void my_pcap_handler(u_char *arg,const struct pcap_pkthdr *pkthdr,const u_char *packet){
//calc timestamp
u64 time;
static u64 lasttime=0;
time = ((u64)pkthdr->ts.tv_sec)*detection_tick_resolution
+
pkthdr->ts.tv_usec/(1000000/detection_tick_resolution);
if(lasttime>time)
time=lasttime;
lasttime=time;
// int *cnt=(int *)arg;
//printf("Pakcet cnt: %d\n",++(*cnt));
//printf("Packet size: %d\n",pkthdr->len);
/*
printf("Payload:\n");
unsigned char i=0;
for(i=0;i<pkthdr->len;i++){
if(isprint(packet[i]))
printf("%c ",packet[i]);
else
printf(". ");
if(i%16==15||i==pkthdr->len-1)
printf("\n");
}
*/
// basic packet info
// args to cnt No. of packet seq
// packet length: pkthdr->len
// payload: *packet
// header of ethernet
const struct ethhdr *ethernet=(struct ethhdr *)packet;
// header of ip level
struct iphdr *iph = (struct iphdr*)&packet[sizeof(struct ethhdr)];
u16 type;
type=ethernet->h_proto;
if(type==htons(ETH_P_IP))
printf("type: eth ip\n");
if(pkthdr->caplen < pkthdr->len){
printf("capture size is smaller than packet size\n");
}else{
// invoke packet processing func
packet_processing(time,iph,pkthdr->len-sizeof(struct ethhdr),pkthdr->len);
}
}
if(flags & 0x04) ip_offset += 1; /* next_ext_header is present */
if(flags & 0x02) ip_offset += 4; /* sequence_number is present (it also includes next_ext_header and pdu_number) */
if(flags & 0x01) ip_offset += 1; /* pdu_number is present */
iph = (struct ndpi_iphdr *) &packet[ip_offset];
if(iph->version != 4) {
// printf("WARNING: not good (packet_id=%u)!\n", (unsigned int)raw_packet_count);
goto v4_warning;
}
}
}
}
// process the packet
protocol_detected = packet_processing(time, iph, iph6, ip_offset, header->len - ip_offset, header->len);
if (protocol_detected > 0 ){
g_num_flows += 1;
printf("This is the detected protocol: %d\n", protocol_detected);
printf("Number of protocols detected so far: %llu\n", g_num_flows);
}
}
static void runPcapLoop(void)
{
if((!shutdown_app) && (_pcap_handle != NULL))
pcap_loop(_pcap_handle, -1, &pcap_packet_callback, NULL);
}
