Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 07:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
zeek/src/iosource/pcap/Source.h
Robin Sommer caa55ad352 Moving Pkt{Src,Dumper} a directory level up. 
Also renaming PktSourceComponent to PktSrcComponent.
2014-08-22 16:46:15 -07:00

56 lines
1.2 KiB
C++
Raw Blame History

// See the file "COPYING" in the main distribution directory for copyright.
#ifndef IOSOURCE_PKTSRC_PCAP_SOURCE_H
#define IOSOURCE_PKTSRC_PCAP_SOURCE_H
#include "../PktSrc.h"
#include "BPF_Program.h"
#include "Dict.h"
declare(PDict,BPF_Program);
namespace iosource {
namespace pktsrc {
class PcapSource : public iosource::PktSrc {
public:
// XXX
PcapSource(const std::string& path, const std::string& filter, bool is_live);
virtual ~PcapSource();
static PktSrc* Instantiate(const std::string& path, const std::string& filter, bool is_live);
protected:
// PktSrc interface.
virtual void Open();
virtual void Close();
virtual int ExtractNextPacket(Packet* pkt);
virtual void DoneWithPacket(Packet* pkt);
virtual int PrecompileFilter(int index, const std::string& filter);
virtual int SetFilter(int index);
virtual void Statistics(Stats* stats);
virtual bool GetCurrentPacket(const pcap_pkthdr** hdr, const u_char** pkt);
private:
void OpenLive();
void OpenOffline();
void PcapError();
void SetHdrSize();
Properties props;
Stats stats;
pcap_t *pd;
uint32 netmask;
PDict(BPF_Program) filters;
struct pcap_pkthdr current_hdr;
struct pcap_pkthdr last_hdr;
const u_char* last_data;
};
}
}
#endif
Reference in a new issue View git blame Copy permalink