C++ API¶

Pcap¶

class Pcap¶

Holds pcap file information and provides methods for pcap manipulation.

Pcap()¶: Default constructor of a new Pcap::Pcap object. Needs opening afterwards.

Pcap(const std::string& filename)

Constructs Pcap objects, opens pcap file and initializes data.

Parameters:	file_name – Path to pcap.

void open_pcap(const std::string& filename)

Opens pcap. Only needed if Pcap object created with default constructor.

Parameters:	file_name – Path to pcap.

std::unique_ptr<Packet> next_packet()

Read next packet from a pcap file. Returns nullptr if no more packets.

Returns:	Next `Packet` parsed out of pcap file.

Packet¶

class Packet¶

Packet(uint8_t* data, unsigned int length)¶

Constructor of a new Packet Packet object.

Parameters:	data – Pointer to start of pcap bytes. length – Length of read packet.

const Ethernet* ethernet() const

Returns:	`Ethernet` object or `nullptr`.

const IPv4* ipv4() const

Returns:	`IPv4` object or `nullptr`.

const IPv6* ipv6() const

Returns:	`IPv6` object or `nullptr`.

const UDP* udp() const

Returns:	`UDP` object or `nullptr`.

const TCP* tcp() const

Returns:	`TCP` object or `nullptr`.

const DNS* dns() const

Returns:	`DNS` object or `nullptr`.

unsigned int length() const

Returns:	Packet length.

unsigned int payload_length() const

Returns:	Payload length (packet data following transport protocols).

uint8_t* payload()

Returns:	Payload data

Ethernet¶

class Ethernet¶

const std::string& source() const

Returns:	Source MAC address. (e.g. `"54:75:d0:c9:0b:81"`)

const std::string& destination() const

Destination:	Source MAC address. (e.g. `"54:75:d0:c9:0b:81"`)

const std::string& type() const

Returns:	`"IPv4"`, `"IPv6"` or `"ARP"`

IPv4¶

class IPv4¶

const std::string& source() const

Returns:	Source IPv4 address. (e.g. `"192.168.0.1"`)

const std::string& destination() const

Returns:	Destination IPv4 address. (e.g. `"192.168.0.1"`)

const std::string& protocol() const

Returns:	Next protocol. (e.g., `"TCP"`, `"UDP"`, `"ICMP"`…)

const std::string& header_length() const

Returns:	IPv4 header length.

IPv6¶

class IPv6¶

const std::string& source() const

Returns:	Source IPv6 address. (e.g. `"fe80::0202:b3ff:fe1e:8329"`)

const std::string& destination() const

Returns:	Destination IPv6 address. (e.g. `"fe80::0202:b3ff:fe1e:8329"`)

const std::string& next_header() const

Returns:	Next header type. (e.g., `"TCP"`, `"UDP"`, `"ICMP"`…)

UDP¶

class UDP¶

unsigned int source_port() const

Returns:	Source port number.

unsigned int destination_port() const

Returns:	Destination port number.

TCP¶

class TCP¶

unsigned int source_port() const

Returns:	Source port number.

unsigned int destination_port() const

Returns:	Destination port number.

DNS¶

class DNS¶

unsigned int qr() const

Returns:	`0` (Query) or `1` (Response).

unsigned int question_count() const

Returns:	Number of question entries.

unsigned int answer_count() const

Returns:	Number of answer entries.

unsigned int authority_count() const

Returns:	Number of entries in authoritative NS section.

unsigned int additional_count() const

Returns:	Number of additional resource records.

const std::vector<std::string>& answers() const

Returns:	Answer RRs. Vector of std::string formatted as: `"google.com A 172.217.23.206"`

const std::vector<std::string>& authoritatives() const

Returns:	Authoritative NS RRs. Vector of std::string formatted as: `"google.com NS ns4.google.com"`

const std::vector<std::string>& additionals() const

Returns:	Additional RRs. Vector of std::string formatted as: `"google.com A 172.217.23.206"`