Beispiel #1
0
int main(int argc,char **argv)
{

    daemon(0,0);

    buf = malloc(BUFSIZ + 1);
    if(NULL == buf) {
        printf("buf null");
        exit(1);
    }
    pcap_hnd = prepare_capture("eth2", 1, "");
    pcap_loop(pcap_hnd, -1, &parse_http_packet, NULL);

    return 0;
}
DWORD WINAPI eap_thread()
{
    extern pcap_t *handle;
    extern char    devname[];
    
    init_device();
    init_frames ();
    send_eap_packet (EAPOL_START);
    pcap_loop (handle, -1, get_packet, NULL);   /* main loop */
    pcap_close (handle);

    memset (devname, 0, MAX_DEV_NAME_LEN);
    update_interface_state(NULL);
    return 0;
}
//------------------------------------------------------------------------------
static void* workerThread(void* pArgument_p)
{
    tEdrvInstance*  pInstance = (tEdrvInstance*)pArgument_p;
    int             pcapRet;
    int             oldCancelType;

    DEBUG_LVL_EDRV_TRACE("%s(): ThreadId:%ld\n", __func__, syscall(SYS_gettid));

    pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, &oldCancelType);

    // Set up and activate the pcap live capture handle
    pInstance->pPcapThread = startPcap();
    if (pInstance->pPcapThread == NULL)
    {
        return NULL;
    }

    if (pcap_setdirection(pInstance->pPcapThread, PCAP_D_INOUT) < 0)
    {
        DEBUG_LVL_ERROR_TRACE("%s() couldn't set PCAP direction!\n", __func__);
    }

   // signal that thread is successfully started
   sem_post(&pInstance->syncSem);

   pcapRet = pcap_loop(pInstance->pPcapThread, -1, packetHandler, (u_char*)pInstance);

   switch (pcapRet)
   {
       case 0:
           DEBUG_LVL_ERROR_TRACE("%s(): pcap_loop ended because 'cnt' is exhausted.\n", __func__);
           break;

       case -1:
           DEBUG_LVL_ERROR_TRACE("%s(): pcap_loop ended because of an error!\n", __func__);
           break;

       case -2:
           DEBUG_LVL_ERROR_TRACE("%s(): pcap_loop ended normally.\n", __func__);
           break;

       default:
           DEBUG_LVL_ERROR_TRACE("%s(): pcap_loop ended (unknown return value).\n", __func__);
           break;
   }

   return NULL;
}
Beispiel #4
0
int main(int argc, char *argv[]){
	char *dev,errbuf[PCAP_ERRBUF_SIZE];
	char *net_c = NULL,*mask_c = NULL;
	bpf_u_int32 mask;
	bpf_u_int32 net;
	struct in_addr addr;
	struct pcap_pkthdr header;
	pcap_t *handle;
	const u_char *packet;
	struct bpf_program fp;
	char filter_exp[] = "ip";
	dev = pcap_lookupdev(errbuf);
	if(dev == NULL) {
		perror("can't find default dev!\n");
		exit(-1);
	}
	printf("DEV:%s\n",dev);
	if(pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
		perror("can't get netmask\n");
		net_c =0;
		mask_c = 0;
		exit(-1);
	}
	addr.s_addr = net;
	net_c = inet_ntoa(addr);
	printf("Net:%s\n",net_c);
	addr.s_addr = mask;
	mask_c = inet_ntoa(addr);
	printf("Mask:%s\n",mask_c);
	printf("==================================================\n");
	handle = pcap_open_live(dev,1500,1,0,errbuf);
	if(handle == NULL) {
		perror("couldn't get handle!\n");
		exit(-1);
	}
	if(pcap_compile(handle,&fp,filter_exp,0,mask)== -1) {
		perror("Couldn't parse filter\n");
		exit(-1);
	}
	if(pcap_setfilter(handle,&fp)==-1) {
		perror("Couldn't install filter\n");
		exit(-1);
	}
	pcap_loop(handle,-1,my_callback,NULL);
	pcap_freecode(&fp);
	pcap_close(handle);
	printf("\nCapture complete.\n");
}
Beispiel #5
0
static void pcap_init(int type, char *data, char *host)
{
	char *filter   = NULL;
	pcap_t *handle = NULL;
	struct bpf_program fp;
	char errbuf[PCAP_ERRBUF_SIZE];


