pcap

From Free Pascal wiki
Revision as of 21:15, 4 June 2015 by Jdlinke (talk | contribs) (Created initial page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

PCAP

The PCAP libraries, libpcap and winpcap provide a portable framework for low-level network monitoring on Linux and Windows operating systems, respectively. This package provides a header-unit for PCAP libraries.

Supported Functions and Procedures

pcap.pp libpcap winpcap Name Description
X X X pcap_breakloop set a flag that will force pcap_dispatch() or pcap_loop() to return rather than looping.
X X X pcap_close close the files associated with p and deallocates resources.
X X X pcap_compile Compile a packet filter, converting an high level filtering expression (see Filtering expression syntax) in a program that can be interpreted by the kernel-level filtering engine.
X X X pcap_compile_nopcap Compile a packet filter without the need of opening an adapter. This function converts an high level filtering expression (see Filtering expression syntax) in a program that can be interpreted by the kernel-level filtering engine.
X pcap_createsrcstr Accept a set of strings (host name, port, ...), and it returns the complete source string according to the new format (e.g. 'rpcap://1.2.3.4/eth0').
X X X pcap_datalink Return the link layer of an adapter.
X X X pcap_datalink_name_to_val Translates a data link type name, which is a DLT_ name with the DLT_ removed, to the corresponding data link type value. The translation is case-insensitive. -1 is returned on failure.
X X X pcap_datalink_val_to_description Translates a data link type value to a short description of that data link type. NULL is returned on failure.
X X X pcap_datalink_val_to_name Translates a data link type value to the corresponding data link type name. NULL is returned on failure.
X X X pcap_dispatch Collect a group of packets.
X X X pcap_dump Save a packet to disk.
X X X pcap_dump_close Closes a savefile.
Commented Out X X pcap_dump_file return the standard I/O stream of the 'savefile' opened by pcap_dump_open().
X X X pcap_dump_flush Flushes the output buffer to the ``savefile, so that any packets written with pcap_dump() but not yet written to the ``savefile will be written. -1 is returned on error, 0 on success.
X X pcap_dump_fopen
X X X pcap_dump_ftell Return the file position for a "savefile".
X X X pcap_dump_open Open a file to write packets.
Commented Out X X pcap_file Return the standard stream of an offline capture.
X pcap_fileno NOTE: Does not exist in current libpcap or winpcap documentation.
X X X pcap_findalldevs Construct a list of network devices that can be opened with pcap_open_live().
X pcap_findalldevs_ex Create a list of network devices that can be opened with pcap_open().
X X X pcap_freealldevs Free an interface list returned by pcap_findalldevs().
X X X pcap_freecode Free a filter.
X pcap_get_airpcap_handle Returns the AirPcap handler associated with an adapter. This handler can be used to change the wireless-related settings of the CACE Technologies AirPcap wireless capture adapters.
X X X pcap_geterr return the error text pertaining to the last pcap library error.
X pcap_getevent Return the handle of the event associated with the interface p.
X X X pcap_getnonblock Get the "non-blocking" state of an interface.
X X pcap_inject
X X X pcap_is_swapped returns true if the current savefile uses a different byte order than the current system.
X X X pcap_lib_version Returns a pointer to a string giving information about the version of the libpcap library being used; note that it contains more information than just a version number.
X X X pcap_list_datalinks list datalinks
X pcap_live_dump Save a capture to file.
X pcap_live_dump_ended Return the status of the kernel dump process, i.e. tells if one of the limits defined with pcap_live_dump() has been reached.
X X X pcap_lookupdev Return the first valid device in the system.
X X X pcap_lookupnet Return the subnet and netmask of an interface.
X X X pcap_loop Collect a group of packets.
X X X pcap_major_version return the major version number of the pcap library used to write the savefile.
X X X pcap_minor_version return the minor version number of the pcap library used to write the savefile.
X X X pcap_next Return the next available packet.
X X X pcap_next_ex Read a packet from an interface or from an offline capture.
X pcap_offline_filter Returns if a given filter applies to an offline packet.
X pcap_open Open a generic source in order to capture / send (WinPcap only) traffic.
X X X pcap_open_dead Create a pcap_t structure without starting a capture.
X X X pcap_open_live Open a live capture from the network.
X X X pcap_open_offline Open a savefile in the tcpdump/libpcap format to read packets.
X pcap_parsesrcstr Parse the source string and returns the pieces in which the source can be split.
X X X pcap_perror print the text of the last pcap library error on stderr, prefixed by prefix.
X pcap_remoteact_accept Block until a network connection is accepted (active mode only).
X pcap_remoteact_cleanup Clean the socket that is currently used in waiting active connections.
X pcap_remoteact_close Drop an active connection (active mode only).
X pcap_remoteact_list Return the hostname of the host that have an active connection with us (active mode only).
X X X pcap_sendpacket Send a raw packet.
X pcap_sendqueue_alloc Allocate a send queue.
X pcap_sendqueue_destroy Destroy a send queue.
X pcap_sendqueue_queue Add a packet to a send queue.
X pcap_sendqueue_transmit Send a queue of raw packets to the network.
X X X pcap_set_datalink Set the current data link type of the pcap descriptor to the type specified by dlt. -1 is returned on failure.
X X pcap_setbuff Set the size of the kernel buffer associated with an adapter.
X X pcap_setdirection
X X X pcap_setfilter Associate a filter to a capture.
X X pcap_setmintocopy Set the minumum amount of data received by the kernel in a single call.
X X pcap_setmode Set the working mode of the interface p to mode.
X X X pcap_setnonblock Switch between blocking and nonblocking mode.
X pcap_setsampling Define a sampling method for packet capture.
X X X pcap_snapshot Return the dimension of the packet portion (in bytes) that is delivered to the application.
X X X pcap_stats Return statistics on current capture.
X pcap_stats_ex Return statistics on current capture.
X X X pcap_strerror Provided in case strerror() isn't available.

Example Programs

(This is a WIP - jdlinke 4 June 2015)