This is INTERNALS, produced by makeinfo version 4.7 from
INTERNALS.texinfo.

   The starting function `main' is in the file `tcpick.c'.
Command-line arguments are parsed by `parse_args' (`args.c').

   The packet capture engine is powered by the pcap library, that
handles, with the function `pcap_loop' the callback loop function
`got_packet' (`loop.c').

   When a packet has been captured by `pcap_loop' it will be calculated
the offset of the ip header (`ippacket'), the offset of the tcp header
(`tcppacket'). Finally the function `verify' (`verify.c') will be
called to analyze the packet.

   Packet offset and size are declared globally (`extern.h' and
`globals.h') not to allocate the stack every time a function that works
on the packet is called

   The source code that contains the function `verify' begins with
several `#define''s used to verify if a sniffed packet match an
inizialized connection (or else if it creates a new one).

   All connections tracked are stored in a linked list (i hope I will be
able to replace it with an efficient balanced tree).

   The `struct host_descriptor_t' describes one side of the tcp
connection (the server or the client). The function `verify' detects
the changes of the status of the tracked connection and update it with
the function `status_switch' (`tracker.c'), that calls the function
`display_status' to notify the user of this change and deletes the
connection if it is `CLOSED'

   When data are transmitted (`IS_DATA_FLOW') the function
`established_packet' (`verify.c') is called.  This function detects if
the packet is an acknowledgment one or a data one.  Unacknowledged data
packets are stored in a linked-list by the function `addfr'
(`fragments.c').  When data are acknowledged by a `ack', the function
`flush_ack' (`fragments.c') is called.

   In `flush_ack' acknowledged data are flushed to an output stream
(display or file) by the function `wrebuild' (`write.c').

   The function `out_flavour' (`write.c') is used to select the format
of the data wished by the user.