At first this paper has introduced the data capture model of network sniffing technology and the Berkeley Packet Filter based on OS, analyses the architecture of Libpcap and Winpcap, which is the function library irrelevant with OS.
英
美
- 本文首先讨论了网络监听技术中采用的数据包捕获过滤模型,介绍了操作系统提供的捕获机制BPF(Berkeley Packet Filter),并深入分析了系统无关捕获函数库Libpcap和Winpcap的体系结构。