/**
Does the dissection of one packet.
@param in_data raw binary data of the packet to be processed
@param mode specifies the debug mode
@return dissected packet payload in a form of hf_datanode tree if everything went OK, NULL otherwise
*/
extern "C" __declspec(dllexport) hf_datanode *hf_dissect_one_packet(unsigned char *in_data, int mode)
{
epan_dissect_t *pedt;
frame_data *fdata = g_slice_new(frame_data);
int count = 0;
nstime_t elapsed_time;
elapsed_time.secs = 0;
elapsed_time.nsecs = 100;
name_number = 1;
if(mode==DEBUG_MODE) {
printf("DEBUG mode on.\n");
debug_mode = mode;
}
if(fdata==NULL)
return NULL;
// create a wiretap header wrapper around the data
wtap *wth;
wth = hf_create_fakewth(in_data);
// this should happen only if we run out of memory!
if(wth==NULL)
return NULL;
// initilaize the values for fake time measurement
hf_init_timestructs();
// disecton process begins
// initialiation phase...set up the frame and dissection structures
frame_data_init(fdata,count,wtap_phdr(wth),wth->data_offset,cum_bytes);
pedt = epan_dissect_new(TRUE,TRUE);
frame_data_set_before_dissect(fdata,&(elapsed_time),&first_ts,&prev_dis_ts,&prev_cap_ts);
// the core of the dissection
epan_dissect_run(pedt,wtap_pseudoheader(wth),wtap_buf_ptr(wth),fdata,NULL);
// cleanup after the dissection
frame_data_set_after_dissect(fdata,&cum_bytes,&prev_dis_ts);
// transform the dissected data to the form of a hf_datanode tree
hf_datanode * returned_node = hf_transform_ptree_to_datamodel(pedt);
// free the one-packet dissection structure epan_dissect_t
epan_dissect_free(pedt);
// disecton process ends
// deallocation phase
g_slice_free(frame_data, fdata);
buffer_free(wth->frame_buffer);
g_free(wth->frame_buffer);
g_free(wth->capture.pcap);
g_free(wth);
hf_datanode *returned_payload = hf_return_only_payload(returned_node);
// fragmented packet or dissection failure should be noted
if(mode==DEBUG_MODE) {
if(!returned_payload)
fprintf(stderr, "Dissection returned NULL - either fragmented message or protocol unknown.\n");
}
// print the part that will be returned from the function after the duplicates were skipped etc.
if(debug_mode==DEBUG_MODE) {
hf_print_datamodel(returned_payload,1,1);
}
// if we were in debug mode, switch it off
debug_mode = NODEBUG_MODE;
return returned_payload;
}
const char *TextPtr;
gint tv_size = 95, bv_size = 75;
GtkWidget *main_w, *main_vbox, *pane,
*tree_view, *tv_scrollw,
*bv_nb_ptr;
struct PacketWinData *DataPtr;
int i;
/* Allocate data structure to represent this window. */
DataPtr = (struct PacketWinData *) g_malloc(sizeof(struct PacketWinData));
DataPtr->frame = cfile.current_frame;
memcpy(&DataPtr->pseudo_header, &cfile.pseudo_header, sizeof DataPtr->pseudo_header);
DataPtr->pd = g_malloc(DataPtr->frame->cap_len);
memcpy(DataPtr->pd, cfile.pd, DataPtr->frame->cap_len);
DataPtr->edt = epan_dissect_new(TRUE, TRUE);
epan_dissect_run(DataPtr->edt, &DataPtr->pseudo_header, DataPtr->pd,
DataPtr->frame, &cfile.cinfo);
epan_dissect_fill_in_columns(DataPtr->edt, TRUE);
/*
* Build title of window by getting column data constructed when the
* frame was dissected.
*/
for (i = 0; i < cfile.cinfo.num_cols; ++i) {
TextPtr = cfile.cinfo.col_data[i];
if ((strlen(Title) + strlen(TextPtr)) < NewWinTitleLen - 1) {
g_strlcat(Title, TextPtr, NewWinTitleLen);
g_strlcat(Title, " ", NewWinTitleLen);
}
}
