diff --git a/include/sniffer.h b/include/sniffer.h index 8782d8f..7e1ebbe 100644 --- a/include/sniffer.h +++ b/include/sniffer.h @@ -26,6 +26,7 @@ #include #include +#include #include "pdu.h" namespace Tins { @@ -65,8 +66,9 @@ namespace Tins { * \brief Creates an instance of sniffer. * \param device The device which will be sniffed. * \param max_packet_size The maximum packet size to be read. + * \param filter A capture filter to compile and use for sniffing sessions.(optional); */ - Sniffer(const std::string &device, unsigned max_packet_size); + Sniffer(const std::string &device, unsigned max_packet_size, const std::string &filter = "") throw(std::runtime_error); /** * \brief Sniffer destructor. @@ -77,15 +79,13 @@ namespace Tins { /** * \brief Compiles a filter and uses it to capture one packet. * - * This method returns the first sniffed PDU that matches the given - * filter. If no filter is given, the previously set filter will be used. - * If no filter has been set, then no filtering is applied to sniffed - * packets. - * \param filter The filter which will be used while sniffing. + * This method returns the first sniffed packet that matches the + * sniffer's filter, or the first sniffed packet if no filter has + * been set. * \return The captured packet, matching the given filter, 0 if an * error occured(probably compiling the filter). */ - PDU *next_packet(const std::string &filter = ""); + PDU *next_packet(); /** * \brief Starts a sniffing loop, using a callback object for every @@ -95,10 +95,9 @@ namespace Tins { * or it could be a specific SnifferHandler specialization. This method deletes * packets after they are handled, therefore the handlers MUST NOT delete them. * \param cback_handler The callback handler object which should process packets. - * \param filter The filter to use when sniffing(optional). * \param max_packets The maximum amount of packets to sniff. 0 == infinite. */ - void sniff_loop(AbstractSnifferHandler *cback_handler, const std::string &filter = "", uint32_t max_packets = 0); + void sniff_loop(AbstractSnifferHandler *cback_handler, uint32_t max_packets = 0); /** * \brief Sets a filter on this sniffer. diff --git a/src/sniffer.cpp b/src/sniffer.cpp index 0ca64c0..b494f35 100644 --- a/src/sniffer.cpp +++ b/src/sniffer.cpp @@ -20,7 +20,6 @@ */ -#include #include "sniffer.h" #include "ethernetII.h" #include "radiotap.h" @@ -41,7 +40,7 @@ struct LoopData { /** \endcond */ -Tins::Sniffer::Sniffer(const string &device, unsigned max_packet_size) { +Tins::Sniffer::Sniffer(const string &device, unsigned max_packet_size, const string &filter) throw(std::runtime_error) { char error[PCAP_ERRBUF_SIZE]; if (pcap_lookupnet(device.c_str(), &ip, &mask, error) == -1) { ip = 0; @@ -52,6 +51,8 @@ Tins::Sniffer::Sniffer(const string &device, unsigned max_packet_size) { throw runtime_error(error); wired = (pcap_datalink (handle) != DLT_IEEE802_11_RADIO); //better plx actual_filter.bf_insns = 0; + if(filter.size() && !set_filter(filter)) + throw runtime_error("Invalid filter"); } Tins::Sniffer::~Sniffer() { @@ -65,9 +66,7 @@ bool Tins::Sniffer::compile_set_filter(const string &filter, bpf_program &prog) return (pcap_compile(handle, &prog, filter.c_str(), 0, ip) != -1 && pcap_setfilter(handle, &prog) != -1); } -Tins::PDU *Tins::Sniffer::next_packet(const string &filter) { - if(filter.size()) - set_filter(filter); +Tins::PDU *Tins::Sniffer::next_packet() { pcap_pkthdr header; PDU *ret = 0; while(!ret) { @@ -91,9 +90,7 @@ void Tins::Sniffer::stop_sniff() { pcap_breakloop(handle); } -void Tins::Sniffer::sniff_loop(AbstractSnifferHandler *cback_handler, const string &filter, uint32_t max_packets) { - if(filter.size()) - set_filter(filter); +void Tins::Sniffer::sniff_loop(AbstractSnifferHandler *cback_handler, uint32_t max_packets) { LoopData data(handle, cback_handler, wired); pcap_loop(handle, max_packets, Sniffer::callback_handler, (u_char*)&data); }