📄 main.txt
字号:
<body>
/*! \mainpage WinPcap Documentation
\image html winpcap.gif
\htmlonly
<p><b>Author</b>: <br>
Loris Degioanni (<a href="mailto:degioanni@polito.it">degioanni@polito.it</a>),
<a href="http://netgroup.polito.it/winpcap">NetGroup</a>, Politecnico di Torino<br>
<b>Home page</b>: <br>
<a href="http://winpcap.polito.it">http://winpcap.polito.it</a></p>
<hr>
\endhtmlonly
<h2>Modules</h2>
<p>
- \ref wpcap<br>
- \ref wpcap_def<br>
- \ref wpcap_fn<br>
- \ref language<br>
- \ref wpcapsamps<br>
- \ref wpcapsamp1<br>
- \ref wpcapsamp2<br>
- \ref wpcap_tut<br>
- \ref wpcap_tut1<br>
- \ref wpcap_tut2<br>
- \ref wpcap_tut3<br>
- \ref wpcap_tut4<br>
- \ref wpcap_tut5<br>
- \ref wpcap_tut6<br>
- \ref wpcap_tut7<br>
- \ref wpcap_tut8<br>
- \ref wpcap_tut9<br>
- \ref internals<br>
- \ref NPF<br>
- \ref NPF_include<br>
- \ref NPF_code<br>
- \ref packetapi<br>
- \ref packet32h<br>
- \ref packet32<br>
- \ref packetsamps<br>
- \ref compilation<br>
- \ref remote<br>
- \ref remote_help<br>
- \ref remote_struct<br>
- \ref remote_func<br>
- \ref remote_pri_struct<br>
- \ref remote_pri_struct<br>
</p>
\htmlonly
<hr>
<h2>Introduction</h2>
<p>This Manual documents the
programming interface and the source code of WinPcap. It offers a detailed
description of the functions and structures exported to the programmers, along
with a complete documentation of the WinPcap internals. Several tutorials and
examples are provided as well.
</p>
<p>You can follow the links
at the beginning of this page or use the tree control at the left to reach the
section you are interested in.
</p>
<p>This documentation was
created using (and abusing of) the free Doxygen documentation system, that can
be found at <a href="http://www.doxygen.org/index.html">http://www.doxygen.org</a>.
</p>
<h2>What is WinPcap</h2>
<p>WinPcap is a free, public
system for direct network access under Windows.<br>
Most networking applications access the network through widely used system
primitives, like sockets. This approach allows to easily transfer data on a
network, because the OS copes with low level details (protocol handling, flow
reassembly, etc.) and provides an interface similar to the one used to read and
write on a file.
</p>
<p>Sometimes however the
'easy way' is not enough, since some applications need a low level view in order
to directly handle the network traffic. Therefore, they need raw access to the
network, without the intermediation of entities like protocol stacks.
</p>
<p>The purpose of WinPcap is
to give this kind of access to Win32 applications; it provides facilities to:</p>
<ul>
<li>capture
raw packets, both the ones destined to the machine where it's running and
the ones exchanged by other hosts (on shared media)</li>
<li>filter
the packets according to user-specified rules before dispatching them to the
application</li>
<li>transmit raw packets to the network</li>
<li>gather statistical values on the network traffic</li>
</ul>
<p>This
set of capabilities is obtained by means of a device driver, that is installed
inside the networking portion of the Win32 kernels, plus a couple of DLLs.</p>
<p>All these features are
exported through a powerful programming interface, easily exploitable by the
applications and portable on different OSes. Documenting this interface, with
the help of several examples, is the main goals of this manual, so if you are
interested in it you can directly jump to the \ref wpcap.</p>
<h3>What kind of programs use WinPcap</h3>
<p>WinPcap can be used by
different kind of tools for network analysis, troubleshooting, security and
monitoring. In particular, classical tools that rely on WinPcap are:</p>
<ul>
<li>network and protocol analyzers</li>
<li>network monitors</li>
<li>traffic loggers</li>
<li>traffic generators</li>
<li>user-level bridges and routers</li>
<li>network intrusion detection systems (NIDS)</li>
<li>network scanners</li>
<li>security tools</li>
</ul>
<h3>What WinPcap can't do</h3>
<p>WinPcap receives and sends
the packets <i>independently</i> from the protocols of the host, like TCP-IP.
This means that it isn't able to block, filter or manipulate the traffic
generated by other programs on the same machine: it simply sniffs the packets
that transit on the wire. Therefore, it cannot be used by applications like
traffic shapers, QoS schedulers and personal firewalls.
\endhtmlonly</p>
<h2>Content of this manual</h2>
<p>The purpose of this manual is the creation of a comprehensive and easy to browse documentation of the WinPcap architecture. You will find two main sections: \ref wpcap and \ref internals. ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -