Crates.io | pcap_on_demand |
lib.rs | pcap_on_demand |
version | 0.1.3 |
source | src |
created_at | 2020-03-10 20:12:05.297434 |
updated_at | 2020-05-12 07:59:29.836772 |
description | A packet capture API around pcap/wpcap that loads pcap/wpcap on demand |
homepage | https://github.com/MalteSchledjewski/pcap_on_demand |
repository | https://github.com/MalteSchledjewski/pcap_on_demand |
max_upload_size | |
id | 217364 |
size | 102,385 |
This is a fork of the pcap crate.
This crate load the pcap library on demand.
It therefore gives even less guarantees.
This is a Rust language crate for accessing the packet sniffing capabilities of pcap (or wpcap on Windows). If you need anything feel free to post an issue or submit a pull request!
See examples for usage.
Install WinPcap.
Place wpcap.dll in your C:\Rust\bin\rustlib\x86_64-pc-windows-gnu\lib\
directory on 64 bit
or C:\Rust\bin\rustlib\i686-pc-windows-gnu\lib\
on 32 bit.
On Debian based Linux, install libpcap-dev
. If not running as root, you need to set capabilities like so: sudo setcap cap_net_raw,cap_net_admin=eip path/to/bin
libpcap should be installed on Mac OS X by default.
Note: A timeout of zero may cause pcap::Capture::next
to hang and never return (because it waits for the timeout to expire before returning). This can be fixed by using a non-zero timeout (as the libpcap manual recommends) and calling pcap::Capture::next
in a loop.
If PCAP_LIBDIR
environment variable is set when building the crate, it will be added to the linker search path - this allows linking against a specific libpcap
.
tokio
Use the tokio
feature to enable support for streamed packet captures.
[dependencies]
pcap = { version = "0.7", features = ["tokio"] }
pcap-savefile-append
To get access to the Capture::savefile_append
function (which allows appending
to an existing pcap file) you have to depend on the pcap-savefile-append
feature flag. It requires at least libpcap version 1.7.2.
[dependencies]
pcap = { version = "0.7", features = ["pcap-savefile-append"] }
pcap-fopen-offline-precision
To enable Capture::from_raw_fd_with_precision
constructor (which allows opening
an offline capture from a raw file descriptor with a predefined timestamp precision)
you have to add pcap-fopen-offline-precision
feature flag. This requires libpcap
version 1.5.0 or later.
[dependencies]
pcap = { version = "0.7", features = ["pcap-fopen-offline-precision"] }
Licensed under either of
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.