Stack Overflow
Stack Overflow

Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions
2
votes
1 answer

How to check if libpcap installed in Alphine docker container

I installed libpcap in my container using below docker file using docker file below. How do I make sure it was installed and working as expected? I tried below with the hope to see libpcap D:\work >docker exec -u 0 -it containerId sh /app # cd…
user3023949
  • 121
  • 2
  • 8
2
votes
1 answer

libpcap static linking errors compiling with ndk toolchains for android

I have downloaded the libpcap in external folder from android source code using the Git and repo. I used the toolcains of ndk (android-ndk-r5b) to compile the library following these steps: ./configure…
Thanasis Petsas
  • 4,378
  • 5
  • 31
  • 57
2
votes
1 answer

How to compile tcpdump for android x86 and x86_64

I came across this question Cross Compile - tcpdump for x86 I tried both the script in the OQ, and the accepted answer but none worked they both give errors so I assume there's something done wrong. This is my attempt at compiling it for x86:…
muhzi
  • 119
  • 2
  • 14
2
votes
1 answer

C libpcap API extracting DNS query

I am trying to extract a DNS query from an captured DNS packet with libpcap api, however there must be a problem with my structures, after the last cast (using struct question) the char* name pointer is pointing at correct adress, the start of the…
camixetew
  • 69
  • 3
2
votes
1 answer

Can tcpdump filter by application layer protocol?

I have not had much luck in finding a way for tcpdump to filter by the application layer protocol, like HTTP or FTP. It seems it can filter by at most transport layer protocols like TCP or UDP: https://linux.die.net/man/7/pcap-filter Is it true…
flow2k
  • 3,999
  • 40
  • 55
2
votes
3 answers

requirement of root privileges for libpcap functions

The pcap_lookupdev() fills in the errbuf variable when run as non-root user, while the same functions returns the value of the first available network interface when run as root. Is this access disabled by the OS or the library. I think it is the…
Lelouch Lamperouge
  • 8,171
  • 8
  • 49
  • 60
2
votes
1 answer

why does tcpdump shows 16 '0x00' bytes at the end of UDP packets?

I use Tcpdump in different machine with different version. And i notice that there are 16 0x00 bytes at the end of UDP packets in a higher tcpdump version. AnyBody know why? Machine A with tcpdump version 4.1-PRE-CVS_2012_03_26 libpcap version…
chen
  • 21
  • 1
2
votes
1 answer

Raw Sockets Vs Libpcap in sending performance

I'm currently attempting to get the best sending performance for an 802.11 frame, I am using libpcap but I wondered if I could speed it up using raw sockets (or any other possible method). Consider this simple example code for libpcap with a device…
RSS
  • 143
  • 4
  • 9
2
votes
1 answer

How to sniff all packets on python when scapy and pypcap have serious loss?

I tried to sniff packets on Win10 using python. However, i find a lot of packets are actually dropped by scapy. For example, I download a file of 2 MB from ftp, the wiresharks captures nearly 2000 packets and the scapy only captures 500. I have…
user6456568
  • 579
  • 9
  • 23
2
votes
2 answers

How do i capture MAC address of Access points and hosts connected to it?

I know that i have to use the libpcap library to capture IEEE 802.11 frames to show their MAC addresses,for example my wireless adapter is in monitor mode, and only supports "802.11 plus radiotap radio header" when i do a pcap_datalink. In the…
cftmon
  • 205
  • 1
  • 7
  • 15
2
votes
1 answer

How to cross-compile a C program for OpenWRT with libpcap library?

I have this small piece of code which uses libpacp library: ifacelookup.c #include #include int main(int argc, char *argv[]) { char *dev, errbuf[PCAP_ERRBUF_SIZE]; dev = pcap_lookupdev(errbuf); if (dev == NULL) { …
haccks
  • 104,019
  • 25
  • 176
  • 264
2
votes
2 answers

join/leave multicast group using libpcap

I need to receive a multicast stream but filter incoming packets by source MAC address on CentOS 5.5. I'm planning to use libpcap library. Is it possible to join/leave multicast group using libpcap? If yes, how to do that? Thanks
Dima
  • 1,253
  • 3
  • 21
  • 31
2
votes
2 answers

View - but not intercept - all IPv4 traffic to Linux computer

Is there a way to view all the IPv4 packets sent to a Linux computer? I know I can capture the packets at the ethernet level using libpcap. This can work, but I don't really want to defragment the IPv4 packets. Does libpcap provide this…
William
  • 2,917
  • 5
  • 30
  • 47
2
votes
2 answers

How to read and write concurrently a pcap file in c

I have 2 programs written in C, one program writes to the pcap file and the second program reads from it at the same time.For writing ,I am using the following code while(j < 100000) { pcount =…
KhalidGT
  • 51
  • 10
2
votes
0 answers

Capturing signal strength per packet while associated to an ad-hoc network

I am implementing an ad-hoc routing protocol and would like the ability to capture the associated signal strength (in terms of RSSI or SNR) on a per-packet basis. I have been able to achieve this in monitor mode, however I will need to be able to do…
bradleykirwan
  • 148
  • 7
1 2 3
53 54