Go to the source code of this file.
Data Structures | |
| struct | PcapFileGlobalVars_ |
| struct | PcapFileSharedVars_ |
| struct | PcapFileFileVars_ |
Typedefs | |
| typedef struct PcapFileGlobalVars_ | PcapFileGlobalVars |
| typedef struct PcapFileSharedVars_ | PcapFileSharedVars |
| typedef struct PcapFileFileVars_ | PcapFileFileVars |
Functions | |
| TmEcode | PcapFileDispatch (PcapFileFileVars *ptv) |
| Main PCAP file reading Loop function. More... | |
| TmEcode | InitPcapFile (PcapFileFileVars *pfv) |
| void | CleanupPcapFileFileVars (PcapFileFileVars *pfv) |
| TmEcode | ValidateLinkType (int datalink, DecoderFunc *decoder) |
| const char * | PcapFileGetFilename (void) |
Detailed Description
Definition in file source-pcap-file-helper.h.
Typedef Documentation
◆ PcapFileFileVars
| typedef struct PcapFileFileVars_ PcapFileFileVars |
Data specific to a single pcap file
◆ PcapFileGlobalVars
| typedef struct PcapFileGlobalVars_ PcapFileGlobalVars |
◆ PcapFileSharedVars
| typedef struct PcapFileSharedVars_ PcapFileSharedVars |
Data that is shared amongst File, Directory, and Thread level vars
Function Documentation
◆ CleanupPcapFileFileVars()
| void CleanupPcapFileFileVars | ( | PcapFileFileVars * | pfv | ) |
Cleanup resources associated with a PcapFileFileVars object.
- Parameters
-
pfv Object to be cleaned up
Definition at line 39 of file source-pcap-file-helper.c.
References PcapFileFileVars_::filename, PcapFileFileVars_::pcap_handle, SCFree, SCLogDebug, SCLogWarning, PcapFileFileVars_::shared, and PcapFileSharedVars_::should_delete.
Referenced by CleanupPcapFileDirectoryVars().
◆ InitPcapFile()
| TmEcode InitPcapFile | ( | PcapFileFileVars * | pfv | ) |
From a PcapFileFileVars, prepare the filename for processing by setting pcap_handle, datalink, and filter
- Parameters
-
pfv PcapFileFileVars object to populate
- Returns
Definition at line 196 of file source-pcap-file-helper.c.
References PcapFileSharedVars_::bpf_string, PcapFileFileVars_::datalink, DatalinkSetGlobalType(), PcapFileFileVars_::filename, PcapFileFileVars_::filter, pcap_g, PcapFileFileVars_::pcap_handle, PcapFileGlobalVars_::read_buffer_size, SCLogDebug, SCLogError, SCLogInfo, SCLogWarning, SCReturnInt, PcapFileFileVars_::shared, TM_ECODE_FAILED, and unlikely.
◆ PcapFileDispatch()
| TmEcode PcapFileDispatch | ( | PcapFileFileVars * | ptv | ) |
Main PCAP file reading Loop function.
Dispatch a file for processing, where the information necessary to process that file is as PcapFileFileVars object.
- Parameters
-
ptv PcapFileFileVars object to be processed
- Returns
Definition at line 126 of file source-pcap-file-helper.c.
References PcapFileFileVars_::first_pkt_hdr, PcapFileFileVars_::first_pkt_ts, likely, SCEnter, SCTIME_FROM_TIMEVAL, and TmThreadsInitThreadsTimestamp().
◆ PcapFileGetFilename()
| const char* PcapFileGetFilename | ( | void | ) |
Definition at line 118 of file source-pcap-file-helper.c.
References pcap_filename.
Referenced by OutputJSONBuffer(), and OutputJsonBuilderBuffer().
◆ ValidateLinkType()
| TmEcode ValidateLinkType | ( | int | datalink, |
| DecoderFunc * | decoder | ||
| ) |
Determine if a datalink type is valid, setting a decoder function if valid.
- Parameters
-
datalink Datalink type to validate decoder Pointer to decoder to set if valid
- Returns
- TM_ECODE_OK if valid datalink type and decoder has been set.
Definition at line 251 of file source-pcap-file-helper.c.
References DecodeCHDLC(), DecodeEthernet(), DecodeNull(), DecodePPP(), DecodeRaw(), DecodeSll(), DecodeSll2(), LINKTYPE_CISCO_HDLC, LINKTYPE_ETHERNET, LINKTYPE_GRE_OVER_IP, LINKTYPE_IPV4, LINKTYPE_IPV6, LINKTYPE_LINUX_SLL, LINKTYPE_LINUX_SLL2, LINKTYPE_NULL, LINKTYPE_PPP, LINKTYPE_RAW, LINKTYPE_RAW2, SCLogError, SCReturnInt, TM_ECODE_FAILED, and TM_ECODE_OK.
