I would like to be able to see and monitor my internet data (http/emule/email) on my own PC using Windows XP. I am thinking of something like WireShark but I would like to control it programmatically.
I would be using C or C++.
How can I do this?
-
WireShark uses winpcap to do it's thing.
Winpcap comes with a C interface.
: is it the only method ? -
winpcap is probably the most well known choice, but you could also write a Layered Service Provider. There's not a whole lot of documentation, but a good place to start is the article on msdn: http://www.microsoft.com/msj/0599/LayeredService/LayeredService.aspx
This has some advantages vs layer 2 packet parsing, but also some disadvantages. You'll need to evaluate where in the stack you want to live.
edit: Obviously, when I say pcap -- I really mean any similar approach. Obviously, winpcap was not the first driver/library combo to provide this sort of information.
-
Have a look at the code of the tool trafficWatcher. It uses WinPCap to distinguish between LAN and internet traffic.
The sourcecode is available here.
0 comments:
Post a Comment