tcpflow  1.6.1
About: tcpflow is a TCP/IP packet demultiplexer that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging.
  Fossies Dox: tcpflow-1.6.1.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

tcpflow.h File Reference
#include "config.h"
#include <cstdio>
#include <cstdlib>
#include <cctype>
#include <cstdarg>
#include <cerrno>
#include <iostream>
#include <iomanip>
#include <fcntl.h>
#include <assert.h>
#include <inttypes.h>
#include <sys/stat.h>
#include <time.h>
#include "be13_api/bulk_extractor_i.h"
#include "inet_ntop.h"
Include dependency graph for tcpflow.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  dlt_handler_t
 

Macros

#define PACKAGE_VERSION   VERSION
 
#define PACKAGE_NAME   PACAKGE
 
#define MKDIR(a, b)   mkdir(a,b)
 
#define __STDC_FORMAT_MACROS
 
#define __FAVOR_BSD
 
#define __USE_BSD
 
#define O_BINARY   0
 
#define SEEK_SET   0
 
More...
 
#define MAX_IPv4_STR_LEN   (3*4+3)
 
#define MAX_IPv6_STR_LEN   256
 
#define IN6_IS_ADDR_V4MAPPED(x)   0
 
#define IN6_IS_ADDR_V4COMPAT(x)   0
 
#define s6_addr   __u6_addr.__u6_addr8
 
#define s6_addr16   __u6_addr.__u6_addr16
 
#define s6_addr32   __u6_addr.__u6_addr32
 
#define DEFAULT_DEBUG_LEVEL   1
 
#define MAX_FD_GUESS   64
 
#define SNAPLEN   65536 /* largest possible MTU we'll see */
 
#define NUM_RESERVED_FDS   6 /* number of FDs to set aside; allows files to be opened as necessary */
 
#define DEBUG(message_level)   if (debug >= message_level) debug_real
 
#define DEBUG_PEDANTIC   0x0001
 
#define HAVE_TIMEVAL_OUT
 

Typedefs

typedef size_t socklen_t
 

Functions

void terminate (int sig)
 
pcap_handler find_handler (int datalink_type, const char *device)
 
void dl_ieee802_11_radio (u_char *user, const struct pcap_pkthdr *h, const u_char *p)
 
void dl_prism (u_char *user, const struct pcap_pkthdr *h, const u_char *p)
 
const timeval & tvshift (struct timeval &tv, const struct timeval &tv_)
 
std::string ssprintf (const char *fmt,...)
 
std::string comma_number_string (int64_t input)
 
void mkdirs_for_path (std::string path)
 
std::string macaddr (const uint8_t *addr)
 
void init_debug (const char *progname, int include_pid)
 
void debug_real (const char *fmt,...)
 
void die (const char *fmt,...)
 
std::ostream & operator<< (std::ostream &os, const struct timeval *t)
 

Variables

const char * progname
 
int debug
 
int32_t datalink_tdelta
 
void(*)(int) portable_signal (int signo, void(*func)(int))
 
scanner_t scan_md5
 
scanner_t scan_http
 
scanner_t scan_python
 
scanner_t scan_tcpdemux
 
scanner_t scan_netviz
 
scanner_t scan_wifiviz
 

Macro Definition Documentation

◆ __FAVOR_BSD

#define __FAVOR_BSD

Definition at line 63 of file tcpflow.h.

◆ __STDC_FORMAT_MACROS

#define __STDC_FORMAT_MACROS

end of windows compatibility section

Definition at line 58 of file tcpflow.h.

◆ __USE_BSD

#define __USE_BSD

Definition at line 67 of file tcpflow.h.

◆ DEBUG

#define DEBUG (   message_level)    if (debug >= message_level) debug_real

Definition at line 273 of file tcpflow.h.

◆ DEBUG_PEDANTIC

#define DEBUG_PEDANTIC   0x0001

Definition at line 309 of file tcpflow.h.

◆ DEFAULT_DEBUG_LEVEL

#define DEFAULT_DEBUG_LEVEL   1

Definition at line 243 of file tcpflow.h.

◆ HAVE_TIMEVAL_OUT

#define HAVE_TIMEVAL_OUT

Definition at line 326 of file tcpflow.h.

◆ IN6_IS_ADDR_V4COMPAT

#define IN6_IS_ADDR_V4COMPAT (   x)    0

Definition at line 224 of file tcpflow.h.

◆ IN6_IS_ADDR_V4MAPPED

#define IN6_IS_ADDR_V4MAPPED (   x)    0

Definition at line 220 of file tcpflow.h.

◆ MAX_FD_GUESS

#define MAX_FD_GUESS   64

Definition at line 244 of file tcpflow.h.

◆ MAX_IPv4_STR_LEN

#define MAX_IPv4_STR_LEN   (3*4+3)

Definition at line 208 of file tcpflow.h.

◆ MAX_IPv6_STR_LEN

#define MAX_IPv6_STR_LEN   256

Definition at line 212 of file tcpflow.h.

◆ MKDIR

#define MKDIR (   a,
 
)    mkdir(a,b)

Windows/mingw compatability seciton.

If we are compiling for Windows, including the Windows-specific include files first and disable pthread support.

