hgf/qt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
qt/ledset/WpdPack_4_1_2/docs/html/group__wpcapsamps.html
2022-08-25 18:43:03 +08:00

501 lines
30 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<title>WinPcap: Using WinPcap in your programs</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<link href="style.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<!-- Generated by Doxygen 1.6.1 -->
<div class="navigation" id="top">
<div class="tabs">
<ul>
<li><a href="main.html"><span>Main&nbsp;Page</span></a></li>
<li><a href="pages.html"><span>Related&nbsp;Pages</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
<li><a href="annotated.html"><span>Data&nbsp;Structures</span></a></li>
<li><a href="files.html"><span>Files</span></a></li>
</ul>
</div>
</div>
<div class="contents">
<h1>Using WinPcap in your programs<br/>
<small>
[<a class="el" href="group__wpcap.html">WinPcap user's manual</a>]</small>
</h1><table border="0" cellpadding="0" cellspacing="0">
</table>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title></title>
</head>
<body>
<h2>Creating an application that uses <i>wpcap.dll</i></h2>
<p>To create an application that uses <i>wpcap.dll</i> with Microsoft Visual C++,
follow these
steps:</p>
<ul>
<li>Include the file <i>pcap.h</i> at the beginning of every source file that
uses the functions exported by library.</li>
<li>If your program uses Win32 specific functions of WinPcap, remember to include <i>WPCAP</i>
among the preprocessor definitions.</li>
<li>If your program uses the remote capture capabilities of WinPcap, add <i>
HAVE_REMOTE</i> among the preprocessor definitions. Do <i>not</i> include
remote-ext.h directly in your source files.<li>Set the options of the linker to include the <i>wpcap.lib</i> library
file specific for your target (x86 or x64). <i>wpcap.lib</i> for x86 can be
found in the \lib folder of the WinPcap developer's
pack, <i>wpcap.lib</i> for x64 can
be found in the \lib\x64 folder.<li>Set the options of the linker to include the winsock library file<i>
ws2_32.lib</i>. This file is distributed with the C compiler
and contains the socket functions for Windows. It is needed by some
functions used by the samples in the tutorial.</li>
</ul>
<p><b>How to properly set Microsoft Visual Studio<br>
<br>
</b><i>Visual Studio 6</i></p>
<ul>
<li>To add a preprocessor definition, you must select <em>Settings</em> from the <em>Project</em> menu, then select <em>C/C++</em>
from the tab control, and under the category <i>General</i>, you must add
the definition under the Preprocessor Definitions text box.
<li>To add a new library to the project with Microsoft Visual C++, you must
select <em>Settings</em> from the <em>Project</em> menu, then select <em>Link</em>
from the tab control, and then add the name of the new library in the <em>Object/library
modules</em> editbox.
<li>To add a new path where Microsoft Visual C++ will look for the libraries,
you must select <em>Options</em> from the <em>Tools</em> menu, then <em>
Directories</em>
from the tab control, <em>Library files</em> from the <em>Show directories
for</em> combobox, and the add the path in the <em>Directories</em> box.
<li>To add a new path where Microsoft Visual C++ will look for include files, you must select <em>Options</em> from the <em>Tools</em> menu, then
<em>Directories</em>
from the tab control, <em>Include files</em> from the <em>Show directories
for</em> combobox, and the add the path in the <em>Directories</em> box.</li>
</ul>
<p><i>Visual Studio 2005 (needed to compile x64 applications)</i></p>
<ul>
<li>To add a preprocessor definition, you must select <em>Properties</em> from the <em>Project</em> menu, then select <em>C/C++</em>
from the list control on the left, and under the category <i>Preprocessor</i>, you must add
the definition under the <i>Preprocessor Definitions</i> text box.
<li>To add a new library to the project, you must
select <em>Properties</em> from the <em>Project</em> menu, then select <em>Linker</em>
from the list control on the left, and under the category <i>Input</i> add the name of the new library in the
<em>Additional Dependencies</em> text box.<li>To add a new path where Microsoft Visual
Studio will look for the libraries,
you must select <em>Options</em> from the <em>Tools</em> menu, then <em>
Project and Solutions</em> from the list control on the left, <em>VC++
Directories</em>, then choose <i>Library</i> <i>Files</i> in the <em>Show directories
for</em> combobox, and the add the path in the box below.
