Wireshark  2.9.0-477-g68ec514b
The Wireshark network protocol analyzer
Classes | Macros | Typedefs | Enumerations | Functions
conversation.h File Reference
#include "ws_symbol_export.h"
#include "packet.h"

Go to the source code of this file.

Classes

struct  conversation
 

Macros

#define NO_ADDR2   0x01
 
#define NO_PORT2   0x02
 
#define NO_PORT2_FORCE   0x04
 
#define CONVERSATION_TEMPLATE   0x08
 
#define NO_ADDR_B   0x01
 
#define NO_PORT_B   0x02
 
#define USE_LAST_ENDPOINT   0x08 /* Use last endpoint created, regardless of type */
 

Typedefs

typedef struct conversation_keyconversation_key_t
 
typedef struct conversation conversation_t
 
typedef struct endpointendpoint_t
 

Enumerations

enum  endpoint_type {
  ENDPOINT_NONE, ENDPOINT_SCTP, ENDPOINT_TCP, ENDPOINT_UDP,
  ENDPOINT_DCCP, ENDPOINT_IPX, ENDPOINT_NCP, ENDPOINT_EXCHG,
  ENDPOINT_DDP, ENDPOINT_SBCCS, ENDPOINT_IDP, ENDPOINT_TIPC,
  ENDPOINT_USB, ENDPOINT_I2C, ENDPOINT_IBQP, ENDPOINT_BLUETOOTH,
  ENDPOINT_TDMOP, ENDPOINT_DVBCI, ENDPOINT_ISO14443, ENDPOINT_ISDN,
  ENDPOINT_H223, ENDPOINT_X25, ENDPOINT_IAX2, ENDPOINT_DLCI,
  ENDPOINT_ISUP, ENDPOINT_BICC, ENDPOINT_GSMTAP, ENDPOINT_IUUP
}
 

Functions

WS_DLL_PUBLIC addressconversation_key_addr1 (const conversation_key_t key)
 
WS_DLL_PUBLIC addressconversation_key_addr2 (const conversation_key_t key)
 
WS_DLL_PUBLIC guint32 conversation_key_port1 (const conversation_key_t key)
 
WS_DLL_PUBLIC guint32 conversation_key_port2 (const conversation_key_t key)
 
void conversation_init (void)
 
void conversation_epan_reset (void)
 
WS_DLL_PUBLIC conversation_tconversation_new (const guint32 setup_frame, const address *addr1, const address *addr2, const endpoint_type etype, const guint32 port1, const guint32 port2, const guint options)
 
WS_DLL_PUBLIC conversation_tconversation_new_by_id (const guint32 setup_frame, const endpoint_type etype, const guint32 id, const guint options)
 
WS_DLL_PUBLIC conversation_tfind_conversation (const guint32 frame_num, const address *addr_a, const address *addr_b, const endpoint_type etype, const guint32 port_a, const guint32 port_b, const guint options)
 
WS_DLL_PUBLIC conversation_tfind_conversation_by_id (const guint32 frame, const endpoint_type etype, const guint32 id, const guint options)
 
WS_DLL_PUBLIC conversation_tfind_conversation_pinfo (packet_info *pinfo, const guint options)
 
WS_DLL_PUBLIC conversation_tfind_or_create_conversation (packet_info *pinfo)
 
WS_DLL_PUBLIC void conversation_add_proto_data (conversation_t *conv, const int proto, void *proto_data)
 
WS_DLL_PUBLIC void * conversation_get_proto_data (const conversation_t *conv, const int proto)
 
WS_DLL_PUBLIC void conversation_delete_proto_data (conversation_t *conv, const int proto)
 
WS_DLL_PUBLIC void conversation_set_dissector (conversation_t *conversation, const dissector_handle_t handle)
 
WS_DLL_PUBLIC void conversation_set_dissector_from_frame_number (conversation_t *conversation, const guint32 starting_frame_num, const dissector_handle_t handle)
 
WS_DLL_PUBLIC dissector_handle_t conversation_get_dissector (conversation_t *conversation, const guint32 frame_num)
 
WS_DLL_PUBLIC void conversation_create_endpoint (struct _packet_info *pinfo, address *addr1, address *addr2, endpoint_type etype, guint32 port1, guint32 port2, const guint options)
 
