sl@0
|
1 |
/*
|
sl@0
|
2 |
* Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)
|
sl@0
|
3 |
* Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)
|
sl@0
|
4 |
* All rights reserved.
|
sl@0
|
5 |
*
|
sl@0
|
6 |
* Redistribution and use in source and binary forms, with or without
|
sl@0
|
7 |
* modification, are permitted provided that the following conditions
|
sl@0
|
8 |
* are met:
|
sl@0
|
9 |
*
|
sl@0
|
10 |
* 1. Redistributions of source code must retain the above copyright
|
sl@0
|
11 |
* notice, this list of conditions and the following disclaimer.
|
sl@0
|
12 |
* 2. Redistributions in binary form must reproduce the above copyright
|
sl@0
|
13 |
* notice, this list of conditions and the following disclaimer in the
|
sl@0
|
14 |
* documentation and/or other materials provided with the distribution.
|
sl@0
|
15 |
* 3. Neither the name of the Politecnico di Torino, CACE Technologies
|
sl@0
|
16 |
* nor the names of its contributors may be used to endorse or promote
|
sl@0
|
17 |
* products derived from this software without specific prior written
|
sl@0
|
18 |
* permission.
|
sl@0
|
19 |
*
|
sl@0
|
20 |
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
sl@0
|
21 |
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
sl@0
|
22 |
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
sl@0
|
23 |
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
sl@0
|
24 |
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
sl@0
|
25 |
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
sl@0
|
26 |
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
sl@0
|
27 |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
sl@0
|
28 |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
sl@0
|
29 |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
sl@0
|
30 |
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
sl@0
|
31 |
*
|
sl@0
|
32 |
*/
|
sl@0
|
33 |
|
sl@0
|
34 |
/** @ingroup packetapi
|
sl@0
|
35 |
* @{
|
sl@0
|
36 |
*/
|
sl@0
|
37 |
|
sl@0
|
38 |
/** @defgroup packet32h Packet.dll definitions and data structures
|
sl@0
|
39 |
* Packet32.h contains the data structures and the definitions used by packet.dll.
|
sl@0
|
40 |
* The file is used both by the Win9x and the WinNTx versions of packet.dll, and can be included
|
sl@0
|
41 |
* by the applications that use the functions of this library
|
sl@0
|
42 |
* @{
|
sl@0
|
43 |
*/
|
sl@0
|
44 |
|
sl@0
|
45 |
#ifndef __PACKET32
|
sl@0
|
46 |
#define __PACKET32
|
sl@0
|
47 |
|
sl@0
|
48 |
#include <winsock2.h>
|
sl@0
|
49 |
|
sl@0
|
50 |
#include "devioctl.h"
|
sl@0
|
51 |
|
sl@0
|
52 |
#ifdef HAVE_AIRPCAP_API
|
sl@0
|
53 |
#include <airpcap.h>
|
sl@0
|
54 |
#else
|
sl@0
|
55 |
#if !defined(AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_)
|
sl@0
|
56 |
#define AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_
|
sl@0
|
57 |
typedef struct _AirpcapHandle *PAirpcapHandle;
|
sl@0
|
58 |
#endif /* AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_ */
|
sl@0
|
59 |
#endif /* HAVE_AIRPCAP_API */
|
sl@0
|
60 |
|
sl@0
|
61 |
#ifdef HAVE_DAG_API
|
sl@0
|
62 |
#include <dagc.h>
|
sl@0
|
63 |
#endif /* HAVE_DAG_API */
|
sl@0
|
64 |
|
sl@0
|
65 |
// Working modes
|
sl@0
|
66 |
#define PACKET_MODE_CAPT 0x0 ///< Capture mode
|
sl@0
|
67 |
#define PACKET_MODE_STAT 0x1 ///< Statistical mode
|
sl@0
|
68 |
#define PACKET_MODE_MON 0x2 ///< Monitoring mode
|
sl@0
|
69 |
#define PACKET_MODE_DUMP 0x10 ///< Dump mode
|
sl@0
|
70 |
#define PACKET_MODE_STAT_DUMP MODE_DUMP | MODE_STAT ///< Statistical dump Mode
|
sl@0
|
71 |
|
sl@0
|
72 |
// ioctls
|
sl@0
|
73 |
#define FILE_DEVICE_PROTOCOL 0x8000
|
sl@0
|
74 |
|
sl@0
|
75 |
#define IOCTL_PROTOCOL_STATISTICS CTL_CODE(FILE_DEVICE_PROTOCOL, 2 , METHOD_BUFFERED, FILE_ANY_ACCESS)
|
sl@0
|
76 |
#define IOCTL_PROTOCOL_RESET CTL_CODE(FILE_DEVICE_PROTOCOL, 3 , METHOD_BUFFERED, FILE_ANY_ACCESS)
|
sl@0
|
77 |
#define IOCTL_PROTOCOL_READ CTL_CODE(FILE_DEVICE_PROTOCOL, 4 , METHOD_BUFFERED, FILE_ANY_ACCESS)
|
sl@0
|
78 |
#define IOCTL_PROTOCOL_WRITE CTL_CODE(FILE_DEVICE_PROTOCOL, 5 , METHOD_BUFFERED, FILE_ANY_ACCESS)
|
sl@0
|
79 |
#define IOCTL_PROTOCOL_MACNAME CTL_CODE(FILE_DEVICE_PROTOCOL, 6 , METHOD_BUFFERED, FILE_ANY_ACCESS)
|
sl@0
|
80 |
#define IOCTL_OPEN CTL_CODE(FILE_DEVICE_PROTOCOL, 7 , METHOD_BUFFERED, FILE_ANY_ACCESS)
|
sl@0
|
81 |
#define IOCTL_CLOSE CTL_CODE(FILE_DEVICE_PROTOCOL, 8 , METHOD_BUFFERED, FILE_ANY_ACCESS)
|
sl@0
|
82 |
|
sl@0
|
83 |
#define pBIOCSETBUFFERSIZE 9592 ///< IOCTL code: set kernel buffer size.
|
sl@0
|
84 |
#define pBIOCSETF 9030 ///< IOCTL code: set packet filtering program.
|
sl@0
|
85 |
#define pBIOCGSTATS 9031 ///< IOCTL code: get the capture stats.
|
sl@0
|
86 |
#define pBIOCSRTIMEOUT 7416 ///< IOCTL code: set the read timeout.
|
sl@0
|
87 |
#define pBIOCSMODE 7412 ///< IOCTL code: set working mode.
|
sl@0
|
88 |
#define pBIOCSWRITEREP 7413 ///< IOCTL code: set number of physical repetions of every packet written by the app.
|
sl@0
|
89 |
#define pBIOCSMINTOCOPY 7414 ///< IOCTL code: set minimum amount of data in the kernel buffer that unlocks a read call.
|
sl@0
|
90 |
#define pBIOCSETOID 2147483648U ///< IOCTL code: set an OID value.
|
sl@0
|
91 |
#define pBIOCQUERYOID 2147483652U ///< IOCTL code: get an OID value.
|
sl@0
|
92 |
#define pATTACHPROCESS 7117 ///< IOCTL code: attach a process to the driver. Used in Win9x only.
|
sl@0
|
93 |
#define pDETACHPROCESS 7118 ///< IOCTL code: detach a process from the driver. Used in Win9x only.
|
sl@0
|
94 |
#define pBIOCSETDUMPFILENAME 9029 ///< IOCTL code: set the name of a the file used by kernel dump mode.
|
sl@0
|
95 |
#define pBIOCEVNAME 7415 ///< IOCTL code: get the name of the event that the driver signals when some data is present in the buffer.
|
sl@0
|
96 |
#define pBIOCSENDPACKETSNOSYNC 9032 ///< IOCTL code: Send a buffer containing multiple packets to the network, ignoring the timestamps associated with the packets.
|
sl@0
|
97 |
#define pBIOCSENDPACKETSSYNC 9033 ///< IOCTL code: Send a buffer containing multiple packets to the network, respecting the timestamps associated with the packets.
|
sl@0
|
98 |
#define pBIOCSETDUMPLIMITS 9034 ///< IOCTL code: Set the dump file limits. See the PacketSetDumpLimits() function.
|
sl@0
|
99 |
#define pBIOCISDUMPENDED 7411 ///< IOCTL code: Get the status of the kernel dump process. See the PacketIsDumpEnded() function.
