windows 下使用`gopacket`抓包

韦轩 · · 3009 次点击 · · 开始浏览    
这是一个创建于 的文章,其中的信息可能已经有所发展或是发生改变。


go get



安装winpcapwinpcap develop package



package main

import (

func main() {
    // Find all devices
    devices, err := pcap.FindAllDevs()
    if err != nil {

    // Print device information
    fmt.Println("Devices found:")
    for _, d := range devices {
        fmt.Println("\nName: ", d.Name)
        fmt.Println("Description: ", d.Description)
        fmt.Println("Devices addresses: ", d.Description)

        for _, address := range d.Addresses {
            fmt.Println("- IP address: ", address.IP)
            fmt.Println("- Subnet mask: ", address.Netmask)


fatal error: pcap.h: No such file or directory



#cgo solaris LDFLAGS: -L /opt/local/lib -lpcap
#cgo linux LDFLAGS: -lpcap
#cgo dragonfly LDFLAGS: -lpcap
#cgo freebsd LDFLAGS: -lpcap
#cgo openbsd LDFLAGS: -lpcap
#cgo darwin LDFLAGS: -lpcap
#cgo windows CFLAGS: -I D:/WpdPack/Include        //修改为 上一步安装的dev 包的位置 安装在`D 盘`
#cgo windows,386 LDFLAGS: -L D:/WpdPack/Lib -lwpcap
#cgo windows,amd64 LDFLAGS: -L D:/WpdPack/Lib/x64 -lwpcap
#include <stdlib.h>
#include <pcap.h>

collect2.exe: error ld returned 1 exit status


OK so I have figured it out.
In order to compile gopacket 64bit on windows you need to do the following:

1. Install go_amd64 (add go binaries to your PATH)
2. Install TDM GCC x64 (add TDM-GCC binaries to your PATH)
3. Also add TDM-GCC\x86_64-w64-mingw32\bin to your PATH
4. Install Winpcap Download Winpcap developer's pack and extract it to C:\

Now the point is that there are missing linux static libraries files
(libwpcap.a and libpacket.a) from lib/x64 folder. I don't know why they weren't
included in the developers pack but anyway that's how we can generate them:
5. find wpcap.dll and packet.dll in your PC (typically in c:\windows\system32
6. copy them to some other temp folder or else you'll have to supply Admin privs to the following commands
7. run gendef on those files gendef wpcap.dll and gendef packet.dll (obtainable with MinGW Installation Manager, package mingw32-gendef)
8. this will generate .def files
9. Now we'll generate the static libraries files:
    run dlltool --as-flags=--64 -m i386:x86-64 -k --output-lib libwpcap.a --input-def wpcap.def
    and dlltool --as-flags=--64 -m i386:x86-64 -k --output-lib libpacket.a --input-def packet.def
    Now just copy both libwpcap.a and libpacket.a to c:\WpdPack\Lib\x64



package main

import (

func main() {
    handle, err := pcap.OpenLive("\\Device\\NPF_{713C668E-58F6-4831-90A5-73FEEC913A39}", 1024, false, 30*time.Second)
    if err != nil {
    defer handle.Close()

    packetSource := gopacket.NewPacketSource(handle, handle.LinkType())
    for packet := range packetSource.Packets() {
        // Process packet here


2018/01/06 23:09:47 PACKET: 121 bytes, wire length 121 cap length 121 @ 2018-01-06 23:09:30.312665 +0800 CST
- Layer 1 (14 bytes) = Ethernet    {Contents=[..14..] Payload=[..107..] SrcMAC=00:6b:8e:4e:ba:2d DstMAC=c0:7c:d1:f2:d0:b2 EthernetType=IPv4 Length=0}
- Layer 2 (20 bytes) = IPv4    {Contents=[..20..] Payload=[..87..] Version=4 IHL=5 TOS=0 Length=107 Id=59952 Flags=DF FragOffset=0 TTL=54 Protocol=UDP Checksum=60643 SrcIP= DstIP= Options=[] Padding=[]}
- Layer 3 (08 bytes) = UDP    {Contents=[..8..] Payload=[..79..] SrcPort=8000(irdmi) DstPort=4018(talarian-mcast4) Length=87 Checksum=58425}
- Layer 4 (79 bytes) = Payload    79 byte(s)

2018/01/06 23:09:47 PACKET: 55 bytes, wire length 55 cap length 55 @ 2018-01-06 23:09:30.666074 +0800 CST
- Layer 1 (14 bytes) = Ethernet    {Contents=[..14..] Payload=[..41..] SrcMAC=c0:7c:d1:f2:d0:b2 DstMAC=00:6b:8e:4e:ba:2d EthernetType=IPv4 Length=0}
- Layer 2 (20 bytes) = IPv4    {Contents=[..20..] Payload=[..21..] Version=4 IHL=5 TOS=0 Length=41 Id=29729 Flags=DF FragOffset=0 TTL=64 Protocol=TCP Checksum=1532 SrcIP= DstIP= Options=[] Padding=[]}
- Layer 3 (20 bytes) = TCP    {Contents=[..20..] Payload=[0] SrcPort=26750 DstPort=5228(hpvroom) Seq=2557674006 Ack=3496291841 DataOffset=5 FIN=false SYN=false RST=false PSH=false ACK=true URG=false ECE=false CWR=false NS=false Window=254 Checksum=55368 Urgent=0 Options=[] Padding=[]}
- Layer 4 (01 bytes) = Payload    1 byte(s)




查看原文:windows 下使用`gopacket`抓包

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

3009 次点击  
加入收藏 微博
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传