C++ API¶
Pcap¶
-
class
Pcap
¶ Holds pcap file information and provides methods for pcap manipulation.
-
Pcap
()¶ Default constructor of a new Pcap::Pcap object. Needs opening afterwards.
-
Pcap
(const std::string& filename) Constructs Pcap objects, opens pcap file and initializes data.
Parameters: file_name – Path to pcap.
-
void open_pcap(const std::string& filename)
Opens pcap. Only needed if Pcap object created with default constructor.
Parameters: file_name – Path to pcap.
-
std::unique_ptr<Packet> next_packet()
Read next packet from a pcap file. Returns nullptr if no more packets.
Returns: Next Packet
parsed out of pcap file.
-
Packet¶
-
class
Packet
¶ -
Packet
(uint8_t* data, unsigned int length)¶ Constructor of a new Packet
Packet
object.Parameters: - data – Pointer to start of pcap bytes.
- length – Length of read packet.
-
const Ethernet* ethernet() const
Returns: Ethernet
object ornullptr
.
-
const IPv4* ipv4() const
Returns: IPv4
object ornullptr
.
-
const IPv6* ipv6() const
Returns: IPv6
object ornullptr
.
-
const UDP* udp() const
Returns: UDP
object ornullptr
.
-
const TCP* tcp() const
Returns: TCP
object ornullptr
.
-
const DNS* dns() const
Returns: DNS
object ornullptr
.
-
const IRC* irc() const
Returns: IRC
object ornullptr
.
-
const Telnet* telnet() const
Returns: Telnet
object ornullptr
.
-
const HTTP* http() const
Returns: HTTP
object ornullptr
.
-
unsigned int length() const
Returns: Packet length.
-
unsigned int payload_length() const
Returns: Payload length (packet data following transport protocols).
-
uint8_t* payload()
Returns: Payload data.
-
Ethernet¶
-
class
Ethernet
¶ -
const std::string& source() const
Returns: Source MAC address. (e.g. "54:75:d0:c9:0b:81"
)
-
const std::string& destination() const
Destination: Source MAC address. (e.g. "54:75:d0:c9:0b:81"
)
-
const std::string& type() const
Returns: "IPv4"
,"IPv6"
or"ARP"
-
IPv4¶
-
class
IPv4
¶ -
const std::string& source() const
Returns: Source IPv4 address. (e.g. "192.168.0.1"
)
-
const std::string& destination() const
Returns: Destination IPv4 address. (e.g. "192.168.0.1"
)
-
const std::string& protocol() const
Returns: Next protocol. (e.g., "TCP"
,"UDP"
,"ICMP"
…)
-
const std::string& header_length() const
Returns: IPv4 header length.
-
IPv6¶
-
class
IPv6
¶ -
const std::string& source() const
Returns: Source IPv6 address. (e.g. "fe80::0202:b3ff:fe1e:8329"
)
-
const std::string& destination() const
Returns: Destination IPv6 address. (e.g. "fe80::0202:b3ff:fe1e:8329"
)
-
const std::string& next_header() const
Returns: Next header type. (e.g., "TCP"
,"UDP"
,"ICMP"
…)
-
UDP¶
-
class
UDP
¶ -
unsigned int source_port() const
Returns: Source port number.
-
unsigned int destination_port() const
Returns: Destination port number.
-
TCP¶
-
class
TCP
¶ -
unsigned int source_port() const
Returns: Source port number.
-
unsigned int destination_port() const
Returns: Destination port number.
-
DNS¶
-
class
DNS
¶ -
unsigned int qr() const
Returns: 0
(Query) or1
(Response).
-
unsigned int question_count() const
Returns: Number of question entries.
-
unsigned int answer_count() const
Returns: Number of answer entries.
-
unsigned int authority_count() const
Returns: Number of entries in authoritative NS section.
-
unsigned int additional_count() const
Returns: Number of additional resource records.
-
const std::vector<std::string>& answers() const
Returns: Answer RRs. Vector of std::string formatted as: "google.com A 172.217.23.206"
-
const std::vector<std::string>& authoritatives() const
Returns: Authoritative NS RRs. Vector of std::string formatted as: "google.com NS ns4.google.com"
-
const std::vector<std::string>& additionals() const
Returns: Additional RRs. Vector of std::string formatted as: "google.com A 172.217.23.206"
-
IRC¶
-
class
IRC
¶ -
const std::vector<struct irc_message> messages() const
Returns: Vector of IRC messages.
-
Telnet¶
-
class
Telnet
¶ -
bool is_command() const
Returns: true
if Telnet packet is a command.
-
bool is_data() const
Returns: true
if Telnet packet contains message data.
-
const std::string& data() const
Returns: Captured Telnet data.
-
HTTP¶
-
class
HTTP
¶ -
bool is_request() const
Returns: true
if packet is an HTTP request.
-
bool is_response() const
Returns: true
if packet is an HTTP response.
-
bool non_ascii() const
Returns: true
if packet contains non ascii symbols in the header.
-
const std::string& request_method() const
Returns: Request method type (e.g. "GET"
).
-
const std::string& request_uri() const
Returns: Request URI value.
-
const std::string& http_version() const
Returns: HTTP version (e.g. "HTTP/1.1"
).
-
const std::string& response_phrase() const
Returns: Response phrase value.
-
const std::string& status_code() const
Returns: String status code.
-
std::map<std::string, std::string> headers() const
Returns: Dictionary with HTTP headers values.
-
uint8_t* body()
Returns: HTTP body data.
-
unsigned int body_length() const
Returns: Length of the data.
-