Stack Overflow
Stack Overflow

Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions
0
votes
1 answer

Reading a list of PCAP files

Any one here experience in opening a list of PCAP files in one shot and output the list of PCAP files to one output file? For example I have 1.pcap, 2.pcap and 3.pcap and I would like to do some processing on 1.pcap, 2.pcap and 3.pcap, then combine…
CheeHow
  • 875
  • 4
  • 12
  • 27
0
votes
1 answer

Installing tcptraceroute on ubuntu

I am trying to install tcptraceroute on my Ubuntu. I cannot use apt-get because there is a firewall issue. So I downloaded the package on my local and scp it over. When I run the ./configure command, it barks at me saying checking for…
stevengfowler
  • 141
  • 2
  • 3
  • 12
0
votes
1 answer

Is it possible to not include retransmitted packets from a libpcap capture?

My objective is to obtain in a unique capture the sendt tcp packets from a source host, NOT including the retransmitted packets. Is it possible to not include in the packet the retransmitted packets? I'm using libpcap but any help with…
tremendows
  • 4,262
  • 3
  • 34
  • 51
0
votes
1 answer

Libpcap sniffing prolem for 802.11

I am trying to sniff 802.11 packets on the Wi-Fi device in monitor mode. I am getting erroneous output. It is confirmed that I have to use link layer type as DLT_IEEE_802_11_RADIO (127). I am not getting the exact packet format as I have got for…
dfordevy
  • 161
  • 1
  • 15
0
votes
1 answer

Application with libpcap can only capture all the packets when tcpdump is opened, or only can capture few packets,how to resolve it?thanks

I have written a application, which uses libpcap to capture packets. But the application can only capture a few packets, the traffic is about several kbps. But the captured traffic will be over 10Mbps if tcpdump is opened. When tcpdump is closed,…
happy
  • 1
0
votes
1 answer

modify captured pcap and write back

I need to read captured pcap file, that contains some proprietary descriptor appended by FPGA at the start of file right after MAC header, add extra 2 bytes to the descriptor and write back. I'm trying to implement this in C using libpcap library on…
Mark
  • 6,052
  • 8
  • 61
  • 129
0
votes
1 answer

JNetPcap in eclipse does not print error... Ubuntu 12.04

Have some problems with JNetPcap. I uses Ubuntu 12.04, and trying to make packet snipper that based in java language. What I did is below. I have downloaded JNetPcap 1.3.0. And as tutorial said built a java project.…
Juneyoung Oh
  • 7,318
  • 16
  • 73
  • 121
0
votes
0 answers

How to make Packet sniffer in java?

I am trying to make a packet sniffer in java. My environment is Ubuntu 12.04 64bit. The first thing I found from internet recommends install Jpcap, But I could not find any Jpcap installation files for Ubuntu 64bit. After that I was trying to…
Juneyoung Oh
  • 7,318
  • 16
  • 73
  • 121
0
votes
1 answer

Why does libpcap have a struct pcap_addr_t that uses sockaddr_in to define addresses on a device?

I am curious as to why sockaddr is used inside pcap_addr_t which is given to you when calling pcap_findalldevs. The reason this is not so straight forward is because sockaddr_in contains information about the address and port. This is similar to…
Michael J. Gray
  • 9,784
  • 6
  • 38
  • 67
0
votes
1 answer

libpcap: real time usage of file descriptor returned by pcap_get_selectable_fd

I'm programming for a network program using libevent. In this program, I want to capture packets using libpcap, modify these packets and then sends them out. These steps should be in real time. So I create a live capture, use pcap_get_selectable_fd…
misteryes
  • 2,167
  • 4
  • 32
  • 58
0
votes
1 answer

Filter on GRE packets payload ip /dst

I´m using libjpcap to capture packets from the network and handle them in my application. Currently, we can use filters so that we capture only from a certain destination. For example, src host 10.159.2.3 will only capture traffic from that…
Tom
  • 43,810
  • 29
  • 138
  • 169
0
votes
1 answer

TCPDump / libpcap - find memory location of payload data

I am trying to view http traffic going to and from my loopback network adapter using libpcap. I just beginning with network programming and completely new to this library. Thanks to an answer I received previously I have been successful at detecting…
Nick
  • 19,198
  • 51
  • 185
  • 312
0
votes
1 answer

Compiling libpcap in linux without memory-mapped support

pcap in linux is dropping packets, and it appears related to shared memory-mapping as addressed here https://stackoverflow.com/a/11660759/1794758. However, the links on that answer are down so I can't see how to compile libpcap with shared…
jdwiegman
  • 85
  • 8
0
votes
1 answer

Traceroute and packet capture

The following code is required to capture the route taken by a packet as it moves from the local router to destination router. It should print all the intermediate routers and its ip addresses. The code is given below. But the output doesn't list…
Chaitra Rp
  • 1
  • 1
0
votes
1 answer

libpcap Radiotap header extraction

I've got some code that is using the functions ieee80211_radiotap_iterator_init() and ieee80211_radiotap_iterator_next() from radiotap-parser.c, I'm not sure what I'm doing incorrectly, perhaps someone can educate me? I'm using the sample code from…
Lee Hambley
  • 6,270
  • 5
  • 49
  • 81
1 2 3
53 54