pcap_t, pcap_pkthdr 구조체

struct pcap {
    int fd;
    int snapshot;
    int linktype;
    int tzoff;              /* timezone offset */
    int offset;             /* offset for proper alignment */
   
    struct pcap_sf sf; /* save file 관련 구조체 */
    struct pcap_md md; /* 패킷의 상태에 대한 정보 */
   
                       /*
                       * Read buffer.
    */
    int bufsize;
    u_char *buffer;
    u_char *bp;
    int cc;
   
    /*
    * Place holder for pcap_next().
    */
    u_char *pkt;
   
   
    /*
    * Placeholder for filter code if bpf not in kernel.
    */
    struct bpf_program fcode;
   
    char errbuf[PCAP_ERRBUF_SIZE];
};

typedef struct pcap pcap_t;
=======================================================================================================

Each packet in the dump file is prepended with this generic header.
This gets around the problem of different headers for different
packet interfaces.

struct pcap_pkthdr {
    struct timeval ts;      /* time stamp */
    bpf_u_int32 caplen;  /* length of portion present */
    bpf_u_int32 len;       /* length this packet (off wire) */
};

=======================================================================================================