	g_return_if_fail(data != NULL);
	g_return_if_fail(host != NULL);

	if(type == LIVE) {
		handle = pcap_open_live(data, SNAP_LEN, 1, 1000, errbuf);
		if (handle == NULL) {
			fprintf(stderr, "Falha ao abrir device %s: %s\n", data, errbuf);
			return;
		}

	} else {
		handle = pcap_open_offline(data, errbuf);
		if(handle == NULL) {
			fprintf(stderr, "Falha: %s\n", errbuf);
			return;
		}
		pcap_file(handle);
	}

	if(strlen(host) > 1) {
		filter = g_strdup_printf("port 80 and host %s", host);
	} else { 
		filter = g_strdup_printf("port 80");
	}

	if (pcap_compile(handle, &fp, filter, 0, 0) == -1) {
		fprintf(stderr, "Falha ao compilar filtro %s: %s\n", filter, pcap_geterr(handle));
		return;
	}

	if (pcap_setfilter(handle, &fp) == -1) {
		fprintf(stderr, "Falha ao utilizar filtro %s: %s\n", filter, pcap_geterr(handle));
		return;
	}

	pcap_loop(handle, -1, packet_analyze, NULL);

	pcap_freecode(&fp);
	pcap_close(handle);
}
int CapturePacketThread::RunCapture()
{
	Releaseinfo("RunCapture  input");
    pcap_t *adhandle;
    char errbuf[PCAP_ERRBUF_SIZE];
    u_int netmask=0xffffff;
    struct bpf_program fp;
    
    if((adhandle= pcap_open(devname.c_str(),          // name of the device
                              65536,            // portion of the packet to capture
                                                // 65536 guarantees that the whole packet will be captured on all the link layers
                              PCAP_OPENFLAG_PROMISCUOUS,    // promiscuous mode
                              1000,             // read timeout
                              NULL,             // authentication on the remote machine
                              errbuf            // error buffer
                              ) ) == NULL)
    {
		Releaseinfo("pcap_open fails");
        fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", devname.c_str());
        return -1;
    }
	string filter("");
	string host_str("");
	host_str = AppConfig::SharedInstance()->GetHostIp();
	filter+="host ";
	filter+=ipstr;
	filter+=" and (tcp or udp) and (not host ";
	filter+=host_str;
	filter+=")";
	//char test_filter[100]={0};
	//strcpy(test_filter,filter.c_str());
	//Releaseinfo(test_filter);
    if(pcap_compile(adhandle, &fp, filter.c_str(), 0, netmask) == -1) {
		Releaseinfo("pcap_compile fails");
        fprintf(stderr, "Error calling pcap_compile\n");
        return -1;
    }
 
    if(pcap_setfilter(adhandle, &fp) == -1) {
		Releaseinfo("pcap_setfilter fails");
        fprintf(stderr, "Error setting filter\n");
        return -1;
    }
	char user_ip[20]={0};
	strcpy(user_ip,ipstr.c_str());
    pcap_loop(adhandle, 0, PacketHandler, (u_char*)user_ip);
    return 0;
}
Beispiel #7
0
int main(int argc,char **argv)
{
    char *dev;
    char errbuf[PCAP_ERRBUF_SIZE];
    pcap_t* descr;
    struct bpf_program fp;      /* hold compiled program     */
    bpf_u_int32 maskp;          /* subnet mask               */
    bpf_u_int32 netp;           /* ip                        */
    u_char* args = NULL;

    /* Options must be passed in as a string because I am lazy */
    if(argc < 2){
        fprintf(stdout,"Usage: %s numpackets \"options\"\n",argv[0]);
        return 0;
    }

    /* grab a device to peak into... */
    //dev = pcap_lookupdev(errbuf);
    dev = "wlan0"
    if(dev == NULL)
    { printf("%s\n",errbuf); exit(1); }

    /* ask pcap for the network address and mask of the device */
    pcap_lookupnet(dev,&netp,&maskp,errbuf);

    /* open device for reading. NOTE: defaulting to
     * promiscuous mode*/
    descr = pcap_open_live(dev,BUFSIZ,1,-1,errbuf);
    if(descr == NULL)
    { printf("pcap_open_live(): %s\n",errbuf); exit(1); }

    if(argc > 2)
    {
        /* Lets try and compile the program.. non-optimized */
        if(pcap_compile(descr,&fp,argv[2],0,netp) == -1)
        { fprintf(stderr,"Error calling pcap_compile\n"); exit(1); }

        /* set the compiled program as the filter */
        if(pcap_setfilter(descr,&fp) == -1)
        { fprintf(stderr,"Error setting filter\n"); exit(1); }
    }

    /* ... and loop */
    pcap_loop(descr,atoi(argv[1]),my_callback,args);

    fprintf(stdout,"\nfinished\n");
    return 0;
}
Beispiel #8
0
void *ext_thread(void *arg) 
{
	char filter_exp[40];
	memset(filter_exp, 0, 40);
	strcat(filter_exp, "ip and dst host ");
	strcat(filter_exp, inet_ntoa(ext_ip));


//	char filter_exp[] = "ip and dst host 192.168.1.102";
	
	if(pcap_loop(ext_if, -1, got_packet, (u_char *)FROM_EXT) == -1) {
		fprintf(stderr, "Couldn't  filte packet %s: %s\n", filter_exp, pcap_geterr(ext_if));
	}
	
	pcap_close(ext_if);
}
Beispiel #9
0
void PcapActivity::runActivity()
{
    _logger.information("Activity started on %s", _device);
    if (openLive()) {
        while (!_activity.isStopped()) {
            if (pcap_loop(_pcap, -1, &pcap_process, (u_char*) _device.c_str()) < 0) {

                break;
            }
        }
        pcap_close(_pcap);
        _pcap = nullptr;
    }

    _logger.information("Activity ended on %s", _device);
}
Beispiel #10
0
void fileSniffing(char* file, u_char* filter){

	pcap_t *handle;
	char errbuf[PCAP_ERRBUF_SIZE];

    /* Open a capture file */
    if ((handle = pcap_open_offline(file, errbuf) ) == NULL)
    {
        fprintf(stderr,"\nError opening dump file\n");
        return;
    }

    // read and dispatch packets until EOF is reached
    pcap_loop(handle, -1, got_packet, filter);

}
Beispiel #11
0
/*-----------------------------------------------------------------------------------*/
static void
pcapif_thread(void *arg)
{
  struct netif *netif;
  struct pcapif *pcapif;
  netif = arg;
  pcapif = netif->state;

  while(1) {
    pcap_loop(pcapif->pd, 1, callback, (u_char *)netif);
    sys_sem_wait(pcapif->sem);
    if(pcapif->p != NULL) {
      netif->input(pcapif->p, netif);
    }
  }
}
Beispiel #12
0
void packet_sniffer(char *filter)
{
	char *nic_dev; 
    	char errbuf[PCAP_ERRBUF_SIZE];
    	pcap_t* nic_descr;
    	struct bpf_program fp;      // holds compiled program     
    	bpf_u_int32 maskp;          // subnet mask               
    	bpf_u_int32 netp;           // ip                        
    	u_char* args = NULL;

	// find the first NIC that is up and sniff packets from it    	
	nic_dev = pcap_lookupdev(errbuf); //assign device name if you want to select the device manually
    	if (nic_dev == NULL)
    	{ 
		printf("%s\n",errbuf); 
		exit(1);
	}

    	// Use pcap to get the IP address and subnet mask of the device 
    	pcap_lookupnet (nic_dev, &netp, &maskp, errbuf);

    	// open the device for packet capture & set the device in promiscuous mode 
    	nic_descr = pcap_open_live (nic_dev, BUFSIZ, 1, -1, errbuf);
    	if (nic_descr == NULL)
    	{ 
		printf("pcap_open_live(): %s\n",errbuf); 
		exit(1); 
	}

	// Compile the filter expression
	if (pcap_compile (nic_descr, &fp, filter, 0, netp) == -1)
	{ 
		fprintf(stderr,"Error calling pcap_compile\n"); 
		exit(1);
	}

	// Load the filter into the capture device
	if (pcap_setfilter(nic_descr, &fp) == -1)
	{ 
		fprintf(stderr,"Error setting filter\n"); 
		exit(1); 
	}
    	// Start the capture session 
    	pcap_loop (nic_descr, INFINITY, pkt_analyze, args);

    	fprintf(stdout,"\nCapture Session Done\n");
}
Beispiel #13
0
int main(int argc, char** argv) {
  if(argc < 2) {
    std::cerr << "Must pass interface to listen on" << std::endl;
    return 1;
  }

  std::string device = std::string(argv[1]);

  char errbuf[1024];
  pcap_t *handle;

  struct bpf_program fp;

  const std::string filter_expr = "type mgt subtype probe-req";

  handle = pcap_open_live("wlan0mon", 1024, true, 1000, errbuf);
  if(!handle) {
    std::cerr << "Unable to open device " << device << std::endl;
    return 2;
  }

  if(pcap_datalink(handle) != DLT_IEEE802_11_RADIO) {
    std::cerr << "Specified device is not 802.11" << std::endl;
    return 3;
  }

  if(pcap_compile(handle, &fp, filter_expr.c_str(), 0, PCAP_NETMASK_UNKNOWN) < 0) {
    std::cerr << "Error compiling filter to program" << std::endl;
    return 4;
  }

  if(pcap_setfilter(handle, &fp) < 0) {
    std::cerr << "Error creating filter on device" << std::endl;
    return 5;
  }

  std::cerr << "Listening for frames" << std::endl;

  pcap_loop(handle, 0, process_packet, NULL);

  std::cerr << "Shutting down" << std::endl;

  pcap_freecode(&fp);
  pcap_close(handle);

  return 0;
}
Beispiel #14
0
int PacketOperation()
{

	pcap_t* PcapHandle;
    int number = -1;
	char Error[PCAP_ERRBUF_SIZE];

	pcap_handler Handler;
	if ((PcapHandle = pcap_open_live(pAdapterInfo->AdapterName, 65536, 1, 1000, Error)) == NULL)
	{
		return -1;
	}

	Handler = (pcap_func_t) ProcessProtocolPacket;
	pcap_loop(PcapHandle, number, Handler, NULL);
	return 0;
}
Beispiel #15
0
// Pcap でのパケットキャプチャの中継用スレッド
void PcapThread(THREAD *thread, void *param)
{
	ETH *e = (ETH*)param;
	pcap_t *p = e->Pcap;
	int ret;

	// 初期化完了を通知
	NoticeThreadInit(thread);

	// 帰り値 -1:エラー -2:外部からの終了
	ret = pcap_loop(p, -1, PcapHandler, (u_char*) e);
	if(ret == -1){
		e->Socket = INVALID_SOCKET;
		pcap_perror(p, "capture");
	}
	return;
}
Beispiel #16
0
int main(int argc, char *argv[])
{
    pcap_t *handle;

    if (argc != 2) {
        print_usage(argv[0]);
        return 2;
    }

    init_capture(argv[1], &handle);

    pcap_loop(handle, -1, got_packet, NULL);

    pcap_close(handle);

    return 0;
}
Beispiel #17
0
void pcap_capture(char *dev, char *filter, char *dir)
{
	
	pcap_t *pd;
	char	ebuf[PCAP_ERRBUF_SIZE]; 	// error buffer
  struct in_addr      netmask, 		// 넷마스크
                      network;		// 네트워크 주소
  struct bpf_program  fcode;  	 	// 패킷필터링 프로그램  
  int status;	
	
	strcpy(log_dir, dir);

	time(&t);
	tm=localtime(&t);

  pd = pcap_open_live(dev, SNAPSIZE, PROMISCUOUS, 10000, ebuf); // 디바이스 열기
  if(pd == NULL) {
  	fprintf(stderr, "pcap_open_live fail: %s", ebuf);
    exit(0);
  }

