<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1">
<title>WinPcap: Using WinPcap in your programs</title>
<link href="style.css" rel="stylesheet" type="text/css">
<link href="tabs.css" rel="stylesheet" type="text/css">
</head><body>
<!-- Generated by Doxygen 1.5.1 -->
<div class="tabs">
<ul>
<li><a href="main.html"><span>Main Page</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
<li><a href="annotated.html"><span>Data Structures</span></a></li>
<li><a href="files.html"><span>Files</span></a></li>
<li><a href="pages.html"><span>Related Pages</span></a></li>
</ul></div>
<h1>Using WinPcap in your programs<br>
<small>
[<a class="el" href="group__wpcap.html">WinPcap user's manual</a>]</small>
</h1><table border="0" cellpadding="0" cellspacing="0">
<tr><td></td></tr>
</table>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title></title>
</head>
<body>
<h2>Creating an application that uses <i>wpcap.dll</i></h2>
<p>To create an application that uses <i>wpcap.dll</i> with Microsoft Visual C++,
follow these
steps:</p>
<ul>
<li>Include the file <i>pcap.h</i> at the beginning of every source file that
uses the functions exported by library.</li>
<li>If your program uses Win32 specific functions of WinPcap, remember to include <i>WPCAP</i>
among the preprocessor definitions.</li>
<li>If your program uses the remote capture capabilities of WinPcap, add <i>
HAVE_REMOTE</i> among the preprocessor definitions. Do <i>not</i> include
remote-ext.h directly in your source files.<li>Set the options of the linker to include the <i>wpcap.lib</i> library
file. <i>wpcap.lib</i> can
be found in the WinPcap developer's pack.
<li>Set the options of the linker to include the winsock library file<i>
ws2_32.lib</i>. This file is distributed with the C compiler
and contains the socket functions for Windows. It is needed by some
functions used by the samples in the tutorial.</li>
</ul>
<p><b>Remember that</b>:</p>
<ul>
<li>To add a preprocessor definition, you must select <em>Settings</em> from the <em>Project</em> menu, then select <em>C/C++</em>
from the tab control, and under the category <i>General</i>, you must add
the definition under the <i>Preprocessor Definitions</i> text box.
<li>To add a new library to the project with Microsoft Visual C++ 6.0, you must
select <em>Settings</em> from the <em>Project</em> menu, then select <em>Link</em>
from the tab control, and then add the name of the new library in the <em>Object/library
modules</em> edit box.
<li>To add a new path where Microsoft Visual C++ 6.0 will look for the libraries,
you must select <em>Options</em> from the <em>Tools</em> menu, then <em>
Directories</em>
from the tab control, <em>Library files</em> from the <em>Show directories
for</em> combo box, and the add the path in the <em>Directories</em> box.
<li>To add a new path where Microsoft Visual C++ 6.0 will look for include files, you must select <em>Options</em> from the <em>Tools</em> menu, then
<em>Directories</em>
from the tab control, <em>Include files</em> from the <em>Show directories
for</em> combo box, and the add the path in the <em>Directories</em> box.</li>
</ul>
<h2>Sample programs</h2>
<p>A couple of sample programs are provided to show the usage of the WinPcap API. The
source of the examples, along with all the files needed to compile and run them, can be found in the <a href="http://www.winpcap.org/install/bin">Developer's
Pack</a>. For didactic purpose we provide here a browsable version of the
code: it is possible to click on the variables and functions to jump the
documentation of each of them. For a more complete set of samples, try <a href="group__wpcap__tut.htm">WinPcap
Tutorial Section</a>.</p>
</body>
</html>
<p>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title></title>
</head>
<body>
<h3>Packet Dump</h3>
<p>This program reads packets from a file or a network adapter, depending on
a command line switch. If a source is not provided, the program shows a list of
available adapters, one of which can be selected. Once the
capture is started, the program prints the timestamp, the length and the raw
contents of the packets. Once compiled, it will run on all the Win32 platforms. It
can be compiled to run on Unix as well (the makefile is provided).</p>
</body>
</html>
<div class="fragment"><pre class="fragment"><span class="comment">/*</span>
<span class="comment"> * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)</span>
<span class="comment"> * Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)</span>
<span class="comment"> * All rights reserved.</span>
<span class="comment"> *</span>
<span class="comment"> * Redistribution and use in source and binary forms, with or without</span>
<span class="comment"> * modification, are permitted provided that the following conditions</span>
<span class="comment"> * are met:</span>
<span class="comment"> *</span>
<span class="comment"> * 1. Redistributions of source code must retain the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer.</span>
<span class="comment"> * 2. Redistributions in binary form must reproduce the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer in the</span>
<span class="comment"> * documentation and/or other materials provided with the distribution.</span>
<span class="comment"> * 3. Neither the name of the Politecnico di Torino, CACE Technologies </span>
<span class="comment"> * nor the names of its contributors may be used to endorse or promote </span>
<span class="comment"> * products derived from this software without specific prior written </span>
<span class="comment"> * permission.</span>
<span class="comment"> *</span>
<span class="comment"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS</span>
<span class="comment"> * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR</span>
<span class="comment"> * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="comment"> * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="comment"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,</span>
<span class="comment"> * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY</span>
<span class="comment"> * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT</span>
<span class="comment"> * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE</span>
<span class="comment"> * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="comment"> *</span>
<span class="comment"> */</span>
<span class="preprocessor">#include <stdlib.h></span>
<span class="preprocessor">#include <stdio.h></span>
<span class="comment">//</span>
<span class="comment">// NOTE: remember to include WPCAP and HAVE_REMOTE among your</span>
<span class="comment">// preprocessor definitions.</span>
<span class="comment">//</span>
<span class="preprocessor">#include <pcap.h></span>
<span class="preprocessor">#define LINE_LEN 16</span>
<span class="preprocessor"></span>
main(<span class="keywordtype">int</span> argc, <span class="keywordtype">char</span> **argv)
{
<a class="code" href="structpcap__if.html">pcap_if_t</a> *alldevs, *d;
<a class="code" href="group__wpcap__def.html#g4711d025f83503ce692efa5e45ec60a7">pcap_t</a> *fp;
u_int inum, i=0;
<span class="keywordtype">char</span> errbuf[<a class="code" href="group__wpcap__def.html#gcd448353957d92c98fccc29e1fc8d927">PCAP_ERRBUF_SIZE</a>];
<span class="keywordtype">int</span> res;
<span class="keyword">struct </span><a class="code" href="structpcap__pkthdr.html">pcap_pkthdr</a> *header;
<span class="keyword">const</span> u_char *pkt_data;
printf(<span class="stringliteral">"pktdump_ex: prints the packets of the network using WinPcap.\n"</span>);
printf(<span class="stringliteral">" Usage: pktdump_ex [-s source]\n\n"</span>
<span class="stringliteral">" Examples:\n"</span>
<span class="stringliteral">" pktdump_ex -s file://c:/temp/file.acp\n"</span>
<span class="stringliteral">" pktdump_ex -s rpcap://\\Device\\NPF_{C8736017-F3C3-4373-94AC-9A34B7DAD998}\n\n"</span>);
<span class="keywordflow">if</span>(argc < 3)
{
printf(<span class="stringliteral">"\nNo adapter selected: printing the device list:\n"</span>);
<span class="comment">/* The user didn't provide a packet source: Retrieve the local device list */</span>
<span class="keywordflow">if</span> (<a class="code" href="group__wpcapfunc.html#g98f36e62c95c6ad81eaa8b2bbeb8f16e">pcap_findalldevs_ex</a>(<a class="code" href="group__remote__source__string.html#g6d7103b8a7e1eca8c325bd8f32c361c3">PCAP_SRC_IF_STRING</a>, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,<span class="stringliteral">"Error in pcap_findalldevs_ex: %s\n"</span>, errbuf);
<span class="keywordflow">return</span> -1;
}
<span class="comment">/* Print the list */</span>
<span class="keywordflow">for</span>(d=alldevs; d; d=d-><a class="code" href="structpcap__if.html#81508e6e4e41ca4235c8d6b51913c536">next</a>)
{
printf(<span class="stringliteral">"%d. %s\n "</span>, ++i, d-><a class="code" href="structpcap__if.html#5ac083a645d964373f022d03df4849c8">name</a>);
if (d-><a class="code" href="structpcap__if.html#8444d6e0dfe2bbab0b5e7b24308f1559">description</a>)
