Stack Overflow
Stack Overflow

Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions
2
votes
1 answer

systemd service file and CapabilitiesBoundingSet

I am trying to reduce the root user capabilities by using the CapabilityBoundingSet option in my service file. Anyway, it seems I cannot prevent root from writing a file. For example, with this service file: $ cat…
Cristiano
  • 856
  • 10
  • 24
2
votes
2 answers

How to install Python libpcap module on Mac OS X

I started to work on a python sniffer project. I want to use the pcap module but my computer always says "No module named pcap". I read that libpcap and pcap come with OS X but actually, it doesn't work... I made a lot of research on the web and…
Quentin
  • 435
  • 2
  • 6
  • 15
2
votes
1 answer

libpcap static linking errors (undefined reference to pcap APIs) in Android NDK-build

I am trying to run the packetspammer application on an Android nexus-7 wifi only tablet (code name: grouper). I downloaded the libpcap library and was able to generate the static library (libpcap.a). However, when I try to build the packetspammer…
Sarvavyapi
  • 810
  • 3
  • 23
  • 35
2
votes
1 answer

How to use a raw socket to listen only for wanted traffic?

Three related questions: Do raw sockets have any method of filtering equivalent to the in-kernel BPF (used by libpcap)? Does opening a raw socket mean that it receives every IP packet on the machine? How do iptables interact with raw sockets - does…
fadedbee
  • 42,671
  • 44
  • 178
  • 308
2
votes
5 answers

Can't get the ip address with pcap_findalldevs

i am using pcap_findalldevs to get the device list in the computer. I get it successfully, with the name of the device, and description, but I don't know why, I get Netmask 0.0.0.0 and the ip address also 0.0.0.0. here is my code to generate the…
Benny Isaacs
  • 105
  • 1
  • 8
2
votes
1 answer

libpcap error : truncated dump file; bogus savefile header

I'm using a standard and simple program to read all packets for an open_file. open_file means that i'm using tcpdump in order to capture all traffic on the eth0 interface and write it all to a file. when running my program I get the following error…
Guy Baskin
  • 233
  • 1
  • 3
  • 9
2
votes
1 answer

How to break loop of pcap_loop without pcap_breakloop

I have libpcap version 0.6 and linux kernel version 2.6.18 in which i cannot upgrade either of these and pcap_breakloop() function available from the version 0.8. My question is how can I break pcap_loop() without using pcap_breakloop()? Any help…
Kothari
  • 91
  • 1
  • 9
2
votes
1 answer

libpcap getting the process ID of a packet

I'm currently working on a project that will monitor the network usage of my system. One feature I'm planning on adding is the ability to get the usage of a specific process (upload and download). The library I'm using is libpcap. Is there any way I…
user3103398
  • 143
  • 9
2
votes
3 answers

Does winpcap and sharppcap support the pcap-ng format

I've a file in the pcapng format and want to open it by SharpPcap - that doesn't work. SharpPcap uses Winpcap (libpcap). So my question: Does WinPcap and/or SharpPcap support the pcap-ng format at the moment or in future? I can't find some current…
Stampy
  • 456
  • 7
  • 27
2
votes
2 answers

c++ with libpcap won't compile under windows

First of all I'm quit new in programming in c/c++, so maybe it's just a basic error but i don't get it. The Problem is, I want to use libpcap in a bigger application, but i can't even integrate the libary into a simple HelloWorld.cpp. Atm I'm using…
user3608078
  • 316
  • 2
  • 9
2
votes
1 answer

Writing actual packet data, pcap

I'm writing a program that should convert strongSwan log to WireShark packets. So, for instance, we have a sequence like this one in a text file. Feb 14 14:53:22 dubu12 charon: 13[IKE] sending cert request for "C=RU, ST=NW, O=Company,…
Leonid Bor
  • 2,064
  • 6
  • 27
  • 47
2
votes
0 answers

Print the timestamp of packet with libpcap

I have a question about the time stamp. I have pcap file and part of the program is to print the time stamp of packet in C/C++. I'm using pcap_next_ex(app->pcap, &header, &data) for get the packet from the pcap and printf("%ld \n",…
user3378689
  • 209
  • 1
  • 4
  • 12
2
votes
1 answer

JnetPcap Wireless Interface

Will I'm working on project using JnetPcap API,I was able to list to run the ClassicPcapExample successfully public class ClassicPcapExample { /** * Main startup method * * @param args * ignored */ public static void main(String[]…
Sam Ben
  • 229
  • 1
  • 5
  • 11
2
votes
2 answers

Force TCPDump to write in PCAP instead of PCAP-NG format

I'm running tcpdump on Mac OS and I've noticed it saves files in PCAP-NG format (the first 4 bytes are 0A 0D 0D 0A). Is there a way to force it to use the old PCAP instead? Software version: tcpdump version 4.3.0 -- Apple version 56 libpcap version…
Lukasz Kujawa
  • 3,026
  • 1
  • 28
  • 43
2
votes
1 answer

Why we use -lpcap with gcc and what is meaning of that?

It is compulsory to use -lpcap with gcc to compile libpcap program, but I don't know what this flag means. Can anybody help me?? Example: $ gcc lpcap_demo.c -o lpcap_output.o -lpcap Thank you!!!
Kothari
  • 91
  • 1
  • 9
1 2 3
53 54