diff --git a/dumpcap.c b/dumpcap.c index f0c6a6b9968..b3945f841d2 100644 --- a/dumpcap.c +++ b/dumpcap.c @@ -4552,7 +4552,7 @@ capture_loop_write_pcapng_cb(capture_src *pcap_src, const pcapng_block_header_t global_ld.go = FALSE; global_ld.err = err; pcap_src->dropped++; - } else if (bh->block_type == BLOCK_TYPE_EPB || bh->block_type == BLOCK_TYPE_SPB || bh->block_type == BLOCK_TYPE_SYSTEMD_JOURNAL) { + } else if (bh->block_type == BLOCK_TYPE_EPB || bh->block_type == BLOCK_TYPE_SPB || bh->block_type == BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT) { /* count packet only if we actually have an EPB or SPB */ #if defined(DEBUG_DUMPCAP) || defined(DEBUG_CHILD_DUMPCAP) ws_info("Wrote a pcapng block type %u of length %d captured on interface %u.", diff --git a/editcap.c b/editcap.c index dacc84c833a..4f0df54118d 100644 --- a/editcap.c +++ b/editcap.c @@ -2097,8 +2097,8 @@ main(int argc, char *argv[]) do_mutation = TRUE; break; - case REC_TYPE_SYSTEMD_JOURNAL: - caplen = rec->rec_header.systemd_journal_header.record_len; + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: + caplen = rec->rec_header.systemd_journal_export_header.record_len; do_mutation = TRUE; break; } diff --git a/epan/dissectors/file-pcapng.c b/epan/dissectors/file-pcapng.c index eea1c2e38be..4dc1c8449a1 100644 --- a/epan/dissectors/file-pcapng.c +++ b/epan/dissectors/file-pcapng.c @@ -242,7 +242,7 @@ static gboolean pref_dissect_next_layer = FALSE; #define BLOCK_ENHANCED_PACKET 0x00000006 #define BLOCK_IRIG_TIMESTAMP 0x00000007 #define BLOCK_ARINC_429 0x00000008 -#define BLOCK_SYSTEMD_JOURNAL 0x00000009 +#define BLOCK_SYSTEMD_JOURNAL_EXPORT 0x00000009 #define BLOCK_DSB 0x0000000a #define BLOCK_SECTION_HEADER 0x0A0D0D0A #define BLOCK_DARWIN_PROCESS 0x80000001 diff --git a/epan/dissectors/packet-frame.c b/epan/dissectors/packet-frame.c index e724ce1f940..8b0c6eac043 100644 --- a/epan/dissectors/packet-frame.c +++ b/epan/dissectors/packet-frame.c @@ -384,7 +384,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* pinfo->current_proto = "System Call"; break; - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: pinfo->current_proto = "Systemd Journal"; break; @@ -507,7 +507,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* pinfo->num, frame_len, frame_plurality); break; - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: /* * XXX - we need to rethink what's handled by * packet-record.c, what's handled by packet-frame.c. @@ -844,7 +844,7 @@ dissect_frame(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, void* } break; - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: if (systemd_journal_handle) { call_dissector_with_data(systemd_journal_handle, tvb, pinfo, parent_tree, diff --git a/epan/dissectors/packet-systemd-journal.c b/epan/dissectors/packet-systemd-journal.c index 2744700f7fb..b96ff7bbd83 100644 --- a/epan/dissectors/packet-systemd-journal.c +++ b/epan/dissectors/packet-systemd-journal.c @@ -885,7 +885,7 @@ proto_register_systemd_journal(void) init_jf_to_hf_map(); } -#define BLOCK_TYPE_SYSTEMD_JOURNAL 0x0000009 +#define BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT 0x0000009 void proto_reg_handoff_systemd_journal(void) { @@ -894,7 +894,7 @@ proto_reg_handoff_systemd_journal(void) file_type_subtype_systemd_journal = wtap_name_to_file_type_subtype("systemd_journal"); if (file_type_subtype_systemd_journal != -1) dissector_add_uint("wtap_fts_rec", file_type_subtype_systemd_journal, sje_handle); - dissector_add_uint("pcapng.block_type", BLOCK_TYPE_SYSTEMD_JOURNAL, sje_handle); + dissector_add_uint("pcapng.block_type", BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT, sje_handle); // It's possible to ship journal entries over HTTP/HTTPS using // systemd-journal-remote. Dissecting them on the wire isn't very // useful since it's easy to end up with a packet containing a diff --git a/epan/frame_data.c b/epan/frame_data.c index 43dc081b742..d7f33b17552 100644 --- a/epan/frame_data.c +++ b/epan/frame_data.c @@ -193,13 +193,13 @@ frame_data_init(frame_data *fdata, guint32 num, const wtap_rec *rec, fdata->cap_len = rec->rec_header.syscall_header.event_filelen; break; - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: /* * XXX - is cum_bytes supposed to count non-packet bytes? */ - fdata->pkt_len = rec->rec_header.systemd_journal_header.record_len; - fdata->cum_bytes = cum_bytes + rec->rec_header.systemd_journal_header.record_len; - fdata->cap_len = rec->rec_header.systemd_journal_header.record_len; + fdata->pkt_len = rec->rec_header.systemd_journal_export_header.record_len; + fdata->cum_bytes = cum_bytes + rec->rec_header.systemd_journal_export_header.record_len; + fdata->cap_len = rec->rec_header.systemd_journal_export_header.record_len; break; case REC_TYPE_CUSTOM_BLOCK: diff --git a/epan/packet.c b/epan/packet.c index 7e64f562b20..6ab0139db58 100644 --- a/epan/packet.c +++ b/epan/packet.c @@ -502,7 +502,7 @@ dissect_record(epan_dissect_t *edt, int file_type_subtype, record_type = "System Call"; break; - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: record_type = "Systemd Journal Entry"; break; @@ -554,7 +554,7 @@ dissect_record(epan_dissect_t *edt, int file_type_subtype, edt->pi.pseudo_header = NULL; break; - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: edt->pi.pseudo_header = NULL; break; diff --git a/extcap/sdjournal.c b/extcap/sdjournal.c index 0ffdc5b71e9..1e1629cb126 100644 --- a/extcap/sdjournal.c +++ b/extcap/sdjournal.c @@ -41,7 +41,7 @@ #define SDJOURNAL_VERSION_RELEASE "0" #define SDJOURNAL_EXTCAP_INTERFACE "sdjournal" -#define BLOCK_TYPE_SYSTEMD_JOURNAL 0x00000009 +#define BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT 0x00000009 enum { EXTCAP_BASE_OPTIONS_ENUM, @@ -81,7 +81,7 @@ static int sdj_dump_entries(sd_journal *jnl, FILE* fp) uint64_t pkt_rt_ts, mono_ts; sd_id128_t boot_id; char boot_id_str[FLD_BOOT_ID_LEN] = FLD_BOOT_ID; - guint32 block_type = BLOCK_TYPE_SYSTEMD_JOURNAL; + guint32 block_type = BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT; guint32 data_end = 8; // Block type + total length const void *fld_data; size_t fld_len; diff --git a/ui/file_dialog.c b/ui/file_dialog.c index eb0fd9602c6..506f227317d 100644 --- a/ui/file_dialog.c +++ b/ui/file_dialog.c @@ -69,7 +69,7 @@ get_stats_for_preview(wtap *wth, ws_file_preview_stats *stats, case REC_TYPE_FT_SPECIFIC_EVENT: case REC_TYPE_FT_SPECIFIC_REPORT: case REC_TYPE_SYSCALL: - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: data_records++; break; } diff --git a/wiretap/pcapng.c b/wiretap/pcapng.c index 5fc57b4f56e..caeb3e7f502 100644 --- a/wiretap/pcapng.c +++ b/wiretap/pcapng.c @@ -298,7 +298,7 @@ register_pcapng_block_type_handler(guint block_type, block_reader reader, case BLOCK_TYPE_CB_NO_COPY: case BLOCK_TYPE_SYSDIG_EVENT: case BLOCK_TYPE_SYSDIG_EVENT_V2: - case BLOCK_TYPE_SYSTEMD_JOURNAL: + case BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT: /* * Yes; we already handle it, and don't allow a replacement to * be registeted (if there's a bug in our code, or there's @@ -2628,8 +2628,8 @@ pcapng_read_systemd_journal_export_block(wtap *wth, FILE_T fh, pcapng_block_head } } - wblock->rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL; - wblock->rec->rec_header.systemd_journal_header.record_len = entry_length; + wblock->rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT; + wblock->rec->rec_header.systemd_journal_export_header.record_len = entry_length; wblock->rec->presence_flags = WTAP_HAS_CAP_LEN; if (have_ts) { wblock->rec->presence_flags |= WTAP_HAS_TS; @@ -2912,7 +2912,7 @@ pcapng_read_block(wtap *wth, FILE_T fh, pcapng_t *pn, if (!pcapng_read_sysdig_event_block(fh, &bh, section_info, wblock, err, err_info)) return FALSE; break; - case(BLOCK_TYPE_SYSTEMD_JOURNAL): + case(BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT): if (!pcapng_read_systemd_journal_export_block(wth, fh, &bh, pn, wblock, err, err_info)) return FALSE; break; @@ -4161,23 +4161,23 @@ pcapng_write_systemd_journal_export_block(wtap_dumper *wdh, const wtap_rec *rec, guint32 pad_len; /* Don't write anything we're not willing to read. */ - if (rec->rec_header.systemd_journal_header.record_len > WTAP_MAX_PACKET_SIZE_STANDARD) { + if (rec->rec_header.systemd_journal_export_header.record_len > WTAP_MAX_PACKET_SIZE_STANDARD) { *err = WTAP_ERR_PACKET_TOO_LARGE; return FALSE; } - if (rec->rec_header.systemd_journal_header.record_len % 4) { - pad_len = 4 - (rec->rec_header.systemd_journal_header.record_len % 4); + if (rec->rec_header.systemd_journal_export_header.record_len % 4) { + pad_len = 4 - (rec->rec_header.systemd_journal_export_header.record_len % 4); } else { pad_len = 0; } /* write systemd journal export block header */ - bh.block_type = BLOCK_TYPE_SYSTEMD_JOURNAL; - bh.block_total_length = (guint32)sizeof(bh) + rec->rec_header.systemd_journal_header.record_len + pad_len + 4; + bh.block_type = BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT; + bh.block_total_length = (guint32)sizeof(bh) + rec->rec_header.systemd_journal_export_header.record_len + pad_len + 4; ws_debug("writing %u bytes, %u padded", - rec->rec_header.systemd_journal_header.record_len, + rec->rec_header.systemd_journal_export_header.record_len, bh.block_total_length); if (!wtap_dump_file_write(wdh, &bh, sizeof bh, err)) @@ -4185,9 +4185,9 @@ pcapng_write_systemd_journal_export_block(wtap_dumper *wdh, const wtap_rec *rec, wdh->bytes_dumped += sizeof bh; /* write entry data */ - if (!wtap_dump_file_write(wdh, pd, rec->rec_header.systemd_journal_header.record_len, err)) + if (!wtap_dump_file_write(wdh, pd, rec->rec_header.systemd_journal_export_header.record_len, err)) return FALSE; - wdh->bytes_dumped += rec->rec_header.systemd_journal_header.record_len; + wdh->bytes_dumped += rec->rec_header.systemd_journal_export_header.record_len; /* write padding (if any) */ if (pad_len != 0) { @@ -5221,7 +5221,7 @@ static gboolean pcapng_dump(wtap_dumper *wdh, } break; - case REC_TYPE_SYSTEMD_JOURNAL: + case REC_TYPE_SYSTEMD_JOURNAL_EXPORT: if (!pcapng_write_systemd_journal_export_block(wdh, rec, pd, err)) { return FALSE; } @@ -5442,7 +5442,7 @@ static const struct supported_option_type ft_specific_event_block_options_suppor }; /* Options for systemd journal entry. */ -static const struct supported_option_type systemd_journal_block_options_supported[] = { +static const struct supported_option_type systemd_journal_export_block_options_supported[] = { { OPT_COMMENT, MULTIPLE_OPTIONS_SUPPORTED } }; @@ -5472,7 +5472,7 @@ static const struct supported_block_type pcapng_blocks_supported[] = { { WTAP_BLOCK_FT_SPECIFIC_EVENT, MULTIPLE_BLOCKS_SUPPORTED, OPTION_TYPES_SUPPORTED(ft_specific_event_block_options_supported) }, /* Multiple systemd journal records. */ - { WTAP_BLOCK_SYSTEMD_JOURNAL, MULTIPLE_BLOCKS_SUPPORTED, OPTION_TYPES_SUPPORTED(systemd_journal_block_options_supported) }, + { WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT, MULTIPLE_BLOCKS_SUPPORTED, OPTION_TYPES_SUPPORTED(systemd_journal_export_block_options_supported) }, /* Multiple custom blocks. */ { WTAP_BLOCK_CUSTOM_BLOCK, MULTIPLE_BLOCKS_SUPPORTED, NO_OPTIONS_SUPPORTED }, diff --git a/wiretap/pcapng_module.h b/wiretap/pcapng_module.h index 8f3eeee2d93..8ff8c618cab 100644 --- a/wiretap/pcapng_module.h +++ b/wiretap/pcapng_module.h @@ -15,23 +15,23 @@ * * XXX - Dear Sysdig People: please add your blocks to the spec! */ -#define BLOCK_TYPE_SHB 0x0A0D0D0A /* Section Header Block */ -#define BLOCK_TYPE_IDB 0x00000001 /* Interface Description Block */ -#define BLOCK_TYPE_PB 0x00000002 /* Packet Block (obsolete) */ -#define BLOCK_TYPE_SPB 0x00000003 /* Simple Packet Block */ -#define BLOCK_TYPE_NRB 0x00000004 /* Name Resolution Block */ -#define BLOCK_TYPE_ISB 0x00000005 /* Interface Statistics Block */ -#define BLOCK_TYPE_EPB 0x00000006 /* Enhanced Packet Block */ -#define BLOCK_TYPE_IRIG_TS 0x00000007 /* IRIG Timestamp Block */ -#define BLOCK_TYPE_ARINC_429 0x00000008 /* ARINC 429 in AFDX Encapsulation Information Block */ -#define BLOCK_TYPE_SYSTEMD_JOURNAL 0x00000009 /* systemd journal entry */ -#define BLOCK_TYPE_DSB 0x0000000A /* Decryption Secrets Block */ -#define BLOCK_TYPE_SYSDIG_EVENT 0x00000204 /* Sysdig Event Block */ -#define BLOCK_TYPE_SYSDIG_EVF 0x00000208 /* Sysdig Event Block with flags */ -#define BLOCK_TYPE_SYSDIG_EVENT_V2 0x00000216 /* Sysdig Event Block version 2 */ -#define BLOCK_TYPE_SYSDIG_EVF_V2 0x00000217 /* Sysdig Event Block with flags version 2 */ -#define BLOCK_TYPE_CB_COPY 0x00000BAD /* Custom Block which can be copied */ -#define BLOCK_TYPE_CB_NO_COPY 0x40000BAD /* Custom Block which should not be copied */ +#define BLOCK_TYPE_SHB 0x0A0D0D0A /* Section Header Block */ +#define BLOCK_TYPE_IDB 0x00000001 /* Interface Description Block */ +#define BLOCK_TYPE_PB 0x00000002 /* Packet Block (obsolete) */ +#define BLOCK_TYPE_SPB 0x00000003 /* Simple Packet Block */ +#define BLOCK_TYPE_NRB 0x00000004 /* Name Resolution Block */ +#define BLOCK_TYPE_ISB 0x00000005 /* Interface Statistics Block */ +#define BLOCK_TYPE_EPB 0x00000006 /* Enhanced Packet Block */ +#define BLOCK_TYPE_IRIG_TS 0x00000007 /* IRIG Timestamp Block */ +#define BLOCK_TYPE_ARINC_429 0x00000008 /* ARINC 429 in AFDX Encapsulation Information Block */ +#define BLOCK_TYPE_SYSTEMD_JOURNAL_EXPORT 0x00000009 /* systemd journal entry */ +#define BLOCK_TYPE_DSB 0x0000000A /* Decryption Secrets Block */ +#define BLOCK_TYPE_SYSDIG_EVENT 0x00000204 /* Sysdig Event Block */ +#define BLOCK_TYPE_SYSDIG_EVF 0x00000208 /* Sysdig Event Block with flags */ +#define BLOCK_TYPE_SYSDIG_EVENT_V2 0x00000216 /* Sysdig Event Block version 2 */ +#define BLOCK_TYPE_SYSDIG_EVF_V2 0x00000217 /* Sysdig Event Block with flags version 2 */ +#define BLOCK_TYPE_CB_COPY 0x00000BAD /* Custom Block which can be copied */ +#define BLOCK_TYPE_CB_NO_COPY 0x40000BAD /* Custom Block which should not be copied */ /* TODO: the following are not yet well defined in the draft spec, * and do not yet have block type values assigned to them: diff --git a/wiretap/systemd_journal.c b/wiretap/systemd_journal.c index 53ba31df65d..557eedcfd75 100644 --- a/wiretap/systemd_journal.c +++ b/wiretap/systemd_journal.c @@ -229,9 +229,9 @@ systemd_journal_read_export_entry(FILE_T fh, wtap_rec *rec, Buffer *buf, int *er return FALSE; } - rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL; + rec->rec_type = REC_TYPE_SYSTEMD_JOURNAL_EXPORT; rec->presence_flags = WTAP_HAS_TS|WTAP_HAS_CAP_LEN; - rec->rec_header.systemd_journal_header.record_len = (guint32) fld_end; + rec->rec_header.systemd_journal_export_header.record_len = (guint32) fld_end; return TRUE; } @@ -240,7 +240,7 @@ static const struct supported_block_type systemd_journal_blocks_supported[] = { /* * We support systemd journal blocks, with no comments or other options. */ - { WTAP_BLOCK_SYSTEMD_JOURNAL, MULTIPLE_BLOCKS_SUPPORTED, NO_OPTIONS_SUPPORTED } + { WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT, MULTIPLE_BLOCKS_SUPPORTED, NO_OPTIONS_SUPPORTED } }; static const struct file_type_subtype_info systemd_journal_info = { diff --git a/wiretap/wtap.h b/wiretap/wtap.h index 70a4a219b0c..afb99ff37d9 100644 --- a/wiretap/wtap.h +++ b/wiretap/wtap.h @@ -1207,12 +1207,12 @@ union wtap_pseudo_header { * option would suffice for this purpose, so nothing needs to be * added to pcapng for this.) */ -#define REC_TYPE_PACKET 0 /**< packet */ -#define REC_TYPE_FT_SPECIFIC_EVENT 1 /**< file-type-specific event */ -#define REC_TYPE_FT_SPECIFIC_REPORT 2 /**< file-type-specific report */ -#define REC_TYPE_SYSCALL 3 /**< system call */ -#define REC_TYPE_SYSTEMD_JOURNAL 4 /**< systemd journal entry */ -#define REC_TYPE_CUSTOM_BLOCK 5 /**< pcapng custom block */ +#define REC_TYPE_PACKET 0 /**< packet */ +#define REC_TYPE_FT_SPECIFIC_EVENT 1 /**< file-type-specific event */ +#define REC_TYPE_FT_SPECIFIC_REPORT 2 /**< file-type-specific report */ +#define REC_TYPE_SYSCALL 3 /**< system call */ +#define REC_TYPE_SYSTEMD_JOURNAL_EXPORT 4 /**< systemd journal entry */ +#define REC_TYPE_CUSTOM_BLOCK 5 /**< pcapng custom block */ typedef struct { guint32 caplen; /* data length in the file */ @@ -1322,7 +1322,7 @@ typedef struct { typedef struct { guint32 record_len; /* length of the record */ -} wtap_systemd_journal_header; +} wtap_systemd_journal_export_header; typedef struct { guint32 length; /* length of the record */ @@ -1339,7 +1339,7 @@ typedef struct { wtap_packet_header packet_header; wtap_ft_specific_header ft_specific_header; wtap_syscall_header syscall_header; - wtap_systemd_journal_header systemd_journal_header; + wtap_systemd_journal_export_header systemd_journal_export_header; wtap_custom_block_header custom_block_header; } rec_header; /* diff --git a/wiretap/wtap_opttypes.h b/wiretap/wtap_opttypes.h index 01e8fb495b0..37e17f575c6 100644 --- a/wiretap/wtap_opttypes.h +++ b/wiretap/wtap_opttypes.h @@ -156,7 +156,7 @@ typedef struct wtap_block *wtap_block_t; * WTAP_BLOCK_PACKET (which corresponds to the Enhanced Packet Block, * the Simple Packet Block, and the deprecated Packet Block) is not * currently used; it's reserved for future use. The same applies - * to WTAP_BLOCK_SYSTEMD_JOURNAL. + * to WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT. */ typedef enum { WTAP_BLOCK_SECTION = 0, @@ -167,7 +167,7 @@ typedef enum { WTAP_BLOCK_PACKET, WTAP_BLOCK_FT_SPECIFIC_REPORT, WTAP_BLOCK_FT_SPECIFIC_EVENT, - WTAP_BLOCK_SYSTEMD_JOURNAL, + WTAP_BLOCK_SYSTEMD_JOURNAL_EXPORT, WTAP_BLOCK_CUSTOM_BLOCK, MAX_WTAP_BLOCK_TYPE_VALUE } wtap_block_type_t;