I have managed to get the zniffer wrapper to compile, but I am worried that using {$MODE delphi} may not be the best way to produce optimized code.<br>Also I have seen other libpcap where they use ansichar instead of char. Is there a reason for this?<br>
<br>function Pcap_getAdapternames(Delimiter:char;var ErrStr:string):string;<br>function Pcap_getAdapternames(Delimiter:AnsiChar;var ErrStr:string):string;<br><br><br><div class="gmail_quote">2010/1/6 lloyd thomas <span dir="ltr"><<a href="mailto:lloydie.t@googlemail.com">lloydie.t@googlemail.com</a>></span><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">No Joy, I get exactly the same error. But putting the following at the start of the unit got me to the next error (which I managed to fix ptr = pointer)<br>
{$ifdef FPC}<br>{$MODE delphi}<br>{$endif}<br><br><br><div class="gmail_quote">
2010/1/6 ik <span dir="ltr"><<a href="mailto:idokan@gmail.com" target="_blank">idokan@gmail.com</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div dir="ltr"><div class="im">Try the following (see inline for the answer):<br clear="all">
<br><br></div><div class="gmail_quote"><div><div class="im">On Wed, Jan 6, 2010 at 13:30, lloyd thomas <span dir="ltr"><<a href="mailto:lloydie.t@googlemail.com" target="_blank">lloydie.t@googlemail.com</a>></span> wrote:<br>
</div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Well I have made a start using smeone elese libpcap inplementation, but have bump into my first issue and because of my lack of skill I am not sure how to code round it. Any Ideas?<div><div></div><div class="h5"><br>I get the following errors<br>
<br>PlibCap\Pcap.pas(207,13) Error: Illegal qualifier<br>
PlibCap\Pcap.pas(207,13) Hint: may be pointer dereference is missing<br>PlibCap\Pcap.pas(207,13) Fatal: Syntax error, "THEN" expected but "identifier ADAPTER" found<br><br>In this section (so far)<br>
procedure CleanUp;<br>
begin<br> if P.Adapter <> nil then PacketCloseAdapter(P.adapter); //error here<br></div></div></blockquote></div><div><div></div><div class="h5"><div><br>if Assigned(P.Adapter) then PacketCloseAdapter(P.adapter);<br>
<br> </div><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
if P.buffer<>nil then FreeMem(P.buffer,PcapBufSize); //but suspect I would get one here as well<br></blockquote></div><div>if Assigned(P.buffer) then FreeMem(P.buffer,PcapBufSize); <br><br><br>The reason is that afaik assigned checks if the field is both nil and allocated, and if it's not nil but not allocated i will return false as well.<br>
Another thing is that I think you needed () around the comparing code.<br><br><br> </div><div><div></div><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Freemem(P,SizeOf(Tpcap));<br>
end,<br><br>(which I think has something to do with this)<br>type<br> TWinVersion = (wv_WinS,<br> wv_Win9x, //Added by Lars Peter Christiansen.<br> wv_WinNT, //Eases the process of determing the<br>
wv_Win2000, //platform and do proper instructions<br> wv_WinXP, //I.e : Char vs. WideChar issue<br> wv_Unknown );<br><br><br><br> PPcap_Stat = ^TPcap_stat;<br>
Tpcap_stat = record<br> ps_recv, //* number of packets received */<br> ps_drop, //* number of packets dropped */<br> ps_ifdrop : LongWord; //* drops by interface not supported */<br>
end;<br><br> TPcap_sf = record // Save file for offline reading.<br> rfile : HFILE;<br> swapped:integer;<br> version_major : integer;<br> Version_Minor : integer;<br> base : Pointer;<br>
end;<br><br> TPcap_md = record<br> Stat : TPcap_stat;<br> use_bpf : integer;<br> TotPkts : LongWord; // Can owerflow after 79hours on ethernet<br> TotAccepted:LongWord; // accepted by filter/sniffer<br>
TotDrops : LongWord; // dropped packets<br> TotMissed: Longword; // missed by i/f during this run<br> OrigMissed:LongWord; // missed by i/f before this run<br> end;<br>
<br> PPcap_PktHdr = ^Tpcap_pkthdr; // Wrapped Drivers packetHeader<br> TPcap_pkthdr = record<br> ts : TUnixTimeVal; // Time of capture<br> CapLen, // captured length<br>
Len : Integer; // actual length of packet<br> end;<br><br> PPcap = ^TPcap; // THE MAIN INTERFACE HANDLE<br> TPcap = record // used with allmost all Pcap calls.<br>