|
sl@0
|
100 |
#define pBIOCISETLOBBEH 7410 ///< IOCTL code: Set the loopback behavior of the driver with packets sent by itself: capture or drop.
|
sl@0
|
101 |
#define pBIOCSETEVENTHANDLE 7920 ///< IOCTL code: Passes the read event HANDLE allocated by the user (packet.dll) to the kernel level driver.
|
sl@0
|
102 |
|
sl@0
|
103 |
#define pBIOCSTIMEZONE 7471 ///< IOCTL code: set time zone. Used in Win9x only.
|
sl@0
|
104 |
|
sl@0
|
105 |
|
sl@0
|
106 |
/// Alignment macro. Defines the alignment size.
|
sl@0
|
107 |
#define Packet_ALIGNMENT sizeof(int)
|
sl@0
|
108 |
/// Alignment macro. Rounds up to the next even multiple of Packet_ALIGNMENT.
|
sl@0
|
109 |
#define Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1))
|
sl@0
|
110 |
|
sl@0
|
111 |
#define NdisMediumNull -1 ///< Custom linktype: NDIS doesn't provide an equivalent
|
sl@0
|
112 |
#define NdisMediumCHDLC -2 ///< Custom linktype: NDIS doesn't provide an equivalent
|
sl@0
|
113 |
#define NdisMediumPPPSerial -3 ///< Custom linktype: NDIS doesn't provide an equivalent
|
sl@0
|
114 |
#define NdisMediumBare80211 -4 ///< Custom linktype: NDIS doesn't provide an equivalent
|
sl@0
|
115 |
#define NdisMediumRadio80211 -5 ///< Custom linktype: NDIS doesn't provide an equivalent
|
sl@0
|
116 |
|
sl@0
|
117 |
// Loopback behaviour definitions
|
sl@0
|
118 |
#define NPF_DISABLE_LOOPBACK 1 ///< Drop the packets sent by the NPF driver
|
sl@0
|
119 |
#define NPF_ENABLE_LOOPBACK 2 ///< Capture the packets sent by the NPF driver
|
sl@0
|
120 |
|
sl@0
|
121 |
/*!
|
sl@0
|
122 |
\brief Network type structure.
|
sl@0
|
123 |
|
sl@0
|
124 |
This structure is used by the PacketGetNetType() function to return information on the current adapter's type and speed.
|
sl@0
|
125 |
*/
|
sl@0
|
126 |
typedef struct NetType
|
sl@0
|
127 |
{
|
sl@0
|
128 |
UINT LinkType; ///< The MAC of the current network adapter (see function PacketGetNetType() for more information)
|
sl@0
|
129 |
ULONGLONG LinkSpeed; ///< The speed of the network in bits per second
|
sl@0
|
130 |
}NetType;
|
sl@0
|
131 |
|
sl@0
|
132 |
|
sl@0
|
133 |
//some definitions stolen from libpcap
|
sl@0
|
134 |
|
sl@0
|
135 |
#ifndef BPF_MAJOR_VERSION
|
sl@0
|
136 |
|
sl@0
|
137 |
/*!
|
sl@0
|
138 |
\brief A BPF pseudo-assembly program.
|
sl@0
|
139 |
|
sl@0
|
140 |
The program will be injected in the kernel by the PacketSetBPF() function and applied to every incoming packet.
|
sl@0
|
141 |
*/
|
sl@0
|
142 |
struct bpf_program
|
sl@0
|
143 |
{
|
sl@0
|
144 |
UINT bf_len; ///< Indicates the number of instructions of the program, i.e. the number of struct bpf_insn that will follow.
|
sl@0
|
145 |
struct bpf_insn *bf_insns; ///< A pointer to the first instruction of the program.
|
sl@0
|
146 |
};
|
sl@0
|
147 |
|
sl@0
|
148 |
/*!
|
sl@0
|
149 |
\brief A single BPF pseudo-instruction.
|
sl@0
|
150 |
|
sl@0
|
151 |
bpf_insn contains a single instruction for the BPF register-machine. It is used to send a filter program to the driver.
|
sl@0
|
152 |
*/
|
sl@0
|
153 |
struct bpf_insn
|
sl@0
|
154 |
{
|
sl@0
|
155 |
USHORT code; ///< Instruction type and addressing mode.
|
sl@0
|
156 |
UCHAR jt; ///< Jump if true
|
sl@0
|
157 |
UCHAR jf; ///< Jump if false
|
sl@0
|
158 |
int k; ///< Generic field used for various purposes.
|
sl@0
|
159 |
};
|
sl@0
|
160 |
|
sl@0
|
161 |
/*!
|
sl@0
|
162 |
\brief Structure that contains a couple of statistics values on the current capture.
|
sl@0
|
163 |
|
sl@0
|
164 |
It is used by packet.dll to return statistics about a capture session.
|
sl@0
|
165 |
*/
|
sl@0
|
166 |
struct bpf_stat
|
sl@0
|
167 |
{
|
sl@0
|
168 |
UINT bs_recv; ///< Number of packets that the driver received from the network adapter
|
sl@0
|
169 |
///< from the beginning of the current capture. This value includes the packets
|
sl@0
|
170 |
///< lost by the driver.
|
sl@0
|
171 |
UINT bs_drop; ///< number of packets that the driver lost from the beginning of a capture.
|
sl@0
|
172 |
///< Basically, a packet is lost when the the buffer of the driver is full.
|
sl@0
|
173 |
///< In this situation the packet cannot be stored and the driver rejects it.
|
sl@0
|
174 |
UINT ps_ifdrop; ///< drops by interface. XXX not yet supported
|
sl@0
|
175 |
UINT bs_capt; ///< number of packets that pass the filter, find place in the kernel buffer and
|
sl@0
|
176 |
///< thus reach the application.
|
sl@0
|
177 |
};
|
sl@0
|
178 |
|
sl@0
|
179 |
/*!
|
sl@0
|
180 |
\brief Packet header.
|
sl@0
|
181 |
|
sl@0
|
182 |
This structure defines the header associated with every packet delivered to the application.
|
sl@0
|
183 |
*/
|
sl@0
|
184 |
struct bpf_hdr
|
sl@0
|
185 |
{
|
sl@0
|
186 |
struct timeval bh_tstamp; ///< The timestamp associated with the captured packet.
|
sl@0
|
187 |
///< It is stored in a TimeVal structure.
|
sl@0
|
188 |
UINT bh_caplen; ///< Length of captured portion. The captured portion <b>can be different</b>
|
sl@0
|
189 |
///< from the original packet, because it is possible (with a proper filter)
|
sl@0
|
190 |
///< to instruct the driver to capture only a portion of the packets.
|
sl@0
|
191 |
UINT bh_datalen; ///< Original length of packet
|
sl@0
|
192 |
USHORT bh_hdrlen; ///< Length of bpf header (this struct plus alignment padding). In some cases,
|
sl@0
|
193 |
///< a padding could be added between the end of this structure and the packet
|
sl@0
|
194 |
///< data for performance reasons. This filed can be used to retrieve the actual data
|
sl@0
|
195 |
///< of the packet.
|
sl@0
|
196 |
};
|
sl@0
|
197 |
|
sl@0
|
198 |
/*!
|
sl@0
|
199 |
\brief Dump packet header.
|
sl@0
|
200 |
|
sl@0
|
201 |
This structure defines the header associated with the packets in a buffer to be used with PacketSendPackets().
|
sl@0
|
202 |
It is simpler than the bpf_hdr, because it corresponds to the header associated by WinPcap and libpcap to a
|
sl@0
|
203 |
packet in a dump file. This makes straightforward sending WinPcap dump files to the network.
|
sl@0
|
204 |
*/
|
sl@0
|
205 |
struct dump_bpf_hdr{
|
sl@0
|
206 |
struct timeval ts; ///< Time stamp of the packet
|
sl@0
|
207 |
UINT caplen; ///< Length of captured portion. The captured portion can smaller than the
|
sl@0
|
208 |
///< the original packet, because it is possible (with a proper filter) to
|
sl@0
|
209 |
///< instruct the driver to capture only a portion of the packets.
|
sl@0
|
210 |
UINT len; ///< Length of the original packet (off wire).
