libscap  0.1.0.0
Modules | Data Structures | Macros | Typedefs | Enumerations | Functions
public definitions and structures

Modules

 API Functions
 

Data Structures

struct  scap_stats
 Statistics about an in progress capture. More...
 
struct  evt_param_info
 Information about the parameter of an event. More...
 
struct  scap_fdinfo
 Information about a file descriptor. More...
 
struct  scap_threadinfo
 Process information. More...
 
struct  scap_mountinfo
 Mount information. More...
 
struct  scap_open_args
 
struct  _scap_machine_info
 Machine information. More...
 
struct  scap_ifinfo_ipv4
 IPv4 interface address information. More...
 
struct  scap_ifinfo_ipv4_nolinkspeed
 For backward compatibility only. More...
 
struct  scap_ifinfo_ipv6
 IPv6 interface address information. More...
 
struct  scap_ifinfo_ipv6_nolinkspeed
 For backword compatibility only. More...
 
struct  scap_addrlist
 List of the machine network interfaces. More...
 
struct  scap_userinfo
 Information about one of the machine users. More...
 
struct  scap_groupinfo
 Information about one of the machine user groups. More...
 
struct  scap_userlist
 List of the machine users and groups. More...
 
struct  ppm_syscall_desc
 System call description struct. More...
 
struct  udig_ring_buffer_status
 

Macros

#define SCAP_SUCCESS   0
 
#define SCAP_FAILURE   1
 
#define SCAP_TIMEOUT   -1
 
#define SCAP_ILLEGAL_INPUT   3
 
#define SCAP_NOTFOUND   4
 
#define SCAP_INPUT_TOO_SMALL   5
 
#define SCAP_EOF   6
 
#define SCAP_UNEXPECTED_BLOCK   7
 
#define SCAP_VERSION_MISMATCH   8
 
#define SCAP_NOT_SUPPORTED   9
 
#define SCAP_LASTERR_SIZE   256
 
#define SCAP_MAX_PATH_SIZE   1024
 
#define SCAP_MAX_ARGS_SIZE   4096
 
#define SCAP_MAX_ENV_SIZE   4096
 
#define SCAP_MAX_CGROUPS_SIZE   4096
 
#define SCAP_MAX_SUPPRESSED_COMMS   32
 
#define SCAP_IPV6_ADDR_LEN   16
 
#define MAX_CREDENTIALS_STR_LEN   256
 
#define USERBLOCK_TYPE_USER   0
 
#define USERBLOCK_TYPE_GROUP   1
 
#define IN
 
#define OUT
 
#define UDIG_RING_SM_FNAME   "udig_buf"
 
#define UDIG_RING_DESCS_SM_FNAME   "udig_descs"
 
#define UDIG_RING_SIZE   (8 * 1024 * 1024)
 

Typedefs

typedef struct scap scap_t
 
typedef struct ppm_evt_hdr scap_evt
 
typedef struct scap_stats scap_stats
 Statistics about an in progress capture. More...
 
typedef struct evt_param_info evt_param_info
 Information about the parameter of an event. More...
 
typedef enum scap_fd_type scap_fd_type
 File Descriptor type. More...
 
typedef enum scap_l4_proto scap_l4_proto
 Socket type / transport protocol. More...
 
typedef struct scap_fdinfo scap_fdinfo
 Information about a file descriptor. More...
 
typedef struct scap_threadinfo scap_threadinfo
 Process information. More...
 
typedef void(* proc_entry_callback) (void *context, scap_t *handle, int64_t tid, scap_threadinfo *tinfo, scap_fdinfo *fdinfo)
 
typedef struct scap_open_args scap_open_args
 
typedef struct _scap_machine_info scap_machine_info
 Machine information. More...
 
typedef enum scap_ifinfo_type scap_ifinfo_type
 Interface address type. More...
 
typedef struct scap_ifinfo_ipv4 scap_ifinfo_ipv4
 IPv4 interface address information. More...
 
typedef struct scap_ifinfo_ipv4_nolinkspeed scap_ifinfo_ipv4_nolinkspeed
 For backward compatibility only. More...
 
typedef struct scap_ifinfo_ipv6 scap_ifinfo_ipv6
 IPv6 interface address information. More...
 
typedef struct scap_ifinfo_ipv6_nolinkspeed scap_ifinfo_ipv6_nolinkspeed
 For backword compatibility only. More...
 
typedef struct scap_addrlist scap_addrlist
 List of the machine network interfaces. More...
 
typedef struct scap_userinfo scap_userinfo
 Information about one of the machine users. More...
 
typedef struct scap_groupinfo scap_groupinfo
 Information about one of the machine user groups. More...
 
typedef struct scap_userlist scap_userlist
 List of the machine users and groups. More...
 
typedef enum scap_os_platform scap_os_platform
 The OS on which the capture was made. More...
 
typedef enum event_direction event_direction
 Indicates if an event is an enter one or an exit one. More...
 
typedef enum compression_mode compression_mode
 Indicates the compression type used when writing a tracefile. More...
 
typedef enum scap_dump_flags scap_dump_flags
 Flags for scap_dump. More...
 
typedef struct scap_dumper scap_dumper_t
 
typedef struct ppm_ring_buffer_info ppm_ring_buffer_info
 

Enumerations

enum  scap_fd_type {
  SCAP_FD_UNINITIALIZED = -1, SCAP_FD_UNKNOWN = 0, SCAP_FD_FILE = 1, SCAP_FD_DIRECTORY = 2,
  SCAP_FD_IPV4_SOCK = 3, SCAP_FD_IPV6_SOCK = 4, SCAP_FD_IPV4_SERVSOCK = 5, SCAP_FD_IPV6_SERVSOCK = 6,
  SCAP_FD_FIFO = 7, SCAP_FD_UNIX_SOCK = 8, SCAP_FD_EVENT = 9, SCAP_FD_UNSUPPORTED = 10,
  SCAP_FD_SIGNALFD = 11, SCAP_FD_EVENTPOLL = 12, SCAP_FD_INOTIFY = 13, SCAP_FD_TIMERFD = 14,
  SCAP_FD_NETLINK = 15, SCAP_FD_FILE_V2 = 16
}
 File Descriptor type. More...
 
enum  scap_l4_proto {
  SCAP_L4_UNKNOWN = 0, SCAP_L4_NA = 1, SCAP_L4_TCP = 2, SCAP_L4_UDP = 3,
  SCAP_L4_ICMP = 4, SCAP_L4_RAW = 5
}
 Socket type / transport protocol. More...
 
enum  scap_mode_t { SCAP_MODE_NONE = 0, SCAP_MODE_CAPTURE, SCAP_MODE_LIVE, SCAP_MODE_NODRIVER }
 Arguments for scap_open. More...
 
enum  scap_ifinfo_type {
  SCAP_II_UNKNOWN = 0, SCAP_II_IPV4 = 1, SCAP_II_IPV6 = 2, SCAP_II_IPV4_NOLINKSPEED = 3,
  SCAP_II_IPV6_NOLINKSPEED = 4
}
 Interface address type. More...
 
enum  scap_os_platform {
  SCAP_PFORM_UNKNOWN = 0, SCAP_PFORM_LINUX_I386 = 1, SCAP_PFORM_LINUX_X64 = 2, SCAP_PFORM_WINDOWS_I386 = 3,
  SCAP_PFORM_WINDOWS_X64 = 4
}
 The OS on which the capture was made. More...
 
enum  event_direction { SCAP_ED_IN = 0, SCAP_ED_OUT = 1 }
 Indicates if an event is an enter one or an exit one. More...
 
enum  compression_mode { SCAP_COMPRESSION_NONE = 0, SCAP_COMPRESSION_GZIP = 1 }
 Indicates the compression type used when writing a tracefile. More...
 
enum  scap_dump_flags { SCAP_DF_NONE = 0, SCAP_DF_STATE_ONLY = 1, SCAP_DF_TRACER = (1 << 1) }
 Flags for scap_dump. More...
 

Functions

int32_t udig_alloc_ring (int *ring_fd, uint8_t **ring, uint32_t *ringsize, char *error)
 
int32_t udig_alloc_ring_descriptors (int *ring_descs_fd, struct ppm_ring_buffer_info **ring_info, struct udig_ring_buffer_status **ring_status, char *error)
 
void udig_free_ring (uint8_t *addr, uint32_t size)
 
void udig_free_ring_descriptors (uint8_t *addr)
 

Detailed Description

Macro Definition Documentation

◆ IN

#define IN

Definition at line 526 of file scap.h.

◆ MAX_CREDENTIALS_STR_LEN

#define MAX_CREDENTIALS_STR_LEN   256

Definition at line 427 of file scap.h.

◆ OUT

#define OUT

Definition at line 527 of file scap.h.

◆ SCAP_EOF

#define SCAP_EOF   6

Definition at line 77 of file scap.h.

◆ SCAP_FAILURE

#define SCAP_FAILURE   1

Definition at line 72 of file scap.h.

◆ SCAP_ILLEGAL_INPUT

#define SCAP_ILLEGAL_INPUT   3

Definition at line 74 of file scap.h.

◆ SCAP_INPUT_TOO_SMALL

#define SCAP_INPUT_TOO_SMALL   5

Definition at line 76 of file scap.h.

◆ SCAP_IPV6_ADDR_LEN

#define SCAP_IPV6_ADDR_LEN   16

Definition at line 339 of file scap.h.

◆ SCAP_LASTERR_SIZE

#define SCAP_LASTERR_SIZE   256

Definition at line 85 of file scap.h.

◆ SCAP_MAX_ARGS_SIZE

#define SCAP_MAX_ARGS_SIZE   4096

Definition at line 114 of file scap.h.

◆ SCAP_MAX_CGROUPS_SIZE

#define SCAP_MAX_CGROUPS_SIZE   4096

Definition at line 116 of file scap.h.

◆ SCAP_MAX_ENV_SIZE

#define SCAP_MAX_ENV_SIZE   4096

Definition at line 115 of file scap.h.

◆ SCAP_MAX_PATH_SIZE

#define SCAP_MAX_PATH_SIZE   1024

Definition at line 113 of file scap.h.

◆ SCAP_MAX_SUPPRESSED_COMMS

#define SCAP_MAX_SUPPRESSED_COMMS   32

Definition at line 117 of file scap.h.

◆ SCAP_NOT_SUPPORTED

#define SCAP_NOT_SUPPORTED   9

Definition at line 80 of file scap.h.

◆ SCAP_NOTFOUND

#define SCAP_NOTFOUND   4

Definition at line 75 of file scap.h.

◆ SCAP_SUCCESS

#define SCAP_SUCCESS   0

Definition at line 71 of file scap.h.

◆ SCAP_TIMEOUT

#define SCAP_TIMEOUT   -1

Definition at line 73 of file scap.h.

◆ SCAP_UNEXPECTED_BLOCK

#define SCAP_UNEXPECTED_BLOCK   7

Definition at line 78 of file scap.h.

◆ SCAP_VERSION_MISMATCH

#define SCAP_VERSION_MISMATCH   8

Definition at line 79 of file scap.h.

◆ UDIG_RING_DESCS_SM_FNAME

#define UDIG_RING_DESCS_SM_FNAME   "udig_descs"

Definition at line 533 of file scap.h.

◆ UDIG_RING_SIZE

#define UDIG_RING_SIZE   (8 * 1024 * 1024)

Definition at line 534 of file scap.h.

◆ UDIG_RING_SM_FNAME

#define UDIG_RING_SM_FNAME   "udig_buf"

Definition at line 532 of file scap.h.

◆ USERBLOCK_TYPE_GROUP

#define USERBLOCK_TYPE_GROUP   1

Definition at line 429 of file scap.h.

◆ USERBLOCK_TYPE_USER

#define USERBLOCK_TYPE_USER   0

Definition at line 428 of file scap.h.

Typedef Documentation

◆ compression_mode

typedef enum compression_mode compression_mode

Indicates the compression type used when writing a tracefile.

◆ event_direction

typedef enum event_direction event_direction

Indicates if an event is an enter one or an exit one.

◆ evt_param_info

typedef struct evt_param_info evt_param_info

Information about the parameter of an event.

◆ ppm_ring_buffer_info

typedef struct ppm_ring_buffer_info ppm_ring_buffer_info

Definition at line 547 of file scap.h.

◆ proc_entry_callback

typedef void(* proc_entry_callback) (void *context, scap_t *handle, int64_t tid, scap_threadinfo *tinfo, scap_fdinfo *fdinfo)

Definition at line 263 of file scap.h.

◆ scap_addrlist

typedef struct scap_addrlist scap_addrlist

List of the machine network interfaces.

◆ scap_dump_flags

typedef enum scap_dump_flags scap_dump_flags

Flags for scap_dump.

◆ scap_dumper_t

typedef struct scap_dumper scap_dumper_t

Definition at line 509 of file scap.h.

◆ scap_evt

typedef struct ppm_evt_hdr scap_evt

Definition at line 54 of file scap.h.

◆ scap_fd_type

typedef enum scap_fd_type scap_fd_type

File Descriptor type.

◆ scap_fdinfo

typedef struct scap_fdinfo scap_fdinfo

Information about a file descriptor.

◆ scap_groupinfo

typedef struct scap_groupinfo scap_groupinfo

Information about one of the machine user groups.

◆ scap_ifinfo_ipv4

typedef struct scap_ifinfo_ipv4 scap_ifinfo_ipv4

IPv4 interface address information.

◆ scap_ifinfo_ipv4_nolinkspeed

typedef struct scap_ifinfo_ipv4_nolinkspeed scap_ifinfo_ipv4_nolinkspeed

For backward compatibility only.

◆ scap_ifinfo_ipv6

typedef struct scap_ifinfo_ipv6 scap_ifinfo_ipv6

IPv6 interface address information.

◆ scap_ifinfo_ipv6_nolinkspeed

typedef struct scap_ifinfo_ipv6_nolinkspeed scap_ifinfo_ipv6_nolinkspeed

For backword compatibility only.

◆ scap_ifinfo_type

typedef enum scap_ifinfo_type scap_ifinfo_type

Interface address type.

◆ scap_l4_proto

typedef enum scap_l4_proto scap_l4_proto

Socket type / transport protocol.

◆ scap_machine_info

typedef struct _scap_machine_info scap_machine_info

Machine information.

◆ scap_open_args

typedef struct scap_open_args scap_open_args

◆ scap_os_platform

typedef enum scap_os_platform scap_os_platform

The OS on which the capture was made.

◆ scap_stats

typedef struct scap_stats scap_stats

Statistics about an in progress capture.

◆ scap_t

typedef struct scap scap_t

Definition at line 53 of file scap.h.

◆ scap_threadinfo

typedef struct scap_threadinfo scap_threadinfo

Process information.

◆ scap_userinfo

typedef struct scap_userinfo scap_userinfo

Information about one of the machine users.

◆ scap_userlist

typedef struct scap_userlist scap_userlist

List of the machine users and groups.

Enumeration Type Documentation

◆ compression_mode

enum compression_mode

Indicates the compression type used when writing a tracefile.

Enumerator
SCAP_COMPRESSION_NONE 
SCAP_COMPRESSION_GZIP 

Definition at line 492 of file scap.h.

493 {
494  SCAP_COMPRESSION_NONE = 0,
495  SCAP_COMPRESSION_GZIP = 1
496 }compression_mode;

◆ event_direction

enum event_direction

Indicates if an event is an enter one or an exit one.

Enumerator
SCAP_ED_IN 
SCAP_ED_OUT 

Definition at line 483 of file scap.h.

484 {
485  SCAP_ED_IN = 0,
486  SCAP_ED_OUT = 1
487 }event_direction;

◆ scap_dump_flags

enum scap_dump_flags

Flags for scap_dump.

