Available on crate feature
data only.Expand description
Helper functions to access block contents (depending in linktype)
§Example
use pcap_parser::data::{get_packetdata, PacketData};
use pcap_parser::pcapng::EnhancedPacketBlock;
use pcap_parser::Linktype;
fn parse_block_content<'a>(
epb: &'a EnhancedPacketBlock<'_>,
linktype: Linktype
) -> Option<()> {
let packet_data = get_packetdata(epb.data, linktype, epb.caplen as usize)?;
match packet_data {
PacketData::L3(_, _data) => {
// ...
},
_ => println!("Unsupported link type"),
}
Some(())
}Structs§
Enums§
- NfAttr
Type - Packet
Data - Contents of a pcap/pcap-ng block. This can be network data, USB, etc.
Constants§
- ETHERTYPE_
IPV4 - ETHERTYPE_
IPV6 - EXP_
PDU_ TAG_ DISSECTOR_ TABLE_ NAME - EXP_
PDU_ TAG_ DISSECTOR_ TABLE_ NAME_ NUM_ VAL - EXP_
PDU_ TAG_ PROTO_ NAME
Functions§
- get_
packetdata - Get packet data, depending on linktype.
- get_
packetdata_ ethernet - Get packet data for LINKTYPE_ETHERNET (1)
- get_
packetdata_ ipv4 - Get packet data for LINKTYPE_IPV4 (228)
- get_
packetdata_ ipv6 - Get packet data for LINKTYPE_IPV6 (229)
- get_
packetdata_ linux_ sll - Get packet data for LINKTYPE_LINUX_SLL (113)
- get_
packetdata_ linux_ sll2 - Get packet data for LINKTYPE_LINUX_SLL2 (276)
- get_
packetdata_ nflog - Get packet data for LINKTYPE_NFLOG (239)
- get_
packetdata_ null - Get packet data for LINKTYPE_NULL (0)
- get_
packetdata_ raw - Get packet data for LINKTYPE_RAW (101)
- get_
packetdata_ wireshark_ upper_ pdu - Get packet data for WIRESHARK_UPPER_PDU (252)
- parse_
exported_ tlv - parse_
many_ exported_ tlv - parse_
nflog - parse_
nflog_ header - parse_
nflog_ tlv