summaryrefslogtreecommitdiffstats
path: root/epan/expert.h
diff options
context:
space:
mode:
Diffstat (limited to 'epan/expert.h')
-rw-r--r--epan/expert.h222
1 files changed, 222 insertions, 0 deletions
diff --git a/epan/expert.h b/epan/expert.h
new file mode 100644
index 00000000..c67ce5c2
--- /dev/null
+++ b/epan/expert.h
@@ -0,0 +1,222 @@
+/** @file
+ * Collecting of Expert information.
+ *
+ * For further info, see:
+ * https://gitlab.com/wireshark/wireshark/-/wikis/Development/ExpertInfo
+ *
+ * Wireshark - Network traffic analyzer
+ * By Gerald Combs <gerald@wireshark.org>
+ * Copyright 1998 Gerald Combs
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef __EXPERT_H__
+#define __EXPERT_H__
+
+#include <epan/proto.h>
+#include <epan/packet_info.h>
+#include "value_string.h"
+#include "ws_symbol_export.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */
+
+/** only for internal and display use. */
+typedef struct expert_info_s {
+ guint32 packet_num;
+ int group;
+ int severity;
+ int hf_index; /* hf_index of the expert item. Might be -1. */
+ const gchar *protocol;
+ gchar *summary;
+ proto_item *pitem;
+} expert_info_t;
+
+/* Expert Info and Display hf data */
+typedef struct expert_field
+{
+ int ei;
+ int hf;
+} expert_field;
+
+#define EI_INIT_EI -1
+#define EI_INIT_HF -1
+#define EI_INIT {EI_INIT_EI, EI_INIT_HF}
+
+typedef struct expert_field_info {
+ /* ---------- set by dissector --------- */
+ const char *name;
+ int group;
+ int severity;
+ const gchar *summary;
+
+ /* ------- set by register routines (prefilled by EXPFILL macro, see below) ------ */
+ int id;
+ const gchar *protocol;
+ int orig_severity; /* Matches severity when registered, used to restore original severity
+ * if UAT severity entry is removed */
+ hf_register_info hf_info;
+
+} expert_field_info;
+
+#define EXPFILL 0, NULL, 0, \
+ {0, {NULL, NULL, FT_NONE, BASE_NONE, NULL, 0, NULL, HFILL}}
+
+typedef struct ei_register_info {
+ expert_field *ids; /**< written to by register() function */
+ expert_field_info eiinfo; /**< the field info to be registered */
+} ei_register_info;
+
+typedef struct expert_module expert_module_t;
+
+#define PRE_ALLOC_EXPERT_FIELDS_MEM 5000
+
+/* "proto_expert" is exported from libwireshark.dll.
+ * Thus we need a special declaration.
+ */
+WS_DLL_PUBLIC int proto_expert;
+
+extern void
+expert_init(void);
+
+extern void
+expert_packet_init(void);
+
+extern void
+expert_cleanup(void);
+
+extern void
+expert_packet_cleanup(void);
+
+WS_DLL_PUBLIC int
+expert_get_highest_severity(void);
+
+WS_DLL_PUBLIC void
+expert_update_comment_count(guint64 count);
+
+/** Add an expert info.
+ Add an expert info tree to a protocol item using registered expert info item
+ @param pinfo Packet info of the currently processed packet. May be NULL if
+ pi is supplied
+ @param pi Current protocol item (or NULL)
+ @param eiindex The registered expert info item
+ @return the newly created expert info tree
+ */
+WS_DLL_PUBLIC proto_item *
+expert_add_info(packet_info *pinfo, proto_item *pi, expert_field *eiindex);
+
+/** Add an expert info.
+ Add an expert info tree to a protocol item using registered expert info item,
+ but with a formatted message.
+ @param pinfo Packet info of the currently processed packet. May be NULL if
+ pi is supplied
+ @param pi Current protocol item (or NULL)
+ @param eiindex The registered expert info item
+ @param format Printf-style format string for additional arguments
+ @return the newly created expert info tree
+ */
+WS_DLL_PUBLIC proto_item *
+expert_add_info_format(packet_info *pinfo, proto_item *pi, expert_field *eiindex,
+ const char *format, ...) G_GNUC_PRINTF(4, 5);
+
+/** Add an expert info associated with some byte data
+ Add an expert info tree to a protocol item using registered expert info item.
+ This function is intended to replace places where a "text only" proto_tree_add_xxx
+ API + expert_add_info would be used.
+ @param tree Current protocol tree (or NULL)
+ @param pinfo Packet info of the currently processed packet. May be NULL if tree is supplied
+ @param eiindex The registered expert info item
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @return the newly created item above expert info tree
+ */
+WS_DLL_PUBLIC proto_item *
+proto_tree_add_expert(proto_tree *tree, packet_info *pinfo, expert_field *eiindex,
+ tvbuff_t *tvb, gint start, gint length);
+
+/** Add an expert info associated with some byte data
+ Add an expert info tree to a protocol item, using registered expert info item,
+ but with a formatted message.
+ Add an expert info tree to a protocol item using registered expert info item.
+ This function is intended to replace places where a "text only" proto_tree_add_xxx
+ API + expert_add_info_format
+ would be used.
+ @param tree Current protocol tree (or NULL)
+ @param pinfo Packet info of the currently processed packet. May be NULL if tree is supplied
+ @param eiindex The registered expert info item
+ @param tvb the tv buffer of the current data
+ @param start start of data in tvb
+ @param length length of data in tvb
+ @param format Printf-style format string for additional arguments
+ @return the newly created item above expert info tree
+ */
+WS_DLL_PUBLIC proto_item *
+proto_tree_add_expert_format(proto_tree *tree, packet_info *pinfo, expert_field *eiindex,
+ tvbuff_t *tvb, gint start, gint length, const char *format, ...) G_GNUC_PRINTF(7, 8);
+
+/*
+ * Register that a protocol has expert info.
+ */
+WS_DLL_PUBLIC expert_module_t *expert_register_protocol(int id);
+
+/**
+ * Deregister a expert info.
+ */
+void expert_deregister_expertinfo (const char *abbrev);
+
+/**
+ * Deregister expert info from a protocol.
+ */
+void expert_deregister_protocol (expert_module_t *module);
+
+/**
+ * Free deregistered expert infos.
+ */
+void expert_free_deregistered_expertinfos (void);
+
+/**
+ * Get summary text of an expert_info field.
+ * This is intended for use in expert_add_info_format or proto_tree_add_expert_format
+ * to get the "base" string to then append additional information
+ */
+WS_DLL_PUBLIC const gchar* expert_get_summary(expert_field *eiindex);
+
+/** Register a expert field array.
+ @param module the protocol handle from expert_register_protocol()
+ @param ei the ei_register_info array
+ @param num_records the number of records in exp */
+WS_DLL_PUBLIC void
+expert_register_field_array(expert_module_t *module, ei_register_info *ei, const int num_records);
+
+#define EXPERT_CHECKSUM_DISABLED -2
+#define EXPERT_CHECKSUM_UNKNOWN -1
+#define EXPERT_CHECKSUM_GOOD 0
+#define EXPERT_CHECKSUM_BAD 1
+
+WS_DLL_PUBLIC const value_string expert_group_vals[];
+
+WS_DLL_PUBLIC const value_string expert_severity_vals[];
+
+WS_DLL_PUBLIC const value_string expert_checksum_vals[];
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __EXPERT_H__ */
+
+/*
+ * Editor modelines - https://www.wireshark.org/tools/modelines.html
+ *
+ * Local variables:
+ * c-basic-offset: 8
+ * tab-width: 8
+ * indent-tabs-mode: t
+ * End:
+ *
+ * vi: set shiftwidth=8 tabstop=8 noexpandtab:
+ * :indentSize=8:tabSize=8:noTabs=false:
+ */