Adapter:Padapter;<br> Packet :PPacket; // Global Driver packet. kind of a buffer<br> snapshot:integer;<br> linktype:integer; // Type and speed of net<br> tzoff :integer; // timezone offset<br>
offset :integer;<br> sf :Tpcap_sf; // Save file<br> md :Tpcap_md; // Diagnostics<br> //READ BUFFER<br> bufsize :integer;<br> buffer :Pointer; //*u_char<br> bp :Pointer; //*u_char<br>
cc :integer;<br> //Place holder for pcap_next().<br> pkt :Pointer; //*U_char<br> //Placeholder for filter code if bpf not in kernel.<br> fcode :Tbpf_program;<br> errbuf : array [0..PCAP_ERRBUF_SIZE-1] of char; //Last error message<br>
end; <br><div><div></div><div><br><br><div class="gmail_quote">2010/1/5 ik <span dir="ltr"><<a href="mailto:idokan@gmail.com" target="_blank">idokan@gmail.com</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div dir="ltr">use libpcap (and bind it to FPC and share with us all :)) and then you can sniff packets (that's the easiest way I know).<div><br><br>Ido<br clear="all"><a href="http://ik.homelinux.org/" target="_blank">http://ik.homelinux.org/</a><br>
<br><br></div><div><div></div><div><div class="gmail_quote">On Tue, Jan 5, 2010 at 16:48, lloyd thomas <span dir="ltr"><<a href="mailto:lloydie.t@googlemail.com" target="_blank">lloydie.t@googlemail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Also came across this which uses pcap, but seems to be delphi only<br><a href="http://www.magsys.co.uk/delphi/magmonsock.asp" target="_blank">http://www.magsys.co.uk/delphi/magmonsock.asp</a><br><br>is there something similar for fpc?<br>
<br><div class="gmail_quote">2010/1/5 lloyd thomas <span dir="ltr"><<a href="mailto:lloydie.t@googlemail.com" target="_blank">lloydie.t@googlemail.com</a>></span><div><div></div><div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
OK. I wish to monitor and record calls between a SIP endpoint and SIP Gateway. At the moment I am doing that by connecting the SIP endpoint and my machine to an ethernet hub so that I can see all the traffic.<br>In the first instance I just need to correctly capture, read and interprete the SIP messages so that I can make an informed decision which RDP packets to capture.<br>
<br>Then I suppose I will have an even harder task capturing the RDP packets and joining both legs together (my coding skills is not great)!<br><br>Lloydie T<br><br><div class="gmail_quote">2010/1/5 ik <span dir="ltr"><<a href="mailto:idokan@gmail.com" target="_blank">idokan@gmail.com</a>></span><div>
<div></div><div><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div dir="ltr">Hello,<br><br>SIP first of all uses UDP most of the times (and rarely TCP) .<br>
It only create a tunnel that other protocols such as RDP and SDP are going inside.<br><br>Can you explain a bit more what exactly do you wish to implement (i'm not sure that I understand) ?<br>
<br>Ido<br><br clear="all"><a href="http://ik.homelinux.org/" target="_blank">http://ik.homelinux.org/</a><br>
<br><br><div class="gmail_quote"><div><div></div><div>On Tue, Jan 5, 2010 at 15:08, lloyd thomas <span dir="ltr"><<a href="mailto:lloydie.t@googlemail.com" target="_blank">lloydie.t@googlemail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div><div></div><div>
Please forgive my ignorance regarding the project I am about to embark on.<br>Need some advice on Lnet and capturing SIP RTP data to file. In the first instance I just need to work with the sip messages. I believe the SIP messages are similar to HTTP. I am using wireshark to understand how the SIP messages are processed, but I am not sure how to capture and read each frame (wireshark speak) using Lnet.<br>
<br>(FYI: <a href="http://en.wikipedia.org/wiki/Session_Initiation_Protocol#SIP_network_elements" target="_blank">http://en.wikipedia.org/wiki/Session_Initiation_Protocol#SIP_network_elements</a>)<br><br>For instance the following is from frame 12 (935 bytes)<br>
----------------------------------------------------------------------------------------------<br>INVITE <a href="mailto:sip%3A1002@192.168.91.200" target="_blank">sip:1002@192.168.91.200</a> SIP/2.0<br>Via:SIP/2.0/UDP 192.168.91.190:5060;rport;branch=z9hG4bK83570061<br>
