如何以pcap格式保存以太网帧
[英]How to save Ethernet frames in pcap format
问题描述
I am writing an application that listens to a network interface, picks some frames, edits them and then saves them to disk. 
我正在编写一个应用程序来监听网络接口,选择一些帧,编辑它们然后将它们保存到磁盘。 Very similar to tshark and tcpdump. 与tshark和tcpdump非常相似。
My code is written in C++ 我的代码是用C ++编写的
However, I want to save my packets in pcap format and I cannot find a C/C++ library that accepts Ethernet frames (in memory) and saves them to .pcap file. 但是,我想以pcap格式保存我的数据包,我找不到接受以太网帧(在内存中)并将它们保存到.pcap文件的C / C ++库。
- Note: For the meanwhile I use hexdump and text2pcap but that's unacceptable in production 注意:同时我使用hexdump和text2pcap,但这在生产中是不可接受的
Solution Update: 解决方案更新
#include <pcap.h>
pcap_t* p = pcap_open_dead(DLT_EN10MB, 65535);
const std::string pcap_file_name = getPcapName();
pcap_dumper_t* dumper = pcap_dump_open(p, pcap_file_name.c_str());
pcap_pkthdr h;
h.caplen = packet_len;
h.len = packet_len;
pcap_dump((u_char*)dumper, &h, packet);
pcap_dump_close(dumper);
pcap_close(p);
1 个解决方案
解决方案1
2 已采纳 2013-11-02 17:33:04
Why can't you use WinPcap / libpcap directly in C++ code? 为什么不能直接在C ++代码中使用WinPcap / libpcap? Those are C libs so you should be able to link them. 这些是C libs所以你应该能够链接它们。
Use libpcap under unix or winpcap under windoze. 在windoze下使用unix下的libpcap或winpcap。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.