本文整理汇总了C++中pcap_open_dead函数的典型用法代码示例。如果您正苦于以下问题:C++ pcap_open_dead函数的具体用法?C++ pcap_open_dead怎么用?C++ pcap_open_dead使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pcap_open_dead函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: reader_snf_start
void reader_snf_start() {
pcapFileHeader.linktype = DLT_EN10MB;
pcapFileHeader.snaplen = MOLOCH_SNAPLEN;
pcap_t *dpcap = pcap_open_dead(pcapFileHeader.linktype, pcapFileHeader.snaplen);
int t;
for (t = 0; t < MOLOCH_FILTER_MAX; t++) {
if (config.bpfsNum[t]) {
int i;
if (bpf_programs[t]) {
for (i = 0; i < config.bpfsNum[t]; i++) {
pcap_freecode(&bpf_programs[t][i]);
}
} else {
bpf_programs[t] = malloc(config.bpfsNum[t]*sizeof(struct bpf_program));
}
for (i = 0; i < config.bpfsNum[t]; i++) {
if (pcap_compile(dpcap, &bpf_programs[t][i], config.bpfs[t][i], 1, PCAP_NETMASK_UNKNOWN) == -1) {
LOG("ERROR - Couldn't compile filter: '%s' with %s", config.bpfs[t][i], pcap_geterr(dpcap));
exit(1);
}
}
moloch_reader_should_filter = reader_snf_should_filter;
}
}
int i, r;
for (i = 0; i < MAX_INTERFACES && config.interface[i]; i++) {
for (r = 0; r < snfNumRings; r++) {
char name[100];
snprintf(name, sizeof(name), "moloch-snf%d-%d", i, r);
g_thread_new(name, &reader_snf_thread, rings[i][r]);
}
snf_start(handles[i]);
}
}示例2: pcap_sink_open
static int
pcap_sink_open(struct rte_port_sink *port,
const char *file_name,
uint32_t max_n_pkts)
{
pcap_t *tx_pcap;
pcap_dumper_t *pcap_dumper;
/** Open a dead pcap handler for opening dumper file */
tx_pcap = pcap_open_dead(DLT_EN10MB, 65535);
if (tx_pcap == NULL) {
RTE_LOG(ERR, PORT, "Cannot open pcap dead handler\n");
return -1;
}
/* The dumper is created using the previous pcap_t reference */
pcap_dumper = pcap_dump_open(tx_pcap, file_name);
if (pcap_dumper == NULL) {
RTE_LOG(ERR, PORT, "Failed to open pcap file "
"\"%s\" for writing\n", file_name);
return -1;
}
port->dumper = pcap_dumper;
port->max_pkts = max_n_pkts;
port->pkt_index = 0;
port->dump_finish = 0;
RTE_LOG(INFO, PORT, "Ready to dump packets to file \"%s\"\n",
file_name);
return 0;
}示例3: main
int main (int argc, char ** argv)
{
struct bpf_program filter;
pcap_t *pc;
int i;
if (argc != 2)
{
printf ("Usage: %s <expression>\n", argv[0]);
return 1;
}
pc = pcap_open_dead(DLT_EN10MB, 1500);
if (pcap_compile(pc, &filter, argv[1], 1, 0) != 0) {
printf("error in active-filter expression: %s\n", pcap_geterr(pc));
return 1;
}
printf("/* precompiled expression: %s */\n\n"
"static struct bpf_insn pktfilter_insns[] = {\n",
argv[1]);
for (i = 0; i < filter.bf_len; i++) {
struct bpf_insn *in = &filter.bf_insns[i];
printf("\t{ .code = 0x%04x, .jt = 0x%02x, .jf = 0x%02x, .k = 0x%08x },\n", in->code, in->jt, in->jf, in->k);
}
printf("};\n\n"
"static struct bpf_program pktfilter = {\n"
"\t.bf_len = %d,\n"
"\t.bf_insns = pktfilter_insns,\n"
"};\n", filter.bf_len);
return 0;
}示例4: royparse_start
int royparse_start(logerr_t* a_logerr)
{
logerr = a_logerr;
if (opt_q) {
pcap = pcap_open_dead(DLT_RAW, 65535);
q_out = pcap_dump_open(pcap, opt_q);
if (q_out == 0) {
logerr("%s: %s\n", opt_q, strerror(errno));
exit(1);
}
}
if (opt_r) {
r_out = fopen(opt_r, "w");
if (r_out == 0) {
logerr("%s: %s\n", opt_r, strerror(errno));
exit(1);
}
} else {
r_out = stdout;
}
setbuf(r_out, 0);
return 0;
}示例5: init_pcap
void init_pcap(struct sniffed_packet * packet)
{
char ftime[256];
time_t rawtime;
struct tm *timeinfo;
time (&rawtime);
timeinfo = localtime(&rawtime);
strftime(ftime, sizeof(ftime), "%Y-%m-%d_%H_%M_%S", timeinfo);
sprintf(fname, "dump_%s_RFPI_%.2x_%.2x_%.2x_%.2x_%.2x.pcap",
ftime,
cli.RFPI[0],
cli.RFPI[1],
cli.RFPI[2],
cli.RFPI[3],
cli.RFPI[4]);
LOG("### dumping to %s\n", fname);
cli.pcap = pcap_open_dead(DLT_EN10MB, 73);
if (!cli.pcap)
{
LOG("!!! couldn't pcap_open_dead(\"%s\")\n", fname);
}
cli.pcap_d = pcap_dump_open(cli.pcap, fname);
if (!cli.pcap_d)
{
LOG("!!! couldn't pcap_dump_open(\"%s\")\n", fname);
}
}示例6: pcap_open_dead
int Generator::generatePackets(string inFileName, string outFileName)
{
pcap_t *p;
pcap_dumper_t *out_file;
int packetsSize, amount;
if (!parseXmlAndCreateObjects(inFileName))
return 0;
packetsSize = (int)packets.size();
p = pcap_open_dead(1, 65536);
out_file = pcap_dump_open(p, outFileName.c_str());
for (int i = 0; i < packetsSize; i++)
{
amount = makeBytesVector(i); //funkcia vrati pocet, kolko ma byt podla xml vygenerovanych paketov (ch)
bytesVector2BytesArray();
dumpToFile(p,out_file, amount);
bytesVector.clear();
delete[] bytes;
}
return 1;
}示例7: init_pcap_handler
static pcap_dumper_t* init_pcap_handler(const char *path)
{
pcap_t *handler;
handler = pcap_open_dead(1, 65535); /* 不限制数据包的长度 */
return pcap_dump_open(handler, path);
}示例8: main
main(int argc, char **argv)
{
struct uld *uld;
struct sk_buff *skb;
int i;
pcap_t *p;
pcap_dumper_t *pd;
struct pcap_pkthdr ph;
char *ifname;
ifname = NULL;
if (argc == 2) {
ifname = argv[1];
}
uld = uld_open(ifname, 0, 0, 0, 0);
if (uld == NULL)
exit(1);
p = pcap_open_dead(DLT_EN10MB, 65535);
if (!p) fprintf(stderr, "pcap_open_dead failed\n");
pd = pcap_dump_open(p, "-");
if (!pd) fprintf(stderr, "pcap_dump_open failed\n");
for(;;) {
skb = uld_skb_read(uld, 1);
if (skb == NULL)
continue;
ph.ts.tv_sec = skb->tstamp.tv_sec;
ph.ts.tv_usec = skb->tstamp.tv_nsec/1000;
ph.len = ph.caplen = skb->len;
pcap_dump((void *)pd, &ph, skb->data);
pcap_dump_flush(pd);
skb_free(skb);
}
}示例9: SET_ERR
bool GPcapFileWriter::doOpen() {
if (fileName_ == "") {
SET_ERR(GErr::FILE_NAME_NOT_SPECIFIED, "file name is not specified");
return false;
}
int dataLink = GPacket::dataLinkTypeToInt(dataLinkType_);
pcap_ = pcap_open_dead(dataLink, snapLen_);
if (pcap_ == nullptr) {
SET_ERR(GErr::RETURN_NULL, QString("pcap_open_dead(%1, %2)) return null").arg(dataLink, snapLen_));
