Monitor network activity with WinPcap and Delphi
I came across this information today, and although I don’t currently have an application for it, I have a feeling this will come in handy in the future.
The smart folks at Magenta Systems have written some components that allow you to monitor all network traffic using either raw sockets or the WinPcap device driver. If you are not familiar, WinPcap uses an x86 or x64 driver (depending on your current OS architecture) which uses NDIS to read packets directly from a network adapter. WinPcap exposes an interface that applications can tie into for further processing of this information.
From the website’s description:
There are two main low level components, TMonitorSocket in monsock.pas which supports raw window sockets, and TMonitorPcap in monpcap.pas that supports WinPcap. Both have very similar properties and return ethernet packets using identical events, formatted identically, allowing the same application to use either or both low level components. There are subtle differences, raw sockets monitors a specific IP address, whereas WinPcap monitors all traffic on an adaptor. Both may potentially monitor traffic other than the local PC, depending on LAN structure. Common functions and declarations are in packhdrs.pas