tcpflow  1.6.1
About: tcpflow is a TCP/IP packet demultiplexer that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging.
  Fossies Dox: tcpflow-1.6.1.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

tcpflow.h File Reference
#include "config.h"
#include <cstdio>
#include <cstdlib>
#include <cctype>
#include <cstdarg>
#include <cerrno>
#include <iostream>
#include <iomanip>
#include <fcntl.h>
#include <assert.h>
#include <inttypes.h>
#include <sys/stat.h>
#include <time.h>
#include "be13_api/bulk_extractor_i.h"
#include "inet_ntop.h"
Include dependency graph for tcpflow.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.


struct  dlt_handler_t


#define MKDIR(a, b)   mkdir(a,b)
#define __FAVOR_BSD
#define __USE_BSD
#define O_BINARY   0
#define SEEK_SET   0
#define MAX_IPv4_STR_LEN   (3*4+3)
#define MAX_IPv6_STR_LEN   256
#define IN6_IS_ADDR_V4MAPPED(x)   0
#define IN6_IS_ADDR_V4COMPAT(x)   0
#define s6_addr   __u6_addr.__u6_addr8
#define s6_addr16   __u6_addr.__u6_addr16
#define s6_addr32   __u6_addr.__u6_addr32
#define MAX_FD_GUESS   64
#define SNAPLEN   65536 /* largest possible MTU we'll see */
#define NUM_RESERVED_FDS   6 /* number of FDs to set aside; allows files to be opened as necessary */
#define DEBUG(message_level)   if (debug >= message_level) debug_real
#define DEBUG_PEDANTIC   0x0001


typedef size_t socklen_t


void terminate (int sig)
pcap_handler find_handler (int datalink_type, const char *device)
void dl_ieee802_11_radio (u_char *user, const struct pcap_pkthdr *h, const u_char *p)
void dl_prism (u_char *user, const struct pcap_pkthdr *h, const u_char *p)
const timeval & tvshift (struct timeval &tv, const struct timeval &tv_)
std::string ssprintf (const char *fmt,...)
std::string comma_number_string (int64_t input)
void mkdirs_for_path (std::string path)
std::string macaddr (const uint8_t *addr)
void init_debug (const char *progname, int include_pid)
void debug_real (const char *fmt,...)
void die (const char *fmt,...)
std::ostream & operator<< (std::ostream &os, const struct timeval *t)


const char * progname
int debug
int32_t datalink_tdelta
void(*)(int) portable_signal (int signo, void(*func)(int))
scanner_t scan_md5
scanner_t scan_http
scanner_t scan_python
scanner_t scan_tcpdemux
scanner_t scan_netviz
scanner_t scan_wifiviz

Macro Definition Documentation


#define __FAVOR_BSD

Definition at line 63 of file tcpflow.h.



end of windows compatibility section

Definition at line 58 of file tcpflow.h.


#define __USE_BSD

Definition at line 67 of file tcpflow.h.


#define DEBUG (   message_level)    if (debug >= message_level) debug_real

Definition at line 273 of file tcpflow.h.


#define DEBUG_PEDANTIC   0x0001

Definition at line 309 of file tcpflow.h.



Definition at line 243 of file tcpflow.h.



Definition at line 326 of file tcpflow.h.


#define IN6_IS_ADDR_V4COMPAT (   x)    0

Definition at line 224 of file tcpflow.h.


#define IN6_IS_ADDR_V4MAPPED (   x)    0

Definition at line 220 of file tcpflow.h.


#define MAX_FD_GUESS   64

Definition at line 244 of file tcpflow.h.


#define MAX_IPv4_STR_LEN   (3*4+3)

Definition at line 208 of file tcpflow.h.


#define MAX_IPv6_STR_LEN   256

Definition at line 212 of file tcpflow.h.


#define MKDIR (   a,
)    mkdir(a,b)

Windows/mingw compatability seciton.

If we are compiling for Windows, including the Windows-specific include files first and disable pthread support.

Definition at line 49 of file tcpflow.h.


#define NUM_RESERVED_FDS   6 /* number of FDs to set aside; allows files to be opened as necessary */

Definition at line 251 of file tcpflow.h.


#define O_BINARY   0

Definition at line 82 of file tcpflow.h.



Definition at line 28 of file tcpflow.h.



Definition at line 24 of file tcpflow.h.

