pcap

From Free Pascal wiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

The PCAP libraries, libpcap and winpcap provide a portable framework for low-level network monitoring on Linux and Windows operating systems, respectively. This package provides a header-unit for PCAP libraries.

Supported Functions and Procedures

  • Column 'pcap.pp': Whether this PCAP function is included in the pcap.pp headers
  • Column 'libpcap': Whether this function is applies to libpcap or not
  • Column 'winpcap': Whether this function is applies to winpcap or not
pcap.pp libpcap winpcap Name Description
X X X pcap_breakloop Set a flag that will force pcap_dispatch() or pcap_loop() to return rather than looping.
X X X pcap_close Close the files associated with p and deallocates resources.
X X X pcap_compile Compile a packet filter, converting an high level filtering expression (see Filtering expression syntax) in a program that can be interpreted by the kernel-level filtering engine.
X X X pcap_compile_nopcap Compile a packet filter without the need of opening an adapter. This function converts an high level filtering expression (see Filtering expression syntax) in a program that can be interpreted by the kernel-level filtering engine.
X pcap_createsrcstr Accept a set of strings (host name, port, ...), and it returns the complete source string according to the new format (e.g. 'rpcap://1.2.3.4/eth0').
X X X pcap_datalink Return the link layer of an adapter.
X X X pcap_datalink_name_to_val Translates a data link type name, which is a DLT_ name with the DLT_ removed, to the corresponding data link type value. The translation is case-insensitive. -1 is returned on failure.
X X X pcap_datalink_val_to_description Translates a data link type value to a short description of that data link type. NULL is returned on failure.
X X X pcap_datalink_val_to_name Translates a data link type value to the corresponding data link type name. NULL is returned on failure.
X X X pcap_dispatch Collect a group of packets.
X X X pcap_dump Save a packet to disk.
X X X pcap_dump_close Closes a savefile.
Commented Out X X pcap_dump_file Return the standard I/O stream of the 'savefile' opened by pcap_dump_open().
X X X pcap_dump_flush Flushes the output buffer to the ``savefile, so that any packets written with pcap_dump() but not yet written to the ``savefile will be written. -1 is returned on error, 0 on success.
X X pcap_dump_fopen Open a file to which to write packets
X X X pcap_dump_ftell Return the file position for a "savefile".
X X X pcap_dump_open Open a file to write packets.
Commented Out X X pcap_file Return the standard stream of an offline capture. Deprecated.
X pcap_fileno NOTE: Does not exist in current libpcap or winpcap documentation.
X X X pcap_findalldevs Construct a list of network devices that can be opened with pcap_open_live().
X pcap_findalldevs_ex Create a list of network devices that can be opened with pcap_open().
X X X pcap_freealldevs Free an interface list returned by pcap_findalldevs().
X X X pcap_freecode Free a filter.
X pcap_get_airpcap_handle Returns the AirPcap handler associated with an adapter. This handler can be used to change the wireless-related settings of the CACE Technologies AirPcap wireless capture adapters.
X X X pcap_geterr Return the error text pertaining to the last pcap library error.
X pcap_getevent Return the handle of the event associated with the interface p.
X X X pcap_getnonblock Get the "non-blocking" state of an interface.
X X pcap_inject Transmit a packet
X X X pcap_is_swapped Returns true if the current savefile uses a different byte order than the current system.
X X X pcap_lib_version Returns a pointer to a string giving information about the version of the libpcap library being used; note that it contains more information than just a version number.
X X X pcap_list_datalinks List datalinks
X pcap_live_dump Save a capture to file.
X pcap_live_dump_ended Return the status of the kernel dump process, i.e. tells if one of the limits defined with pcap_live_dump() has been reached.
X X X pcap_lookupdev Return the first valid device in the system. Deprecated.
X X X pcap_lookupnet Return the subnet and netmask of an interface. Deprecated.
X X X pcap_loop Collect a group of packets.
X X X pcap_major_version Return the major version number of the pcap library used to write the savefile.
X X X pcap_minor_version Return the minor version number of the pcap library used to write the savefile.
X X X pcap_next Return the next available packet.
X X X pcap_next_ex Read a packet from an interface or from an offline capture.
X pcap_offline_filter Returns if a given filter applies to an offline packet.
X pcap_open Open a generic source in order to capture / send (WinPcap only) traffic.
X X X pcap_open_dead Create a pcap_t structure without starting a capture.
X X X pcap_open_live Open a live capture from the network.
X X X pcap_open_offline Open a savefile in the tcpdump/libpcap format to read packets.
X pcap_parsesrcstr Parse the source string and returns the pieces in which the source can be split.
X X X pcap_perror Print the text of the last pcap library error on stderr, prefixed by prefix.
X pcap_remoteact_accept Block until a network connection is accepted (active mode only).
X pcap_remoteact_cleanup Clean the socket that is currently used in waiting active connections.
X pcap_remoteact_close Drop an active connection (active mode only).
X pcap_remoteact_list Return the hostname of the host that have an active connection with us (active mode only).
X X X pcap_sendpacket Send a raw packet.
X pcap_sendqueue_alloc Allocate a send queue.
X pcap_sendqueue_destroy Destroy a send queue.
X pcap_sendqueue_queue Add a packet to a send queue.
X pcap_sendqueue_transmit Send a queue of raw packets to the network.
X X X pcap_set_datalink Set the current data link type of the pcap descriptor to the type specified by dlt. -1 is returned on failure.
X X pcap_setbuff Set the size of the kernel buffer associated with an adapter.
X X pcap_setdirection Set the direction for which packets will be captured. Appears to be no longer supported in either library.
X X X pcap_setfilter Associate a filter to a capture.
X X pcap_setmintocopy Set the minumum amount of data received by the kernel in a single call.
X X pcap_setmode Set the working mode of the interface p to mode.
X X X pcap_setnonblock Switch between blocking and nonblocking mode.
X pcap_setsampling Define a sampling method for packet capture.
X X X pcap_snapshot Return the dimension of the packet portion (in bytes) that is delivered to the application.
X X X pcap_stats Return statistics on current capture.
X pcap_stats_ex Return statistics on current capture.
X X X pcap_strerror Provided in case strerror() isn't available.

Example Programs

(This is a WIP - jdlinke 4 June 2015)