Main Page | Data Structures | File List | Data Fields | Globals | Related Pages

sniff_private.h

Go to the documentation of this file.
00001 /*****************************************************************************
00002  * Copyright 2005 Daniel Ferullo                                             *
00003  *                                                                           *
00004  * Licensed under the Apache License, Version 2.0 (the "License");           *
00005  * you may not use this file except in compliance with the License.          *
00006  * You may obtain a copy of the License at                                   *
00007  *                                                                           *
00008  *    http://www.apache.org/licenses/LICENSE-2.0                             *
00009  *                                                                           *
00010  * Unless required by applicable law or agreed to in writing, software       *
00011  * distributed under the License is distributed on an "AS IS" BASIS,         *
00012  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  *
00013  * See the License for the specific language governing permissions and       *
00014  * limitations under the License.                                            *
00015  *                                                                           *
00016  *****************************************************************************/
00017 
00018 /**
00019  * @file sniff_private.h
00020  * @author Daniel Ferullo (ferullo@cmu.edu)
00021  *
00022  * @brief prototypes for private sniffing functions
00023  */
00024 
00025 #ifndef __SNIFF_PRIVATE_H__
00026 #define __SNIFF_PRIVATE_H__
00027 
00028 #include <pcap.h>
00029 
00030 /**
00031  * @brief initializes the pcap functions
00032  *
00033  * @param pcap_desc pointer pointer to fill in with the pcap descriptor
00034  * @param device the network device to capture on
00035  * @param timeout timeout in ms to use when capturing packets, -1 = no timeout
00036  * @param errbuf the pcap error buffer to use
00037  * @param errbuf_len the length of the error buffer
00038  *
00039  * @return SUCCESS, errorcode on failure
00040  */
00041 
00042 errorcode init_packet_capture(pcap_t **pcap_desc, char *device, int timeout,
00043                                 char *errbuf, long errbuf_len );
00044 
00045 /**
00046  * @brief finds a tcp packet, looping over all captured packets until the
00047  * correct one is found
00048  *
00049  * If the passed in flag takes on any value other than FLAG_UNSET then this
00050  * function will return early
00051  *
00052  * @param pcap_desc the pcap descriptor
00053  * @param tcp_skeleton the tcp skeleton to look for.  source and destination
00054  *        ip/port pairs as well as SYN/ACK flags will be matched on, and the
00055  *        skeleton will have the seq_num, ack_num fields filled in if there is
00056  *        a match
00057  * @param break_flag if the flag value is ever anything except FLAG_UNSET then
00058  *        the function returns early
00059  * @param payload a pointer pointer to fill in with a pointer to the payload
00060  *        if NULL the the value is not set
00061  * @param payload_len a pointer to a place to put the payload length. Can be
00062  *        NULL
00063  *
00064  * @return SUCCESS, errorcode on failure
00065  */
00066 errorcode find_tcp_packet(pcap_t *pcap_desc, tcp_packet_info_t *tcp_skeleton,
00067                                 flag_t *break_flag, unsigned char **payload,
00068                                 unsigned long *payload_len);
00069 /**
00070  *
00071  * @param packet pointer the the start of the captured packet
00072  * @param tcp_skeleton pointer to a tcp_info_t will filled in source and
00073  *        destination ip/port pairs, along with SYN/ACK flags set/unset.  If
00074  *        the s/d_ip/port fields are set the the respective unknown values then
00075  *        they will be ignored when matching against a sniffed packet. The
00076  *        seq_num, ack_num, and window  fields will be filled in if a packet
00077  *        matches the other fields
00078  * @param payload a pointer pointer to fill in with a pointer to the payload.
00079  *        if NULL then the value is not set.
00080  * @param payload_len a pointer to a place to put the length the tcp header
00081  *        says the payload is.  THIS IS NOT NECESSARILY THE LENGTH OF THE
00082  *        PAYLOAD RETURNED, SINCE PCAP MIGHT NOT RETURN THE ENTIRE PAYLOAD.
00083  *        This parameter can be NULL.  The pointer points into a buffer
00084  *        allocated by libpcap, so the value may change in the buffer.
00085  *
00086  * @return SUCCESS, errorcode on failure
00087  */
00088 errorcode process_packet(unsigned char*packet,
00089                 tcp_packet_info_t *tcp_skeleton, unsigned char **payload,
00090                 unsigned long *payload_len);
00091 
00092 #endif /* __SNIFF_PRIVATE_H__ */

Generated on Wed Mar 30 23:20:47 2005 for NATBLASTER by  doxygen 1.3.9.1