 |
Now that you have opened the network adapter (3: Open network device), and created BPF filter (4: Create BPF filter), let's clarify how to capture and process the network traffic correctly. 5.1. HNAdapter component captures the network traffic with the help of HNAdapter.OnPacketReceive event handler, which is called each time when Packet Sniffer SDK captures the packet successfully and sends it to your application. [C++]
void __stdcall OnPacketReceive(DWORD_PTR Param, DWORD_PTR ThParam, HANDLE hPacket,
LPVOID pPacketData, DWORD IncPacketSize)
{
...
}[Delphi]
procedure OnPacketReceive(Param: Pointer; ThParam: Pointer; hPacket,
pPacketData: Pointer; IncPacketSize: Cardinal); stdcall;
begin
...
end;5.2. HNAdapter component will not send the traffic to your application until you define the MAC filter for the network adapter (please see HNMacFilter). Setting MAC filter is necessary to let Packet Sniffer SDK internal packet driver capture packets. Please use HNAdapter.MacFilter property for this purpose. [C++] // Set network adapter in the Promiscuous Mode AdpSetMacFilter(hAdp,mfAll); [Delphi] // Set network adapter in the Promiscuous Mode AdpSetMacFilter(hAdp,mfAll); 5.3. After steps 5.1 and 5.2 are completed, HNAdapter component can transfer to your application the packets passed by MAC and BPF filters to HNAdapter.OnPacketReceive event handler. Since the network traffic is very diverse, we face the problem of capturing the necessary traffic only. The problem can be solved very efficiently by using BPF filtering. So, if you provide HNAdapter component with the BPF filter created on the step 4 (4: Create BPF filter) your HNAdapter.OnPacketReceive event handler will receive only the packets containing IP header.
|