<li>To add a new path where Microsoft Visual
Studio will look for the include files,
you must select <em>Options</em> from the <em>Tools</em> menu, then <em>
Project and Solutions</em> from the list control on the left, <em>VC++
Directories</em>, then choose <i>Include</i> <i>Files</i> in the <em>Show directories
for</em> combobox, and the add the path in the box below.
</ul>
<p>&nbsp;</p>
<h2>Sample programs</h2>
<p>A couple of sample programs are provided to show the usage of the WinPcap API. The
source of the examples, along with all the files needed to compile and run them, can be found in the <a href="http://www.winpcap.org/install/bin">Developer's
Pack</a>.&nbsp; For didactic purpose we provide here a browsable version of the
code: it is possible to click on the variables and functions to jump the
documentation of each of them. For a more complete set of samples, try <a href="group__wpcap__tut.htm">WinPcap
Tutorial Section</a>.</p>
</body>
</html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title></title>
</head>
<body>
<h3>Packet Dump</h3>
<p>This program reads packets from a file or a network adapter, depending on
a command line switch. If a source is not provided, the program shows a list of
available adapters, one of which can be selected. Once the
capture is started, the program prints the timestamp, the length and the raw
contents of the packets. Once compiled, it will run on all the Win32 platforms. It
can be compiled to run on Unix as well (the makefile is provided).</p>
</body>
</html>
<div class="fragment"><pre class="fragment"><span class="comment">/*</span>
<span class="comment"> * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)</span>
<span class="comment"> * Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)</span>
<span class="comment"> * All rights reserved.</span>
<span class="comment"> *</span>
<span class="comment"> * Redistribution and use in source and binary forms, with or without</span>
<span class="comment"> * modification, are permitted provided that the following conditions</span>
<span class="comment"> * are met:</span>
<span class="comment"> *</span>
<span class="comment"> * 1. Redistributions of source code must retain the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer.</span>
<span class="comment"> * 2. Redistributions in binary form must reproduce the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer in the</span>
<span class="comment"> * documentation and/or other materials provided with the distribution.</span>
<span class="comment"> * 3. Neither the name of the Politecnico di Torino, CACE Technologies </span>
<span class="comment"> * nor the names of its contributors may be used to endorse or promote </span>
<span class="comment"> * products derived from this software without specific prior written </span>
<span class="comment"> * permission.</span>
<span class="comment"> *</span>
<span class="comment"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS</span>
<span class="comment"> * &quot;AS IS&quot; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR</span>
<span class="comment"> * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="comment"> * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="comment"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,</span>
<span class="comment"> * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY</span>
<span class="comment"> * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT</span>
<span class="comment"> * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE</span>
<span class="comment"> * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="comment"> *</span>
<span class="comment"> */</span>
<span class="preprocessor">#include &lt;stdlib.h&gt;</span>
<span class="preprocessor">#include &lt;stdio.h&gt;</span>
<span class="comment">//</span>
<span class="comment">// NOTE: remember to include WPCAP and HAVE_REMOTE among your</span>
<span class="comment">// preprocessor definitions.</span>
<span class="comment">//</span>
<span class="preprocessor">#include &lt;pcap.h&gt;</span>
<span class="preprocessor">#define LINE_LEN 16</span>
<span class="preprocessor"></span>
<span class="keywordtype">int</span> main(<span class="keywordtype">int</span> argc, <span class="keywordtype">char</span> **argv)
{
<a class="code" href="structpcap__if.html" title="Item in a list of interfaces, used by pcap_findalldevs().">pcap_if_t</a> *alldevs, *d;
