|
IPAddress | getRemoteMachineIpAddress () const |
|
uint16_t | getRemoteMachinePort () const |
|
LiveDeviceType | getDeviceType () const override |
|
uint32_t | getMtu () const override |
|
MacAddress | getMacAddress () const override |
|
bool | open () override |
|
void | getStatistics (IPcapDevice::PcapStats &stats) const override |
|
PcapRemoteDevice * | clone () const override |
|
| ~PcapLiveDevice () override |
|
std::string | getName () const |
|
std::string | getDesc () const |
|
bool | getLoopback () const |
|
virtual LinkLayerType | getLinkType () const |
|
std::vector< IPAddress > | getIPAddresses () const |
|
IPv4Address | getIPv4Address () const |
|
IPv6Address | getIPv6Address () const |
|
IPv4Address | getDefaultGateway () const |
|
const std::vector< IPv4Address > & | getDnsServers () const |
|
virtual bool | startCapture (OnPacketArrivesCallback onPacketArrives, void *onPacketArrivesUserCookie) |
|
virtual bool | startCapture (OnPacketArrivesCallback onPacketArrives, void *onPacketArrivesUserCookie, int intervalInSecondsToUpdateStats, OnStatsUpdateCallback onStatsUpdate, void *onStatsUpdateUserCookie) |
|
virtual bool | startCapture (int intervalInSecondsToUpdateStats, OnStatsUpdateCallback onStatsUpdate, void *onStatsUpdateUserCookie) |
|
virtual bool | startCapture (RawPacketVector &capturedPacketsVector) |
|
virtual int | startCaptureBlockingMode (OnPacketArrivesStopBlocking onPacketArrives, void *userCookie, const double timeout) |
|
void | stopCapture () |
|
bool | captureActive () |
|
bool | doMtuCheck (int packetPayloadLength) const |
|
bool | sendPacket (RawPacket const &rawPacket, bool checkMtu=false) |
|
bool | sendPacket (const uint8_t *packetData, int packetDataLength, int packetPayloadLength) |
|
bool | sendPacket (const uint8_t *packetData, int packetDataLength, bool checkMtu=false, pcpp::LinkLayerType linkType=pcpp::LINKTYPE_ETHERNET) |
|
bool | sendPacket (Packet *packet, bool checkMtu=true) |
|
virtual int | sendPackets (RawPacket *rawPacketsArr, int arrLength, bool checkMtu=false) |
|
virtual int | sendPackets (Packet **packetsArr, int arrLength, bool checkMtu=true) |
|
virtual int | sendPackets (const RawPacketVector &rawPackets, bool checkMtu=false) |
|
bool | open (const DeviceConfiguration &config) |
|
void | close () override |
|
virtual bool | setFilter (std::string filterAsString) |
|
bool | clearFilter () |
|
virtual bool | setFilter (GeneralFilter &filter) |
|
virtual bool | setFilter (std::string filterAsString)=0 |
|
bool | isOpened () |
|
virtual bool | setFilter (GeneralFilter &filter) |
|
A class that provides a C++ wrapper for WinPcap/Npcap Remote Capture feature. This feature allows to interact to a remote machine and capture packets that are being transmitted on the remote network interfaces. This requires a remote daemon (called rpcapd) which performs the capture and sends data back and the local client (represented by PcapRemoteDevice) that sends the appropriate commands and receives the captured data. You can read more about this feature in WinPcap Remote Capture manual: https://www.winpcap.org/docs/docs_412/html/group__remote.html
Since this feature is supported in WinPcap and Npcap only and not in libpcap, PcapRemoteDevice can only be used in Windows only.
This class provides a wrapper for the local client, meaning it assumes the daemon (rpcapd) is already running on the remote machine and it tries to connect to it and start receiving/sending packets from/to it. This class assumes rpcapd is in passive mode, meaning PcapRemoteDevice connects to the remote daemon, sends the appropriate commands to it, and starts capturing packets, rather than letting the daemon connect to the client by itself. Using PcapRemoteDevice is very similar to using the other live devices (PcapLiveDevice or WinPcapLiveDevice), meaning the API's are the same and the same logic is used (for example: capturing is done on a different thread, sending packets are done on the same thread, etc.). For the full API and explanations, please refer to PcapLiveDevice. The reason for the similar API is that WinPcap/Npcap's API is very similar between Remote Capture and local network interface capture. The things that are different are some are some implementation details, mainly in making the connection to the remote daemon, and the way the user can get the instance of PcapRemoteDevice. For more details on that please refer to PcapRemoteDeviceList