LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
Search this Thread
Old 10-04-2010, 08:35 PM   #1
kokocs
LQ Newbie
 
Registered: Oct 2010
Posts: 9

Rep: Reputation: Disabled
C program that will take as input a single binary file containing captured Ethernet d


Hello,
I am trying to write C program that will take as input a single binary file containing captured Ethernet data, and print MAC and IP addresses.

Could some one please provide me with an overall idea of how to do it(confused where to start)?
 
Old 10-04-2010, 11:27 PM   #2
dugan
Senior Member
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 4,539

Rep: Reputation: 1385Reputation: 1385Reputation: 1385Reputation: 1385Reputation: 1385Reputation: 1385Reputation: 1385Reputation: 1385Reputation: 1385Reputation: 1385
Overall idea? Sure.

Before doing this assignment, you should know the various layers of networking technologies used on the Internet. Specifically, you need to know how headers (and often, footers) are added at each level. These headers contain data such as, oh, MAC and IP addresses.

http://en.wikipedia.org/wiki/Internet_Protocol_Suite
http://en.wikipedia.org/wiki/Internet_protocol
http://en.wikipedia.org/wiki/IPv4
http://en.wikipedia.org/wiki/Ethernet_frame

The ethernet frame has a header, which contains the MAC address, and a body, which consists of an IP packet. The IP packet has a header, which contains an IP address.
 
Old 10-05-2010, 07:30 AM   #3
kokocs
LQ Newbie
 
Registered: Oct 2010
Posts: 9

Original Poster
Rep: Reputation: Disabled
Thank you.

but how can i find the location of the addresses from the binary file? should i use offsets?
 
Old 10-06-2010, 08:08 PM   #4
dogpatch
Member
 
Registered: Nov 2005
Location: Central America
Distribution: Mepis
Posts: 159
Blog Entries: 1

Rep: Reputation: 18
Study the binary data with a good binary viewer/editor. If offset values are consistent from packet to packet, use offsets. Else, you will have to employ other means. In other words: first determine how you as a human can detect where the germane data are located. Then write your C code accordingly.
 
Old 10-06-2010, 08:14 PM   #5
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,395
Blog Entries: 2

Rep: Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903Reputation: 903
You can use a packet disassembler such as wireshark to capture and disassemble ethernet frames. From that you should be able to reverse engineer the packet format.

--- rod.
 
Old 10-06-2010, 11:53 PM   #6
graemef
Senior Member
 
Registered: Nov 2005
Location: Hanoi
Distribution: Fedora 13, Ubuntu 10.04
Posts: 2,376

Rep: Reputation: 147Reputation: 147
You need to understand the layout of your file. There maybe a correlation between your file and the network protocols, in which case understanding them will help but a binary file (if that is what it truly is) could be in any format so you need to get to the bottom of that first.
 
Old 10-07-2010, 07:35 PM   #7
kokocs
LQ Newbie
 
Registered: Oct 2010
Posts: 9

Original Poster
Rep: Reputation: Disabled
Thank u all.
The first 14 bytes from the file contains the MAC addresses. I am using fopen and fread to read the data into the array, should i allocate memory for the array? could somebody provide a sample code for creating the array and read in data?
 
Old 10-07-2010, 09:11 PM   #8
graemef
Senior Member
 
Registered: Nov 2005
Location: Hanoi
Distribution: Fedora 13, Ubuntu 10.04
Posts: 2,376

Rep: Reputation: 147Reputation: 147
You do need to allocate the memory before you read in the data.
You should be able to get examples of using fread() by a simple search, for example this link reads in the whole file, you don't need to do that but pay close attention to the malloc() and fread() statements along with the two error checking statements that follow them.
 
Old 10-11-2010, 09:07 PM   #9
kokocs
LQ Newbie
 
Registered: Oct 2010
Posts: 9

Original Poster
Rep: Reputation: Disabled
How can I calculate the payload length, if the packet is udp or tcp?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] awk or sed to use CSV as input and XML as template and output to a single file bridrod Linux - Newbie 6 03-13-2012 07:00 PM
Executing multiple instances of a binary file from a single script? j_65_uk Linux - Newbie 3 07-02-2009 04:56 PM
unable to run c program , error : cannot execute binary file soni_silver17 Linux - Software 4 03-30-2009 08:45 AM
How to give binary file as a input to the kernel space drkanna217 Linux - Kernel 1 12-17-2008 07:57 AM
C++ binary file input CamelofCamelot Programming 1 12-28-2003 06:38 PM


All times are GMT -5. The time now is 04:08 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration