Updated from time job

Others 2020-03-29 13:59:09 views: null

Everyone looking for a software that capture, analyze their functions, modules such as design, focusing on the use and analysis.

First clear points:
network sniffing technology platforms like UNIX kernel mode mainly through the BPF (Berkeley Packet Filter) and libpcap packet capture library tool user mode implementation. BPF is a data link layer interface to the original, the original link layer provides functions transceiving packet.
It supports packet filtering. Data packets to take on the arithmetic operation, the result of constant or packet data or the results of the test phase comparator, in order to decide whether to receive the packet.

Libpcap capture tool library is under a UNIX platform user mode, used in conjunction with a BPF, sniffing the network provides a standard interface to UNIX-like applications on the internet.

The libpcap packet capture process is to add a bypass data link layer. When a packet arrives at the network interface, the use of already created the libpcap Socket first copy of the packet is obtained from the link layer driver, and then by the packet to the function Tap filter BPF. BPF filters according to the user has defined filtering rules to the packets one by one, the matching succeeds into the kernel buffer, the buffer and delivered to the user, matching fails discarded. If no filter rule, all packets are placed in the kernel buffer, the buffer layer and delivered to the user.

the frame capture libpcap <br />
pcap_lookupdev () function is used to find the network device can be returned pcap_open_live () network device name pointer function call.

pcap_open_live () function to open a network device, and returns the data packets for capturing network packets capture descriptor. For this network device must operate based on this network device descriptor.

pcap_lookupnet () function for the specified number of network devices and network mask.

pcap_compile () function is used to compile user-defined filtering policy to filter programs.

the pcap_setfilter () function is used to set up a filter.

pcap_loop () function pcap_dispatch () function is used to capture packets, can also be captured after the treatment, in addition pcap_next () and pcap_next_ex () function can be used to capture two packets.

pcap_close () function to close the network device, the release of resources.

Find their own open source code gets online account password

Guess you like

Origin www.cnblogs.com/eosmomo/p/12591421.html
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com