search

LibtraceTeam / libprotoident

Network traffic classification library that requires minimal application payload
GNU Lesser General Public License v3.0
208 stars 60 forks source link

Save output of libprotoident in pcap format #35

Open robtub14 opened 4 years ago

robtub14 commented 4 years ago

In file lpi_protoident.cc under tools/protoident

Trying to access packet information that is saved in result.

Need to use the information to save result to a pcap file for further processing.

How can you get the output of libprotoident to be saved in a pcap format? Ideally I want to add the packet information output by libprotoident to the actual packet in the form of a flag.

This is the relevant function:

static void per_result(libtrace_t trace, libtrace_thread_t sender, void global, void tls, libtrace_result_t *result) {

    char *resultstr;

    if (result->type != RESULT_USER)
            return;

    resultstr = (char *)result->value.ptr;
    printf(resultstr);
    free(resultstr);

}

Thank you for your help.