wtap.h File Reference

#include <wireshark.h>
#include <time.h>
#include <wsutil/buffer.h>
#include <wsutil/nstime.h>
#include <wsutil/inet_addr.h>
#include "wtap_opttypes.h"

Go to the source code of this file.

Classes
struct	eth_phdr
struct	dte_dce_phdr
struct	isdn_phdr
struct	atm_phdr
struct	ascend_phdr
struct	p2p_phdr
struct	ieee_802_11_fhss
struct	ieee_802_11b
struct	ieee_802_11a
struct	ieee_802_11g
struct	ieee_802_11n
struct	ieee_802_11ac
struct	ieee_802_11ad
struct	ieee_802_11ax
struct	ieee_802_11be_user_info
struct	ieee_802_11be
union	ieee_802_11_phy_info
struct	ieee_802_11_phdr
struct	cosine_phdr
struct	irda_phdr
struct	nettl_phdr
struct	mtp2_phdr
union	k12_input_info_t
struct	k12_phdr
struct	lapd_phdr
struct	catapult_dct2000_phdr
struct	erf_phdr
struct	erf_ehdr
struct	wtap_erf_eth_hdr
struct	erf_mc_phdr
struct	sita_phdr
struct	bthci_phdr
struct	btmon_phdr
struct	l1event_phdr
struct	i2c_phdr
struct	gsm_um_phdr
struct	nstr_phdr
struct	nokia_phdr
struct	llcp_phdr
struct	logcat_phdr
struct	netmon_phdr
union	netmon_phdr::sub_wtap_pseudo_header
struct	ber_phdr
union	wtap_pseudo_header
struct	wtap_packet_header
struct	wtap_ft_specific_header
struct	wtap_syscall_header
struct	wtap_systemd_journal_export_header
struct	wtap_custom_block_header
struct	wtap_rec
struct	hashipv4
struct	hashipv6
struct	addrinfo_lists
struct	wtap_dump_params
struct	wtap_wslua_file_info
struct	file_extension_info
struct	open_info
struct	supported_option_type
struct	supported_block_type
struct	file_type_subtype_info
struct	wtap_plugin

Macros
#define	WTAP_ENCAP_NONE   -2
#define	WTAP_ENCAP_PER_PACKET   -1
#define	WTAP_ENCAP_UNKNOWN   0
#define	WTAP_ENCAP_ETHERNET   1
#define	WTAP_ENCAP_TOKEN_RING   2
#define	WTAP_ENCAP_SLIP   3
#define	WTAP_ENCAP_PPP   4
#define	WTAP_ENCAP_FDDI   5
#define	WTAP_ENCAP_FDDI_BITSWAPPED   6
#define	WTAP_ENCAP_RAW_IP   7
#define	WTAP_ENCAP_ARCNET   8
#define	WTAP_ENCAP_ARCNET_LINUX   9
#define	WTAP_ENCAP_ATM_RFC1483   10
#define	WTAP_ENCAP_LINUX_ATM_CLIP   11
#define	WTAP_ENCAP_LAPB   12
#define	WTAP_ENCAP_ATM_PDUS   13
#define	WTAP_ENCAP_ATM_PDUS_UNTRUNCATED   14
#define	WTAP_ENCAP_NULL   15
#define	WTAP_ENCAP_ASCEND   16
#define	WTAP_ENCAP_ISDN   17
#define	WTAP_ENCAP_IP_OVER_FC   18
#define	WTAP_ENCAP_PPP_WITH_PHDR   19
#define	WTAP_ENCAP_IEEE_802_11   20
#define	WTAP_ENCAP_IEEE_802_11_PRISM   21
#define	WTAP_ENCAP_IEEE_802_11_WITH_RADIO   22
#define	WTAP_ENCAP_IEEE_802_11_RADIOTAP   23
#define	WTAP_ENCAP_IEEE_802_11_AVS   24
#define	WTAP_ENCAP_SLL   25
#define	WTAP_ENCAP_FRELAY   26
#define	WTAP_ENCAP_FRELAY_WITH_PHDR   27
#define	WTAP_ENCAP_CHDLC   28
#define	WTAP_ENCAP_CISCO_IOS   29
#define	WTAP_ENCAP_LOCALTALK   30
#define	WTAP_ENCAP_OLD_PFLOG   31
#define	WTAP_ENCAP_HHDLC   32
#define	WTAP_ENCAP_DOCSIS   33
#define	WTAP_ENCAP_COSINE   34
#define	WTAP_ENCAP_WFLEET_HDLC   35
#define	WTAP_ENCAP_SDLC   36
#define	WTAP_ENCAP_TZSP   37
#define	WTAP_ENCAP_ENC   38
#define	WTAP_ENCAP_PFLOG   39
#define	WTAP_ENCAP_CHDLC_WITH_PHDR   40
#define	WTAP_ENCAP_BLUETOOTH_H4   41
#define	WTAP_ENCAP_MTP2   42
#define	WTAP_ENCAP_MTP3   43
#define	WTAP_ENCAP_IRDA   44
#define	WTAP_ENCAP_USER0   45
#define	WTAP_ENCAP_USER1   46
#define	WTAP_ENCAP_USER2   47
#define	WTAP_ENCAP_USER3   48
#define	WTAP_ENCAP_USER4   49
#define	WTAP_ENCAP_USER5   50
#define	WTAP_ENCAP_USER6   51
#define	WTAP_ENCAP_USER7   52
#define	WTAP_ENCAP_USER8   53
#define	WTAP_ENCAP_USER9   54
#define	WTAP_ENCAP_USER10   55
#define	WTAP_ENCAP_USER11   56
#define	WTAP_ENCAP_USER12   57
#define	WTAP_ENCAP_USER13   58
#define	WTAP_ENCAP_USER14   59
#define	WTAP_ENCAP_USER15   60
#define	WTAP_ENCAP_SYMANTEC   61
#define	WTAP_ENCAP_APPLE_IP_OVER_IEEE1394   62
#define	WTAP_ENCAP_BACNET_MS_TP   63
#define	WTAP_ENCAP_NETTL_RAW_ICMP   64
#define	WTAP_ENCAP_NETTL_RAW_ICMPV6   65
#define	WTAP_ENCAP_GPRS_LLC   66
#define	WTAP_ENCAP_JUNIPER_ATM1   67
#define	WTAP_ENCAP_JUNIPER_ATM2   68
#define	WTAP_ENCAP_REDBACK   69
#define	WTAP_ENCAP_NETTL_RAW_IP   70
#define	WTAP_ENCAP_NETTL_ETHERNET   71
#define	WTAP_ENCAP_NETTL_TOKEN_RING   72
#define	WTAP_ENCAP_NETTL_FDDI   73
#define	WTAP_ENCAP_NETTL_UNKNOWN   74
#define	WTAP_ENCAP_MTP2_WITH_PHDR   75
#define	WTAP_ENCAP_JUNIPER_PPPOE   76
#define	WTAP_ENCAP_GCOM_TIE1   77
#define	WTAP_ENCAP_GCOM_SERIAL   78
#define	WTAP_ENCAP_NETTL_X25   79
#define	WTAP_ENCAP_K12   80
#define	WTAP_ENCAP_JUNIPER_MLPPP   81
#define	WTAP_ENCAP_JUNIPER_MLFR   82
#define	WTAP_ENCAP_JUNIPER_ETHER   83
#define	WTAP_ENCAP_JUNIPER_PPP   84
#define	WTAP_ENCAP_JUNIPER_FRELAY   85
#define	WTAP_ENCAP_JUNIPER_CHDLC   86
#define	WTAP_ENCAP_JUNIPER_GGSN   87
#define	WTAP_ENCAP_LINUX_LAPD   88
#define	WTAP_ENCAP_CATAPULT_DCT2000   89
#define	WTAP_ENCAP_BER   90
#define	WTAP_ENCAP_JUNIPER_VP   91
#define	WTAP_ENCAP_USB_FREEBSD   92
#define	WTAP_ENCAP_IEEE802_16_MAC_CPS   93
#define	WTAP_ENCAP_NETTL_RAW_TELNET   94
#define	WTAP_ENCAP_USB_LINUX   95
#define	WTAP_ENCAP_MPEG   96
#define	WTAP_ENCAP_PPI   97
#define	WTAP_ENCAP_ERF   98
#define	WTAP_ENCAP_BLUETOOTH_H4_WITH_PHDR   99
#define	WTAP_ENCAP_SITA   100
#define	WTAP_ENCAP_SCCP   101
#define	WTAP_ENCAP_BLUETOOTH_HCI   102 /*raw packets without a transport layer header e.g. H4*/
#define	WTAP_ENCAP_IPMB_KONTRON   103
#define	WTAP_ENCAP_IEEE802_15_4   104
#define	WTAP_ENCAP_X2E_XORAYA   105
#define	WTAP_ENCAP_FLEXRAY   106
#define	WTAP_ENCAP_LIN   107
#define	WTAP_ENCAP_MOST   108
#define	WTAP_ENCAP_CAN20B   109
#define	WTAP_ENCAP_LAYER1_EVENT   110
#define	WTAP_ENCAP_X2E_SERIAL   111
#define	WTAP_ENCAP_I2C_LINUX   112
#define	WTAP_ENCAP_IEEE802_15_4_NONASK_PHY   113
#define	WTAP_ENCAP_TNEF   114
#define	WTAP_ENCAP_USB_LINUX_MMAPPED   115
#define	WTAP_ENCAP_GSM_UM   116
#define	WTAP_ENCAP_DPNSS   117
#define	WTAP_ENCAP_PACKETLOGGER   118
#define	WTAP_ENCAP_NSTRACE_1_0   119
#define	WTAP_ENCAP_NSTRACE_2_0   120
#define	WTAP_ENCAP_FIBRE_CHANNEL_FC2   121
#define	WTAP_ENCAP_FIBRE_CHANNEL_FC2_WITH_FRAME_DELIMS   122
#define	WTAP_ENCAP_JPEG_JFIF   123 /* obsoleted by WTAP_ENCAP_MIME*/
#define	WTAP_ENCAP_IPNET   124
#define	WTAP_ENCAP_SOCKETCAN   125
#define	WTAP_ENCAP_IEEE_802_11_NETMON   126
#define	WTAP_ENCAP_IEEE802_15_4_NOFCS   127
#define	WTAP_ENCAP_RAW_IPFIX   128
#define	WTAP_ENCAP_RAW_IP4   129
#define	WTAP_ENCAP_RAW_IP6   130
#define	WTAP_ENCAP_LAPD   131
#define	WTAP_ENCAP_DVBCI   132
#define	WTAP_ENCAP_MUX27010   133
#define	WTAP_ENCAP_MIME   134
#define	WTAP_ENCAP_NETANALYZER   135
#define	WTAP_ENCAP_NETANALYZER_TRANSPARENT   136
#define	WTAP_ENCAP_IP_OVER_IB_SNOOP   137
#define	WTAP_ENCAP_MPEG_2_TS   138
#define	WTAP_ENCAP_PPP_ETHER   139
#define	WTAP_ENCAP_NFC_LLCP   140
#define	WTAP_ENCAP_NFLOG   141
#define	WTAP_ENCAP_V5_EF   142
#define	WTAP_ENCAP_BACNET_MS_TP_WITH_PHDR   143
#define	WTAP_ENCAP_IXVERIWAVE   144
#define	WTAP_ENCAP_SDH   145
#define	WTAP_ENCAP_DBUS   146
#define	WTAP_ENCAP_AX25_KISS   147
#define	WTAP_ENCAP_AX25   148
#define	WTAP_ENCAP_SCTP   149
#define	WTAP_ENCAP_INFINIBAND   150
#define	WTAP_ENCAP_JUNIPER_SVCS   151
#define	WTAP_ENCAP_USBPCAP   152
#define	WTAP_ENCAP_RTAC_SERIAL   153
#define	WTAP_ENCAP_BLUETOOTH_LE_LL   154
#define	WTAP_ENCAP_WIRESHARK_UPPER_PDU   155
#define	WTAP_ENCAP_STANAG_4607   156
#define	WTAP_ENCAP_STANAG_5066_D_PDU   157
#define	WTAP_ENCAP_NETLINK   158
#define	WTAP_ENCAP_BLUETOOTH_LINUX_MONITOR   159
#define	WTAP_ENCAP_BLUETOOTH_BREDR_BB   160
#define	WTAP_ENCAP_BLUETOOTH_LE_LL_WITH_PHDR   161
#define	WTAP_ENCAP_NSTRACE_3_0   162
#define	WTAP_ENCAP_LOGCAT   163
#define	WTAP_ENCAP_LOGCAT_BRIEF   164
#define	WTAP_ENCAP_LOGCAT_PROCESS   165
#define	WTAP_ENCAP_LOGCAT_TAG   166
#define	WTAP_ENCAP_LOGCAT_THREAD   167
#define	WTAP_ENCAP_LOGCAT_TIME   168
#define	WTAP_ENCAP_LOGCAT_THREADTIME   169
#define	WTAP_ENCAP_LOGCAT_LONG   170
#define	WTAP_ENCAP_PKTAP   171
#define	WTAP_ENCAP_EPON   172
#define	WTAP_ENCAP_IPMI_TRACE   173
#define	WTAP_ENCAP_LOOP   174
#define	WTAP_ENCAP_JSON   175
#define	WTAP_ENCAP_NSTRACE_3_5   176
#define	WTAP_ENCAP_ISO14443   177
#define	WTAP_ENCAP_GFP_T   178
#define	WTAP_ENCAP_GFP_F   179
#define	WTAP_ENCAP_IP_OVER_IB_PCAP   180
#define	WTAP_ENCAP_JUNIPER_VN   181
#define	WTAP_ENCAP_USB_DARWIN   182
#define	WTAP_ENCAP_LORATAP   183
#define	WTAP_ENCAP_3MB_ETHERNET   184
#define	WTAP_ENCAP_VSOCK   185
#define	WTAP_ENCAP_NORDIC_BLE   186
#define	WTAP_ENCAP_NETMON_NET_NETEVENT   187
#define	WTAP_ENCAP_NETMON_HEADER   188
#define	WTAP_ENCAP_NETMON_NET_FILTER   189
#define	WTAP_ENCAP_NETMON_NETWORK_INFO_EX   190
#define	WTAP_ENCAP_MA_WFP_CAPTURE_V4   191
#define	WTAP_ENCAP_MA_WFP_CAPTURE_V6   192
#define	WTAP_ENCAP_MA_WFP_CAPTURE_2V4   193
#define	WTAP_ENCAP_MA_WFP_CAPTURE_2V6   194
#define	WTAP_ENCAP_MA_WFP_CAPTURE_AUTH_V4   195
#define	WTAP_ENCAP_MA_WFP_CAPTURE_AUTH_V6   196
#define	WTAP_ENCAP_JUNIPER_ST   197
#define	WTAP_ENCAP_ETHERNET_MPACKET   198
#define	WTAP_ENCAP_DOCSIS31_XRA31   199
#define	WTAP_ENCAP_DPAUXMON   200
#define	WTAP_ENCAP_RUBY_MARSHAL   201
#define	WTAP_ENCAP_RFC7468   202
#define	WTAP_ENCAP_SYSTEMD_JOURNAL   203 /* Event, not a packet */
#define	WTAP_ENCAP_EBHSCR   204
#define	WTAP_ENCAP_VPP   205
#define	WTAP_ENCAP_IEEE802_15_4_TAP   206
#define	WTAP_ENCAP_LOG_3GPP   207
#define	WTAP_ENCAP_USB_2_0   208
#define	WTAP_ENCAP_MP4   209
#define	WTAP_ENCAP_SLL2   210
#define	WTAP_ENCAP_ZWAVE_SERIAL   211
#define	WTAP_ENCAP_ETW   212
#define	WTAP_ENCAP_ERI_ENB_LOG   213
#define	WTAP_ENCAP_ZBNCP   214
#define	WTAP_ENCAP_USB_2_0_LOW_SPEED   215
#define	WTAP_ENCAP_USB_2_0_FULL_SPEED   216
#define	WTAP_ENCAP_USB_2_0_HIGH_SPEED   217
#define	WTAP_ENCAP_AUTOSAR_DLT   218
#define	WTAP_ENCAP_AUERSWALD_LOG   219
#define	WTAP_ENCAP_ATSC_ALP   220
#define	WTAP_ENCAP_FIRA_UCI   221
#define	WTAP_ENCAP_SILABS_DEBUG_CHANNEL   222
#define	WTAP_ENCAP_MDB   223
#define	WTAP_ENCAP_EMS   224
#define	WTAP_ENCAP_DECT_NR   225
#define	WTAP_NUM_ENCAP_TYPES   wtap_get_num_encap_types()
#define	WTAP_FILE_TYPE_SUBTYPE_UNKNOWN   -1
#define	WTAP_TSPREC_UNKNOWN   -2
#define	WTAP_TSPREC_PER_PACKET   -1 /* as a per-file value, means per-packet */
#define	WTAP_TSPREC_SEC   0
#define	WTAP_TSPREC_100_MSEC   1
#define	WTAP_TSPREC_DSEC   1 /* Backwards compatibility */
#define	WTAP_TSPREC_10_MSEC   2
#define	WTAP_TSPREC_CSEC   2 /* Backwards compatibility */
#define	WTAP_TSPREC_MSEC   3
#define	WTAP_TSPREC_100_USEC   4
#define	WTAP_TSPREC_10_USEC   5
#define	WTAP_TSPREC_USEC   6
#define	WTAP_TSPREC_100_NSEC   7
#define	WTAP_TSPREC_10_NSEC   8
#define	WTAP_TSPREC_NSEC   9
#define	WTAP_MAX_PACKET_SIZE_STANDARD   262144U
#define	WTAP_MAX_PACKET_SIZE_USBPCAP   (128U*1024U*1024U)
#define	WTAP_MAX_PACKET_SIZE_EBHSCR   (32U*1024U*1024U)
#define	WTAP_MAX_PACKET_SIZE_DBUS   (128U*1024U*1024U)
#define	FROM_DCE   0x80
#define	ATM_RAW_CELL   0x01 /* true if the packet is a single cell */
#define	ATM_NO_HEC   0x02 /* true if the cell has HEC stripped out */
#define	ATM_AAL2_NOPHDR   0x04 /* true if the AAL2 PDU has no pseudo-header */
#define	ATM_REASSEMBLY_ERROR   0x08 /* true if this is an incompletely-reassembled PDU */
#define	AAL_UNKNOWN   0 /* AAL unknown */
#define	AAL_1   1 /* AAL1 */
#define	AAL_2   2 /* AAL2 */
#define	AAL_3_4   3 /* AAL3/4 */
#define	AAL_5   4 /* AAL5 */
#define	AAL_USER   5 /* User AAL */
#define	AAL_SIGNALLING   6 /* Signaling AAL */
#define	AAL_OAMCELL   7 /* OAM cell */
#define	TRAF_UNKNOWN   0 /* Unknown */
#define	TRAF_LLCMX   1 /* LLC multiplexed (RFC 1483) */
#define	TRAF_VCMX   2 /* VC multiplexed (RFC 1483) */
#define	TRAF_LANE   3 /* LAN Emulation */
#define	TRAF_ILMI   4 /* ILMI */
#define	TRAF_FR   5 /* Frame Relay */
#define	TRAF_SPANS   6 /* FORE SPANS */
#define	TRAF_IPSILON   7 /* Ipsilon */
#define	TRAF_UMTS_FP   8 /* UMTS Frame Protocol */
#define	TRAF_GPRS_NS   9 /* GPRS Network Services */
#define	TRAF_SSCOP   10 /* SSCOP */
#define	TRAF_ST_UNKNOWN   0 /* Unknown */
#define	TRAF_ST_VCMX_802_3_FCS   1 /* 802.3 with an FCS */
#define	TRAF_ST_VCMX_802_4_FCS   2 /* 802.4 with an FCS */
#define	TRAF_ST_VCMX_802_5_FCS   3 /* 802.5 with an FCS */
#define	TRAF_ST_VCMX_FDDI_FCS   4 /* FDDI with an FCS */
#define	TRAF_ST_VCMX_802_6_FCS   5 /* 802.6 with an FCS */
#define	TRAF_ST_VCMX_802_3   7 /* 802.3 without an FCS */
#define	TRAF_ST_VCMX_802_4   8 /* 802.4 without an FCS */
#define	TRAF_ST_VCMX_802_5   9 /* 802.5 without an FCS */
#define	TRAF_ST_VCMX_FDDI   10 /* FDDI without an FCS */
#define	TRAF_ST_VCMX_802_6   11 /* 802.6 without an FCS */
#define	TRAF_ST_VCMX_FRAGMENTS   12 /* Fragments */
#define	TRAF_ST_VCMX_BPDU   13 /* BPDU */
#define	TRAF_ST_LANE_LE_CTRL   1 /* LANE: LE Ctrl */
#define	TRAF_ST_LANE_802_3   2 /* LANE: 802.3 */
#define	TRAF_ST_LANE_802_5   3 /* LANE: 802.5 */
#define	TRAF_ST_LANE_802_3_MC   4 /* LANE: 802.3 multicast */
#define	TRAF_ST_LANE_802_5_MC   5 /* LANE: 802.5 multicast */
#define	TRAF_ST_IPSILON_FT0   1 /* Ipsilon: Flow Type 0 */
#define	TRAF_ST_IPSILON_FT1   2 /* Ipsilon: Flow Type 1 */
#define	TRAF_ST_IPSILON_FT2   3 /* Ipsilon: Flow Type 2 */
#define	ASCEND_MAX_STR_LEN   64
#define	ASCEND_PFX_WDS_X   1
#define	ASCEND_PFX_WDS_R   2
#define	ASCEND_PFX_WDD   3
#define	ASCEND_PFX_ISDN_X   4
#define	ASCEND_PFX_ISDN_R   5
#define	ASCEND_PFX_ETHER   6
#define	PHDR_802_11_PHY_UNKNOWN   0 /* PHY not known */
#define	PHDR_802_11_PHY_11_FHSS   1 /* 802.11 FHSS */
#define	PHDR_802_11_PHY_11_IR   2 /* 802.11 IR */
#define	PHDR_802_11_PHY_11_DSSS   3 /* 802.11 DSSS */
#define	PHDR_802_11_PHY_11B   4 /* 802.11b */
#define	PHDR_802_11_PHY_11A   5 /* 802.11a */
#define	PHDR_802_11_PHY_11G   6 /* 802.11g */
#define	PHDR_802_11_PHY_11N   7 /* 802.11n */
#define	PHDR_802_11_PHY_11AC   8 /* 802.11ac */
#define	PHDR_802_11_PHY_11AD   9 /* 802.11ad */
#define	PHDR_802_11_PHY_11AH   10 /* 802.11ah */
#define	PHDR_802_11_PHY_11AX   11 /* 802.11ax */
#define	PHDR_802_11_PHY_11BE   12 /* 802.11be - EHT */
#define	PHDR_802_11A_CHANNEL_TYPE_NORMAL   0
#define	PHDR_802_11A_CHANNEL_TYPE_HALF_CLOCKED   1
#define	PHDR_802_11A_CHANNEL_TYPE_QUARTER_CLOCKED   2
#define	PHDR_802_11A_TURBO_TYPE_NORMAL   0
#define	PHDR_802_11A_TURBO_TYPE_TURBO   1 /* If we don't know whether it's static or dynamic */
#define	PHDR_802_11A_TURBO_TYPE_DYNAMIC_TURBO   2
#define	PHDR_802_11A_TURBO_TYPE_STATIC_TURBO   3
#define	PHDR_802_11G_MODE_NORMAL   0
#define	PHDR_802_11G_MODE_SUPER_G   1 /* Atheros Super G */
#define	PHDR_802_11_BANDWIDTH_20_MHZ   0 /* 20 MHz */
#define	PHDR_802_11_BANDWIDTH_40_MHZ   1 /* 40 MHz */
#define	PHDR_802_11_BANDWIDTH_20_20L   2 /* 20 + 20L, 40 MHz */
#define	PHDR_802_11_BANDWIDTH_20_20U   3 /* 20 + 20U, 40 MHz */
#define	PHDR_802_11_BANDWIDTH_80_MHZ   4 /* 80 MHz */
#define	PHDR_802_11_BANDWIDTH_40_40L   5 /* 40 + 40L MHz, 80 MHz */
#define	PHDR_802_11_BANDWIDTH_40_40U   6 /* 40 + 40U MHz, 80 MHz */
#define	PHDR_802_11_BANDWIDTH_20LL   7 /* ???, 80 MHz */
#define	PHDR_802_11_BANDWIDTH_20LU   8 /* ???, 80 MHz */
#define	PHDR_802_11_BANDWIDTH_20UL   9 /* ???, 80 MHz */
#define	PHDR_802_11_BANDWIDTH_20UU   10 /* ???, 80 MHz */
#define	PHDR_802_11_BANDWIDTH_160_MHZ   11 /* 160 MHz */
#define	PHDR_802_11_BANDWIDTH_80_80L   12 /* 80 + 80L, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_80_80U   13 /* 80 + 80U, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_40LL   14 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_40LU   15 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_40UL   16 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_40UU   17 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20LLL   18 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20LLU   19 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20LUL   20 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20LUU   21 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20ULL   22 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20ULU   23 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20UUL   24 /* ???, 160 MHz */
#define	PHDR_802_11_BANDWIDTH_20UUU   25 /* ???, 160 MHz */
#define	PHDR_802_11AD_MIN_FREQUENCY   57000
#define	PHDR_802_11AD_MAX_FREQUENCY   71000
#define	IS_80211AD(frequency)
#define	PHDR_802_11BE_MAX_USERS   4
#define	PHDR_802_11_LAST_PART_OF_A_MPDU   0x00000001 /* this is the last part of an A-MPDU */
#define	PHDR_802_11_A_MPDU_DELIM_CRC_ERROR   0x00000002 /* delimiter CRC error after this part */
#define	PHDR_802_11_SOUNDING_PSDU   0 /* sounding PPDU */
#define	PHDR_802_11_DATA_NOT_CAPTURED   1 /* data not captured, (e.g. multi-user PPDU) */
#define	PHDR_802_11_0_LENGTH_PSDU_VENDOR_SPECIFIC   0xff
#define	COSINE_MAX_IF_NAME_LEN   128
#define	COSINE_ENCAP_TEST   1
#define	COSINE_ENCAP_PPoATM   2
#define	COSINE_ENCAP_PPoFR   3
#define	COSINE_ENCAP_ATM   4
#define	COSINE_ENCAP_FR   5
#define	COSINE_ENCAP_HDLC   6
#define	COSINE_ENCAP_PPP   7
#define	COSINE_ENCAP_ETH   8
#define	COSINE_ENCAP_UNKNOWN   99
#define	COSINE_DIR_TX   1
#define	COSINE_DIR_RX   2
#define	IRDA_INCOMING   0x0000
#define	IRDA_OUTGOING   0x0004
#define	IRDA_LOG_MESSAGE   0x0100 /* log message */
#define	IRDA_MISSED_MSG   0x0101 /* missed log entry or frame */
#define	IRDA_CLASS_FRAME   0x0000
#define	IRDA_CLASS_LOG   0x0100
#define	IRDA_CLASS_MASK   0xFF00
#define	MTP2_ANNEX_A_NOT_USED   0
#define	MTP2_ANNEX_A_USED   1
#define	MTP2_ANNEX_A_USED_UNKNOWN   2
#define	K12_PORT_DS0S   0x00010008
#define	K12_PORT_DS1   0x00100008
#define	K12_PORT_ATMPVC   0x01020000
#define	MAX_ERF_EHDR   16
#define	SITA_FRAME_DIR_TXED   (0x00) /* values of sita_phdr.flags */
#define	SITA_FRAME_DIR_RXED   (0x01)
#define	SITA_FRAME_DIR   (0x01) /* mask */
#define	SITA_ERROR_NO_BUFFER   (0x80)
#define	SITA_SIG_DSR   (0x01) /* values of sita_phdr.signals */
#define	SITA_SIG_DTR   (0x02)
#define	SITA_SIG_CTS   (0x04)
#define	SITA_SIG_RTS   (0x08)
#define	SITA_SIG_DCD   (0x10)
#define	SITA_SIG_UNDEF1   (0x20)
#define	SITA_SIG_UNDEF2   (0x40)
#define	SITA_SIG_UNDEF3   (0x80)
#define	SITA_ERROR_TX_UNDERRUN   (0x01) /* values of sita_phdr.errors2 (if SITA_FRAME_DIR_TXED) */
#define	SITA_ERROR_TX_CTS_LOST   (0x02)
#define	SITA_ERROR_TX_UART_ERROR   (0x04)
#define	SITA_ERROR_TX_RETX_LIMIT   (0x08)
#define	SITA_ERROR_TX_UNDEF1   (0x10)
#define	SITA_ERROR_TX_UNDEF2   (0x20)
#define	SITA_ERROR_TX_UNDEF3   (0x40)
#define	SITA_ERROR_TX_UNDEF4   (0x80)
#define	SITA_ERROR_RX_FRAMING   (0x01) /* values of sita_phdr.errors1 (if SITA_FRAME_DIR_RXED) */
#define	SITA_ERROR_RX_PARITY   (0x02)
#define	SITA_ERROR_RX_COLLISION   (0x04)
#define	SITA_ERROR_RX_FRAME_LONG   (0x08)
#define	SITA_ERROR_RX_FRAME_SHORT   (0x10)
#define	SITA_ERROR_RX_UNDEF1   (0x20)
#define	SITA_ERROR_RX_UNDEF2   (0x40)
#define	SITA_ERROR_RX_UNDEF3   (0x80)
#define	SITA_ERROR_RX_NONOCTET_ALIGNED   (0x01) /* values of sita_phdr.errors2 (if SITA_FRAME_DIR_RXED) */
#define	SITA_ERROR_RX_ABORT   (0x02)
#define	SITA_ERROR_RX_CD_LOST   (0x04)
#define	SITA_ERROR_RX_DPLL   (0x08)
#define	SITA_ERROR_RX_OVERRUN   (0x10)
#define	SITA_ERROR_RX_FRAME_LEN_VIOL   (0x20)
#define	SITA_ERROR_RX_CRC   (0x40)
#define	SITA_ERROR_RX_BREAK   (0x80)
#define	SITA_PROTO_UNUSED   (0x00) /* values of sita_phdr.proto */
#define	SITA_PROTO_BOP_LAPB   (0x01)
#define	SITA_PROTO_ETHERNET   (0x02)
#define	SITA_PROTO_ASYNC_INTIO   (0x03)
#define	SITA_PROTO_ASYNC_BLKIO   (0x04)
#define	SITA_PROTO_ALC   (0x05)
#define	SITA_PROTO_UTS   (0x06)
#define	SITA_PROTO_PPP_HDLC   (0x07)
#define	SITA_PROTO_SDLC   (0x08)
#define	SITA_PROTO_TOKENRING   (0x09)
#define	SITA_PROTO_I2C   (0x10)
#define	SITA_PROTO_DPM_LINK   (0x11)
#define	SITA_PROTO_BOP_FRL   (0x12)
#define	BTHCI_CHANNEL_COMMAND   1
#define	BTHCI_CHANNEL_ACL   2
#define	BTHCI_CHANNEL_SCO   3
#define	BTHCI_CHANNEL_EVENT   4
#define	BTHCI_CHANNEL_ISO   5
#define	GSM_UM_CHANNEL_UNKNOWN   0
#define	GSM_UM_CHANNEL_BCCH   1
#define	GSM_UM_CHANNEL_SDCCH   2
#define	GSM_UM_CHANNEL_SACCH   3
#define	GSM_UM_CHANNEL_FACCH   4
#define	GSM_UM_CHANNEL_CCCH   5
#define	GSM_UM_CHANNEL_RACH   6
#define	GSM_UM_CHANNEL_AGCH   7
#define	GSM_UM_CHANNEL_PCH   8
#define	LLCP_PHDR_FLAG_SENT   0
#define	REC_TYPE_PACKET   0
#define	REC_TYPE_FT_SPECIFIC_EVENT   1
#define	REC_TYPE_FT_SPECIFIC_REPORT   2
#define	REC_TYPE_SYSCALL   3
#define	REC_TYPE_SYSTEMD_JOURNAL_EXPORT   4
#define	REC_TYPE_CUSTOM_BLOCK   5
#define	PACK_FLAGS_DIRECTION_MASK   0x00000003 /* unshifted */
#define	PACK_FLAGS_DIRECTION_SHIFT   0
#define	PACK_FLAGS_DIRECTION(pack_flags)   (((pack_flags) & PACK_FLAGS_DIRECTION_MASK) >> PACK_FLAGS_DIRECTION_SHIFT)
#define	PACK_FLAGS_DIRECTION_UNKNOWN   0
#define	PACK_FLAGS_DIRECTION_INBOUND   1
#define	PACK_FLAGS_DIRECTION_OUTBOUND   2
#define	PACK_FLAGS_RECEPTION_TYPE_MASK   0x0000001C /* unshifted */
#define	PACK_FLAGS_RECEPTION_TYPE_SHIFT   2
#define	PACK_FLAGS_RECEPTION_TYPE(pack_flags)   (((pack_flags) & PACK_FLAGS_RECEPTION_TYPE_MASK) >> PACK_FLAGS_RECEPTION_TYPE_SHIFT)
#define	PACK_FLAGS_RECEPTION_TYPE_UNSPECIFIED   0
#define	PACK_FLAGS_RECEPTION_TYPE_UNICAST   1
#define	PACK_FLAGS_RECEPTION_TYPE_MULTICAST   2
#define	PACK_FLAGS_RECEPTION_TYPE_BROADCAST   3
#define	PACK_FLAGS_RECEPTION_TYPE_PROMISCUOUS   4
#define	PACK_FLAGS_FCS_LENGTH_MASK   0x000001E0 /* unshifted */
#define	PACK_FLAGS_FCS_LENGTH_SHIFT   5
#define	PACK_FLAGS_FCS_LENGTH(pack_flags)   (((pack_flags) & PACK_FLAGS_FCS_LENGTH_MASK) >> PACK_FLAGS_FCS_LENGTH_SHIFT)
#define	PACK_FLAGS_RESERVED_MASK   0x0000FE00
#define	PACK_FLAGS_CRC_ERROR   0x01000000
#define	PACK_FLAGS_PACKET_TOO_LONG   0x02000000
#define	PACK_FLAGS_PACKET_TOO_SHORT   0x04000000
#define	PACK_FLAGS_WRONG_INTER_FRAME_GAP   0x08000000
#define	PACK_FLAGS_UNALIGNED_FRAME   0x10000000
#define	PACK_FLAGS_START_FRAME_DELIMITER_ERROR   0x20000000
#define	PACK_FLAGS_PREAMBLE_ERROR   0x40000000
#define	PACK_FLAGS_SYMBOL_ERROR   0x80000000
#define	PACK_FLAGS_VALUE(direction, reception_type, fcs_length, ll_dependent_errors)
#define	BBLOG_TYPE_EVENT_BLOCK   1
#define	BBLOG_TYPE_SKIPPED_BLOCK   2
#define	WTAP_NSTIME_32BIT_SECS_MAX   ((time_t)(sizeof(time_t) > sizeof(int32_t) ? UINT32_MAX : INT32_MAX))
#define	WTAP_HAS_TS   0x00000001
#define	WTAP_HAS_CAP_LEN   0x00000002
#define	WTAP_HAS_INTERFACE_ID   0x00000004
#define	WTAP_HAS_SECTION_NUMBER   0x00000008
#define	MAXNAMELEN   64 /* max name length (most names: DNS labels, services, eth) */
#define	MAXDNSNAMELEN   256 /* max total length of a domain name in DNS */
#define	WTAP_DUMP_PARAMS_INIT   {.snaplen=0}
#define	WTAP_COMMENT_PER_SECTION   0x00000001 /* per-file/per-file-section */
#define	WTAP_COMMENT_PER_INTERFACE   0x00000002 /* per-interface */
#define	WTAP_COMMENT_PER_PACKET   0x00000004 /* per-packet */
#define	OPTION_TYPES_SUPPORTED(option_type_array)    array_length(option_type_array), option_type_array
#define	NO_OPTIONS_SUPPORTED    0, NULL
#define	BLOCKS_SUPPORTED(block_type_array)    array_length(block_type_array), block_type_array
#define	WTAP_TYPE_AUTO   0
#define	WTAP_ERR_NOT_REGULAR_FILE   -1
#define	WTAP_ERR_RANDOM_OPEN_PIPE   -2
#define	WTAP_ERR_FILE_UNKNOWN_FORMAT   -3
#define	WTAP_ERR_UNSUPPORTED   -4
#define	WTAP_ERR_CANT_WRITE_TO_PIPE   -5
#define	WTAP_ERR_CANT_OPEN   -6
#define	WTAP_ERR_UNWRITABLE_FILE_TYPE   -7
#define	WTAP_ERR_UNWRITABLE_ENCAP   -8
#define	WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED   -9
#define	WTAP_ERR_CANT_WRITE   -10
#define	WTAP_ERR_CANT_CLOSE   -11
#define	WTAP_ERR_SHORT_READ   -12
#define	WTAP_ERR_BAD_FILE   -13
#define	WTAP_ERR_SHORT_WRITE   -14
#define	WTAP_ERR_UNC_OVERFLOW   -15
#define	WTAP_ERR_RANDOM_OPEN_STDIN   -16
#define	WTAP_ERR_COMPRESSION_NOT_SUPPORTED   -17
#define	WTAP_ERR_CANT_SEEK   -18
#define	WTAP_ERR_CANT_SEEK_COMPRESSED   -19
#define	WTAP_ERR_DECOMPRESS   -20
#define	WTAP_ERR_INTERNAL   -21
#define	WTAP_ERR_PACKET_TOO_LARGE   -22
#define	WTAP_ERR_CHECK_WSLUA   -23
#define	WTAP_ERR_UNWRITABLE_REC_TYPE   -24
#define	WTAP_ERR_UNWRITABLE_REC_DATA   -25
#define	WTAP_ERR_DECOMPRESSION_NOT_SUPPORTED   -26
#define	WTAP_ERR_TIME_STAMP_NOT_SUPPORTED   -27

Typedefs
typedef struct wtap_rec	wtap_rec
typedef struct hashipv4	hashipv4_t
typedef struct hashipv6	hashipv6_t
typedef struct addrinfo_lists	addrinfo_lists_t
typedef struct wtap_dump_params	wtap_dump_params
typedef struct wtap	wtap
typedef struct wtap_dumper	wtap_dumper
typedef struct wtap_reader *	FILE_T
typedef struct wtap_wslua_file_info	wtap_wslua_file_info_t
typedef wtap_open_return_val(*	wtap_open_routine_t) (struct wtap *, int *, char **)
typedef void(*	wtap_new_ipv4_callback_t) (const unsigned addr, const char *name, const bool static_entry)
typedef void(*	wtap_new_ipv6_callback_t) (const ws_in6_addr *addrp, const char *name, const bool static_entry)
typedef void(*	wtap_new_secrets_callback_t) (uint32_t secrets_type, const void *secrets, unsigned size)

Enumerations
enum	wtap_open_return_val { WTAP_OPEN_NOT_MINE = 0 , WTAP_OPEN_MINE = 1 , WTAP_OPEN_ERROR = -1 }
enum	wtap_open_type { OPEN_INFO_MAGIC = 0 , OPEN_INFO_HEURISTIC = 1 }
enum	option_support_t { OPTION_NOT_SUPPORTED , ONE_OPTION_SUPPORTED , MULTIPLE_OPTIONS_SUPPORTED }
enum	block_support_t { BLOCK_NOT_SUPPORTED , ONE_BLOCK_SUPPORTED , MULTIPLE_BLOCKS_SUPPORTED }
enum	wtap_compression_type {   WTAP_UNCOMPRESSED , WTAP_GZIP_COMPRESSED , WTAP_ZSTD_COMPRESSED , WTAP_LZ4_COMPRESSED ,   WTAP_UNKNOWN_COMPRESSION }
enum	ft_sort_order { FT_SORT_BY_NAME , FT_SORT_BY_DESCRIPTION }

Functions
WS_DLL_PUBLIC void	init_open_routines (void)
void	cleanup_open_routines (void)
WS_DLL_PUBLIC void	wtap_init (bool load_wiretap_plugins)
	Initialize the Wiretap library.
WS_DLL_PUBLIC struct wtap *	wtap_open_offline (const char *filename, unsigned int type, int *err, char **err_info, bool do_random)
WS_DLL_PUBLIC void	wtap_cleareof (wtap *wth)
WS_DLL_PUBLIC void	wtap_set_cb_new_ipv4 (wtap *wth, wtap_new_ipv4_callback_t add_new_ipv4)
WS_DLL_PUBLIC void	wtap_set_cb_new_ipv6 (wtap *wth, wtap_new_ipv6_callback_t add_new_ipv6)
WS_DLL_PUBLIC void	wtap_set_cb_new_secrets (wtap *wth, wtap_new_secrets_callback_t add_new_secrets)
WS_DLL_PUBLIC bool	wtap_read (wtap *wth, wtap_rec *rec, int *err, char **err_info, int64_t *offset)
WS_DLL_PUBLIC bool	wtap_seek_read (wtap *wth, int64_t seek_off, wtap_rec *rec, int *err, char **err_info)
WS_DLL_PUBLIC void	wtap_rec_init (wtap_rec *rec, gsize space)
WS_DLL_PUBLIC void	wtap_rec_apply_snapshot (wtap_rec *rec, uint32_t snaplen)
WS_DLL_PUBLIC void	wtap_rec_reset (wtap_rec *rec)
WS_DLL_PUBLIC void	wtap_rec_cleanup (wtap_rec *rec)
WS_DLL_PUBLIC wtap_compression_type	wtap_get_compression_type (wtap *wth)
WS_DLL_PUBLIC wtap_compression_type	wtap_name_to_compression_type (const char *name)
WS_DLL_PUBLIC wtap_compression_type	wtap_extension_to_compression_type (const char *ext)
WS_DLL_PUBLIC const char *	wtap_compression_type_description (wtap_compression_type compression_type)
WS_DLL_PUBLIC const char *	wtap_compression_type_extension (wtap_compression_type compression_type)
WS_DLL_PUBLIC const char *	wtap_compression_type_name (wtap_compression_type compression_type)
WS_DLL_PUBLIC GSList *	wtap_get_all_compression_type_extensions_list (void)
WS_DLL_PUBLIC GSList *	wtap_get_all_output_compression_type_names_list (void)
WS_DLL_PUBLIC bool	wtap_can_write_compression_type (wtap_compression_type compression_type)
WS_DLL_PUBLIC int64_t	wtap_read_so_far (wtap *wth)
WS_DLL_PUBLIC int64_t	wtap_file_size (wtap *wth, int *err)
WS_DLL_PUBLIC unsigned	wtap_snapshot_length (wtap *wth)
WS_DLL_PUBLIC int	wtap_file_type_subtype (wtap *wth)
WS_DLL_PUBLIC int	wtap_file_encap (wtap *wth)
WS_DLL_PUBLIC int	wtap_file_tsprec (wtap *wth)
WS_DLL_PUBLIC unsigned	wtap_file_get_num_shbs (wtap *wth)
	Gets number of section header blocks.
WS_DLL_PUBLIC wtap_block_t	wtap_file_get_shb (wtap *wth, unsigned shb_num)
	Gets existing section header block, not for new file.
WS_DLL_PUBLIC void	wtap_write_shb_comment (wtap *wth, char *comment)
	Sets or replaces the section header comment.
WS_DLL_PUBLIC unsigned	wtap_file_get_shb_global_interface_id (wtap *wth, unsigned shb_num, uint32_t interface_id)
	Gets the unique interface id for a SHB's interface.
WS_DLL_PUBLIC wtapng_iface_descriptions_t *	wtap_file_get_idb_info (wtap *wth)
	Gets existing interface descriptions.
WS_DLL_PUBLIC wtap_block_t	wtap_get_next_interface_description (wtap *wth)
	Gets next interface description.
WS_DLL_PUBLIC void	wtap_free_idb_info (wtapng_iface_descriptions_t *idb_info)
	Free's a interface description block and all of its members.
WS_DLL_PUBLIC char *	wtap_get_debug_if_descr (const wtap_block_t if_descr, const int indent, const char *line_end)
	Gets a debug string of an interface description.
WS_DLL_PUBLIC wtap_block_t	wtap_file_get_nrb (wtap *wth)
	Gets existing name resolution block, not for new file.
WS_DLL_PUBLIC unsigned	wtap_file_get_num_dsbs (wtap *wth)
	Gets number of decryption secrets blocks.
WS_DLL_PUBLIC wtap_block_t	wtap_file_get_dsb (wtap *wth, unsigned dsb_num)
	Gets existing decryption secrets block, not for new file.
WS_DLL_PUBLIC void	wtap_file_add_decryption_secrets (wtap *wth, const wtap_block_t dsb)
	Adds a Decryption Secrets Block to the open wiretap session.
WS_DLL_PUBLIC bool	wtap_file_discard_decryption_secrets (wtap *wth)
WS_DLL_PUBLIC void	wtap_fdclose (wtap *wth)
WS_DLL_PUBLIC bool	wtap_fdreopen (wtap *wth, const char *filename, int *err)
WS_DLL_PUBLIC void	wtap_sequential_close (wtap *wth)
WS_DLL_PUBLIC void	wtap_close (wtap *wth)
WS_DLL_PUBLIC bool	wtap_dump_can_open (int filetype)
WS_DLL_PUBLIC int	wtap_dump_required_file_encap_type (const GArray *file_encaps)
WS_DLL_PUBLIC bool	wtap_dump_can_write_encap (int file_type_subtype, int encap)
WS_DLL_PUBLIC bool	wtap_dump_can_compress (int file_type_subtype)
WS_DLL_PUBLIC void	wtap_dump_params_init (wtap_dump_params *params, wtap *wth)
WS_DLL_PUBLIC void	wtap_dump_params_init_no_idbs (wtap_dump_params *params, wtap *wth)
WS_DLL_PUBLIC void	wtap_dump_params_discard_name_resolution (wtap_dump_params *params)
WS_DLL_PUBLIC void	wtap_dump_params_discard_decryption_secrets (wtap_dump_params *params)
WS_DLL_PUBLIC void	wtap_dump_params_cleanup (wtap_dump_params *params)
WS_DLL_PUBLIC wtap_dumper *	wtap_dump_open (const char *filename, int file_type_subtype, wtap_compression_type compression_type, const wtap_dump_params *params, int *err, char **err_info)
	Opens a new capture file for writing.
WS_DLL_PUBLIC wtap_dumper *	wtap_dump_open_tempfile (const char *tmpdir, char **filenamep, const char *pfx, int file_type_subtype, wtap_compression_type compression_type, const wtap_dump_params *params, int *err, char **err_info)
	Creates a dumper for a temporary file.
WS_DLL_PUBLIC wtap_dumper *	wtap_dump_fdopen (int fd, int file_type_subtype, wtap_compression_type compression_type, const wtap_dump_params *params, int *err, char **err_info)
	Creates a dumper for an existing file descriptor.
WS_DLL_PUBLIC wtap_dumper *	wtap_dump_open_stdout (int file_type_subtype, wtap_compression_type compression_type, const wtap_dump_params *params, int *err, char **err_info)
	Creates a dumper for the standard output.
WS_DLL_PUBLIC bool	wtap_dump_add_idb (wtap_dumper *wdh, wtap_block_t idb, int *err, char **err_info)
WS_DLL_PUBLIC bool	wtap_dump (wtap_dumper *, const wtap_rec *, int *err, char **err_info)
WS_DLL_PUBLIC bool	wtap_dump_flush (wtap_dumper *, int *)
WS_DLL_PUBLIC int	wtap_dump_file_type_subtype (wtap_dumper *wdh)
WS_DLL_PUBLIC int64_t	wtap_get_bytes_dumped (wtap_dumper *)
WS_DLL_PUBLIC void	wtap_set_bytes_dumped (wtap_dumper *wdh, int64_t bytes_dumped)
WS_DLL_PUBLIC bool	wtap_addrinfo_list_empty (addrinfo_lists_t *addrinfo_lists)
WS_DLL_PUBLIC bool	wtap_dump_set_addrinfo_list (wtap_dumper *wdh, addrinfo_lists_t *addrinfo_lists)
WS_DLL_PUBLIC void	wtap_dump_discard_name_resolution (wtap_dumper *wdh)
WS_DLL_PUBLIC void	wtap_dump_discard_decryption_secrets (wtap_dumper *wdh)
WS_DLL_PUBLIC bool	wtap_dump_close (wtap_dumper *wdh, bool *needs_reload, int *err, char **err_info)
WS_DLL_PUBLIC bool	wtap_dump_can_write (const GArray *file_encaps, uint32_t required_comment_types)
WS_DLL_PUBLIC void	wtap_buffer_append_epdu_tag (Buffer *buf, uint16_t epdu_tag, const uint8_t *data, uint16_t data_len)
WS_DLL_PUBLIC void	wtap_buffer_append_epdu_uint (Buffer *buf, uint16_t epdu_tag, uint32_t val)
WS_DLL_PUBLIC void	wtap_buffer_append_epdu_string (Buffer *buf, uint16_t epdu_tag, const char *val)
WS_DLL_PUBLIC int	wtap_buffer_append_epdu_end (Buffer *buf)
WS_DLL_PUBLIC GArray *	wtap_get_savable_file_types_subtypes_for_file (int file_type_subtype, const GArray *file_encaps, uint32_t required_comment_types, ft_sort_order sort_order)
WS_DLL_PUBLIC GArray *	wtap_get_writable_file_types_subtypes (ft_sort_order sort_order)
WS_DLL_PUBLIC const char *	wtap_file_type_subtype_description (int file_type_subtype)
WS_DLL_PUBLIC const char *	wtap_file_type_subtype_name (int file_type_subtype)
WS_DLL_PUBLIC int	wtap_name_to_file_type_subtype (const char *name)
WS_DLL_PUBLIC int	wtap_pcap_file_type_subtype (void)
WS_DLL_PUBLIC int	wtap_pcap_nsec_file_type_subtype (void)
WS_DLL_PUBLIC int	wtap_pcapng_file_type_subtype (void)
WS_DLL_PUBLIC block_support_t	wtap_file_type_subtype_supports_block (int file_type_subtype, wtap_block_type_t type)
WS_DLL_PUBLIC option_support_t	wtap_file_type_subtype_supports_option (int file_type_subtype, wtap_block_type_t type, unsigned opttype)
WS_DLL_PUBLIC GSList *	wtap_get_all_capture_file_extensions_list (void)
WS_DLL_PUBLIC GSList *	wtap_get_all_file_extensions_list (void)
WS_DLL_PUBLIC void	wtap_free_extensions_list (GSList *extensions)
WS_DLL_PUBLIC const char *	wtap_default_file_extension (int file_type_subtype)
WS_DLL_PUBLIC GSList *	wtap_get_file_extensions_list (int file_type_subtype, bool include_compressed)
WS_DLL_PUBLIC const char *	wtap_encap_name (int encap)
WS_DLL_PUBLIC const char *	wtap_encap_description (int encap)
WS_DLL_PUBLIC int	wtap_name_to_encap (const char *short_name)
WS_DLL_PUBLIC const char *	wtap_tsprec_string (int tsprec)
WS_DLL_PUBLIC const char *	wtap_strerror (int err)
WS_DLL_PUBLIC int	wtap_get_num_file_type_extensions (void)
WS_DLL_PUBLIC int	wtap_get_num_encap_types (void)
WS_DLL_PUBLIC const char *	wtap_get_file_extension_type_name (int extension_type)
WS_DLL_PUBLIC GSList *	wtap_get_file_extension_type_extensions (unsigned extension_type)
WS_DLL_PUBLIC void	wtap_register_file_type_extension (const struct file_extension_info *ei)
WS_DLL_PUBLIC void	wtap_register_plugin (const wtap_plugin *plug)
WS_DLL_PUBLIC int	wtap_plugins_supported (void)
WS_DLL_PUBLIC void	wtap_register_open_info (struct open_info *oi, const bool first_routine)
WS_DLL_PUBLIC bool	wtap_has_open_info (const char *name)
WS_DLL_PUBLIC bool	wtap_uses_lua_filehandler (const wtap *wth)
WS_DLL_PUBLIC void	wtap_deregister_open_info (const char *name)
WS_DLL_PUBLIC unsigned int	open_info_name_to_type (const char *name)
WS_DLL_PUBLIC int	wtap_register_file_type_subtype (const struct file_type_subtype_info *fi)
WS_DLL_PUBLIC void	wtap_deregister_file_type_subtype (const int file_type_subtype)
WS_DLL_PUBLIC int	wtap_register_encap_type (const char *description, const char *name)
WS_DLL_PUBLIC void	wtap_cleanup (void)

Variables
WS_DLL_PUBLIC struct open_info *	open_routines

Detailed Description

Wiretap Library Copyright (c) 1998 by Gilbert Ramirez gram@.nosp@m.alum.nosp@m.ni.ri.nosp@m.ce.e.nosp@m.du

SPDX-License-Identifier: GPL-2.0-or-later

Macro Definition Documentation

IS_80211AD

#define IS_80211AD

(

frequency

)

Value:

                               (((frequency) >= PHDR_802_11AD_MIN_FREQUENCY) &&\
                               ((frequency) <= PHDR_802_11AD_MAX_FREQUENCY))

PACK_FLAGS_VALUE

#define PACK_FLAGS_VALUE	(		direction,
			reception_type,
			fcs_length,
			ll_dependent_errors
	)

Value:

    (((direction) << 30) | \
    ((reception_type) << 27) | \
    ((fcs_length) << 23) | \
    (ll_dependent_errors))

REC_TYPE_CUSTOM_BLOCK

#define REC_TYPE_CUSTOM_BLOCK   5

pcapng custom block

REC_TYPE_FT_SPECIFIC_EVENT

#define REC_TYPE_FT_SPECIFIC_EVENT   1

file-type-specific event

REC_TYPE_FT_SPECIFIC_REPORT

#define REC_TYPE_FT_SPECIFIC_REPORT   2

file-type-specific report

REC_TYPE_PACKET

#define REC_TYPE_PACKET   0

packet

REC_TYPE_SYSCALL

#define REC_TYPE_SYSCALL   3

system call

REC_TYPE_SYSTEMD_JOURNAL_EXPORT

#define REC_TYPE_SYSTEMD_JOURNAL_EXPORT   4

systemd journal entry

WTAP_ERR_BAD_FILE

#define WTAP_ERR_BAD_FILE   -13

The file appears to be damaged or corrupted or otherwise bogus

WTAP_ERR_CANT_CLOSE

#define WTAP_ERR_CANT_CLOSE   -11

The file couldn't be closed, reason unknown

WTAP_ERR_CANT_OPEN

#define WTAP_ERR_CANT_OPEN   -6

The file couldn't be opened, reason unknown

WTAP_ERR_CANT_SEEK

#define WTAP_ERR_CANT_SEEK   -18

An attempt to seek failed, reason unknown

WTAP_ERR_CANT_SEEK_COMPRESSED

#define WTAP_ERR_CANT_SEEK_COMPRESSED   -19

An attempt to seek on a compressed stream

WTAP_ERR_CANT_WRITE

#define WTAP_ERR_CANT_WRITE   -10

An attempt to read failed, reason unknown

WTAP_ERR_CANT_WRITE_TO_PIPE

#define WTAP_ERR_CANT_WRITE_TO_PIPE   -5

Wiretap can't save to a pipe in the specified format

WTAP_ERR_CHECK_WSLUA

#define WTAP_ERR_CHECK_WSLUA   -23

Not really an error: the file type being checked is from a Lua plugin, so that the code will call wslua_can_write_encap() instead if it gets this

WTAP_ERR_COMPRESSION_NOT_SUPPORTED

#define WTAP_ERR_COMPRESSION_NOT_SUPPORTED   -17

The filetype doesn't support output compression

WTAP_ERR_DECOMPRESS

#define WTAP_ERR_DECOMPRESS   -20

Error decompressing

WTAP_ERR_DECOMPRESSION_NOT_SUPPORTED

#define WTAP_ERR_DECOMPRESSION_NOT_SUPPORTED   -26

We don't support decompressing that type of compressed file

WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED

#define WTAP_ERR_ENCAP_PER_PACKET_UNSUPPORTED   -9

The specified format doesn't support per-packet encapsulations

WTAP_ERR_FILE_UNKNOWN_FORMAT

#define WTAP_ERR_FILE_UNKNOWN_FORMAT   -3

The file being opened is not a capture file in a known format

WTAP_ERR_INTERNAL

#define WTAP_ERR_INTERNAL   -21

"Shouldn't happen" internal errors

WTAP_ERR_NOT_REGULAR_FILE

#define WTAP_ERR_NOT_REGULAR_FILE   -1

Wiretap error codes. The file being opened for reading isn't a plain file (or pipe)

WTAP_ERR_PACKET_TOO_LARGE

#define WTAP_ERR_PACKET_TOO_LARGE   -22

Packet being written is larger than we support; do not use when reading, use WTAP_ERR_BAD_FILE instead

WTAP_ERR_RANDOM_OPEN_PIPE

#define WTAP_ERR_RANDOM_OPEN_PIPE   -2

The file is being opened for random access and it's a pipe

WTAP_ERR_RANDOM_OPEN_STDIN

#define WTAP_ERR_RANDOM_OPEN_STDIN   -16

We're trying to open the standard input for random access

WTAP_ERR_SHORT_READ

#define WTAP_ERR_SHORT_READ   -12

An attempt to read less data than it should have

WTAP_ERR_SHORT_WRITE

#define WTAP_ERR_SHORT_WRITE   -14

An attempt to write wrote less data than it should have

WTAP_ERR_TIME_STAMP_NOT_SUPPORTED

#define WTAP_ERR_TIME_STAMP_NOT_SUPPORTED   -27

We don't support writing that record's time stamp to that file type

WTAP_ERR_UNC_OVERFLOW

#define WTAP_ERR_UNC_OVERFLOW   -15

Uncompressing Sniffer data would overflow buffer

WTAP_ERR_UNSUPPORTED

#define WTAP_ERR_UNSUPPORTED   -4

Supported file type, but there's something in the file we're reading that we can't support

WTAP_ERR_UNWRITABLE_ENCAP

#define WTAP_ERR_UNWRITABLE_ENCAP   -8

Wiretap can't read or save files in the specified format with the specified encapsulation

WTAP_ERR_UNWRITABLE_FILE_TYPE

#define WTAP_ERR_UNWRITABLE_FILE_TYPE   -7

Wiretap can't save files in the specified format

WTAP_ERR_UNWRITABLE_REC_DATA

#define WTAP_ERR_UNWRITABLE_REC_DATA   -25

Something in the record data can't be written to that file type

WTAP_ERR_UNWRITABLE_REC_TYPE

#define WTAP_ERR_UNWRITABLE_REC_TYPE   -24

Specified record type can't be written to that file type

WTAP_HAS_CAP_LEN

#define WTAP_HAS_CAP_LEN   0x00000002

captured length separate from on-the-network length

WTAP_HAS_INTERFACE_ID

#define WTAP_HAS_INTERFACE_ID   0x00000004

interface ID

WTAP_HAS_SECTION_NUMBER

#define WTAP_HAS_SECTION_NUMBER   0x00000008

section number

WTAP_HAS_TS

#define WTAP_HAS_TS   0x00000001

time stamp

Typedef Documentation

addrinfo_lists_t

typedef struct addrinfo_lists addrinfo_lists_t

A struct with lists of resolved addresses. Used when writing name resolutions blocks (NRB)

wtap_dump_params

typedef struct wtap_dump_params wtap_dump_params

Parameters for various wtap_dump_* functions, specifying per-file information. The structure itself is no longer used after returning from wtap_dump_*, but its pointer fields must remain valid until wtap_dump_close is called.

Note

The shb_hdr and idb_inf arguments will be used until wtap_dump_close() is called, but will not be free'd by the dumper. If you created them, you must free them yourself after wtap_dump_close(). dsbs_initial will be unreferenced by wtap_dump_close(), so to reuse them for another dump file, call wtap_block_array_ref() before closing. dsbs_growing typically refers to another wth->dsbs. nrbs_growing typically refers to another wth->nrbs.

See also

wtap_dump_params_init, wtap_dump_params_cleanup.

wtap_new_ipv4_callback_t

typedef void(* wtap_new_ipv4_callback_t) (const unsigned addr, const char *name, const bool static_entry)

Set callback functions to add new hostnames. Currently pcapng-only. MUST match add_ipv4_name and add_ipv6_name in addr_resolv.c.

wtap_new_secrets_callback_t

typedef void(* wtap_new_secrets_callback_t) (uint32_t secrets_type, const void *secrets, unsigned size)

Set callback function to receive new decryption secrets for a particular secrets type (as defined in secrets-types.h). Currently pcapng-only.

Function Documentation

wtap_buffer_append_epdu_end()

WS_DLL_PUBLIC int wtap_buffer_append_epdu_end

(

Buffer *

buf

)

Close off a set of "exported PDUs" added to the buffer. For filetype readers to transform non-packetized data.

Parameters

[in,out]

buf

Buffer into which to write field

Returns

Total length of buf populated to date

wtap_buffer_append_epdu_string()

WS_DLL_PUBLIC void wtap_buffer_append_epdu_string	(	Buffer *	buf,
		uint16_t	epdu_tag,
		const char *	val
	)

Generates packet data for a string in "exported PDU" format. For filetype readers to transform non-packetized data.

Parameters

[in,out]	buf	Buffer into which to write field
	epdu_tag	tag ID of field to create
	val	string value to write to buf

wtap_buffer_append_epdu_tag()

WS_DLL_PUBLIC void wtap_buffer_append_epdu_tag	(	Buffer *	buf,
		uint16_t	epdu_tag,
		const uint8_t *	data,
		uint16_t	data_len
	)

Generates arbitrary packet data in "exported PDU" format and appends it to buf. For filetype readers to transform non-packetized data. Calls ws_buffer_asssure_space() for you and handles padding to 4-byte boundary.

Parameters

[in,out]	buf	Buffer into which to write field
	epdu_tag	tag ID of field to create
	data	data to be written
	data_len	length of data

wtap_buffer_append_epdu_uint()

WS_DLL_PUBLIC void wtap_buffer_append_epdu_uint	(	Buffer *	buf,
		uint16_t	epdu_tag,
		uint32_t	val
	)

Generates packet data for an unsigned integer in "exported PDU" format. For filetype readers to transform non-packetized data.

Parameters

[in,out]	buf	Buffer into which to write field
	epdu_tag	tag ID of field to create
	val	integer value to write to buf

wtap_cleareof()

WS_DLL_PUBLIC void wtap_cleareof

(

wtap *

wth

)

If we were compiled with zlib and we're at EOF, unset EOF so that wtap_read/gzread has a chance to succeed. This is necessary if we're tailing a file.

wtap_close()

WS_DLL_PUBLIC void wtap_close

(

wtap *

wth

)

Closes any open file handles and frees the memory associated with wth.

wtap_dump_can_compress()

WS_DLL_PUBLIC bool wtap_dump_can_compress

(

int

file_type_subtype

)

Return true if we can write this capture file type/subtype out in compressed form, false if not.

wtap_dump_can_write()

WS_DLL_PUBLIC bool wtap_dump_can_write	(	const GArray *	file_encaps,
		uint32_t	required_comment_types
	)

Return true if we can write a file out with the given GArray of file encapsulations and the given bitmask of comment types.

wtap_dump_can_write_encap()

WS_DLL_PUBLIC bool wtap_dump_can_write_encap	(	int	file_type_subtype,
		int	encap
	)

Return true if we can write this encapsulation type in this capture file type/subtype, false if not.

wtap_dump_close()

WS_DLL_PUBLIC bool wtap_dump_close	(	wtap_dumper *	wdh,
		bool *	needs_reload,
		int *	err,
		char **	err_info
	)

Closes open file handles and frees memory associated with wdh. Note that shb_hdr and idb_inf are not freed by this routine.

Parameters

	wdh	handle for the file we're closing.
[out]	needs_reload	if not null, points to a bool that will be set to true if a full reload of the file would be required if this was done as part of a "Save" or "Save As" operation, false if no full reload would be required.
[out]	err	points to an int that will be set to an error code on failure.
[out]	err_info	for some errors, points to a char * that will be set to a string giving more details of the error.

Returns

true on success, false on failure.

wtap_dump_fdopen()

WS_DLL_PUBLIC wtap_dumper * wtap_dump_fdopen	(	int	fd,
		int	file_type_subtype,
		wtap_compression_type	compression_type,
		const wtap_dump_params *	params,
		int *	err,
		char **	err_info
	)

Creates a dumper for an existing file descriptor.

Parameters

	fd	The file descriptor for which the dumper should be created.
	file_type_subtype	The WTAP_FILE_TYPE_SUBTYPE_XXX file type.
	compression_type	Type of compression to use when writing, if any
	params	The per-file information for this file.
[out]	err	Will be set to an error code on failure.
[out]	err_info	for some errors, a string giving more details of the error

Returns

The newly created dumper object, or NULL on failure.

wtap_dump_open()

WS_DLL_PUBLIC wtap_dumper * wtap_dump_open	(	const char *	filename,
		int	file_type_subtype,
		wtap_compression_type	compression_type,
		const wtap_dump_params *	params,
		int *	err,
		char **	err_info
	)

Opens a new capture file for writing.

Parameters

	filename	The new file's name.
	file_type_subtype	The WTAP_FILE_TYPE_SUBTYPE_XXX file type.
	compression_type	Type of compression to use when writing, if any
	params	The per-file information for this file.
[out]	err	Will be set to an error code on failure.
[out]	err_info	for some errors, a string giving more details of the error

Returns

The newly created dumper object, or NULL on failure.

wtap_dump_open_stdout()

WS_DLL_PUBLIC wtap_dumper * wtap_dump_open_stdout	(	int	file_type_subtype,
		wtap_compression_type	compression_type,
		const wtap_dump_params *	params,
		int *	err,
		char **	err_info
	)

Creates a dumper for the standard output.

Parameters

	file_type_subtype	The WTAP_FILE_TYPE_SUBTYPE_XXX file type.
	compression_type	Type of compression to use when writing, if any
	params	The per-file information for this file.
[out]	err	Will be set to an error code on failure.
[out]	err_info	for some errors, a string giving more details of the error

Returns

The newly created dumper object, or NULL on failure.

wtap_dump_open_tempfile()

WS_DLL_PUBLIC wtap_dumper * wtap_dump_open_tempfile	(	const char *	tmpdir,
		char **	filenamep,
		const char *	pfx,
		int	file_type_subtype,
		wtap_compression_type	compression_type,
		const wtap_dump_params *	params,
		int *	err,
		char **	err_info
	)

Creates a dumper for a temporary file.

Parameters

	tmpdir	Directory in which to create the temporary file.
	filenamep	Points to a pointer that's set to point to the pathname of the temporary file; it's allocated with g_malloc()
	pfx	A string to be used as the prefix for the temporary file name
	file_type_subtype	The WTAP_FILE_TYPE_SUBTYPE_XXX file type.
	compression_type	Type of compression to use when writing, if any
	params	The per-file information for this file.
[out]	err	Will be set to an error code on failure.
[out]	err_info	for some errors, a string giving more details of the error

Returns

The newly created dumper object, or NULL on failure.

wtap_dump_params_cleanup()

WS_DLL_PUBLIC void wtap_dump_params_cleanup

(

wtap_dump_params *

params

)

Free memory associated with the wtap_dump_params when it is no longer in use by wtap_dumper.

Parameters

params

The parameters as initialized by wtap_dump_params_init.

wtap_dump_params_discard_decryption_secrets()

WS_DLL_PUBLIC void wtap_dump_params_discard_decryption_secrets

(

wtap_dump_params *

params

)

Remove any decryption secret information from the per-file information; used if we're stripping decryption secrets as we write the file.

Parameters

params

The parameters for wtap_dump_* from which to remove the decryption secrets..

wtap_dump_params_discard_name_resolution()

WS_DLL_PUBLIC void wtap_dump_params_discard_name_resolution

(

wtap_dump_params *

params

)

Remove any name resolution information from the per-file information; used if we're stripping name resolution as we write the file.

Parameters

params

The parameters for wtap_dump_* from which to remove the name resolution..

wtap_dump_params_init()

WS_DLL_PUBLIC void wtap_dump_params_init	(	wtap_dump_params *	params,
		wtap *	wth
	)

Initialize the per-file information based on an existing file. Its contents must be freed according to the requirements of wtap_dump_params. If wth does not remain valid for the duration of the session, dsbs_growing MUST be cleared after this function.

Parameters

params	The parameters for wtap_dump_* to initialize.
wth	The wiretap session.

wtap_dump_params_init_no_idbs()

WS_DLL_PUBLIC void wtap_dump_params_init_no_idbs	(	wtap_dump_params *	params,
		wtap *	wth
	)

Initialize the per-file information based on an existing file, but don't copy over the interface information. Its contents must be freed according to the requirements of wtap_dump_params. If wth does not remain valid for the duration of the session, dsbs_growing MUST be cleared after this function.

XXX - this should eventually become wtap_dump_params_init(), with all programs writing capture files copying IDBs over by hand, so that they handle IDBs in the middle of the file.

