tcpflow  1.6.1
About: tcpflow is a TCP/IP packet demultiplexer that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging.
  Fossies Dox: tcpflow-1.6.1.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

tcpip Class Reference

#include <tcpip.h>

Collaboration diagram for tcpip:
[legend]

Public Types

enum  dir_t { unknown =0 , dir_sc , dir_cs }
 

Public Member Functions

 tcpip (class tcpdemux &demux_, const flow &flow_, be13::tcp_seq isn_)
 
virtual ~tcpip ()
 
void close_file ()
 
int open_file ()
 
void print_packet (const u_char *data, uint32_t length)
 
void store_packet (const u_char *data, uint32_t length, int32_t delta, struct timeval ts)
 
void process_packet (const struct timeval &ts, const int32_t delta, const u_char *data, const uint32_t length)
 
uint32_t seen_bytes ()
 
void dump_seen ()
 
void dump_xml (class dfxml_writer *xmlreport, const std::string &xmladd)
 
void sort_index (std::fstream *idx_file)
 
void sort_index ()
 

Static Public Member Functions

static bool compare (std::string a, std::string b)
 

Public Attributes

class tcpdemuxdemux
 
flow myflow
 
dir_t dir
 
be13::tcp_seq isn
 
be13::tcp_seq nsn
 
uint32_t syn_count
 
uint32_t fin_count
 
uint32_t fin_size
 
uint64_t pos
 
std::string flow_pathname
 
int fd
 
bool file_created
 
std::string flow_index_pathname
 
std::fstream idx_file
 
recon_set * seen
 
uint64_t last_byte
 
uint64_t last_packet_number
 
uint64_t out_of_order_count
 
uint64_t violations
 
intrusive_list< tcpip >::iterator it
 

Private Member Functions

 tcpip (const tcpip &t)
 
tcpipoperator= (const tcpip &that)
 

Detailed Description

Definition at line 274 of file tcpip.h.

Member Enumeration Documentation

◆ dir_t

track the direction of the flow; this is largely unused

Enumerator
unknown 
dir_sc 
dir_cs 

Definition at line 277 of file tcpip.h.

Constructor & Destructor Documentation

◆ tcpip() [1/2]

tcpip::tcpip ( const tcpip t)
private

◆ tcpip() [2/2]

tcpip::tcpip ( class tcpdemux demux_,
const flow flow_,
be13::tcp_seq  isn_ 
)

Definition at line 35 of file tcpip.cpp.

◆ ~tcpip()

tcpip::~tcpip ( )
virtual

Destructor is called when flow is closed. It implements "after" processing. This should only be called from remove_flow() or remove_all_flows() when a flow is deleted.

Definition at line 103 of file tcpip.cpp.

References fd, and seen.

Member Function Documentation

◆ close_file()

void tcpip::close_file ( )

SAVE FILE MANAGEMENT

Unlike the tcp/ip object, which is created once, the file can be opened, closed, and re-opened depending on the availability of file handles.

Closing the file does not delete the tcp/ip object.

Definition at line 128 of file tcpip.cpp.

References DEBUG, demux, intrusive_list< T >::erase(), fd, flow_pathname, idx_file, myflow, tcpdemux::open_flows, tcpdemux::opt, tcpdemux::options::output_packet_index, and flow::tstart.

Referenced by tcpdemux::close_oldest_fd(), and tcpdemux::post_process().

◆ compare()

bool tcpip::compare ( std::string  a,
std::string  b 
)
static

Definition at line 613 of file tcpip.cpp.

Referenced by sort_index().

◆ dump_seen()

void tcpip::dump_seen ( )

Definition at line 53 of file tcpip.cpp.

References it, and seen.

◆ dump_xml()

◆ open_file()

◆ operator=()

tcpip& tcpip::operator= ( const tcpip that)
private

◆ print_packet()

◆ process_packet()

void tcpip::process_packet ( const struct timeval &  ts,
const int32_t  delta,
const u_char *  data,
const uint32_t  length 
)

◆ seen_bytes()

uint32_t tcpip::seen_bytes ( )

Definition at line 47 of file tcpip.cpp.

