Stack Overflow
Stack Overflow

Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions
0
votes
1 answer

Is Winpcap captures and modifys data?

I am working on project that can capture the data passed from the user to the network in the same machine and modify its contents. But I don't know if Winpcap can only capture or can also modify the data??? I hope my question was so obvious for you!
Rasool Ahmed
  • 103
  • 2
  • 9
0
votes
1 answer

Drop captured packet

The project I am working has the requirement of dropping captured packets. I am successfully captuing packets with the use of libpcap like so, pcap_loop(handle, num_packets, got_packet, NULL); Where in the callback function I capture the given…
Hasitha Shan
  • 2,900
  • 6
  • 42
  • 83
0
votes
2 answers

How To Capture Http Packets in LAN

Well I m working on Java project.in order to make an application that will capture all packets in my lan , and be able to see HTTP traffics . I m currently using Jnetpcap API , i succeed listing interface and do a live capture and extract HTTP…
Sam Ben
  • 229
  • 1
  • 5
  • 11
0
votes
1 answer

Display packet's detail using libpcap like Wireshark

In the wireshark, it's able to display packet's details like ip.src, ip.port, info etc. When on click the packet, the packet's details are shown in the (middle) bottom part. Is there anyway to show the details (known as pdml in tshark), i.e. the…
CheeHow
  • 875
  • 4
  • 12
  • 27
0
votes
1 answer

Scheduling file operations in embedded Linux

I'm sniffing WiFi packets for RSSI (my interest is probe request and data null, timestamp and source mac address), and I need to save the results in pcap files for further processing. The problem is that I need to divide the info to multiple…
Ralor
  • 371
  • 1
  • 3
  • 10
0
votes
3 answers

pcap_open() not usable in libpcap

I want to create an application by libpcap in Qt in Kali linux. I create similar application in windows & does work. I download & install libpcap. Now, Qt recognizes pcap.h but some functions & constants does not work. like as: pcap_open -…
Mohammad Reza Ramezani
  • 732
  • 3
  • 9
  • 22
0
votes
1 answer

Simple way to verify valid BPF filter

What is the simplest way to verify a BPF filter as a normal user? Easiest I have found is to run tcpdump with a small pcap file as input to the -r option. $ tcpdump -r one_packet.pcap -F invalid_bpf.conf 2> /dev/null ; echo $? 1 $ tcpdump -r…
RyPeck
  • 7,830
  • 3
  • 38
  • 58
0
votes
1 answer

Add PPOOE layer tp packet - convert length into byte

I have application that play Pcap files and i try to add function that wrap my packet with PPPOE layer. so almost all done except large packets that i didn't understand yet how to set the new langth after add PPPOE layer. For example this…
user1860934
  • 417
  • 2
  • 9
  • 22
0
votes
1 answer

How to solve "Segmentation fault (core dumped)"

Here is my code: #include #include void pcapdump(u_char* argument,const struct pcap_pkthdr* packet_header,const u_char* packet_content); int main() { int i=0, devid,ret; char errbuf[PCAP_ERRBUF_SIZE]; pcap_t…
user3395974
  • 47
  • 2
  • 11
0
votes
1 answer

BPF filter string not working on router

I am using a filter string to catch only the probe-request frames from my wifi router working in monitor/Promisc mode. the same string i.e. "type mgt subtype probe-req" is working when i am running my code on a laptop but on my linksys WRT54g its…
Jango
  • 119
  • 1
  • 1
  • 10
0
votes
1 answer

Capture Wifi packets using libpcap

I'm using libpcap to write a sniffer program .. For starters i referred to tutorials on the net from various programmer on how to write Basic Sniffer program using Libpcap .. which captures Packets only from the Ethernet connection ... And i've…
user3143451
  • 61
  • 1
  • 8
0
votes
1 answer

pcap_next_ex() never sets the pointer to the raw packet?

I tried to read in the raw packet with libpcap (1.4.0 on CentOS 6). However, for some reasons, rawPacket is always NULL after pcap_next_ex(). However, pcap_next_ex() does return 1 though it could mean timeout expired (where the timeout is set by the…
Hei
  • 1,844
  • 3
  • 21
  • 35
0
votes
1 answer

passing private method class member as pointer to a function

I searched that in the forum and I tried several solutions that I found here, but none worked. My problem is, I need to pass a private member of a class as a pointer to a function argument, so I tried put this method as static but it didn't work,…
Alex
  • 3,301
  • 4
  • 29
  • 43
0
votes
1 answer

how to access multiple offline pcap files from a directory and capture the source ip address using c

I'm Trying to make this following code to access multiple .pcap files stored in a directory and capture the source IP address. After which i will have to anonymize it with the list of ip addresses from a txt file. I'm at the first step, i'm unable…
Nishaero
  • 7
  • 4
0
votes
1 answer

Winpcap, DLL and open source

I'm "trying" to study the Pcap library. Currently I'am using a Windows machine so I downloaded the Winpcap Dev pack. I would like to know the content of the function pcap_sendpacket. I searched the source files in the Winpcap Dev pack and only found…
Carlitos_30
  • 371
  • 4
  • 13
1 2 3
53 54