where do packet capturing drivers come into picture?
Hello all,
I am studying & planning to implement the packet capture drivers.
where can i find the linux kernel network driver architetcture?
According what info I gathered from the net and other sources, I visualize it as follows:-
When interested in specific traffic i.e. to sniff on port 23 (telnet) in search of passwords or perhaps we want to highjack a file being sent over port 21 (FTP), whatever the case, rarely do we just want to blindly sniff all network traffic. Then we enter pcap_compile() and pcap_setfilter().
First, pcap's filter is more efficient, because it does it directly with the BPF filter.
So, I imagine the calls to pcap_compile() and pcap_setfilter() functions will invoke the packet capture driver.
Am I right? How & where do I get the Architecture of the packet capture driver & where exactly it fits?
Do guide me with the right maillists or site address.
Thanks for the help in advance.
Regards,
Mukund jampala
|