Wireshark 4.5.0
The Wireshark network protocol analyzer
Loading...
Searching...
No Matches
packet-netmon.h
1/* packet-netmon.h
2 *
3 * Wireshark - Network traffic analyzer
4 * By Gerald Combs <[email protected]>
5 * Copyright 1998 Gerald Combs
6 *
7 * SPDX-License-Identifier: GPL-2.0-or-later
8 */
9
10#ifndef PACKET_NETMON_H
11#define PACKET_NETMON_H
12
13#include <epan/expert.h>
14
15#define EVENT_HEADER_FLAG_EXTENDED_INFO 0x0001
16#define EVENT_HEADER_FLAG_PRIVATE_SESSION 0x0002
17#define EVENT_HEADER_FLAG_STRING_ONLY 0x0004
18#define EVENT_HEADER_FLAG_TRACE_MESSAGE 0x0008
19#define EVENT_HEADER_FLAG_NO_CPUTIME 0x0010
20#define EVENT_HEADER_FLAG_32_BIT_HEADER 0x0020
21#define EVENT_HEADER_FLAG_64_BIT_HEADER 0x0040
22#define EVENT_HEADER_FLAG_CLASSIC_HEADER 0x0100
23
24/* Dissector data for Provider ID dissector table */
26{
27 uint32_t event_id;
28 uint16_t event_flags;
29 uint8_t event_version;
30 uint64_t keyword;
31 uint8_t opcode;
32};
33
34
35void netmon_etl_field(proto_tree *tree, tvbuff_t *tvb, int* offset, int hf, uint16_t flags);
36void netmon_sid_field(proto_tree *tree, tvbuff_t *tvb, int* offset, packet_info *pinfo,
37 int hf_revision, int hf_subauthority_count, int hf_sid_id, int hf_sid_authority,
38 expert_field* invalid_sid, bool conformant);
39
40
41#endif /* PACKET_NETMON_H */
42
43/*
44 * Editor modelines - https://www.wireshark.org/tools/modelines.html
45 *
46 * Local variables:
47 * c-basic-offset: 4
48 * tab-width: 8
49 * indent-tabs-mode: nil
50 * End:
51 *
52 * vi: set shiftwidth=4 tabstop=8 expandtab:
53 * :indentSize=4:tabSize=8:noTabs=true:
54 */
Definition packet_info.h:43
Definition proto.h:903
Definition expert.h:39
Definition packet-netmon.h:26
Definition tvbuff-int.h:35