◆ s6_addr

#define s6_addr   __u6_addr.__u6_addr8

Definition at line 228 of file tcpflow.h.

◆ s6_addr16

#define s6_addr16   __u6_addr.__u6_addr16

Definition at line 231 of file tcpflow.h.

◆ s6_addr32

#define s6_addr32   __u6_addr.__u6_addr32

Definition at line 234 of file tcpflow.h.


#define SEEK_SET   0

Definition at line 202 of file tcpflow.h.


#define SNAPLEN   65536 /* largest possible MTU we'll see */

Definition at line 245 of file tcpflow.h.

Typedef Documentation

◆ socklen_t

typedef size_t socklen_t

Definition at line 216 of file tcpflow.h.

Function Documentation

◆ comma_number_string()

std::string comma_number_string ( int64_t  input)

Definition at line 33 of file util.cpp.

References tokens.

◆ debug_real()

void debug_real ( const char *  fmt,

Definition at line 164 of file util.cpp.

References print_debug_message().

◆ die()

void die ( const char *  fmt,

◆ dl_ieee802_11_radio()

void dl_ieee802_11_radio ( u_char *  user,
const struct pcap_pkthdr h,
const u_char *  p 

◆ dl_prism()

void dl_prism ( u_char *  user,
const struct pcap_pkthdr h,
const u_char *  p 

Definition at line 43 of file datalink_wifi.cpp.

References Wifipcap::handle_packet(), TFCB::theTFCB, and theWcap.

◆ find_handler()

pcap_handler find_handler ( int  datalink_type,
const char *  device 

Definition at line 293 of file datalink.cpp.

References DEBUG, die(), dlt_handler_t::handler, and handlers.

Referenced by process_infile().

◆ init_debug()

void init_debug ( const char *  progname,
int  include_pid 

Definition at line 74 of file util.cpp.

References debug_prefix, and die().

Referenced by main().

◆ macaddr()

std::string macaddr ( const uint8_t addr)

Definition at line 61 of file util.cpp.

Referenced by tcpip::dump_xml().

◆ mkdirs_for_path()

void mkdirs_for_path ( std::string  path)

Definition at line 112 of file util.cpp.

References MKDIR, and split().

Referenced by flow::new_filename(), and flow::new_pcap_filename().

◆ operator<<()

std::ostream& operator<< ( std::ostream &  os,
const struct timeval *  t 

Definition at line 327 of file tcpflow.h.

◆ ssprintf()

std::string ssprintf ( const char *  fmt,

Definition at line 20 of file util.cpp.

Referenced by main(), and process_infile().

◆ terminate()

void terminate ( int  sig)

Definition at line 244 of file tcpflow.cpp.

References DEBUG, pd, be13::plugin::phase_shutdown(), and the_fs.

Referenced by process_infile().

◆ tvshift()

const timeval& tvshift ( struct timeval &  tv,
const struct timeval &  tv_ 

shift the time value, in line with what the user requested... previously this returned a structure on the stack, but that created an optimization problem with gcc 4.7.2

Definition at line 293 of file tcpflow.h.

References datalink_tdelta.

Referenced by dl_ethernet(), dl_null(), dl_ppp(), dl_raw(), and TFCB::HandleLLC().

Variable Documentation

◆ datalink_tdelta

int32_t datalink_tdelta

Definition at line 42 of file datalink.cpp.

Referenced by main(), and tvshift().

◆ debug

int debug

Definition at line 303 of file tcpflow.h.

Referenced by main().

◆ portable_signal

void(*)(int) portable_signal(int signo, void(*func)(int)) ( int  signo,
void(*)(int)  func 

Definition at line 311 of file tcpflow.h.

Referenced by process_infile().

◆ progname

const char* progname

Definition at line 70 of file tcpflow.cpp.

Referenced by main(), tcpip::print_packet(), and usage().

◆ scan_http

scanner_t scan_http

Definition at line 318 of file tcpflow.h.

◆ scan_md5

scanner_t scan_md5

Definition at line 317 of file tcpflow.h.

◆ scan_netviz

scanner_t scan_netviz

Definition at line 321 of file tcpflow.h.

◆ scan_python

scanner_t scan_python

Definition at line 319 of file tcpflow.h.

◆ scan_tcpdemux

scanner_t scan_tcpdemux

Definition at line 320 of file tcpflow.h.

◆ scan_wifiviz

scanner_t scan_wifiviz

Definition at line 322 of file tcpflow.h.