pcap模拟Wireshark原理

1、time shift for this packet实现

2、要使用获取当前时间戳的语句

3、 static __suseconds_t time1=0;

    static __suseconds_t time2=0;

    if(packet_number==1){

        time1=packet_header->ts.tv_sec*1000000+packet_header->ts.tv_usec;

        printf("This time is:%lds\n",time1);

}

4、 time2=packet_header->ts.tv_sec*1000000+packet_header->ts.tv_usec-time1-time2;

    printf("[Time dalta from previous captured frame:%.6lf seconds]\n",(time2/1000000.0));

    printf("This time is:%lfs\n",(packet_header->ts.tv_sec*1000000+packet_header->ts.tv_usec-time1)/1000000.0);

1、捕获数据包

2、连续捕获数据包

1、这里是源代码部分