I am studying the code of a packet sniffer which is using pcap_loop to receive the packet bytes.
The packet handler is pcap_cb.
The problem is,
It returns different value of pkthdr->len and pkthdr->caplen.
pkthdr->caplen = 68, pkthdr->len = 161
This results in capturing only 68 bytes in buf. However I have to receive the full 161 bytes of data.
Can anyone please suggest me what should I change in order to get all 161 bytes in buf.
Thanks & Regards,
pcap_loop(device.dev_desc, -1, pcap_cb, (u_char *) &cb_data);
void pcap_cb(u_char *user, const struct pcap_pkthdr *pkthdr, const u_char *buf)
struct packet_ptrs pptrs;
struct pcap_callback_data *cb_data = (struct pcap_callback_data *) user;
struct pcap_device *device = cb_data->device;
struct plugin_requests req;
fp = fopen("/var/log/pmacct_logs.txt", "a+");
fprintf(fp, "pkthdr->caplen = %d, pkthdr->len = %d\n",pkthdr->caplen,pkthdr->len);