|
sl@0
|
211 |
};
|
sl@0
|
212 |
|
sl@0
|
213 |
|
sl@0
|
214 |
#endif
|
sl@0
|
215 |
|
sl@0
|
216 |
struct bpf_stat;
|
sl@0
|
217 |
|
sl@0
|
218 |
#define DOSNAMEPREFIX TEXT("Packet_") ///< Prefix added to the adapters device names to create the WinPcap devices
|
sl@0
|
219 |
#define MAX_LINK_NAME_LENGTH 64 //< Maximum length of the devices symbolic links
|
sl@0
|
220 |
#define NMAX_PACKET 65535
|
sl@0
|
221 |
|
sl@0
|
222 |
/*!
|
sl@0
|
223 |
\brief Addresses of a network adapter.
|
sl@0
|
224 |
|
sl@0
|
225 |
This structure is used by the PacketGetNetInfoEx() function to return the IP addresses associated with
|
sl@0
|
226 |
an adapter.
|
sl@0
|
227 |
*/
|
sl@0
|
228 |
typedef struct npf_if_addr {
|
sl@0
|
229 |
struct sockaddr_storage IPAddress; ///< IP address.
|
sl@0
|
230 |
struct sockaddr_storage SubnetMask; ///< Netmask for that address.
|
sl@0
|
231 |
struct sockaddr_storage Broadcast; ///< Broadcast address.
|
sl@0
|
232 |
}npf_if_addr;
|
sl@0
|
233 |
|
sl@0
|
234 |
|
sl@0
|
235 |
#define ADAPTER_NAME_LENGTH 256 + 12 ///< Maximum length for the name of an adapter. The value is the same used by the IP Helper API.
|
sl@0
|
236 |
#define ADAPTER_DESC_LENGTH 128 ///< Maximum length for the description of an adapter. The value is the same used by the IP Helper API.
|
sl@0
|
237 |
#define MAX_MAC_ADDR_LENGTH 8 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API.
|
sl@0
|
238 |
#define MAX_NETWORK_ADDRESSES 16 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API.
|
sl@0
|
239 |
|
sl@0
|
240 |
|
sl@0
|
241 |
typedef struct WAN_ADAPTER_INT WAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API
|
sl@0
|
242 |
typedef WAN_ADAPTER *PWAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API
|
sl@0
|
243 |
|
sl@0
|
244 |
#define INFO_FLAG_NDIS_ADAPTER 0 ///< Flag for ADAPTER_INFO: this is a traditional ndis adapter
|
sl@0
|
245 |
#define INFO_FLAG_NDISWAN_ADAPTER 1 ///< Flag for ADAPTER_INFO: this is a NdisWan adapter, and it's managed by WANPACKET
|
sl@0
|
246 |
#define INFO_FLAG_DAG_CARD 2 ///< Flag for ADAPTER_INFO: this is a DAG card
|
sl@0
|
247 |
#define INFO_FLAG_DAG_FILE 6 ///< Flag for ADAPTER_INFO: this is a DAG file
|
sl@0
|
248 |
#define INFO_FLAG_DONT_EXPORT 8 ///< Flag for ADAPTER_INFO: when this flag is set, the adapter will not be listed or openend by winpcap. This allows to prevent exporting broken network adapters, like for example FireWire ones.
|
sl@0
|
249 |
#define INFO_FLAG_AIRPCAP_CARD 16 ///< Flag for ADAPTER_INFO: this is an airpcap card
|
sl@0
|
250 |
#define INFO_FLAG_NPFIM_DEVICE 32
|
sl@0
|
251 |
/*!
|
sl@0
|
252 |
\brief Contains comprehensive information about a network adapter.
|
sl@0
|
253 |
|
sl@0
|
254 |
This structure is filled with all the accessory information that the user can need about an adapter installed
|
sl@0
|
255 |
on his system.
|
sl@0
|
256 |
*/
|
sl@0
|
257 |
typedef struct _ADAPTER_INFO
|
sl@0
|
258 |
{
|
sl@0
|
259 |
struct _ADAPTER_INFO *Next; ///< Pointer to the next adapter in the list.
|
sl@0
|
260 |
CHAR Name[ADAPTER_NAME_LENGTH + 1]; ///< Name of the device representing the adapter.
|
sl@0
|
261 |
CHAR Description[ADAPTER_DESC_LENGTH + 1]; ///< Human understandable description of the adapter
|
sl@0
|
262 |
UINT MacAddressLen; ///< Length of the link layer address.