References seen.

Referenced by tcpdemux::process_tcp().

◆ sort_index() [1/2]

void tcpip::sort_index ( )

Definition at line 663 of file tcpip.cpp.

References idx_file.

◆ sort_index() [2/2]

void tcpip::sort_index ( std::fstream *  idx_file)

◆ store_packet()

void tcpip::store_packet ( const u_char *  data,
uint32_t  length,
int32_t  delta,
struct timeval  ts 
)

Member Data Documentation

◆ demux

class tcpdemux& tcpip::demux

Definition at line 295 of file tcpip.h.

Referenced by close_file(), open_file(), print_packet(), sort_index(), and store_packet().

◆ dir

dir_t tcpip::dir

Definition at line 299 of file tcpip.h.

Referenced by operator<<(), print_packet(), and tcpdemux::process_tcp().

◆ fd

int tcpip::fd

◆ file_created

bool tcpip::file_created

Definition at line 310 of file tcpip.h.

Referenced by open_file(), operator<<(), and tcpdemux::post_process().

◆ fin_count

uint32_t tcpip::fin_count

Definition at line 303 of file tcpip.h.

Referenced by operator<<(), and tcpdemux::process_tcp().

◆ fin_size

uint32_t tcpip::fin_size

Definition at line 304 of file tcpip.h.

Referenced by operator<<(), and tcpdemux::process_tcp().

◆ flow_index_pathname

std::string tcpip::flow_index_pathname

Definition at line 313 of file tcpip.h.

Referenced by open_file(), and store_packet().

◆ flow_pathname

std::string tcpip::flow_pathname

◆ idx_file

std::fstream tcpip::idx_file

Definition at line 314 of file tcpip.h.

Referenced by close_file(), open_file(), sort_index(), and store_packet().

◆ isn

be13::tcp_seq tcpip::isn

Definition at line 300 of file tcpip.h.

Referenced by operator<<(), tcpdemux::process_tcp(), and store_packet().

◆ it

intrusive_list<tcpip>::iterator tcpip::it

Definition at line 324 of file tcpip.h.

Referenced by dump_seen().

◆ last_byte

uint64_t tcpip::last_byte

Definition at line 318 of file tcpip.h.

Referenced by dump_xml(), operator<<(), tcpdemux::post_process(), print_packet(), and store_packet().

◆ last_packet_number

uint64_t tcpip::last_packet_number

Definition at line 319 of file tcpip.h.

Referenced by operator<<(), and tcpdemux::process_tcp().

◆ myflow

◆ nsn

be13::tcp_seq tcpip::nsn

Definition at line 301 of file tcpip.h.

Referenced by tcpdemux::create_tcpip(), operator<<(), tcpdemux::process_tcp(), and store_packet().

◆ out_of_order_count

uint64_t tcpip::out_of_order_count

Definition at line 320 of file tcpip.h.

Referenced by dump_xml(), operator<<(), and store_packet().

◆ pos

uint64_t tcpip::pos

Definition at line 305 of file tcpip.h.

Referenced by open_file(), operator<<(), tcpdemux::process_tcp(), and store_packet().

◆ seen

recon_set* tcpip::seen

Definition at line 317 of file tcpip.h.

Referenced by dump_seen(), seen_bytes(), store_packet(), and ~tcpip().

◆ syn_count

uint32_t tcpip::syn_count

Definition at line 302 of file tcpip.h.

Referenced by operator<<(), tcpdemux::process_tcp(), and store_packet().

◆ violations

uint64_t tcpip::violations

Definition at line 321 of file tcpip.h.

Referenced by dump_xml(), tcpdemux::process_tcp(), and store_packet().


The documentation for this class was generated from the following files: