I would like to be able to see and monitor my internet data (http/emule/email) on my own PC using Windows XP. I am thinking of something like WireShark but I would like to control it programmatically.
I would be using C or C++.
How can I do this?
+3
A:
WireShark uses winpcap to do it's thing.
Winpcap comes with a C interface.
Ferruccio
2009-03-20 13:27:35
is it the only method ?
2009-03-20 14:43:33
A:
winpcap is probably the most well known choice, but you could also write a Layered Service Provider. There's not a whole lot of documentation, but a good place to start is the article on msdn: http://www.microsoft.com/msj/0599/LayeredService/LayeredService.aspx
This has some advantages vs layer 2 packet parsing, but also some disadvantages. You'll need to evaluate where in the stack you want to live.
edit: Obviously, when I say pcap -- I really mean any similar approach. Obviously, winpcap was not the first driver/library combo to provide this sort of information.
Brian Mitchell
2009-03-20 16:05:54
A:
Have a look at the code of the tool trafficWatcher. It uses WinPCap to distinguish between LAN and internet traffic.
The sourcecode is available here.
Stefan
2009-03-20 19:00:23