|
sl@0
|
263 |
UCHAR MacAddress[MAX_MAC_ADDR_LENGTH]; ///< Link layer address.
|
sl@0
|
264 |
NetType LinkLayer; ///< Physical characteristics of this adapter. This NetType structure contains the link type and the speed of the adapter.
|
sl@0
|
265 |
INT NNetworkAddresses; ///< Number of network layer addresses of this adapter.
|
sl@0
|
266 |
npf_if_addr *NetworkAddresses; ///< Pointer to an array of npf_if_addr, each of which specifies a network address of this adapter.
|
sl@0
|
267 |
UINT Flags; ///< Adapter's flags. Tell if this adapter must be treated in a different way, using the Netmon API or the dagc API.
|
sl@0
|
268 |
}
|
sl@0
|
269 |
ADAPTER_INFO, *PADAPTER_INFO;
|
sl@0
|
270 |
|
sl@0
|
271 |
/*!
|
sl@0
|
272 |
\brief Describes an opened network adapter.
|
sl@0
|
273 |
|
sl@0
|
274 |
This structure is the most important for the functioning of packet.dll, but the great part of its fields
|
sl@0
|
275 |
should be ignored by the user, since the library offers functions that avoid to cope with low-level parameters
|
sl@0
|
276 |
*/
|
sl@0
|
277 |
typedef struct _ADAPTER {
|
sl@0
|
278 |
HANDLE hFile; ///< \internal Handle to an open instance of the NPF driver.
|
sl@0
|
279 |
CHAR SymbolicLink[MAX_LINK_NAME_LENGTH]; ///< \internal A string containing the name of the network adapter currently opened.
|
sl@0
|
280 |
int NumWrites; ///< \internal Number of times a packets written on this adapter will be repeated
|
sl@0
|
281 |
///< on the wire.
|
sl@0
|
282 |
HANDLE ReadEvent; ///< A notification event associated with the read calls on the adapter.
|
sl@0
|
283 |
///< It can be passed to standard Win32 functions (like WaitForSingleObject
|
sl@0
|
284 |
///< or WaitForMultipleObjects) to wait until the driver's buffer contains some
|
sl@0
|
285 |
///< data. It is particularly useful in GUI applications that need to wait
|
sl@0
|
286 |
///< concurrently on several events. In Windows NT/2000 the PacketSetMinToCopy()
|
sl@0
|
287 |
///< function can be used to define the minimum amount of data in the kernel buffer
|
sl@0
|
288 |
///< that will cause the event to be signalled.
|
sl@0
|
289 |
|
sl@0
|
290 |
UINT ReadTimeOut; ///< \internal The amount of time after which a read on the driver will be released and
|
sl@0
|
291 |
///< ReadEvent will be signaled, also if no packets were captured
|
sl@0
|
292 |
CHAR Name[ADAPTER_NAME_LENGTH];
|
sl@0
|
293 |
PWAN_ADAPTER pWanAdapter;
|
sl@0
|
294 |
UINT Flags; ///< Adapter's flags. Tell if this adapter must be treated in a different way, using the Netmon API or the dagc API.
|
sl@0
|
295 |
|
sl@0
|
296 |
#ifdef HAVE_AIRPCAP_API
|
sl@0
|
297 |
PAirpcapHandle AirpcapAd;
|
sl@0
|
298 |
#endif // HAVE_AIRPCAP_API
|
sl@0
|
299 |
|
sl@0
|
300 |
#ifdef HAVE_NPFIM_API
|
sl@0
|
301 |
void* NpfImHandle;
|
sl@0
|
302 |
#endif // HAVE_NPFIM_API
|
sl@0
|
303 |
|
sl@0
|
304 |
#ifdef HAVE_DAG_API
|
sl@0
|
305 |
dagc_t *pDagCard; ///< Pointer to the dagc API adapter descriptor for this adapter
|
sl@0
|
306 |
PCHAR DagBuffer; ///< Pointer to the buffer with the packets that is received from the DAG card
|
sl@0
|
307 |
struct timeval DagReadTimeout; ///< Read timeout. The dagc API requires a timeval structure
|
sl@0
|
308 |
unsigned DagFcsLen; ///< Length of the frame check sequence attached to any packet by the card. Obtained from the registry
|
sl@0
|
309 |
DWORD DagFastProcess; ///< True if the user requests fast capture processing on this card. Higher level applications can use this value to provide a faster but possibly unprecise capture (for example, libpcap doesn't convert the timestamps).
