Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions

votes

1 answer

Why are some Beacon Frames dropped

Why am I not capturing all Beacon Frames? Are they being dropped by AP? I'm using libpcap in Linux for capturing Beacon Frames and parsing the timestamp. I use the timestamps to compute the interval between captured Beacon Frames. Most of the time…

asked Nov 24 '15 at 15:40

niCk cAMel

votes

1 answer

CPAN : Can't install Net/Pcap.pm

On Linux Xubuntu 14.04.3 (3.19.0-25 generic). cpan > install Net::Pcap ... CPAN.pm : Building S/SA/SAPER/Net-Pcap-0.17.tar.gz looking for -lpcap... no You appear to lack the pcap(3) library ... Then I tried this $ cd…

perl cpan libpcap

asked Nov 23 '15 at 08:46

rdupz

2,204
2
13
21

votes

1 answer

Pcap magic number on live capture

Is it possible to catch a correct pcap header on live capture or is it only put in files? All documentation relates to files... I've managed to extract the magic number with ease from .pcap files using libpcap in Linux with C and Jnetpcap in windows…

c header-files pcap libpcap

asked Nov 21 '15 at 21:16

niCk cAMel

votes

1 answer

Winpcap : using pcap_stats() for saved files

I have to following problem. I need to scan a .pcap file (saved file) for re-transmitted tcp packets. I'm using the Winpcap lib. I tried using pcap_stats() to check for dropped packets (which will also represent re-transmitted packets), but found…

c++ pcap libpcap winpcap

asked Nov 06 '15 at 19:01

Nadav. G

votes

1 answer

NetFlow v5 - exporting flow records missing fields

I am implementing my own NetFlow v5 offline exporter and I am struggling with a couple of fields there: 8-11 nexthop IP address of next hop router 12-13 input SNMP index of input interface 14-15 output SNMP index of output interface - no idea what…

c++ pcap libpcap netflow

asked Nov 04 '15 at 13:34

Petr

votes

1 answer

How to write pcap file from scratch, decorticating libpcap functions?

I've got this code which is working fine to write a pcap file (with just the Ethernet protocol for the test) with libpcap: struct ethernet { u_char mac1[6]; u_char mac2[6]; u_short protocol; }; int main() { pcap_t *pd; …

c pcap libpcap

asked Nov 04 '15 at 13:04

Charrette

votes

1 answer

How to represent DNS Resource Records in a structure?

I'm making a program using pcap to parse .pcap files. I'm actually working on the DNS protocol, i'm able to get the header and display its information. Now I'd like to display its Resource Records (Question, Answer, Authority, Additional). I found…

c dns pcap libpcap

asked Oct 31 '15 at 23:24

Charrette

votes

1 answer

Traffic profiling: distinguish between streaming and downloading and other services?

I'm a Libpcap and Wireshark novice: for my school project I have to distinguish between different types of traffic (SMTP, web traffic, VoIP, online gaming, downloading, streaming, ...). While at first I relied on port numbers (25 for SMTP, 80/443…

c wireshark libpcap

asked Oct 22 '15 at 09:42

elmazzun

1,066
2
18
44

votes

1 answer

How to get packet details with pcap in c

I'm trying to create a program able to read pcap files. with the pcap_open_offline and pcap_next_ex functions, i've been able to get some informations, like the header of the packets and the data. But in this file there are way more informations,…

pcap libpcap

asked Oct 21 '15 at 15:01

Charrette

votes

1 answer

How to use pcap structures with the good includes

Since yesterday i'm learning how to use pcap to parse a pcap file. And since yesterday i'm getting an error : Here is my simple code, trying to write the fd in pcap_t structure: #include #include #include…

c pcap libpcap

asked Oct 21 '15 at 11:52

Charrette

votes

1 answer

Increasing number of BPF devices on AIX

Anyone know how to increase the number of BPF devices in AIX 5.2/5.3 above the supposed system default of four? i.e. running more than four tcpdump processes concurrently?

aix libpcap tcpdump

asked Jul 22 '10 at 17:09

Jeff

votes

1 answer

could not load jnetpcap.so file in java on debian wheezy

I'm using jnetpcap v1.3 in my java project and the so file it uses for native calls has a dependency on libpcap0.9 but my libpcap version is 0.8 and cannot find this library in apt repositories. so how can i install libpcap0.9 on debian wheezy to…

java debian libpcap jnetpcap

asked Oct 07 '15 at 08:07

herburos

votes

1 answer

NDK-BUILD: make: *** No rule to make target Error with Libpcap

When I run the ndk-build on my project, I get the following error: > Android NDK: WARNING: APP_PLATFORM android-21 is larger than > android:minSdkVersion 15 in ./AndroidManifest.xml [arm64-v8a] > Compile : pcap <= pcap-linux.c…

c linux android-ndk libpcap

asked Sep 09 '15 at 02:48

muscle nerd

votes

0 answers

Pcap producing strange packets after un- and replugging cable

After physically pulling the line and reconnecting it again, pcap (I am programming it in C) produces packets which are most likely not really there and misses out on all "normal" traffic which is going on. I have two nodes on the network which…

ethernet pcap libpcap packet-capture raw-ethernet

asked Sep 08 '15 at 23:22

Vroomfondel

2,704
1
15
29

votes

2 answers

Namespace Conflict libcrafter/Pcap++

I'm trying to make an homemade system for exchanging packets, especially on layer 2 without anything above, on CentOS... I use libcrafter to build packets pcap++ to sniff packets (crypto++ to ensure a minimal security - off topic for this…

libpcap libcrafter pcapplusplus

asked Sep 01 '15 at 07:13

3isenHeim

Prev 1 2 3

…

53 54 Next