<a class="code" href="group__wpcap__def.html#ga4711d025f83503ce692efa5e45ec60a7" title="Descriptor of an open capture instance. This structure is opaque to the user, that...">pcap_t</a> *fp;
u_int inum, i=0;
<span class="keywordtype">char</span> errbuf[<a class="code" href="group__wpcap__def.html#gacd448353957d92c98fccc29e1fc8d927" title="Size to use when allocating the buffer that contains the libpcap errors.">PCAP_ERRBUF_SIZE</a>];
<span class="keywordtype">int</span> res;
<span class="keyword">struct </span><a class="code" href="structpcap__pkthdr.html" title="Header of a packet in the dump file.">pcap_pkthdr</a> *header;
<span class="keyword">const</span> u_char *pkt_data;
printf(<span class="stringliteral">&quot;pktdump_ex: prints the packets of the network using WinPcap.\n&quot;</span>);
printf(<span class="stringliteral">&quot; Usage: pktdump_ex [-s source]\n\n&quot;</span>
<span class="stringliteral">&quot; Examples:\n&quot;</span>
<span class="stringliteral">&quot; pktdump_ex -s file://c:/temp/file.acp\n&quot;</span>
<span class="stringliteral">&quot; pktdump_ex -s rpcap://\\Device\\NPF_{C8736017-F3C3-4373-94AC-9A34B7DAD998}\n\n&quot;</span>);
<span class="keywordflow">if</span>(argc &lt; 3)
{
printf(<span class="stringliteral">&quot;\nNo adapter selected: printing the device list:\n&quot;</span>);
<span class="comment">/* The user didn&apos;t provide a packet source: Retrieve the local device list */</span>
<span class="keywordflow">if</span> (<a class="code" href="group__wpcapfunc.html#ga98f36e62c95c6ad81eaa8b2bbeb8f16e" title="Create a list of network devices that can be opened with pcap_open().">pcap_findalldevs_ex</a>(<a class="code" href="group__remote__source__string.html#ga6d7103b8a7e1eca8c325bd8f32c361c3" title="String that will be used to determine the type of source in use (file, remote/local...">PCAP_SRC_IF_STRING</a>, NULL, &amp;alldevs, errbuf) == -1)
{
fprintf(stderr,<span class="stringliteral">&quot;Error in pcap_findalldevs_ex: %s\n&quot;</span>, errbuf);
<span class="keywordflow">return</span> -1;
}
<span class="comment">/* Print the list */</span>
<span class="keywordflow">for</span>(d=alldevs; d; d=d-&gt;<a class="code" href="structpcap__if.html#a81508e6e4e41ca4235c8d6b51913c536" title="if not NULL, a pointer to the next element in the list; NULL for the last element...">next</a>)
{
printf(<span class="stringliteral">&quot;%d. %s\n &quot;</span>, ++i, d-&gt;<a class="code" href="structpcap__if.html#a5ac083a645d964373f022d03df4849c8" title="a pointer to a string giving a name for the device to pass to pcap_open_live()">name</a>);
<span class="keywordflow">if</span> (d-&gt;<a class="code" href="structpcap__if.html#a8444d6e0dfe2bbab0b5e7b24308f1559" title="if not NULL, a pointer to a string giving a human-readable description of the device...">description</a>)
printf(<span class="stringliteral">&quot; (%s)\n&quot;</span>, d-&gt;<a class="code" href="structpcap__if.html#a8444d6e0dfe2bbab0b5e7b24308f1559" title="if not NULL, a pointer to a string giving a human-readable description of the device...">description</a>);
<span class="keywordflow">else</span>
printf(<span class="stringliteral">&quot; (No description available)\n&quot;</span>);
}
<span class="keywordflow">if</span> (i==0)
{
fprintf(stderr,<span class="stringliteral">&quot;No interfaces found! Exiting.\n&quot;</span>);
<span class="keywordflow">return</span> -1;
}
printf(<span class="stringliteral">&quot;Enter the interface number (1-%d):&quot;</span>,i);
scanf_s(<span class="stringliteral">&quot;%d&quot;</span>, &amp;inum);
<span class="keywordflow">if</span> (inum &lt; 1 || inum &gt; i)
{
printf(<span class="stringliteral">&quot;\nInterface number out of range.\n&quot;</span>);
<span class="comment">/* Free the device list */</span>
<a class="code" href="group__wpcapfunc.html#ga346b4b0b7fd1cda4abb9a39f767dbeb1" title="Free an interface list returned by pcap_findalldevs().">pcap_freealldevs</a>(alldevs);
<span class="keywordflow">return</span> -1;
}
<span class="comment">/* Jump to the selected adapter */</span>
<span class="keywordflow">for</span> (d=alldevs, i=0; i&lt; inum-1 ;d=d-&gt;<a class="code" href="structpcap__if.html#a81508e6e4e41ca4235c8d6b51913c536" title="if not NULL, a pointer to the next element in the list; NULL for the last element...">next</a>, i++);
<span class="comment">/* Open the device */</span>
