I am trying to write a c code to leave tcpdump running while my program is active and then in real-time getting the tcpdump output into my code for further processing. I am capturing a very specific traffic (I have been able to acheive that in cmd) and I want to get the information of each captured packets in real-time into my code in order to process them. It is expected that these packets I am capturing come every 10-20 seconds, which means that I need to run tcpdump and every 10-20 sec I get the information into my code and process them.
An ideas on how to do that please?
If you want to analyze captured packets in real-time you should not run and parse tcpdump output, but use the underlying API/library directly: Which is libpcap.