本文整理汇总了C++中pcap_datalink函数的典型用法代码示例。如果您正苦于以下问题:C++ pcap_datalink函数的具体用法?C++ pcap_datalink怎么用?C++ pcap_datalink使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pcap_datalink函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: process_packet
void
process_packet(unsigned char *user, const struct pcap_pkthdr *header,
const unsigned char *packet)
{
pcap_t *pcap;
const struct sll_header *sll;
const struct ether_header *ether_header;
const struct ip *ip;
unsigned short packet_type;
pcap = (pcap_t *) user;
// Parse packet
switch (pcap_datalink(pcap)) {
case DLT_LINUX_SLL:
sll = (struct sll_header *) packet;
packet_type = ntohs(sll->sll_protocol);
ip = (const struct ip *) (packet + sizeof(struct sll_header));
break;
case DLT_EN10MB:
ether_header = (struct ether_header *) packet;
packet_type = ntohs(ether_header->ether_type);
ip = (const struct ip *) (packet + sizeof(struct ether_header));
break;
case DLT_RAW:
packet_type = ETHERTYPE_IP; //This is raw ip
ip = (const struct ip *) packet;
break;
default:
return;
}
if (packet_type != ETHERTYPE_IP)
return;
if (capture_file)
output_offline_update(header->ts);
process_ip(pcap, ip, header->ts);
}示例2: openpcap
int openpcap(struct capture_data *capdata)
{
/* Assume for now it's a libpcap file */
p = pcap_open_offline(capdata->pcapfilename, errbuf);
if (p == NULL) {
perror("Unable to open capture file");
return (-1);
}
/* Determine link type */
capdata->pcaptype = pcap_datalink(p);
/* Determine offset to EAP frame based on link type */
switch (capdata->pcaptype) {
case DLT_NULL:
case DLT_EN10MB:
/* Standard ethernet header */
capdata->dot1x_offset = 14;
capdata->l2type_offset = 12;
capdata->dstmac_offset = 0;
capdata->srcmac_offset = 6;
break;
case DLT_IEEE802_11:
/* 24 bytes 802.11 header, 8 for 802.2 header */
capdata->dot1x_offset = 32;
capdata->l2type_offset = 30;
capdata->dstmac_offset = 4;
capdata->srcmac_offset = 10;
break;
case DLT_PRISM_HEADER:
/* 802.11 frames with AVS header, AVS header is 144 bytes */
capdata->dot1x_offset = 32 + 144;
capdata->l2type_offset = 30 + 144;
capdata->dstmac_offset = 4 + 144;
capdata->srcmac_offset = 10 + 144;
break;
case DLT_IEEE802_11_RADIO:
capdata->dot1x_offset = 0;
capdata->l2type_offset = 0;
capdata->dstmac_offset = 0;
capdata->srcmac_offset = 0;
break;
default:
/* Unknown/unsupported pcap type */
return (1);
}
return (0);
}示例3: pcap_list_datalinks
int
pcap_list_datalinks(pcap_t *p, int **dlt_buffer)
{
/*
* This platform doesn't support changing the DLT for an
* interface. Return a list of DLTs containing only the
* DLT this device supports.
*/
*dlt_buffer = (int*)malloc(sizeof(**dlt_buffer));
if (*dlt_buffer == NULL)
return (-1);
**dlt_buffer = pcap_datalink(p);
return (1);
}示例4: pcap_datalink
PtrPacket BaseSniffer::next_packet() {
sniff_data data;
const int iface_type = pcap_datalink(handle_);
pcap_handler handler = 0;
if (extract_raw_) {
handler = &sniff_loop_handler<RawPDU>;
}
else if (iface_type == DLT_EN10MB) {
handler = sniff_loop_eth_handler;
}
else if (iface_type == DLT_IEEE802_11_RADIO) {
#ifdef TINS_HAVE_DOT11
handler = &sniff_loop_handler<RadioTap>;
#else
throw protocol_disabled();
#endif
}
else if (iface_type == DLT_IEEE802_11) {
#ifdef TINS_HAVE_DOT11
handler = sniff_loop_dot11_handler;
#else
throw protocol_disabled();
#endif
}
#ifdef DLT_PKTAP
else if (iface_type == DLT_PKTAP) {
handler = &sniff_loop_handler<PKTAP>;
}
#endif // DLT_PKTAP
else if (iface_type == DLT_NULL) {
handler = &sniff_loop_handler<Tins::Loopback>;
}
else if (iface_type == DLT_LINUX_SLL) {
handler = &sniff_loop_handler<SLL>;
}
else if (iface_type == DLT_PPI) {
handler = &sniff_loop_handler<PPI>;
}
else {
throw unknown_link_type();
}
// keep calling pcap_loop until a well-formed packet is found.