<span class="keywordflow">if</span> ( (fp= <a class="code" href="group__wpcapfunc.html#ga2b64c7b6490090d1d37088794f1f1791" title="Open a generic source in order to capture / send (WinPcap only) traffic.">pcap_open</a>(d-&gt;<a class="code" href="structpcap__if.html#a5ac083a645d964373f022d03df4849c8" title="a pointer to a string giving a name for the device to pass to pcap_open_live()">name</a>,
100 <span class="comment">/*snaplen*/</span>,
<a class="code" href="group__remote__open__flags.html#ga9134ce51a9a6a7d497c3dee5affdc3b9" title="Defines if the adapter has to go in promiscuous mode.">PCAP_OPENFLAG_PROMISCUOUS</a> <span class="comment">/*flags*/</span>,
20 <span class="comment">/*read timeout*/</span>,
NULL <span class="comment">/* remote authentication */</span>,
errbuf)
) == NULL)
{
fprintf(stderr,<span class="stringliteral">&quot;\nError opening adapter\n&quot;</span>);
<span class="keywordflow">return</span> -1;
}
}
<span class="keywordflow">else</span>
{
<span class="comment">// Do not check for the switch type (&apos;-s&apos;)</span>
<span class="keywordflow">if</span> ( (fp= <a class="code" href="group__wpcapfunc.html#ga2b64c7b6490090d1d37088794f1f1791" title="Open a generic source in order to capture / send (WinPcap only) traffic.">pcap_open</a>(argv[2],
100 <span class="comment">/*snaplen*/</span>,
<a class="code" href="group__remote__open__flags.html#ga9134ce51a9a6a7d497c3dee5affdc3b9" title="Defines if the adapter has to go in promiscuous mode.">PCAP_OPENFLAG_PROMISCUOUS</a> <span class="comment">/*flags*/</span>,
20 <span class="comment">/*read timeout*/</span>,
NULL <span class="comment">/* remote authentication */</span>,
errbuf)
) == NULL)
{
fprintf(stderr,<span class="stringliteral">&quot;\nError opening source: %s\n&quot;</span>, errbuf);
<span class="keywordflow">return</span> -1;
}
}
<span class="comment">/* Read the packets */</span>
<span class="keywordflow">while</span>((res = <a class="code" href="group__wpcapfunc.html#ga439439c2eae61161dc1efb1e03a81133" title="Read a packet from an interface or from an offline capture.">pcap_next_ex</a>( fp, &amp;header, &amp;pkt_data)) &gt;= 0)
{
<span class="keywordflow">if</span>(res == 0)
<span class="comment">/* Timeout elapsed */</span>
<span class="keywordflow">continue</span>;
<span class="comment">/* print pkt timestamp and pkt len */</span>
printf(<span class="stringliteral">&quot;%ld:%ld (%ld)\n&quot;</span>, header-&gt;<a class="code" href="structpcap__pkthdr.html#a21be78b2818c91cb205885b8a6f5aed8" title="time stamp">ts</a>.tv_sec, header-&gt;<a class="code" href="structpcap__pkthdr.html#a21be78b2818c91cb205885b8a6f5aed8" title="time stamp">ts</a>.tv_usec, header-&gt;<a class="code" href="structpcap__pkthdr.html#a728f264db4f5cc304742565a2bcdbeea" title="length this packet (off wire)">len</a>);
<span class="comment">/* Print the packet */</span>
<span class="keywordflow">for</span> (i=1; (i &lt; header-&gt;<a class="code" href="structpcap__pkthdr.html#aac5771ed2efd92508bb4fe650f2ce7d7" title="length of portion present">caplen</a> + 1 ) ; i++)
{
printf(<span class="stringliteral">&quot;%.2x &quot;</span>, pkt_data[i-1]);
<span class="keywordflow">if</span> ( (i % LINE_LEN) == 0) printf(<span class="stringliteral">&quot;\n&quot;</span>);
}
printf(<span class="stringliteral">&quot;\n\n&quot;</span>);
}
<span class="keywordflow">if</span>(res == -1)
{
fprintf(stderr, <span class="stringliteral">&quot;Error reading the packets: %s\n&quot;</span>, <a class="code" href="group__wpcapfunc.html#ga81305cb154e4497e95bbb9b708631a3a" title="return the error text pertaining to the last pcap library error.">pcap_geterr</a>(fp));
<span class="keywordflow">return</span> -1;
}
<span class="keywordflow">return</span> 0;
}
</pre></div><html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title></title>
</head>
<body>
<h3>Packet Filter</h3>
<p>This is a more complete example of libpcap usage. It shows, among other
things, how to create and set filters and how to save a capture to disk. It can
be compiled under Win32 or Unix (projects and makefiles are provided).
Pcap_filter (pf.exe) is a general-purpose packet filtering application: its
input parameters are a source of packets (it can be a physical interface or a
file), a filter and an output file. It takes packets from the source until
CTRL+C is pressed or the whole file is processed, applies the filter to the
incoming packets and saves them to the output file if they satisfy the filter.
