/* ** Copyright (C) 2001-2006 by Carnegie Mellon University. ** ** @OPENSOURCE_HEADER_START@ ** ** Use of the SILK system and related source code is subject to the terms ** of the following licenses: ** ** GNU Public License (GPL) Rights pursuant to Version 2, June 1991 ** Government Purpose License Rights (GPLR) pursuant to DFARS 252.225-7013 ** ** NO WARRANTY ** ** ANY INFORMATION, MATERIALS, SERVICES, INTELLECTUAL PROPERTY OR OTHER ** PROPERTY OR RIGHTS GRANTED OR PROVIDED BY CARNEGIE MELLON UNIVERSITY ** PURSUANT TO THIS LICENSE (HEREINAFTER THE "DELIVERABLES") ARE ON AN ** "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY ** KIND, EITHER EXPRESS OR IMPLIED AS TO ANY MATTER INCLUDING, BUT NOT ** LIMITED TO, WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, ** MERCHANTABILITY, INFORMATIONAL CONTENT, NONINFRINGEMENT, OR ERROR-FREE ** OPERATION. CARNEGIE MELLON UNIVERSITY SHALL NOT BE LIABLE FOR INDIRECT, ** SPECIAL OR CONSEQUENTIAL DAMAGES, SUCH AS LOSS OF PROFITS OR INABILITY ** TO USE SAID INTELLECTUAL PROPERTY, UNDER THIS LICENSE, REGARDLESS OF ** WHETHER SUCH PARTY WAS AWARE OF THE POSSIBILITY OF SUCH DAMAGES. ** LICENSEE AGREES THAT IT WILL NOT MAKE ANY WARRANTY ON BEHALF OF ** CARNEGIE MELLON UNIVERSITY, EXPRESS OR IMPLIED, TO ANY PERSON ** CONCERNING THE APPLICATION OF OR THE RESULTS TO BE OBTAINED WITH THE ** DELIVERABLES UNDER THIS LICENSE. ** ** Licensee hereby agrees to defend, indemnify, and hold harmless Carnegie ** Mellon University, its trustees, officers, employees, and agents from ** all claims or demands made against them (and any related losses, ** expenses, or attorney's fees) arising out of, or relating to Licensee's ** and/or its sub licensees' negligent use or willful misuse of or ** negligent conduct or willful misconduct regarding the Software, ** facilities, or other rights or assistance granted by Carnegie Mellon ** University under this License, including, but not limited to, any ** claims of product liability, personal injury, death, damage to ** property, or violation of any laws or regulations. ** ** Carnegie Mellon University Software Engineering Institute authored ** documents are sponsored by the U.S. Department of Defense under ** Contract F19628-00-C-0003. Carnegie Mellon University retains ** copyrights in all material produced under this contract. The U.S. ** Government retains a non-exclusive, royalty-free license to publish or ** reproduce these documents, or allow others to do so, for U.S. ** Government purposes only pursuant to the copyright license under the ** contract clause at 252.227.7013. ** ** @OPENSOURCE_HEADER_END@ */ #ifndef _FLOWCAP_H #define _FLOWCAP_H #include "silk.h" RCSIDENTVAR(rcsID_FLOWCAP_H, "$SiLK: flowcap.h 4876 2006-09-14 21:18:03Z mthomas $"); #include "v5pdu.h" #include "rwpack.h" #define _FC_MAX(a, b) (((a) > (b)) ? (a) : (b)) typedef void *fcHeader_t; typedef void *flowcapRec_t; typedef struct fcHeader_V2_t { genericHeader gHdr; char sensorID[SK_MAX_STRLEN_SENSOR + 1]; char probeID[SK_MAX_STRLEN_SENSOR + 1]; } fcHeader_V2_t; /* Type 2 flowcap record. */ typedef struct _flowcapRec_V2_t { ipUnion sIP; /* 0- 3 */ ipUnion dIP; /* 4- 7 */ uint32_t bytes; /* 8-11 */ uint32_t sTime; /* 12-15 */ uint16_t dur; /* 16-17 */ uint16_t sPort; /* 18-19 */ uint16_t dPort; /* 20-21 */ uint8_t input; /* 22 */ uint8_t output; /* 23 */ uint8_t pkts[3]; /* 24-26 */ uint8_t proto; /* 27 */ uint8_t flags; /* 28 */ uint8_t tos; /* 29 */ } flowcapRec_V2_t; #define FC_SIZE_V2 30 /* Type 3 flowcap header is the same as type 2. */ typedef fcHeader_V2_t fcHeader_V3_t; typedef struct _flowcapRec_V3_t { ipUnion sIP; /* 0- 3 */ ipUnion dIP; /* 4- 7 */ uint32_t bytes; /* 8-11 */ uint32_t sTime; /* 12-15 */ uint16_t dur; /* 16-17 */ uint16_t sPort; /* 18-19 */ uint16_t dPort; /* 20-21 */ uint16_t service_port; /* 22-23 */ uint8_t input; /* 24 */ uint8_t output; /* 25 */ uint8_t pkts[3]; /* 26-28 */ uint8_t proto; /* 29 */ uint8_t flags; /* 30 */ uint8_t first_flags; /* 31 */ uint8_t tcp_state; /* 32 */ uint8_t time_frac[3]; /* 33-35 */ } flowcapRec_V3_t; #define FC_SIZE_V3 36 /* Type 4 flowcap header is the same as type 3. */ typedef fcHeader_V3_t fcHeader_V4_t; typedef struct _flowcapRec_V4_t { ipUnion sIP; /* 0- 3 */ ipUnion dIP; /* 4- 7 */ uint32_t bytes; /* 8-11 */ uint32_t sTime; /* 12-15 */ uint16_t dur; /* 16-17 */ uint16_t sPort; /* 18-19 */ uint16_t dPort; /* 20-21 */ uint16_t service_port; /* 22-23 */ uint8_t input; /* 24 */ uint8_t output; /* 25 */ uint8_t pkts[3]; /* 26-28 */ uint8_t proto; /* 29 */ uint8_t flags; /* 30 */ uint8_t first_flags; /* 31 */ uint8_t tcp_state; /* 32 */ uint8_t time_frac[3]; /* 33-35 */ uint32_t payload_hash; /* 36-39 */ } flowcapRec_V4_t; #define FC_SIZE_V4 40 /* Type 5 flowcap header is the same as type 3. */ typedef fcHeader_V3_t fcHeader_V5_t; typedef struct _flowcapRec_V5_t { ipUnion sIP; /* 0- 3 */ ipUnion dIP; /* 4- 7 */ uint32_t bytes; /* 8-11 */ uint32_t sTime; /* 12-15 */ uint16_t dur; /* 16-17 */ uint16_t sPort; /* 18-19 */ uint16_t dPort; /* 20-21 */ uint16_t service_port; /* 22-23 */ uint16_t input; /* 24-25 */ uint16_t output; /* 26-27 */ uint8_t pkts[3]; /* 28-30 */ uint8_t proto; /* 31 */ uint8_t flags; /* 32 */ uint8_t first_flags; /* 33 */ uint8_t tcp_state; /* 34 */ uint8_t time_frac[3]; /* 35-37 */ } flowcapRec_V5_t; #define FC_SIZE_V5 38 #define FC_REC_SIZE(ver) (((ver) == 2) ? FC_SIZE_V2 : \ (((ver) == 3) ? FC_SIZE_V3 : \ (((ver) == 4) ? FC_SIZE_V4 : \ (((ver) == 5) ? FC_SIZE_V5 : -1)))) #define FC_MAX_SIZE \ _FC_MAX( \ _FC_MAX( \ _FC_MAX( \ FC_SIZE_V2, \ FC_SIZE_V3), \ FC_SIZE_V4), \ FC_SIZE_V5) #define FC_VERSIONS 5 #endif /* _FLOWCAP_H */ /* ** Local variables: ** mode:c ** indent-tabs-mode:nil ** c-basic-offset:4 ** End: */