Home > Others

UNIX Network programming: Network packet detection

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Network packet Detection

Packet Capture (sniffer): refers to the behavior of data collection on the network, which needs to be done through the NIC.

Three ways to access:

BSD Packet Filter (BPF)

SVR4 Datalink Provider Interface (DLPI)

Linux Sock_packet interface

Libpcap Library

Installation:

Apt-get Install Libpcap-dev

Common APIs

Capturing data packets

Find the default data network device to capture

The error message returned by the system is saved when the char * pcap_lookupdev (char * errbuf)//error occurs.

return value:

Returns a pointer to the device name when successful.

Failure returns null

Find the network number and subnet mask for the specified device

int pcap_lookupnet (const char * device,//pointer to device name

Bpf_u_int32 * netp,//Pointer to the acquired network number

Bpf_u_int32 * maskp,//Pointer to the obtained subnet mask

char * errbuf)//Save the error message returned by the system when an error occurs

return value:

Successfully returned 0,

The failure returns-1, and the error message is saved to the ERRBUF.

Open a network device for capturing packets

pcap_t * pcap_open_live (const char * device,//pointer to device name

int Snaplen,//length of packets captured

int promisc,//Network Interface working mode

int to_ms,//timeout when reading packets

char * errbuf)//Save system error message when error

return value:

Handle to successfully return capture packet

Failure returns null and saves error message to ERRBUF

Capturing the next frame of data

Const U_CHAR * PCAP_NEXT (pcap_t * p//pcap_open_live return handle

struct PCAP_PKTHDR * h) A structure pointer to hold the captured packet properties

return value:

Returns a pointer to a captured data frame when successful.

Failed or no data returned null.

Loop capture of multiple frame data and process

typedef void (* Pcap_handler) (U_char *user,

const struct PCAP_PKTHDR * h,const U_char *bytes);

int Pcap_loop (pcap_t * p,//pcap_open_live return handle

int cnt,//The number of data frames to capture

Pcap_handler callback,//The processing function that is executed when a frame of data is captured

U_char * user)//pass to callback parameters

See more highlights of this column: http://www.bianceng.cnhttp://www.bianceng.cn/OS/unix/

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
unix network programming volume 1 aws network intrusion detection packet tracer network design packet tracer network simulator packet switched network definition packet tracer network network packet broker

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More