From 95a63cfd5940b34ebde1c5ab0250cdab3c11918e Mon Sep 17 00:00:00 2001
From: "Simson L. Garfinkel" <simsong@acm.org>
Date: Mon, 22 Apr 2013 19:40:21 -0400
Subject: [PATCH] minor updates

---
 TODO.txt          | 44 +++++++-------------------------------------
 src/be13_api      |  2 +-
 src/datalink.cpp  |  2 ++
 tests/Makefile.am | 10 ++++++++++
 4 files changed, 20 insertions(+), 38 deletions(-)

diff --git a/TODO.txt b/TODO.txt
index 87a1f1d5..b5cc51a6 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -2,54 +2,21 @@ Accomplished for 1.4:
 
 + update tcpip structure to indicate if a SYN was seen; If packets arrive before the beginning of the connection and a SYN was not seen, insert in the beginning of the file.
 + remove syn_set from store_packet. Make sure that it's called when we know the packet offset.
++ discover and create MIME objects.
++ Regression testing by randomizing packet order and making sure that the results are the same.
  
 ================================================================
 
-- discover and create MIME objects.
-- Run a subprocess when each file is opened or closed.
-- Regression testing by randomizing packet order and making sure that the results are the same.
 ================
-Here is my currently plan for the plugin approach:
+Here is an idea currently plan for the plugin approach:
 
 -Ps "command"   --- Run command at the start of each flow; pipe the flow to stdin
 -Pe "command"   --- Run command at the end of each flow; pipe the flow to stdin (from the file)
 -PE "command"  ---  Run command at the end of each flow, but do not pipe flow to stdin
 
-Substitution options for command:
-
-%t - time_t of the flow start
-%T - ISO8601 time for the flow start
-%s - source IP address
-%S - source Port
-%d - destination IP address
-%D - destination IP port
-%l - length of the flow (only useful for -Pe, of course)
-%f - filename of the flow 
-
 ================================================================
-PDF generation for reporting. Options for generating PDF files include:
-Question discussed:
-  http://stackoverflow.com/questions/58730/open-source-pdf-library-for-c-c-application
-  http://stackoverflow.com/questions/177/how-do-i-programmatically-create-a-pdf-in-my-net-application
-JagPDF - http://www.jagpdf.org - current version 1.4.0 (7 October 2009)
-Haru Free PDF Library - http://sourceforge.net/projects/libharu/ - 2011-06-14
-muPdf - http://mupdf.com
-PoDoFo - http://podofo.sourceforge.net - 0.9.1 - April 26th, 2011
-   - requires cppunit (optional)
-     freetype2
-     fontconfig (Linux/Unix only)
-     libjpeg (optional)
-     libtiff (optional)
-     libpng (optional)
-     Lua 5.1 (optional, only for podofoimpose Lua imposition plans)
-     zlib
-
-Cairo - http://en.wikipedia.org/wiki/Cairo_(graphics) 
-  - Generates more than PDFs!
-  - Support for hardware acceleration
-  - http://cairographics.org
+Other programs to look at:
 
-================================================================
  http://net.doit.wisc.edu/~plonka/FlowScan/ 
  http://ant.isi.edu/wiv2012/program.html
 ================
@@ -127,3 +94,6 @@ On retransmit:
 ================================================================
 tcpdemux.cpp: - explore elimination of unnecessary copy of flow() structure by creating a 'new flow'
 in tcpdemux::create_tcpip() and passing a pointer to the newly created. 
+================================================================
+Current crasher:
+run -o out-e4 -e netviz -x tcpdemux -r /corp/caida/packets/equinix-sanjose.dirA.20120606-235200.UTC.anon.pcap 
diff --git a/src/be13_api b/src/be13_api
index 42ea8f07..bdad4838 160000
--- a/src/be13_api
+++ b/src/be13_api
@@ -1 +1 @@
-Subproject commit 42ea8f07f1237a78d00c9929e46fffe8b82800db
+Subproject commit bdad48382f5173d5c6934800820dc5ee3dda121f
diff --git a/src/datalink.cpp b/src/datalink.cpp
index 3fb50bf4..6620cb4e 100644
--- a/src/datalink.cpp
+++ b/src/datalink.cpp
@@ -65,6 +65,7 @@ void dl_null(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
 }
 #pragma GCC diagnostic warning "-Wcast-align"
 
+uint64_t counter=0;
 /* DLT_RAW: just a raw IP packet, no encapsulation or link-layer
  * headers.  Used for PPP connections under some OSs including Linux
  * and IRIX. */
@@ -76,6 +77,7 @@ void dl_raw(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
     }
     struct timeval tv;
     be13::packet_info pi(DLT_RAW,h,p,tvshift(tv,h->ts),p, h->caplen);
+    counter++;
     process_packet_info(pi);
 }
 
diff --git a/tests/Makefile.am b/tests/Makefile.am
index aedd2c00..c0a521cb 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1,3 +1,13 @@
+#
+# About the tests:
+#
+# test1.sh - 
+# test2.sh - 
+# test3.sh - 
+
+# About the test files:
+#
+
 EXTRA_DIST = test1.sh test1.pcap test2.pcap test3.pcap test4.pcap  \
 	test-pdfs.sh test-multifile.sh