// Matches returns true if the given packet data matches this filter.
func (b *BPF) Matches(ci gopacket.CaptureInfo, data []byte) bool {
var hdr C.struct_pcap_pkthdr
hdr.ts.tv_sec = C.gopacket_time_secs_t(ci.Timestamp.Unix())
hdr.ts.tv_usec = C.gopacket_time_usecs_t(ci.Timestamp.Nanosecond() / 1000)
hdr.caplen = C.bpf_u_int32(len(data)) // Trust actual length over ci.Length.
hdr.len = C.bpf_u_int32(ci.Length)
dataptr := (*C.u_char)(unsafe.Pointer(&data[0]))
return C.pcap_offline_filter(&b.bpf, &hdr, dataptr) != 0
}
func (pd *PcapDumper) Dump(pkt *Packet) {
var pkthdr C.struct_pcap_pkthdr
pkthdr.ts.tv_sec = (C.__time_t)(pkt.Time.Sec)
pkthdr.ts.tv_usec = (C.__suseconds_t)(pkt.Time.Usec)
pkthdr.caplen = (C.bpf_u_int32)(pkt.Caplen)
pkthdr.len = (C.bpf_u_int32)(pkt.Len)
buf := (*C.char)(C.malloc((C.size_t)(len(pkt.Data))))
for i := 0; i < len(pkt.Data); i++ {
*(*byte)(unsafe.Pointer(uintptr(unsafe.Pointer(buf)) + uintptr(i))) = pkt.Data[i]
}
C.pcap_dump((*C.u_char)(unsafe.Pointer(pd.cptr)), &pkthdr, (*C.u_char)(unsafe.Pointer(buf)))
}
