#include <pcap.h>
int main ()
{
char *err;
char *dev;
pcap_pkthdr *header;
struct bpf_program guize;
char guize_string[]="";
u_char *packet;
bpf_u_int32 netip;
bpf_u_int32 netmask;
dev=pcap_lookupdev(err);
pcap_t *pcap_handle;
pcap_lookupnet(dev,&netip,&netmask,err);
pcap_handle=pcap_open_live(dev,BUFSIZ,1,200,err);
pcap_compile(pcap_handle,&guize,guize_string,0,netip);
pcap_setfilter(pcap_handle,&guize);
捕获数据包 并写入文件/
pcap_dumper_t *p;
p=pcap_dump_open(pcap_handle,"/home/yang/桌面/11/112");
pcap_next_ex(pcap_handle,&header,(const u_char**)&packet);
for(int k=0;k<header->len;k++)
printf("%c",*(packet+k));
printf("\n");
pcap_dump((unsigned char*)p,header,packet); //写入
pcap_dump_close(p); //关闭
/读取数据报文件
pcap_t *ohandle;
ohandle=pcap_open_offline("/home/yang/桌面/11/112",err);
//p=pcap_dump_open(ohandle,"/home/yang/桌面/11/112");
pcap_pkthdr * header2;
const u_char *packet2;
pcap_next_ex(ohandle,&header2,&packet2);
for(int k=0;k<header2->len;k++)
printf("%c",*(packet2+k));
printf("\n");
}
libpcap捕获数据包储存于读取
最新推荐文章于 2022-09-07 12:44:55 发布