-
Notifications
You must be signed in to change notification settings - Fork 5
/
npcap_run.cpp
86 lines (75 loc) · 2.71 KB
/
npcap_run.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#include "npcap.h"
void Npcap::run()
{
if(inum < 0 || inum >= devs.size())
{
printf("\nInterface number out of range.\n");
return;
}
// Open the device and the adapter
adhandle = pcap_open_live(devs[inum]->name, // name of the device
65536, // portion of the packet to capture.65536 grants that the whole packet will be captured on all the MACs.
1, // promiscuous mode (nonzero means promiscuous)
1000, // read timeout
errbuf // error buffer
);
if(adhandle == NULL)
{
fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n", devs[inum]->name);
fprintf(stderr, "Error in pcap_open_live: %s\n", errbuf);
return;
}
// Check the link layer. We support only Ethernet for simplicity.
if(pcap_datalink(adhandle) != DLT_EN10MB)
{
fprintf(stderr, "\nThis program works only on Ethernet networks.\n");
return;
}
/*
if(pcap_set_immediate_mode(adhandle, 1) != 0)
{
fprintf(stderr, "\nERROR: pcap_set_immediate_mode: %s\n", pcap_geterr(adhandle));
return;
}
*/
/*
if(pcap_setdirection(adhandle, PCAP_D_IN) != 0)
{
fprintf(stderr, "\nERROR: pcap_setdirection: %s\n", pcap_geterr(adhandle));
return;
}
*/
if(0) // Filter
{
u_int netmask;
if(devs[inum]->addresses != NULL)
// Retrieve the mask of the first address of the interface
netmask = ((struct sockaddr_in *)(devs[inum]->addresses->netmask))->sin_addr.S_un.S_addr;
else
// If the interface is without addresses we suppose to be in a C class network
netmask = 0xffffff;
// compile the filter
bpf_program fcode;
char packet_filter[] = "ip and tcp";
if(pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) < 0)
{
fprintf(stderr, "\nUnable to compile the packet filter. Check the syntax.\n");
return;
}
// set the filter
if(pcap_setfilter(adhandle, &fcode) < 0)
{
fprintf(stderr, "\nError setting the filter.\n");
return;
}
}
printf("\nlistening on %s...\n", devs[inum]->description);
// At this point, we don't need any more the device list. Free it
// start the capture
if(pcap_loop(adhandle, 0, &Npcap::packet_handler, reinterpret_cast<u_char*>(this)) == -1)
{
fprintf(stderr, "\nERROR: pcap_loop: %s\n", pcap_geterr(adhandle));
return;
}
pcap_close(adhandle);
}