Enumerator
SCAP_DF_NONE 
SCAP_DF_STATE_ONLY 

The event should be used for state update but it should not be shown to the user

SCAP_DF_TRACER 

This event is a tracer.

Definition at line 501 of file scap.h.

502 {
503  SCAP_DF_NONE = 0,
504  SCAP_DF_STATE_ONLY = 1,
505  SCAP_DF_TRACER = (1 << 1)
507 }scap_dump_flags;

◆ scap_fd_type

enum scap_fd_type

File Descriptor type.

Enumerator
SCAP_FD_UNINITIALIZED 
SCAP_FD_UNKNOWN 
SCAP_FD_FILE 
SCAP_FD_DIRECTORY 
SCAP_FD_IPV4_SOCK 
SCAP_FD_IPV6_SOCK 
SCAP_FD_IPV4_SERVSOCK 
SCAP_FD_IPV6_SERVSOCK 
SCAP_FD_FIFO 
SCAP_FD_UNIX_SOCK 
SCAP_FD_EVENT 
SCAP_FD_UNSUPPORTED 
SCAP_FD_SIGNALFD 
SCAP_FD_EVENTPOLL 
SCAP_FD_INOTIFY 
SCAP_FD_TIMERFD 
SCAP_FD_NETLINK 
SCAP_FD_FILE_V2 

Definition at line 122 of file scap.h.

123 {
124  SCAP_FD_UNINITIALIZED = -1,
125  SCAP_FD_UNKNOWN = 0,
126  SCAP_FD_FILE = 1,
127  SCAP_FD_DIRECTORY = 2,
128  SCAP_FD_IPV4_SOCK = 3,
129  SCAP_FD_IPV6_SOCK = 4,
130  SCAP_FD_IPV4_SERVSOCK = 5,
131  SCAP_FD_IPV6_SERVSOCK = 6,
132  SCAP_FD_FIFO = 7,
133  SCAP_FD_UNIX_SOCK = 8,
134  SCAP_FD_EVENT = 9,
135  SCAP_FD_UNSUPPORTED = 10,
136  SCAP_FD_SIGNALFD = 11,
137  SCAP_FD_EVENTPOLL = 12,
138  SCAP_FD_INOTIFY = 13,
139  SCAP_FD_TIMERFD = 14,
140  SCAP_FD_NETLINK = 15,
141  SCAP_FD_FILE_V2 = 16
142 }scap_fd_type;

◆ scap_ifinfo_type

enum scap_ifinfo_type

Interface address type.

Enumerator
SCAP_II_UNKNOWN 
SCAP_II_IPV4 
SCAP_II_IPV6 
SCAP_II_IPV4_NOLINKSPEED 
SCAP_II_IPV6_NOLINKSPEED 

Definition at line 344 of file scap.h.

345 {
346  SCAP_II_UNKNOWN = 0,
347  SCAP_II_IPV4 = 1,
348  SCAP_II_IPV6 = 2,
349  SCAP_II_IPV4_NOLINKSPEED = 3,
350  SCAP_II_IPV6_NOLINKSPEED = 4,
351 }scap_ifinfo_type;

◆ scap_l4_proto

enum scap_l4_proto

Socket type / transport protocol.

Enumerator
SCAP_L4_UNKNOWN 

unknown protocol, likely caused by some parsing problem

SCAP_L4_NA 

protocol not available, because the fd is not a socket

SCAP_L4_TCP 
SCAP_L4_UDP 
SCAP_L4_ICMP 
SCAP_L4_RAW 

Raw socket.

Definition at line 147 of file scap.h.

148 {
149  SCAP_L4_UNKNOWN = 0,
150  SCAP_L4_NA = 1,
151  SCAP_L4_TCP = 2,
152  SCAP_L4_UDP = 3,
153  SCAP_L4_ICMP = 4,
154  SCAP_L4_RAW = 5,
155 }scap_l4_proto;

◆ scap_mode_t

enum scap_mode_t

Arguments for scap_open.

