Data Structures
Here are the data structures with brief descriptions:| __CPU_Private_Data | Kernel buffer of each CPU |
| _DEVICE_EXTENSION | Port device extension |
| _INTERNAL_REQUEST | Stores an OID request |
| _OPEN_INSTANCE | Contains the state of a running instance of the NPF driver |
| _PACKET_OID_DATA | Structure containing an OID request |
| _PACKET_RESERVED | Contains a NDIS packet |
| active_pars | |
| activehosts | Keeps a list of all the opened connections in the active mode |
| binary_stream | A stream of X86 binary code |
| daemon_slpars | Structure that keeps the parameters needed by the daemon_serviceloop() function |
| JIT_BPF_Filter | Structure describing a x86 filtering program created by the jitter |
| packet_file_header | Header of a libpcap dump file |
| PacketHeader | Structure prepended to each packet in the kernel buffer pool |
| pcap_addr | Representation of an interface address, used by pcap_findalldevs() |
| pcap_file_header | Header of a libpcap dump file |
| pcap_if | Item in a list of interfaces, used by pcap_findalldevs() |
| pcap_pkthdr | Header of a packet in the dump file |
| pcap_rmtauth | This structure keeps the information needed to autheticate the user on a remote machine |
| pcap_samp | This structure defines the information related to sampling |
| pcap_send_queue | A queue of raw packets that will be sent to the network with pcap_sendqueue_transmit() |
| pcap_stat | Structure that keeps statistical values on an interface |
| rpcap_auth | Structure that keeps the data required for the authentication on the remote host |
| rpcap_filter | General header used for the pcap_setfilter() command; keeps just the number of BPF instructions |
| rpcap_filterbpf_insn | Structure that keeps a single BPF instuction; it is repeated 'ninsn' times according to the 'rpcap_filterbpf' header |
| rpcap_findalldevs_if | Format of the message for the interface description (findalldevs command) |
| rpcap_findalldevs_ifaddr | Format of the message for the address listing (findalldevs command) |
| rpcap_header | Common header for all the RPCAP messages |
| rpcap_openreply | Format of the message of the connection opening reply (open command) |
| rpcap_pkthdr | Format of the header which encapsulates captured packets when transmitted on the network |
| rpcap_sampling | Structure that is needed to set sampling parameters |
| rpcap_startcapreply | Format of the reply message that devoted to start a remote capture (startcap reply command) |
| rpcap_startcapreq | Format of the message that starts a remote capture (startcap command) |
| rpcap_stats | Structure that keeps the statistics about the number of packets captured, dropped, etc |
| sf_pkthdr | Header associated to a packet in the driver's buffer when the driver is in dump mode. Similar to the bpf_hdr structure, but simpler |