return false;
}
QString path = QFileInfo(fileName_).path();
QString fileName = QFileInfo(fileName_).fileName();
QDateTime now = QDateTime::currentDateTime();
QString newFileName = now.toString(fileName);
if (path != "") {
QDir dir;
dir.mkpath(path);
newFileName = path + QDir::separator() + newFileName;
}
pcap_dumper_ = pcap_dump_open(pcap_, qPrintable(newFileName));
if (pcap_dumper_ == nullptr) {
SET_ERR(GErr::RETURN_NULL, QString("pcap_dump_open(, %1)) return null").arg(newFileName));
pcap_close(pcap_);
pcap_ = nullptr;
return false;
}
return true;
}示例10: init
init (void)
{
ADDCL(cl);
ADDDBGCL(dl);
desc = pcap_open_dead(DLT_EN10MB, 96);
dumpfile = strdup(DEFAULT_DUMPFILE);
}示例11: time
/**
* Startup method for the module
*/
void PCAPExporterPipe::performStart()
{
char errbuf[PCAP_ERRBUF_SIZE];
time(&last_check);
if(last_check == (time_t) -1)
THROWEXCEPTION("time() failed");
SignalHandler::getInstance().registerSignalHandler(SIGCHLD, this);
SignalHandler::getInstance().registerSignalHandler(SIGPIPE, this);
if(restartOnSignal)
SignalHandler::getInstance().registerSignalHandler(SIGUSR2, this);
dummy = pcap_open_dead(link_type, snaplen);
if (!dummy) {
THROWEXCEPTION("Could not open dummy device: %s", errbuf);
}
startProcess();
msg(MSG_INFO, "Started PCAPExporterPipe with the following parameters:");
if (fifoReaderCmd != ""){
msg(MSG_INFO, " - fifoReaderCmd = %s", fifoReaderCmd.c_str());
msg(MSG_INFO, " - fifoReaderPid = %d", fifoReaderPid);
} else {
THROWEXCEPTION("No fifoReaderCmd specified!");
}
if (logFileName != ""){
msg(MSG_INFO, " - logfileBaseName = %s", logFileName.c_str());
msg(MSG_INFO, " - appenddate = %s", appenddate ? "true" : "false");
}
else
msg(MSG_ERROR, "No Logfile specified - dumping to stdout!");
msg(MSG_INFO, " - sigKillTimeout = %d" , sigKillTimeout);
}示例12: reader_pfring_start
void reader_pfring_start() {
int dlt_to_linktype(int dlt);
pcapFileHeader.linktype = 1;
pcapFileHeader.snaplen = MOLOCH_SNAPLEN;
pcap_t *pcap = pcap_open_dead(pcapFileHeader.linktype, pcapFileHeader.snaplen);
if (config.dontSaveBPFs) {
int i;
if (bpf_programs) {
for (i = 0; i < config.dontSaveBPFsNum; i++) {
pcap_freecode(&bpf_programs[i]);
}
} else {
bpf_programs = malloc(config.dontSaveBPFsNum*sizeof(struct bpf_program));
}
for (i = 0; i < config.dontSaveBPFsNum; i++) {
if (pcap_compile(pcap, &bpf_programs[i], config.dontSaveBPFs[i], 0, PCAP_NETMASK_UNKNOWN) == -1) {
LOG("ERROR - Couldn't compile filter: '%s' with %s", config.dontSaveBPFs[i], pcap_geterr(pcap));
exit(1);
}
}
moloch_reader_should_filter = reader_pfring_should_filter;
}
pcap_close(pcap);
int i;
for (i = 0; i < MAX_INTERFACES && config.interface[i]; i++) {
char name[100];
snprintf(name, sizeof(name), "moloch-pfring%d", i);
g_thread_new(name, &reader_pfring_thread, rings[i]);
}
}示例13: main
int main (int argc, char ** argv)
{