Enumerator
SCAP_MODE_NONE 

Default value that mostly exists so that sinsp can have a valid value before it is initialized.

SCAP_MODE_CAPTURE 

Read system call data from a capture file.

SCAP_MODE_LIVE 

Read system call data from the underlying operating system.

SCAP_MODE_NODRIVER 

Do not read system call data. If next is called, a dummy event is returned.

Definition at line 272 of file scap.h.

272  {
277  SCAP_MODE_NONE = 0,
281  SCAP_MODE_CAPTURE,
285  SCAP_MODE_LIVE,
290  SCAP_MODE_NODRIVER,
291 } scap_mode_t;

◆ scap_os_platform

enum scap_os_platform

The OS on which the capture was made.

Enumerator
SCAP_PFORM_UNKNOWN 
SCAP_PFORM_LINUX_I386 
SCAP_PFORM_LINUX_X64 
SCAP_PFORM_WINDOWS_I386 
SCAP_PFORM_WINDOWS_X64 

Definition at line 471 of file scap.h.

472 {
473  SCAP_PFORM_UNKNOWN = 0,
474  SCAP_PFORM_LINUX_I386 = 1,
475  SCAP_PFORM_LINUX_X64 = 2,
476  SCAP_PFORM_WINDOWS_I386 = 3,
477  SCAP_PFORM_WINDOWS_X64 = 4,
478 }scap_os_platform;

Function Documentation

◆ udig_alloc_ring()

int32_t udig_alloc_ring ( int *  ring_fd,
uint8_t **  ring,
uint32_t *  ringsize,
char *  error 
)

◆ udig_alloc_ring_descriptors()

int32_t udig_alloc_ring_descriptors ( int *  ring_descs_fd,
struct ppm_ring_buffer_info **  ring_info,
struct udig_ring_buffer_status **  ring_status,
char *  error 
)

◆ udig_free_ring()

void udig_free_ring ( uint8_t *  addr,
uint32_t  size 
)

◆ udig_free_ring_descriptors()

