libpcap Tutorial

Leave a reply 
$ sudo apt-get install libpcap-dev

$ cat /var/lib/dpkg/info/libpcap-dev.list 
$ cat /var/lib/dpkg/info/libpcap0.8-dev.list

Manual Pages

pcap_dump_open
pcap_next
pcap_open_dead

Live Capture

Programming with pcap
The Sniffer’s Guide to Raw Traffic
Capturing Our First Packet

Offline Processing

Writing pcap files with fake headers?
PCAP Offline Parsing Example
Handling offline dump files

    pcap_t *pd;
    pcap_dumper_t *pdumper;

    pd = pcap_open_dead(DLT_RAW, 65535 /* snaplen */);

    /* Create the output file. */
    pdumper = pcap_dump_open(pd, "/tmp/capture.pcap");

    while (1) {
        /*
         * Create fake IP header and put UDP header
         * and payload in place
         */
        ...

        /* write packet to savefile */
        pcap_dump(pdumper, xxxx, yyyy);
    }

    pcap_close(pd);
    pcap_dump_close(pdumper);

Java jNetPCAP

API Examples
Tutorials
Offline Capture
The Main libpcap API Overview

DotNet / .NET

Pcap.Net
Handling offline dump files

Scheme pcap.egg

Schemers.org
CHICKEN Scheme
pcap.egg

Go programming language

The Go Programming Language
package pcap

Leave a Reply

Your email address will not be published. Required fields are marked *