使用Winpcap编写了一个按照mac地址过滤的函数,刚开始怎么设置MAC地址都不正确,最后发现是格式不正确,争取的Filter的格式如下:特别编写如下:
char filter = "ether dst 00:90:41:C0:C1:C3";
具体的一段代码如下:
char filter[512];
sprintf(filter,"ether proto 0x1111 and ether dst %02X",m_macAddress[0]);
for(int i=1;i<6;i++)
{
sprintf(tempChar,":%02X",m_macAddress[i]);
strcat(filter,tempChar);
}
if ( (m_pcapAdhandle= pcap_open_live(this->m_ifName, // name of the device
65536, // portion of the packet to capture. PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
10, // read timeout
errbuf // error buffer
) ) == NULL)
{
DEBUG_HELPER->log("netcomm",LM_ERROR,"Unable to open the adapter. %s is not supported by WinPcap\n",m_ifName);
return -1;
}
if (filter != NULL)
{
// We should loop through the adapters returned by the pcap_findalldevs_ex()
// in order to locate the correct one.
//
// Let's do things simpler: we suppose to be in a C class network ;-)
NetMask=0xffffff;
//compile the filter
if(pcap_compile(m_pcapAdhandle, &fcode, filter, 1, NetMask) < 0)
{
char* reterror = pcap_geterr(m_pcapAdhandle);
DEBUG_HELPER->log("netcomm",LM_ERROR,"Error compiling filter: wrong syntax.%s\n",reterror);
pcap_close(m_pcapAdhandle);
return -3;
}
//set the filter
if(pcap_setfilter(m_pcapAdhandle, &fcode)<0)
{
DEBUG_HELPER->log("netcomm",LM_ERROR,"Error setting the filter\n");
pcap_close(m_pcapAdhandle);
return -4;
}
}
m_ifIsOpen=true;