Pcap_filter can be used to dump network data according to a particular filter,
but also to extract a set of packets from a previously saved file. The format of
both input and output files is the format used by libpcap, i.e. same of WinDump, tcpdump
and many other network tools.</p>
</body>
</html>
<div class="fragment"><pre class="fragment"><span class="comment">/*</span>
<span class="comment"> * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)</span>
<span class="comment"> * Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)</span>
<span class="comment"> * All rights reserved.</span>
<span class="comment"> *</span>
<span class="comment"> * Redistribution and use in source and binary forms, with or without</span>
<span class="comment"> * modification, are permitted provided that the following conditions</span>
<span class="comment"> * are met:</span>
<span class="comment"> *</span>
<span class="comment"> * 1. Redistributions of source code must retain the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer.</span>
<span class="comment"> * 2. Redistributions in binary form must reproduce the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer in the</span>
<span class="comment"> * documentation and/or other materials provided with the distribution.</span>
<span class="comment"> * 3. Neither the name of the Politecnico di Torino, CACE Technologies </span>
<span class="comment"> * nor the names of its contributors may be used to endorse or promote </span>
<span class="comment"> * products derived from this software without specific prior written </span>
<span class="comment"> * permission.</span>
<span class="comment"> *</span>
<span class="comment"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS</span>
<span class="comment"> * &quot;AS IS&quot; AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR</span>
<span class="comment"> * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="comment"> * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="comment"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,</span>
<span class="comment"> * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY</span>
<span class="comment"> * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT</span>
<span class="comment"> * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE</span>
<span class="comment"> * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="comment"> *</span>
<span class="comment"> */</span>
<span class="preprocessor">#include &lt;stdlib.h&gt;</span>
<span class="preprocessor">#include &lt;stdio.h&gt;</span>
<span class="preprocessor">#include &lt;pcap.h&gt;</span>
<span class="preprocessor">#define MAX_PRINT 80</span>
<span class="preprocessor"></span><span class="preprocessor">#define MAX_LINE 16</span>
<span class="preprocessor"></span>
<span class="keywordtype">void</span> usage();
<span class="keywordtype">void</span> main(<span class="keywordtype">int</span> argc, <span class="keywordtype">char</span> **argv)
{
<a class="code" href="group__wpcap__def.html#ga4711d025f83503ce692efa5e45ec60a7" title="Descriptor of an open capture instance. This structure is opaque to the user, that...">pcap_t</a> *fp;
<span class="keywordtype">char</span> errbuf[<a class="code" href="group__wpcap__def.html#gacd448353957d92c98fccc29e1fc8d927" title="Size to use when allocating the buffer that contains the libpcap errors.">PCAP_ERRBUF_SIZE</a>];
<span class="keywordtype">char</span> *source=NULL;
<span class="keywordtype">char</span> *ofilename=NULL;
<span class="keywordtype">char</span> *filter=NULL;
<span class="keywordtype">int</span> i;
<a class="code" href="group__wpcap__def.html#gab8c7858aa3a7e3158d9d58cb113a2ae8" title="libpcap savefile descriptor.">pcap_dumper_t</a> *dumpfile;
<span class="keyword">struct </span>bpf_program fcode;
<a class="code" href="group__wpcap__def.html#ga37fdbc8313e90fb2041203a2e40cd482" title="32-bit unsigned integer">bpf_u_int32</a> NetMask;
<span class="keywordtype">int</span> res;
<span class="keyword">struct </span><a class="code" href="structpcap__pkthdr.html" title="Header of a packet in the dump file.">pcap_pkthdr</a> *header;
<span class="keyword">const</span> u_char *pkt_data;
<span class="keywordflow">if</span> (argc == 1)
{
usage();
<span class="keywordflow">return</span>;
}
<span class="keywordflow">for</span>(i=1;i &lt; argc; i+= 2)
{
<span class="keywordflow">switch</span> (argv[i] [1])
