Beispiel #1
0
// Matches returns true if the given packet data matches this filter.
func (b *BPF) Matches(ci gopacket.CaptureInfo, data []byte) bool {
	var hdr C.struct_pcap_pkthdr
	hdr.ts.tv_sec = C.gopacket_time_secs_t(ci.Timestamp.Unix())
	hdr.ts.tv_usec = C.gopacket_time_usecs_t(ci.Timestamp.Nanosecond() / 1000)
	hdr.caplen = C.bpf_u_int32(len(data)) // Trust actual length over ci.Length.
	hdr.len = C.bpf_u_int32(ci.Length)
	dataptr := (*C.u_char)(unsafe.Pointer(&data[0]))
	return C.pcap_offline_filter(&b.bpf, &hdr, dataptr) != 0
}
Beispiel #2
0
// Writes a packet to the file. The return values of ReadPacketData
// can be passed to this function as arguments.
func (d *Dumper) WritePacketData(data []byte, ci gopacket.CaptureInfo) (err error) {
	var pkthdr _Ctype_struct_pcap_pkthdr
	pkthdr.caplen = C.bpf_u_int32(ci.CaptureLength)
	pkthdr.len = C.bpf_u_int32(ci.Length)

	pkthdr.ts.tv_sec = C.gopacket_time_secs_t(ci.Timestamp.Unix())
	pkthdr.ts.tv_usec = C.gopacket_time_usecs_t(ci.Timestamp.Nanosecond() / 1000)

	// pcap_dump takes a u_char pointer to the dumper as first argument
	dumper_ptr := (*C.u_char)(unsafe.Pointer(d.cptr))

	// trick to get a pointer to the underling slice
	ptr := (*C.u_char)(unsafe.Pointer(&data[0]))

	_, err = C.pcap_dump(dumper_ptr, &pkthdr, ptr)
	return
}