Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
01-19-2004, 10:59 PM
|
#1
|
|
Member
Registered: Aug 2003
Location: Suprisingly in Heaven
Posts: 223
Rep: 
|
ICMP Packet capture
I have managed to capture icmp packets using winpcap on windows .
Code:
#include <pcap.h>
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data);
int main()
{
pcap_if_t *alldevs;
pcap_if_t *dev;
int i=0;
char errbuf[PCAP_ERRBUF_SIZE];
bpf_u_int32 mask;
bpf_u_int32 net;
pcap_t *handle;
struct bpf_program filter;
char filter_app[] = "icmp";
struct pcap_pkthdr header;
/* Retrieve the device list */
if (pcap_findalldevs(&alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for(dev=alldevs;dev;dev=dev->next)
{
printf("%d. %s", ++i, dev->name);
if (dev->description)
printf(" \n (%s)\n", dev->description);
else printf(" (No description available)\n");
pcap_lookupnet(dev->name, &net, &mask, errbuf);
handle = pcap_open_live(dev->name, BUFSIZ, 1, 0, errbuf);
pcap_compile(handle, &filter, filter_app, 0, net);
pcap_setfilter(handle, &filter);
printf("\n Sniffing %s::",dev->name);
pcap_loop(handle, 0, packet_handler, NULL);
pcap_close(handle);
}
if(i==0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return 0;
}
/* We don't need any more the device list. Free it */
pcap_freealldevs(alldevs);
return 0;
}
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
struct tm *ltime;
char timestr[16];
/* convert the timestamp to readable format */
ltime=localtime(&header->ts.tv_sec);
strftime( timestr, sizeof timestr, "%H:%M:%S", ltime);
printf(" \n %s,%.6d len:%d\n", timestr, header->ts.tv_usec, header->len);
}
Now I need to check if the request is for a ping . Can you please me as to how to do that ... |
|
|
|
|
01-19-2004, 11:38 PM
|
#2
|
|
Member
Registered: Mar 2003
Posts: 804
Rep:
|
http://www.faqs.org/rfcs/rfc792.html
you should read the ICMP RFC. icmp echo's have a type of 8, echo replies have a type of 0, the code for both is 0. if you dont know what type and code stand for, have a look above. have fun!
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 12:33 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
