+++ /dev/null
-/*\r
- * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)\r
- * Copyright (c) 2005 - 2007 CACE Technologies, Davis (California)\r
- * All rights reserved.\r
- *\r
- * Redistribution and use in source and binary forms, with or without\r
- * modification, are permitted provided that the following conditions\r
- * are met:\r
- *\r
- * 1. Redistributions of source code must retain the above copyright\r
- * notice, this list of conditions and the following disclaimer.\r
- * 2. Redistributions in binary form must reproduce the above copyright\r
- * notice, this list of conditions and the following disclaimer in the\r
- * documentation and/or other materials provided with the distribution.\r
- * 3. Neither the name of the Politecnico di Torino, CACE Technologies \r
- * nor the names of its contributors may be used to endorse or promote \r
- * products derived from this software without specific prior written \r
- * permission.\r
- *\r
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\r
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\r
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\r
- * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\r
- * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\r
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\r
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\r
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\r
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\r
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\r
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\r
- *\r
- */\r
-\r
-/** @ingroup packetapi\r
- * @{ \r
- */\r
-\r
-/** @defgroup packet32h Packet.dll definitions and data structures\r
- * Packet32.h contains the data structures and the definitions used by packet.dll.\r
- * The file is used both by the Win9x and the WinNTx versions of packet.dll, and can be included\r
- * by the applications that use the functions of this library\r
- * @{\r
- */\r
-\r
-#ifndef __PACKET32\r
-#define __PACKET32\r
-\r
-#include <winsock2.h>\r
-\r
-#ifdef HAVE_AIRPCAP_API\r
-#include <airpcap.h>\r
-#else\r
-#if !defined(AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_)\r
-#define AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_\r
-typedef struct _AirpcapHandle *PAirpcapHandle;\r
-#endif /* AIRPCAP_HANDLE__EAE405F5_0171_9592_B3C2_C19EC426AD34__DEFINED_ */\r
-#endif /* HAVE_AIRPCAP_API */\r
-\r
-#ifdef HAVE_DAG_API\r
-#include <dagc.h>\r
-#endif /* HAVE_DAG_API */\r
-\r
-// Working modes\r
-#define PACKET_MODE_CAPT 0x0 ///< Capture mode\r
-#define PACKET_MODE_STAT 0x1 ///< Statistical mode\r
-#define PACKET_MODE_MON 0x2 ///< Monitoring mode\r
-#define PACKET_MODE_DUMP 0x10 ///< Dump mode\r
-#define PACKET_MODE_STAT_DUMP MODE_DUMP | MODE_STAT ///< Statistical dump Mode\r
-\r
-\r
-/// Alignment macro. Defines the alignment size.\r
-#define Packet_ALIGNMENT sizeof(int)\r
-/// Alignment macro. Rounds up to the next even multiple of Packet_ALIGNMENT. \r
-#define Packet_WORDALIGN(x) (((x)+(Packet_ALIGNMENT-1))&~(Packet_ALIGNMENT-1))\r
-\r
-#define NdisMediumNull -1 ///< Custom linktype: NDIS doesn't provide an equivalent\r
-#define NdisMediumCHDLC -2 ///< Custom linktype: NDIS doesn't provide an equivalent\r
-#define NdisMediumPPPSerial -3 ///< Custom linktype: NDIS doesn't provide an equivalent\r
