Skip to content
/ packet_sniffer Public

This is a packet sniffer program created using pcap library with the C programming language to run on Linux.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

r-karunathilake/packet_sniffer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
captured_packets.txt
captured_packets.txt
 
 
packet_sniffer.c
packet_sniffer.c
 
 

Repository files navigation

Packet Capture Program in C

This is a simple packet capture program written in C for Linux. It allows you to capture network packets and analyze their contents. This program uses the popular libpcap library to capture packets and provides a basic command-line interface for interacting with the program.

Features

  • Capture network packets on a specified network interface.
  • Add network filter to the capture. See tcpdump filters.
  • Specify number of packets to capture.
  • Parse packet details such as source and destination IP addresses, protocols, etc.
  • Save captured packets to a log file for later analysis.

Prerequisites

Before using this program, ensure you have the following prerequisites installed:

  • Linux OS
  • C Compiler (e.g., GCC)
  • libpcap library

Installation

  1. Clone this repository to your local machine:
  • SSH: [email protected]:r-karunathilake/packet_sniffer.git
  • HTTPS: https://github.com/r-karunathilake/packet_sniffer.git
  1. Compile the program using your C compiler: e.g. gcc packet_capture.c -o packet_capture -lpcap

Usage

You can run the packet capture program by executing the following command: ./packet_capture [options]

Replace [options] with the following:

  • -l <log_file>: (Optional) Specify the output file to save captured packets (in text format). Default is a "log.txt" file in the current working directory.

  • -n <num_packets>: (Optional) Specify the maximum number of packets to capture. Default is continuous capture until program is terminated.

  • -i <interface>: (Optional) Specify the network interface to capture packets (e.g., eth0). If not provided, the default interface is selected.

  • -f <filter_pattern>: (Optional) Specify packet filter string based on TCPDump format.

  • -t <time>: (Optional) Specify the time to run the capture in milliseconds. Default is 10 seconds. Note: this option overrides the number of packets.

  • -h: Display help and usage information.

Example usage: sudo ./packet_sniffer -i eth0 -n 20 -f "tcp or udp or icmp" -t 5000 -l captured_packets.txt

This command shows a capture instance on eth0 interface for 20 packets for 5 seconds. Additionally, tcp or udp or icmp filter is configured. Finally, the captured output is logged to captured_packets.txt.

Note: require super user privileges to run the program.

License

This packet capture program is open-source and available under the MIT License.

Author

Ravindu Karunathilake 
Email: [email protected]
GitHub: https://github.com/r-karunathilake

References

  1. Programming with PCAP by Tim Carstens
  2. Packet Sniffer in C
  3. The Sniffer's Guide to Raw Traffic

About

This is a packet sniffer program created using pcap library with the C programming language to run on Linux.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages