Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-dev: [Wireshark-dev] request help for packet capture using libpcap

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: <atdev.queries@xxxxxxxxx>
Date: Tue, 6 May 2008 16:40:25 +0530
Hello ,
 
I have been trying to write a small application using libpcap library.
Purpose is to capture some live network packets(say 100 packets) and store them in a file (pcap_savefile).
 
Please refer the attachment for the code.
 
As per my understanding the pcap_savefile should be in "pcap" format as this is the default file format for libpacp.
But when I pass this file to wireshark, it does not show any packet data.
Also the size of the pcap_savefile is just around 24 bytes for 100 packets.
So I was wondering whether the programm is actually capturing any network packet.
 
Could anyone please suggest how I can improve the programe and store the data in pcap format.
 
Thanks in advance.
 
Regards,
Atdev 

Please do not print this email unless it is absolutely necessary.

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com 

#include <unistd.h>
#include <stdio.h>
#include <pcap.h>
#include <netinet/in.h>
#include <sys/socket.h>

#define IFSZ 16
#define FLTRSZ 120
#define MAXHOSTSZ 256
#define PCAP_SAVEFILE "./pcap_savefile"

void my_callback(u_char *args, const struct pcap_pkthdr * pkthdr, const u_char* packet){
printf("Welcome ... \n");
}

int main(){

pcap_t *p;               /* packet capture descriptor */
pcap_dumper_t *pd;       /* pointer to the dump file */
char filename[80];       /* name of savefile for dumping packet data */
int count = 20;          /* number of packets to capture */
pcap_if_t *alldevs;
char *err_str, *err_buf;
int n=0;
char * ifname1;

strcpy(filename,PCAP_SAVEFILE);

ifname1 = pcap_lookupdev(err_buf);
p =  pcap_open_live(ifname1, 65545, 0, 1000, err_buf);
pd = pcap_dump_open(p,filename);

pcap_loop(p,100,my_callback,(char *)pd);

pcap_dump_close(pd);
pcap_close(p);

return 0;
}
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube