WinPcap  4.1.3
funcs/pcap.h
Go to the documentation of this file.
1 
17 //\{
18 
27 typedef void (*pcap_handler)(u_char *user, const struct pcap_pkthdr *pkt_header,
28  const u_char *pkt_data);
29 
63 pcap_t *pcap_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebuf);
64 
65 
75 pcap_t *pcap_open_dead(int linktype, int snaplen);
76 
77 
91 pcap_t *pcap_open_offline(const char *fname, char *errbuf);
92 
105 pcap_dumper_t *pcap_dump_open(pcap_t *p, const char *fname);
106 
124 int pcap_setnonblock(pcap_t *p, int nonblock, char *errbuf);
125 
126 
136 int pcap_getnonblock(pcap_t *p, char *errbuf);
137 
153 int pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf);
154 
161 void pcap_freealldevs(pcap_if_t *alldevsp);
162 
173 char *pcap_lookupdev(char *errbuf);
174 
175 
187 int pcap_lookupnet(const char *device, bpf_u_int32 *netp, bpf_u_int32 *maskp, char *errbuf);
188 
227 int pcap_dispatch(pcap_t *p, int cnt, pcap_handler callback, u_char *user);
228 
229 
244 int pcap_loop(pcap_t *p, int cnt, pcap_handler callback, u_char *user);
245 
246 
261 u_char *pcap_next(pcap_t *p, struct pcap_pkthdr *h);
262 
279 int pcap_next_ex(pcap_t *p, struct pcap_pkthdr **pkt_header, const u_char **pkt_data);
280 
302 void pcap_breakloop(pcap_t *);
303 
315 int pcap_sendpacket(pcap_t *p, u_char *buf, int size);
316 
327 void pcap_dump(u_char *user, const struct pcap_pkthdr *h, const u_char *sp);
328 
338 
357 int pcap_compile(pcap_t *p, struct bpf_program *fp, char *str, int optimize, bpf_u_int32 netmask);
358 
378 int pcap_compile_nopcap(int snaplen_arg, int linktype_arg, struct bpf_program *program, char *buf, int optimize, bpf_u_int32 mask);
379 
380 
391 int pcap_setfilter(pcap_t *p, struct bpf_program *fp);
392 
393 
404 void pcap_freecode(struct bpf_program *fp);
405 
485 int pcap_datalink(pcap_t *p);
486 
496 int pcap_list_datalinks(pcap_t *p, int **dlt_buf);
497 
500 int pcap_set_datalink(pcap_t *p, int dlt);
501 
506 int pcap_datalink_name_to_val(const char *name);
507 
511 const char *pcap_datalink_val_to_name(int dlt);
512 
516 const char *pcap_datalink_val_to_description(int dlt);
517 
518 
526 int pcap_snapshot(pcap_t *p);
527 
528 
532 int pcap_is_swapped(pcap_t *p);
533 
534 
539 int pcap_major_version(pcap_t *p);
540 
541 
546 int pcap_minor_version(pcap_t *p);
547 
562 FILE *pcap_file(pcap_t *p);
563 
578 int pcap_stats(pcap_t *p, struct pcap_stat *ps);
579 
584 void pcap_perror(pcap_t *p, char *prefix);
585 
586 
596 char *pcap_geterr(pcap_t *p);
597 
598 
604 char *pcap_strerror(int error);
605 
610 const char *pcap_lib_version(void);
611 
617 void pcap_close(pcap_t *p);
618 
620 FILE *pcap_dump_file(pcap_dumper_t *p);
621 
627 
633 
634 //\}
635 // End of Unix-compatible functions
636 
637 
638 
639 
640 
641 
642 
649 //\{
650 
668 
686 int pcap_offline_filter(struct bpf_program *prog, const struct pcap_pkthdr *header, const u_char *pkt_data);
687 
712 int pcap_live_dump(pcap_t *p, char *filename, int maxsize, int maxpacks);
713 
714 
731 int pcap_live_dump_ended(pcap_t *p, int sync);
732 
733 
757 struct pcap_stat *pcap_stats_ex(pcap_t *p, int *pcap_stat_size);
758 
768 int pcap_setbuff(pcap_t *p, int dim);
769 
770 
777 int pcap_setmode(pcap_t *p, int mode);
778 
779 
793 int pcap_setmintocopy(pcap_t *p, int size);
794 
795 
796 
806 HANDLE pcap_getevent(pcap_t *p);
807 
820 pcap_send_queue* pcap_sendqueue_alloc(u_int memsize);
821 
829 
844 int pcap_sendqueue_queue(pcap_send_queue* queue, const struct pcap_pkthdr *pkt_header, const u_char *pkt_data);
845 
846 
870 u_int pcap_sendqueue_transmit(pcap_t *p, pcap_send_queue* queue, int sync);
871 
872 
935 int pcap_findalldevs_ex(char *source, struct pcap_rmtauth *auth, pcap_if_t **alldevs, char *errbuf);
936 
937 
981 int pcap_createsrcstr(char *source, int type, const char *host, const char *port, const char *name, char *errbuf);
982 
983 
1039 int pcap_parsesrcstr(const char *source, int *type, char *host, char *port, char *name, char *errbuf);
1040 
1106 pcap_t *pcap_open(const char *source, int snaplen, int flags, int read_timeout, struct pcap_rmtauth *auth, char *errbuf);
1107 
1123 struct pcap_samp *pcap_setsampling(pcap_t *p);
1124 
1184 SOCKET pcap_remoteact_accept(const char *address, const char *port, const char *hostlist, char *connectinghost, struct pcap_rmtauth *auth, char *errbuf);
1185 
1202 int pcap_remoteact_close(const char *host, char *errbuf);
1203 
1222 void pcap_remoteact_cleanup();
1223 
1244 int pcap_remoteact_list(char *hostlist, char sep, int size, char *errbuf);
1245 
1246 //\}
1247 // End of Windows-specific extensions
1248 
1249 
1250 
int pcap_sendqueue_queue(pcap_send_queue *queue, const struct pcap_pkthdr *pkt_header, const u_char *pkt_data)
Add a packet to a send queue.