-#define NdisMediumBare80211 -4 ///< Custom linktype: NDIS doesn't provide an equivalent\r
-#define NdisMediumRadio80211 -5 ///< Custom linktype: NDIS doesn't provide an equivalent\r
-#define NdisMediumPpi -6 ///< Custom linktype: NDIS doesn't provide an equivalent\r
-\r
-// Loopback behaviour definitions\r
-#define NPF_DISABLE_LOOPBACK 1 ///< Drop the packets sent by the NPF driver\r
-#define NPF_ENABLE_LOOPBACK 2 ///< Capture the packets sent by the NPF driver\r
-\r
-/*!\r
- \brief Network type structure.\r
-\r
- This structure is used by the PacketGetNetType() function to return information on the current adapter's type and speed.\r
-*/\r
-typedef struct NetType\r
-{\r
- UINT LinkType; ///< The MAC of the current network adapter (see function PacketGetNetType() for more information)\r
- ULONGLONG LinkSpeed; ///< The speed of the network in bits per second\r
-}NetType;\r
-\r
-\r
-//some definitions stolen from libpcap\r
-\r
-#ifndef BPF_MAJOR_VERSION\r
-\r
-/*!\r
- \brief A BPF pseudo-assembly program.\r
-\r
- The program will be injected in the kernel by the PacketSetBPF() function and applied to every incoming packet. \r
-*/\r
-struct bpf_program \r
-{\r
- UINT bf_len; ///< Indicates the number of instructions of the program, i.e. the number of struct bpf_insn that will follow.\r
- struct bpf_insn *bf_insns; ///< A pointer to the first instruction of the program.\r
-};\r
-\r
-/*!\r
- \brief A single BPF pseudo-instruction.\r
-\r
- bpf_insn contains a single instruction for the BPF register-machine. It is used to send a filter program to the driver.\r
-*/\r
-struct bpf_insn \r
-{\r
- USHORT code; ///< Instruction type and addressing mode.\r
- UCHAR jt; ///< Jump if true\r
- UCHAR jf; ///< Jump if false\r
- int k; ///< Generic field used for various purposes.\r
-};\r
-\r
-/*!\r
- \brief Structure that contains a couple of statistics values on the current capture.\r
-\r
- It is used by packet.dll to return statistics about a capture session.\r
-*/\r
-struct bpf_stat \r
-{\r
- UINT bs_recv; ///< Number of packets that the driver received from the network adapter \r
- ///< from the beginning of the current capture. This value includes the packets \r
- ///< lost by the driver.\r
- UINT bs_drop; ///< number of packets that the driver lost from the beginning of a capture. \r
- ///< Basically, a packet is lost when the the buffer of the driver is full. \r
- ///< In this situation the packet cannot be stored and the driver rejects it.\r
- UINT ps_ifdrop; ///< drops by interface. XXX not yet supported\r
- UINT bs_capt; ///< number of packets that pass the filter, find place in the kernel buffer and\r
- ///< thus reach the application.\r
-};\r
-\r
-/*!\r
- \brief Packet header.\r
-\r
- This structure defines the header associated with every packet delivered to the application.\r
-*/\r
-struct bpf_hdr \r
-{\r
- struct timeval bh_tstamp; ///< The timestamp associated with the captured packet. \r
- ///< It is stored in a TimeVal structure.\r
- UINT bh_caplen; ///< Length of captured portion. The captured portion <b>can be different</b>\r
- ///< from the original packet, because it is possible (with a proper filter)\r
- ///< to instruct the driver to capture only a portion of the packets.\r
- UINT bh_datalen; ///< Original length of packet\r
- USHORT bh_hdrlen; ///< Length of bpf header (this struct plus alignment padding). In some cases,\r
- ///< a padding could be added between the end of this structure and the packet\r
- ///< data for performance reasons. This filed can be used to retrieve the actual data \r
- ///< of the packet.\r
-};\r
-\r
-/*!\r
- \brief Dump packet header.\r
-\r
- This structure defines the header associated with the packets in a buffer to be used with PacketSendPackets().\r
- It is simpler than the bpf_hdr, because it corresponds to the header associated by WinPcap and libpcap to a\r
- packet in a dump file. This makes straightforward sending WinPcap dump files to the network.\r
-*/\r
-struct dump_bpf_hdr{\r
- struct timeval ts; ///< Time stamp of the packet\r
- UINT caplen; ///< Length of captured portion. The captured portion can smaller than the \r
- ///< the original packet, because it is possible (with a proper filter) to \r
- ///< instruct the driver to capture only a portion of the packets. \r
- UINT len; ///< Length of the original packet (off wire).\r
-};\r
-\r
-\r
-#endif\r
-\r
-struct bpf_stat;\r
-\r
-#define DOSNAMEPREFIX TEXT("Packet_") ///< Prefix added to the adapters device names to create the WinPcap devices\r
-#define MAX_LINK_NAME_LENGTH 64 //< Maximum length of the devices symbolic links\r
-#define NMAX_PACKET 65535\r
-\r
-/*!\r
- \brief Addresses of a network adapter.\r
-\r
- This structure is used by the PacketGetNetInfoEx() function to return the IP addresses associated with \r
- an adapter.\r
-*/\r
-typedef struct npf_if_addr {\r
- struct sockaddr_storage IPAddress; ///< IP address.\r
- struct sockaddr_storage SubnetMask; ///< Netmask for that address.\r
- struct sockaddr_storage Broadcast; ///< Broadcast address.\r
-}npf_if_addr;\r
-\r
-\r
-#define ADAPTER_NAME_LENGTH 256 + 12 ///< Maximum length for the name of an adapter. The value is the same used by the IP Helper API.\r
-#define ADAPTER_DESC_LENGTH 128 ///< Maximum length for the description of an adapter. The value is the same used by the IP Helper API.\r
-#define MAX_MAC_ADDR_LENGTH 8 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API.\r
-#define MAX_NETWORK_ADDRESSES 16 ///< Maximum length for the link layer address of an adapter. The value is the same used by the IP Helper API.\r
-\r
-\r
-typedef struct WAN_ADAPTER_INT WAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API\r
-typedef WAN_ADAPTER *PWAN_ADAPTER; ///< Describes an opened wan (dialup, VPN...) network adapter using the NetMon API\r
-\r
-#define INFO_FLAG_NDIS_ADAPTER 0 ///< Flag for ADAPTER_INFO: this is a traditional ndis adapter\r
-#define INFO_FLAG_NDISWAN_ADAPTER 1 ///< Flag for ADAPTER_INFO: this is a NdisWan adapter, and it's managed by WANPACKET\r
-#define INFO_FLAG_DAG_CARD 2 ///< Flag for ADAPTER_INFO: this is a DAG card\r
-#define INFO_FLAG_DAG_FILE 6 ///< Flag for ADAPTER_INFO: this is a DAG file\r
-#define INFO_FLAG_DONT_EXPORT 8 ///< Flag for ADAPTER_INFO: when this flag is set, the adapter will not be listed or openend by winpcap. This allows to prevent exporting broken network adapters, like for example FireWire ones.\r
-#define INFO_FLAG_AIRPCAP_CARD 16 ///< Flag for ADAPTER_INFO: this is an airpcap card\r
-#define INFO_FLAG_NPFIM_DEVICE 32\r
-\r
-/*!\r
- \brief Describes an opened network adapter.\r
-\r
- This structure is the most important for the functioning of packet.dll, but the great part of its fields\r
- should be ignored by the user, since the library offers functions that avoid to cope with low-level parameters\r
