LinuxQuestions.org - Want to know method wireshark or tcpdump to capture packet?

- Programming (https://www.linuxquestions.org/questions/programming-9/)

- - Want to know method wireshark or tcpdump to capture packet? (https://www.linuxquestions.org/questions/programming-9/want-to-know-method-wireshark-or-tcpdump-to-capture-packet-545318/)

haxpor

04-11-2007 11:13 PM

Want to know method wireshark or tcpdump to capture packet?

I want to know the method, the way that wireshark or tcpdump capturing the packet?

Is it listenning to some port and redirect all the incoming and outcoming to that port?
I also try to look in the source but this can save my time too. :)

slzckboy

04-12-2007 01:08 AM

It just takes advantage of the way that ethernet works and listens to all traffic on the wire.
You interface would see all those signals anyway,its just that in normal operation mode if the packet is not for itself it would be ignored.

Do a google search on how packet sniffers work.
The IP protocol stack and or how ethernet works.
You may also want to look at the pcap C library.

All times are GMT -5. The time now is 04:15 AM.