  // device localnet과, netmask
  pcap_lookupnet(dev, &network.s_addr, &netmask.s_addr, ebuf);

		
	// 필터링 규칙 컴파일
	pcap_compile(pd, &fcode, filter, 0, netmask.s_addr);
  pcap_setfilter(pd, &fcode); // 디스크립터에 필터링 규칙적용

  printf("Device='%s'(network=%s, netmask=%s)\n", dev, inet_ntoa(network), inet_ntoa(netmask));

	
	
	
	// LOG 파일 열기
	sprintf(save_file, "%s/AG%02d%02d",log_dir, tm->tm_mday, tm->tm_hour);	
	fd = open(save_file, O_RDWR | O_CREAT);		// 백업 파일 open
	
	
	if(pcap_loop(pd, -1, pcap_callback, NULL)<0) {
		fprintf(stderr, "pcap_loop fail: %s\n", pcap_geterr(pd));
        exit(-1);
  }
    
  pcap_close(pd);	// close the packet capture discriptor
}
// Relay thread for captured packet (Pcap)
void PcapThread(THREAD *thread, void *param)
{
	ETH *e = (ETH*)param;
	pcap_t *p = e->Pcap;
	int ret;

	// Notify initialize completed
	NoticeThreadInit(thread);

	// Return -1:Error -2:Terminated externally
	ret = pcap_loop(p, -1, PcapHandler, (u_char*) e);
	if(ret == -1){
		e->Socket = INVALID_SOCKET;
		pcap_perror(p, "capture");
	}
	return;
}
Beispiel #19
0
int main(int argc, char **argv)
{
    int i;
    char *dev;
    char errbuf[PCAP_ERRBUF_SIZE];
    pcap_t *descr;
    const u_char *packet;
    struct pcap_pkthdr hdr;     /* pcap.h */
    struct ether_header *eptr;  /* net/ethernet.h */
    FILE *in_file;
    struct pcap_file_header f_hdr;

    if (argc != 3) {
        fprintf(stdout, "Usage: %s pcap_file new_file\n", argv[0]);
        return 0;
    }
    if ((in_file = fopen(argv[1], "r")) == NULL) {
        perror(argv[1]);
        return 3;
    }
    if ((out_file = fopen(argv[2], "wb")) == NULL) {
        perror(argv[2]);
        return 3;
    }

    /* write file header */
    fread(&f_hdr, 1, sizeof(struct pcap_file_header), in_file);
    f_hdr.linktype = 1;
    fwrite(&f_hdr, 1, sizeof(struct pcap_file_header), out_file);
    fclose(in_file);

    /* open device for reading */
    descr = pcap_open_offline(argv[1], errbuf);
    if (descr == NULL) {
        printf("pcap_open_offline(): %s\n", errbuf);
        exit(1);
    }
    /* allright here we call pcap_loop(..) and pass in our callback function */
    /* int pcap_loop(pcap_t *p, int cnt, pcap_handler callback, u_char *user) */
    /* If you are wondering what the user argument is all about, so am I!!   */
    pcap_loop(descr, atoi(argv[1]), my_callback, NULL);

    fprintf(stdout, "\nDone processing packets... wheew!\n");
    fclose(out_file);
    return 0;
}
Beispiel #20
0
int main(int argc, char *argv[])
{
    pcap_t *handle;			/* Session handle */
    char *dev;			/* The device to sniff on */
    char errbuf[PCAP_ERRBUF_SIZE];	/* Error string */
    struct bpf_program fp;		/* The compiled filter */
    char filter_exp[] = "";	/* The filter expression */
    bpf_u_int32 mask;		/* Our netmask */
    bpf_u_int32 net;		/* Our IP */
    struct pcap_pkthdr header;	/* The header that pcap gives us */
    const u_char *packet;		/* The actual packet */

