{"id":3789,"date":"2015-06-24T09:03:01","date_gmt":"2015-06-24T09:03:01","guid":{"rendered":"http:\/\/blog.bachi.net\/?p=3789"},"modified":"2015-06-24T14:11:56","modified_gmt":"2015-06-24T14:11:56","slug":"libpcap-tutorial","status":"publish","type":"post","link":"https:\/\/blog.bachi.net\/?p=3789","title":{"rendered":"libpcap Tutorial"},"content":{"rendered":"
\r\n$ sudo apt-get install libpcap-dev\r\n<\/pre>\n
\r\n$ cat \/var\/lib\/dpkg\/info\/libpcap-dev.list \r\n$ cat \/var\/lib\/dpkg\/info\/libpcap0.8-dev.list \r\n<\/pre>\n
Manual Pages<\/h3>\n
pcap_dump_open<\/a>
\npcap_next<\/a>
\npcap_open_dead<\/a><\/p>\n
Live Capture<\/h3>\n
Programming with pcap<\/a>
\nThe Sniffer’s Guide to Raw Traffic<\/a>
\nCapturing Our First Packet<\/a><\/p>\n
Offline Processing<\/h3>\n
Writing pcap files with fake headers?<\/a>
\nPCAP Offline Parsing Example<\/a>
\nHandling offline dump files<\/a><\/p>\n
\r\n    pcap_t *pd;\r\n    pcap_dumper_t *pdumper;\r\n\r\n    pd = pcap_open_dead(DLT_RAW, 65535 \/* snaplen *\/);\r\n\r\n    \/* Create the output file. *\/\r\n    pdumper = pcap_dump_open(pd, "\/tmp\/capture.pcap");\r\n\r\n    while (1) {\r\n        \/*\r\n         * Create fake IP header and put UDP header\r\n         * and payload in place\r\n         *\/\r\n        ...\r\n\r\n        \/* write packet to savefile *\/\r\n        pcap_dump(pdumper, xxxx, yyyy);\r\n    }\r\n\r\n    pcap_close(pd);\r\n    pcap_dump_close(pdumper);\r\n<\/pre>\n
Java jNetPCAP<\/h3>\n
API Examples<\/a>
\nTutorials<\/a>
\nOffline Capture<\/a>
\nThe Main libpcap API Overview<\/a><\/p>\n
DotNet \/ .NET<\/h3>\n
Pcap.Net<\/a>
\nHandling offline dump files<\/a><\/p>\n
Scheme pcap.egg<\/h3>\n
Schemers.org<\/a>
\nCHICKEN Scheme<\/a>
\npcap.egg<\/a><\/p>\n
Go programming language<\/h3>\n
The Go Programming Language<\/a>
\npackage pcap<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
$ sudo apt-get install libpcap-dev $ cat \/var\/lib\/dpkg\/info\/libpcap-dev.list $ cat \/var\/lib\/dpkg\/info\/libpcap0.8-dev.list Manual Pages pcap_dump_open pcap_next pcap_open_dead Live Capture Programming with pcap The Sniffer’s Guide to Raw Traffic Capturing Our First Packet Offline Processing Writing pcap files with fake headers? PCAP Offline Parsing Example Handling offline dump files pcap_t *pd; pcap_dumper_t *pdumper; pd = pcap_open_dead(DLT_RAW, 65535 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3789","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3789","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3789"}],"version-history":[{"count":12,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3789\/revisions"}],"predecessor-version":[{"id":3801,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3789\/revisions\/3801"}],"wp:attachment":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3789"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3789"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3789"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}