/** Does the dissection of one packet. @param in_data raw binary data of the packet to be processed @param mode specifies the debug mode @return dissected packet payload in a form of hf_datanode tree if everything went OK, NULL otherwise */ extern "C" __declspec(dllexport) hf_datanode *hf_dissect_one_packet(unsigned char *in_data, int mode) { epan_dissect_t *pedt; frame_data *fdata = g_slice_new(frame_data); int count = 0; nstime_t elapsed_time; elapsed_time.secs = 0; elapsed_time.nsecs = 100; name_number = 1; if(mode==DEBUG_MODE) { printf("DEBUG mode on.\n"); debug_mode = mode; } if(fdata==NULL) return NULL; // create a wiretap header wrapper around the data wtap *wth; wth = hf_create_fakewth(in_data); // this should happen only if we run out of memory! if(wth==NULL) return NULL; // initilaize the values for fake time measurement hf_init_timestructs(); // disecton process begins // initialiation phase...set up the frame and dissection structures frame_data_init(fdata,count,wtap_phdr(wth),wth->data_offset,cum_bytes); pedt = epan_dissect_new(TRUE,TRUE); frame_data_set_before_dissect(fdata,&(elapsed_time),&first_ts,&prev_dis_ts,&prev_cap_ts); // the core of the dissection epan_dissect_run(pedt,wtap_pseudoheader(wth),wtap_buf_ptr(wth),fdata,NULL); // cleanup after the dissection frame_data_set_after_dissect(fdata,&cum_bytes,&prev_dis_ts); // transform the dissected data to the form of a hf_datanode tree hf_datanode * returned_node = hf_transform_ptree_to_datamodel(pedt); // free the one-packet dissection structure epan_dissect_t epan_dissect_free(pedt); // disecton process ends // deallocation phase g_slice_free(frame_data, fdata); buffer_free(wth->frame_buffer); g_free(wth->frame_buffer); g_free(wth->capture.pcap); g_free(wth); hf_datanode *returned_payload = hf_return_only_payload(returned_node); // fragmented packet or dissection failure should be noted if(mode==DEBUG_MODE) { if(!returned_payload) fprintf(stderr, "Dissection returned NULL - either fragmented message or protocol unknown.\n"); } // print the part that will be returned from the function after the duplicates were skipped etc. if(debug_mode==DEBUG_MODE) { hf_print_datamodel(returned_payload,1,1); } // if we were in debug mode, switch it off debug_mode = NODEBUG_MODE; return returned_payload; }
const char *TextPtr; gint tv_size = 95, bv_size = 75; GtkWidget *main_w, *main_vbox, *pane, *tree_view, *tv_scrollw, *bv_nb_ptr; struct PacketWinData *DataPtr; int i; /* Allocate data structure to represent this window. */ DataPtr = (struct PacketWinData *) g_malloc(sizeof(struct PacketWinData)); DataPtr->frame = cfile.current_frame; memcpy(&DataPtr->pseudo_header, &cfile.pseudo_header, sizeof DataPtr->pseudo_header); DataPtr->pd = g_malloc(DataPtr->frame->cap_len); memcpy(DataPtr->pd, cfile.pd, DataPtr->frame->cap_len); DataPtr->edt = epan_dissect_new(TRUE, TRUE); epan_dissect_run(DataPtr->edt, &DataPtr->pseudo_header, DataPtr->pd, DataPtr->frame, &cfile.cinfo); epan_dissect_fill_in_columns(DataPtr->edt, TRUE); /* * Build title of window by getting column data constructed when the * frame was dissected. */ for (i = 0; i < cfile.cinfo.num_cols; ++i) { TextPtr = cfile.cinfo.col_data[i]; if ((strlen(Title) + strlen(TextPtr)) < NewWinTitleLen - 1) { g_strlcat(Title, TextPtr, NewWinTitleLen); g_strlcat(Title, " ", NewWinTitleLen); } }