pcap_t *pc; /* Fake struct pcap so we can compile expr */
struct bpf_program filter; /* Filter program for link-active pkts */
u_int32_t netmask=0;
int dflag = 3;
if (argc == 4)
{
if (!strcmp (argv[1], "-d"))
{
dflag = atoi (argv[2]);
argv += 2;
argc -=2;
}
}
if (argc != 2)
{
printf ("usage; %s [ -d <debug_level> ] expression\n", argv[0]);
return 1;
}
pc = pcap_open_dead(DLT_PPP_PPPD, PPP_HDRLEN);
if (pcap_compile(pc, &filter, argv[1], 1, netmask) == 0)
{
printf ("#\n# Expression: %s\n#\n", argv[1]);
bpf_dump (&filter, dflag);
return 0;
}
else
{
printf("error in active-filter expression: %s\n", pcap_geterr(pc));
}
return 1;
}示例14: pcap_open_dead
bool SnoopDump::doOpen()
{
m_pcap = pcap_open_dead(linkType, snoop::DEFAULT_SNAPLEN);
if (m_pcap == NULL)
{
SET_ERROR(SnoopError, "error in pcap_open_dead return NULL", VERR_IN_PCAP_OPEN_DEAD);
return false;
}
if (filePath == "")
{
SET_ERROR(VFileError, "file name not specified", VERR_FILENAME_NOT_SPECIFIED);
return false;
}
QString _path = QFileInfo(filePath).path();
QString _fileName = QFileInfo(filePath).fileName();
VFile::createFolder(_path);
if (_fileName == "") _fileName = DEFAULT_DUMP_FILE_NAME;
QDateTime now = QDateTime::currentDateTime();
QString newFileName = qformat(qPrintable(_fileName),
now.date().year(), now.date().month(), now.date().day(),
now.time().hour(), now.time().minute(), now.time().second(), now.time().msec());
m_pcap_dumper = pcap_dump_open(m_pcap, qPrintable(_path + "/" + newFileName));
if (m_pcap_dumper == NULL)
{
SET_ERROR(SnoopError, pcap_geterr(m_pcap), VERR_IN_PCAP_DUMP_OPEN);
return false;
}
return true;
}示例15: strftime
void PacketDumper::openDump(time_t when, int sampling_rate,
unsigned int max_pkts_per_file,
unsigned int max_sec_per_file) {
char pcap_path[MAX_PATH], hour_path[64];
int len;
time_t _when = when;
if(dumper) return;
sec_start = when;
this->sampling_rate = sampling_rate;
this->max_pkts_per_file = iface->getDumpTrafficMaxPktsPerFile();
this->max_sec_per_file = iface->getDumpTrafficMaxSecPerFile();
when -= when % 3600; /* Hourly directories */
strftime(hour_path, sizeof(hour_path), "%Y/%m/%d/%H", localtime(&when));
snprintf(pcap_path, sizeof(pcap_path), "%s/%d/pcap/%s",
ntop->get_working_dir(), iface->get_id(), hour_path);
ntop->fixPath(pcap_path);
Utils::mkdir_tree(pcap_path);
len = strlen(pcap_path);
snprintf(&pcap_path[len], sizeof(pcap_path)-len-1, "/%u_%u.pcap",
(unsigned int)when, file_id);
if((dumper = pcap_dump_open(pcap_open_dead(iface_type, 16384 /* MTU */), pcap_path)) == NULL)
ntop->getTrace()->traceEvent(TRACE_WARNING, "Unable to create pcap file %s", pcap_path);
else {
dump_end = _when + this->max_sec_per_file, num_dumped_packets = 0, file_id++;
ntop->getTrace()->traceEvent(TRACE_INFO, "Created pcap dump %s [max pkts=%u][max duration=%u sec]", \
pcap_path, this->max_pkts_per_file, this->max_sec_per_file);
}
}