summaryrefslogtreecommitdiffstats
path: root/nsock/src/nsock_pcap.h
diff options
context:
space:
mode:
Diffstat (limited to 'nsock/src/nsock_pcap.h')
-rw-r--r--nsock/src/nsock_pcap.h152
1 files changed, 152 insertions, 0 deletions
diff --git a/nsock/src/nsock_pcap.h b/nsock/src/nsock_pcap.h
new file mode 100644
index 0000000..ca667db
--- /dev/null
+++ b/nsock/src/nsock_pcap.h
@@ -0,0 +1,152 @@
+/***************************************************************************
+ * nsock_pcap.h -- Header for pcap operations functions from *
+ * the nsock parallel socket event library *
+ * *
+ ***********************IMPORTANT NSOCK LICENSE TERMS***********************
+ *
+ * The nsock parallel socket event library is (C) 1999-2023 Nmap Software LLC
+ * This library is free software; you may redistribute and/or modify it under
+ * the terms of the GNU General Public License as published by the Free Software
+ * Foundation; Version 2. This guarantees your right to use, modify, and
+ * redistribute this software under certain conditions. If this license is
+ * unacceptable to you, Nmap Software LLC may be willing to sell alternative
+ * licenses (contact sales@nmap.com ).
+ *
+ * As a special exception to the GPL terms, Nmap Software LLC grants permission
+ * to link the code of this program with any version of the OpenSSL library
+ * which is distributed under a license identical to that listed in the included
+ * docs/licenses/OpenSSL.txt file, and distribute linked combinations including
+ * the two. You must obey the GNU GPL in all respects for all of the code used
+ * other than OpenSSL. If you modify this file, you may extend this exception to
+ * your version of the file, but you are not obligated to do so.
+ *
+ * If you received these files with a written license agreement stating terms
+ * other than the (GPL) terms above, then that alternative license agreement
+ * takes precedence over this comment.
+ *
+ * Source is provided to this software because we believe users have a right to
+ * know exactly what a program is going to do before they run it. This also
+ * allows you to audit the software for security holes.
+ *
+ * Source code also allows you to port Nmap to new platforms, fix bugs, and add
+ * new features. You are highly encouraged to send your changes to the
+ * dev@nmap.org mailing list for possible incorporation into the main
+ * distribution. By sending these changes to Fyodor or one of the Insecure.Org
+ * development mailing lists, or checking them into the Nmap source code
+ * repository, it is understood (unless you specify otherwise) that you are
+ * offering the Nmap Project (Nmap Software LLC) the unlimited, non-exclusive
+ * right to reuse, modify, and relicense the code. Nmap will always be available
+ * Open Source, but this is important because the inability to relicense code
+ * has caused devastating problems for other Free Software projects (such as KDE
+ * and NASM). We also occasionally relicense the code to third parties as
+ * discussed above. If you wish to specify special license conditions of your
+ * contributions, just say so when you send them.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License v2.0 for more
+ * details (http://www.gnu.org/licenses/gpl-2.0.html).
+ *
+ ***************************************************************************/
+
+/* $Id$ */
+
+#ifndef NSOCK_PCAP_H
+#define NSOCK_PCAP_H
+
+#include "nsock_internal.h"
+#ifdef HAVE_PCAP
+
+#include "pcap.h"
+
+#include <string.h>
+#include <stdarg.h>
+
+/*
+ * There are three possible ways to read packets from pcap descriptor:
+ * - select() on descriptor:
+ * this one is of course the best, but there are systems that
+ * don't support this like WIN32. This works perfectly for Linux.
+ *
+ * - select() + some hacks:
+ * this one is hack for older bsd systems,
+ * Descriptor *must* be set in nonblocking mode.
+ *
+ * - never do select():
+ * this one is for WIN32 and other systems that return descriptor -1
+ * from pcap_get_selectable_fd().
+ * In this case descriptor *must* be set in nonblocking mode.
+ * If that fails than we can't do any sniffing from that box.
+ *
+ * In any case we try to set descriptor to non-blocking mode.
+ */
+
+/* Returns whether the system supports pcap_get_selectable_fd() properly */
+#if !defined(WIN32) && !defined(SOLARIS_BPF_PCAP_CAPTURE)
+#define PCAP_CAN_DO_SELECT 1
+#endif
+
+/* In some systems (like Windows), the pcap descriptor is not selectable.
+ * Therefore, we cannot just select() on it and expect it to wake us up and
+ * deliver a packet, but we need to poll it continuously. This define sets the
+ * frequency, in milliseconds, at which the pcap handle is polled to determine
+ * if there are any captured packets. Note that this is only used when
+ * PCAP_CAN_DO_SELECT is not defined and therefore it has no effect on systems
+ * like Linux.
+ */
+#define PCAP_POLL_INTERVAL 2
+
+/* Note that on most versions of most BSDs (including Mac OS X) select() and
+ * poll() do not work correctly on BPF devices; pcap_get_selectable_fd() will
+ * return a file descriptor on most of those versions (the exceptions being
+ * FreeBSD 4.3 and 4.4), a simple select() or poll() will not return even after
+ * a timeout specified in pcap_open_live() expires. To work around this, an
+ * application that uses select() or poll() to wait for packets to arrive must
+ * put the pcap_t in non-blocking mode, and must arrange that the select() or
+ * poll() have a timeout less than or equal to the timeout specified in
+ * pcap_open_live(), and must try to read packets after that timeout expires,
+ * regardless of whether select() or poll() indicated that the file descriptor
+ * for the pcap_t is ready to be read or not. (That workaround will not work in
+ * FreeBSD 4.3 and later; however, in FreeBSD 4.6 and later, select() and poll()
+ * work correctly on BPF devices, so the workaround isn't necessary, although it
+ * does no harm.)
+ */
+#if defined(MACOSX) || defined(FREEBSD) || defined(OPENBSD)
+/* Well, now select() is not receiving any pcap events on MACOSX, but maybe it
+ * will someday :) in both cases. It never hurts to enable this feature. It just
+ * has performance penalty. */
+#define PCAP_BSD_SELECT_HACK 1
+#endif
+
+/* Returns whether the packet receive time value obtained from libpcap
+ * (and thus by readip_pcap()) should be considered valid. When
+ * invalid (Windows and Amiga), readip_pcap returns the time you called it. */
+#if !defined(WIN32) && !defined(__amigaos__)
+#define PCAP_RECV_TIMEVAL_VALID 1
+#endif
+
+
+typedef struct{
+ pcap_t *pt;
+ int pcap_desc;
+ /* Like the corresponding member in iod, when this reaches 0 we stop
+ * watching the socket for readability. */
+ int readsd_count;
+ int datalink;
+ int l3_offset;
+ int snaplen;
+ char *pcap_device;
+} mspcap;
+
+typedef struct{
+ struct timeval ts;
+ int caplen;
+ int len;
+ const unsigned char *packet; /* caplen bytes */
+} nsock_pcap;
+
+int do_actual_pcap_read(struct nevent *nse);
+
+#endif /* HAVE_PCAP */
+#endif /* NSOCK_PCAP_H */
+