in general, I want to analyze a tcp packet ,first I should read the pcap file in c++(this is my first problem), after that I want to analyze just the tcp packets in the flow of packets, and find it's header details such that "syn","ack","fin","source ip","destination ip" and etc ,for this I read something a bout "pcap" that I found it here, but it doesn't give me enough information, it doesn't give me any thing about "syn" or "ack",.....and now I don't know how and with which program in c++ or c# I can do it??? that is my big problem! thank you so much for your attention asked 16 Jan '14, 08:22  mesmslampanah |
2 Answers:
What you need is a c++/c# 'wrapper library' for libpcap. There are two candidates I know of: Pcap.Net SharpPcap
For both you need
If you don't know how to program in c++/c# you will have a hard time to finish your task. Maybe you'll find some example code in one of the wrapper libraries above, that does similar things you need. Regards answered 16 Jan '14, 10:13  Kurt Knochner ♦ edited 16 Jan '14, 10:15 |
You can also use PcapPlusPlus. It has all that you need and more... answered 02 Jun '15, 11:21  seladb |
thanks for your help,I know C# programming and C++,but i dont know what's of their is easier to do this? I saw a sample written by Perl,but it had some functions(read byte and byte) and Data Type (like hash)
Well, that's something you should decide for yourself, as it mainly depends on your skills and your personal preferences...