pcap_next 为什么总是返回NULL？？

gouven

用的是网上找到的源码

1. /***************************************************
   
2. * file:     testpcap1.c
   
3. * Date:     Thu Mar 08 17:14:36 MST 2001
   
4. * Author:   Martin Casado
   
5. * Location: LAX Airport (woof!)
   
6. *
   
7. * Simple single packet capture program
   
8. *****************************************************/
   
9. #include <stdio.h>
   
10. #include <stdlib.h>
    
11. #include <pcap.h>
    
12. #include <errno.h>
    
13. #include <sys/socket.h>
    
14. #include <netinet/in.h>
    
15. #include <arpa/inet.h>
    
16. #include <netinet/if_ether.h> /* includes net/ethernet.h */
    
17. 
    
18. int main(int argc, char **argv)
    
19. {
    
20.     int i;
    
21.     char *dev;
    
22.     char errbuf[PCAP_ERRBUF_SIZE];
    
23.     pcap_t* descr;
    
24.     const u_char *packet;
    
25.     struct pcap_pkthdr hdr;     /* pcap.h */
    
26.     struct ether_header *eptr;  /* net/ethernet.h */
    
27. 
    
28.     u_char *ptr; /* printing out hardware header info */
    
29. 
    
30.     /* grab a device to peak into... */
    
31.     dev = pcap_lookupdev(errbuf);
    
32. 
    
33.     if(dev == NULL)
    
34.     {
    
35.         printf("%s\n",errbuf);
    
36.         exit(1);
    
37.     }
    
38. 
    
39.     printf("DEV: %s\n",dev);
    
40. 
    
41.     /* open the device for sniffing.
    
42. 
    
43.        pcap_t *pcap_open_live(char *device,int snaplen, int prmisc,int to_ms,
    
44.        char *ebuf)
    
45. 
    
46.        snaplen - maximum size of packets to capture in bytes
    
47.        promisc - set card in promiscuous mode?
    
48.        to_ms   - time to wait for packets in miliseconds before read
    
49.        times out
    
50.        errbuf  - if something happens, place error string here
    
51.      */
    
52. 
    
53.     /* get packet capture descriptor from capture.  Note if you change
    
54.        "prmisc" param to anything other than zero, you will get all
    
55.        packets your device sees, whether they are intendeed for you or
    
56.        not!! Be sure you know the rules of the network you are running
    
57.        on before you set your card in promiscuous mode or you could get
    
58.        yourself in serious doo doo!!! (also need to be root to run in
    
59.        promisuous mode)                                               */
    
60.     descr = pcap_open_live(dev,BUFSIZ,0,-1,errbuf);
    
61. 
    
62.     if(descr == NULL)
    
63.     {
    
64.         printf("pcap_open_live(): %s\n",errbuf);
    
65.         exit(1);
    
66.     }
    
67. 
    
68. 
    
69.     /* grab a packet from descr (yay!)                    */
    
70.     /* const u_char *pcap_next(pcap_t *p,struct pcap_pkthdr *h) */
    
71.     /* so just pass in the descriptor we got from         */
    
72.     /* our call to pcap_open_live and an allocated        */
    
73.     /* struct pcap_pkthdr                                 */
    
74.     packet = pcap_next(descr,&hdr);
    
75. 
    
76.     if(packet == NULL)
    
77.     {/* dinna work *sob* */
    
78.         printf("Didn't grab packet\n");
    
79.         exit(1);
    
80.     }
    
81. 
    
82.     /*  
    
83.         struct pcap_pkthdr {
    
84.         struct timeval ts;    time stamp
    
85.         bpf_u_int32 caplen;   length of portion present
    
86.         bpf_u_int32;          lebgth this packet (off wire)
    
87.         }
    
88.      */
    
89. 
    
90.     printf("Grabbed packet of length %d\n",hdr.len);
    
91.     printf("Recieved at ..... %s\n",ctime((const time_t*)&hdr.ts.tv_sec));
    
92.     printf("Ethernet address length is %d\n",ETHER_HDR_LEN);
    
93. 
    
94.     /* lets start with the ether header... */
    
95.     eptr = (struct ether_header *) packet;
    
96. 
    
97.     /* check to see if we have an ip packet */
    
98.     if (ntohs (eptr->ether_type) == ETHERTYPE_IP)
    
99.     {
    
100.         printf("Ethernet type hex:%x dec:%d is an IP packet\n",
     
101.                 ntohs(eptr->ether_type),
     
102.                 ntohs(eptr->ether_type));
     
103.     }else  if (ntohs (eptr->ether_type) == ETHERTYPE_ARP)
     
104.     {
     
105.         printf("Ethernet type hex:%x dec:%d is an ARP packet\n",
     
106.                 ntohs(eptr->ether_type),
     
107.                 ntohs(eptr->ether_type));
     
108.     }else {
     
109.         printf("Ethernet type %x not IP", ntohs(eptr->ether_type));
     
110.         exit(1);
     
111.     }
     
112. 
     
113.     /* THANK YOU RICHARD STEVENS!!! */
     
114.     ptr = eptr->ether_dhost;
     
115.     i = ETHER_ADDR_LEN;
     
116.     printf(" Destination Address:  ");
     
117.     do{
     
118.         printf("%s%x",(i == ETHER_ADDR_LEN) ? " " : ":",*ptr++);
     
119.     }while(--i>0);
     
120.     printf("\n");
     
121. 
     
122.     ptr = eptr->ether_shost;
     
123.     i = ETHER_ADDR_LEN;
     
124.     printf(" Source Address:  ");
     
125.     do{
     
126.         printf("%s%x",(i == ETHER_ADDR_LEN) ? " " : ":",*ptr++);
     
127.     }while(--i>0);
     
128.     printf("\n");
     
129. 
     
130.     return 0;
     
131. }

复制代码

运行[root@Fedora12 pcap]#./a.out
结果总是：
DEV: ppp0
Didn't grab packet

麻烦大家帮我看下什么原因。谢谢

gouven

为什么都没人回答呢。。。