Hey, Trying to compile a basic program which uses pcap.h. I've set up the environment on my Mac OSX box which uses the iPhone 3.1.3 SDK for an iPhone 3GS. I've also installed libpcap to ~/libpcap so I can tell gcc where to look for the headers using the -I flag. However, it fails with an ld warning saying the file is not of the required...
Hi, Can I use libpcap on windows in a C program (or does this require winpcap)? If yes, do you know if libpcap would have some advantages over WinPCap or are they the same re functionality? ...
Hi, Anyone know how to increase the number of BPF devices in AIX 5.2/5.3 above the supposed system default of four? i.e. running more than four tcpdump processes concurrently? ...
Assume we capture packets with the C API of libpcap. Is it efficient to parse some payload strings with string search strstr() in line speed (e.g. Mbps/Gbps)? For example strstr(payload,"User-Agent"); Would it be more efficient to do it with a regular expression pattern matching library, such as libpcre? If we want to do that only for ...
Hello I have a pcap file. By using Jnetpcap library I am reading frames fields such as its length. The problem is I want to find each TCP conversation and then classify them based on their characteristics. For example the bigger one has a video content. I just wonder if anyone have an experience working with TCP flows (Streams). Your he...
Hi all, wondering any of you can give me a bit of comments + insights please. In term of performance, which one should I use, jNetPcap or Jpcap? Thanks! ...
The code cant find any device, I want to know what does pcap_lookupdev() do ? thanks #include <pcap.h> int main(int argc, char *argv[]) { pcap_t *handle; char *dev;// = "eth0"; char errbuf[PCAP_ERRBUF_SIZE]; dev = pcap_lookupdev(errbuf); if (dev == NULL) { fprintf(stderr, "Couldn't find default device: %s\n"...
I want to capture ip packages on one server, and then forward the packages to another server by libnet, who has some examples ? thanks in advance. ...
hi can we in a network gateway write a program with libpcap to extract destination web address and other info like squid? in c language. is any better way? if yo can give me some example and guide. ...
I'm trying to build up the proper data structure using a pseudo tcp header, tcp header, and tcp data to be sent to a check sum function to be verified. I cannot figure out what I'm doing wrong in my code. The following code is my function that builds up the data structure and then sends it to another function to be checked. void print_...
I am doing research about network traffic characterization. While processing collected data (captured by tcpdump and saved to a database), I stumbled over the weird phenomenon with packet (or flow) inter-arrival times: Inter-arrival times of 35-170µsec are never observed Of course, without a DAG card (which would do hardware time stamp...
Hello, I would like to install and use latest version (1.1.1) of the libpcap on CentOS 5.5 machine. I configured, compiled and installed new libpcap library by: [dima@localhost libpcap-1.1.1]$ ./configure [dima@localhost libpcap-1.1.1]$ make [dima@localhost libpcap-1.1.1]$ sudo make install But when I'm trying to link with libpcap sh...
Hi, I am trying to create a sniffer that can sniff on multiple devices. In my code the program will receive a list of devices that a user wants to sniff on. I take the list of device and store it into an array that I use to loop through and pass along to a function that creates the pcap_t handle like the function below: void *startPca...
I saw this kind of code used in a project: while (1) { l_numPkts = pcap_next_ex( m_pcapHandle, &header, &pkt_data); //do something memcpy(dst,pkt_data,size); } after the pcap_next_ex return,the packet status will be set TP_STATUS_KERNEL,which means the buf was return to kernel. code: /* next packet */ switch (handle->md.tp_vers...
I am having difficulty setting up a struct from the pcap library in FFI. Struct: struct pcap_if { struct pcap_if *next; char *name; char *description; struct pcap_addr *addresses; bpf_u_int32 flags; }; The relevant Ruby code module Pcap extend FFI::Library ffi_lib 'pcap' attach_function :pcap_findalldevs,[:pointer,:...
My application is running on CentOS 5.5 I need to send raw packets using libpcap API: pcap_inject() or pcap_sendpacket() To the specific IP address How can I determinate MAC address belongs to a specific target? ...
Hello, I need to receive a multicast stream but filter incoming packets by source MAC address on CentOS 5.5. I'm planning to use libpcap library. Is it possible to join/leave multicast group using libpcap? If yes, how to do that? Thanks ...