How to write a program which listens to network traffic? (i.e. wireshark)

Question

Possible Duplicate:
How do I programatically collect packets from passively sniffing?

I am interested in figuring out how to go about writing a program like wireshark. The program should be able to listen on any port without disrupting network traffic.

The exact programming language is less interesting than the OS principle itself, so let's say that either C++ or Python would work just fine.

How would you do this on Windows? And on Linux?

Thanks!

The dupe does not contain anything about packet sniffing on windows... — ThiefMaster, Jul 11 '12 at 19:30
NOT A DUPLICATE: the question refers to diffrent languages and platforms. There is NO MENTION of WINDOWS in the suggested equivalent question. — Emilio Garavaglia, Jul 11 '12 at 20:00

score 2 · Accepted Answer · answered Jul 11 '12 at 19:30

2

On Linux you use libpcap, on Windows you use the windows port of it, winpcap.

Since you tagged the question with python: There are python bindings (pylibpcap) for libpcap.

answered Jul 11 '12 at 19:30

ThiefMaster

310,957
84
592
636

score 1 · Answer 2 · answered Jul 11 '12 at 19:29

On Windows, you'll probably want to look into WinPcap (well-documented packet capture library). You may also be interested in developing a filter driver for your network adapter in order to capture network traffic.

Reference: http://www.winpcap.org/

On Linux, (Python in particular), you can look into the socket library. It'll allow you to open up an INET socket and sniff on a port you specify.

Reference: http://docs.python.org/library/socket.html

Enjoy and good luck!

How to write a program which listens to network traffic? (i.e. wireshark)

2 Answers2