while (data.pdu == 0 && data.packet_processed) {
data.packet_processed = false;
if (pcap_loop(handle_, 1, handler, (u_char*)&data) < 0) {
return PtrPacket(0, Timestamp());
}
}
return PtrPacket(data.pdu, data.tv);
}示例5: snif_init_session
pcap_t* snif_init_session( char* interface, const char* expr_filter, char** err_buff )
{
pcap_t* handle;
*err_buff = (char*) calloc( PCAP_ERRBUF_SIZE, sizeof(char) );
if( !interface ) {
interface = pcap_lookupdev(*err_buff);
if ( !interface ) {
return SNIF_RESULT_FAIL;
}
}
handle = pcap_open_live(interface, BUFSIZ, DEVICE_PROMISCUOUS_MODE, DEVICE_READ_TIME_OUT, *err_buff);
if( !handle ) {
return SNIF_RESULT_FAIL;
}
if( pcap_datalink( handle ) != DLT_EN10MB ) {
pcap_close(handle);
sprintf(*err_buff, "Interface \"%s\" doesn't provide Ethernet headers - not supported\n", interface);
return SNIF_RESULT_FAIL;
}
if( expr_filter ) {
bpf_u_int32 mask;
bpf_u_int32 net;
struct bpf_program packet_filter;
if( pcap_lookupnet(interface, &net, &mask, *err_buff) == -1 ) {
pcap_close(handle);
return SNIF_RESULT_FAIL;
}
if( pcap_compile(handle, &packet_filter, expr_filter, 0, net) == -1 ) {
*err_buff = pcap_geterr(handle);
pcap_close(handle);
return SNIF_RESULT_FAIL;
}
if( pcap_setfilter(handle, &packet_filter) == -1 ) {
*err_buff = pcap_geterr(handle);
pcap_close(handle);
return SNIF_RESULT_FAIL;
}
}
printf("\n\t\tUSING INTERFACE: \"%s\"\n\n", interface);
free(*err_buff);
return handle;
}示例6: initialize_pcap
static pcap_t* initialize_pcap(const char* const interface) {
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t* const handle = pcap_open_live(interface, BUFSIZ, 0, 1000, errbuf);
if (!handle) {
fprintf(stderr, "Couldn't open device %s: %s\n", interface, errbuf);
return NULL;
}
if (pcap_datalink(handle) != DLT_EN10MB) {
fprintf(stderr, "Must capture on an Ethernet link\n");
return NULL;
}
return handle;
}示例7: main
int main(int argc, char *argv[])
{
char *dev, errbuf[PCAP_ERRBUF_SIZE];
pcap_t *handle;
int selectable_fd;
if (argc == 2) {
dev = argv[1];
} else {
dev = pcap_lookupdev(errbuf);
}
if (dev == NULL) {
fprintf(stderr, "Couldn't find default device: %s\n", errbuf);
return (2);
}
handle = pcap_open_live(dev, BUFSIZ, 1, 0, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
return (2);
}
if (pcap_datalink(handle) != DLT_EN10MB) {
fprintf(stderr, "Device %s doesn't provide Ethernet headers - "
"not supported\n",
dev);
return (2);
}
if (pcap_setnonblock(handle, 1, errbuf) != 0) {
fprintf(stderr, "Non-blocking mode failed: %s\n", errbuf);
return (2);
}
selectable_fd = pcap_get_selectable_fd(handle);
if (-1 == selectable_fd) {
fprintf(stderr, "pcap handle not selectable.\n");
return (2);
}
init_curses();
mvprintw(0, 0, "Device: %s\n", dev);
grab_packets(selectable_fd, handle);
/* And close the session */
pcap_close(handle);
return 0;
}示例8: parsePcapFile
int parsePcapFile(struct list *list, pcap_t *offline, int partitionRule,
usec_t fixed_deltas) {
const u_char *bytes=(u_char *)1;
while (bytes) {
struct pcap_pkthdr h;
struct packet *this;
struct timeval previous_ts; /* timestamp (non il delta!) del
* pacchetto precedente */
if (NULL == (bytes = pcap_next(offline, &h)))
break;
if (NULL == (this = malloc(sizeof(struct packet)))) {
fprintf(stderr, "stop reading pcap file: not enough memory\n");
break; /* eom */
}
if (NULL == (this->data = malloc(h.caplen))) {
