摘要
研究网络流量规律时,第一项工作是从网络中捕获报文.介绍了流量捕获器的两种基本设计方法,一种方法基于NDIS,另一种方法基于WinPcap.重点讨论第二种方法.介绍了WinPcap的结构,把WinPcap提供的函数分成三种类型.设计者可以基于这种分类方法配置开发环境,例如定义预处理器、设置工作目录等.详细介绍了三个基本函数pcapfindalldevsex(),pcapopen()和pcapnextex().最后,给出了设计实例及其运行结果.
The first step in understanding of traffic is capturing packets from the network. This paper introduces two approaches to develop the traffic capturer/monitor, one of which is based on NDIS (Network Driver Interface Specification), the other is based on WinPcap. The later is discussed in details. This paper outlines the WinPcap architecture. The functions exported by WinPcap are classified in three types. On this classification, we can accurately configure the developing environment, e.g. define the preprocessors, set working directories. Three basic functions, i.e. pcapfindalldevsex(), pcapopen(), and pcapnextex(), are interpreted thoroughly. In the end, a step-by-step example is given with its outcomes.
出处
《西安工程科技学院学报》
2005年第1期64-69,共6页
Journal of Xi an University of Engineering Science and Technology
基金
The research was sponsored by the science fund of Shaanxi Education Bureau( 0 1JK185)
