVOID PacketBuff,ULONG Size, BOOLEAN Sync); |
| 332 | LPPACKET PacketAllocatePacket(void); |
| 333 | VOID PacketInitPacket(LPPACKET lpPacket,PVOID Buffer,UINT Length); |
| 334 | VOID PacketFreePacket(LPPACKET lpPacket); |
| 335 | BOOLEAN PacketReceivePacket(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync); |
| 336 | BOOLEAN PacketSetHwFilter(LPADAPTER AdapterObject,ULONG Filter); |
| 337 | BOOLEAN PacketGetAdapterNames(PTSTR pStr,PULONG BufferSize); |
| 338 | BOOLEAN PacketGetNetInfoEx(PCHAR AdapterName, npf_if_addr* buffer, PLONG NEntries); |
| 339 | BOOLEAN PacketRequest(LPADAPTER AdapterObject,BOOLEAN Set,PPACKET_OID_DATA OidData); |
| 340 | HANDLE PacketGetReadEvent(LPADAPTER AdapterObject); |
| 341 | BOOLEAN PacketSetDumpName(LPADAPTER AdapterObject, void *name, int len); |
| 342 | BOOLEAN PacketSetDumpLimits(LPADAPTER AdapterObject, UINT maxfilesize, UINT maxnpacks); |
| 343 | BOOLEAN PacketIsDumpEnded(LPADAPTER AdapterObject, BOOLEAN sync); |
| 344 | BOOL PacketStopDriver(); |
| 345 | VOID PacketCloseAdapter(LPADAPTER lpAdapter); |
| 346 | BOOLEAN PacketStartOem(PCHAR errorString, UINT errorStringLength); |
| 347 | BOOLEAN PacketStartOemEx(PCHAR errorString, UINT errorStringLength, ULONG flags); |
| 348 | PAirpcapHandle PacketGetAirPcapHandle(LPADAPTER AdapterObject); |
| 349 | |
| 350 | // |
| 351 | // Used by PacketStartOemEx |
| 352 | // |
| 353 | #define PACKET_START_OEM_NO_NETMON 0x00000001 |
| 354 | |
| 355 | #ifdef __cplusplus |
| 356 | } |
| 357 | #endif |
| 358 | |
| 359 | #endif //__PACKET32 |
trunk/src/lib/winpcap/Win32-Extensions.h
| r241403 | r241404 | |
|---|
| 1 | | /*
|
| 2 | | * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)
|
| 3 | | * Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)
|
| 4 | | * All rights reserved.
|
| 5 | | *
|
| 6 | | * Redistribution and use in source and binary forms, with or without
|
| 7 | | * modification, are permitted provided that the following conditions
|
| 8 | | * are met:
|
| 9 | | *
|
| 10 | | * 1. Redistributions of source code must retain the above copyright
|
| 11 | | * notice, this list of conditions and the following disclaimer.
|
| 12 | | * 2. Redistributions in binary form must reproduce the above copyright
|
| 13 | | * notice, this list of conditions and the following disclaimer in the
|
| 14 | | * documentation and/or other materials provided with the distribution.
|
| 15 | | * 3. Neither the name of the Politecnico di Torino, CACE Technologies |
| 16 | | * nor the names of its contributors may be used to endorse or promote |
| 17 | | * products derived from this software without specific prior written |
| 18 | | * permission.
|
| 19 | | *
|
| 20 | | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
| 21 | | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
| 22 | | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
| 23 | | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
| 24 | | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
| 25 | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
| 26 | | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
| 27 | | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
| 28 | | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
| 29 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
| 30 | | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
| 31 | | *
|
| 32 | | */
|
| 33 | | |
| 34 | | #ifndef __WIN32_EXTENSIONS_H__
|
| 35 | | #define __WIN32_EXTENSIONS_H__
|
| 36 | | |
| 37 | | #ifdef __cplusplus
|
| 38 | | extern "C" {
|
| 39 | | #endif
|
| 40 | | |
| 41 | | /* Definitions */
|
| 42 | | |
| 43 | | /*!
|
| 44 | | \brief A queue of raw packets that will be sent to the network with pcap_sendqueue_transmit().
|
| 45 | | */
|
| 46 | | struct pcap_send_queue
|
| 47 | | {
|
| 48 | | u_int maxlen; ///< Maximum size of the the queue, in bytes. This variable contains the size of the buffer field.
|
| 49 | | u_int len; ///< Current size of the queue, in bytes.
|
| 50 | | char *buffer; ///< Buffer containing the packets to be sent.
|
| 51 | | };
|
| 52 | | |
| 53 | | typedef struct pcap_send_queue pcap_send_queue;
|
| 54 | | |
| 55 | | /*!
|
| 56 | | \brief This typedef is a support for the pcap_get_airpcap_handle() function
|
| 57 | | */
|
| 58 | | #if !defined(AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_)
|
| 59 | | #define AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_
|
| 60 | | typedef struct _AirpcapHandle *PAirpcapHandle;
|
| 61 | | #endif
|
| 62 | | |
| 63 | | #define BPF_MEM_EX_IMM 0xc0
|
| 64 | | #define BPF_MEM_EX_IND 0xe0
|
| 65 | | |
| 66 | | /*used for ST*/
|
| 67 | | #define BPF_MEM_EX 0xc0
|
| 68 | | #define BPF_TME 0x08
|
| 69 | | |
| 70 | | #define BPF_LOOKUP 0x90
|
| 71 | | #define BPF_EXECUTE 0xa0
|
| 72 | | #define BPF_INIT 0xb0
|
| 73 | | #define BPF_VALIDATE 0xc0
|
| 74 | | #define BPF_SET_ACTIVE 0xd0
|
| 75 | | #define BPF_RESET 0xe0
|
| 76 | | #define BPF_SET_MEMORY 0x80
|
| 77 | | #define BPF_GET_REGISTER_VALUE 0x70
|
| 78 | | #define BPF_SET_REGISTER_VALUE 0x60
|
| 79 | | #define BPF_SET_WORKING 0x50
|
| 80 | | #define BPF_SET_ACTIVE_READ 0x40
|
| 81 | | #define BPF_SET_AUTODELETION 0x30
|
| 82 | | #define BPF_SEPARATION 0xff
|
| 83 | | |
| 84 | | /* Prototypes */
|
| 85 | | pcap_send_queue* pcap_sendqueue_alloc(u_int memsize);
|
| 86 | | |
| 87 | | void pcap_sendqueue_destroy(pcap_send_queue* queue);
|
| 88 | | |
| 89 | | int pcap_sendqueue_queue(pcap_send_queue* queue, const struct pcap_pkthdr *pkt_header, const u_char *pkt_data);
|
| 90 | | |
| 91 | | u_int pcap_sendqueue_transmit(pcap_t *p, pcap_send_queue* queue, int sync);
|
| 92 | | |
| 93 | | HANDLE pcap_getevent(pcap_t *p);
|
| 94 | | |
| 95 | | struct pcap_stat *pcap_stats_ex(pcap_t *p, int *pcap_stat_size);
|
| 96 | | |
| 97 | | int pcap_setuserbuffer(pcap_t *p, int size);
|
| 98 | | |
| 99 | | int pcap_live_dump(pcap_t *p, char *filename, int maxsize, int maxpacks);
|
| 100 | | |
| 101 | | int pcap_live_dump_ended(pcap_t *p, int sync);
|
| 102 | | |
| 103 | | int pcap_offline_filter(struct bpf_program *prog, const struct pcap_pkthdr *header, const u_char *pkt_data);
|
| 104 | | |
| 105 | | int pcap_start_oem(char* err_str, int flags);
|
| 106 | | |
| 107 | | PAirpcapHandle pcap_get_airpcap_handle(pcap_t *p);
|
| 108 | | |
| 109 | | #ifdef __cplusplus
|
| 110 | | }
|
| 111 | | #endif
|
| 112 | | |
| 113 | | #endif //__WIN32_EXTENSIONS_H__
|
| 1 | /* |
| 2 | * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy) |
| 3 | * Copyright (c) 2005 - 2006 CACE Technologies, Davis (California) |
| 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions |
| 8 | * are met: |
| 9 | * |
| 10 | * 1. Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * 2. Redistributions in binary form must reproduce the above copyright |
| 13 | * notice, this list of conditions and the following disclaimer in the |
| 14 | * documentation and/or other materials provided with the distribution. |
| 15 | * 3. Neither the name of the Politecnico di Torino, CACE Technologies |
