hai..am writing simple tcp sniffer using pcap in vc++.so how to block or filter all incoming pockets from any ip
kindly give your suggestions
thank you
+1
A:
PcapHandle = pcap_open_live(device, 65535, 1, 0, errbuf);
if (PcapHandle == NULL) {
// Error handling
}
/* Compile and apply the filter */
sprintf(FilterExp, "dst host %s", sDestIp); // sDestIp your IP to filter
if (pcap_compile(m_pPcapHandle, &fp, FilterExp, 1, mask) < 0) {
printf("Couldn't parse filter '%s': %s\n", FilterExp, pcap_geterr(PcapHandle));
pcap_close(PcapHandle);
// Error handling
}
if (pcap_setfilter(PcapHandle, &fp) < 0) {
printf("Couldn't install filter '%s': %s\n", FilterExp, pcap_geterr(PcapHandle));
pcap_freecode(&fp);
pcap_close(m_pPcapHandle);
// Error handling
}
pcap_loop(...)
Dima
2010-09-30 21:13:30