descriptor to look at packets on the network. _d_e_v_i_c_e is a
string that specifies the network device to open. _s_n_a_p_l_e_n
specifies the maximum number of bytes to capture. _p_r_o_m_i_s_c
specifies if the interface is to be put into promiscuous
mode. (Note that even if this parameter is false, the
interface could well be in promiscuous mode for some other
reason.) _t_o__m_s specifies the read timeout in milliseconds.
_e_b_u_f is used to return error text and is only set when
ppppccccaaaapppp____ooooppppeeeennnn____lllliiiivvvveeee(((()))) fails and returns NNNNUUUULLLLLLLL.
ppppccccaaaapppp____ooooppppeeeennnn____oooofffffffflllliiiinnnneeee(((()))) is called to open a ``savefile'' for
reading. _f_n_a_m_e specifies the name of the file to open. The
file has the same format as those used by ttttccccppppdddduuuummmmpppp((((1111)))) and
ttttccccppppsssslllliiiicccceeee((((1111)))). The name "-" in a synonym for ssssttttddddiiiinnnn. _e_b_u_f is
used to return error text and is only set when
ppppccccaaaapppp____ooooppppeeeennnn____oooofffffffflllliiiinnnneeee(((()))) fails and returns NNNNUUUULLLLLLLL.
ppppccccaaaapppp____dddduuuummmmpppp____ooooppppeeeennnn(((()))) is called to open a ``savefile'' for
writing. The name "-" in a synonym for ssssttttddddoooouuuutttt. NNNNUUUULLLLLLLL is
returned on failure. _p is a _p_c_a_p struct as returned by
ppppccccaaaapppp____ooooppppeeeennnn____oooofffffffflllliiiinnnneeee(((()))) or ppppccccaaaapppp____ooooppppeeeennnn____lllliiiivvvveeee(((()))). _f_n_a_m_e specifies
the name of the file to open. If NNNNUUUULLLLLLLL is returned,
ppppccccaaaapppp____ggggeeeetttteeeerrrrrrrr(((()))) can be used to get the error text.
ppppccccaaaapppp____llllooooooookkkkuuuuppppddddeeeevvvv(((()))) returns a pointer to a network device
suitable for use with ppppccccaaaapppp____ooooppppeeeennnn____lllliiiivvvveeee(((()))) and ppppccccaaaapppp____llllooooooookkkkuuuuppppnnnneeeetttt(((()))).
If there is an error, NNNNUUUULLLLLLLL is returned and _e_r_r_b_u_f is filled
in with with an appropriate error message.
ppppccccaaaapppp____llllooooooookkkkuuuuppppnnnneeeetttt(((()))) is used to determine the network number and
mask associated with the network device ddddeeeevvvviiiicccceeee. Both _n_e_t_p
and _m_a_s_k_p are _b_p_f__u__i_n_t_3_2 pointers. A return of -1
indicates an error in which case _e_r_r_b_u_f is filled in with
with an appropriate error message.
ppppccccaaaapppp____ddddiiiissssppppaaaattttcccchhhh(((()))) is used to collect and process packets. _c_n_t
specifies the maximum number of packets to process before
returning. A _c_n_t of -1 processes all the packets received in
one buffer. A _c_n_t of 0 processes all packets until an error
occurs, EEEEOOOOFFFF is reached, or the read times out (when doing
live reads and a non-zero read timeout is specified).
_c_a_l_l_b_a_c_k specifies a routine to be called with three
arguments: a _u__c_h_a_r pointer which is passed in from
ppppccccaaaapppp____ddddiiiissssppppaaaattttcccchhhh(((()))), a pointer to the _p_c_a_p__p_k_t_h_d_r struct (which
precede the actual network headers and data), and a _u__c_h_a_r
pointer to the packet data. The number of packets read is
returned. Zero is returned when EEEEOOOOFFFF is reached in a
``savefile.'' A return of -1 indicates an error in which
case ppppccccaaaapppp____ppppeeeerrrrrrrroooorrrr(((()))) or ppppccccaaaapppp____ggggeeeetttteeeerrrrrrrr(((()))) may be used to display
the error text.
ppppccccaaaapppp____dddduuuummmmpppp(((()))) outputs a packet to the ``savefile'' opened with
ppppccccaaaapppp____dddduuuummmmpppp____ooooppppeeeennnn(((()))). Note that its calling arguments are
suitable for use with ppppccccaaaapppp____ddddiiiissssppppaaaattttcccchhhh(((()))).
ppppccccaaaapppp____ccccoooommmmppppiiiilllleeee(((()))) is used to compile the string _s_t_r into a
filter program. _p_r_o_g_r_a_m is a pointer to a _b_p_f__p_r_o_g_r_a_m
struct and is filled in by ppppccccaaaapppp____ccccoooommmmppppiiiilllleeee(((()))). _o_p_t_i_m_i_z_e
controls whether optimization on the resulting code is
performed. _n_e_t_m_a_s_k specifies the netmask of the local net.
ppppccccaaaapppp____sssseeeettttffffiiiilllltttteeeerrrr(((()))) is used to specify a filter program. _f_p is
a pointer to an array of _b_p_f__p_r_o_g_r_a_m struct, usually the
result of a call to ppppccccaaaapppp____ccccoooommmmppppiiiilllleeee(((()))). ----1111 is returned on
failure; 0000 is returned on success.
ppppccccaaaapppp____lllloooooooopppp(((()))) is similar to ppppccccaaaapppp____ddddiiiissssppppaaaattttcccchhhh(((()))) except it keeps
reading packets until _c_n_t packets are processed or an error
occurs. It does nnnnooootttt return when live read timeouts occur.
Rather, specifying a non-zero read timeout to
ppppccccaaaapppp____ooooppppeeeennnn____lllliiiivvvveeee(((()))) and then calling ppppccccaaaapppp____ddddiiiissssppppaaaattttcccchhhh(((()))) allows the
reception and processing of any packets that arrive when the
timeout occurs. A negative _c_n_t causes ppppccccaaaapppp____lllloooooooopppp(((()))) to loop
forever (or at least until an error occurs).
ppppccccaaaapppp____nnnneeeexxxxtttt(((()))) returns a _u__c_h_a_r pointer to the next packet.
ppppccccaaaapppp____ddddaaaattttaaaalllliiiinnnnkkkk(((()))) returns the link layer type, e.g.
DDDDLLLLTTTT____EEEENNNN11110000MMMMBBBB.
ppppccccaaaapppp____ssssnnnnaaaappppsssshhhhooootttt(((()))) returns the snapshot length specified when
ppppccccaaaapppp____ooooppppeeeennnn____lllliiiivvvveeee was called.
ppppccccaaaapppp____iiiissss____sssswwwwaaaappppppppeeeedddd(((()))) returns true if the current ``savefile''
uses a different byte order than the current system.
ppppccccaaaapppp____mmmmaaaajjjjoooorrrr____vvvveeeerrrrssssiiiioooonnnn(((()))) returns the major number of the version
of the pcap used to write the savefile.
ppppccccaaaapppp____mmmmiiiinnnnoooorrrr____vvvveeeerrrrssssiiiioooonnnn(((()))) returns the minor number of the version
of the pcap used to write the savefile.
ppppccccaaaapppp____ffffiiiilllleeee(((()))) returns the name of the ``savefile.''
iiiinnnntttt ppppccccaaaapppp____ssssttttaaaattttssss(((()))) returns 0 and fills in a ppppccccaaaapppp____ssssttttaaaatttt struct.
The values represent packet statistics from the start of the
run to the time of the call. If there is an error or the
under lying packet capture doesn't support packet
statistics, -1 is returned and the error text can be
obtained with ppppccccaaaapppp____ppppeeeerrrrrrrroooorrrr(((()))) or ppppccccaaaapppp____ggggeeeetttteeeerrrrrrrr(((()))).
ppppccccaaaapppp____ffffiiiilllleeeennnnoooo(((()))) returns the file descriptor number of the
