2021-11-30 08:01:36 -05:00
|
|
|
/** @file
|
|
|
|
|
*
|
2013-08-27 18:13:20 +00:00
|
|
|
* TCP stream statistics
|
|
|
|
|
* Originally from tcp_graph.c by Pavel Mores <pvl@uh.cz>
|
|
|
|
|
* Win32 port: rwh@unifiedtech.com
|
|
|
|
|
*
|
|
|
|
|
* Wireshark - Network traffic analyzer
|
|
|
|
|
* By Gerald Combs <gerald@wireshark.org>
|
|
|
|
|
* Copyright 1998 Gerald Combs
|
|
|
|
|
*
|
2018-04-30 09:47:58 +02:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-or-later
|
|
|
|
|
*/
|
2013-08-27 18:13:20 +00:00
|
|
|
|
|
|
|
|
#ifndef __TAP_TCP_STREAM_H__
|
|
|
|
|
#define __TAP_TCP_STREAM_H__
|
|
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
|
extern "C" {
|
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
|
|
|
|
|
typedef enum tcp_graph_type_ {
|
|
|
|
|
GRAPH_TSEQ_STEVENS,
|
|
|
|
|
GRAPH_TSEQ_TCPTRACE,
|
|
|
|
|
GRAPH_THROUGHPUT,
|
|
|
|
|
GRAPH_RTT,
|
2016-07-05 23:08:30 +02:00
|
|
|
GRAPH_WSCALE,
|
|
|
|
|
GRAPH_UNDEFINED
|
2013-08-27 18:13:20 +00:00
|
|
|
} tcp_graph_type;
|
|
|
|
|
|
2025-01-07 06:37:50 +00:00
|
|
|
#define RTT_ALL 0x0001
|
|
|
|
|
#define RTT_SAK 0x0002
|
|
|
|
|
#define RTT_RTT 0x0004
|
|
|
|
|
#define RTT_KRN 0x0008
|
|
|
|
|
|
|
|
|
|
typedef enum rtt_sampling_method_ {
|
|
|
|
|
SAMPLING_ALL,
|
|
|
|
|
SAMPLING_ALL_SACK,
|
|
|
|
|
SAMPLING_RTT,
|
|
|
|
|
SAMPLING_KARN,
|
|
|
|
|
SAMPLING_UNDEFINED
|
|
|
|
|
} rtt_sampling_method;
|
|
|
|
|
|
2013-08-27 18:13:20 +00:00
|
|
|
struct segment {
|
|
|
|
|
struct segment *next;
|
2024-03-29 18:08:09 -07:00
|
|
|
uint32_t num;
|
|
|
|
|
uint32_t rel_secs;
|
|
|
|
|
uint32_t rel_usecs;
|
2013-09-09 01:40:06 +00:00
|
|
|
/* Currently unused.
|
2021-04-28 13:16:29 -07:00
|
|
|
time_t abs_secs;
|
2024-03-29 18:08:09 -07:00
|
|
|
uint32_t abs_usecs;
|
2013-09-09 01:40:06 +00:00
|
|
|
*/
|
2013-08-27 18:13:20 +00:00
|
|
|
|
2024-03-29 18:08:09 -07:00
|
|
|
uint32_t th_seq;
|
|
|
|
|
uint32_t th_ack;
|
2024-05-20 10:13:10 -04:00
|
|
|
uint32_t th_rawseq;
|
|
|
|
|
uint32_t th_rawack;
|
2024-03-29 18:08:09 -07:00
|
|
|
uint16_t th_flags;
|
|
|
|
|
uint32_t th_win; /* make it 32 bits so we can handle some scaling */
|
|
|
|
|
uint32_t th_seglen;
|
|
|
|
|
uint16_t th_sport;
|
|
|
|
|
uint16_t th_dport;
|
2013-08-27 18:13:20 +00:00
|
|
|
address ip_src;
|
|
|
|
|
address ip_dst;
|
|
|
|
|
|
2025-01-07 06:37:50 +00:00
|
|
|
bool ack_karn; /* true when ambiguous according to Karn's algo */
|
|
|
|
|
|
2024-03-29 18:08:09 -07:00
|
|
|
uint8_t num_sack_ranges;
|
|
|
|
|
uint32_t sack_left_edge[MAX_TCP_SACK_RANGES];
|
|
|
|
|
uint32_t sack_right_edge[MAX_TCP_SACK_RANGES];
|
2013-08-27 18:13:20 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct tcp_graph {
|
|
|
|
|
tcp_graph_type type;
|
|
|
|
|
|
2025-01-07 06:37:50 +00:00
|
|
|
/* RTT sampling method (for RTT graphs only) */
|
|
|
|
|
uint8_t rtt_sampling;
|
|
|
|
|
|
2013-08-27 18:13:20 +00:00
|
|
|
/* The stream this graph will show */
|
|
|
|
|
address src_address;
|
2024-03-29 18:08:09 -07:00
|
|
|
uint16_t src_port;
|
2013-08-27 18:13:20 +00:00
|
|
|
address dst_address;
|
2024-03-29 18:08:09 -07:00
|
|
|
uint16_t dst_port;
|
|
|
|
|
uint32_t stream;
|
2013-08-30 21:15:24 +00:00
|
|
|
/* Should this be a map or tree instead? */
|
2013-08-27 18:13:20 +00:00
|
|
|
struct segment *segments;
|
2025-03-07 07:23:39 -05:00
|
|
|
struct segment *last;
|
2013-08-27 18:13:20 +00:00
|
|
|
};
|
|
|
|
|
|
2013-09-12 21:37:47 +00:00
|
|
|
/** Fill in the segment list for a TCP graph
|
|
|
|
|
*
|
|
|
|
|
* @param cf Capture file to scan
|
|
|
|
|
* @param tg TCP graph. A valid stream must be set. If either the source or
|
|
|
|
|
* destination address types are AT_NONE the address and port
|
|
|
|
|
* information will be filled in using the first packet in the
|
|
|
|
|
* specified stream.
|
|
|
|
|
*/
|
2020-04-13 23:00:48 +02:00
|
|
|
void graph_segment_list_get(capture_file *cf, struct tcp_graph *tg);
|
2013-08-27 18:13:20 +00:00
|
|
|
void graph_segment_list_free(struct tcp_graph * );
|
|
|
|
|
|
|
|
|
|
/* for compare_headers() */
|
|
|
|
|
/* segment went the same direction as the currently selected one */
|
|
|
|
|
#define COMPARE_CURR_DIR 0
|
|
|
|
|
#define COMPARE_ANY_DIR 1
|
|
|
|
|
|
2024-03-29 18:08:09 -07:00
|
|
|
int compare_headers(address *saddr1, address *daddr1, uint16_t sport1, uint16_t dport1, const address *saddr2, const address *daddr2, uint16_t sport2, uint16_t dport2, int dir);
|
2013-08-27 18:13:20 +00:00
|
|
|
|
2013-09-04 23:15:59 +00:00
|
|
|
int get_num_dsegs(struct tcp_graph * );
|
|
|
|
|
int get_num_acks(struct tcp_graph *, int * );
|
|
|
|
|
|
2024-03-29 18:08:09 -07:00
|
|
|
uint32_t select_tcpip_session(capture_file *);
|
2013-08-27 18:13:20 +00:00
|
|
|
|
2013-09-08 01:25:27 +00:00
|
|
|
/* This is used by rtt module only */
|
2017-01-17 20:30:26 -08:00
|
|
|
struct rtt_unack {
|
|
|
|
|
struct rtt_unack *next;
|
2013-09-08 01:25:27 +00:00
|
|
|
double time;
|
|
|
|
|
unsigned int seqno;
|
2017-01-17 20:30:26 -08:00
|
|
|
unsigned int end_seqno;
|
2013-09-08 01:25:27 +00:00
|
|
|
};
|
|
|
|
|
|
2025-01-07 06:37:50 +00:00
|
|
|
/**
|
|
|
|
|
* Check if a sequence number is currently in the Unacked list,
|
|
|
|
|
* typically for avoiding adding redundant sequences.
|
|
|
|
|
* In practice, the retrans meaning in this particular code is different
|
|
|
|
|
* from TCP's one and would rather cover Keep-Alives and Spurious Retrans.
|
|
|
|
|
*
|
|
|
|
|
* @param list The list containing the Unacked sequences
|
|
|
|
|
* @param seqno The sequence number to be searched for in the Unacked list
|
|
|
|
|
* @return true if the list contains the sequence number, false otherwise
|
|
|
|
|
*/
|
|
|
|
|
bool rtt_is_retrans(struct rtt_unack *list, unsigned int seqno);
|
|
|
|
|
|
2017-01-17 20:30:26 -08:00
|
|
|
struct rtt_unack *rtt_get_new_unack(double , unsigned int , unsigned int );
|
|
|
|
|
void rtt_put_unack_on_list(struct rtt_unack ** , struct rtt_unack * );
|
|
|
|
|
void rtt_delete_unack_from_list(struct rtt_unack ** , struct rtt_unack * );
|
|
|
|
|
void rtt_destroy_unack_list(struct rtt_unack ** );
|
|
|
|
|
|
2025-01-07 06:37:50 +00:00
|
|
|
static inline int
|
|
|
|
|
tcp_seq_eq(uint32_t s1, uint32_t s2) {
|
|
|
|
|
return (int32_t)(s1 - s2) == 0;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-17 20:30:26 -08:00
|
|
|
static inline int
|
2024-03-29 18:08:09 -07:00
|
|
|
tcp_seq_before(uint32_t s1, uint32_t s2) {
|
|
|
|
|
return (int32_t)(s1 - s2) < 0;
|
2017-01-17 20:30:26 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline int
|
2024-03-29 18:08:09 -07:00
|
|
|
tcp_seq_eq_or_after(uint32_t s1, uint32_t s2) {
|
2017-01-17 20:30:26 -08:00
|
|
|
return !tcp_seq_before(s1, s2);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline int
|
2024-03-29 18:08:09 -07:00
|
|
|
tcp_seq_after(uint32_t s1, uint32_t s2) {
|
|
|
|
|
return (int32_t)(s1 - s2) > 0;
|
2017-01-20 20:57:09 -08:00
|
|
|
}
|
|
|
|
|
|
2025-01-07 06:37:50 +00:00
|
|
|
static inline int
|
|
|
|
|
tcp_seq_before_or_eq(uint32_t s1, uint32_t s2) {
|
2017-01-20 20:57:09 -08:00
|
|
|
return !tcp_seq_after(s1, s2);
|
2017-01-17 20:30:26 -08:00
|
|
|
}
|
2013-09-08 01:25:27 +00:00
|
|
|
|
2013-08-27 18:13:20 +00:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
}
|
|
|
|
|
#endif /* __cplusplus */
|
|
|
|
|
|
|
|
|
|
#endif /* __TAP_TCP_STREAM_H__ */
|