{
<span class="keywordflow">case</span> <span class="charliteral">&apos;s&apos;</span>:
{
source=argv[i+1];
};
<span class="keywordflow">break</span>;
<span class="keywordflow">case</span> <span class="charliteral">&apos;o&apos;</span>:
{
ofilename=argv[i+1];
};
<span class="keywordflow">break</span>;
<span class="keywordflow">case</span> <span class="charliteral">&apos;f&apos;</span>:
{
filter=argv[i+1];
};
<span class="keywordflow">break</span>;
}
}
<span class="comment">// open a capture from the network</span>
<span class="keywordflow">if</span> (source != NULL)
{
<span class="keywordflow">if</span> ( (fp= <a class="code" href="group__wpcapfunc.html#ga2b64c7b6490090d1d37088794f1f1791" title="Open a generic source in order to capture / send (WinPcap only) traffic.">pcap_open</a>(source,
1514 <span class="comment">/*snaplen*/</span>,
<a class="code" href="group__remote__open__flags.html#ga9134ce51a9a6a7d497c3dee5affdc3b9" title="Defines if the adapter has to go in promiscuous mode.">PCAP_OPENFLAG_PROMISCUOUS</a> <span class="comment">/*flags*/</span>,
20 <span class="comment">/*read timeout*/</span>,
NULL <span class="comment">/* remote authentication */</span>,
errbuf)
) == NULL)
{
fprintf(stderr,<span class="stringliteral">&quot;\nUnable to open the adapter.\n&quot;</span>);
<span class="keywordflow">return</span>;
}
}
<span class="keywordflow">else</span> usage();
<span class="keywordflow">if</span> (filter != NULL)
{
<span class="comment">// We should loop through the adapters returned by the pcap_findalldevs_ex()</span>
<span class="comment">// in order to locate the correct one.</span>
<span class="comment">//</span>
<span class="comment">// Let&apos;s do things simpler: we suppose to be in a C class network ;-)</span>
NetMask=0xffffff;
<span class="comment">//compile the filter</span>
<span class="keywordflow">if</span>(<a class="code" href="group__wpcapfunc.html#ga363bdc6f6b39b4979ddcf15ecb830c5c" title="Compile a packet filter, converting an high level filtering expression (see Filtering...">pcap_compile</a>(fp, &amp;fcode, filter, 1, NetMask) &lt; 0)
{
fprintf(stderr,<span class="stringliteral">&quot;\nError compiling filter: wrong syntax.\n&quot;</span>);
<span class="keywordflow">return</span>;
}
<span class="comment">//set the filter</span>
<span class="keywordflow">if</span>(<a class="code" href="group__wpcapfunc.html#gaf5f9cfe85dad0967ff607e5159b1ba61" title="Associate a filter to a capture.">pcap_setfilter</a>(fp, &amp;fcode)&lt;0)
{
fprintf(stderr,<span class="stringliteral">&quot;\nError setting the filter\n&quot;</span>);
<span class="keywordflow">return</span>;
}
}
<span class="comment">//open the dump file</span>
<span class="keywordflow">if</span> (ofilename != NULL)
{
dumpfile= <a class="code" href="group__wpcapfunc.html#ga9506c33d580fdb5e5c288dba0f8a085c" title="Open a file to write packets.">pcap_dump_open</a>(fp, ofilename);
<span class="keywordflow">if</span> (dumpfile == NULL)
{
fprintf(stderr,<span class="stringliteral">&quot;\nError opening output file\n&quot;</span>);
<span class="keywordflow">return</span>;
}
}
<span class="keywordflow">else</span> usage();
<span class="comment">//start the capture</span>
<span class="keywordflow">while</span>((res = <a class="code" href="group__wpcapfunc.html#ga439439c2eae61161dc1efb1e03a81133" title="Read a packet from an interface or from an offline capture.">pcap_next_ex</a>( fp, &amp;header, &amp;pkt_data)) &gt;= 0)
{
<span class="keywordflow">if</span>(res == 0)
<span class="comment">/* Timeout elapsed */</span>
<span class="keywordflow">continue</span>;
<span class="comment">//save the packet on the dump file</span>
<a class="code" href="group__wpcapfunc.html#ga659439bf5aa3988b5a92d31990fbf437" title="Save a packet to disk.">pcap_dump</a>((<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *) dumpfile, header, pkt_data);
}
}
<span class="keywordtype">void</span> usage()
{
printf(<span class="stringliteral">&quot;\npf - Generic Packet Filter.\n&quot;</span>);
printf(<span class="stringliteral">&quot;\nUsage:\npf -s source -o output_file_name [-f filter_string]\n\n&quot;</span>);
exit(0);
}
</pre></div> </div>
<hr>
<p align="right"><img border="0" src="winpcap_small.gif" align="absbottom" width="91" height="27">
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2009
CACE Technologies. All rights reserved.</p>
Reference in New Issue View Git Blame Copy Permalink