printf(<span class="stringliteral">" (%s)\n"</span>, d-><a class="code" href="structpcap__if.html#8444d6e0dfe2bbab0b5e7b24308f1559">description</a>);
<span class="keywordflow">else</span>
printf(<span class="stringliteral">" (No description available)\n"</span>);
}
<span class="keywordflow">if</span> (i==0)
{
fprintf(stderr,<span class="stringliteral">"No interfaces found! Exiting.\n"</span>);
<span class="keywordflow">return</span> -1;
}
printf(<span class="stringliteral">"Enter the interface number (1-%d):"</span>,i);
scanf(<span class="stringliteral">"%d"</span>, &inum);
<span class="keywordflow">if</span> (inum < 1 || inum > i)
{
printf(<span class="stringliteral">"\nInterface number out of range.\n"</span>);
<span class="comment">/* Free the device list */</span>
<a class="code" href="group__wpcapfunc.html#g346b4b0b7fd1cda4abb9a39f767dbeb1">pcap_freealldevs</a>(alldevs);
<span class="keywordflow">return</span> -1;
}
<span class="comment">/* Jump to the selected adapter */</span>
<span class="keywordflow">for</span> (d=alldevs, i=0; i< inum-1 ;d=d-><a class="code" href="structpcap__if.html#81508e6e4e41ca4235c8d6b51913c536">next</a>, i++);
<span class="comment">/* Open the device */</span>
<span class="keywordflow">if</span> ( (fp= <a class="code" href="group__wpcapfunc.html#g2b64c7b6490090d1d37088794f1f1791">pcap_open</a>(d-><a class="code" href="structpcap__if.html#5ac083a645d964373f022d03df4849c8">name</a>,
100 <span class="comment">/*snaplen*/</span>,
<a class="code" href="group__remote__open__flags.html#g9134ce51a9a6a7d497c3dee5affdc3b9">PCAP_OPENFLAG_PROMISCUOUS</a> <span class="comment">/*flags*/</span>,
20 <span class="comment">/*read timeout*/</span>,
NULL <span class="comment">/* remote authentication */</span>,
errbuf)
) == NULL)
{
fprintf(stderr,<span class="stringliteral">"\nError opening adapter\n"</span>);
<span class="keywordflow">return</span> -1;
}
}
<span class="keywordflow">else</span>
{
<span class="comment">// Do not check for the switch type ('-s')</span>
<span class="keywordflow">if</span> ( (fp= <a class="code" href="group__wpcapfunc.html#g2b64c7b6490090d1d37088794f1f1791">pcap_open</a>(argv[2],
100 <span class="comment">/*snaplen*/</span>,
<a class="code" href="group__remote__open__flags.html#g9134ce51a9a6a7d497c3dee5affdc3b9">PCAP_OPENFLAG_PROMISCUOUS</a> <span class="comment">/*flags*/</span>,
20 <span class="comment">/*read timeout*/</span>,
NULL <span class="comment">/* remote authentication */</span>,
errbuf)
) == NULL)
{
fprintf(stderr,<span class="stringliteral">"\nError opening source: %s\n"</span>, errbuf);
<span class="keywordflow">return</span> -1;
}
}
<span class="comment">/* Read the packets */</span>
<span class="keywordflow">while</span>((res = <a class="code" href="group__wpcapfunc.html#g439439c2eae61161dc1efb1e03a81133">pcap_next_ex</a>( fp, &header, &pkt_data)) >= 0)
{
<span class="keywordflow">if</span>(res == 0)
<span class="comment">/* Timeout elapsed */</span>
<span class="keywordflow">continue</span>;
<span class="comment">/* print pkt timestamp and pkt len */</span>
printf(<span class="stringliteral">"%ld:%ld (%ld)\n"</span>, header-><a class="code" href="structpcap__pkthdr.html#21be78b2818c91cb205885b8a6f5aed8">ts</a>.tv_sec, header-><a class="code" href="structpcap__pkthdr.html#21be78b2818c91cb205885b8a6f5aed8">ts</a>.tv_usec, header-><a class="code" href="structpcap__pkthdr.html#728f264db4f5cc304742565a2bcdbeea">len</a>);
<span class="comment">/* Print the packet */</span>
<span class="keywordflow">for</span> (i=1; (i < header-><a class="code" href="structpcap__pkthdr.html#ac5771ed2efd92508bb4fe650f2ce7d7">caplen</a> + 1 ) ; i++)
{
printf(<span class="stringliteral">"%.2x "</span>, pkt_data[i-1]);
<span class="keywordflow">if</span> ( (i % LINE_LEN) == 0) printf(<span class="stringliteral">"\n"</span>);
}
printf(<span class="stringliteral">"\n\n"</span>);
}
<span class="keywordflow">if</span>(res == -1)
{
fprintf(stderr, <span class="stringliteral">"Error reading the packets: %s\n"</span>, <a class="code" href="group__wpcapfunc.html#g81305cb154e4497e95bbb9b708631a3a">pcap_geterr</a>(fp));
<span class="keywordflow">return</span> -1;
}
<span class="keywordflow">return</span> 0;
}
</pre></div><p>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title></title>
</head>
<body>
<h3>Packet Filter</h3>
<p>This is a more complete example of libpcap usage. It shows, among other
things, how to create and set filters and how to save a capture to disk. It can
be compiled under Win32 or Unix (projects and makefiles are provided).
Pcap_filter (pf.exe) is a general-purpose packet filtering application: its
input parameters are a source of packets (it can be a physical interface or a
file), a filter and an output file. It takes packets from the source until
CTRL+C is pressed or the whole file is processed, applies the filter to the
incoming packets and saves them to the output file if they satisfy the filter.
Pcap_filter can be used to dump network data according to a particular filter,
but also to extract a set of packets from a previously saved file. The format of
both input and output files is the format used by libpcap, i.e. same of WinDump, tcpdump
and many other network tools.</p>
</body>
</html>
<div class="fragment"><pre class="fragment"><span class="comment">/*</span>
<span class="comment"> * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)</span>
<span class="comment"> * Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)</span>
<span class="comment"> * All rights reserved.</span>
<span class="comment"> *</span>
<span class="comment"> * Redistribution and use in source and binary forms, with or without</span>
<span class="comment"> * modification, are permitted provided that the following conditions</span>
<span class="comment"> * are met:</span>
<span class="comment"> *</span>
<span class="comment"> * 1. Redistributions of source code must retain the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer.</span>
<span class="comment"> * 2. Redistributions in binary form must reproduce the above copyright</span>
<span class="comment"> * notice, this list of conditions and the following disclaimer in the</span>
<span class="comment"> * documentation and/or other materials provided with the distribution.</span>
<span class="comment"> * 3. Neither the name of the Politecnico di Torino, CACE Technologies </span>
<span class="comment"> * nor the names of its contributors may be used to endorse or promote </span>
<span class="comment"> * products derived from this software without specific prior written </span>
<span class="comment"> * permission.</span>
<span class="comment"> *</span>
<span class="comment"> * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS</span>
<span class="comment"> * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR</span>
<span class="comment"> * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT</span>
<span class="comment"> * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,</span>
<span class="comment"> * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT</span>
<span class="comment"> * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,</span>
<span class="comment"> * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY</span>
<span class="comment"> * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT</span>
<span class="comment"> * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE</span>
<span class="comment"> * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.</span>
<span class="comment"> *</span>
<span class="comment"> */</span>
<span class="preprocessor">#include <stdlib.h></span>
<span class="preprocessor">#include <stdio.h></span>
<span class="preprocessor">#include <pcap.h></span>
<span class="preprocessor">#define MAX_PRINT 80</span>
<span class="preprocessor"></span><span class="preprocessor">#define MAX_LINE 16</span>
<span class="preprocessor"></span>
<span class="keywordtype">void</span> usage();
<span class="keywordtype">void</span> main(<span class="keywordtype">int</span> argc, <span class="keywordtype">char</span> **argv)
{
<a class="code" href="group__wpcap__def.html#g4711d025f83503ce692efa5e45ec60a7">pcap_t</a> *fp;
<span class="keywordtype">char</span> errbuf[<a class="code" href="group__wpcap__def.html#gcd448353957d92c98fccc29e1fc8d927">PCAP_ERRBUF_SIZE</a>];
<span class="keywordtype">char</span> *source=NULL;
<span class="keywordtype">char</span> *ofilename=NULL;
<span class="keywordtype">char</span> *filter=NULL;
<span class="keywordtype">int</span> i;
<a class="code" href="group__wpcap__def.html#gb8c7858aa3a7e3158d9d58cb113a2ae8">pcap_dumper_t</a> *dumpfile;
<span class="keyword">struct </span>bpf_program fcode;
<a class="code" href="group__wpcap__def.html#g37fdbc8313e90fb2041203a2e40cd482">bpf_u_int32</a> NetMask;
<span class="keywordtype">int</span> res;
<span class="keyword">struct </span><a class="code" href="structpcap__pkthdr.html">pcap_pkthdr</a> *header;
<span class="keyword">const</span> u_char *pkt_data;
<span class="keywordflow">if</span> (argc == 1)
{
usage();
<span class="keywordflow">return</span>;
}
<span class="keywordflow">for</span>(i=1;i < argc; i+= 2)
{
<span class="keywordflow">switch</span> (argv[i] [1])
{
<span class="keywordflow">case</span> <span class="charliteral">'s'</span>:
{
source=argv[i+1];
};
<span class="keywordflow">break</span>;
<span class="keywordflow">case</span> <span class="charliteral">'o'</span>:
{
ofilename=argv[i+1];
};
<span class="keywordflow">break</span>;
<span class="keywordflow">case</span> <span class="charliteral">'f'</span>:
{
filter=argv[i+1];
};
<span class="keywordflow">break</span>;
}
}
<span class="comment">// open a capture from the network</span>
<span class="keywordflow">if</span> (source != NULL)
{
<span class="keywordflow">if</span> ( (fp= <a class="code" href="group__wpcapfunc.html#g2b64c7b6490090d1d37088794f1f1791">pcap_open</a>(source,
1514 <span class="comment">/*snaplen*/</span>,
<a class="code" href="group__remote__open__flags.html#g9134ce51a9a6a7d497c3dee5affdc3b9">PCAP_OPENFLAG_PROMISCUOUS</a> <span class="comment">/*flags*/</span>,
20 <span class="comment">/*read timeout*/</span>,
NULL <span class="comment">/* remote authentication */</span>,
errbuf)
) == NULL)
{
fprintf(stderr,<span class="stringliteral">"\nUnable to open the adapter.\n"</span>);
<span class="keywordflow">return</span>;
}
}
<span class="keywordflow">else</span> usage();
<span class="keywordflow">if</span> (filter != NULL)
{
<span class="comment">// We should loop through the adapters returned by the pcap_findalldevs_ex()</span>
<span class="comment">// in order to locate the correct one.</span>
<span class="comment">//</span>
<span class="comment">// Let's do things simpler: we suppose to be in a C class network ;-)</span>
NetMask=0xffffff;
<span class="comment">//compile the filter</span>
<span class="keywordflow">if</span>(<a class="code" href="group__wpcapfunc.html#g363bdc6f6b39b4979ddcf15ecb830c5c">pcap_compile</a>(fp, &fcode, filter, 1, NetMask) < 0)
{
fprintf(stderr,<span class="stringliteral">"\nError compiling filter: wrong syntax.\n"</span>);
<span class="keywordflow">return</span>;
}
<span class="comment">//set the filter</span>
<span class="keywordflow">if</span>(<a class="code" href="group__wpcapfunc.html#gf5f9cfe85dad0967ff607e5159b1ba61">pcap_setfilter</a>(fp, &fcode)<0)
{
fprintf(stderr,<span class="stringliteral">"\nError setting the filter\n"</span>);
<span class="keywordflow">return</span>;
}
}
<span class="comment">//open the dump file</span>
<span class="keywordflow">if</span> (ofilename != NULL)
{
dumpfile= <a class="code" href="group__wpcapfunc.html#g9506c33d580fdb5e5c288dba0f8a085c">pcap_dump_open</a>(fp, ofilename);
<span class="keywordflow">if</span> (dumpfile == NULL)
{
fprintf(stderr,<span class="stringliteral">"\nError opening output file\n"</span>);
<span class="keywordflow">return</span>;
}
}
<span class="keywordflow">else</span> usage();
<span class="comment">//start the capture</span>
<span class="keywordflow">while</span>((res = <a class="code" href="group__wpcapfunc.html#g439439c2eae61161dc1efb1e03a81133">pcap_next_ex</a>( fp, &header, &pkt_data)) >= 0)
{
<span class="keywordflow">if</span>(res == 0)
<span class="comment">/* Timeout elapsed */</span>
<span class="keywordflow">continue</span>;
<span class="comment">//save the packet on the dump file</span>
<a class="code" href="group__wpcapfunc.html#g659439bf5aa3988b5a92d31990fbf437">pcap_dump</a>((<span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *) dumpfile, header, pkt_data);
}
}
<span class="keywordtype">void</span> usage()
{
printf(<span class="stringliteral">"\npf - Generic Packet Filter.\n"</span>);
printf(<span class="stringliteral">"\nUsage:\npf -s source -o output_file_name [-f filter_string]\n\n"</span>);
exit(0);
}
</pre></div>
<hr>
<p align="right"><img border="0" src="winpcap_small.gif" align="absbottom" width="91" height="27">
documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2007
CACE Technologies. All rights reserved.</p>
Submit an article or tip