libpcap capture data packet

Savedate.c file

#include <pcap.h>
#include <stdio.h>
#include <time.h>
#include <stdlib.h>
#include <sys/time.h>
#include <signal.h>

FILE * savefp = NULL ;    				// Save the file handle of the packet.
int filelen = 0 ;             		// Record the current file size
#define FILE_SIZE_OUT 10*1024*1024      // File maximum value

struct timeval tpstart, tpend;

long  timeuse =0;
long packets =0;
long all_pkt = 0;
int pkt_len = 128;


void print_stat()
{
	gettimeofday(&tpstart, NULL);
	gettimeofday(&tpend, NULL);
	printf("ens11f0 rec %ld packets\n", packets);
	printf("ens11f0 rec speed %f MB/s\n", packets*pkt_len/(1024*1024*0.1));
	packets = 0;
}

static void signal_handler() 
{
	printf("process terminate : ens11f0 rec %ld packets\n", all_pkt);
}

/*
 Note: Obtain the current system time, and create files in the file name as the file name, and open the file handle.
*/
int open_file_wt()
{
	struct timeval cur_time;
	gettimeofday(&cur_time , NULL);
	struct tm *pTm = NULL;
	char buf[32] = {0};
	pTm = localtime((time_t*)&cur_time.tv_sec);
	sprintf( buf, "%04d%02d%02d%02d%02d%02d%03ld",(1900 + pTm -> tm_year), ( 1 + pTm -> tm_mon ), pTm->tm_mday,
			 pTm -> tm_hour, pTm -> tm_min, pTm -> tm_sec, cur_time.tv_usec/1000);
	if(!savefp)
	{
		savefp = fopen(buf ,"ab+");
		if(savefp == NULL)
		{
			printf("can not open file [%s] \n" , buf);
			exit(0);
		}
		//printf("open file :[%s]\n",buf);
		filelen = 0;
	}
	return 0;
}


/*
 Note: This function is registered in PCAP_LOOP, and libcap will come up with the data captured by this function.
			 Len members in Data_HEAD save the length of the currently captured by the data packet.
			 Packet_data is the saving address that currently captures the data packet.
*/
void packet_handler(unsigned char  * user, const struct pcap_pkthdr * data_head,const unsigned char  * packet_data)
{
	packets++;
	all_pkt++;
	gettimeofday(&tpend, NULL);
	timeuse = 1000000 * (tpend.tv_sec - tpstart.tv_sec) + tpend.tv_usec - tpstart.tv_usec;
	if (unlikely(timeuse >= 1000000))
	{
		print_stat();
	}
	filelen +=  data_head->len;     // data_head-> len: The length of the packet is captured.
	if(filelen > FILE_SIZE_OUT)     // The current file is too large and rewritten
	{
		fclose(savefp);               // Close the file
		savefp = NULL;
		open_file_wt();               // Re -open new files
		filelen += data_head->len;
	}
	fwrite(packet_data , data_head->len , 1 , savefp);    // Save the packet.
	return ;
	
}

/*
 Note: Open the designated network card device, register a callback function
*/
int get_packet(char  *device)
{
    pcap_t *adhandle;
    char errbuf[1024];
    if ( (adhandle= pcap_open_live(device,65535,  1 ,1000, errbuf) ) == NULL)     // Open the designated network card device
    {
        printf("\nUnable to open the adapter. %s is not supported by LibPcap\n" ,device );
        return 0;
    }
		pcap_loop(adhandle, 0, packet_handler, NULL);                     // Register a callback function packet_handler
		pcap_close(adhandle);  

    return 0;
}




int main(int argc , char *argv[])
{
	signal(SIGINT, signal_handler);
	open_file_wt();
	gettimeofday(&tpstart, NULL);
	if(argc-1)
		get_packet(argv[1]);
	else
		get_packet("eth0");
	return 0;
}

Makefile file

all:
	gcc -Wall savedate.c -lpcap -osavedate

Executing make will generate a SaveData executable file

Intelligent Recommendation

libpcap network packet capture function library

download Compile and install Instance The C function interface provided by the library is used to capture data packets passing through the specified network interface. download: http://www.linuxfromsc...

Linux network packet capture/packet capture technology comparison: napi, libpcap, afpacket, PF_RING, PACKET_MMAP, DPDK, XDP (eXpress Data Path)

Table of Contents 1. Traditional Linux network protocol stack process and performance analysis The main problem of the protocol stack Resource allocation and release for a single packet level Serial a...

Use libpcap to capture data packets

Transfer from: Overview libpcap is a network packet capture library, and tcpdump is based on libpcap. Main function: Capture various data packets, for example: network traffic statistics Filter networ...

Network packet capture function library Libpcap installation and use (very powerful)

1. Introduction to Libpcap　 Libpcap is the abbreviation of Packet Capture Libray, which is the data packet capture function library. The C function interface provided by the library is used to capture...

WinPcap / libpcap network packet capture TCP header flag

Recent WinPcap / libpcap fetch packet network, and to extract HTML image. To analyze TCP packets when they were big-endian out of the head. Finally, patience and the flag bit fields are read out. TCP ...