-*/\r
-typedef struct _ADAPTER { \r
- HANDLE hFile; ///< \internal Handle to an open instance of the NPF driver.\r
- CHAR SymbolicLink[MAX_LINK_NAME_LENGTH]; ///< \internal A string containing the name of the network adapter currently opened.\r
- int NumWrites; ///< \internal Number of times a packets written on this adapter will be repeated \r
- ///< on the wire.\r
- HANDLE ReadEvent; ///< A notification event associated with the read calls on the adapter.\r
- ///< It can be passed to standard Win32 functions (like WaitForSingleObject\r
- ///< or WaitForMultipleObjects) to wait until the driver's buffer contains some \r
- ///< data. It is particularly useful in GUI applications that need to wait \r
- ///< concurrently on several events. In Windows NT/2000 the PacketSetMinToCopy()\r
- ///< function can be used to define the minimum amount of data in the kernel buffer\r
- ///< that will cause the event to be signalled. \r
- \r
- UINT ReadTimeOut; ///< \internal The amount of time after which a read on the driver will be released and \r
- ///< ReadEvent will be signaled, also if no packets were captured\r
- CHAR Name[ADAPTER_NAME_LENGTH];\r
- PWAN_ADAPTER pWanAdapter;\r
- UINT Flags; ///< Adapter's flags. Tell if this adapter must be treated in a different way, using the Netmon API or the dagc API.\r
-\r
-#ifdef HAVE_AIRPCAP_API\r
- PAirpcapHandle AirpcapAd;\r
-#endif // HAVE_AIRPCAP_API\r
-\r
-#ifdef HAVE_NPFIM_API\r
- void* NpfImHandle;\r
-#endif // HAVE_NPFIM_API\r
-\r
-#ifdef HAVE_DAG_API\r
- dagc_t *pDagCard; ///< Pointer to the dagc API adapter descriptor for this adapter\r
- PCHAR DagBuffer; ///< Pointer to the buffer with the packets that is received from the DAG card\r
- struct timeval DagReadTimeout; ///< Read timeout. The dagc API requires a timeval structure\r
- unsigned DagFcsLen; ///< Length of the frame check sequence attached to any packet by the card. Obtained from the registry\r
- DWORD DagFastProcess; ///< True if the user requests fast capture processing on this card. Higher level applications can use this value to provide a faster but possibly unprecise capture (for example, libpcap doesn't convert the timestamps).\r
-#endif // HAVE_DAG_API\r
-} ADAPTER, *LPADAPTER;\r
-\r
-/*!\r
- \brief Structure that contains a group of packets coming from the driver.\r
-\r
- This structure defines the header associated with every packet delivered to the application.\r
-*/\r
-typedef struct _PACKET { \r
- HANDLE hEvent; ///< \deprecated Still present for compatibility with old applications.\r
- OVERLAPPED OverLapped; ///< \deprecated Still present for compatibility with old applications.\r
- PVOID Buffer; ///< Buffer with containing the packets. See the PacketReceivePacket() for\r
- ///< details about the organization of the data in this buffer\r
- UINT Length; ///< Length of the buffer\r
- DWORD ulBytesReceived; ///< Number of valid bytes present in the buffer, i.e. amount of data\r
- ///< received by the last call to PacketReceivePacket()\r
- BOOLEAN bIoComplete; ///< \deprecated Still present for compatibility with old applications.\r
-} PACKET, *LPPACKET;\r
-\r
-/*!\r
- \brief Structure containing an OID request.\r
-\r
- It is used by the PacketRequest() function to send an OID to the interface card driver. \r
- It can be used, for example, to retrieve the status of the error counters on the adapter, its MAC address, \r
