On Dec 12, 2003, at 6:25 AM, Biot Olivier wrote:
There is seemingly no simple way to know whether we're
using libpcap or winpcap.
Meaning "whether we're using *pcap or not", or meaning "whether we're
using libpcap or using WinPcap"?
For the former:
if UNIX, it's determined at compile time - is HAVE_LIBPCAP set or not?
if Windows (regardless of whether it's Cygwin or native), it's
#ifdef HAVE_LIBPCAP
we're using *pcap if "has_wpcap" is TRUE
#else
we're not using *pcap
#endif
For the latter, it's
if (it's Windows)
we're using WinPcap
else
we're using libpcap
I've been trying some stuff,
and eventually found an unexposed function in
Packet32.h called PacketGetVersion() returning a text
string.
If you're trying to get version information from *pcap, then note that
there's the version with which Ethereal is compiled and the version
with which it's linked, which can be different if Ethereal is
dynamically-linked with *pcap (as it is on most of the free UNIXes, and
possibly some commercial UNIXes that come with a *pcap shared library,
such as AIX 5.x) or if *pcap is loaded at run time (as it is on
Windows).
The 0.8 beta version of libpcap has an API, "pcap_lib_version()" I
added to return the version of the library; it returns a string (so
that the string can indicate whether it's libpcap version X.Y or
WinPcap A.B based on libpcap X.Y). Ethereal will use that if present.
You can't get it reliably on UNIX without that API - the
"pcap_version[]" string might not be present and, even if it is
present, it's likely to be bound in at build time rather than run time,
and thus would reflect the version with which it was compiled, not the
version installed on the system.
This only returns version information from
Packet.dll (libpacket.a) and is only available if you
declare it as external, and link with '-lpcap
-lpacket'. See for example attached code sample.
Linking at build time means that the resulting binary won't work if you
don't have WinPcap installed. We switched to loading WinPcap at run
time so that we could ship one binary that would work even if you
didn't have WinPcap installed, although it'd only let you read existing
captures. I presume there was some demand for that.
Is it a fair assumption that packet.dll and wpcap.dll
have the same version?
I think I discussed this once with the WinPcap developers. As I
remember, they should have the same version if you installed them both
as part of the same package, which is all they support. I guess
somebody *could* install different versions; the Win32
"pcap_lib_version()" will report both version strings if they differ,
to indicate that somebody's done something weird.
int
main(int argc, char **argv)
{
#ifdef PCAP_VERSION_MAJOR
#ifdef PCAP_VERSION_MINOR
printf("pcap %u.%u\n",
PCAP_VERSION_MAJOR, PCAP_VERSION_MINOR);
#else /* PCAP_VERSION_MINOR */
printf("pcap %u.%u\n",
PCAP_VERSION_MAJOR);
#endif /* PCAP_VERSION_MINOR */
#else /* PCAP_VERSION_MAJOR */
printf("pcap (unknown version)\n");
#endif
PCAP_VERSION_MAJOR and PCAP_VERSION_MINOR are the version numbers of
the libpcap file format written by libpcap; they're not the library
version.
