Http://www.cnblogs.com/TianFang/archive/2007/11/27/973673.htmlWinpcap programming 3 -- get the network adapter list
The first thing for a Winpcap application is to obtain the list of connected network adapters.
Winpcap provides the pcap_findalldevs_ex () function to implement this function:It returns a list of pcap_if structures, each of which contains the details of an adapter.
The following code obtain
WinPcap and Libpcap WinPcapWindows packet capture WinPcap is the Industry-standard tool for Link-layer network access in Windows Environments:it allows applications to cap Ture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level Packet filtering, a network statistics (statistics) engine and support for remote packet capture.
0. PrerequisitesWindows:win7 x64WinPcap version: 4.1.3WinPcap Development Kit: 4.1.2Target: Configure the list of network adapters installed in the target computer using WinPcap in VS20101. Downloadhttp://www.winpcap.org/Download the WinPcap installation package and development packageAfter the installation package is installed, unpack the development package to a directory, and the development package is f
WinPcap grasping the bag principleWinPcap is a group capture library derived from the Berkeley Group Capture Library, which is The Windows operating platform implements interception filtering for the underlying package. WinPcap is an architecture of the BPF model and the LIBPCAP function library under the Windows Platform for Network packet capture and network state analysis, which is composed of a core pac
that communicate with other machines will be discarded. On the contrary, if the adapter is in a hybrid mode, I will capture the packet whether or not it is sent to me. That is to say, I will capture all the data packets. This means that in a shared media (such as bus-type Ethernet), Winpcap can capture all data packets from other hosts. Most applications for data capture will set the adapter to the hybrid mode, so we will also use the hybrid mode in
Winpcap provides the following powerful functions:1. Capture the original data packet2. Set filter to capture only data packets that you dare to interest3. Easily output captured data packets to and from files4. Send original data packets5. Collect network traffic6 ...... (There are many others, I don't know)Ii. How to install and use Winpcap1. Download winpcap installation package from http://winpcap.polit
After Winpcap is installed, the DLL file has been installed in the c: \ windows \ system32 directory. Some header files are required to use the Winpcap library. You need to download the SDK from Winpcap.
Decompress the package to a directory. In visual studio2010, right-click the project -- properties -- VC ++ directory and add wpdpack \ include to the include d
Ask for Winpcap programming materials (SOS) in Delphi-Delphi/Windows SDK/API
Http://www.delphi2007.net/DelphiNetwork/html/delphi_20061217191608106.html
Who has ndis_def.pas?
I found several other Winpcap for Delphi unit files.
Winpcap. Pas
Packet32.pas
BPF. Pas
Less than one ndis_def.pas
Up
Http://www.cublog.cn/u/8780/showart.php? Id = 174273
In the past, it was easy to see people use Winpcap. Today, some time has also been posted on the Internet ~~
We don't want "Hello World" anymore. If Winpcap doesn't come out, we just need a program that prints the list of available network cards on this machine. This is the most simple one.
Go to http://www.winpcap.org/install/bin/winpcap_4_0.exeand install Winpcap
In pcap, the concepts of Kernel Buffer and User Buffer exist. Kernel Buffer is provided to the driver layer to cache packets captured on the NIC, and the User Buffer is used to interact with User applications, provide the data to the user through UserBuffer.Int pcap_setbuff (pcap_t * p, int dim );
Set the size of the kernel buffer associated with an adapter. dim specifies the size of the buffer in bytes. the return value is 0 when the call succeeds,-1 otherwise. if an old buffer was already cre
One of the most powerful features provided by Winpcap is the filter engine. It is integrated into the capture mechanism of Winpcap and provides an efficient way to obtain part of network data. The functions used to filter data packets are pcap_compile () and pcap_setfilter ().Pcap_compile () accepts a string containing a Boolean expression and generates code that can be interpreted by the filter engine in t
0.Written in document order.Development environment: win10+vs2013.Configuring the WINPCAP environment is not much to say. Direct to URL: http://blog.sina.com.cn/s/blog_57432f380101qh3n.htmlThe content is mostly a solution to function interpretation + problems encountered. Learning alerting.1. Get the adapter listThe purpose of getting the adapter is to obtain which adapters are available on the machine, and then choose which adapter to use to grab th
The computer network class sets the request to write to the ARP packet receive and sends with the WINPCAP.So I learned a little bit about the contents of WinPcap.Refer to the blog:http://blog.csdn.net/htttw/article/details/7521053Http://www.cnblogs.com/yingfang18/archive/2010/11/27/1889596.htmlHttp://www.cnblogs.com/wangshuo/archive/2011/07/23/2114680.html"Thank You"Reference Document Address:Http://www.ferrisxu.com/WinPcap/html/modules.htmlTo see the
WINPCAP Technical Manual, in addition to the installation file Doc file under a help, here in a: http://www.ferrisxu.com/WinPcap/html/index.html
Once we grab the packet with the PCAP_NEXT_EX function, we're going to start extracting the key information from it, which I've saved in the Pkt_data and then passed to the processing function.
The code is as follows, and I have written it very clearly. MAC address
Because of the need to use Wireshark for the remote grab package, you need to install the corresponding RPCAPD service on the remote host. As long as the WinPcap software is installed on Windows, it already contains the RPCAPD service, just start. But Linux needs to compile on its own.Note: Wireshark supports remote Packet Capture protocol protocol, as long as the corresponding RPCAPD service routines are installed on the remote host.The installation
1) winpap is prone to packet loss when there is a large amount of data, because data packets are transmitted from the network adapter to the application.ProgramThe file needs to be copied multiple times. First, the file is copied from the NIC to the kernel buffer, and then from the kernel buffer to the application buffer. When the pc cpu is low, the packet loss is obvious, this is especially true when capturing gigabit network data packets.
2) Winpcap
1. Download and install the WinPcap Runtime: http://www.winpcap.org/install/default.htm2. Download WinPcap Development Package: http://www.winpcap.org/devel.htm, unzip to the English path, file directory structure 1.3. Open Codeblocks, select Settings-compiler,2, add Wpcap and have_remote two macro definitions, 3.4.4, add wpcap.lib and ws2_32.lib two library files. Wpcap.lib is located in the Lib directory
The application Winpcap obtains the Network Driver list. The application Winpcap writes applications. The first step is to obtain the local Nic list. Next, let's take a look at how to obtain the NIC list. First, briefly describe the Winpcap function to be used. Int pcap_findalldevs (pcap_if_t ** alldevsp, char * errbuf) function: This API returns a linked list of
# Include # Include
Int main (){Pcap_if_t * alldevs;Pcap_if_t * D;Int I = 0;Char errbuf [pcap_errbuf_size];
/* Retrieve the device list from the local machine */If (pcap_findalldevs_ex (pcap_src_if_string, null/* auth is not needed */, alldevs, errbuf) =-1){Printf ("error in pcap_findalldevs_ex: % s/n", errbuf );Exit (1 );}
/* Print the list */For (D = alldevs; D! = NULL; D = D-> next){/* Print the device's name */Printf ("% d. % s", ++ I, d-> name );
/* Print the device's dashboard */If (D->
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.