-rw-r--r-- | libopie2/opienet/opcap.h | 67 |
1 files changed, 50 insertions, 17 deletions
diff --git a/libopie2/opienet/opcap.h b/libopie2/opienet/opcap.h index 6bf7416..fe88e68 100644 --- a/libopie2/opienet/opcap.h +++ b/libopie2/opienet/opcap.h @@ -59,25 +59,67 @@ extern "C" // work around a bpf/pcap conflict in recent headers /* TYPEDEFS */ typedef struct timeval timevalstruct; typedef struct pcap_pkthdr packetheaderstruct; /* FORWARDS */ class OPacketCapturer; class QSocketNotifier; /*====================================================================================== * OPacket - A frame on the wire *======================================================================================*/ -// FIXME how many OPackets do we've at a time? QObject seams to be a big for that usage + +/** @brief A class representing a data frame on the wire. + * + * The whole family of the packet classes are used when capturing frames from a network. + * Most standard network protocols in use share a common architecture, which mostly is + * a packet header and then the packet payload. In layered architectures, each lower layer + * encapsulates data from its upper layer - that is it + * treats the data from its upper layer as payload and prepends an own header to the packet, + * which - again - is treated as the payload for the layer below. The figure below is an + * example for how such a data frame is composed out of packets, e.g. when sending a mail. + * + * <pre> + * | User Data | == Mail Data + * | SMTP Header | User Data | == SMTP + * | TCP Header | SMTP Header | User Data | == TCP + * | IP Header | TCP Header | SMTP Header | User Data | == IP + * | MAC Header | IP Header | TCP Header | SMTP Header | User Data | == MAC + * + * </pre> + * + * The example is trimmed for simplicity, because the MAC (Medium Access Control) layer + * also contains a few more levels of encapsulation. + * Since the type of the payload is more or less independent from the encapsulating protocol, + * the header must be inspected before attempting to decode the payload. Hence, the + * encapsulation level varies and can't be deduced without actually looking into the packets. + * + * For actually working with captured frames, it's useful to identify the packets via names and + * insert them into a parent/child - relationship based on the encapsulation. This is why + * all packet classes derive from QObject. The amount of overhead caused by the QObject is + * not a problem in this case, because we're talking about a theoratical maximum of about + * 10 packets per captured frame. We need to stuff them into a searchable list anyway and the + * QObject also cares about destroying the sub-, (child-) packets. + * + * This enables us to perform a simple look for packets of a certain type: + * @code + * OPacketCapturer* pcap = new OPacketCapturer(); + * pcap->open( "eth0" ); + * OPacket* p = pcap->next(); + * OIPPacket* ip = (OIPPacket*) p->child( "IP" ); // returns 0, if no such child exists + * odebug << "got ip packet from " << ip->fromIPAddress().toString() << " to " << ip->toIPAddress().toString() << oendl; + * + */ + class OPacket : public QObject { Q_OBJECT public: OPacket( int datalink, packetheaderstruct, const unsigned char*, QObject* parent ); virtual ~OPacket(); timevalstruct timeval() const; int caplen() const; int len() const; @@ -86,46 +128,45 @@ class OPacket : public QObject void updateStats( QMap<QString,int>&, QObjectList* ); private: const packetheaderstruct _hdr; // pcap packet header const unsigned char* _data; // pcap packet data const unsigned char* _end; // end of pcap packet data }; /*====================================================================================== * OEthernetPacket - DLT_EN10MB frame *======================================================================================*/ -//FIXME same critic as above -zecke class OEthernetPacket : public QObject { Q_OBJECT public: OEthernetPacket( const unsigned char*, const struct ether_header*, QObject* parent = 0 ); virtual ~OEthernetPacket(); OMacAddress sourceAddress() const; OMacAddress destinationAddress() const; int type() const; private: const struct ether_header* _ether; }; /*====================================================================================== * OWaveLanPacket - DLT_IEEE802_11 frame *======================================================================================*/ -//FIXME same + class OWaveLanPacket : public QObject { Q_OBJECT public: OWaveLanPacket( const unsigned char*, const struct ieee_802_11_header*, QObject* parent = 0 ); virtual ~OWaveLanPacket(); int duration() const; bool fromDS() const; bool toDS() const; virtual OMacAddress macAddress1() const; @@ -137,25 +178,25 @@ class OWaveLanPacket : public QObject int subType() const; int version() const; bool usesWep() const; private: const struct ieee_802_11_header* _wlanhdr; }; /*====================================================================================== * OWaveLanManagementPacket - type: management (T_MGMT) *======================================================================================*/ -//FIXME same as above -zecke + class OWaveLanManagementPacket : public QObject { Q_OBJECT public: OWaveLanManagementPacket( const unsigned char*, const struct ieee_802_11_mgmt_header*, OWaveLanPacket* parent = 0 ); virtual ~OWaveLanManagementPacket(); QString managementType() const; int beaconInterval() const; int capabilities() const; // generic @@ -166,129 +207,125 @@ class OWaveLanManagementPacket : public QObject bool canCFP_REQ() const; bool canPrivacy() const; private: const struct ieee_802_11_mgmt_header* _header; const struct ieee_802_11_mgmt_body* _body; }; /*====================================================================================== * OWaveLanManagementSSID *======================================================================================*/ -//FIXME is QObject necessary? -zecke + class OWaveLanManagementSSID : public QObject { Q_OBJECT public: OWaveLanManagementSSID( const unsigned char*, const struct ssid_t*, QObject* parent = 0 ); virtual ~OWaveLanManagementSSID(); QString ID() const; private: const struct ssid_t* _data; }; /*====================================================================================== * OWaveLanManagementRates *======================================================================================*/ -// FIXME same as above -zecke + class OWaveLanManagementRates : public QObject { Q_OBJECT public: OWaveLanManagementRates( const unsigned char*, const struct rates_t*, QObject* parent = 0 ); virtual ~OWaveLanManagementRates(); private: const struct rates_t* _data; }; /*====================================================================================== * OWaveLanManagementCF *======================================================================================*/ -//FIXME same.... class OWaveLanManagementCF : public QObject { Q_OBJECT public: OWaveLanManagementCF( const unsigned char*, const struct cf_t*, QObject* parent = 0 ); virtual ~OWaveLanManagementCF(); private: const struct cf_t* _data; }; /*====================================================================================== * OWaveLanManagementFH *======================================================================================*/ -//FIXME same class OWaveLanManagementFH : public QObject { Q_OBJECT public: OWaveLanManagementFH( const unsigned char*, const struct fh_t*, QObject* parent = 0 ); virtual ~OWaveLanManagementFH(); private: const struct fh_t* _data; }; /*====================================================================================== * OWaveLanManagementDS *======================================================================================*/ -//FIXME same + class OWaveLanManagementDS : public QObject { Q_OBJECT public: OWaveLanManagementDS( const unsigned char*, const struct ds_t*, QObject* parent = 0 ); virtual ~OWaveLanManagementDS(); int channel() const; private: const struct ds_t* _data; }; /*====================================================================================== * OWaveLanManagementTim *======================================================================================*/ -//FIXME guess what? class OWaveLanManagementTim : public QObject { Q_OBJECT public: OWaveLanManagementTim( const unsigned char*, const struct tim_t*, QObject* parent = 0 ); virtual ~OWaveLanManagementTim(); private: const struct tim_t* _data; }; /*====================================================================================== * OWaveLanManagementIBSS *======================================================================================*/ -//FIXME same as above ( Qobject ) class OWaveLanManagementIBSS : public QObject { Q_OBJECT public: OWaveLanManagementIBSS( const unsigned char*, const struct ibss_t*, QObject* parent = 0 ); virtual ~OWaveLanManagementIBSS(); private: const struct ibss_t* _data; }; @@ -319,60 +356,57 @@ class OWaveLanDataPacket : public QObject public: OWaveLanDataPacket( const unsigned char*, const struct ieee_802_11_data_header*, OWaveLanPacket* parent = 0 ); virtual ~OWaveLanDataPacket(); private: const struct ieee_802_11_data_header* _header; }; /*====================================================================================== * OWaveLanControlPacket - type: control (T_CTRL) *======================================================================================*/ -// Qobject needed? + class OWaveLanControlPacket : public QObject { Q_OBJECT public: OWaveLanControlPacket( const unsigned char*, const struct ieee_802_11_control_header*, OWaveLanPacket* parent = 0 ); virtual ~OWaveLanControlPacket(); private: const struct ieee_802_11_control_header* _header; }; /*====================================================================================== * OLLCPacket - IEEE 802.2 Link Level Control *======================================================================================*/ -// QObject needed? class OLLCPacket : public QObject { Q_OBJECT public: OLLCPacket( const unsigned char*, const struct ieee_802_11_802_2_header* data, QObject* parent = 0 ); virtual ~OLLCPacket(); private: - //FIXME how to get that header? const struct ieee_802_11_802_2_header* _header; }; /*====================================================================================== * OIPPacket *======================================================================================*/ -// Qobject as baseclass? class OIPPacket : public QObject { Q_OBJECT public: OIPPacket( const unsigned char*, const struct iphdr*, QObject* parent = 0 ); virtual ~OIPPacket(); QHostAddress fromIPAddress() const; QHostAddress toIPAddress() const; int tos() const; @@ -381,45 +415,44 @@ class OIPPacket : public QObject int offset() const; int ttl() const; int protocol() const; int checksum() const; private: const struct iphdr* _iphdr; }; /*====================================================================================== * OUDPPacket *======================================================================================*/ -// QObject? + class OUDPPacket : public QObject { Q_OBJECT public: OUDPPacket( const unsigned char*, const struct udphdr*, QObject* parent = 0 ); virtual ~OUDPPacket(); int fromPort() const; int toPort() const; private: const struct udphdr* _udphdr; }; /*====================================================================================== * OTCPPacket *======================================================================================*/ -// Qobect needed? class OTCPPacket : public QObject { Q_OBJECT public: OTCPPacket( const unsigned char*, const struct tcphdr*, QObject* parent = 0 ); virtual ~OTCPPacket(); int fromPort() const; int toPort() const; private: |