|
WinPcap exports two sets of calls:
- a set of low-level packet driver functions, used to
send/receive packet in "raw" mode
- a set of high-level packet capture functions that are a
superset of the UNIX libpcap library
Throughout this documentation we will refer to the Packet
Driver API or Packet.dll as the first set of functions,
whereas wpcap.dll or libpcap refers to the more
abstract API that is equivalent to the one exported by the UNIX
libpcap library.
Manuals
- How
to use wpcap.dll (from the original Libpcap man page).
- wpcap
specific extensions
- Packet
Driver API. How to use the low level capture library
- Introduction
- PACKET.DLL vs. wpcap
- Data structures
- Functions
- Programming tips: how to write high-performance capture
programs
- Instructions
and examples of how to write and compile a capture application
using libpcap calls or packet driver's (PACKET.DLL) calls
- Compiling the sources
Further Documentation
- Loris
Degioanni,
Development
of an Architecture for Packet Capture and Network Traffic
Analysis, Graduation Thesis, Politecnico Di Torino (Turin,
Italy, Mar. 2000)
- Fulvio Risso, Loris Degioanni, An
Architecture for High Performance Network Analysis,
Proceedings of the 6th IEEE Symposium on Computers
and Communications (ISCC 2001), Hammamet, Tunisia, July 2001
- Tim Carstens, Programming with pcap,
tutorial
- Martin Casado, Packet
Capture With libpcap and other Low Level Network Tricks,
tutorial
- Robert Graham, Sniffing
FAQ
|
