api-docs/next/_pcap_file_device_8h_source.html

 #pragma once


 #include "PcapDevice.h"

 #include "RawPacket.h"

 #include <fstream>


 // forward declaration for structs and typedefs defined in pcap.h

 struct pcap_dumper;

 typedef struct pcap_dumper pcap_dumper_t;


 namespace pcpp

 {

     enum class FileTimestampPrecision : int8_t

     {

         Unknown = -1,

         Microseconds = 0,

         Nanoseconds = 1

     };


     class IFileDevice : public IPcapDevice

     {

     protected:

         std::string m_FileName;


         explicit IFileDevice(const std::string& fileName);

         virtual ~IFileDevice();


     public:

         std::string getFileName() const;


         // override methods


         void close() override;

     };


     class IFileReaderDevice : public IFileDevice

     {

     protected:

         uint32_t m_NumOfPacketsRead;

         uint32_t m_NumOfPacketsNotParsed;


         IFileReaderDevice(const std::string& fileName);


     public:

         virtual ~IFileReaderDevice()

         {}


         uint64_t getFileSize() const;


         virtual bool getNextPacket(RawPacket& rawPacket) = 0;


         int getNextPackets(RawPacketVector& packetVec, int numOfPacketsToRead = -1);


         static IFileReaderDevice* getReader(const std::string& fileName);

     };


     class PcapFileReaderDevice : public IFileReaderDevice

     {

     private:

         FileTimestampPrecision m_Precision;

         LinkLayerType m_PcapLinkLayerType;


         // private copy c'tor

         PcapFileReaderDevice(const PcapFileReaderDevice& other);

         PcapFileReaderDevice& operator=(const PcapFileReaderDevice& other);


     public:

         PcapFileReaderDevice(const std::string& fileName)

             : IFileReaderDevice(fileName), m_Precision(FileTimestampPrecision::Unknown),

               m_PcapLinkLayerType(LINKTYPE_ETHERNET)

         {}


         virtual ~PcapFileReaderDevice()

         {}


         LinkLayerType getLinkLayerType() const

         {

             return m_PcapLinkLayerType;

         }


         FileTimestampPrecision getTimestampPrecision() const

         {

             return m_Precision;

         }


         static bool isNanoSecondPrecisionSupported();


         // overridden methods


         bool getNextPacket(RawPacket& rawPacket);


         bool open();


         void getStatistics(PcapStats& stats) const;

     };


     class SnoopFileReaderDevice : public IFileReaderDevice

     {

     private:

 #pragma pack(1)

         /*

          * File format header.

          */

         typedef struct

         {

             uint64_t identification_pattern;

             uint32_t version_number;

             uint32_t datalink_type;

         } snoop_file_header_t;


         /*

          * Packet record header.

          */

         typedef struct

         {

             uint32_t original_length;      /* original packet length */

             uint32_t included_length;      /* saved packet length */

             uint32_t packet_record_length; /* total record length */

             uint32_t ndrops_cumulative;    /* cumulative drops */

             uint32_t time_sec;             /* timestamp */

             uint32_t time_usec;            /* microsecond timestamp */

         } snoop_packet_header_t;

 #pragma pack()


         LinkLayerType m_PcapLinkLayerType;

         std::ifstream m_snoopFile;


         // private copy c'tor

         SnoopFileReaderDevice(const PcapFileReaderDevice& other);

         SnoopFileReaderDevice& operator=(const PcapFileReaderDevice& other);


     public:

         SnoopFileReaderDevice(const std::string& fileName)

             : IFileReaderDevice(fileName), m_PcapLinkLayerType(LINKTYPE_ETHERNET)

         {}


         virtual ~SnoopFileReaderDevice();


         LinkLayerType getLinkLayerType() const

         {

             return m_PcapLinkLayerType;

         }


         // overridden methods


         bool getNextPacket(RawPacket& rawPacket);


         bool open();


         void getStatistics(PcapStats& stats) const;


         void close();

     };


     class PcapNgFileReaderDevice : public IFileReaderDevice

     {

     private:

         void* m_LightPcapNg;

         BpfFilterWrapper m_BpfWrapper;


         // private copy c'tor

         PcapNgFileReaderDevice(const PcapNgFileReaderDevice& other);

         PcapNgFileReaderDevice& operator=(const PcapNgFileReaderDevice& other);


     public:

         PcapNgFileReaderDevice(const std::string& fileName);


         virtual ~PcapNgFileReaderDevice()

         {

             close();

         }


         std::string getOS() const;


         std::string getHardware() const;


         std::string getCaptureApplication() const;


         std::string getCaptureFileComment() const;


         bool getNextPacket(RawPacket& rawPacket, std::string& packetComment);


         // overridden methods


         bool getNextPacket(RawPacket& rawPacket);


         bool open();


         void getStatistics(PcapStats& stats) const;


         bool setFilter(std::string filterAsString);


         void close();

     };


     class IFileWriterDevice : public IFileDevice

     {

     protected:

         uint32_t m_NumOfPacketsWritten;

         uint32_t m_NumOfPacketsNotWritten;


         IFileWriterDevice(const std::string& fileName);


     public:

         virtual ~IFileWriterDevice()

         {}


         virtual bool writePacket(RawPacket const& packet) = 0;


         virtual bool writePackets(const RawPacketVector& packets) = 0;


         using IFileDevice::open;

         virtual bool open(bool appendMode) = 0;

     };


     class PcapFileWriterDevice : public IFileWriterDevice

     {

     private:

         pcap_dumper_t* m_PcapDumpHandler;

         LinkLayerType m_PcapLinkLayerType;

         bool m_AppendMode;

         FileTimestampPrecision m_Precision;

         FILE* m_File;


         // private copy c'tor

         PcapFileWriterDevice(const PcapFileWriterDevice& other);

         PcapFileWriterDevice& operator=(const PcapFileWriterDevice& other);


         void closeFile();


     public:

         PcapFileWriterDevice(const std::string& fileName, LinkLayerType linkLayerType = LINKTYPE_ETHERNET,

                              bool nanosecondsPrecision = false);


         ~PcapFileWriterDevice()

         {

             PcapFileWriterDevice::close();

         }


         bool writePacket(RawPacket const& packet) override;


         bool writePackets(const RawPacketVector& packets) override;


         FileTimestampPrecision getTimestampPrecision() const

         {

             return m_Precision;

         }


         static bool isNanoSecondPrecisionSupported();


         // override methods


         bool open() override;


         bool open(bool appendMode) override;


         void close() override;


         void flush();


         void getStatistics(PcapStats& stats) const override;

     };


     class PcapNgFileWriterDevice : public IFileWriterDevice

     {

     private:

         void* m_LightPcapNg;

         int m_CompressionLevel;

         BpfFilterWrapper m_BpfWrapper;


         // private copy c'tor

         PcapNgFileWriterDevice(const PcapFileWriterDevice& other);

         PcapNgFileWriterDevice& operator=(const PcapNgFileWriterDevice& other);


     public:

         PcapNgFileWriterDevice(const std::string& fileName, int compressionLevel = 0);


         virtual ~PcapNgFileWriterDevice()

         {

             close();

         }


         bool open(const std::string& os, const std::string& hardware, const std::string& captureApp,

                   const std::string& fileComment);


         bool writePacket(RawPacket const& packet, const std::string& comment);


         // overridden methods


         bool writePacket(RawPacket const& packet);


         bool writePackets(const RawPacketVector& packets);


         bool open();


         bool open(bool appendMode);


         void flush();


         void close();


         void getStatistics(PcapStats& stats) const;


         bool setFilter(std::string filterAsString);

     };


