本文整理汇总了C++中pcap_dump函数的典型用法代码示例。如果您正苦于以下问题:C++ pcap_dump函数的具体用法?C++ pcap_dump怎么用?C++ pcap_dump使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pcap_dump函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: dump_frame
static void dump_frame(u_char *data, int len, struct shared_dumper *output)
{
u_char *frame;
struct pcap_pkthdr ph;
if (!bonus_time && NULL == output)
return;
frame = malloc(len + nids_linkoffset);
memcpy(frame, nids_last_pcap_data, nids_linkoffset);
memcpy(frame + nids_linkoffset, data, len);
ph.ts = nids_last_pcap_header->ts;
ph.caplen = ph.len = len + nids_linkoffset;
if (NULL != output) {
if (NULL == output->filedesc) {
output->filedesc = pcap_dump_open(nids_params.pcap_desc, output->filename);
if (NULL == output->filedesc)
dumper_too_many_open_files(&output);
++dumper_fd_count;
}
pcap_dump((u_char *)output->filedesc, &ph, frame);
}
if (bonus_time)
pcap_dump((u_char *)global_dumper, &ph, frame);
free(frame);
}示例2: Pcap
void Pcap(TQueueItem* start, TQueueItem* stop, TQueueCallbackArgs args)
{
char* pcap_filename = get_config_value("pcap_filename");
if(pcap_filename==NULL)
return;
open_pcap(pcap_filename);
TQueueItem* item = start;
while(item != NULL)
{
TPacket* packet = item->packet;
uint8_t* packet_l2_start;
uint32_t packet_l2_length;
onep_dpss_pkt_get_l2_start((onep_dpss_paktype_t*)packet, &packet_l2_start, &packet_l2_length);
pcap_pkthdr_t x = {{(uint32_t)item->timestamp.tv_sec, (uint32_t)item->timestamp.tv_nsec / 1000}, packet_l2_length, packet_l2_length};
pcap_dump((u_char*)pcap_dumpfile, &x, packet_l2_start);
item = GetNextItem(item, stop);
}
pcap_dump_flush(pcap_dumpfile);
}示例3: captop_handler
void
captop_handler(u_char *user, const struct pcap_pkthdr *h, const u_char *payload)
{
auto that = reinterpret_cast<capthread *>(user);
if (unlikely(global::stop.load(std::memory_order_relaxed)))
return;
if (likely(that != nullptr))
{
if (that->in)
{
that->atomic_stat.in_count.fetch_add(1, std::memory_order_relaxed);
that->atomic_stat.in_band.fetch_add(h->len, std::memory_order_relaxed);
}
if (that->out)
{
int ret = pcap_inject(that->out, payload, h->caplen);
if (ret != -1)
{
that->atomic_stat.out_count.fetch_add(1, std::memory_order_relaxed);
that->atomic_stat.out_band.fetch_add(h->len, std::memory_order_relaxed);
}
else {
that->atomic_stat.fail.fetch_add(1, std::memory_order_relaxed);
}
}
if (unlikely(that->dumper != nullptr))
pcap_dump(reinterpret_cast<u_char *>(that->dumper), h, payload);
}
}示例4: record_pkt
static u_int32_t record_pkt (struct nfq_data *tb){
/*! create pcap specific header
*/
struct pcap_pkthdr phdr;
/*! init capture time
*/
static struct timeval t;
memset (&t, 0, sizeof(struct timeval));
gettimeofday(&t, NULL);
phdr.ts.tv_sec = t.tv_sec;
phdr.ts.tv_usec = t.tv_usec;
/*! populate pcap struct with packet headers
*/
char *nf_packet;
phdr.caplen = nfq_get_payload(tb,&nf_packet);
phdr.len = phdr.caplen;
/*! dump packet data to the file */
pcap_dump((u_char *)p_output, &phdr, (const u_char *)nf_packet);
return 0;
}示例5: throwException
/*
* Class: org_jnetpcap_PcapDumper
* Method: dump1
* Signature: (JIILjava/nio/ByteBuffer;II)V
*/
JNIEXPORT void JNICALL Java_org_jnetpcap_PcapDumper_dump1
(JNIEnv *env, jobject obj, jlong jsec, jint jusec, jint wirelen, jobject jbytebuffer, jint position, jint limit) {
if (jbytebuffer == NULL) {
throwException(env, NULL_PTR_EXCEPTION, "buffer argument null");
return;
}
pcap_dumper_t *d = getPcapDumper(env, obj);
if (d == NULL) {
return; // Exception already thrown
}
jsize length = limit - position;
pcap_pkthdr hdr;
hdr.ts.tv_sec = (int)jsec;
hdr.ts.tv_usec = (int) jusec;
hdr.caplen = (int)length;
hdr.len = (int) wirelen;
const u_char *b = (u_char *)env->GetDirectBufferAddress(jbytebuffer);
if (b == NULL) {
throwException(env, NULL_PTR_EXCEPTION,
"Unable to retrieve native address from ByteBuffer object");
return;
}
b += position;
pcap_dump((u_char *)d, &hdr, b);
}示例6: pktevent
static int pktevent(struct dbgcl *event,void * arg,va_list v)
{
// is it better to define this static?