    /* Define the device */
    dev = pcap_lookupdev(errbuf);
    if (dev == NULL) {
        fprintf(stderr, "Couldn't find default device: %s\n", errbuf);
        return(2);
    }
    /* Find the properties for the device */
    if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
        fprintf(stderr, "Couldn't get netmask for device %s: %s\n", dev, errbuf);
        net = 0;
        mask = 0;
    }
    /* Open the session in promiscuous mode */
    handle = pcap_open_live(dev, BUFSIZ, 1, 1000, errbuf);
    if (handle == NULL) {
        fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
        return(2);
    }
    /* Compile and apply the filter */
    if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
        fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(handle));
        return(2);
    }
    if (pcap_setfilter(handle, &fp) == -1) {
        fprintf(stderr, "Couldn't install filter %s: %s\n", filter_exp, pcap_geterr(handle));
        return(2);
    }
    /* Grab a packet */
    pcap_loop(handle, -1, got_packet, NULL);

    pcap_close(handle);
    return(0);
}
Beispiel #21
0
int main(int argc, char *argv[])
{
    char errbuf[PCAP_ERRBUF_SIZE];
    char *dev;
    pcap_t *pcd;
    struct bpf_program fp;
    bpf_u_int32 netp;
    bpf_u_int32 maskp;
    int ret;

    char track[] = "forensics";
    char name[] = "songyi Hwang";
    printf("[bob5][%s]pcap_test[%s]\n", track, name);

    dev = pcap_lookupdev(errbuf);
    if(dev == NULL) {
        printf("%s\n", errbuf);
        exit(1);
    }

    ret = pcap_lookupnet(dev, &netp, &maskp, errbuf);
    if(ret == -1) {
        printf("%s\n", errbuf);
        exit(1);
    }

    pcd = pcap_open_live(dev, BUFSIZ, NONPROMISCUOUS, -1, errbuf);
    if(pcd == NULL) {
        printf("%s\n", errbuf);
        exit(1);
    }

    if(pcap_compile(pcd, &fp, argv[2], 0, netp) == -1) {
        printf("compile error\n");
        exit(1);
    }
    if(pcap_setfilter(pcd, &fp) == -1) {
        printf("setfilter error\n");
        exit(0);
    }

    pcap_loop(pcd, atoi(argv[1]), callback, NULL);

    return 0;
}
Beispiel #22
0
int main(int argc, char **argv)
{
pcap_t *fp;
char errbuf[PCAP_ERRBUF_SIZE];
char source[PCAP_BUF_SIZE];

	if(argc != 2){

		printf("usage: %s filename", argv[0]);
		return -1;

	}

	/* Create the source string according to the new WinPcap syntax */
	if ( pcap_createsrcstr(	source,			// variable that will keep the source string
							PCAP_SRC_FILE,	// we want to open a file
							NULL,			// remote host
							NULL,			// port on the remote host
							argv[1],		// name of the file we want to open
							errbuf			// error buffer
							) != 0)
	{
		fprintf(stderr,"\nError creating a source string\n");
		return -1;
	}
	
	/* Open the capture file */
	if ( (fp= pcap_open(source,			// name of the device
						65536,			// portion of the packet to capture
										// 65536 guarantees that the whole packet will be captured on all the link layers
						 PCAP_OPENFLAG_PROMISCUOUS, 	// promiscuous mode
						 1000,				// read timeout
						 NULL,				// authentication on the remote machine
						 errbuf			// error buffer
						 ) ) == NULL)
	{
		fprintf(stderr,"\nUnable to open the file %s.\n", source);
		return -1;
	}

