这篇教程适合对网络有一定了解的读者,主要介绍如何使用libpcap库进行包捕获。内容包括理解包捕获的概念,libpcap的作用,以及在Linux环境下编译并运行第一个libpcap程序,获取网络接口的信息。
官网:http://www.tcpdump.org, 上面资料丰富。
转一简单介绍:
Who this is for: Allright peeps, this tutorial assumes at least a cursory knowledge in networks in general. For example, what a packet is, how packets are sent, physical vs datalink vs network layers etc. However, I am not assuming any previous knowledge in network programming, just a basic familiarity with c. If you already are a c/c++ master, then you might as well just man 3 pcap so you can skip my annoying writing style. You should have a working c compiler on your system and libpcap installed. We are only going to concern ourselves with Ethernet datalink layer.. so if you are using some funky network card like token ring... then you are on your own as to finding your way around the datalink headers. Finally, all source in this section was written and tested on linux, kernel 2.2.14, while it should be mostly portable (hehe) I can't guarantee that it will compile or run on other operating systems. You are going to want to run as root so be careful and be sure not to break your box in the meantime. Oh, and though I have tested and run all the code presented in this tutorial with no problems, I am NOT responsible if your shit breaks and has to be quarantined by th
最低0.47元/天 解锁文章
扫一扫
9770
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
