1berry/wireshark
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wiretap: add more wtap_setup_XXX_rec() routines.

Browse Source 
For now, they just set the rec_type, butthey may do more in the future.

Also, fix tfshark and a Lua test file reader plugin to use
wtap_setup_packet_rec() or its Lua variant.
This commit is contained in:
Guy Harris 2025-05-20 15:57:28 -07:00
parent 5e7c432b9a
commit 67944f32e3
8 changed files with 40 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
test/lua/pcap_file.lua
View File

@ -508,7 +508,7 @@ read_common = function(funcname, file, capture, frame)
local file_settings = capture.private_table local file_settings = capture.private_table
-- first parse the record header, which will set the FrameInfo fields -- first parse the record header, which will set the FrameInfo fields
if not parse_rec_header(funcname, file, file_settings, frame) then if not parse_rec_header(funcname, file, capture, file_settings, frame) then
dprint2(funcname, ": read_common: hit end of file or error") dprint2(funcname, ": read_common: hit end of file or error")
return false return false
end end
@ -532,7 +532,7 @@ end
---------------------------------------- ----------------------------------------
-- the function to parse individual records -- the function to parse individual records
parse_rec_header = function(funcname, file, file_settings, frame) parse_rec_header = function(funcname, file, capture, file_settings, frame)
dprint2(funcname,": parse_rec_header() called") dprint2(funcname,": parse_rec_header() called")
local line = file:read(file_settings.rec_hdr_len) local line = file:read(file_settings.rec_hdr_len)
@ -576,7 +576,7 @@ parse_rec_header = function(funcname, file, file_settings, frame)
caplen = WTAP_MAX_PACKET_SIZE caplen = WTAP_MAX_PACKET_SIZE
end end
frame.rec_type = wtap_rec_types.PACKET frame:setup_packet_rec(capture.encap)
frame.captured_length = caplen frame.captured_length = caplen
frame.original_length = origlen frame.original_length = origlen

2
tfshark.c
View File

@ -1198,7 +1198,7 @@ full_file_read(capture_file *cf, wtap_rec *rec, int *err, char **err_info)
buffer_size += block_size; buffer_size += block_size;
} }
rec->rec_type = REC_TYPE_PACKET; wtap_setup_packet_rec(rec, cf->provider.wth->file_encap);
rec->presence_flags = 0; /* yes, we have no bananas^Wtime stamp */ rec->presence_flags = 0; /* yes, we have no bananas^Wtime stamp */
rec->ts.secs = 0; rec->ts.secs = 0;
rec->ts.nsecs = 0; rec->ts.nsecs = 0;

2
ui/text_import.c
View File

@ -742,7 +742,7 @@ write_current_packet(bool cont)
wtap_rec_init(&rec, data_length); wtap_rec_init(&rec, data_length);
if (info_p->encapsulation == WTAP_ENCAP_SYSTEMD_JOURNAL) { if (info_p->encapsulation == WTAP_ENCAP_SYSTEMD_JOURNAL) {
rec.rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT; wtap_setup_systemd_journal_export_rec(&rec);
rec.block = wtap_block_create(WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT); rec.block = wtap_block_create(WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT);
rec.rec_header.systemd_journal_export_header.record_len = data_length; rec.rec_header.systemd_journal_export_header.record_len = data_length;
rec.presence_flags = WTAP_HAS_CAP_LEN|WTAP_HAS_TS; rec.presence_flags = WTAP_HAS_CAP_LEN|WTAP_HAS_TS;

2
wiretap/pcapng-sysdig.c
View File

@ -68,7 +68,7 @@ pcapng_read_sysdig_event_block(wtap* wth, FILE_T fh, pcapng_block_header_t* bh,
return false; return false;
} }
wblock->rec->rec_type = REC_TYPE_SYSCALL; wtap_setup_syscall_rec(wblock->rec);
wblock->rec->rec_header.syscall_header.record_type = bh->block_type; wblock->rec->rec_header.syscall_header.record_type = bh->block_type;
wblock->rec->presence_flags = WTAP_HAS_CAP_LEN /*|WTAP_HAS_INTERFACE_ID */; wblock->rec->presence_flags = WTAP_HAS_CAP_LEN /*|WTAP_HAS_INTERFACE_ID */;
wblock->rec->tsprec = WTAP_TSPREC_NSEC; wblock->rec->tsprec = WTAP_TSPREC_NSEC;

2
wiretap/pcapng.c
View File

@ -3054,7 +3054,7 @@ pcapng_read_systemd_journal_export_block(wtap *wth, FILE_T fh, pcapng_block_head
} }
} }
wblock->rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT; wtap_setup_systemd_journal_export_rec(wblock->rec);
wblock->rec->rec_header.systemd_journal_export_header.record_len = entry_length; wblock->rec->rec_header.systemd_journal_export_header.record_len = entry_length;
wblock->rec->presence_flags = WTAP_HAS_CAP_LEN; wblock->rec->presence_flags = WTAP_HAS_CAP_LEN;
if (have_ts) { if (have_ts) {

2
wiretap/systemd_journal.c
View File

@ -227,7 +227,7 @@ static bool systemd_journal_read_export_entry(FILE_T fh, wtap_rec *rec,
return false; return false;
} }
rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT; wtap_setup_systemd_journal_export_rec(rec);
rec->block = wtap_block_create(WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT); rec->block = wtap_block_create(WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT);
rec->presence_flags = WTAP_HAS_TS|WTAP_HAS_CAP_LEN; rec->presence_flags = WTAP_HAS_TS|WTAP_HAS_CAP_LEN;
rec->rec_header.systemd_journal_export_header.record_len = (uint32_t) fld_end; rec->rec_header.systemd_journal_export_header.record_len = (uint32_t) fld_end;

19
wiretap/wtap.c
View File

@ -1743,6 +1743,25 @@ wtap_setup_packet_rec(wtap_rec *rec, int encap)
rec->rec_header.packet_header.pkt_encap = encap; rec->rec_header.packet_header.pkt_encap = encap;
} }
/**
* Set up a wtap_rec for a system call (REC_TYPE_SYSCALL).
*/
void
wtap_setup_syscall_rec(wtap_rec *rec)
{
rec->rec_type = REC_TYPE_SYSCALL;
}
/**
* Set up a wtap_rec for a systemd journal export entry
* (REC_TYPE_SYSTEMD_JOURNAL_EXPORT).
*/
void
wtap_setup_systemd_journal_export_rec(wtap_rec *rec)
{
rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT;
}
bool bool
wtap_read(wtap *wth, wtap_rec *rec, int *err, char **err_info, int64_t *offset) wtap_read(wtap *wth, wtap_rec *rec, int *err, char **err_info, int64_t *offset)
{ {

13
wiretap/wtap.h
View File

@ -1975,6 +1975,19 @@ void wtap_rec_cleanup(wtap_rec *rec);
WS_DLL_PUBLIC WS_DLL_PUBLIC
void wtap_setup_packet_rec(wtap_rec *rec, int encap); void wtap_setup_packet_rec(wtap_rec *rec, int encap);
/**
* Set up a wtap_rec for a system call (REC_TYPE_SYSCALL).
*/
WS_DLL_PUBLIC
void wtap_setup_syscall_rec(wtap_rec *rec);
/**
* Set up a wtap_rec for a systemd journal export entry
* (REC_TYPE_SYSTEMD_JOURNAL_EXPORT).
*/
WS_DLL_PUBLIC
void wtap_setup_systemd_journal_export_rec(wtap_rec *rec);
/* /*
* Types of compression for a file, including "none". * Types of compression for a file, including "none".
*/ */