Definition at line 49 of file tcpflow.h.

◆ NUM_RESERVED_FDS

#define NUM_RESERVED_FDS   6 /* number of FDs to set aside; allows files to be opened as necessary */

Definition at line 251 of file tcpflow.h.

◆ O_BINARY

#define O_BINARY   0

Definition at line 82 of file tcpflow.h.

◆ PACKAGE_NAME

#define PACKAGE_NAME   PACAKGE

Definition at line 28 of file tcpflow.h.

◆ PACKAGE_VERSION

#define PACKAGE_VERSION   VERSION

Definition at line 24 of file tcpflow.h.

◆ s6_addr

#define s6_addr   __u6_addr.__u6_addr8

Definition at line 228 of file tcpflow.h.

◆ s6_addr16

#define s6_addr16   __u6_addr.__u6_addr16

Definition at line 231 of file tcpflow.h.

◆ s6_addr32

#define s6_addr32   __u6_addr.__u6_addr32

Definition at line 234 of file tcpflow.h.

◆ SEEK_SET

#define SEEK_SET   0

Definition at line 202 of file tcpflow.h.

◆ SNAPLEN

#define SNAPLEN   65536 /* largest possible MTU we'll see */

Definition at line 245 of file tcpflow.h.

Typedef Documentation

◆ socklen_t

typedef size_t socklen_t

Definition at line 216 of file tcpflow.h.

Function Documentation

◆ comma_number_string()

std::string comma_number_string ( int64_t  input)

Definition at line 33 of file util.cpp.

References tokens.

◆ debug_real()

void debug_real ( const char *  fmt,
  ... 
)

Definition at line 164 of file util.cpp.

References print_debug_message().

◆ die()

void die ( const char *  fmt,
  ... 
)

◆ dl_ieee802_11_radio()

void dl_ieee802_11_radio ( u_char *  user,
const struct pcap_pkthdr h,
const u_char *  p 
)

◆ dl_prism()

void dl_prism ( u_char *  user,
const struct pcap_pkthdr h,
const u_char *  p 
)

Definition at line 43 of file datalink_wifi.cpp.

References Wifipcap::handle_packet(), TFCB::theTFCB, and theWcap.

◆ find_handler()

pcap_handler find_handler ( int  datalink_type,
const char *  device 
)

Definition at line 293 of file datalink.cpp.

References DEBUG, die(), dlt_handler_t::handler, and handlers.

Referenced by process_infile().

◆ init_debug()

void init_debug ( const char *  progname,
int  include_pid 
)

Definition at line 74 of file util.cpp.

References debug_prefix, and die().

Referenced by main().

◆ macaddr()

std::string macaddr ( const uint8_t addr)

Definition at line 61 of file util.cpp.

Referenced by tcpip::dump_xml().

◆ mkdirs_for_path()

void mkdirs_for_path ( std::string  path)

Definition at line 112 of file util.cpp.

References MKDIR, and split().

Referenced by flow::new_filename(), and flow::new_pcap_filename().

◆ operator<<()

std::ostream& operator<< ( std::ostream &  os,
const struct timeval *  t 
)
inline

Definition at line 327 of file tcpflow.h.

◆ ssprintf()

std::string ssprintf ( const char *  fmt,
  ... 
)

Definition at line 20 of file util.cpp.

Referenced by main(), and process_infile().

◆ terminate()

void terminate ( int  sig)

Definition at line 244 of file tcpflow.cpp.

References DEBUG, pd, be13::plugin::phase_shutdown(), and the_fs.

Referenced by process_infile().

◆ tvshift()

const timeval& tvshift ( struct timeval &  tv,
const struct timeval &  tv_ 
)
inline

shift the time value, in line with what the user requested... previously this returned a structure on the stack, but that created an optimization problem with gcc 4.7.2

Definition at line 293 of file tcpflow.h.

References datalink_tdelta.

Referenced by dl_ethernet(), dl_null(), dl_ppp(), dl_raw(), and TFCB::HandleLLC().

Variable Documentation

◆ datalink_tdelta

int32_t datalink_tdelta
extern

Definition at line 42 of file datalink.cpp.

Referenced by main(), and tvshift().

◆ debug

int debug
extern

Definition at line 303 of file tcpflow.h.

Referenced by main().

◆ portable_signal

void(*)(int) portable_signal(int signo, void(*func)(int)) ( int  signo,
void(*)(int)  func 
)

Definition at line 311 of file tcpflow.h.

Referenced by process_infile().

◆ progname

const char* progname
extern

Definition at line 70 of file tcpflow.cpp.

Referenced by main(), tcpip::print_packet(), and usage().

◆ scan_http

scanner_t scan_http

Definition at line 318 of file tcpflow.h.

◆ scan_md5

scanner_t scan_md5

Definition at line 317 of file tcpflow.h.

◆ scan_netviz

scanner_t scan_netviz

Definition at line 321 of file tcpflow.h.

◆ scan_python

scanner_t scan_python

Definition at line 319 of file tcpflow.h.

◆ scan_tcpdemux

scanner_t scan_tcpdemux

Definition at line 320 of file tcpflow.h.

◆ scan_wifiviz

scanner_t scan_wifiviz

Definition at line 322 of file tcpflow.h.