WS_DLL_PUBLIC void conversation_create_endpoint_by_id (struct _packet_info *pinfo, endpoint_type etype, guint32 id, const guint options)
 
WS_DLL_PUBLIC guint32 conversation_get_endpoint_by_id (struct _packet_info *pinfo, endpoint_type etype, const guint options)
 
gboolean try_conversation_dissector (const address *addr_a, const address *addr_b, const endpoint_type etype, const guint32 port_a, const guint32 port_b, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data, const guint options)
 
gboolean try_conversation_dissector_by_id (const endpoint_type etype, const guint32 id, tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data)
 
void conversation_set_port2 (conversation_t *conv, const guint32 port)
 
void conversation_set_addr2 (conversation_t *conv, const address *addr)
 
WS_DLL_PUBLIC wmem_map_tget_conversation_hashtable_exact (void)
 
WS_DLL_PUBLIC wmem_map_tget_conversation_hashtable_no_addr2 (void)
 
WS_DLL_PUBLIC wmem_map_tget_conversation_hashtable_no_port2 (void)
 
WS_DLL_PUBLIC wmem_map_tget_conversation_hashtable_no_addr2_or_port2 (void)
 
WS_DLL_PUBLIC endpoint_type conversation_pt_to_endpoint_type (port_type pt)
 
WS_DLL_PUBLIC guint conversation_hash_exact (gconstpointer v)
 
WS_DLL_PUBLIC gchar * conversation_get_html_hash (const conversation_key_t key)
 

Function Documentation

void conversation_epan_reset ( void  )

Initialize some variables every time a file is loaded or re-loaded.

void conversation_init ( void  )

Create a new hash tables for conversations.

WS_DLL_PUBLIC conversation_t* find_conversation ( const guint32  frame_num,
const address addr_a,
const address addr_b,
const endpoint_type  etype,
const guint32  port_a,
const guint32  port_b,
const guint  options 
)

Given two address/port pairs for a packet, search for a conversation containing packets between those address/port pairs. Returns NULL if not found.

We try to find the most exact match that we can, and then proceed to try wildcard matches on the "addr_b" and/or "port_b" argument if a more exact match failed.

Either or both of the "addr_b" and "port_b" arguments may be specified as a wildcard by setting the NO_ADDR_B or NO_PORT_B flags in the "options" argument. We do only wildcard matches on addresses and ports specified as wildcards.

I.e.:

if neither "addr_b" nor "port_b" were specified as wildcards, we do an exact match (addr_a/port_a and addr_b/port_b) and, if that succeeds, we return a pointer to the matched conversation;

otherwise, if "port_b" wasn't specified as a wildcard, we try to match any address 2 with the specified port 2 (addr_a/port_a and {any}/addr_b) and, if that succeeds, we return a pointer to the matched conversation;

otherwise, if "addr_b" wasn't specified as a wildcard, we try to match any port 2 with the specified address 2 (addr_a/port_a and addr_b/{any}) and, if that succeeds, we return a pointer to the matched conversation;

otherwise, we try to match any address 2 and any port 2 (addr_a/port_a and {any}/{any}) and, if that succeeds, we return a pointer to the matched conversation;

otherwise, we found no matching conversation, and return NULL.

WS_DLL_PUBLIC conversation_t* find_conversation_pinfo ( packet_info pinfo,
const guint  options 
)

A helper function that calls find_conversation() using data from pinfo The frame number and addresses are taken from pinfo.

WS_DLL_PUBLIC conversation_t* find_or_create_conversation ( packet_info pinfo)

A helper function that calls find_conversation() and, if a conversation is not found, calls conversation_new(). The frame number and addresses are taken from pinfo. No options are used, though we could extend this API to include an options parameter.

gboolean try_conversation_dissector ( const address addr_a,
const address addr_b,
const endpoint_type  etype,
const guint32  port_a,
const guint32  port_b,
tvbuff_t tvb,
packet_info pinfo,
proto_tree tree,
void *  data,
const guint  options 
)

Given two address/port pairs for a packet, search for a matching conversation and, if found and it has a conversation dissector, call that dissector and return TRUE, otherwise return FALSE.

This helper uses call_dissector_only which will NOT call the default "data" dissector if the packet was rejected. Our caller is responsible to call the data dissector explicitly in case this function returns FALSE.