struct pcap_pkthdr hdr;
if( (desc == NULL) || (dumper == NULL) ){
return 0;
}
switch (event->tag) {
case D_PACKET|D_OUT:
case D_PACKET|D_IN: {
va_arg(v,int); /* port */
unsigned char *buf=va_arg(v,unsigned char *);
int len=va_arg(v,int);
gettimeofday(&hdr.ts, NULL);
hdr.caplen = len;
hdr.len = len;
pcap_dump((u_char *)dumper, &hdr, buf);
if (!buffered_dump)
pcap_dump_flush(dumper);
}
}
return 0;
}示例7: do_pkt
/*
* This is the callback function that gets called on each
* packet. Originally, I had this as a nested function within
* filter_loop(), so that it could refer to the sink object by lexical
* scoping; but alas, Apple broke the nested function implementation
* in their version of gcc. Fortunately, pcap provides for a
* user-specified (u_char *) pointer (called 'user') to be passed to
* do_pkt, which I use to sneak a struct pcap_plumbing into this
* function. Bad Apple.
*/
static void do_pkt(u_char *user,
const struct pcap_pkthdr *hdr,
const u_char *pkt)
{
struct pcap_plumbing *plumbing = (struct pcap_plumbing *) user;
struct pcap_pkthdr new_hdr;
u_char out[PCAP_MAX_PKT_SZ];
assert(plumbing->source);
/* We need to make a copy of hdr because it is const. */
memcpy(&new_hdr, hdr, sizeof(*hdr));
/* The filter function is defined in the compiled Piffle code. It
* takes packets as arrays of the Piffle "u8" type, which
* corresponds to C "uint8_t". I'm pretty sure it's safe to assume
* that we can cast (u_char *) to (uint8_t *). */
new_hdr.caplen =
filter((uint8_t *) pkt, hdr->caplen, (uint8_t *) out,
PCAP_MAX_PKT_SZ);
/* If there is a pcap dump file handle for us to dump the
* processed packet to, do so. XXX I could eliminate the flush
* call for speed, but in that case, I would need code to make
* sure a flush happens when the process is killed by a SIGINT. */
if ( plumbing->sink && new_hdr.caplen ) {
pcap_dump( (u_char *) plumbing->sink, &new_hdr, out);
pcap_dump_flush(plumbing->sink);
}
/* Dump packet if requested, but don't dump empty packets. */
if ( opt_verbose && new_hdr.caplen )
pp_pkt(hdr->ts, new_hdr.caplen, out);
}示例8: qWarning
/**
* @brief Stop data capturing
*/
void DPDKPort::stopCapture()
{
if(rxState != XTS_RUN)
{
qWarning("Receiver already stopped");
return;
}
quint32 captureDataSize;
dpdk_stop_rx(portId, &captureDataSize);
uint32_t offset = 0;
struct pcap_pkthdr *pHdr = NULL;
u_char *data = NULL;
while (offset < captureDataSize)
{
pHdr = (struct pcap_pkthdr *)(captureBuffer + offset);
offset += sizeof(struct pcap_pkthdr);
data = (u_char *)(captureBuffer + offset);
offset += pHdr->len;
pcap_dump((u_char*)pDumper, pHdr, data);
}
pcap_dump_close(pDumper);
pcap_close(pHandle);
rxState = XTS_DONE;
}示例9: pcap_dump
void GPcapFileWriter::write(GPacket* packet) {
struct pcap_pkthdr pkthdr;
pkthdr.ts = packet->ts_;
pkthdr.caplen = pkthdr.len = (bpf_u_int32)packet->buf_.size_;
pcap_dump((u_char*)pcap_dumper_, &pkthdr, packet->buf_.data_);
emit written(packet);
}示例10: Cappacketlivethread
UINT Cappacketlivethread(LPVOID pParam)//抓包线程函数
{
//CMainFrame *p_frame=(CMainFrame*)AfxGetMainWnd();
//int m_exsn=p_frame->m_myprosheet.m_page2.m_thread_num;
//int m_stoptime=p_frame->m_myprosheet.m_page2.m_stoptime;
//int m_thread_index=0;
for(int i=0;i<m_mystruct.m_packetlimit;i++)//线程数目
{
if (::WaitForSingleObject(m_stoptimeup,0)==WAIT_OBJECT_0)
