This is a small tutorial on how to deal with Windows interfaces. You should read the sniffing tutorial before reading this section.
Network interface names on GNU/Linux are simple and easily readable, like eth0 or wlan3. But when it comes to Windows, the interface names are GUIDs, so they look like this {8f063c61-68a7-48a2-965e-9eea2ba6c510}. This can make capturing packets on the right interface a bit more difficult on this platform. libtins provides some features to simplify this and helping you find the right one easily.
In order to capture packets on Windows, you could first list all network interfaces.
You can do that easily by using the NetworkInterface class:
// First fetch all network interfaces
vector<NetworkInterface> interfaces = NetworkInterface::all();
// Now iterate them
for (const NetworkInterface& iface : interfaces) {
// First print the name (GUID)
cout << "Interface name: " << iface.name();
// Now print the friendly name, a wstring that will contain something like
// "Local Area Connection 2"
wcout << " (" << iface.friendly_name() << ")" << endl;
}That small code snippet should provide an output like the following:
Interface name: {6527cc7d-c647-4986-ac10-7784dc1f2439} (Local Area Connection 1)
Interface name: {309d733f-79bb-41ef-aaec-8a7b83d2adcf} (Local Area Connection 2)
Interface name: {55ab969f-80df-4d51-8130-291d54a752a3} (Local Area Connection 3)This might be enough for you to recognize which is the interface you want to use. You can also resort to getting the default interface, which is very likely the one you want to use, or show the IP addresses of each of them until you recognize them:
// Get the default interface (where the default gateway route is)
NetworkInterface iface = NetworkInterface::default_interface();
// Print the name and the IP address
cout << "Default interface: " << iface.name()
<< " (" << iface.addresses().ip_addr() << ")" << endl;This should help you find the right interface to capture packets on.
Now that you know which is the interface in which you want to capture
packets, you just have to use the network interface's name when instantiating
the Sniffer class:
// Use the default interface
NetworkInterface iface = NetworkInterface::default_interface();
// Now instantiate the sniffer
Sniffer sniffer(iface.name());
// Ready to sniff!That's everything you need to know to start capturing packets on Windows. Note that if you know how WinPcap works, you probably know that the names you use when capturing look a bit more like this \Device\NPF_{6527cc7d-c647-4986-ac10-7784dc1f2439}. libtins automatically prepends the \Device\NPF_ string to the interface name before starting the capture, so you don't have to worry about that at all.