|
sl@0
|
310 |
#endif // HAVE_DAG_API
|
sl@0
|
311 |
} ADAPTER, *LPADAPTER;
|
sl@0
|
312 |
|
sl@0
|
313 |
/*!
|
sl@0
|
314 |
\brief Structure that contains a group of packets coming from the driver.
|
sl@0
|
315 |
|
sl@0
|
316 |
This structure defines the header associated with every packet delivered to the application.
|
sl@0
|
317 |
*/
|
sl@0
|
318 |
typedef struct _PACKET {
|
sl@0
|
319 |
HANDLE hEvent; ///< \deprecated Still present for compatibility with old applications.
|
sl@0
|
320 |
OVERLAPPED OverLapped; ///< \deprecated Still present for compatibility with old applications.
|
sl@0
|
321 |
PVOID Buffer; ///< Buffer with containing the packets. See the PacketReceivePacket() for
|
sl@0
|
322 |
///< details about the organization of the data in this buffer
|
sl@0
|
323 |
UINT Length; ///< Length of the buffer
|
sl@0
|
324 |
DWORD ulBytesReceived; ///< Number of valid bytes present in the buffer, i.e. amount of data
|
sl@0
|
325 |
///< received by the last call to PacketReceivePacket()
|
sl@0
|
326 |
BOOLEAN bIoComplete; ///< \deprecated Still present for compatibility with old applications.
|
sl@0
|
327 |
} PACKET, *LPPACKET;
|
sl@0
|
328 |
|
sl@0
|
329 |
/*!
|
sl@0
|
330 |
\brief Structure containing an OID request.
|
sl@0
|
331 |
|
sl@0
|
332 |
It is used by the PacketRequest() function to send an OID to the interface card driver.
|
sl@0
|
333 |
It can be used, for example, to retrieve the status of the error counters on the adapter, its MAC address,
|
sl@0
|
334 |
the list of the multicast groups defined on it, and so on.
|
sl@0
|
335 |
*/
|
sl@0
|
336 |
struct _PACKET_OID_DATA {
|
sl@0
|
337 |
ULONG Oid; ///< OID code. See the Microsoft DDK documentation or the file ntddndis.h
|
sl@0
|
338 |
///< for a complete list of valid codes.
|
sl@0
|
339 |
ULONG Length; ///< Length of the data field
|
sl@0
|
340 |
UCHAR Data[1]; ///< variable-lenght field that contains the information passed to or received
|
sl@0
|
341 |
///< from the adapter.
|
sl@0
|
342 |
};
|
sl@0
|
343 |
typedef struct _PACKET_OID_DATA PACKET_OID_DATA, *PPACKET_OID_DATA;
|
sl@0
|
344 |
|
sl@0
|
345 |
#ifdef __cplusplus
|
sl@0
|
346 |
extern "C" {
|
sl@0
|
347 |
#endif
|
sl@0
|
348 |
|
sl@0
|
349 |
/**
|
sl@0
|
350 |
* @}
|
sl@0
|
351 |
*/
|
sl@0
|
352 |
|
sl@0
|
353 |
/*
|
sl@0
|
354 |
BOOLEAN QueryWinPcapRegistryStringA(CHAR *SubKeyName,
|
sl@0
|
355 |
CHAR *Value,
|
sl@0
|
356 |
UINT *pValueLen,
|
sl@0
|
357 |
CHAR *DefaultVal);
|
sl@0
|
358 |
|
sl@0
|
359 |
BOOLEAN QueryWinPcapRegistryStringW(WCHAR *SubKeyName,
|
sl@0
|
360 |
WCHAR *Value,
|
sl@0
|
361 |
UINT *pValueLen,
|
sl@0
|
362 |
WCHAR *DefaultVal);
|
sl@0
|
363 |
*/
|
sl@0
|
364 |
|
sl@0
|
365 |
//---------------------------------------------------------------------------
|
sl@0
|
366 |
// EXPORTED FUNCTIONS
|
sl@0
|
367 |
//---------------------------------------------------------------------------
|
sl@0
|
368 |
|
sl@0
|
369 |
PCHAR PacketGetVersion();
|
sl@0
|
370 |
PCHAR PacketGetDriverVersion();
|
sl@0
|
371 |
BOOLEAN PacketSetMinToCopy(LPADAPTER AdapterObject,int nbytes);
|
sl@0
|
372 |
BOOLEAN PacketSetNumWrites(LPADAPTER AdapterObject,int nwrites);
|
sl@0
|
373 |
BOOLEAN PacketSetMode(LPADAPTER AdapterObject,int mode);
|
sl@0
|
374 |
BOOLEAN PacketSetReadTimeout(LPADAPTER AdapterObject,int timeout);
|
sl@0
|
375 |
BOOLEAN PacketSetBpf(LPADAPTER AdapterObject,struct bpf_program *fp);
|
sl@0
|
376 |
BOOLEAN PacketSetLoopbackBehavior(LPADAPTER AdapterObject, UINT LoopbackBehavior);
|
sl@0
|
377 |
INT PacketSetSnapLen(LPADAPTER AdapterObject,int snaplen);
|
sl@0
|
378 |
BOOLEAN PacketGetStats(LPADAPTER AdapterObject,struct bpf_stat *s);
|
sl@0
|
379 |
BOOLEAN PacketGetStatsEx(LPADAPTER AdapterObject,struct bpf_stat *s);
|
sl@0
|
380 |
BOOLEAN PacketSetBuff(LPADAPTER AdapterObject,int dim);
|
sl@0
|
381 |
BOOLEAN PacketGetNetType (LPADAPTER AdapterObject,NetType *type);
|
sl@0
|
382 |
LPADAPTER PacketOpenAdapter(PCHAR AdapterName);
|
sl@0
|
383 |
BOOLEAN PacketSendPacket(LPADAPTER AdapterObject,LPPACKET pPacket,BOOLEAN Sync);
|
sl@0
|
384 |
INT PacketSendPackets(LPADAPTER AdapterObject,PVOID PacketBuff,ULONG Size, BOOLEAN Sync);
|
sl@0
|
385 |
LPPACKET PacketAllocatePacket(void);
|
sl@0
|
386 |
VOID PacketInitPacket(LPPACKET lpPacket,PVOID Buffer,UINT Length);
|
sl@0
|
387 |
VOID PacketFreePacket(LPPACKET lpPacket);
|
sl@0
|
388 |
BOOLEAN PacketReceivePacket(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync);
|
sl@0
|
389 |
BOOLEAN PacketSetHwFilter(LPADAPTER AdapterObject,ULONG Filter);
|
sl@0
|
390 |
BOOLEAN PacketGetAdapterNames(PTSTR pStr,PULONG BufferSize);
|
sl@0
|
391 |
BOOLEAN PacketGetNetInfoEx(PCHAR AdapterName, npf_if_addr* buffer, PLONG NEntries);
|
sl@0
|
392 |
BOOLEAN PacketRequest(LPADAPTER AdapterObject,BOOLEAN Set,PPACKET_OID_DATA OidData);
|
sl@0
|
393 |
HANDLE PacketGetReadEvent(LPADAPTER AdapterObject);
|
sl@0
|
394 |
BOOLEAN PacketSetDumpName(LPADAPTER AdapterObject, void *name, int len);
|
sl@0
|
395 |
BOOLEAN PacketSetDumpLimits(LPADAPTER AdapterObject, UINT maxfilesize, UINT maxnpacks);
|
sl@0
|
396 |
BOOLEAN PacketIsDumpEnded(LPADAPTER AdapterObject, BOOLEAN sync);
|
sl@0
|
397 |
BOOL PacketStopDriver();
|
sl@0
|
398 |
VOID PacketCloseAdapter(LPADAPTER lpAdapter);
|
sl@0
|
399 |
BOOLEAN PacketStartOem(PCHAR errorString, UINT errorStringLength);
|
sl@0
|
400 |
PAirpcapHandle PacketGetAirPcapHandle(LPADAPTER AdapterObject);
|
sl@0
|
401 |
#ifdef __cplusplus
|
sl@0
|
402 |
}
|
sl@0
|
403 |
#endif
|
sl@0
|
404 |
|
sl@0
|
405 |
#endif //__PACKET32
|