- the list of the multicast groups defined on it, and so on.\r
-*/\r
-struct _PACKET_OID_DATA {\r
- ULONG Oid; ///< OID code. See the Microsoft DDK documentation or the file ntddndis.h\r
- ///< for a complete list of valid codes.\r
- ULONG Length; ///< Length of the data field\r
- UCHAR Data[1]; ///< variable-lenght field that contains the information passed to or received \r
- ///< from the adapter.\r
-}; \r
-typedef struct _PACKET_OID_DATA PACKET_OID_DATA, *PPACKET_OID_DATA;\r
-\r
-#ifdef __cplusplus\r
-extern "C" {\r
-#endif\r
-\r
-/**\r
- * @}\r
- */\r
-\r
-/*\r
-BOOLEAN QueryWinPcapRegistryStringA(CHAR *SubKeyName,\r
- CHAR *Value,\r
- UINT *pValueLen,\r
- CHAR *DefaultVal);\r
-\r
-BOOLEAN QueryWinPcapRegistryStringW(WCHAR *SubKeyName,\r
- WCHAR *Value,\r
- UINT *pValueLen,\r
- WCHAR *DefaultVal);\r
-*/\r
- \r
-//---------------------------------------------------------------------------\r
-// EXPORTED FUNCTIONS\r
-//---------------------------------------------------------------------------\r
-\r
-PCHAR PacketGetVersion();\r
-PCHAR PacketGetDriverVersion();\r
-BOOLEAN PacketSetMinToCopy(LPADAPTER AdapterObject,int nbytes);\r
-BOOLEAN PacketSetNumWrites(LPADAPTER AdapterObject,int nwrites);\r
-BOOLEAN PacketSetMode(LPADAPTER AdapterObject,int mode);\r
-BOOLEAN PacketSetReadTimeout(LPADAPTER AdapterObject,int timeout);\r
-BOOLEAN PacketSetBpf(LPADAPTER AdapterObject,struct bpf_program *fp);\r
-BOOLEAN PacketSetLoopbackBehavior(LPADAPTER AdapterObject, UINT LoopbackBehavior);\r
-INT PacketSetSnapLen(LPADAPTER AdapterObject,int snaplen);\r
-BOOLEAN PacketGetStats(LPADAPTER AdapterObject,struct bpf_stat *s);\r
-BOOLEAN PacketGetStatsEx(LPADAPTER AdapterObject,struct bpf_stat *s);\r
-BOOLEAN PacketSetBuff(LPADAPTER AdapterObject,int dim);\r
-BOOLEAN PacketGetNetType (LPADAPTER AdapterObject,NetType *type);\r
-LPADAPTER PacketOpenAdapter(PCHAR AdapterName);\r
-BOOLEAN PacketSendPacket(LPADAPTER AdapterObject,LPPACKET pPacket,BOOLEAN Sync);\r
-INT PacketSendPackets(LPADAPTER AdapterObject,PVOID PacketBuff,ULONG Size, BOOLEAN Sync);\r
-LPPACKET PacketAllocatePacket(void);\r
-VOID PacketInitPacket(LPPACKET lpPacket,PVOID Buffer,UINT Length);\r
-VOID PacketFreePacket(LPPACKET lpPacket);\r
-BOOLEAN PacketReceivePacket(LPADAPTER AdapterObject,LPPACKET lpPacket,BOOLEAN Sync);\r
-BOOLEAN PacketSetHwFilter(LPADAPTER AdapterObject,ULONG Filter);\r
-BOOLEAN PacketGetAdapterNames(PTSTR pStr,PULONG BufferSize);\r
-BOOLEAN PacketGetNetInfoEx(PCHAR AdapterName, npf_if_addr* buffer, PLONG NEntries);\r
-BOOLEAN PacketRequest(LPADAPTER AdapterObject,BOOLEAN Set,PPACKET_OID_DATA OidData);\r
-HANDLE PacketGetReadEvent(LPADAPTER AdapterObject);\r
-BOOLEAN PacketSetDumpName(LPADAPTER AdapterObject, void *name, int len);\r
-BOOLEAN PacketSetDumpLimits(LPADAPTER AdapterObject, UINT maxfilesize, UINT maxnpacks);\r
-BOOLEAN PacketIsDumpEnded(LPADAPTER AdapterObject, BOOLEAN sync);\r
-BOOL PacketStopDriver();\r
-VOID PacketCloseAdapter(LPADAPTER lpAdapter);\r
-BOOLEAN PacketStartOem(PCHAR errorString, UINT errorStringLength);\r
-BOOLEAN PacketStartOemEx(PCHAR errorString, UINT errorStringLength, ULONG flags);\r
-PAirpcapHandle PacketGetAirPcapHandle(LPADAPTER AdapterObject);\r
-\r
-//\r
-// Used by PacketStartOemEx\r
-//\r
-#define PACKET_START_OEM_NO_NETMON 0x00000001\r
-\r
-#ifdef __cplusplus\r
-}\r
-#endif \r
-\r
-#endif //__PACKET32\r