Functions | |
int | pcap_findalldevs_ex (char *host, char *port, SOCKET sockctrl, struct pcap_rmtauth *auth, pcap_if_t **alldevs, char *errbuf) |
It creates a list of network devices that can be opened with pcap_open(). | |
int | pcap_createsrcstr (char *source, int type, const char *host, const char *port, const char *name, char *errbuf) |
Accepts a set of strings (host name, port, ...), and it returns the complete source string according to the new format (e.g. 'rpcap://1.2.3.4/eth0'). | |
int | pcap_parsesrcstr (const char *source, int *type, char *host, char *port, char *name, char *errbuf) |
Parses the source string and returns the pieces in which the source can be split. | |
pcap_t * | pcap_open (const char *source, int snaplen, int flags, int read_timeout, struct pcap_rmtauth *auth, char *errbuf) |
It opens a generic source in order to capture / send (WinPcap only) traffic. | |
int | pcap_remoteact_accept (const char *address, const char *port, const char *hostlist, char *connectinghost, struct pcap_rmtauth *auth, char *errbuf) |
It blocks until a network connection is accepted (active mode only). | |
int | pcap_remoteact_close (const char *host, char *errbuf) |
It drops an active connection (active mode only). | |
void | pcap_remoteact_cleanup () |
Cleans the socket that is currently used in waiting active connections. | |
int | pcap_remoteact_list (char *hostlist, char sep, int size, char *errbuf) |
Returns the hostname of the host that have an active connection with us (active mode only). |
|
Accepts a set of strings (host name, port, ...), and it returns the complete source string according to the new format (e.g. 'rpcap://1.2.3.4/eth0'). This function is provided in order to help the user to create the source string according to the new format. An unique source string is used in order to make easy for old applications to use the remote facilities. Think about tcpdump, for example, which has only one way to specify the interface on which the capture has to be started. However, GUI-based programs can find more useful to specify hostname, port and interface name separately. In that case, they can use this function to create the source string before passing it to the pcap_open() function.
Definition at line 495 of file pcap-new.c. References PCAP_SRC_FILE, PCAP_SRC_IFLOCAL, PCAP_SRC_IFREMOTE, and snprintf. |
|
It creates a list of network devices that can be opened with pcap_open(). This function is a superset of the old 'pcap_findalldevs()', which is obsolete, and which allows listing only the devices present on the local machine. Vice versa, pcap_findalldevs_ex() allows listing the devices present on a remote machine as well. Moreover, pcap_findalldevs_ex() is platform independent, since it relies on the standard pcap_findalldevs() to get addresses on the local machine. In case the function has to list the interfaces on a remote machine, it opens a new control connection toward that machine, it retrieves the interfaces, and it drops the connection. However, if this function detects that the remote machine is in 'active' mode, the connection is not dropped (see the 'sockctrl' parameters for more details). In the same way, if we're in active mode and the connection is already opened, it uses the existing socket. This function can rely on the pcap_createsrcstr() to create the string that keeps the capture device according to the new syntax, and the pcap_parsesrcstr() for the other way round.
Definition at line 150 of file pcap-new.c. References pcap_addr::addr, pcap_addr::broadaddr, pcap_addr::dstaddr, host, rpcap_findalldevs_if::namelen, pcap_addr::netmask, pcap_addr::next, pcap_findalldevs(), pcap_strerror(), port, rpcap_checkmsg(), rpcap_createhdr(), rpcap_deseraddr(), RPCAP_MSG_ERROR, RPCAP_MSG_FINDALLIF_REPLY, rpcap_remoteact_getsock(), rpcap_sendauth(), snprintf, sock_cleanup(), sock_close(), sock_discard(), sock_init(), sock_open(), sock_recv(), sock_send(), and sock_validaddr(). |
|
It opens a generic source in order to capture / send (WinPcap only) traffic. The pcap_open() replaces all the pcap_open_xxx() functions with a single call. This function hides the differences between the different pcap_open_xxx() functions so that the programmer does not have to manage different opening function. In this way, the 'true' open function is decided according to the source type, which is included into the source string (in the form of source prefix). This function can rely on the pcap_createsrcstr() to create the string that keeps the capture device according to the new syntax, and the pcap_parsesrcstr() for the other way round.
Definition at line 881 of file pcap-new.c. References host, PCAP_BUF_SIZE, pcap_open_live(), pcap_open_offline(), pcap_opensource_remote(), pcap_parsesrcstr(), PCAP_SRC_FILE, PCAP_SRC_IFLOCAL, PCAP_SRC_IFREMOTE, pcap_t, port, and snprintf. Referenced by daemon_opensource(), and daemon_startcapture(). |
|
Parses the source string and returns the pieces in which the source can be split. This call is the other way round of pcap_createsrcstr(). It accepts a null-terminated string and it returns the parameters related to the source. This includes:
The user can omit some parameters in case it is not interested in them.
Definition at line 636 of file pcap-new.c. References host, PCAP_BUF_SIZE, PCAP_SRC_FILE, PCAP_SRC_IFLOCAL, PCAP_SRC_IFREMOTE, port, and snprintf. Referenced by pcap_open(), pcap_open_live(), and pcap_opensource_remote(). |
|
It blocks until a network connection is accepted (active mode only). This function has been defined to allow the client dealing with the 'active mode'. In other words, in the 'active mode' the server opens the connection toward the client, so that the client has to open a socket in order to wait for connections. When a new connection is accepted, the RPCAP protocol starts as usual; the only difference is that the connection is initiated by the server. This function accepts only ONE connection, then it closes the waiting socket. This means that if some error occurs, the application has to call it again in order to accept another connection. This function returns when a new connection (coming from a valid host 'connectinghost') is accepted; it returns error otherwise.
Definition at line 996 of file pcap-new.c. References activeHosts, activehosts::host, hostlist, activehosts::next, pcap_strerror(), port, rpcap_sendauth(), rpcap_senderror(), snprintf, SOCK_ASSERT, sock_check_hostlist(), sock_close(), sock_cmpaddr(), sock_geterror(), sock_init(), sock_open(), sock_validaddr(), activehosts::sockctrl, SOCKET, and sockmain. |
|
Cleans the socket that is currently used in waiting active connections. This function does a very dirty job. The fact is that is the waiting socket is not freed if the pcap_remoteaccept() is killed inside a new thread. This function is able to clean the socket in order to allow the next calls to pcap_remoteact_accept() to work. This function is useful *only* if you launch pcap_remoteact_accept() inside a new thread, and you stops (not very gracefully) the thread (for example because the user changed idea, and it does no longer want to wait for an active connection). So, basically, the flow should be the following:
This function has no effects in other cases.
Definition at line 1249 of file pcap-new.c. References sock_cleanup(). |
|
It drops an active connection (active mode only). This function has been defined to allow the client dealing with the 'active mode'. This function closes an active connection that is still in place and it purges the host name from the 'activeHost' list. From this point on, the client will not have any connection with that host in place.
Definition at line 1153 of file pcap-new.c. References activeHosts, activehosts::host, activehosts::next, rpcap_createhdr(), snprintf, sock_cleanup(), sock_close(), sock_cmpaddr(), sock_send(), and activehosts::sockctrl. |
|
Returns the hostname of the host that have an active connection with us (active mode only). This function has been defined to allow the client dealing with the 'active mode'. This function returns the list of hosts that are currently having an active connection with us. This function is useful in order to delete an active connection that is still in place.
Definition at line 1285 of file pcap-new.c. References activeHosts, activehosts::host, hostlist, activehosts::next, RPCAP_HOSTLIST_SIZE, size, snprintf, and sock_geterror(). |
documentation. Copyright (c) 2002-2003 Politecnico di Torino. All rights reserved.