	// read and dispatch packets until EOF is reached
	pcap_loop(fp, 0, dispatcher_handler, NULL);

	return 0;
}
Beispiel #23
0
static PyObject *ppcap_loop(ppcap *self, PyObject *args)
{
    PyObject *callback, *obj, *obj2;
    int num_pkts, num_p;

    if (!PyArg_ParseTuple(args, "iO", &num_pkts, &callback))
        return NULL;
    if (!PyCallable_Check(callback)) {
        PyErr_SetString(PyExc_Ppcap, "Second argument is not a callable");
        return NULL;
    }
    obj = PyObject_GetAttrString(callback, "__code__");
    if (!obj) {
        PyErr_SetString(PyExc_Ppcap, "Failed to retrieve attribute '__code__' "
                        "from the callable object. Try to recall the function.");
        return NULL;
    }
    obj2 = PyObject_GetAttrString(obj, "co_argcount");
    if (!obj2) {
        PyErr_SetString(PyExc_Ppcap, "Failed to retrieve attribute 'co_argcount' "
                        "from the callable.__code__ object. Try to recall the function.");
        Py_DECREF(obj);
        return NULL;
    }
    num_p = PyLong_AsLong(obj2);
    if (num_p != 2) {
        PyErr_Format(PyExc_Ppcap, "The callable object needs to have two parameters! "
                     "Not %d. Example: def my_cb(packet, tot_len)", num_p);
        Py_DECREF(obj);
        Py_DECREF(obj2);
        return NULL;
    }
    Py_DECREF(obj);
    Py_DECREF(obj2);
    Py_XDECREF(self->callback);
    Py_INCREF(callback);
    self->callback = callback;

    if (pcap_loop(self->handle, num_pkts, ppcap_rcv_packet,
                  (u_char *)self->callback) == -1) {
        PyErr_Format(PyExc_Ppcap, "%s", pcap_geterr(self->handle));
        return NULL;
    }
    Py_RETURN_NONE;
}
Beispiel #24
0
int main()
{
    int count = 0;
    char *device = NULL;
	pcap_t *descr = NULL;

	/*获取第一个适合捕获的网络设备名称*/
	device = Pcap_lookupdev();
	printf("Opening device %s\n", device);

	/*以混杂模式打开网络设备*/
	descr = Pcap_open_live(device, MAXBYTES2CAPTURE, 1, 512);

	/*死循环并在每一次接收到数据包时调用回调函数processPacket()*/
	pcap_loop(descr, -1, processPacket, (u_char *)&count);

	return 0;
}
Beispiel #25
0
void capture(void)
{
   DEBUG_MSG("neverending loop (capture)");
   
   /* 
    * infinite loop 
    * dispatch packets to sarp_get
    */

//daveti: debug
printf("daveti: into pcap_loop()\n");
        
   pcap_loop(GBL_PCAP->fd, -1, sarp_get, NULL);

//daveti: debug
printf("daveti: pcap_loop() done\n");

}
Beispiel #26
0
int main(int argc,char **argv)
{ 
    int i;
    char *dev; 
    char errbuf[PCAP_ERRBUF_SIZE];
    pcap_t* descr;
    const u_char *packet;
    struct pcap_pkthdr hdr;     /* pcap.h                    */
    struct ether_header *eptr;  /* net/ethernet.h            */
    struct bpf_program fp;      /* hold compiled program     */
    bpf_u_int32 maskp;          /* subnet mask               */
    bpf_u_int32 netp;           /* ip                        */


    if(argc != 2){ fprintf(stdout,"Usage: %s \"filter program\"\n"
            ,argv[0]);return 0;}

    /* grab a device to peak into... */
    dev = "wlan0"; // pcap_lookupdev(errbuf);
    if(dev == NULL)
    { fprintf(stderr,"%s\n",errbuf); exit(1); }

    /* ask pcap for the network address and mask of the device */
    pcap_lookupnet(dev,&netp,&maskp,errbuf);

    /* open device for reading this time lets set it in promiscuous
     * mode so we can monitor traffic to another machine             */
    descr = pcap_open_live(dev,BUFSIZ,1,-1,errbuf);
    if(descr == NULL)
    { printf("pcap_open_live(): %s\n",errbuf); exit(1); }

    /* Lets try and compile the program.. non-optimized */
    if(pcap_compile(descr,&fp,argv[1],0,netp) == -1)
    { fprintf(stderr,"Error calling pcap_compile\n"); exit(1); }

