An corsaro packet processing plugin. More...
Data Fields | |
| const char * | name |
| The name of this plugin used in the ascii output and eventually to allow plugins to be enabled and disabled. More... | |
| const corsaro_plugin_id_t | id |
| The corsaro plugin id for this plugin. More... | |
| const uint32_t | magic |
| The magic number for this plugin's data. More... | |
| int(* | probe_filename )(const char *fname) |
| Given a filename, return if this is the most likely plugin. More... | |
| int(* | probe_magic )(struct corsaro_in *corsaro, corsaro_file_in_t *file) |
| Given a file, looks at next 4 bytes to determine if this is the right plugin. More... | |
| int(* | init_input )(struct corsaro_in *corsaro) |
| Initialises an input file using the plugin. More... | |
| int(* | init_output )(struct corsaro *corsaro) |
| Initialises an output file using the plugin. More... | |
| int(* | close_input )(struct corsaro_in *corsaro) |
| Concludes an input file and cleans up the plugin data. More... | |
| int(* | close_output )(struct corsaro *corsaro) |
| Concludes an output file and cleans up the plugin data. More... | |
| off_t(* | read_record )(struct corsaro_in *corsaro, enum corsaro_in_record_type *record_type, struct corsaro_in_record *record) |
| Reads the next block of plugin data from an input file. More... | |
| off_t(* | read_global_data_record )(struct corsaro_in *corsaro, enum corsaro_in_record_type *record_type, struct corsaro_in_record *record) |
| Reads a plugin global data block from an input file. More... | |
| int(* | start_interval )(struct corsaro *corsaro, struct corsaro_interval *int_start) |
| Starts a new interval. More... | |
| int(* | end_interval )(struct corsaro *corsaro, struct corsaro_interval *int_end) |
| Ends an interval. More... | |
| int(* | process_packet )(struct corsaro *corsaro, struct corsaro_packet *packet) |
| Process a packet. More... | |
| struct corsaro_plugin * | next |
| Next pointer, should always be NULL - used by the plugin manager. More... | |
| int | argc |
| Count of arguments in argv. More... | |
| char ** | argv |
| Array of plugin arguments This is populated by the plugin manager in corsaro_plugin_enable_plugin. More... | |
An corsaro packet processing plugin.
Definition at line 206 of file corsaro_plugin.h.
| int corsaro_plugin::argc |
Count of arguments in argv.
Definition at line 379 of file corsaro_plugin.h.
Referenced by corsaro_plugin_enable_plugin(), corsaro_plugin_manager_free(), and parse_args().
| char** corsaro_plugin::argv |
Array of plugin arguments This is populated by the plugin manager in corsaro_plugin_enable_plugin.
It is the responsibility of the plugin to do something sensible with it
Definition at line 385 of file corsaro_plugin.h.
Referenced by corsaro_plugin_enable_plugin(), corsaro_plugin_manager_free(), parse_args(), and usage().
| int(* corsaro_plugin::close_input)(struct corsaro_in *corsaro) |
Concludes an input file and cleans up the plugin data.
| corsaro | The corsaro input to be concluded |
Definition at line 261 of file corsaro_plugin.h.
Referenced by corsaro_in_free().
Concludes an output file and cleans up the plugin data.
| corsaro | The output file to be concluded |
Definition at line 268 of file corsaro_plugin.h.
Referenced by corsaro_free().
| int(* corsaro_plugin::end_interval)(struct corsaro *corsaro, struct corsaro_interval *int_end) |
Ends an interval.
| corsaro | The output object end the interval on |
| int_end | The end structure for the interval |
This is likely when the plugin will write it's data to it's output file
Definition at line 316 of file corsaro_plugin.h.
Referenced by end_interval().
| const corsaro_plugin_id_t corsaro_plugin::id |
The corsaro plugin id for this plugin.
Definition at line 220 of file corsaro_plugin.h.
Referenced by corsaro_plugin_enable_plugin(), corsaro_plugin_free_state(), corsaro_plugin_is_enabled(), and corsaro_plugin_register_state().
| int(* corsaro_plugin::init_input)(struct corsaro_in *corsaro) |
Initialises an input file using the plugin.
| corsaro | The corsaro input to be initialized |
Definition at line 247 of file corsaro_plugin.h.
Referenced by corsaro_start_input().
Initialises an output file using the plugin.
| corsaro | The corsaro output to be initialized |
Definition at line 254 of file corsaro_plugin.h.
Referenced by corsaro_start_output().
| const uint32_t corsaro_plugin::magic |
The magic number for this plugin's data.
Definition at line 223 of file corsaro_plugin.h.
Referenced by corsaro_plugin_get_by_magic().
| const char* corsaro_plugin::name |
The name of this plugin used in the ascii output and eventually to allow plugins to be enabled and disabled.
Definition at line 210 of file corsaro_plugin.h.
Referenced by corsaro_get_plugin_names(), corsaro_plugin_get_by_name(), corsaro_plugin_get_name_by_id(), corsaro_plugin_get_name_by_magic(), corsaro_plugin_probe_filename(), corsaro_start_input(), end_interval(), process_packet(), and start_interval().
| struct corsaro_plugin* corsaro_plugin::next |
Next pointer, should always be NULL - used by the plugin manager.
Definition at line 376 of file corsaro_plugin.h.
Referenced by corsaro_plugin_manager_start(), and corsaro_plugin_next().
| int(* corsaro_plugin::probe_filename)(const char *fname) |
Given a filename, return if this is the most likely plugin.
Used to "guess" the plugin when it is not specified.
| fname | The name of the device or file to examine |
Definition at line 231 of file corsaro_plugin.h.
Referenced by corsaro_start_input().
| int(* corsaro_plugin::probe_magic)(struct corsaro_in *corsaro, corsaro_file_in_t *file) |
Given a file, looks at next 4 bytes to determine if this is the right plugin.
Used to "guess" the plugin when it is not specified
| file | An corsaro file to peek at |
Definition at line 240 of file corsaro_plugin.h.
Referenced by corsaro_start_input().
| int(* corsaro_plugin::process_packet)(struct corsaro *corsaro, struct corsaro_packet *packet) |
Process a packet.
| corsaro | The output object to process the packet for |
| packet | The packet to process |
This is where the magic happens, the plugin should do any processing needed for this packet and update internal state and optionally update the corsaro_packet_state object to pass on discoveries to later plugins.
Definition at line 330 of file corsaro_plugin.h.
Referenced by process_packet().
| off_t(* corsaro_plugin::read_global_data_record)(struct corsaro_in *corsaro, enum corsaro_in_record_type *record_type, struct corsaro_in_record *record) |
Reads a plugin global data block from an input file.
| corsaro | The input file to read from | |
| [in,out] | record_type | The type of record to read, NULL for wildcard |
| [in,out] | record | A pointer to the record object to fill |
If no more data is available for reading, this function should return 0. The returned pointer should be cast to the appropriate plugin data struct.
Definition at line 296 of file corsaro_plugin.h.
Referenced by read_record().
| off_t(* corsaro_plugin::read_record)(struct corsaro_in *corsaro, enum corsaro_in_record_type *record_type, struct corsaro_in_record *record) |
Reads the next block of plugin data from an input file.
| corsaro | The input file to read from | |
| [in,out] | record_type | The type of record to read, NULL for wildcard |
| [in,out] | record | A pointer to the record object to fill |
If no more data is available for reading, this function should return 0. The returned pointer should be cast to the appropriate plugin data struct.
Definition at line 281 of file corsaro_plugin.h.
Referenced by corsaro_in_read_record().
| int(* corsaro_plugin::start_interval)(struct corsaro *corsaro, struct corsaro_interval *int_start) |
Starts a new interval.
| corsaro | The output object to start the interval on |
| int_start | The start structure for the interval |
Definition at line 306 of file corsaro_plugin.h.
Referenced by start_interval().
![[CAIDA - Center for Applied Internet Data Analysis logo]](https://www.caida.org/images/caida_globe_faded.png)
![[CAIDA]](https://www.caida.org/images/caida_whitewords.png "Go to CAIDA home page"){kind=small}