Wincap capture filtering expression syntax

Posted by cpx on Stack Overflow See other posts from Stack Overflow or by cpx
Published on 2010-12-23T01:49:41Z Indexed on 2010/12/23 1:54 UTC
Read the original article Hit count: 594

Filed under:

c++

|

packet-capture

|

winpcap

How would specify a syntax for filtering tcp server port with its ip address?

   const char *packet_filter = "tcp src port 2054";

    bpf_u_int32 netmask;
    bpf_program fcode;

    if (d->addresses != NULL)
      /* Retrieve the mask of the first address of the interface */
        netmask=((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
    else
       /* If the interface is without an address we suppose to be in a C class network */
        netmask=0xffffff; 


    //compile the filter
    if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) < 0)
    {
        fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n");
        /* Free the device list */
        pcap_freealldevs(alldevs);
        return -1;
    }

    //set the filter
    if (pcap_setfilter(adhandle, &fcode) < 0)
    {
        fprintf(stderr,"\nError setting the filter.\n");
        /* Free the device list */
        pcap_freealldevs(alldevs);
        return -1;
}

© Stack Overflow or respective owner

Related posts about c++

Which C++ book shold I get between "C++ Primer" vs "C++ Primer Plus"

as seen on Stack Overflow - Search for 'Stack Overflow'
I want to learn C++ by using Vim and MinGW as compiler. I'm interesting at "C++ Primer (4th Edition)" and "C++ Primer Plus (5th Edition)" but I don't know how about it different. It has no book store that I can review those books, so I want to know, what is the different between those book and which… >>> More
C++ : C++ Primer (Stanley Lipmann) or The C++ programming language (special edition)

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a Computer Science degree (long2 time ago) .. I do know Java OOP but i am now trying to pick up C++. I do have C and of course data structure using C or pascal. I have started reading Bjarne Stroustrup book (The C++ Programming Language - Special Edition) but find it extremely difficult esp… >>> More
I need help on my C++ assignment using MS Visual C++

as seen on Stack Overflow - Search for 'Stack Overflow'
Ok, so I don't want you to do my homework for me, but I'm a little lost with this final assignment and need all the help I can get. Learning about programming is tough enough, but doing it online is next to impossible for me... Now, to get to the program, I am going to paste what I have so far. This… >>> More
Managed c++ std::string not accessible in unmanaged c++

as seen on Stack Overflow - Search for 'Stack Overflow'
In unmanaged c++ dll i have a function which takes constant std::string as argument Prototype : void read ( const std::string &imageSpec_ ) I call this function from managed c++ dll by passing a std::string. When i debug the unmanaged c++ code the parameter imageSpec_ shows the value correctly… >>> More
The Definitive C++ Book Guide and List

as seen on Stack Overflow - Search for 'Stack Overflow'
After more than a few questions about deciding on C++ books I thought we could make a better community wiki version. Providing QUALITY books and an approximate skill level. Maybe we can add a short blurb/description about each book that you have personally read / benefited from. Feel free to debate… >>> More

Related posts about packet-capture

SharpPcap - A Packet Capture retring seding messesge problem.

as seen on Stack Overflow - Search for 'Stack Overflow'
I trying to capture packets using SharpPcap library. I'm able to return the packets details but I'm having problem to get what the message content inside the packet. the packet using .Data to return the message and when I use it it is returning (System.Byte[]). here is the library website: http://www… >>> More
SharpPcap - A Packet Capture getting messesge problem.

as seen on Stack Overflow - Search for 'Stack Overflow'
I trying to capture packets using SharpPcap library. I'm able to return the packets details but I'm having problem to get what the message content inside the packet. the packet using .Data to return the message and when I use it it is returning (System.Byte[]). here is the library website: http://www… >>> More
Which Packet Capture Format is better?

as seen on Stack Overflow - Search for 'Stack Overflow'
I am writing an application to save the captured IP packets to file. Which of the following packet capture format is better suited for use as the file format? Click on the link for more information on each. Snoop (rfc1761) PCAP In addition, is there a C# library for any of the above format? >>> More
raw h.264 packet capture and playing in VLC

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am capturing packets off the network from a video conference HDX. The video is sent in RTP and is encoded in H264. I am trying to capture these packets and generate a video file. I wrote raw H264 data from the packets to disk and i am trying to play it in VLC. VLC just shows a green box. Am… >>> More
Video packet capture over multiple IP cameras

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello We are working on a C language application which is simple RTSP/RTP client to record video from Axis a number of Cameras . We launch a pthread for each of the camera which establishes the RTP session and begins to record the packets captured suing the recvfrom() call... A single camera single… >>> More