{
//m_thread_index=i;
m_mystruct.m_count=i;
break;
}
pcap_next_ex(m_mystruct.pcap_handle,&m_mystruct.protocol_header,&m_mystruct.pkt_data);//句柄,协议头,数据包
if ((m_mystruct.protocol_header->len)>m_mystruct.m_pl)//判断是否在规定长度以内
{
i--;
continue;
}
pcap_dump((u_char*)m_mystruct.dumpfile,m_mystruct.protocol_header,m_mystruct.pkt_data);
m_mystruct.m_count=i;
}
m_eventEnd.SetEvent();
return 0;
}示例11: lell_pcap_append_packet
int
lell_pcap_append_packet(lell_pcap_handle * h, const uint64_t ns,
const int8_t sigdbm, const int8_t noisedbm,
const uint32_t refAA, const lell_packet *pkt)
{
if (h && h->dumper &&
(h->dlt == DLT_BLUETOOTH_LE_LL_WITH_PHDR)) {
uint16_t flags = LE_DEWHITENED | LE_AA_OFFENSES_VALID |
LE_SIGPOWER_VALID |
((noisedbm < sigdbm) ? LE_NOISEPOWER_VALID : 0) |
(lell_packet_is_data(pkt) ? 0 : LE_REF_AA_VALID);
pcap_le_packet pcap_pkt;
assemble_pcapng_le_packet( &pcap_pkt,
0,
ns,
9+pkt->length,
pkt->channel_k,
sigdbm,
noisedbm,
pkt->access_address_offenses,
refAA,
flags,
&pkt->symbols[0] );
pcap_dump((u_char *)h->dumper, &pcap_pkt.pcap_header, (u_char *)&pcap_pkt.le_ll_header);
return 0;
}
return -PCAP_INVALID_HANDLE;
}示例12: lpcap_dump
/* TODO store the snaplen in dumper's environment, so we can check it here */
static int lpcap_dump(lua_State* L)
{
pcap_dumper_t* dumper = checkdumper(L);
const char* pkt;
size_t caplen;
size_t wirelen;
struct pcap_pkthdr hdr;
/* first check if we are echoing the nil,emsg from cap:next()
* before checking our argument types
*/
if(lua_isnil(L, 2) && lua_type(L, 3) == LUA_TSTRING) {
return 2;
}
pkt = luaL_checklstring(L, 2, &caplen);
opttimeval(L, 3, &hdr.ts);
wirelen = luaL_optint(L, 4, caplen);
luaL_argcheck(L, wirelen >= caplen, 4, "original wirelen cannot be less than current pkt length");
hdr.caplen = caplen;
hdr.len = wirelen;
/* Note odd type signature for dumper, its because pcap_dump() is
* designed to be called from a pcap_handler, where the dumper
* is received as the user data.
*/
pcap_dump((u_char*) dumper, &hdr, (u_char*)pkt);
/* clear the stack above self, and return self */
lua_settop(L, 1);
return 1;
}示例13: main
main(int argc, char **argv)
{
struct uld *uld;
struct sk_buff *skb;
int i;
pcap_t *p;
pcap_dumper_t *pd;
struct pcap_pkthdr ph;
char *ifname;
ifname = NULL;
if (argc == 2) {
ifname = argv[1];
}
uld = uld_open(ifname, 0, 0, 0, 0);
if (uld == NULL)
exit(1);
p = pcap_open_dead(DLT_EN10MB, 65535);
if (!p) fprintf(stderr, "pcap_open_dead failed\n");
pd = pcap_dump_open(p, "-");
if (!pd) fprintf(stderr, "pcap_dump_open failed\n");
for(;;) {
skb = uld_skb_read(uld, 1);
if (skb == NULL)
continue;
ph.ts.tv_sec = skb->tstamp.tv_sec;
ph.ts.tv_usec = skb->tstamp.tv_nsec/1000;
ph.len = ph.caplen = skb->len;
pcap_dump((void *)pd, &ph, skb->data);
pcap_dump_flush(pd);
skb_free(skb);
}
}示例14: dump_packet
void
dump_packet(pcap_dumper_t *pd, const struct pcap_pkthdr *header, const u_char *packet)
{
if (!pd)
return;
pcap_dump((u_char*) pd, header, packet);
pcap_dump_flush(pd);
}示例15: pcap_dump
void PCAPExporterModule::receive(Packet* packet)
{
static struct pcap_pkthdr packetHeader;
packetHeader.ts = packet->timestamp;
packetHeader.caplen = packet->data_length;
packetHeader.len = packet->pcapPacketLength;
pcap_dump((unsigned char*)dumper, &packetHeader, packet->data);
packet->removeReference();
}