/src/PcapPlusPlus/Pcap++/header/PcapDevice.h
Line | Count | Source |
1 | | #pragma once |
2 | | |
3 | | #include "Device.h" |
4 | | #include "DeprecationUtils.h" |
5 | | |
6 | | // forward declaration for the pcap descriptor defined in pcap.h |
7 | | struct pcap; |
8 | | typedef pcap pcap_t; |
9 | | struct pcap_pkthdr; |
10 | | |
11 | | /// @file |
12 | | |
13 | | /// @namespace pcpp |
14 | | /// @brief The main namespace for the PcapPlusPlus lib |
15 | | namespace pcpp |
16 | | { |
17 | | // Forward Declaration - required for IPcapDevice::matchPacketWithFilter |
18 | | class GeneralFilter; |
19 | | |
20 | | namespace internal |
21 | | { |
22 | | /// @struct PcapStats |
23 | | /// A container for pcap device statistics |
24 | | struct PcapStats |
25 | | { |
26 | | /// Number of packets received |
27 | | uint64_t packetsRecv; |
28 | | /// Number of packets dropped |
29 | | uint64_t packetsDrop; |
30 | | /// number of packets dropped by interface (not supported on all platforms) |
31 | | uint64_t packetsDropByInterface; |
32 | | }; |
33 | | |
34 | | /// @class PcapHandle |
35 | | /// @brief A wrapper class for pcap_t* which is the libpcap packet capture descriptor. |
36 | | /// This class is used to manage the lifecycle of the pcap_t* object |
37 | | class PcapHandle |
38 | | { |
39 | | public: |
40 | | /// @brief Creates an empty handle. |
41 | 15.2k | constexpr PcapHandle() noexcept = default; |
42 | | /// @brief Creates a handle from the provided pcap descriptor. |
43 | | /// @param pcapDescriptor The pcap descriptor to wrap. |
44 | | explicit PcapHandle(pcap_t* pcapDescriptor) noexcept; |
45 | | |
46 | | PcapHandle(const PcapHandle&) = delete; |
47 | | PcapHandle(PcapHandle&& other) noexcept; |
48 | | |
49 | | PcapHandle& operator=(const PcapHandle&) = delete; |
50 | | PcapHandle& operator=(PcapHandle&& other) noexcept; |
51 | | PcapHandle& operator=(std::nullptr_t) noexcept; |
52 | | |
53 | | ~PcapHandle(); |
54 | | |
55 | | /// @return True if the handle is not null, false otherwise. |
56 | | bool isValid() const noexcept |
57 | 52.7k | { |
58 | 52.7k | return m_PcapDescriptor != nullptr; |
59 | 52.7k | } |
60 | | |
61 | | /// @return The underlying pcap descriptor. |
62 | | pcap_t* get() const noexcept |
63 | 34.7k | { |
64 | 34.7k | return m_PcapDescriptor; |
65 | 34.7k | } |
66 | | |
67 | | /// @brief Releases ownership of the handle and returns the pcap descriptor. |
68 | | /// @return The pcap descriptor or nullptr if no handle is owned. |
69 | | pcap_t* release() noexcept; |
70 | | |
71 | | /// @brief Replaces the managed handle with the provided one. |
72 | | /// @param pcapDescriptor A new pcap descriptor to manage. |
73 | | /// @remarks If the handle contains a non-null descriptor it will be closed. |
74 | | void reset(pcap_t* pcapDescriptor = nullptr) noexcept; |
75 | | |
76 | | /// @brief Helper function to retrieve a view of the last error string for this handle. |
77 | | /// @return A null-terminated view of the last error string. |
78 | | /// @remarks The returned view is only valid until the next call to a pcap function. |
79 | | char const* getLastError() const noexcept; |
80 | | |
81 | | /// @brief Sets a filter on the handle. Only packets that match the filter will be captured by the handle. |
82 | | /// |
83 | | /// The filter uses Berkeley Packet Filter (BPF) syntax (http://biot.com/capstats/bpf.html). |
84 | | /// |
85 | | /// @param[in] filter The filter to set in Berkeley Packet Filter (BPF) syntax. |
86 | | /// @return True if the filter was set successfully, false otherwise. |
87 | | bool setFilter(std::string const& filter); |
88 | | |
89 | | /// @brief Clears the filter currently set on the handle. |
90 | | /// @return True if the filter was removed successfully or if no filter was set, false otherwise. |
91 | | bool clearFilter(); |
92 | | |
93 | | /// @brief Retrieves statistics from the pcap handle. |
94 | | /// |
95 | | /// The function internally calls pcap_stats() to retrieve the statistics and only works on live devices. |
96 | | /// |
