Stack Overflow
Stack Overflow

Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions
4
votes
2 answers

libpcap and wireless signal capture

I am trying to write a c++ app (linux) that would capture a wireless packet along with the associated Signal strength (in dBm). The capturing part is easy but the problem is I can't find any documentation on how to get the signal strength for each…
Sean D
  • 356
  • 5
  • 20
4
votes
3 answers

help installing libpcap on cygwin

i was trying to install libpcap under cygwin on windows 7 but i had this error: $ ./configure . . . . . configure: error: see the INSTALL for more info how can i solve this? i am using libpcap-1.0.0 which is the latest…
scatman
  • 14,109
  • 22
  • 70
  • 93
4
votes
1 answer

Python Packet Sniffing / Packet Capture - pcapy not capturing packets

I have my wireless interface in monitor mode, and I'm able to successfully sniff network packets and analyze them with Wireshark. I've been trying to implement something similar with pcapy and impacket. It looks as if pcapy is not capturing the same…
Jordan Messina
  • 1,511
  • 1
  • 16
  • 25
4
votes
4 answers

Compile libpcap using Android NDK

I've been doing a lot of attempts to get libpcap compiled for Android, and I don't see any pattern or any progress worth writing down. I have a very simple sniffer (that works fine in a MIPS linux) that uses libpcap, so I thought to myself oh, ok...…
Savir
  • 17,568
  • 15
  • 82
  • 136
4
votes
1 answer

Time difference between two packets using Radiotap header MAC timestamp

I am trying to parse MAC timestamp fields of radiotap headers of 802.11 packets captured on monitor mode. TSFT field of radiotap header is 64bit value in microseconds. Raw hex value is highlighted below. The MAC timestamp value is represented in…
dorsalfin
  • 85
  • 1
  • 1
  • 13
4
votes
1 answer

why some open source project like nginx and pcap use their own 'nginx_uint_t' and 'bpf_u_int32' instead of built-in type 'unsigned int'

I am dealing with libpcap and nginx source codes these days. I wonder something like: In libpcap, they use their own unsigned int type bpf_u_int32 In nginx, they use their own unsinged int type ngx_int_t as well what's the advantage of these…
PigeonLueng
  • 73
  • 1
  • 5
4
votes
1 answer

libpcap (>1.0.0) and PF_RING efficiency

I'm using libpcap 1.4.0 in order to capture packets from/to a device (I'm using linux). I'm suffering from packet loss, and after a research about it, I found PF_RING, and now i'm considering using it. The problem is, I don't really understand why…
gadon
  • 41
  • 1
  • 3
4
votes
1 answer

libpcap drops some packets from specific IP

I'm implementing packet collector, but I suffer from packet drops. My binary can get most of packets from some specific IP region. (Ex. 100.101.1.1, 100.101.2.1). But to some specific IP region, I cannot get any packet. (Ex. 200.201.1.1,…
박상은
  • 39
  • 2
4
votes
2 answers

libpcap not receiving in real time, seems to be buffering packets

So I'm working with a device where I need to send and receive raw ethernet frames. It's a wireless radio and it uses ethernet to send status messages to its host. The protocol it uses is actually IPX, but I figured it would be easier to send raw…
sciencectn
  • 1,405
  • 1
  • 16
  • 25
4
votes
2 answers

android use pcap library

I have a general question according an android app, I need to use some pcap functionality in my android app. Because java does not give the possibility in raw packet injections and low layer programming (as far as I know, pls correct me if I'm…
wasp256
  • 5,943
  • 12
  • 72
  • 119
4
votes
4 answers

Finding the direction of packets while sniffing

I want to have a list of source IP addresses of an interface outbound traffic. How could I find the direction of a packet whether it's inbound or outbound reading traffic using libpcap? I don't know the subnet information of either side. And there…
Yasser
  • 376
  • 5
  • 13
4
votes
2 answers

Alternative to pcap (Linux)

On a Linux router I wrote a C-program which uses pcap to get the IP header, and length of the packet. In that way I am able to gather statistics and measure bandwidth based on IP. Pretty neat. :-) Now the traffic and number of users has grown, and…
Jeff Merlin
  • 41
  • 1
  • 4
3
votes
1 answer

Problems interrupting capture with libpcap

Hi I'm doing a sniffer with c++ and libpcap and I would want to stop the capture when I press ctrl+c, this is my code: void Capture::terminate_process(int s){ pcap_breakloop(descr); pcap_close(descr); } void Capture::capturar(){ …
user1027524
  • 141
  • 3
  • 7
3
votes
2 answers

C pointers and memory (PCAP & Packet handling)

This is my first C app, so please excuse some ignorance. I'm working on porting a Python-based libpcap application over to C for speed reasons. I'm having issues understanding how to extract information from the packet. It comes to my handler…
axon
  • 688
  • 1
  • 7
  • 18
3
votes
1 answer

libpcap - capture packets from all interfaces

I need to capture packets from all network interfaces on Linux machine. In order to do it I'm planning to use pcap_open_live() API and pass "any" as a device argument. I have different types of ports: Ethernet ports (say eth0) and GRE tunnels (say…
Dima
  • 1,253
  • 3
  • 21
  • 31
1 2 3
53 54