char * pcap_lookupdev(char *errbuf)
Return the first valid device in the system.
Header of a packet in the dump file.
Definition: incs/pcap.h:126
int pcap_findalldevs_ex(char *source, struct pcap_rmtauth *auth, pcap_if_t **alldevs, char *errbuf)
Create a list of network devices that can be opened with pcap_open().
int pcap_list_datalinks(pcap_t *p, int **dlt_buf)
list datalinks
pcap_t * pcap_open(const char *source, int snaplen, int flags, int read_timeout, struct pcap_rmtauth *auth, char *errbuf)
Open a generic source in order to capture / send (WinPcap only) traffic.
pcap_send_queue * pcap_sendqueue_alloc(u_int memsize)
Allocate a send queue.
A queue of raw packets that will be sent to the network with pcap_sendqueue_transmit().
struct pcap pcap_t
Descriptor of an open capture instance. This structure is opaque to the user, that handles its conten...
Definition: incs/pcap.h:70
pcap_t * pcap_open_dead(int linktype, int snaplen)
Create a pcap_t structure without starting a capture.
int pcap_is_swapped(pcap_t *p)
returns true if the current savefile uses a different byte order than the current system.
void pcap_dump(u_char *user, const struct pcap_pkthdr *h, const u_char *sp)
Save a packet to disk.
int pcap_datalink(pcap_t *p)
Return the link layer of an adapter.
const char * pcap_datalink_val_to_description(int dlt)
Translates a data link type value to a short description of that data link type. NULL is returned on ...
long pcap_dump_ftell(pcap_dumper_t *)
Return the file position for a "savefile".
void pcap_freealldevs(pcap_if_t *alldevsp)
Free an interface list returned by pcap_findalldevs().
Structure that keeps statistical values on an interface.
Definition: incs/pcap.h:136
This structure defines the information related to sampling.
Definition: remote-ext.h:380
char * pcap_strerror(int error)
Provided in case strerror() isn't available.
int pcap_live_dump(pcap_t *p, char *filename, int maxsize, int maxpacks)
Save a capture to file.
char * pcap_geterr(pcap_t *p)
return the error text pertaining to the last pcap library error.
int pcap_createsrcstr(char *source, int type, const char *host, const char *port, const char *name, char *errbuf)
Accept a set of strings (host name, port, ...), and it returns the complete source string according t...
int pcap_getnonblock(pcap_t *p, char *errbuf)
Get the "non-blocking" state of an interface.
HANDLE pcap_getevent(pcap_t *p)
Return the handle of the event associated with the interface p.
pcap_t * pcap_open_live(const char *device, int snaplen, int promisc, int to_ms, char *ebuf)
Open a live capture from the network.
int pcap_lookupnet(const char *device, bpf_u_int32 *netp, bpf_u_int32 *maskp, char *errbuf)
Return the subnet and netmask of an interface.
int pcap_compile(pcap_t *p, struct bpf_program *fp, char *str, int optimize, bpf_u_int32 netmask)
Compile a packet filter, converting an high level filtering expression (see Filtering expression synt...
int pcap_snapshot(pcap_t *p)
Return the dimension of the packet portion (in bytes) that is delivered to the application.
struct pcap_stat * pcap_stats_ex(pcap_t *p, int *pcap_stat_size)
Return statistics on current capture.
int pcap_setnonblock(pcap_t *p, int nonblock, char *errbuf)
Switch between blocking and nonblocking mode.
PAirpcapHandle pcap_get_airpcap_handle(pcap_t *p)
Returns the AirPcap handler associated with an adapter. This handler can be used to change the wirele...
int pcap_next_ex(pcap_t *p, struct pcap_pkthdr **pkt_header, const u_char **pkt_data)
Read a packet from an interface or from an offline capture.
void pcap_remoteact_cleanup()
Clean the socket that is currently used in waiting active connections.
u_char * pcap_next(pcap_t *p, struct pcap_pkthdr *h)
Return the next available packet.
void pcap_breakloop(pcap_t *)
set a flag that will force pcap_dispatch() or pcap_loop() to return rather than looping.
const char * pcap_datalink_val_to_name(int dlt)
Translates a data link type value to the corresponding data link type name. NULL is returned on failu...
int pcap_dump_flush(pcap_dumper_t *p)
Flushes the output buffer to the savefile,'' so that any packets written with pcap_dump() but not yet...
struct pcap_samp * pcap_setsampling(pcap_t *p)
Define a sampling method for packet capture.
int pcap_parsesrcstr(const char *source, int *type, char *host, char *port, char *name, char *errbuf)
Parse the source string and returns the pieces in which the source can be split.
int pcap_loop(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
Collect a group of packets.
int pcap_sendpacket(pcap_t *p, u_char *buf, int size)
Send a raw packet.
int pcap_setbuff(pcap_t *p, int dim)
Set the size of the kernel buffer associated with an adapter.
int pcap_setmode(pcap_t *p, int mode)
Set the working mode of the interface p to mode.
int pcap_dispatch(pcap_t *p, int cnt, pcap_handler callback, u_char *user)
Collect a group of packets.
u_int pcap_sendqueue_transmit(pcap_t *p, pcap_send_queue *queue, int sync)
Send a queue of raw packets to the network.
void pcap_dump_close(pcap_dumper_t *p)
Closes a savefile.
int pcap_minor_version(pcap_t *p)
return the minor version number of the pcap library used to write the savefile.
FILE * pcap_file(pcap_t *p)
Return the standard stream of an offline capture.
int pcap_remoteact_close(const char *host, char *errbuf)
Drop an active connection (active mode only).
void(* pcap_handler)(u_char *user, const struct pcap_pkthdr *pkt_header, const u_char *pkt_data)
Prototype of the callback function that receives the packets.
Definition: funcs/pcap.h:27
This structure keeps the information needed to autheticate the user on a remote machine.
Definition: remote-ext.h:338
struct pcap_dumper pcap_dumper_t
libpcap savefile descriptor.
Definition: incs/pcap.h:71
int pcap_compile_nopcap(int snaplen_arg, int linktype_arg, struct bpf_program *program, char *buf, int optimize, bpf_u_int32 mask)
Compile a packet filter without the need of opening an adapter. This function converts an high level ...
int pcap_setfilter(pcap_t *p, struct bpf_program *fp)
Associate a filter to a capture.
int pcap_remoteact_list(char *hostlist, char sep, int size, char *errbuf)
Return the hostname of the host that have an active connection with us (active mode only).
struct _AirpcapHandle * PAirpcapHandle
const char * pcap_lib_version(void)
Returns a pointer to a string giving information about the version of the libpcap library being used;...
int pcap_datalink_name_to_val(const char *name)
Translates a data link type name, which is a DLT_ name with the DLT_ removed, to the corresponding da...
void pcap_perror(pcap_t *p, char *prefix)
print the text of the last pcap library error on stderr, prefixed by prefix.
pcap_dumper_t * pcap_dump_open(pcap_t *p, const char *fname)
Open a file to write packets.
FILE * pcap_dump_file(pcap_dumper_t *p)
return the standard I/O stream of the 'savefile' opened by pcap_dump_open().
SOCKET pcap_remoteact_accept(const char *address, const char *port, const char *hostlist, char *connectinghost, struct pcap_rmtauth *auth, char *errbuf)
Block until a network connection is accepted (active mode only).
Item in a list of interfaces, used by pcap_findalldevs().
Definition: incs/pcap.h:148
int pcap_setmintocopy(pcap_t *p, int size)
Set the minumum amount of data received by the kernel in a single call.
int pcap_live_dump_ended(pcap_t *p, int sync)
Return the status of the kernel dump process, i.e. tells if one of the limits defined with pcap_live_...
pcap_t * pcap_open_offline(const char *fname, char *errbuf)
Open a savefile in the tcpdump/libpcap format to read packets.
int pcap_offline_filter(struct bpf_program *prog, const struct pcap_pkthdr *header, const u_char *pkt_data)
Returns if a given filter applies to an offline packet.
u_int bpf_u_int32
32-bit unsigned integer
Definition: incs/pcap.h:67
int pcap_set_datalink(pcap_t *p, int dlt)
Set the current data link type of the pcap descriptor to the type specified by dlt....
int pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)
Construct a list of network devices that can be opened with pcap_open_live().
void pcap_sendqueue_destroy(pcap_send_queue *queue)
Destroy a send queue.
void pcap_close(pcap_t *p)
close the files associated with p and deallocates resources.
void pcap_freecode(struct bpf_program *fp)
Free a filter.
int pcap_major_version(pcap_t *p)
return the major version number of the pcap library used to write the savefile.
int pcap_stats(pcap_t *p, struct pcap_stat *ps)
Return statistics on current capture.

documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2010 CACE Technologies. Copyright (c) 2010-2013 Riverbed Technology. All rights reserved.