Thread: Adventures with libpcap

  1. #1
    Registered User
    Join Date
    Jul 2012

    Adventures with libpcap

    Hey, I am trying to do some programming using the pcap library on my FreeBSD box. I am using the tutorial here ( Programming with pcap ) as a guiideline. I have hit a few snags along the way but was able to correct them. However there is one error that I seem unable to work out. I can compile the following code fine, but when I fun it I keep getting the error

    Couldn't install filter host any:BIOCSETF: Bad file descriptor
    pcap_setfilter: BIOCSETF: Bad file descriptor
    Here is my code:

    #include <stdio.h>
    #include <stdlib.h>
    #include <pcap.h>
    #include <pcap/pcap.h>
    #include <sys/types.h>
    #include <sys/time.h>
    #include <sys/ioctl.h>
    #include <net/bpf.h>
    int main(int argc, char *argv[])
        char errbuf[PCAP_ERRBUF_SIZE], *dev;
        char filter_exp[] = "host any";
        pcap_t *handle;
        int ret = 0;
        struct bpf_program *bpf_ptr;
        bpf_u_int32 mask;        /* The netmask of our sniffing device */
        bpf_u_int32 net;        /* The IP of our sniffing device */
        struct pcap_pkthdr header;    /* The header that pcap gives us */
        const u_char *packet;        /* The actual packet */
        dev = argv[1];
        if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
            fprintf(stderr, "Can't get netmask for device %s\n", dev);
            net = 0;
            mask = 0;
        handle = pcap_open_live(dev, BUFSIZ, 1, 0, errbuf);
        if(handle == NULL){
            fprintf(stderr, "pcap error %s", errbuf);
        ret = pcap_compile(handle, bpf_ptr, filter_exp, 1, (bpf_u_int32) 0);
        if(ret == -1){
            pcap_perror(handle, "pcap_compile");
        ret = pcap_setfilter(handle, bpf_ptr);
         if(ret == -1){
             fprintf(stderr, "Couldn't install filter %s:\n%s\n", filter_exp, pcap_geterr(handle));
             pcap_perror(handle, "pcap_setfilter");
         /* Grab a packet */
            packet = pcap_next(handle, &header);
            if(packet == NULL){
                pcap_perror(handle, "pcap_next");
            /* Print its length */
            printf("Jacked a packet with length of [%d]\n", header.len);
            /* And close the session */
    Obviously it is an error in which I have a bad file descriptor, but I don't know where to go from there. Thank you in advance.

  2. #2
    and the hat of int overfl Salem's Avatar
    Join Date
    Aug 2001
    The edge of the known universe
    > struct bpf_program *bpf_ptr;
    What is this pointing to?

    What would this do instead?
    struct bpf_program bpf;
    ret = pcap_compile(handle, &bpf, filter_exp, 1, (bpf_u_int32) 0);
    ret = pcap_setfilter(handle, &bpf);
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Adventures in labyrinth generation.
    By guesst in forum Game Programming
    Replies: 8
    Last Post: 10-12-2008, 01:30 PM
  2. libpcap: How to timeout pcap_loop() ?
    By B-Con in forum Networking/Device Communication
    Replies: 3
    Last Post: 01-17-2008, 11:57 PM
  3. Handling movement in text-adventures.
    By suzakugaiden in forum Game Programming
    Replies: 31
    Last Post: 02-13-2005, 02:18 AM
  4. Text Adventures
    By punkCow in forum C Programming
    Replies: 1
    Last Post: 02-21-2004, 05:16 PM
  5. Making text adventures (begginer)
    By funkydude9 in forum C++ Programming
    Replies: 6
    Last Post: 03-08-2002, 02:28 AM
Website Security Test