documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2007
CACE Technologies. All rights reserved.00001 /* 00002 * Copyright (c) 2002 - 2003 00003 * NetGroup, Politecnico di Torino (Italy) 00004 * All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 00010 * 1. Redistributions of source code must retain the above copyright 00011 * notice, this list of conditions and the following disclaimer. 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in the 00014 * documentation and/or other materials provided with the distribution. 00015 * 3. Neither the name of the Politecnico di Torino nor the names of its 00016 * contributors may be used to endorse or promote products derived from 00017 * this software without specific prior written permission. 00018 * 00019 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 00020 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 00021 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 00022 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 00023 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 00024 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 00025 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00026 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 00027 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 00028 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 00029 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00030 * 00031 */ 00032 00033 #ifndef __PCAP_REMOTE_H__ 00034 #define __PCAP_REMOTE_H__ 00035 00036 00037 #include "pcap.h" 00038 #include "sockutils.h" // Needed for some structures (like SOCKET, sockaddr_in) which are used here 00039 00040 00073 /********************************************************* 00074 * * 00075 * General definitions / typedefs for the RPCAP protocol * 00076 * * 00077 *********************************************************/ 00078 00079 // All the following structures and typedef belongs to the Private Documentation 00084 #define RPCAP_DEFAULT_NETPORT "2002" 00086 #define RPCAP_DEFAULT_NETPORT_ACTIVE "2003" 00087 #define RPCAP_DEFAULT_NETADDR "" 00088 #define RPCAP_VERSION 0 00089 #define RPCAP_TIMEOUT_INIT 90 00090 #define RPCAP_TIMEOUT_RUNTIME 180 00091 #define RPCAP_ACTIVE_WAIT 30 00092 #define RPCAP_SUSPEND_WRONGAUTH 1 00098 #define RPCAP_NETBUF_SIZE 64000 00099 00100 00108 #define RPCAP_HOSTLIST_SEP " ,;\n\r" 00109 00110 00111 00112 00113 // WARNING: These could need to be changed on other platforms 00114 typedef unsigned char uint8; 00115 typedef unsigned short uint16; 00116 typedef unsigned int uint32; 00117 typedef int int32; 00118 00119 00120 00121 00132 struct activehosts 00133 { 00134 struct sockaddr_storage host; 00135 SOCKET sockctrl; 00136 struct activehosts *next; 00137 }; 00138 00139 00140 /********************************************************* 00141 * * 00142 * Protocol messages formats * 00143 * * 00144 *********************************************************/ 00145 // WARNING Take care you compiler does not insert padding for better alignments into these structs 00146 00147 00149 struct rpcap_header 00150 { 00151 uint8 ver; 00152 uint8 type; 00153 uint16 value; 00154 uint32 plen; 00155 }; 00156 00157 00159 struct rpcap_findalldevs_if 00160 { 00161 uint16 namelen; 00162 uint16 desclen; 00163 uint32 flags; 00164 uint16 naddr; 00165 uint16 dummy; 00166 }; 00167 00168 00170 struct rpcap_findalldevs_ifaddr 00171 { 00172 struct sockaddr_storage addr; 00173 struct sockaddr_storage netmask; 00174 struct sockaddr_storage broadaddr; 00175 struct sockaddr_storage dstaddr; 00176 }; 00177 00178 00179 00185 struct rpcap_openreply 00186 { 00187 int32 linktype; 00188 int32 tzoff; 00189 }; 00190 00191 00192 00194 struct rpcap_startcapreq 00195 { 00196 uint32 snaplen; 00197 uint32 read_timeout; 00198 uint16 flags; 00199 uint16 portdata; 00200 }; 00201 00202 00204 struct rpcap_startcapreply 00205 { 00206 int32 bufsize; 00207 uint16 portdata; 00208 uint16 dummy; 00209 }; 00210 00211 00218 struct rpcap_pkthdr 00219 { 00220 uint32 timestamp_sec; 00221 uint32 timestamp_usec; 00222 uint32 caplen; 00223 uint32 len; 00224 uint32 npkt; 00225 }; 00226 00227 00229 struct rpcap_filter 00230 { 00231 uint16 filtertype; 00232 uint16 dummy; 00233 uint32 nitems; 00234 }; 00235 00236 00238 struct rpcap_filterbpf_insn 00239 { 00240 uint16 code; 00241 uint8 jt; 00242 uint8 jf; 00243 int32 k; 00244 }; 00245 00246 00248 struct rpcap_auth 00249 { 00250 uint16 type; 00251 uint16 dummy; 00252 uint16 slen1; 00253 uint16 slen2; 00254 }; 00255 00256 00258 struct rpcap_stats 00259 { 00260 uint32 ifrecv; 00261 uint32 ifdrop; 00262 uint32 krnldrop; 00263 uint32 svrcapt; 00264 }; 00265 00266 00268 struct rpcap_sampling 00269 { 00270 uint8 method; 00271 uint8 dummy1; 00272 uint16 dummy2; 00273 uint32 value; 00274 }; 00275 00276 00277 00278 // Messages field coding 00279 #define RPCAP_MSG_ERROR 1 00280 #define RPCAP_MSG_FINDALLIF_REQ 2 00281 #define RPCAP_MSG_OPEN_REQ 3 00282 #define RPCAP_MSG_STARTCAP_REQ 4 00283 #define RPCAP_MSG_UPDATEFILTER_REQ 5 00284 #define RPCAP_MSG_CLOSE 6 00285 #define RPCAP_MSG_PACKET 7 00286 #define RPCAP_MSG_AUTH_REQ 8 00287 #define RPCAP_MSG_STATS_REQ 9 00288 #define RPCAP_MSG_ENDCAP_REQ 10 00289 #define RPCAP_MSG_SETSAMPLING_REQ 11 00291 #define RPCAP_MSG_FINDALLIF_REPLY (128+RPCAP_MSG_FINDALLIF_REQ) 00292 #define RPCAP_MSG_OPEN_REPLY (128+RPCAP_MSG_OPEN_REQ) 00293 #define RPCAP_MSG_STARTCAP_REPLY (128+RPCAP_MSG_STARTCAP_REQ) 00294 #define RPCAP_MSG_UPDATEFILTER_REPLY (128+RPCAP_MSG_UPDATEFILTER_REQ) 00295 #define RPCAP_MSG_AUTH_REPLY (128+RPCAP_MSG_AUTH_REQ) 00296 #define RPCAP_MSG_STATS_REPLY (128+RPCAP_MSG_STATS_REQ) 00297 #define RPCAP_MSG_ENDCAP_REPLY (128+RPCAP_MSG_ENDCAP_REQ) 00298 #define RPCAP_MSG_SETSAMPLING_REPLY (128+RPCAP_MSG_SETSAMPLING_REQ) 00300 #define RPCAP_STARTCAPREQ_FLAG_PROMISC 1 00301 #define RPCAP_STARTCAPREQ_FLAG_DGRAM 2 00302 #define RPCAP_STARTCAPREQ_FLAG_SERVEROPEN 4 00303 #define RPCAP_STARTCAPREQ_FLAG_INBOUND 8 00304 #define RPCAP_STARTCAPREQ_FLAG_OUTBOUND 16 00306 #define RPCAP_UPDATEFILTER_BPF 1 00309 // Network error codes 00310 #define PCAP_ERR_NETW 1 00311 #define PCAP_ERR_INITTIMEOUT 2 00312 #define PCAP_ERR_AUTH 3 00313 #define PCAP_ERR_FINDALLIF 4 00314 #define PCAP_ERR_NOREMOTEIF 5 00315 #define PCAP_ERR_OPEN 6 00316 #define PCAP_ERR_UPDATEFILTER 7 00317 #define PCAP_ERR_GETSTATS 8 00318 #define PCAP_ERR_READEX 9 00319 #define PCAP_ERR_HOSTNOAUTH 10 00320 #define PCAP_ERR_REMOTEACCEPT 11 00321 #define PCAP_ERR_STARTCAPTURE 12 00322 #define PCAP_ERR_ENDCAPTURE 13 00323 #define PCAP_ERR_RUNTIMETIMEOUT 14 00324 #define PCAP_ERR_SETSAMPLING 15 00325 #define PCAP_ERR_WRONGMSG 16 00326 #define PCAP_ERR_WRONGVER 17 // end of private documentation 00330 00331 00332 00333 00334 00335 00336 /********************************************************* 00337 * * 00338 * Exported funtion prototypes * 00339 * * 00340 *********************************************************/ 00341 pcap_t *pcap_opensource_remote(const char *source, struct pcap_rmtauth *auth, char *errbuf); 00342 int pcap_startcapture_remote(pcap_t *fp); 00343 00344 int pcap_read_nocb_remote(pcap_t *p, struct pcap_pkthdr **pkt_header, u_char **pkt_data); 00345 int pcap_read_remote(pcap_t *p, int cnt, pcap_handler callback, u_char *user); 00346 int pcap_updatefilter_remote(pcap_t *fp, struct bpf_program *prog); 00347 int pcap_setfilter_remote(pcap_t *fp, struct bpf_program *prog); 00348 int pcap_stats_remote(pcap_t *p, struct pcap_stat *ps); 00349 int pcap_setsampling_remote(pcap_t *p); 00350 struct pcap_stat *pcap_stats_ex_remote(pcap_t *p); 00351 void pcap_close_remote(pcap_t *p); 00352 00353 void rpcap_createhdr(struct rpcap_header *header, uint8 type, uint16 value, uint32 length); 00354 int rpcap_deseraddr(struct sockaddr_storage *sockaddrin, struct sockaddr_storage **sockaddrout, char *errbuf); 00355 int rpcap_checkmsg(char *errbuf, SOCKET sock, struct rpcap_header *header, uint8 first, ...); 00356 int rpcap_senderror(SOCKET sock, char *error, unsigned short errcode, char *errbuf); 00357 int rpcap_sendauth(SOCKET sock, struct pcap_rmtauth *auth, char *errbuf); 00358 00359 int rpcap_remoteact_getsock(const char *host, char *errbuf); 00360 00361 #endif 00362
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2007
CACE Technologies. All rights reserved.