Reputation: 828
How to read ports and ip-adresses out of PCAP-File using WinPCAP Api?
I am currently trying to read some PCAP files using WinPCAP-API.
With this example I managed to read the data, timestamp and length. But I do not get how to read the source and destination IP-adresses and ports?
Upvotes: 0
Views: 1250
Answers (1)
Reputation:
But I do not get how to read the source and destination IP-adresses and ports?
By dissecting the raw packet data that WinPcap gives you; libpcap/WinPcap provide no APIs for dissecting raw packet data (because different libpcap/WinPcap applications have different needs - an intrusion detection application such as Snort and a packet analyzer such as tcpdump or Wireshark do different things with the data).
See, for example, libtins as a C++ library for doing packet dissection, or the libpcap tutorial for an example of how to do the dissecting yourself.
Upvotes: 1
Related Questions
- How to get a user's client IP address in ASP.NET?
- File::PCAP::Reader and Parsing Pcap files with Perl
- Using Python to Read and Print Out a PCAP
- WinPcap creating empty .pcap file
- Use Winpcap to read saved file(.PCAP) in uint16 structure
- How can I open a pcap-ng file in C#
- How similar are Pcap and WinPcap?
- Is there a library that can get the ip addresses and ports from the winpcap raw data of a packet?