fprintf(stderr, "stop reading pcap file: not enough memory\n");
free(this);
break; /* eom */
}
this->next = NULL;
this->interface =
partitionPcapStream(pcap_datalink(offline), bytes, partitionRule);
this->len = h.caplen;
memcpy(this->data, bytes, h.caplen);
if (!list->size) {
list->head = this;
list->tail = this;
this->delta = 0;
} else {
list->tail->next = this;
list->tail = this;
if (!fixed_deltas)
this->delta = usec_timeval_abs_sub(&h.ts, &previous_ts);
else
this->delta = fixed_deltas;
}
previous_ts = h.ts;
list->size ++;
} /* end while */
if ('\0' != *pcap_geterr(offline)) {
return -1;
}
pcap_close(offline);
return 0;
}示例9: calc_ip_offset_for_link
/* Calculate offset to add to bypass link-layer headers, so
* that we can find the IP Packet Header's data structure in
* memory. This offset is intended to be applied to the 'bytes'
* pointer that is passed as an argument to a pcap callback routine.*/
static int calc_ip_offset_for_link(pcap_t *pc)
{
int if_type = pcap_datalink(pc);
switch (if_type) {
case DLT_EN10MB: /* Ethernets */
return 14;
case DLT_RAW: /* Raw IP capture */
return 0;
case DLT_LINUX_SLL: /* Linux 'cooked' capture */
return 16;
}
return 0; /* RAW by default */
}示例10: capture_offline
int
capture_offline(const char *infile, const char *outfile)
{
capture_info_t *capinfo;
// Error text (in case of file open error)
char errbuf[PCAP_ERRBUF_SIZE];
// Set capture mode
capture_cfg.status = CAPTURE_OFFLINE_LOADING;
// Create a new structure to handle this capture source
if (!(capinfo = sng_malloc(sizeof(capture_info_t)))) {
fprintf(stderr, "Can't allocate memory for capture data!\n");
return 1;
}
// Set capture input file
capinfo->infile = infile;
// Open PCAP file
if ((capinfo->handle = pcap_open_offline(infile, errbuf)) == NULL) {
fprintf(stderr, "Couldn't open pcap file %s: %s\n", infile, errbuf);
return 1;
}
// Get datalink to parse packets correctly
capinfo->link = pcap_datalink(capinfo->handle);
// Check linktypes sngrep knowns before start parsing packets
if ((capinfo->link_hl = datalink_size(capinfo->link)) == -1) {
fprintf(stderr, "Unable to handle linktype %d\n", capinfo->link);
return 3;
}
// Add this capture information as packet source
vector_append(capture_cfg.sources, capinfo);
// If requested store packets in a dump file
if (outfile && !capture_cfg.pd) {
if ((capture_cfg.pd = dump_open(outfile)) == NULL) {
fprintf(stderr, "Couldn't open output dump file %s: %s\n", outfile,
pcap_geterr(capinfo->handle));
return 2;
}
}
return 0;
}示例11: pcap_lookupnet
/******************************************************************************
* set_cap_dev *
* *
* sniff on appropriate device, set filter, and calculate datalink offset *
* arg1: (char *) pointer to device name *
* arg2: (char *) pointer to filter string *
* ret: (pcap_t *) pointer to pcap device *
******************************************************************************/
pcap_t *set_cap_dev (char *device, char *filter) {
unsigned int network, netmask; /* for filter setting */
struct bpf_program prog; /* store compiled filter */
struct pcap_pkthdr pcap_h; /* pcap packet header */
pcap_t *capdev; /* the capture device */
char errbuf[PCAP_ERRBUF_SIZE]; /* pcap error buffer */
pcap_lookupnet(device, &network, &netmask, errbuf);
if ((capdev = pcap_open_live(device, SNAPLEN, PROMISC, 1000, errbuf)) == NULL) {
perror("pcap_open_live");
exit (EXIT_FAILURE);
}
/*
* we only want to see traffic specified by filter
* so compile and set it
*/
pcap_compile(capdev, &prog, filter, 0, netmask);
pcap_setfilter(capdev, &prog);
/*
* set datalink offset, EN10MB is all we really need
*/
switch (pcap_datalink(capdev)) {
case DLT_EN10MB:
offset = 14;
break;
case DLT_IEEE802:
offset = 22;
break;
case DLT_FDDI:
offset = 21;
break;
case DLT_NULL:
offset = 4;
break;
case DLT_RAW:
offset = 0;
break;
default:
fprintf(stderr, "\n%s bad datalink type", device);
exit (EXIT_FAILURE);
break;
}
return capdev;
}示例12: main
int main(void)
{
pcap_t *sniffer_handle = NULL;
char errbuf[PCAP_ERRBUF_SIZE];
char *device = NULL;
int counter = 0;
bpf_u_int32 mask;
bpf_u_int32 net;
char *mask_ptr = NULL;
char *net_ptr = NULL;
struct in_addr addr;
struct bpf_program fp;
char *filter_str = "port 80";
memset(errbuf, 0, PCAP_ERRBUF_SIZE);
device = pcap_lookupdev(errbuf);
if (device == NULL)
err_die(errbuf);
sniffer_handle = pcap_open_live(device, BUFSIZ, 1, 512, errbuf);
if (sniffer_handle == NULL)
err_die(errbuf);
// test ethernet device or not
if (pcap_datalink(sniffer_handle) != DLT_EN10MB)
{
printf("Device %s doesn't provide Ethernet headers\n", device);
return 1;
}
if (pcap_lookupnet(device, &net, &mask, errbuf) == -1)
err_die(errbuf);
addr.s_addr = net;
net_ptr = inet_ntoa(addr);
printf("网络号 : %s\n", net_ptr);
addr.s_addr = mask;
mask_ptr = inet_ntoa(addr);
printf("掩码 : %s\n", mask_ptr);
/*
if (pcap_compile(sniffer_handle, &fp, filter_str, 0, net) == -1)
err_die("pcap_compile error");
if (pcap_setfilter(sniffer_handle, &fp) == -1)
err_die("pcap_setfilter error");
*/
pcap_loop(sniffer_handle, -1, process_packet, (u_char *)&counter);
return 0;
}示例13: main
int
main(int argc, char* argv[])
{
char *device; /* Device name to capture on. */
char errbuf[PCAP_ERRBUF_SIZE]; /* Error buffer */
pcap_t *handle; /* Packet capture handle */
int loop_return;
init(argc, argv);
device = pcap_lookupdev(errbuf);
if (device == NULL)
{
fprintf(stderr, "Could not find default device: %s\n", errbuf);
exit(EXIT_FAILURE);
}
handle = get_pcap_handle(device, errbuf);
if (handle == NULL)
{
fprintf(stderr, "Could not open device %s: %s\n", device, errbuf);
exit(EXIT_FAILURE);
}
if (pcap_datalink(handle) != DLT_EN10MB)
{
fprintf(stderr, "%s is not an Ethernet device.\n", device);
exit(EXIT_FAILURE);
}
printf("Capturing packets......\n");
loop_return = pcap_loop(handle, config.packets, handle_packet, NULL);
DEBUG(printf("Packet capture complete\n"));
if (loop_return == -1)
{
printf("An error occurred when capturing %s\n", pcap_geterr(handle));
}
cleanup();
go_interactive();
pcap_close(handle);
return 0;
}示例14: p_datalink
static PyObject * p_datalink (PyObject *self, PyObject *args)
{
pcap_t * ppcap;
if (!PyArg_ParseTuple(args, "l", (long int*)&ppcap)) return NULL;
int rv = pcap_datalink(ppcap);
const char * rvs = NULL;
for (num_name_pair * nn = link_types; nn->name != NULL; nn++)
{
if (nn->num == rv)
{
rvs = nn->name;
break;
}
}
return Py_BuildValue("is", rv, rvs);
}示例15: get_pcapdatalink
/* Returns the supplied pcap capture file data link type */
int get_pcapdatalink(char *filename) {
pcap_t *p;
int datalink = 0;
char errbuf[PCAP_ERRBUF_SIZE];
p = pcap_open_offline(filename, errbuf);
if (p == NULL) {
return(-1);
}
datalink = pcap_datalink(p);
pcap_close(p);
return(datalink);
}