Questions tagged [libpcap]

Libpcap, a portable C/C++ library for network traffic capture. Provides a common interface across various OS-specific backends like BPF, packet filter, netfilter, and NPF.

Libpcap was originally developed by the tcpdump developers in the Network Research Group at Lawrence Berkeley Laboratory. The low-level packet capture, capture file reading, and capture file writing code of tcpdump was extracted and made into a library, with which tcpdump was linked.

796 questions

votes

1 answer

PCAP Destination and Source are the same

I'm having a bit trouble with libpcap. I'm using pcap_loop() with this callback: void pcap_callback(u_char *useless, const struct pcap_pkthdr *pcap_header, const u_char *packet) { struct ether_header *head = (struct ether_header *)packet; …

c++ pcap libpcap

asked Sep 03 '13 at 12:31

Julian F. Weinert

7,474
7
59
107

votes

0 answers

Get encryption type for wlan with tcpdump

How can I get the actual encryption type sent in Beacons from tcpdump? I have searched the manpage entry, Google, and website for tcpdump and pcap to no avail. I have the snaplen set to the highest value and the type = IEEE802_11_RADIO and can see a…

libpcap tcpdump sniffing wifi

asked Apr 07 '13 at 23:39

Conrad Hart

votes

1 answer

Libnids 64 bits systems

My problem was that when I was compiling the app in a 64 bits Ubuntu I didn't get neither errors or warnings, just like in 32 bits, but there wasn't an output when executing it. Example: $: ./program $: _ But why!?

gcc libpcap

asked Nov 17 '12 at 13:32

Carlos Vega

1,341
2
13
35

votes

1 answer

tcpdump on iOS / Jailbreak

Is there an iOS-compatible Objective-C-port of the tcpdump C-sources or a working tcpdumpbinary for iOS? And if so, does it capture the traffic from all network devices? Or does it capture only an Ethernet device? Is there libpcap for iOS? I am…

objective-c ios jailbreak libpcap tcpdump

asked Nov 15 '12 at 08:55

Sebastian

votes

1 answer

python, dpkt and timestamps

I have a problem. How can I get response time difference between GET and HTTP/1.0 200 OK (i mean time latency of web-server) with using of dpkt library and ts for each hostname from pcap file? My preliminary code: #!/usr/bin/env python import…

python http timestamp libpcap

asked Oct 29 '12 at 13:39

Павел Иванов

1,863
5
28
51

votes

0 answers

most efficient way to use libpcap on linux

I have an application which runs on Linux (2.6.38.8), using libpcap (>1.0) to capture packets streamed at it over Ethernet. My application uses close to 100% CPU and I am unsure whether I am using libpcap as efficiently as possible. I am battling…

linux libpcap

asked Aug 07 '12 at 16:50

Gman

votes

1 answer

Convert a RTP sequence payload in a .wav file

I have a text file with the payload (in hex) of about RTP packets of a VoIP conversation, does anyone know how to convert the text into a file. wav audio using c/c++? PS: I'm using GNU / Linux. Thanks

c++ c linux libpcap

asked Jul 24 '12 at 00:17

user1027524

votes

3 answers

packet data intercept and modification

I'd like to be able to intercept/ modify data in tcp flow, on the side of tcp client. Examples for pcap show how to parse tcp packet header/ payload. But suppose, i want to modify packet payload before tcp client reads it, or drop the packet…

pcap libpcap

asked Apr 24 '12 at 21:38

user270398

votes

2 answers

zero copy mechanism and libpcap

Is it possible to use zero-copy packets mechanism for reading packets using libpcap on Linux? (I'm using CentOS 6.2) If yes, can I see any example of code?

linux network-programming libpcap packet-capture

asked Apr 08 '12 at 09:20

Dima

1,253
3
21
31

votes

2 answers

Building error pcap_loop with libpcap and c++

Hi I'm using c++ and libpcap. When I try to call the function "mycallback" I get a building error. These are the function: void Capture::mycallback (unsigned char * useless, const struct pcap_pkthdr *pkthdr, const unsigned char *…

c++ libpcap

asked Apr 01 '12 at 23:30

user1027524

votes

1 answer

Start tomcat webapp with root privileges

I built a webapp that uses libpcap (via jpcap). In order to be able to get the network interfaces list or to bind to a network interface, the application (in this case a webaap that runs from tomcat server) must be running with root…

tomcat web-applications ubuntu tomcat6 libpcap

asked Mar 31 '12 at 21:53

Hagay Myr

votes

2 answers

winpcap/libpcap vs. raw sockets

I started a project that needs using network level packets such as IP/ICMP/UDP/TCP packets. There is two main approach to handle it: Raw sockets and Winpcap/libpcap. I know pcap installs a driver on OS and allows programmer to capture and send…

java c++ pcap libpcap raw-sockets

asked Feb 20 '12 at 20:19

masoud

55,379
16
141
208

votes

2 answers

pcap_dispatch/passing arguments to the callback function

int pcap_dispatch(pcap_t *p, int cnt, pcap_handler callback, u_char *user) I understand that pcap_dispatch calls the callback routine upon receiving a packet and the first argument passed on to the callback routine is the last argument to the…

c network-programming libpcap

asked Feb 11 '12 at 19:01

broun

2,483
5
40
55

votes

1 answer

pcap_lookupnet returns incorrect IP address

Following example code from the libpcap documentation yields the following code which should report the IP address of the given interface (eth0 in this case) [Error checking omitted for brevity] #include #include #include…

c linux libpcap

asked Feb 09 '12 at 15:35

drarc

votes

1 answer

pcap packet length values seem incorrect

I'm writing a C application which uses the pcap library to log how much data (matching various packet filters) has passed through a network card. The values that I'm getting seem much too low to be correct, but I'm not sure what I'm doing wrong. The…

c network-programming pcap libpcap

asked Feb 05 '12 at 11:11

codebox

19,927
9
63
81

Prev 1 2 3

…

53 54 Next