LinuxSA Mailing list archives

  From: Alan Kennington <akenning@dog.topology.org>
  To  : Abubucker <Abubucker@paragonsolutions.com>
  Date: Wed, 25 Apr 2001 08:31:55 +0930

pcap

On Tue, Apr 24, 2001 at 09:36:14PM +0530, Abubucker wrote:
> 
>  i want to capture raw packets in Linux.I have found out that it could be
> done using a library called pcap.I found man pages as well.
> But when i tried to compile the program it doesn't compile.What is necessary
> library that should be linked to obtain this feature.I hope to get the
> answer as early as possible.


What was the error message exactly?
You really must be specific.
When querying about problems, _always_ give adequate details.
(This is something where Larry Wall's dictum is wrong.
Problem reports must be full and frank. There is only
one way to do it.)

Was it a "header file not located"?
Was it a "function not defined" or some other syntactic/semantic error?
Was it a link-time error?

People chastise me (in vain) for excessive verbosity, prolixity, garrulity and
loquacity. But it's better to err on the side of verbosity [etc.] than
to be so terse/brief/pithy that the facts have to be eeked out of you.

Yes, pcap does a great job.
Here's my little sample program (in C++):
http://www.topology.org/src/bd/bd.c

You must include pcap.h and link to /usr/local/lib/libpcap.a
(or wherever your libpcap.a file is).

I think that the ethereal software uses pcap, and I'm certain
that tcpdump uses it.
In fact, I think it has bindings in most popular script languages.
Perl certainly has a binding.
It's quite popular with the black hats, I imagine.

Cheers,
Alan Kennington.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject