📄 539.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="516.htm">上一层</a>][<a href="540.htm">下一篇</a>]
<hr><p align="left"><small>---------------------------------------------------------------------------- <br>
---- <br>
: taov 于 00-7-31 11:44:42 加贴在 绿盟科技论坛(bbs.nsfocus.com)--UNIX系统安全 <br>
: <br>
哪位详细说说libcpap中pcap_loop的用法? <br>
---------------------------------------------------------------------------- <br>
---- <br>
: 小四 于 00-7-31 12:25:54 加贴在 绿盟科技论坛(bbs.nsfocus.com)--UNIX系统安全 <br>
: <br>
估计没什么人乐意回答这个问题。因为tcpdump的源代码满世界在飞。 <br>
上次你问了个getopt的问题,我贴了个针对性的简单却完整的源代码,你 <br>
说看不明白,那么这次你问pcap_loop,别人能如何回答你呢?叫他/她给 <br>
你贴一段代码么?那和看tcpdump.tar.gz有什么区别?下面是以BPF为例 <br>
的pcap循环。如果永远不想自己花点时间看那些sample,而指望BBS上别 <br>
人能告诉你什么的话,对自己不负责任,对别人也不。 <br>
int pcap_read ( void ) <br>
{ <br>
int readCount; <br>
int count = 0; <br>
register u_char * begin; <br>
register u_char * end; <br>
pcap_read_0: <br>
readCount = remainCount; <br>
if ( remainCount == 0 ) /* 已经处理完上次残留数据 */ <br>
{ <br>
readCount = read( if_eth_fd, packetBuffer, packetBufferSize ); <br>
if ( readCount < 0 ) <br>
{ <br>
/* Don't choke when we get ptraced */ <br>
switch ( errno ) <br>
{ <br>
case EINTR: <br>
goto pcap_read_0; <br>
case EWOULDBLOCK: <br>
return( 0 ); <br>
} <br>
fprintf( outputFile, "pcap_read error: %s\n", strerror( errno ) <br>
); <br>
return( FAILURE ); <br>
} <br>
begin = packetBuffer; <br>
} <br>
else <br>
{ <br>
begin = beginPointer; <br>
} <br>
/* Loop through each packet. */ <br>
#define bhp ( ( struct bpf_hdr * )begin ) <br>
end = begin + readCount; <br>
while ( begin < end ) <br>
{ <br>
register int caplen, hdrlen; <br>
caplen = bhp->bh_caplen; <br>
hdrlen = bhp->bh_hdrlen; <br>
/* A bpf_hdr matches a pcap_pkthdr. */ <br>
doTcpData( ( u_char * )( begin + hdrlen ) ); <br>
begin += BPF_WORDALIGN( caplen + hdrlen ); /* 必须理解这里 */ <br>
count++; <br>
if ( count >= captureCount ) <br>
{ <br>
beginPointer = begin; <br>
remainCount = end - begin; <br>
return( count ); <br>
} <br>
} <br>
#undef bhp <br>
remainCount = 0; /* 最后一个包可能不完整,只好丢弃 */ <br>
return( count ); <br>
} /* end of pcap_read */ <br>
int readDevice ( void ) <br>
{ <br>
register int count; <br>
while ( 1 ) <br>
{ <br>
count = 0; <br>
/* <br>
* keep reading until we get something <br>
* or an error occurs <br>
*/ <br>
do <br>
{ <br>
count = pcap_read(); <br>
} while ( count == 0 ); <br>
if ( count < 0 ) <br>
{ <br>
return( count ); <br>
} <br>
// if ( captureCount > 0 ) <br>
// { <br>
// captureCount -= count; /* 继续读够指定包数 */ <br>
// if ( captureCount <= 0 ) <br>
// { <br>
// return( SUCCESS ); <br>
// } <br>
// } <br>
} /* end of while */ <br>
return( SUCCESS ); <br>
} /* end of readDevice */ <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="516.htm">上一层</a>][<a href="540.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -