SDK applications can capture network traffic using the UNIX libpcap packet capture library.
Libpcap uses the Berkeley Packet Filter (BPF) kernel module. For details about this library see the FreeBSD libpcap documentation.
The libpcap functions are declared in the bsd/contrib/libpcap/pcap.h file in your backing sandbox.
Applications call pcap_open_live() to get a packet capture descriptor that allows them to see packets on the network device driver. For this purpose, pcap_open_live() needs to open a file known as the pcap device, /dev/bpfN (where N is an integer). In the Junos system, only the superuser can read or write to the pcap device.
Accordingly, before you can use libpcap on the Routing Engine, you must have defined the special roles Provider_BPF_Capture_Daemon or Provider_BPF_Capture_Application in your application manifest (for details about defining roles and writing the manifest, see Writing the Manifest and Specifying Roles). These roles allow nonroot-owned RE SDK applications to open the pcap device.
The following limitations apply for SDK support of libpcap:
- Juniper Networks does not provide support for packet capture of packets flowing between the Routing Engine and the Packet Forwarding Engine, although it is possible for Services SDK applications to capture these packets.
- libpcap provides a mechanism for SDK applications to capture packets, but not to print them. To print packets, use the Open Source tcpdump facility, documented here. Alternatively, you can use the tcpdump facility provided by Junos.
- The new roles do not allow the pcap device to be opened in write mode. Thus, libpcap functions that require writing on
/dev/bpfN are not supported for SDK applications. Your code will get the error "Send: Bad file descriptor" if it attempts to send a packet using pcap_sendpacket() or pcap_inject().
- The libpcap function
pcap_findalldevs() returns only some interfaces for SDK applications; instead, use the libjunos-sdk functions junos_kcom_ifl_get_all(), junos_kcom_ifd_get_all(), junos_kcom_iff_get_all(), and junos_kcom_ifa_get_all().
© 2007-2009 Juniper Networks, Inc. All rights reserved. The information contained herein is confidential information of Juniper Networks, Inc., and may not be used, disclosed, distributed, modified, or copied without the prior written consent of Juniper Networks, Inc. in an express license. This information is subject to change by Juniper Networks, Inc. Juniper Networks, the Juniper Networks logo, and JUNOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Generated on Sun May 30 20:26:47 2010 for Juniper Networks Partner Solution Development Platform JUNOS SDK 10.2R1 by Doxygen 1.4.5