 }  // namespace pcpp

PcapDevice.h

RawPacket.h

pcpp::BpfFilterWrapper
Definition: PcapFilter.h:92

pcpp::IDevice::open
virtual bool open()=0

pcpp::IFileDevice
Definition: PcapFileDevice.h:39

pcpp::IFileDevice::getFileName
std::string getFileName() const

pcpp::IFileDevice::close
void close() override

pcpp::IFileReaderDevice
Definition: PcapFileDevice.h:65

pcpp::IFileReaderDevice::getNextPackets
int getNextPackets(RawPacketVector &packetVec, int numOfPacketsToRead=-1)

pcpp::IFileReaderDevice::getFileSize
uint64_t getFileSize() const

pcpp::IFileReaderDevice::getReader
static IFileReaderDevice * getReader(const std::string &fileName)

pcpp::IFileReaderDevice::IFileReaderDevice
IFileReaderDevice(const std::string &fileName)

pcpp::IFileReaderDevice::~IFileReaderDevice
virtual ~IFileReaderDevice()
Definition: PcapFileDevice.h:81

pcpp::IFileWriterDevice
Definition: PcapFileDevice.h:400

pcpp::IFileWriterDevice::~IFileWriterDevice
virtual ~IFileWriterDevice()
Definition: PcapFileDevice.h:411

pcpp::IPcapDevice
Definition: PcapDevice.h:114

pcpp::PcapFileReaderDevice
Definition: PcapFileDevice.h:116

pcpp::PcapFileReaderDevice::PcapFileReaderDevice
PcapFileReaderDevice(const std::string &fileName)
Definition: PcapFileDevice.h:131

pcpp::PcapFileReaderDevice::isNanoSecondPrecisionSupported
static bool isNanoSecondPrecisionSupported()

pcpp::PcapFileReaderDevice::getTimestampPrecision
FileTimestampPrecision getTimestampPrecision() const
Definition: PcapFileDevice.h:155

pcpp::PcapFileReaderDevice::~PcapFileReaderDevice
virtual ~PcapFileReaderDevice()
Definition: PcapFileDevice.h:139

pcpp::PcapFileReaderDevice::getStatistics
void getStatistics(PcapStats &stats) const

pcpp::PcapFileReaderDevice::getLinkLayerType
LinkLayerType getLinkLayerType() const
Definition: PcapFileDevice.h:145

pcpp::PcapFileReaderDevice::open
bool open()

pcpp::PcapFileReaderDevice::getNextPacket
bool getNextPacket(RawPacket &rawPacket)

pcpp::PcapFileWriterDevice
Definition: PcapFileDevice.h:429

pcpp::PcapFileWriterDevice::open
bool open(bool appendMode) override

pcpp::PcapFileWriterDevice::getStatistics
void getStatistics(PcapStats &stats) const override

pcpp::PcapFileWriterDevice::flush
void flush()

pcpp::PcapFileWriterDevice::close
void close() override

pcpp::PcapFileWriterDevice::PcapFileWriterDevice
PcapFileWriterDevice(const std::string &fileName, LinkLayerType linkLayerType=LINKTYPE_ETHERNET, bool nanosecondsPrecision=false)

pcpp::PcapFileWriterDevice::writePacket
bool writePacket(RawPacket const &packet) override

pcpp::PcapFileWriterDevice::~PcapFileWriterDevice
~PcapFileWriterDevice()
Definition: PcapFileDevice.h:460

pcpp::PcapFileWriterDevice::open
bool open() override

pcpp::PcapFileWriterDevice::isNanoSecondPrecisionSupported
static bool isNanoSecondPrecisionSupported()

pcpp::PcapFileWriterDevice::getTimestampPrecision
FileTimestampPrecision getTimestampPrecision() const
Definition: PcapFileDevice.h:488

pcpp::PcapFileWriterDevice::writePackets
bool writePackets(const RawPacketVector &packets) override

pcpp::PcapNgFileReaderDevice
Definition: PcapFileDevice.h:290

pcpp::PcapNgFileReaderDevice::getOS
std::string getOS() const

pcpp::PcapNgFileReaderDevice::~PcapNgFileReaderDevice
virtual ~PcapNgFileReaderDevice()
Definition: PcapFileDevice.h:310

pcpp::PcapNgFileReaderDevice::getStatistics
void getStatistics(PcapStats &stats) const

pcpp::PcapNgFileReaderDevice::getCaptureApplication
std::string getCaptureApplication() const

pcpp::PcapNgFileReaderDevice::close
void close()

