Function pfwl_dissect_L7

Function Documentation

pfwl_status_t pfwl_dissect_L7(pfwl_state_t *state, const unsigned char *pkt, size_t length, pfwl_dissection_info_t *dissection_info, pfwl_flow_info_private_t *flow_info_private)

Extracts from the packet the L7 information. Before calling it, a check on L4 protocol should be done and the function should be called only if the packet is TCP or UDP. It should be used if the application already called pfwl_dissect_L4 or if the application already has the concept of ‘flow’. In this case the first time that the flow is passed to the call, flow_info_private must be initialized with pfwl_init_flow_info(…) and stored with the flow already present in the application. With this call, information in dissection_info->flow are only set for L7 packets and bytes.

Return

The status of the identification process.

Parameters

  • state: The pointer to the library state.

  • pkt: The pointer to the beginning of application data.

  • length: Length of the packet (from the beginning of the L7 header).

  • dissection_info: The result of the dissection. Bytes of dissection_info.l7 must be set to 0 before calling this call. Dissection information about L3 and L4 headers must be filled in by the caller. Dissection information about L7 packet will be filled in by this call.

  • flow_info_private: The private information about the flow. It must be stored by the user and itialized with the pfwl_init_flow_info(…) call.