WinPcap Data Structures

Here are the data structures with brief descriptions:
__CPU_Private_DataKernel buffer of each CPU
_DEVICE_EXTENSIONPort device extension
_INTERNAL_REQUESTStores an OID request
_OPEN_INSTANCEContains the state of a running instance of the NPF driver
_PACKET_OID_DATAStructure containing an OID request
_PACKET_RESERVEDContains a NDIS packet
active_pars
activehostsKeeps a list of all the opened connections in the active mode
binary_streamA stream of X86 binary code
daemon_slparsStructure that keeps the parameters needed by the daemon_serviceloop() function
JIT_BPF_FilterStructure describing a x86 filtering program created by the jitter
packet_file_headerHeader of a libpcap dump file
PacketHeaderStructure prepended to each packet in the kernel buffer pool
pcap_addrRepresentation of an interface address, used by pcap_findalldevs()
pcap_file_headerHeader of a libpcap dump file
pcap_ifItem in a list of interfaces, used by pcap_findalldevs()
pcap_pkthdrHeader of a packet in the dump file
pcap_rmtauthThis structure keeps the information needed to autheticate the user on a remote machine
pcap_sampThis structure defines the information related to sampling
pcap_send_queueA queue of raw packets that will be sent to the network with pcap_sendqueue_transmit()
pcap_statStructure that keeps statistical values on an interface
rpcap_authStructure that keeps the data required for the authentication on the remote host
rpcap_filterGeneral header used for the pcap_setfilter() command; keeps just the number of BPF instructions
rpcap_filterbpf_insnStructure that keeps a single BPF instuction; it is repeated 'ninsn' times according to the 'rpcap_filterbpf' header
rpcap_findalldevs_ifFormat of the message for the interface description (findalldevs command)
rpcap_findalldevs_ifaddrFormat of the message for the address listing (findalldevs command)
rpcap_headerCommon header for all the RPCAP messages
rpcap_openreplyFormat of the message of the connection opening reply (open command)
rpcap_pkthdrFormat of the header which encapsulates captured packets when transmitted on the network
rpcap_samplingStructure that is needed to set sampling parameters
rpcap_startcapreplyFormat of the reply message that devoted to start a remote capture (startcap reply command)
rpcap_startcapreqFormat of the message that starts a remote capture (startcap command)
rpcap_statsStructure that keeps the statistics about the number of packets captured, dropped, etc
sf_pkthdrHeader associated to a packet in the driver's buffer when the driver is in dump mode. Similar to the bpf_hdr structure, but simpler

documentation. Copyright (c) 2002-2005 Politecnico di Torino. Copyright (c) 2005-2008 CACE Technologies. All rights reserved.