void udig_free_ring_descriptors ( uint8_t *  addr)
SCAP_ED_OUT
@ SCAP_ED_OUT
Definition: scap.h:486
event_direction
event_direction
Indicates if an event is an enter one or an exit one.
Definition: scap.h:483
SCAP_L4_ICMP
@ SCAP_L4_ICMP
Definition: scap.h:153
SCAP_COMPRESSION_NONE
@ SCAP_COMPRESSION_NONE
Definition: scap.h:494
SCAP_II_IPV6_NOLINKSPEED
@ SCAP_II_IPV6_NOLINKSPEED
Definition: scap.h:350
SCAP_DF_TRACER
@ SCAP_DF_TRACER
This event is a tracer.
Definition: scap.h:506
SCAP_FD_FIFO
@ SCAP_FD_FIFO
Definition: scap.h:132
SCAP_FD_DIRECTORY
@ SCAP_FD_DIRECTORY
Definition: scap.h:127
SCAP_L4_TCP
@ SCAP_L4_TCP
Definition: scap.h:151
scap_dump_flags
scap_dump_flags
Flags for scap_dump.
Definition: scap.h:501
SCAP_FD_UNKNOWN
@ SCAP_FD_UNKNOWN
Definition: scap.h:125
SCAP_FD_IPV6_SOCK
@ SCAP_FD_IPV6_SOCK
Definition: scap.h:129
SCAP_MODE_LIVE
@ SCAP_MODE_LIVE
Definition: scap.h:285
SCAP_FD_UNSUPPORTED
@ SCAP_FD_UNSUPPORTED
Definition: scap.h:135
compression_mode
compression_mode
Indicates the compression type used when writing a tracefile.
Definition: scap.h:492
SCAP_L4_UDP
@ SCAP_L4_UDP
Definition: scap.h:152
SCAP_DF_NONE
@ SCAP_DF_NONE
Definition: scap.h:503
SCAP_FD_NETLINK
@ SCAP_FD_NETLINK
Definition: scap.h:140
SCAP_FD_IPV6_SERVSOCK
@ SCAP_FD_IPV6_SERVSOCK
Definition: scap.h:131
SCAP_PFORM_UNKNOWN
@ SCAP_PFORM_UNKNOWN
Definition: scap.h:473
SCAP_L4_NA
@ SCAP_L4_NA
protocol not available, because the fd is not a socket
Definition: scap.h:150
SCAP_COMPRESSION_GZIP
@ SCAP_COMPRESSION_GZIP
Definition: scap.h:495
SCAP_II_UNKNOWN
@ SCAP_II_UNKNOWN
Definition: scap.h:346
SCAP_FD_EVENTPOLL
@ SCAP_FD_EVENTPOLL
Definition: scap.h:137
SCAP_MODE_NONE
@ SCAP_MODE_NONE
Definition: scap.h:277
SCAP_MODE_CAPTURE
@ SCAP_MODE_CAPTURE
Definition: scap.h:281
SCAP_PFORM_WINDOWS_I386
@ SCAP_PFORM_WINDOWS_I386
Definition: scap.h:476
SCAP_DF_STATE_ONLY
@ SCAP_DF_STATE_ONLY
Definition: scap.h:504
SCAP_II_IPV4
@ SCAP_II_IPV4
Definition: scap.h:347
scap_l4_proto
scap_l4_proto
Socket type / transport protocol.
Definition: scap.h:147
scap_mode_t
scap_mode_t
Arguments for scap_open.
Definition: scap.h:272
SCAP_ED_IN
@ SCAP_ED_IN
Definition: scap.h:485
SCAP_FD_UNIX_SOCK
@ SCAP_FD_UNIX_SOCK
Definition: scap.h:133
SCAP_FD_UNINITIALIZED
@ SCAP_FD_UNINITIALIZED
Definition: scap.h:124
SCAP_PFORM_WINDOWS_X64
@ SCAP_PFORM_WINDOWS_X64
Definition: scap.h:477
SCAP_II_IPV4_NOLINKSPEED
@ SCAP_II_IPV4_NOLINKSPEED
Definition: scap.h:349
SCAP_FD_FILE
@ SCAP_FD_FILE
Definition: scap.h:126
SCAP_FD_IPV4_SOCK
@ SCAP_FD_IPV4_SOCK
Definition: scap.h:128
SCAP_PFORM_LINUX_I386
@ SCAP_PFORM_LINUX_I386
Definition: scap.h:474
SCAP_MODE_NODRIVER
@ SCAP_MODE_NODRIVER
Definition: scap.h:290
SCAP_FD_IPV4_SERVSOCK
@ SCAP_FD_IPV4_SERVSOCK
Definition: scap.h:130
SCAP_L4_RAW
@ SCAP_L4_RAW
Raw socket.
Definition: scap.h:154
SCAP_FD_TIMERFD
@ SCAP_FD_TIMERFD
Definition: scap.h:139
SCAP_PFORM_LINUX_X64
@ SCAP_PFORM_LINUX_X64
Definition: scap.h:475
SCAP_II_IPV6
@ SCAP_II_IPV6
Definition: scap.h:348
scap_os_platform
scap_os_platform
The OS on which the capture was made.
Definition: scap.h:471
SCAP_FD_SIGNALFD
@ SCAP_FD_SIGNALFD
Definition: scap.h:136
SCAP_L4_UNKNOWN
@ SCAP_L4_UNKNOWN
unknown protocol, likely caused by some parsing problem
Definition: scap.h:149
scap_ifinfo_type
scap_ifinfo_type
Interface address type.
Definition: scap.h:344
scap_fd_type
scap_fd_type
File Descriptor type.
Definition: scap.h:122
SCAP_FD_EVENT
@ SCAP_FD_EVENT
Definition: scap.h:134
SCAP_FD_INOTIFY
@ SCAP_FD_INOTIFY
Definition: scap.h:138
SCAP_FD_FILE_V2
@ SCAP_FD_FILE_V2
Definition: scap.h:141
Generated by   doxygen 1.8.17