97 | | /// @param stats Structure to store the statistics. |
98 | | /// @return True if the statistics were retrieved successfully, false otherwise. |
99 | | bool getStatistics(PcapStats& stats) const; |
100 | | |
101 | | /// @return True if the handle is not null, false otherwise. |
102 | | explicit operator bool() const noexcept |
103 | 0 | { |
104 | 0 | return isValid(); |
105 | 0 | } |
106 | | |
107 | | bool operator==(std::nullptr_t) const noexcept |
108 | 32.0k | { |
109 | 32.0k | return !isValid(); |
110 | 32.0k | } |
111 | | bool operator!=(std::nullptr_t) const noexcept |
112 | 20.6k | { |
113 | 20.6k | return isValid(); |
114 | 20.6k | } |
115 | | |
116 | | private: |
117 | | pcap_t* m_PcapDescriptor = nullptr; |
118 | | }; |
119 | | } // namespace internal |
120 | | |
121 | | /// @brief An interface for providing Pcap-based device statistics |
122 | | class IPcapStatisticsProvider |
123 | | { |
124 | | public: |
125 | 15.2k | virtual ~IPcapStatisticsProvider() = default; |
126 | | |
127 | | using PcapStats = internal::PcapStats; |
128 | | |
129 | | /// @brief Get statistics from the device |
130 | | /// @return An object containing the stats |
131 | | PcapStats getStatistics() const; |
132 | | |
133 | | /// Get statistics from the device |
134 | | /// @param[out] stats An object containing the stats |
135 | | virtual void getStatistics(PcapStats& stats) const = 0; |
136 | | }; |
137 | | |
138 | | /// @class IPcapDevice |
139 | | /// An abstract class representing all libpcap-based packet capturing devices: files, libPcap, WinPcap/Npcap and |
140 | | /// RemoteCapture. This class is abstract and cannot be instantiated |
141 | | class IPcapDevice : public IDevice, public IFilterableDevice, public IPcapStatisticsProvider |
142 | | { |
143 | | protected: |
144 | | internal::PcapHandle m_PcapDescriptor; |
145 | | |
146 | | // c'tor should not be public |
147 | 15.2k | IPcapDevice() : IDevice() |
148 | 15.2k | {} |
149 | | |
150 | | public: |
151 | 15.2k | virtual ~IPcapDevice() = default; |
152 | | |
153 | | /// A static method for retrieving pcap lib (libpcap/WinPcap/etc.) version information. This method is actually |
154 | | /// a wrapper for [pcap_lib_version()](https://www.tcpdump.org/manpages/pcap_lib_version.3pcap.html) |
155 | | /// @return A string containing the pcap lib version information |
156 | | static std::string getPcapLibVersionInfo(); |
157 | | |
158 | | /// Match a raw packet with a given BPF filter. Notice this method is static which means you don't need any |
159 | | /// device instance in order to perform this match |
160 | | /// @param[in] filter A filter class to test against |
161 | | /// @param[in] rawPacket A pointer to the raw packet to match the filter with |
162 | | /// @return True if raw packet matches the filter or false otherwise |
163 | | /// @deprecated This method is deprecated, use GeneralFilter::matches(...) method directly. |
164 | | PCPP_DEPRECATED("Prefer GeneralFilter::matches(...) method directly.") |
165 | | static bool matchPacketWithFilter(GeneralFilter& filter, RawPacket* rawPacket); |
166 | | |
167 | | // implement abstract methods |
168 | | |
169 | | using IFilterableDevice::setFilter; |
170 | | |
171 | | /// Set a filter for the device. When implemented by the device, only packets that match the filter will be |
172 | | /// received. Please note that when the device is closed the filter is reset so when reopening the device you |
173 | | /// need to call this method again in order to reactivate the filter |
174 | | /// @param[in] filterAsString The filter to be set in Berkeley Packet Filter (BPF) syntax |
175 | | /// (http://biot.com/capstats/bpf.html) |
176 | | /// @return True if filter set successfully, false otherwise |
177 | | bool setFilter(std::string filterAsString) override; |
178 | | |
179 | | /// Clear the filter currently set on device |
180 | | /// @return True if filter was removed successfully or if no filter was set, false otherwise |
181 | | bool clearFilter() override; |
182 | | }; |
183 | | } // namespace pcpp |