PcapPlusPlus  20.08+
pcpp::IPcapDevice Class Referenceabstract

#include <PcapDevice.h>

Inheritance diagram for pcpp::IPcapDevice:
pcpp::IDevice pcpp::IFilterableDevice pcpp::IFileDevice pcpp::PcapLiveDevice pcpp::IFileReaderDevice pcpp::IFileWriterDevice pcpp::PcapRemoteDevice pcpp::WinPcapLiveDevice pcpp::PcapFileReaderDevice pcpp::PcapNgFileReaderDevice pcpp::PcapFileWriterDevice pcpp::PcapNgFileWriterDevice

Classes

struct  PcapStats
 

Public Member Functions

virtual void getStatistics (PcapStats &stats) const =0
 
virtual bool setFilter (std::string filterAsString)
 
bool clearFilter ()
 
- Public Member Functions inherited from pcpp::IDevice
virtual bool open ()=0
 
virtual void close ()=0
 
bool isOpened ()
 
- Public Member Functions inherited from pcpp::IFilterableDevice
virtual bool setFilter (GeneralFilter &filter)
 

Static Public Member Functions

static std::string getPcapLibVersionInfo ()
 
static bool verifyFilter (std::string filterAsString)
 
static bool matchPacketWithFilter (std::string filterAsString, RawPacket *rawPacket)
 
static bool matchPacketWithFilter (GeneralFilter &filter, RawPacket *rawPacket)
 

Detailed Description

An abstract class representing all libpcap-based packet capturing devices: files, libPcap, WinPcap/Npcap and RemoteCapture. This class is abstract and cannot be instantiated

Member Function Documentation

◆ clearFilter()

bool pcpp::IPcapDevice::clearFilter ( )
virtual

Clear the filter currently set on device

Returns
True if filter was removed successfully or if no filter was set, false otherwise

Implements pcpp::IFilterableDevice.

◆ getPcapLibVersionInfo()

static std::string pcpp::IPcapDevice::getPcapLibVersionInfo ( )
static

A static method for retreiving pcap lib (libpcap/WinPcap/etc.) version information. This method is actually a wrapper for pcap_lib_version()

Returns
A string containing the pcap lib version information

◆ getStatistics()

virtual void pcpp::IPcapDevice::getStatistics ( PcapStats stats) const
pure virtual

Get statistics from the device

Parameters
[out]statsAn object containing the stats

Implemented in pcpp::PcapLiveDevice, pcpp::PcapNgFileWriterDevice, pcpp::PcapFileWriterDevice, pcpp::PcapNgFileReaderDevice, pcpp::PcapFileReaderDevice, and pcpp::PcapRemoteDevice.

◆ matchPacketWithFilter() [1/2]

static bool pcpp::IPcapDevice::matchPacketWithFilter ( std::string  filterAsString,
RawPacket rawPacket 
)
static

Match a raw packet with a given BPF filter. Notice this method is static which means you don't need any device instance in order to perform this match

Parameters
[in]filterAsStringThe BPF filter
[in]rawPacketA pointer to the raw packet to match the BPF filter with
Returns
True if raw packet matches the BPF filter or false otherwise

◆ matchPacketWithFilter() [2/2]

static bool pcpp::IPcapDevice::matchPacketWithFilter ( GeneralFilter filter,
RawPacket rawPacket 
)
static

Match a raw packet with a given BPF filter. Notice this method is static which means you don't need any device instance in order to perform this match

Parameters
[in]filterA filter class to test against
[in]rawPacketA pointer to the raw packet to match the filter with
Returns
True if raw packet matches the filter or false otherwise

◆ setFilter()

virtual bool pcpp::IPcapDevice::setFilter ( std::string  filterAsString)
virtual

Set a filter for the device. When implemented by the device, only packets that match the filter will be received. Please note that when the device is closed the filter is reset so when reopening the device you need to call this method again in order to reactivate the filter

Parameters
[in]filterAsStringThe filter to be set in Berkeley Packet Filter (BPF) syntax (http://biot.com/capstats/bpf.html)
Returns
True if filter set successfully, false otherwise

Implements pcpp::IFilterableDevice.

Reimplemented in pcpp::PcapNgFileWriterDevice, and pcpp::PcapNgFileReaderDevice.

◆ verifyFilter()

static bool pcpp::IPcapDevice::verifyFilter ( std::string  filterAsString)
static

Verify a filter is valid

Parameters
[in]filterAsStringThe filter in Berkeley Packet Filter (BPF) syntax (http://biot.com/capstats/bpf.html)
Returns
True if the filter is valid or false otherwise