    /* set the compiled program as the filter */
    if(pcap_setfilter(descr,&fp) == -1)
    { fprintf(stderr,"Error setting filter\n"); exit(1); }

    /* ... and loop */ 
    pcap_loop(descr,-1,my_callback,NULL);

    return 0;
}
int main(int argc,char *argv[]){
    char *filename1=argv[1];
    char *filename3=argv[2];
    
    char errbuf[PCAP_ERRBUF_SIZE];
    pcap_t *pcap1=pcap_open_offline(filename1,errbuf);
    if(!pcap1){
        printf("1.error: pcap_open_offline(): %s \n",errbuf);
        exit(1);
    }
    FILE *save_file=fopen(filename3,"wb");
    int ret;
    
    ret=pcap_loop(pcap1,0,dispatch_handler,(u_char *)save_file);
    printf("%d\n",ret);
    fclose(save_file);

    //if(ret)
    /*
    FILE *save_file=fopen(filename3,"wb");
    struct pcap_pkthdr *pkheader1;
    u_char *pkdata1;
    int lable1=1;
    int ret;

    while(lable1==1){
        ret=pcap_next_ex(pcap1,&pkheader1,(const u_char **)&pkdata1);
        printf("ret=%d\n",ret1);
        if(ret==1){
            fwrite((void *)pkheader1,1,sizeof(struct pcap_pkthdr),save_file);
            //fwrite((void *)pkdata1,1,pkheader1->caplen,save_file);
        }
        else if(ret==-1||ret==0){
            exit(1);
        }
        else if(ret==-2){
            lable1=0;
            pcap_close(pcap1);
            fclose(save_file);
        }
    }
   */
}
Beispiel #28
0
int main(int argc, char **argv) {
    // check options passed
    if (argc != 2) {
        printf("\nInvalid argument list. Please use '--help' for usage.\n\n");
        return -1;
    }
    // print help 
    if (strcmp("--help", argv[1]) == 0) {
        printf("\nUsage : %s <dump file name>\n", argv[0]);
        printf("\tEx : %s traceroute.pcap\n\n", argv[0]);
        exit(0);
    }
    // pcap file pointer
    pcap_t *pcap_p;
    // error buffer to hold errors on pcap call
    char errorbuf[PCAP_ERRBUF_SIZE];
    // initialize all lists used
    init_lists();

    // open dump file
    pcap_p = pcap_open_offline(argv[1], errorbuf);
    if (pcap_p == NULL) {
        printf("Error while opening dump file.\n%s\n", errorbuf);
        exit(0);
    }
    // check whether the link layer type is Ethernet, return otherwise
    if (pcap_datalink(pcap_p) != DLT_EN10MB) {
        printf("Dump file provided is not captured from Ethernet.\n");
        exit(0);
    }    
    // read all packets from dump file 
    if (pcap_loop(pcap_p, 0, callback_handler, NULL) == -1) {
        printf("Error while reading dump file.\n");
        exit(0);
    }
    // close the pcap file
    pcap_close(pcap_p);       
    // print results stored in lists
    print_results();
    // free memory allocated for lists
    free_lists();
    return 0;
}
Beispiel #29
0
    static void
epcap_loop(EPCAP_STATE *ep)
{
    int rv = -1;

    rv = pcap_loop(ep->p, -1, epcap_response, (u_char *)ep);

    switch (rv) {
        case -2:
            break;
        case -1:    /* error reading packet */
            VERBOSE(1, "%s", pcap_geterr(ep->p));
            break;
        default:
            if (ep->file)
                epcap_ctrl("eof");
            break;
    }
}
Beispiel #30
0
//main thread procedure: launches the capture and wait
UINT MyThreadProc( LPVOID pParam )
{   
	int i;

    if (pParam == NULL)
    return -1;    // illegal parameter
	pObject=(CCapPars*)pParam;

	//reset the timer
	pObject->lasttime.tv_sec=0;
	pObject->lasttime.tv_usec=0;

	//start the capture loop
	i = pcap_loop(pObject->fp, 0, dispatcher_handler, (PUCHAR)pParam);

	Sleep(INFINITE);

	return 0;
}