Stack Overflow
Stack Overflow

Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions
2
votes
1 answer

Processing incorrect mac addresses from 802.11 frames with pcap

I'm working throurgh a project with pcap and wireless. Following an example posted in response to oe of my earlier questions I am trying to extract the mac addresses from wireless frames. I have created structures for the radiotap header and a basic…
dudebrobro
  • 1,287
  • 10
  • 17
2
votes
1 answer

Compile Error in using /usr/include/net/if.h

I'm trying to compile existing source code for a network sniffer on my Mac Lion. I installed libpcap. The source includes a header file /usr/include/net/if.h, which is throwing compilation errors as shown below. Floyd:~ Shastry$ gcc -o arplisten…
Ashwin
  • 873
  • 2
  • 12
  • 21
2
votes
1 answer

Libnet TCP checksum error

I am trying to build a TCP packet using libnet library. I use '0' for autocomputation of checksum value in the libnet_build_tcp function. However, it seems the checksum ignores the pseudo-header when being computed resulting in a useless packet…
Keeto
  • 4,074
  • 9
  • 35
  • 58
2
votes
0 answers

Why can't we make tcpdump to not stop/exit when an interface on which it is capturing is brought down?

If tcpdump is started with -i exits if that is brought down. However, if it is started with "-i any" option, it doesn't stop if wlanX/ethX interfaces are removed because the other interfaces (like lo, dummy, rmnet) are…
Vaibhav S
  • 115
  • 1
  • 12
2
votes
2 answers

Unable to create static binary because of undefined reference to dbus_*

I get these errors when I try to statically link my Go program that uses Gopacket: /usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/11/../../../x86_64-linux-gnu/libpcap.a(pcap-dbus.o): in function `dbus_write': (.text+0x103): undefined reference to…
user2233706
  • 6,148
  • 5
  • 44
  • 86
2
votes
1 answer

Extract certain bytes from iscsi packets programmatically

I have a ton of wireshark traces containing varying amount of ISCSI packets. I need to parse out the command being sent by the initiator (in bytes) and write it to a file for each packet. I was originally going to do this manually, as it is easily…
user933919
  • 21
  • 1
2
votes
2 answers

Pylibpcap for python-3.x

There was a library pylibpcap for python2 that contained the functionality to create pcap objects like this: import pcap pc = pcap.pcapObject() Now I'm looking for an analogue for python3, but from what I found (pypcap, pcap-ct), these libraries…
Helen
  • 463
  • 2
  • 9
  • 23
2
votes
1 answer

How does libpcap handle buffer size limits and processing time?

Pcap docs states that functions such as pcap_dispatch read a bufferful of data. There are multiple things I don't understand about this. Since you can set the buffer size, what happens if the buffer size isn't a multiple of the packet size? Say I…
Pop Flamingo
  • 3,023
  • 2
  • 26
  • 64
2
votes
1 answer

how to timeout periodically in libpcap packet receiving functions

I found this post in stackoverflow.com listening using Pcap with timeout I am facing a similar (but different) problem: what is the GENERIC (platform-independent) method to timeout periodically when receiving captured packets by using libpcap packet…
dumbcoder
  • 21
  • 1
  • 3
2
votes
1 answer

Interpretting payload using libpcap

So I've been playing around with libpcap lately, and I have a quick question. Here's the code in question: while( (result = pcap_next_ex(adapterHandle, &header, &packetData)) >= 0) { if(result == 0) // Packet was dropped continue; …
Tom
  • 21
  • 2
2
votes
1 answer

How to compile a Go application using gopacket for 32bit mips

I am trying to compile a little application using the gopacket library to linux on a 32bit mips cpu. Unfortunately I am getting loads of errors like this: /home/cdutz/go/pkg/mod/github.com/google/gopacket@v1.1.19/pcap/pcap.go:30:22: undefined:…
Christofer Dutz
  • 2,305
  • 1
  • 23
  • 34
2
votes
1 answer

Can't get protocol while capture any interfaces with libpcap

I using libpcap code to capture network traffic in my Ubuntu with the following code I have problem the parse the protocol of packet: #include #include #include #include #include #include…
MicrosoctCprog
  • 460
  • 1
  • 3
  • 23
2
votes
1 answer

pcap_lookupdev() is deprecated l. How to resolve it

Since lookupdev has been deprecated in libcap >=1.9, I am facing an error on a code written in v1.8. I have not been able to resolve it. Suggestion is I use pcap_findalldevs but I am getting an error. int sniffARPPackets(char* gateway, char*…
Volpone
  • 41
  • 3
2
votes
1 answer

Packets getting dropped with Libpcap in C on 1 Gig Traffic

I'm writing a packets parser in C using libpcap library. Here is the simple code int main(int argc, char *argv[]) { pcap_t *pcap; const unsigned char *packet; char errbuf[PCAP_ERRBUF_SIZE]; struct pcap_pkthdr header; clock_t…
Alamgir Qazi
  • 763
  • 1
  • 11
  • 25
2
votes
1 answer

link to pcap with pf_ring

I'm trying to use libpcap that was compiled with pf_ring. I got the sources from ntop, and compiled it. However, there's something I don't understand (sorry for the newbie linking question): I wanted to know if my application used the correct pcap…
Ron
  • 21
  • 3
1 2 3
53 54