Comments on: Packet Sniffer Code in C using Linux Sockets (BSD) http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/ Socket Programming , Game Programming , PHP , Mysql , Ubuntu etc. Thu, 09 Feb 2012 14:29:53 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Binary Tides http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-31653 Binary Tides Mon, 06 Feb 2012 09:33:17 +0000 http://www.binarytides.com/blog/?p=48#comment-31653 it should be struct iphdr* it should be struct iphdr*

]]> By: Harish http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-31651 Harish Sun, 05 Feb 2012 17:16:06 +0000 http://www.binarytides.com/blog/?p=48#comment-31651 Sorry make it struct iphrd *ip_header = (struct iphrd *)buffer; int recv_hopcount = (unsigned int)(ip_header->ttl); Sorry make it
struct iphrd *ip_header = (struct iphrd *)buffer;

int recv_hopcount = (unsigned int)(ip_header->ttl);

]]> By: Harish http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-31650 Harish Sun, 05 Feb 2012 17:15:22 +0000 http://www.binarytides.com/blog/?p=48#comment-31650 Hi, I tried to use the above program to get the ttl value from the ip header. Everything else compiles fine , but i get an error when i try to reference the ttl value struct iphrd *ip_header = (struct iphrd *)buffer; int recv_hopcount = (unsigned int)(ip_header->totlen); Error: dereferencing pointer to an incomplete type Any help. Hi,

I tried to use the above program to get the ttl value from the ip header. Everything else compiles fine , but i get an error when i try to reference the ttl value

struct iphrd *ip_header = (struct iphrd *)buffer;

int recv_hopcount = (unsigned int)(ip_header->totlen);

Error: dereferencing pointer to an incomplete type

Any help.

]]> By: Binary Tides http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-31621 Binary Tides Mon, 23 Jan 2012 13:29:12 +0000 http://www.binarytides.com/blog/?p=48#comment-31621 the above code does not process ipv6 packets. in ipv6 the processing has to be different since ip header structure is different. the above code does not process ipv6 packets. in ipv6 the processing has to be different since ip header structure is different.

]]> By: samualY http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-31617 samualY Sun, 22 Jan 2012 04:42:18 +0000 http://www.binarytides.com/blog/?p=48#comment-31617 How hard would it be to take the code you've provided above, rewrite it for ipv6 ? I have been giving it a try, I feel I just don't understand enough. The program above compiles and runs great ! How hard would it be to take the code you’ve provided above, rewrite it for ipv6 ?
I have been giving it a try, I feel I just don’t understand enough. The program above compiles and runs great !

]]> By: Binary Tides http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-30384 Binary Tides Thu, 01 Dec 2011 13:09:34 +0000 http://www.binarytides.com/blog/?p=48#comment-30384 its here : http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-winsock/ its here :
http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-winsock/

]]> By: Binary Tides http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-30383 Binary Tides Thu, 01 Dec 2011 13:07:58 +0000 http://www.binarytides.com/blog/?p=48#comment-30383 to capture icmp packets create socket like this : sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_ICMP); to capture icmp packets create socket like this :

sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_ICMP);

]]> By: Binary Tides http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-30378 Binary Tides Thu, 01 Dec 2011 10:12:05 +0000 http://www.binarytides.com/blog/?p=48#comment-30378 For windows, winsock can be used. Check this : http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-winsock/ Also check winpcap. For windows, winsock can be used. Check this :

http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-winsock/

Also check winpcap.

]]> By: Binary Tides http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-30377 Binary Tides Thu, 01 Dec 2011 09:51:31 +0000 http://www.binarytides.com/blog/?p=48#comment-30377 you cannot make a raw socket listen to a port. The concept of port exists for TCP socket. you cannot make a raw socket listen to a port.
The concept of port exists for TCP socket.

]]> By: Binary Tides http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd/comment-page-1/#comment-30376 Binary Tides Thu, 01 Dec 2011 09:48:01 +0000 http://www.binarytides.com/blog/?p=48#comment-30376 Yes, this will capture only TCP packet because of the socket definition as : sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_TCP); For UDP and ICMP you have to use : sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP); sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_ICMP); It is also possible to capture all packets together using linux sockets. Check : http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd-part-2/ Libpcap can also be used : http://www.binarytides.com/blog/c-packet-sniffer-code-with-libpcap-and-linux-sockets-bsd/ Yes, this will capture only TCP packet because of the socket definition as :
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_TCP);

For UDP and ICMP you have to use :
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_UDP);
sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_ICMP);

It is also possible to capture all packets together using linux sockets. Check :

http://www.binarytides.com/blog/packet-sniffer-code-in-c-using-linux-sockets-bsd-part-2/

Libpcap can also be used :

http://www.binarytides.com/blog/c-packet-sniffer-code-with-libpcap-and-linux-sockets-bsd/

]]>