PCAP_CREATE(3PCAP)														PCAP_CREATE(3PCAP)

NAME

       pcap_create - create a live capture handle

SYNOPSIS

       #include <pcap/pcap.h>

       char errbuf[PCAP_ERRBUF_SIZE];

       pcap_t *pcap_create(const char *source, char *errbuf);

DESCRIPTION

       pcap_create()  is  used to create a packet capture handle to look at packets on the network.  source is a string that specifies the network
       device to open; on Linux systems with 2.2 or later kernels, a source argument of "any" or NULL can be used  to  capture	packets  from  all
       interfaces.

       On  Darwin  systems  version 13 or later, a source argument of "all" or "any" can be used to capture packets from all interfaces.  A source
       argument of NULL can be used to capture packets from all physical interfaces, i.e. excluding loopback, virtual and tunnel interfaces.

       The returned handle must be activated with pcap_activate() before packets can be captured with it; options for the capture, such as promis-
       cuous mode, can be set on the handle before activating it.

RETURN VALUE

       pcap_create()  returns  a pcap_t * on success and NULL on failure.  If NULL is returned, errbuf is filled in with an appropriate error mes-
       sage.  errbuf is assumed to be able to hold at least PCAP_ERRBUF_SIZE chars.

SEE ALSO

       pcap(3PCAP), pcap_activate(3PCAP)

								  3 January 2014						PCAP_CREATE(3PCAP)