|
| IPAddress * | getRemoteMachineIpAddress () |
| |
| uint16_t | getRemoteMachinePort () |
| |
| virtual LiveDeviceType | getDeviceType () |
| |
| virtual uint16_t | getMtu () |
| |
| virtual MacAddress | getMacAddress () |
| |
| virtual bool | open () |
| |
| void | getStatistics (pcap_stat &stats) |
| |
| virtual | ~PcapLiveDevice () |
| |
| const char * | getName () |
| |
| const char * | getDesc () |
| |
| bool | getLoopback () |
| |
| std::vector< pcap_addr_t > & | getAddresses () |
| |
| IPv4Address | getIPv4Address () |
| |
| IPv4Address | getDefaultGateway () |
| |
| std::vector< IPv4Address > & | getDnsServers () |
| |
| virtual bool | startCapture (OnPacketArrivesCallback onPacketArrives, void *onPacketArrivesUserCookie) |
| |
| virtual bool | startCapture (OnPacketArrivesCallback onPacketArrives, void *onPacketArrivesUserCookie, int intervalInSecondsToUpdateStats, OnStatsUpdateCallback onStatsUpdate, void *onStatsUpdateUserCookie) |
| |
| virtual bool | startCapture (int intervalInSecondsToUpdateStats, OnStatsUpdateCallback onStatsUpdate, void *onStatsUpdateUserCookie) |
| |
| virtual bool | startCapture (RawPacketVector &capturedPacketsVector) |
| |
| virtual int | startCaptureBlockingMode (OnPacketArrivesStopBlocking onPacketArrives, void *userCookie, int timeout) |
| |
| void | stopCapture () |
| |
| bool | sendPacket (RawPacket const &rawPacket) |
| |
| bool | sendPacket (const uint8_t *packetData, int packetDataLength) |
| |
| bool | sendPacket (Packet *packet) |
| |
| virtual int | sendPackets (RawPacket *rawPacketsArr, int arrLength) |
| |
| virtual int | sendPackets (Packet **packetsArr, int arrLength) |
| |
| virtual int | sendPackets (const RawPacketVector &rawPackets) |
| |
| void | close () |
| |
| bool | open (DeviceMode mode) |
| |
| bool | isOpened () |
| |
| bool | setFilter (GeneralFilter &filter) |
| |
| virtual bool | setFilter (std::string filterAsString) |
| |
| void | clearFilter () |
| |
A class that provides a C++ wrapper for WinPcap Remote Capture feature. This feature allows to interact to a remote machine and capture packets that are being transmitted on the remote network interfaces. This requires a remote daemon (called rpcapd) which performs the capture and sends data back and the local client (represented by PcapRemoteDevice) that sends the appropriate commands and receives the captured data. You can read more about this feature in WinPcap Remote Capture manual: https://www.winpcap.org/docs/docs_412/html/group__remote.html
Since this feature is supported in WinPcap only and not in libpcap, PcapRemoteDevice can only be used in Windows only.
This class provides a wrapper for the local client, meaning it assumes the daemon (rpcapd) is already running on the remote machine and it tries to connect to it and start receiving/sending packets from/to it. This class assumes rpcapd is in passive mode, meaning PcapRemoteDevice connects to the remote daemon, sends the appropriate commands to it, and starts capturing packets, rather than letting the daemon connect to the client by itself. Using PcapRemoteDevice is very similar to using the other live devices (PcapLiveDevice or WinPcapLiveDevice), meaning the API's are the same and the same logic is used (for example: capturing is done on a different thread, sending packets are done on the same thread, etc.). For the full API and explanations, please refer to PcapLiveDevice. The reason for the similar API is that WinPcap's API is very similar between Remote Capture and local network interface capture. The things that are different are some are some implementation details, mainly in making the connection to the remote daemon, and the way the user can get the instance of PcapRemoteDevice. For more details on that please refer to PcapRemoteDeviceList
Public Member Functions inherited from pcpp::PcapLiveDevice