<META

Details

nd_trace_new ()

ND_Trace*   nd_trace_new                    (const char *filename);

This is the constructor function for new traces. The filename is the full name of a trace file. You can pass NULL if you don't want/can provide packet data yet (as in live capture, for example). If a filename is given, the file is checked for existence and readability, if these checks fail, NULL is returned. Otherwise the trace is read into memory and initialized. The trace is NOT automatically added to the trace registry, use nd_trace_registry_add() for that purpose.

`filename` :	canonical name of the trace file in the filesystem
Returns :	new trace.

nd_trace_close ()

void        nd_trace_close                  (ND_Trace *trace);

Safe version of nd_trace_free() - if the trace was modified, a dialog is opened that asks for confirmation. Only then the trace is actually removed from the registry and freed.

trace : trace to close.

nd_trace_free ()

void        nd_trace_free                   (ND_Trace *trace);

This function closes the tcpdump connection for this trace and releases the memory it occupies, together with all its packets.

trace : trace to free.

nd_trace_init_header ()

void        nd_trace_init_header            (ND_Trace *trace,
                                             guint32 snap_len,
                                             guint32 datalink_type);

You can initialize a trace that doesn't yet contain any packets using this function. The datalink_type is a value as returned by pcap_datalink(). Also see .../include/net/bpf.h. You can call this function only once -- subsequent calls will do nothing.

`trace` :	trace to initialize.
`snap_len` :	maximum capture length for the packets in the trace.
`datalink_type` :	the DLT of this trace.

nd_trace_initialized ()

gboolean    nd_trace_initialized            (const ND_Trace *trace);

`trace` :	trace to check
Returns :	`TRUE` when the trace has been initialized, `FALSE` otherwise.

nd_trace_init_packets ()

void        nd_trace_init_packets           (ND_Trace *trace);

The function iterates over packets in the trace and initializes them using nd_packet_init(). GUI feedback is provided through the progressbar. The function is called from nd_trace_new(), so no extra call is necessary.

trace : trace with packets to initialize

nd_trace_add_proto_tab ()

void        nd_trace_add_proto_tab          (ND_Trace *trace,
                                             ND_Protocol *proto,
                                             guint nesting);

The function creates the necessary widgets to build a new tab that gets added to the trace's protocols notebook. If there already is a tab for the given protocol/nesting combo, the function does nothing and returns.

`trace` :	trace to add tab to.
`proto` :	protocol for which to add a trace.
`nesting` :	nesting level of protocol.

nd_trace_get_name ()

const char* nd_trace_get_name               (const ND_Trace *trace);

If the trace contains packets from a tracefile, its filename is returned. Otherwise, a dummy name is generated and returned. In both cases, pointers to local data are returned and should be strdupped if you want to keep them around.

`trace` :	trace to query
Returns :	trace name.

nd_trace_set_current_proto_selection ()

void        nd_trace_set_current_proto_selection
                                            (ND_Trace *trace,
                                             const ND_ProtoInst *pi);

When browsing through packets in a trace, there is the problem of choosing a protocol to be selected initially (just like you want your cursor to stay in the same column as much as possible in a text editor). Use this function to set that protocol. The protocol instance data is copied internally, so you don't need to allocate pi.

`trace` :	trace to set selection in.
`pi` :	new protocol instance.

nd_trace_set_current_proto ()

void        nd_trace_set_current_proto      (ND_Trace *trace,
                                             const ND_ProtoInst *pi,
                                             gboolean gui_update);

This function sets the current protocol in a trace, updating the GUI. It does not influenced the preferred protocol selction which is set using nd_trace_current_protocol_selection(). Sometimes it makes sense to not update the GUI immediately, e.g. when you know that another call to this function will follow soon. In this case, set gui_update to FALSE. The protocol instance data is copied internally, so you don't need to allocate pi.

`trace` :	trace to set selection in.
`pi` :	new protocol instance selection.
`gui_update` :	whether to update the GUI.

nd_trace_get_proto_info ()

ND_ProtoInfo* nd_trace_get_proto_info       (const ND_Trace *trace,
                                             const ND_Protocol *proto,
                                             guint nesting);

In a trace's protocol notebook, each tab has an associated ND_ProtoInfo structure. This function is used to look up these structures.

`trace` :	trace to query.
`proto` :	protocol type to look up.
`nesting` :	which protocol instance to look up.
Returns :	protocol info if found, `NULL` otherwise.

nd_trace_get_current_packet ()

ND_Packet*  nd_trace_get_current_packet     (const ND_Trace *trace);

Each trace has a currently selected packet, which may be NULL. This function returns it.

`trace` :	trace to look up packet in.
Returns :	current packet or NULL if n/a.

nd_trace_get_current_proto_inst ()

ND_ProtoInst* nd_trace_get_current_proto_inst
                                            (const ND_Trace *trace);

This function returns the currently selected protocol of the given trace.

`trace` :	trace to return current protocol from.
Returns :	current protocol instance or `NULL` if n/a.

nd_trace_get_current_proto_header ()

guchar*     nd_trace_get_current_proto_header
                                            (const ND_Trace *trace);

This is a convenience function that returns a pointer to the header of the currently selected protocol in the current packet of the given trace. You can then cast this pointer to the appropriate structure. If this function is not applicable, NULL is returned.

`trace` :	trace to return header from.
Returns :	pointer to current protocol in current packet.

nd_trace_set_current_packet ()

void        nd_trace_set_current_packet     (ND_Trace *trace,
                                             ND_Packet *packet);

This function sets the given packet as the current one in the trace. Normally this could be done with the packet alone (using packet->trace), but this function also allows you to pass NULL as packet to unset the current packet. In both cases the GUI is updated accordingly.

