Introduction
In the previous chapter, we discussed libnet, which is a library for constructing and injecting individual network packets. Being able to create and inject packets into the network is a very powerful feature, but to really make it useful, we need to be able to read the packets that come back. This is where libpcap comes in.
Note
While it is possible to compile libpcap for iOS and jailbreak the phone to run the application as root, Apple would almost certainly reject your application. The code in this chapter is written and tested for OS X. It may or may not work for iOS.
The libpcap library is a packet-capturing library that is used by many popular network packet analyzers, including tcpdump (which maintains the libpcap library) and Wireshark (used in Chapter 3, Using Libnet). It can also be used for network monitors, intrusion detection systems, and network testers.
This library provides a cross-platform API to capture, filter, and save packets. It was originally developed as part...