|
WinPcap exports two sets of calls:
- a set of low-level packet driver functions, used to
send/receive packet in "raw" mode
- a set of high-level packet capture functions that are a
superset of the UNIX libpcap library
Throughout this documentation we will refer to the Packet
Driver API or Packet.dll as the first set of functions, whereas wpcap.dll
or libpcap refers to the more abstract API that is equivalent to the
one exported by the UNIX libpcap library.
Manuals
- How to use wpcap.dll (from the
original Libpcap man page).
- wpcap specific extensions
- Packet Driver API. How to use the low
level capture library
- Introduction
- PACKET.DLL vs. wpcap
- Data structures
- Functions
- Programming tips: how to write high-performance capture
programs
- Instructions and examples of how to
write and compile a capture application using libpcap calls or
packet driver's (PACKET.DLL) calls
- Compiling the sources
Further Documentation
- Loris
Degioanni,
Development of an Architecture for Packet
Capture and Network Traffic Analysis, Graduation Thesis,
Politecnico Di Torino (Turin, Italy, Mar. 2000)
- Fulvio Risso, Loris Degioanni, An
Architecture for High Performance Network Analysis, Proceedings
of the 6th IEEE Symposium on Computers and
Communications (ISCC 2001), Hammamet, Tunisia, July 2001
- Tim Carstens, Programming
with pcap, tutorial
- Martin Casado, Packet
Capture With libpcap and other Low Level Network Tricks,
tutorial
- Robert Graham, Sniffing
FAQ
|