Parameters

params	The parameters for wtap_dump_* to initialize.
wth	The wiretap session.

wtap_dump_required_file_encap_type()

WS_DLL_PUBLIC int wtap_dump_required_file_encap_type

(

const GArray *

file_encaps

)

Given a GArray of WTAP_ENCAP_ types, return the per-file encapsulation type that would be needed to write out a file with those types.

wtap_file_add_decryption_secrets()

WS_DLL_PUBLIC void wtap_file_add_decryption_secrets	(	wtap *	wth,
		const wtap_block_t	dsb
	)

Adds a Decryption Secrets Block to the open wiretap session.

The passed-in DSB is added to the DSBs for the current session.

Parameters

wth	The wiretap session.
dsb	The Decryption Secrets Block to add

wtap_file_discard_decryption_secrets()

WS_DLL_PUBLIC bool wtap_file_discard_decryption_secrets

(

wtap *

wth

)

Remove any decryption secret information from the per-file information; used if we're stripping decryption secrets while the file is open

Parameters

wth	The wiretap session from which to remove the decryption secrets.

Returns

true if any DSBs were removed

wtap_file_get_dsb()

WS_DLL_PUBLIC wtap_block_t wtap_file_get_dsb	(	wtap *	wth,
		unsigned	dsb_num
	)

Gets existing decryption secrets block, not for new file.

Returns the pointer to an existing DSB, without creating a new one. This should only be used for accessing info.

Parameters

wth	The wiretap session.
dsb_num	The ordinal number (0-based) of the decryption secrets block in the file

Returns

The specified existing decryption secrets block, which must NOT be g_free'd.

wtap_file_get_idb_info()

WS_DLL_PUBLIC wtapng_iface_descriptions_t * wtap_file_get_idb_info

(

wtap *

wth

)

Gets existing interface descriptions.

Returns a new struct containing a pointer to the existing description, without creating new descriptions internally.

Note

The returned pointer must be g_free'd, but its internal interface_data must not.

Parameters

wth	The wiretap session.

Returns

A new struct of the existing section descriptions, which must be g_free'd.

wtap_file_get_nrb()

WS_DLL_PUBLIC wtap_block_t wtap_file_get_nrb

(

wtap *

wth

)

Gets existing name resolution block, not for new file.

Returns the pointer to the existing NRB, without creating a new one. This should only be used for accessing info, not for creating a new file based on existing NRB info. Use wtap_file_get_nrb_for_new_file() for that.

Parameters

wth	The wiretap session.

Returns

The existing section header, which must NOT be g_free'd.

XXX - need to be updated to handle multiple NRBs.

wtap_file_get_num_dsbs()

WS_DLL_PUBLIC unsigned wtap_file_get_num_dsbs

(

wtap *

wth

)

Gets number of decryption secrets blocks.

Returns the number of existing DSBs.

Parameters

wth	The wiretap session.

Returns

The number of existing decryption secrets blocks.

wtap_file_get_num_shbs()

WS_DLL_PUBLIC unsigned wtap_file_get_num_shbs

(

wtap *

wth

)

Gets number of section header blocks.

Returns the number of existing SHBs.

Parameters

wth	The wiretap session.

Returns

The number of existing section headers.

wtap_file_get_shb()

WS_DLL_PUBLIC wtap_block_t wtap_file_get_shb	(	wtap *	wth,
		unsigned	shb_num
	)

Gets existing section header block, not for new file.

Returns the pointer to an existing SHB, without creating a new one. This should only be used for accessing info, not for creating a new file based on existing SHB info. Use wtap_file_get_shb_for_new_file() for that.

Parameters

wth	The wiretap session.
shb_num	The ordinal number (0-based) of the section header in the file

Returns

The specified existing section header, which must NOT be g_free'd.

wtap_file_get_shb_global_interface_id()

WS_DLL_PUBLIC unsigned wtap_file_get_shb_global_interface_id	(	wtap *	wth,
		unsigned	shb_num,
		uint32_t	interface_id
	)

Gets the unique interface id for a SHB's interface.

Given an existing SHB number and an interface ID within that section, returns the unique ordinal number (0-based) of that interface over the entire wiretap session.

Parameters

wth	The wiretap session.
shb_num	The ordinal number (0-based) of a section header
interface_id	An interface id within the section

Returns

The unique wtap session-wide interface id for that interface

wtap_file_type_subtype_supports_block()

WS_DLL_PUBLIC block_support_t wtap_file_type_subtype_supports_block	(	int	file_type_subtype,
		wtap_block_type_t	type
	)

Return an indication of whether this capture file format supports the block in question.

wtap_file_type_subtype_supports_option()

WS_DLL_PUBLIC option_support_t wtap_file_type_subtype_supports_option	(	int	file_type_subtype,
		wtap_block_type_t	type,
		unsigned	opttype
	)

Return an indication of whether this capture file format supports the option in queston for the block in question.

wtap_free_idb_info()

WS_DLL_PUBLIC void wtap_free_idb_info

(

wtapng_iface_descriptions_t *

idb_info

)

Free's a interface description block and all of its members.

This free's all of the interface descriptions inside the passed-in struct, including their members (e.g., comments); and then free's the passed-in struct as well.

Warning

Do not use this for the struct returned by wtap_file_get_idb_info(), as that one did not create the internal interface descriptions; for that case you can simply g_free() the new struct.

wtap_get_debug_if_descr()

WS_DLL_PUBLIC char * wtap_get_debug_if_descr	(	const wtap_block_t	if_descr,
		const int	indent,
		const char *	line_end
	)

Gets a debug string of an interface description.

Returns a newly allocated string of debug information about the given interface descrption, useful for debugging.

Note

The returned pointer must be g_free'd.

Parameters

if_descr	The interface description.
indent	Number of spaces to indent each line by.
line_end	A string to append to each line (e.g., "\n" or ", ").

Returns

A newly allocated gcahr array string, which must be g_free'd.

wtap_get_next_interface_description()

WS_DLL_PUBLIC wtap_block_t wtap_get_next_interface_description

(

wtap *

wth

)

Gets next interface description.

This returns the first unfetched wtap_block_t from the set of interface descriptions. Returns NULL if there are no more unfetched interface descriptions; a subsequent call after wtap_read() returns, either with a new record or an EOF, may return another interface description.

wtap_get_savable_file_types_subtypes_for_file()

WS_DLL_PUBLIC GArray * wtap_get_savable_file_types_subtypes_for_file	(	int	file_type_subtype,
		const GArray *	file_encaps,
		uint32_t	required_comment_types,
		ft_sort_order	sort_order
	)

Get a GArray of file type/subtype values for file types/subtypes that can be used to save a file of a given type with a given GArray of WTAP_ENCAP_ types and the given bitmask of comment types.

wtap_get_writable_file_types_subtypes()

WS_DLL_PUBLIC GArray * wtap_get_writable_file_types_subtypes

(

ft_sort_order

sort_order

)

Get a GArray of all writable file type/subtype values.

wtap_init()

WS_DLL_PUBLIC void wtap_init

(

bool

load_wiretap_plugins

)

Initialize the Wiretap library.

Parameters

load_wiretap_plugins

Load Wiretap plugins when initializing library.

wtap_open_offline()

WS_DLL_PUBLIC struct wtap * wtap_open_offline	(	const char *	filename,
		unsigned int	type,
		int *	err,
		char **	err_info,
		bool	do_random
	)

On failure, "wtap_open_offline()" returns NULL, and puts into the "int" pointed to by its second argument:

Parameters

	filename	Name of the file to open
	type	WTAP_TYPE_AUTO for automatic recognize file format or explicit choose format type
[out]	err	a positive "errno" value if the capture file can't be opened; a negative number, indicating the type of error, on other failures.
[out]	err_info	for some errors, a string giving more details of the error
	do_random	true if random access to the file will be done, false if not

wtap_plugins_supported()

WS_DLL_PUBLIC int wtap_plugins_supported

(

void

)

Returns_ 0 if plugins can be loaded for libwiretap (file type). 1 if plugins are not supported by the platform. -1 if plugins were disabled in the build configuration.

wtap_read()

WS_DLL_PUBLIC bool wtap_read	(	wtap *	wth,
		wtap_rec *	rec,
		int *	err,
		char **	err_info,
		int64_t *	offset
	)

Read the next record in the file, filling in *phdr and *buf.

@wth a wtap * returned by a call that opened a file for reading. @rec a pointer to a wtap_rec, filled in with information about the record and the data from the record.

Parameters

err	a positive "errno" value, or a negative number indicating the type of error, if the read failed.
err_info	for some errors, a string giving more details of the error
offset	a pointer to a int64_t, set to the offset in the file that should be used on calls to wtap_seek_read() to reread that record, if the read succeeded.

Returns

true on success, false on failure.

wtap_read_so_far()

WS_DLL_PUBLIC int64_t wtap_read_so_far

(

wtap *

wth

)

Return an approximation of the amount of data we've read sequentially from the file so far.

wtap_seek_read()

WS_DLL_PUBLIC bool wtap_seek_read	(	wtap *	wth,
		int64_t	seek_off,
		wtap_rec *	rec,
		int *	err,
		char **	err_info
	)

Read the record at a specified offset in a capture file, filling in *phdr and *buf.

@wth a wtap * returned by a call that opened a file for random-access reading. @seek_off a int64_t giving an offset value returned by a previous wtap_read() call. @rec a pointer to a struct wtap_rec, filled in with information about the record and the data from the record.

Parameters

err	a positive "errno" value, or a negative number indicating the type of error, if the read failed.
err_info	for some errors, a string giving more details of the error

Returns

true on success, false on failure.

wtap_sequential_close()

WS_DLL_PUBLIC void wtap_sequential_close

(

wtap *

wth

)

Close only the sequential side, freeing up memory it uses.

wtap_write_shb_comment()

WS_DLL_PUBLIC void wtap_write_shb_comment	(	wtap *	wth,
		char *	comment
	)

Sets or replaces the section header comment.

The passed-in comment string is set to be the comment for the section header block. The passed-in string's ownership will be owned by the block, so it should be duplicated before passing into this function.

Parameters

wth	The wiretap session.
comment	The comment string.