| 16 | * nor the names of its contributors may be used to endorse or promote |
| 17 | * products derived from this software without specific prior written |
| 18 | * permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 | * |
| 32 | */ |
| 33 | |
| 34 | #ifndef __WIN32_EXTENSIONS_H__ |
| 35 | #define __WIN32_EXTENSIONS_H__ |
| 36 | |
| 37 | #ifdef __cplusplus |
| 38 | extern "C" { |
| 39 | #endif |
| 40 | |
| 41 | /* Definitions */ |
| 42 | |
| 43 | /*! |
| 44 | \brief A queue of raw packets that will be sent to the network with pcap_sendqueue_transmit(). |
| 45 | */ |
| 46 | struct pcap_send_queue |
| 47 | { |
| 48 | u_int maxlen; ///< Maximum size of the the queue, in bytes. This variable contains the size of the buffer field. |
| 49 | u_int len; ///< Current size of the queue, in bytes. |
| 50 | char *buffer; ///< Buffer containing the packets to be sent. |
| 51 | }; |
| 52 | |
| 53 | typedef struct pcap_send_queue pcap_send_queue; |
| 54 | |
| 55 | /*! |
| 56 | \brief This typedef is a support for the pcap_get_airpcap_handle() function |
| 57 | */ |
| 58 | #if !defined(AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_) |
| 59 | #define AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_ |
| 60 | typedef struct _AirpcapHandle *PAirpcapHandle; |
| 61 | #endif |
| 62 | |
| 63 | #define BPF_MEM_EX_IMM 0xc0 |
| 64 | #define BPF_MEM_EX_IND 0xe0 |
| 65 | |
| 66 | /*used for ST*/ |
| 67 | #define BPF_MEM_EX 0xc0 |
| 68 | #define BPF_TME 0x08 |
| 69 | |
| 70 | #define BPF_LOOKUP 0x90 |
| 71 | #define BPF_EXECUTE 0xa0 |
| 72 | #define BPF_INIT 0xb0 |
| 73 | #define BPF_VALIDATE 0xc0 |
| 74 | #define BPF_SET_ACTIVE 0xd0 |
| 75 | #define BPF_RESET 0xe0 |
| 76 | #define BPF_SET_MEMORY 0x80 |
| 77 | #define BPF_GET_REGISTER_VALUE 0x70 |
| 78 | #define BPF_SET_REGISTER_VALUE 0x60 |
| 79 | #define BPF_SET_WORKING 0x50 |
| 80 | #define BPF_SET_ACTIVE_READ 0x40 |
| 81 | #define BPF_SET_AUTODELETION 0x30 |
| 82 | #define BPF_SEPARATION 0xff |
| 83 | |
| 84 | /* Prototypes */ |
| 85 | pcap_send_queue* pcap_sendqueue_alloc(u_int memsize); |
| 86 | |
| 87 | void pcap_sendqueue_destroy(pcap_send_queue* queue); |
| 88 | |
| 89 | int pcap_sendqueue_queue(pcap_send_queue* queue, const struct pcap_pkthdr *pkt_header, const u_char *pkt_data); |
| 90 | |
| 91 | u_int pcap_sendqueue_transmit(pcap_t *p, pcap_send_queue* queue, int sync); |
| 92 | |
| 93 | HANDLE pcap_getevent(pcap_t *p); |
| 94 | |
| 95 | struct pcap_stat *pcap_stats_ex(pcap_t *p, int *pcap_stat_size); |
| 96 | |
| 97 | int pcap_setuserbuffer(pcap_t *p, int size); |
| 98 | |
| 99 | int pcap_live_dump(pcap_t *p, char *filename, int maxsize, int maxpacks); |
| 100 | |
| 101 | int pcap_live_dump_ended(pcap_t *p, int sync); |
| 102 | |
| 103 | int pcap_offline_filter(struct bpf_program *prog, const struct pcap_pkthdr *header, const u_char *pkt_data); |
| 104 | |
| 105 | int pcap_start_oem(char* err_str, int flags); |
| 106 | |
| 107 | PAirpcapHandle pcap_get_airpcap_handle(pcap_t *p); |
| 108 | |
| 109 | #ifdef __cplusplus |
| 110 | } |
| 111 | #endif |
| 112 | |
| 113 | #endif //__WIN32_EXTENSIONS_H__ |