From:"Lloyd" <<a href="mailto:sip%3A1000@192.168.91.200" target="_blank">sip:1000@192.168.91.200</a>>;tag=4b428357-2fa-1ec5d4e<br>To:<<a href="mailto:sip%3A1002@192.168.91.200" target="_blank">sip:1002@192.168.91.200</a>><br>
Contact:"Lloyd" <sip:1000@192.168.91.190:5060;transport=UDP><br>
<a href="mailto:Call-ID%3A83570000-4ce59f27@192.168.91.200" target="_blank">Call-ID:83570000-4ce59f27@192.168.91.200</a><br>Subject:sip phone call<br>CSeq:2112045024 INVITE<br>User-Agent:Mitel-5212-SIP-Phone 07.02.00.04 08000F24BEE5<br>
Allow:INVITE,ACK,CANCEL,BYE,OPTIONS,REFER,NOTIFY,PRACK,UPDATE<br>
Allow-Events:talk,hold,conference<br>Supported:timer,100rel,replaces<br>Session-Expires: 1800<br>Min-SE: 90<br>Max-Forwards:70<br>Content-Type:application/sdp<br>Content-Length:247<br><br>v=0<br>o=1000 1262650963 1262650962 IN IP4 192.168.91.190<br>
s=SIP Call<br>c=IN IP4 192.168.91.190<br>t=0 0<br>a=sendrecv<br>m=audio 20036 RTP/AVP 0 8 18 96<br>a=rtpmap:0 PCMU/8000<br>a=rtpmap:8 PCMA/8000<br>a=rtpmap:18 G729/8000<br>a=rtpmap:96 telephone-event/8000<br>-----------------------------------------------------------------------------------------------<br>
<br>I get a response from the sip server on frame 13 (371 bytes)<br>----------------------------------------------------------------------------------------------<br>SIP/2.0 100 Trying<br>Via: SIP/2.0/UDP 192.168.91.190:5060;rport=5060;branch=z9hG4bK83570061<br>
From: "Lloyd" <<a href="mailto:sip%3A1000@192.168.91.200" target="_blank">sip:1000@192.168.91.200</a>>;tag=4b428357-2fa-1ec5d4e<br>To: <<a href="mailto:sip%3A1002@192.168.91.200" target="_blank">sip:1002@192.168.91.200</a>><br>
Call-ID: <a href="mailto:83570000-4ce59f27@192.168.91.200" target="_blank">83570000-4ce59f27@192.168.91.200</a><br>
CSeq: 2112045024 INVITE<br>User-Agent: FreeSWITCH-mod_sofia/1.0.trunk-15355M<br>Content-Length: 0<br>-----------------------------------------------------------------------------------------------<br><br><br><br>
<br></div></div>_______________________________________________<br>
fpc-pascal maillist - <a href="mailto:fpc-pascal@lists.freepascal.org" target="_blank">fpc-pascal@lists.freepascal.org</a><br>
<a href="http://lists.freepascal.org/mailman/listinfo/fpc-pascal" target="_blank">http://lists.freepascal.org/mailman/listinfo/fpc-pascal</a><br></blockquote></div><br></div>
<br>_______________________________________________<br>
fpc-pascal maillist - <a href="mailto:fpc-pascal@lists.freepascal.org" target="_blank">fpc-pascal@lists.freepascal.org</a><br>
<a href="http://lists.freepascal.org/mailman/listinfo/fpc-pascal" target="_blank">http://lists.freepascal.org/mailman/listinfo/fpc-pascal</a><br></blockquote></div></div></div><br>
</blockquote></div></div></div><br>
<br>_______________________________________________<br>
fpc-pascal maillist - <a href="mailto:fpc-pascal@lists.freepascal.org" target="_blank">fpc-pascal@lists.freepascal.org</a><br>
<a href="http://lists.freepascal.org/mailman/listinfo/fpc-pascal" target="_blank">http://lists.freepascal.org/mailman/listinfo/fpc-pascal</a><br></blockquote></div><br></div></div></div>
<br>_______________________________________________<br>
fpc-pascal maillist - <a href="mailto:fpc-pascal@lists.freepascal.org" target="_blank">fpc-pascal@lists.freepascal.org</a><br>
<a href="http://lists.freepascal.org/mailman/listinfo/fpc-pascal" target="_blank">http://lists.freepascal.org/mailman/listinfo/fpc-pascal</a><br></blockquote></div><br>
</div></div><br>_______________________________________________<br>
fpc-pascal maillist - <a href="mailto:fpc-pascal@lists.freepascal.org" target="_blank">fpc-pascal@lists.freepascal.org</a><br>
<a href="http://lists.freepascal.org/mailman/listinfo/fpc-pascal" target="_blank">http://lists.freepascal.org/mailman/listinfo/fpc-pascal</a><br></blockquote></div></div></div></div></div><br></div><div><div></div><div class="h5">
<br>_______________________________________________<br>
fpc-pascal maillist - <a href="mailto:fpc-pascal@lists.freepascal.org" target="_blank">fpc-pascal@lists.freepascal.org</a><br>
<a href="http://lists.freepascal.org/mailman/listinfo/fpc-pascal" target="_blank">http://lists.freepascal.org/mailman/listinfo/fpc-pascal</a><br></div></div></blockquote></div><br>
</blockquote></div><br>