pcap_open_live - open a device for capturing
#include <pcap/pcap.h>
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t *pcap_open_live(const char *device, int snaplen,
int promisc, int to_ms, char *errbuf);
pcap_open_live() is used to obtain a packet capture handle to look at
  packets on the network. device is a string that specifies the network
  device to open; on Linux systems with 2.2 or later kernels, a device
  argument of "any" or NULL can be used to capture packets from
  all interfaces.
snaplen specifies the snapshot length to be set on the
    handle.
promisc specifies if the interface is to be put into
    promiscuous mode.
to_ms specifies the packet buffer timeout, as a
    non-negative value, in milliseconds. (See pcap(3) for an explanation
    of the packet buffer timeout.)
pcap_open_live() returns a pcap_t * on success and NULL on
  failure. If NULL is returned, errbuf is filled in with an
  appropriate error message. errbuf may also be set to warning text when
  pcap_open_live() succeeds; to detect this case the caller should store
  a zero-length string in errbuf before calling pcap_open_live()
  and display the warning to the user if errbuf is no longer a
  zero-length string. errbuf is assumed to be able to hold at least
  PCAP_ERRBUF_SIZE chars.
pcap_create(3), pcap_activate(3)