Encapsulate the libpcap library using Rust.
- python-libpcap: https://github.com/caizhengxin/python-libpcap
- Read pcap file
- Write pcap file
- Merge pcap file
- Get first iface (active)
- Get iface list (active)
- Send raw packet
- Capture packet
Install
$ sudo apt install libpcap-dev -yq
Command
$ cargo build --release
# Combine multiple files into one file
$ ./target/release/libpcap-merge -i ~/pcap/ -o new.pcap port 80
# Writes to the pcap file
$ ./target/release/libpcap-write -o test.pcap -p d4ad200073c5a8a1596edbd10800450000341b01400080065e5fc0a8000cc0a80007c4aa001a5c5c8864000000008002faf049360000020405b40103030801010402
Cargo.toml
[dependencies]
libpcap-rs = "0.2.1"
use libpcap_rs::LibPcap;
fn main() {
match LibPcap::open("~/tests/pcap/http_1.pcap", "r") {
Ok(f) => {
for pkt in f.read() {
println!("{:?}", pkt);
}
}
Err(e) => {
println!("[ERROR]: {e:?}");
}
}
}
use libpcap_rs::LibPcap;
fn main() {
let input = b"\x00\x0c\x29\xaf\x7f\xfe\x10\x9a\xdd\x4e\x06\x0d\x08\x00\x45\x00\
\x00\x40\xb5\xf2\x00\x00\x40\x06\xa9\x7c\x0a\x01\x01\xea\x0a\x0a\
\x05\x55\xc8\xd3\x01\xf6\xe0\x76\x90\x16\xc4\x44\x9b\x5a\x80\x18\
\xff\xff\x6c\x1c\x00\x00\x01\x01\x08\x0a\x37\xc4\x50\xe2\x00\xba\
\x7c\x1c\x4d\x6e\x00\x00\x00\x06\xff\x03\x01\xf4\x00\x64";
let libpcap = LibPcap::open("test.pcap", "w");
match libpcap {
Ok(f) => f.write(input),
Err(e) => println!("[ERROR]: {e:?}"),
}
}
use libpcap_rs::{Sniff, PResult};
fn main() -> PResult<()> {
let sniff = Sniff::open("lo")?;
for pkt in sniff.capture(-1) {
println!("{pkt:?}");
}
Ok(())
}
use libpcap_rs::{Sniff, PResult};
fn main() -> PResult<()> {
let sniff = Sniff::open("lo")?
.with_filter("port 80")?
.with_snaplen(65535)
.with_immediate_mode(1)
.with_timeout(0);
for pkt in sniff.capture(-1) {
println!("{pkt:?}");
}
Ok(())
}
use libpcap_rs::get_first_iface;
fn main() {
println!("{:?}", get_first_iface);
}
use libpcap_rs::get_iface_list;
fn main() {
println!("{:?}", get_iface_list());
}
use libpcap_rs::send_packet;
fn main() {
let input = b"\x00\x0c\x29\xaf\x7f\xfe\x10\x9a\xdd\x4e\x06\x0d\x08\x00\x45\x00\
\x00\x40\xb5\xf2\x00\x00\x40\x06\xa9\x7c\x0a\x01\x01\xea\x0a\x0a\
\x05\x55\xc8\xd3\x01\xf6\xe0\x76\x90\x16\xc4\x44\x9b\x5a\x80\x18\
\xff\xff\x6c\x1c\x00\x00\x01\x01\x08\x0a\x37\xc4\x50\xe2\x00\xba\
\x7c\x1c\x4d\x6e\x00\x00\x00\x06\xff\x03\x01\xf4\x00\x64";
send_packet("lo", input);
}