LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 04-15-2013, 01:19 PM   #1
kikilinux
Member
 
Registered: Sep 2012
Posts: 78

Rep: Reputation: Disabled
retrive port numbers from the the packet


Hello
I have this code in this website :
http://www.auroragrp.com/agi/nfq_sniff.c

// Retrieve packet payload
size = nfq_get_payload(nfa, &full_packet);

// Get IP addresses in char form
ip = (struct iphdr *) full_packet;
ipa.s_addr=ip->saddr;
strcpy (src_ip_str, inet_ntoa(ipa));
ipa.s_addr=ip->daddr;
strcpy (dst_ip_str, inet_ntoa(ipa));

fprintf(stdout, "Source IP: %s Destination IP: %s\n", src_ip_str, dst_ip_str);

We can retrive the ip address and print them to terminal.
This code uses libnetfilter_queue library to work with packets.
By the nfq_get_payload(nfa, &full_packet) we have the IP header with TCP header alonge with data(application data) in "full_packet" struct

and now i don't know how can i get or retrive TCP ports ????

Best
 
Old 04-16-2013, 07:13 PM   #2
Imster
LQ Newbie
 
Registered: Jul 2004
Posts: 8

Rep: Reputation: 0
Hi kikilinux,

You will want to look 20 bytes and 22 bytes into your payload (full_packet) as the first 2 bytes of the TCP packet is the 16bit source port and the next 2 bytes is the 16bit dest port.
 
Old 04-17-2013, 08:41 AM   #3
kikilinux
Member
 
Registered: Sep 2012
Posts: 78

Original Poster
Rep: Reputation: Disabled
thanks to answer
i found the answer too and i want to post the answer

by the library i have used (libnetfilter_queue) and the function nfq_get_payload() i have a packet which is consist of ip header and tcp header and payload or application data,
then for retrive the tcp header i have to use
tcpHeader = (struct tcphdr *) (full_packet + sizeof(struct iphdr));
srcPortNumber = ntohs(tcpHeader->source);
dstPortNumber = ntohs(tcpHeader->dest);

by adding sizeof(struct iphdr) then i have a pointer to the beginning of tcp header of my packet

ok, now , we solved the problem
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Directing packet from one port to another port of another machine anjinpradhan Linux - Networking 4 04-25-2009 03:56 PM
Port numbers? diegoandresalvarez Linux - Newbie 2 11-21-2007 07:23 AM
Port numbers and domain name question yanik Linux - Networking 2 09-01-2005 04:38 PM
Where are printer port numbers?!? mentalken Linux - Hardware 3 01-27-2005 08:10 PM
need help with port numbers. GEEF Linux - Networking 2 11-08-2004 07:07 PM


All times are GMT -5. The time now is 07:46 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration