00001 /* 00002 * Copyright (c) 2002 - 2005 NetGroup, Politecnico di Torino (Italy) 00003 * Copyright (c) 2005 - 2008 CACE Technologies, Davis (California) 00004 * All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 00010 * 1. Redistributions of source code must retain the above copyright 00011 * notice, this list of conditions and the following disclaimer. 00012 * 2. Redistributions in binary form must reproduce the above copyright 00013 * notice, this list of conditions and the following disclaimer in the 00014 * documentation and/or other materials provided with the distribution. 00015 * 3. Neither the name of the Politecnico di Torino, CACE Technologies 00016 * nor the names of its contributors may be used to endorse or promote 00017 * products derived from this software without specific prior written 00018 * permission. 00019 * 00020 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 00021 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 00022 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 00023 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 00024 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 00025 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 00026 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00027 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 00028 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 00029 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 00030 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00031 * 00032 */ 00033 00034 #ifndef __PCAP_REMOTE_H__ 00035 #define __PCAP_REMOTE_H__ 00036 00037 00038 #include "pcap.h" 00039 #include "sockutils.h" // Needed for some structures (like SOCKET, sockaddr_in) which are used here 00040 00041 00074 /********************************************************* 00075 * * 00076 * General definitions / typedefs for the RPCAP protocol * 00077 * * 00078 *********************************************************/ 00079 00080 // All the following structures and typedef belongs to the Private Documentation 00085 #define RPCAP_DEFAULT_NETPORT "2002" 00087 #define RPCAP_DEFAULT_NETPORT_ACTIVE "2003" 00088 #define RPCAP_DEFAULT_NETADDR "" 00089 #define RPCAP_VERSION 0 00090 #define RPCAP_TIMEOUT_INIT 90 00091 #define RPCAP_TIMEOUT_RUNTIME 180 00092 #define RPCAP_ACTIVE_WAIT 30 00093 #define RPCAP_SUSPEND_WRONGAUTH 1 00099 #define RPCAP_NETBUF_SIZE 64000 00100 00101 00109 #define RPCAP_HOSTLIST_SEP " ,;\n\r" 00110 00111 00112 00113 00114 // WARNING: These could need to be changed on other platforms 00115 typedef unsigned char uint8; 00116 typedef unsigned short uint16; 00117 typedef unsigned int uint32; 00118 typedef int int32; 00119 00120 00121 00122 00133 struct activehosts 00134 { 00135 struct sockaddr_storage host; 00136 SOCKET sockctrl; 00137 struct activehosts *next; 00138 }; 00139 00140 00141 /********************************************************* 00142 * * 00143 * Protocol messages formats * 00144 * * 00145 *********************************************************/ 00146 // WARNING Take care you compiler does not insert padding for better alignments into these structs 00147 00148 00150 struct rpcap_header 00151 { 00152 uint8 ver; 00153 uint8 type; 00154 uint16 value; 00155 uint32 plen; 00156 }; 00157 00158 00160 struct rpcap_findalldevs_if 00161 { 00162 uint16 namelen; 00163 uint16 desclen; 00164 uint32 flags; 00165 uint16 naddr; 00166 uint16 dummy; 00167 }; 00168 00169 00171 struct rpcap_findalldevs_ifaddr 00172 { 00173 struct sockaddr_storage addr; 00174 struct sockaddr_storage netmask; 00175 struct sockaddr_storage broadaddr; 00176 struct sockaddr_storage dstaddr; 00177 }; 00178 00179 00180 00186 struct rpcap_openreply 00187 { 00188 int32 linktype; 00189 int32 tzoff; 00190 }; 00191 00192 00193 00195 struct rpcap_startcapreq 00196 { 00197 uint32 snaplen; 00198 uint32 read_timeout; 00199 uint16 flags; 00200 uint16 portdata; 00201 }; 00202 00203 00205 struct rpcap_startcapreply 00206 { 00207 int32 bufsize; 00208 uint16 portdata; 00209 uint16 dummy; 00210 }; 00211 00212 00219 struct rpcap_pkthdr 00220 { 00221 uint32 timestamp_sec; 00222 uint32 timestamp_usec; 00223 uint32 caplen; 00224 uint32 len; 00225 uint32 npkt; 00226 }; 00227 00228 00230 struct rpcap_filter 00231 { 00232 uint16 filtertype; 00233 uint16 dummy; 00234 uint32 nitems; 00235 }; 00236 00237 00239 struct rpcap_filterbpf_insn 00240 { 00241 uint16 code; 00242 uint8 jt; 00243 uint8 jf; 00244 int32 k; 00245 }; 00246 00247 00249 struct rpcap_auth 00250 { 00251 uint16 type; 00252 uint16 dummy; 00253 uint16 slen1; 00254 uint16 slen2; 00255 }; 00256 00257 00259 struct rpcap_stats 00260 { 00261 uint32 ifrecv; 00262 uint32 ifdrop; 00263 uint32 krnldrop; 00264 uint32 svrcapt; 00265 }; 00266 00267 00269 struct rpcap_sampling 00270 { 00271 uint8 method; 00272 uint8 dummy1; 00273 uint16 dummy2; 00274 uint32 value; 00275 }; 00276 00277 00278 00279 // Messages field coding 00280 #define RPCAP_MSG_ERROR 1 00281 #define RPCAP_MSG_FINDALLIF_REQ 2 00282 #define RPCAP_MSG_OPEN_REQ 3 00283 #define RPCAP_MSG_STARTCAP_REQ 4 00284 #define RPCAP_MSG_UPDATEFILTER_REQ 5 00285 #define RPCAP_MSG_CLOSE 6 00286 #define RPCAP_MSG_PACKET 7 00287 #define RPCAP_MSG_AUTH_REQ 8 00288 #define RPCAP_MSG_STATS_REQ 9 00289 #define RPCAP_MSG_ENDCAP_REQ 10 00290 #define RPCAP_MSG_SETSAMPLING_REQ 11 00292 #define RPCAP_MSG_FINDALLIF_REPLY (128+RPCAP_MSG_FINDALLIF_REQ) 00293 #define RPCAP_MSG_OPEN_REPLY (128+RPCAP_MSG_OPEN_REQ) 00294 #define RPCAP_MSG_STARTCAP_REPLY (128+RPCAP_MSG_STARTCAP_REQ) 00295 #define RPCAP_MSG_UPDATEFILTER_REPLY (128+RPCAP_MSG_UPDATEFILTER_REQ) 00296 #define RPCAP_MSG_AUTH_REPLY (128+RPCAP_MSG_AUTH_REQ) 00297 #define RPCAP_MSG_STATS_REPLY (128+RPCAP_MSG_STATS_REQ) 00298 #define RPCAP_MSG_ENDCAP_REPLY (128+RPCAP_MSG_ENDCAP_REQ) 00299 #define RPCAP_MSG_SETSAMPLING_REPLY (128+RPCAP_MSG_SETSAMPLING_REQ) 00301 #define RPCAP_STARTCAPREQ_FLAG_PROMISC 1 00302 #define RPCAP_STARTCAPREQ_FLAG_DGRAM 2 00303 #define RPCAP_STARTCAPREQ_FLAG_SERVEROPEN 4 00304 #define RPCAP_STARTCAPREQ_FLAG_INBOUND 8 00305 #define RPCAP_STARTCAPREQ_FLAG_OUTBOUND 16 00307 #define RPCAP_UPDATEFILTER_BPF 1 00310 // Network error codes 00311 #define PCAP_ERR_NETW 1 00312 #define PCAP_ERR_INITTIMEOUT 2 00313 #define PCAP_ERR_AUTH 3 00314 #define PCAP_ERR_FINDALLIF 4 00315 #define PCAP_ERR_NOREMOTEIF 5 00316 #define PCAP_ERR_OPEN 6 00317 #define PCAP_ERR_UPDATEFILTER 7 00318 #define PCAP_ERR_GETSTATS 8 00319 #define PCAP_ERR_READEX 9 00320 #define PCAP_ERR_HOSTNOAUTH 10 00321 #define PCAP_ERR_REMOTEACCEPT 11 00322 #define PCAP_ERR_STARTCAPTURE 12 00323 #define PCAP_ERR_ENDCAPTURE 13 00324 #define PCAP_ERR_RUNTIMETIMEOUT 14 00325 #define PCAP_ERR_SETSAMPLING 15 00326 #define PCAP_ERR_WRONGMSG 16 00327 #define PCAP_ERR_WRONGVER 17 // end of private documentation 00331 00332 00333 00334 00335 00336 00337 /********************************************************* 00338 * * 00339 * Exported funtion prototypes * 00340 * * 00341 *********************************************************/ 00342 int pcap_opensource_remote(pcap_t *p, struct pcap_rmtauth *auth); 00343 int pcap_startcapture_remote(pcap_t *fp); 00344 00345 int pcap_read_nocb_remote(pcap_t *p, struct pcap_pkthdr **pkt_header, u_char **pkt_data); 00346 int pcap_read_remote(pcap_t *p, int cnt, pcap_handler callback, u_char *user); 00347 int pcap_updatefilter_remote(pcap_t *fp, struct bpf_program *prog); 00348 int pcap_setfilter_remote(pcap_t *fp, struct bpf_program *prog); 00349 int pcap_stats_remote(pcap_t *p, struct pcap_stat *ps); 00350 int pcap_setsampling_remote(pcap_t *p); 00351 struct pcap_stat *pcap_stats_ex_remote(pcap_t *p); 00352 void pcap_cleanup_remote(pcap_t *p); 00353 00354 void rpcap_createhdr(struct rpcap_header *header, uint8 type, uint16 value, uint32 length); 00355 int rpcap_deseraddr(struct sockaddr_storage *sockaddrin, struct sockaddr_storage **sockaddrout, char *errbuf); 00356 int rpcap_checkmsg(char *errbuf, SOCKET sock, struct rpcap_header *header, uint8 first, ...); 00357 int rpcap_senderror(SOCKET sock, char *error, unsigned short errcode, char *errbuf); 00358 int rpcap_sendauth(SOCKET sock, struct pcap_rmtauth *auth, char *errbuf); 00359 00360 int rpcap_remoteact_getsock(const char *host, char *errbuf); 00361 00362 #endif 00363
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2008 CACE Technologies. All rights reserved.