Stack Overflow
Stack Overflow

Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions
0
votes
2 answers

Struggle with using WinPcap/libpcap in Eclipse (+ CDT)

I'm struggling with winpcap in my project. I'm using Eclipse with CDT plugin.. I've installed WinPcap on my PC and included libpcap into my project. But whenever I want to build the project following error message is thrown:…
user2224350
  • 2,262
  • 5
  • 28
  • 54
0
votes
1 answer

Unable install libpcap on linux

I try to install libpcap 1.4.0.0 But i always get the status: [root@vsqa054 engfix]# rpm -ish libpcap-1.4.0-1.20130826git2dbcaa1.el6.i686.rpm warning: libpcap-1.4.0-1.20130826git2dbcaa1.el6.i686.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de:…
scarework
  • 251
  • 1
  • 2
  • 5
0
votes
0 answers

Python modify packet on the fly. (dpkt and pcap)

I have a piece of code that I am using to sniff packets. It works great and I get the raw data without any problem. Now I would like to modify the content of the packets that are going through my interface. For example modify the dest IP or the…
user1618465
  • 1,813
  • 2
  • 32
  • 58
0
votes
1 answer

A third computer captures, modifies and injects packets using libpcap before the dst computer receives packets from src computer

I'm a newbie on libpcap. Right now I am writing C program for capturing, modifying and injecting packets. I have three computers: A, B, C. A is sending ENIP packets to B with interval 10 ms. C is capturing packets sent by A and modifying the packets…
user3882944
  • 3
  • 2
0
votes
1 answer

How to pass multiple arguments to pcap_loop()/pcap_handler()?

I need to pass two pointers of different types to pcap_loop() so that the pcap_handler can read/modify that data. pcap_loop() looks like: int pcap_loop(pcap_t *p, int cnt, pcap_handler callback, u_char *user); ...and takes arguments through u_char…
Jesse
  • 3
  • 2
0
votes
1 answer

Thread safety when using jNetPcap to send and receive Ethernet frames

I have a Java project where I am required to both send and receive network packets with only the Ethernet header present. The header contains custom MAC addresses as well, which do not match the physical hardware address of the receiving/sending…
aMpeX
  • 57
  • 7
0
votes
2 answers

Why does pcap_sendpacket fail on Thunderbolt interface?

In a multi platform project I am using pcap to get a list of all network interfaces, open each (user cannot select which interfaces to use) and send/receive packets (Ethernet type 0x88e1/HomePlugAV) on each. This works fine on Windows and on Mac OS…
Werner Henze
  • 16,404
  • 12
  • 44
  • 69
0
votes
1 answer

Merging/appending multiple pcap files to an existing one without overwriting

I am using tshark to filter some packets based on Display/Read filters from one file into another. I want to have one final output file out.pcap after executing multiple read filters over number of files and combine all into out.pcap. I was trying…
creativeDrive
  • 245
  • 1
  • 5
  • 13
0
votes
1 answer

filtering packets from pcap file

I am new with the pcap library and I am building a program that loads pcap file and process it for my needs with winpcap. this is part of my pseudo code: pcap_file= pcap_open_offline(pcap_path, errbuff); while ( !EOF ) { //read the next packet…
user3378689
  • 209
  • 1
  • 4
  • 12
0
votes
1 answer

Why don't pointer point to right packet header when I capture network packet?

I used libpcap to capture network packet.My code was adhandle = pcap_open_live(wlan0,65536, PCAP_OPENFLAG_PROMISCUOUS, 1000,errbuf);/*open interface*/ pcap_next_ex(adhandle, &pheader, &pkt_data);/*capture packet*/ ip_header* ih =…
user3589797
  • 3
  • 3
0
votes
2 answers

time difference in microseconds

I have question about the EPOCH time. I need to calculate the time difference between two packets. and I am not so sure how: printf("Epoch Time: %d:%d seconds\n", header->ts.tv_sec, header->ts.tv_usec); the first packet shows:…
user3378689
  • 209
  • 1
  • 4
  • 12
0
votes
1 answer

getting the previous packet from pcap file

Im using pcap_next_ex(); to get the next packet. I tried to search for getting the last previous packet but I couldn't find such function. if someone know if it is possible to get the last previous packet it will be very helpful. thanks!
user3378689
  • 209
  • 1
  • 4
  • 12
0
votes
1 answer

How libpcap receive a packet from the driver?

Can someone please point me to a good starting place to learn how libpcap gets its packets from a network driver? My intend is to replace the receive function with a fast implementation.
Patrick
  • 4,186
  • 9
  • 32
  • 45
0
votes
1 answer

"irc.request " filter for libpcap

i have to filter out the "IRC request" packet form the list of capture packet in wireshark the filter expression is "irc.request",but i am not able to write the same filter expression for lipcap so please provide me the filter expression for…
deepak1991
  • 3
  • 2
0
votes
0 answers

Garbled characters when sniff the http data and store them using pcap

I filter it with "port 80" and start to catch using pcap_loop(phandle,-1,pcap_callback,NULL); the pcap_callback function void pcap_callback(u_char* user,const struct pcap_pkthdr* header, const u_char* pkt_data){ FILE *fp=fopen("1.html","a");…
Ziu
  • 649
  • 1
  • 8
  • 20
1 2 3
53 54