`trace` :	trace to set packet in.
`packet` :	packet to set as current one.

nd_trace_load_dialog ()

void        nd_trace_load_dialog            (void);

nd_trace_save_as_dialog ()

void        nd_trace_save_as_dialog         (ND_Trace *trace,
                                             ND_DialogCallback callback_finished,
                                             void *user_data);

The function opens a dialog to save trace, if the trace got saved after the user closes the dialog, the callback is called with the given user_data. This function gets called by nd_trace_save() when the trace doesn't yet have a name.

`trace` :	trace to save.
`callback_finished` :	callback to call after file is saved.
`user_data` :	arbitrary data to pass to `callback_finished`.

nd_trace_save ()

gboolean    nd_trace_save                   (ND_Trace *trace);

`trace` :
Returns :

nd_trace_save_as ()

gboolean    nd_trace_save_as                (ND_Trace *trace,
                                             const char *filename);

`trace` :
`filename` :
Returns :

nd_trace_move_packet ()

void        nd_trace_move_packet            (ND_Trace *trace,
                                             int from_packet,
                                             int to_packet);

This function moves a single packet around in the trace. The GUI is NOT updated, this function is intended as a callback after the GUI has changed. If you want both, use gtk_clist_row_move() on the desired packets, which will cause nd_trace_move_packet() to be called.

`trace` :	trace to operate on.
`from_packet` :	index of packet to move.
`to_packet` :	index to move packet to.

nd_trace_packet_insert_at_index ()

void        nd_trace_packet_insert_at_index (ND_Trace *trace,
                                             ND_Packet *packet,
                                             int index);

`trace` :
`packet` :
`index` :

nd_trace_packet_get_nth ()

ND_Packet*  nd_trace_packet_get_nth         (const ND_Trace *trace,
                                             int n);

This function returns the nth packet of the trace, if possible, NULL otherwise.

`trace` :	trace to return packet from.
`n` :	index of packet to return.
Returns :	packet.

nd_trace_sel_get ()

ND_Packet*  nd_trace_sel_get                (ND_Trace *trace);

This function returns the first selected packet in this trace, for subsequent use of nd_trace_sel_next(). If apply-to-all mode is active, the first packet of the trace is returned. If there is no acitve selection, NULL is returned.

`trace` :	trace to return from.
Returns :	start of selection.

nd_trace_sel_next ()

ND_Packet*  nd_trace_sel_next               (ND_Trace *trace,
                                             ND_Packet *packet);

This function returns the next packet that is selected. If apply-to-all mode is active, this is simply the next packet in the list, otherwise the next packet in the selection list.

`trace` :	trace to operate on.
`packet` :	packet to search onward from.
Returns :	next selected packet.

nd_trace_sel_delete ()

void        nd_trace_sel_delete             (ND_Trace *trace);

The function deletes the selected packets from the trace, including GUI updates.

trace : trace to modify.

nd_trace_sel_hide ()

void        nd_trace_sel_hide               (ND_Trace *trace);

The currently selected packets are hidden, which basically means temporarily removed from the trace.

trace : trace in which to hide packets.

nd_trace_sel_show ()

void        nd_trace_sel_show               (ND_Trace *trace);

The function shows hidden packets in the current selection.

trace : trace in which to show hidden packets.

nd_trace_select_packet ()

void        nd_trace_select_packet          (ND_Trace *trace,
                                             int index);

The function selects the indicated packet and marks it as the currently selected one. This function is a callback that gets called when a user selects a packet in the packet list, so when you want full service, use gtk_clist_select_row() instead, which will cause this function to be called.

`trace` :	trace to select packet in.
`index` :	index of packet to select.

nd_trace_unselect_packet ()

void        nd_trace_unselect_packet        (ND_Trace *trace,
                                             int index);

The function unselects the indicated packet in the trace. This function is a callback that gets called when a user selects a packet in the packet list, so when you want full service, use gtk_clist_unselect_row() instead, which will cause this function to be called.

`trace` :	trace to unselect packet in.
`index` :	index of packet to unselect.

nd_trace_clear_selection ()

void        nd_trace_clear_selection        (ND_Trace *trace);

This function clears the selection in the trace. It only changes the internal state of the trace, and doesn't update the GUI in any way. This function is a callback for the unselect-all signal in the trace's GUI packet list.

trace : trace in which to clear selection.

nd_trace_full_selection ()

void        nd_trace_full_selection         (ND_Trace *trace);

This function selects everything in the trace. It only changes the internal state of the trace, and doesn't update the GUI in any way. This function is a callback for the select-all signal in the trace's GUI packet list.

trace : trace in which to select everything.

nd_trace_set_dirty ()

void        nd_trace_set_dirty              (ND_Trace *trace,
                                             gboolean dirty);

This function sets the dirty state of trace and updates the GUI accordingly. If the trace is marked dirty, you cannot close it without confirmation.

`trace` :	trace to update.
`dirty` :	whether we're dirty or not.

nd_trace_get_notebook ()

GtkNotebook* nd_trace_get_notebook          (const ND_Trace *trace);

This function provides access to the GTK notebook that contains the protocols for this trace.

`trace` :	trace to query.
Returns :	the protocols notebook.

nd_trace_goto_top ()

void        nd_trace_goto_top               (const ND_Trace *trace);

This function scrolls trace to the top.

trace : trace to scroll.

nd_trace_goto_bottom ()

void        nd_trace_goto_bottom            (const ND_Trace *trace);

This function scrolls trace to the bottom.