Created
July 5, 2014 12:54
-
-
Save tangentstorm/21c4eaaf0719e3519904 to your computer and use it in GitHub Desktop.
pascal / winpcap example ... i don't get any packets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{$mode delphi} | |
program pcapdemo; | |
uses pcap, sysutils, crt; | |
procedure throw(msg:string; detail:pchar); | |
begin raise Exception.Create(msg + ': ' + detail) | |
end; | |
function IPv4ToStr(addr:dword) : string; | |
// this probably exists somewhere but i don't know where. | |
type asbytes = array[0..3] of byte; | |
var i, b : byte; | |
begin | |
for i := 0 to 3 do begin | |
result += intToStr(asbytes(addr)[i]); | |
if i < 3 then result += '.'; | |
end; | |
end; | |
var | |
err : pchar; | |
cap : ppcap; | |
dev, devs : ppcap_if; | |
addr, mask : dword; | |
prog : Tbpf_program; | |
head : Tpcap_pkthdr; | |
pack : pchar; | |
filter : pchar = ''; //tcp port 80'; | |
choice, count : word; | |
const | |
kPcapOptimize = 1; | |
kPcapNoOptimize = 0; | |
kPcapOK = 0; | |
kPCapError = -1; | |
kPcapPromiscuous = 1; | |
kSnaplen = 64; // chars to capture | |
kTimeout = 1000; // milliseconds | |
begin | |
err := stralloc(PCAP_ERRBUF_SIZE); | |
try | |
// name := pcap_lookupdev(err); | |
// if name = nil then throw('error looking up device', err); | |
if pcap_findalldevs(@devs, err) <> kPCapOK | |
then throw('error listing all devices', err); | |
{-- choose which device to monitor --} | |
dev := devs; count := 0; | |
repeat | |
writeln(count:3, ' ', dev^.description); | |
dev := dev^.next; inc(count); | |
until dev = nil; | |
if count = 0 then choice := 0 | |
else begin | |
repeat write('which? (0-', count, ')'); readln(choice); | |
until (choice >= 0) and (choice < count); | |
dev := devs; count := 0; | |
while count < choice do begin | |
dev := dev^.next; inc(count); | |
end | |
end; | |
{-- set up the connection --------} | |
if pcap_lookupnet(dev^.name, @addr, @mask, err) <> kPCapOK | |
then throw('error looking up net details', err); | |
cap := pcap_open_live(dev^.name, ksnaplen, kPcapPromiscuous, kTimeout, err); | |
if cap = nil then throw('error opening live', err); | |
if pcap_compile(cap, @prog, filter, kPcapNoOptimize, mask) <> kPcapOK | |
then throw('error compiling program', pcap_geterr(cap)); | |
if pcap_setfilter(cap, @prog) <> kPcapOK | |
then throw('error setting filter', pcap_geterr(cap)); | |
writeln; | |
writeln('device : ', dev^.name, ' (', dev^.description, ')'); | |
writeln('address: ', IPv4ToStr(addr)); | |
writeln('filter : ', filter); | |
writeln; | |
writeln('listening...'); | |
writeln('----------------------------------------------'); | |
repeat | |
if pcap_next_ex(cap, @head, @pack) <> kPcapError | |
then writeln(head.len, ' ', pack); // <-- always 0 and empty string | |
until keypressed; | |
except | |
on e:exception do writeln(e.message) | |
end; | |
pcap_close(cap); pcap_freealldevs(devs); | |
readln; | |
end. | |
@JKennes Thanks!
I have no memory of posting this 9 years ago, and no idea what it might have been for, but I appreciate the answer! :)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
with pcap_next_ex, the second and third parameters are a pointer to a pointer to a ..., see man page:
int pcap_next_ex(pcap_t *p, struct pcap_pkthdr **pkt_header,
const u_char **pkt_data);
so line 92 should be this?:
then writeln(head^.len, ' ', pack^);