pcpp::PcapNgFileReaderDevice::getNextPacket
bool getNextPacket(RawPacket &rawPacket, std::string &packetComment)

pcpp::PcapNgFileReaderDevice::getCaptureFileComment
std::string getCaptureFileComment() const

pcpp::PcapNgFileReaderDevice::getNextPacket
bool getNextPacket(RawPacket &rawPacket)

pcpp::PcapNgFileReaderDevice::PcapNgFileReaderDevice
PcapNgFileReaderDevice(const std::string &fileName)

pcpp::PcapNgFileReaderDevice::getHardware
std::string getHardware() const

pcpp::PcapNgFileReaderDevice::open
bool open()

pcpp::PcapNgFileReaderDevice::setFilter
bool setFilter(std::string filterAsString)

pcpp::PcapNgFileWriterDevice
Definition: PcapFileDevice.h:546

pcpp::PcapNgFileWriterDevice::writePackets
bool writePackets(const RawPacketVector &packets)

pcpp::PcapNgFileWriterDevice::writePacket
bool writePacket(RawPacket const &packet)

pcpp::PcapNgFileWriterDevice::setFilter
bool setFilter(std::string filterAsString)

pcpp::PcapNgFileWriterDevice::getStatistics
void getStatistics(PcapStats &stats) const

pcpp::PcapNgFileWriterDevice::open
bool open(const std::string &os, const std::string &hardware, const std::string &captureApp, const std::string &fileComment)

pcpp::PcapNgFileWriterDevice::open
bool open(bool appendMode)

pcpp::PcapNgFileWriterDevice::PcapNgFileWriterDevice
PcapNgFileWriterDevice(const std::string &fileName, int compressionLevel=0)

pcpp::PcapNgFileWriterDevice::close
void close()

pcpp::PcapNgFileWriterDevice::~PcapNgFileWriterDevice
virtual ~PcapNgFileWriterDevice()
Definition: PcapFileDevice.h:570

pcpp::PcapNgFileWriterDevice::open
bool open()

pcpp::PcapNgFileWriterDevice::writePacket
bool writePacket(RawPacket const &packet, const std::string &comment)

pcpp::PcapNgFileWriterDevice::flush
void flush()

pcpp::PointerVector
Definition: PointerVector.h:58

pcpp::RawPacket
Definition: RawPacket.h:269

pcpp::SnoopFileReaderDevice
Definition: PcapFileDevice.h:197

pcpp::SnoopFileReaderDevice::close
void close()

pcpp::SnoopFileReaderDevice::open
bool open()

pcpp::SnoopFileReaderDevice::SnoopFileReaderDevice
SnoopFileReaderDevice(const std::string &fileName)
Definition: PcapFileDevice.h:237

pcpp::SnoopFileReaderDevice::getLinkLayerType
LinkLayerType getLinkLayerType() const
Definition: PcapFileDevice.h:249

pcpp::SnoopFileReaderDevice::~SnoopFileReaderDevice
virtual ~SnoopFileReaderDevice()

pcpp::SnoopFileReaderDevice::getStatistics
void getStatistics(PcapStats &stats) const

pcpp::SnoopFileReaderDevice::getNextPacket
bool getNextPacket(RawPacket &rawPacket)

pcpp
The main namespace for the PcapPlusPlus lib.

pcpp::FileTimestampPrecision
FileTimestampPrecision
Definition: PcapFileDevice.h:25

pcpp::FileTimestampPrecision::Microseconds
@ Microseconds
Precision is in microseconds.

pcpp::FileTimestampPrecision::Unknown
@ Unknown
Precision is unknown or not set/determined.

pcpp::FileTimestampPrecision::Nanoseconds
@ Nanoseconds
Precision is in nanoseconds.

pcpp::TcpOptionEnumType::Unknown
@ Unknown

pcpp::LinkLayerType
LinkLayerType
Definition: RawPacket.h:25

pcpp::LINKTYPE_ETHERNET
@ LINKTYPE_ETHERNET
Definition: RawPacket.h:29

pcpp::IPcapDevice::PcapStats
Definition: PcapDevice.h:128