如果有人知道Npcap與libpcap對應的頭文件列表,請告訴我,非常感謝
Introduction介紹
This Manual describes the programming interface and the source code of Npcap. It provides detailed descriptions of the functions and structures exported to programmers, along with complete documentation of the Npcap internals. Several tutorials and examples are provided as well. 本手冊描述了Npcap的程序接口和源碼。本手冊詳細說明了 “Npcap提供給程序員的功能和結構”,隨着內部文檔的完成,指導和例子也日漸完善。
What is Npcap? 了解Npcap
Npcap is an architecture for packet capture and network analysis for Windows operating systems, consisting of a software library and a network driver.
Npcap是一個包捕獲(抓包)和網絡分析的架構,由軟件LIB庫和網絡驅動組成。
Most networking applications access the network through widely-used operating system primitives such as sockets. It is easy to access data on the network with this approach since the operating system copes with the low level details (protocol handling, packet reassembly, etc.) and provides a familiar interface that is similar to the one used to read and write files.
雖然很多網絡應用程序可以通過廣泛使用的API或操作系統原生接口如sockets 來完成網絡通訊。讓操作系統去處理低級協議(協議頭、包重組 等等)並提供一個與讀寫文件相似的接口(譯注 IO流封裝),然后通過這種途徑來獲取網絡數據,非常方便,
Sometimes, however, the “easy way” is not up to the task, since some applications require direct access to packets on the network. That is, they need access to the “raw” data on the network without the interposition of protocol processing by the operating system.
但有時候,這種方便卻不能令人滿意,例如你的程序要求直接操作網絡包時,而操作系統提供的接口卻不能滿足需求。因此,我們需要一種方法,一種不經操作系統加入處理而直接獲得“原始”網絡數據的方法。
The purpose of Npcap is to give this kind of access to Windows applications. It provides facilities to:
在Windows平台上,Npcap提供了這些能力:
原文
- capture raw packets, both the ones destined to the machine where it's running and the ones exchanged by other hosts (on shared media)
- filter the packets according to user-specified rules before dispatching them to the application
- transmit raw packets to the network
- gather statistical information on the network traffic
譯文
- 捕獲原始數據包,包括發往其運行的計算機的數據包和由其他主機交換的數據包(在共享媒體上)
- 在將數據包分派給應用程序之前,根據用戶指定的規則過濾數據包
- 將原始數據包傳輸到網絡
- 收集有關網絡流量的統計信息
This set of capabilities is obtained by means of a device driver, which is installed inside the networking portion of the Windows kernel, plus a couple of DLLs.
這組功能是通過設備驅動程序獲得的,該驅動程序安裝在Windows內核的網絡部分內,並幾個DLL。
All of these features are exported through a powerful programming interface, easily usable by applications. The main goal of this manual is to document this interface, with the help of several examples.
所有這些功能都通過功能強大的編程接口導出,可供應用程序輕松使用。本手冊的主要目標是在幾個示例的幫助下記錄此界面。