ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If you mean truly ethernet encapsulated traffic you're going to find it very difficult without specific tools designed for that. The reason being, anything linux and libpcap are seeing has been filtered by the ethernet card itself. It's physically stripping off the ethernet encapsulation(if I'm still read up enough on things) such that you can't see ethernet packets themselves, only what they contain.
u need to open up a link layer raw socket, aka a packet socket. this will let you recieve packets at the link layer, with ethernet header attached. only thing u dont get is the ethernet CRC, which the driver/device strips after verifying. man packet, or read the docs for pcap if u want to be platform independent.
Even i am working on the same. Possibly this info may help you.
[See this isn't true ethernet packet sniffing, just hooking to those packets which are in the kernel protocol stack.]
You can have a look at NetFilter, which provides hooks into the kernel n/w protocol stack, and from each hook packets can be retrieved and tampered, dropped, allowed to move as original through the stack etc.
You will have to make a module which registers the hooks, which can be at :
1. When a packet enters the linux box, whether for being forwarded or for destination.
2. when a packet is there for being forwarded over the network.
3. when packets are being injected from the linux box onto the ethernet.
There is lots of info avalable regarding this on net, search [sorry, i do not have a handy link]
Also, in the /usr/src/linux/net/ipv4/ there are c files being used particularly for packets that are coming into the linux box or going out , but following ipv4 protocol.
In ip_input.c there is a function ip_rcv() which handles ALL the packets destined for that particular machine, and function ip_local_deliver() for ALL the packets whether destined or being forwarded.
first of all i would like to thanks everybody. Actually i have not expected so much response from you people again i am so thankful to you.
my progress is little up now.
Here is the proposal on which i am working on
Bandwidth Management System
VoIP Prioritization and Browser Timer
Introduction:
The bandwidth management software is basically applicable for the effective use of the available bandwidth that is at the user end, which helps the client to manage the bandwidth effectively and to help them monitor the bandwidth consumed by all the customers and to have a control over the consumption of bandwidth by the individual customer at the client place, It also helps the client to monitor the user time and generate the bill for the client for the usage of the Internet and prioritize VoIP among the distributed client locations
As bandwidth is highly expensive, the client is a pretty much concerned with the use of the available bandwidth in an efficient and effective manner, by down sizing the pipe of available bandwidth and prioritize it for the VoIP among the client in different locations.
System Requirement Specification:
The Expected system is bound to have the following facility:
1.An end user oriented system that is efficient in managing Bandwidth.
2.Easy operation for the client with simple interactive user interface for clients comfort.
3.Simple design of the system architecture makes the system understandable even by the beginners.
4.No expert Computer Savvy is required for the operation of the system.
5.The system is to be on the stand alone machine within the Local Area network of the client premises.
6.The system is expected to have good security to avoid virus intrusion and eve’s droppers.
7.The system is expected to be effective and do the prioritization of different traffic in the network, and also should do the browser timing (as soon as a user starts browsing on a terminal at client’s place, the software should start the time calculation and when the user closes the browser, it would calculate the time of usage of the system and the amount the customer has to pay).
8.Linux is the preferred platform for its security and virus resistance for the application.
9.IP based control should be implemented, Bandwidth shaping for the client to better utilize the available Bandwidth, i.e. to get more out of the less Bandwidth (Save Money) by monitoring and regulating the use of bandwidth effectively by each user by restricting with an optimal Upload traffic (Up loading Attachments) to have the available bandwidth prioritized for the VoIP Traffic (Device).
10. The software should be able to control up-traffic and down traffic separately so that the up-traffic can be restricted for the browsing customers and not allow them to consume too much bandwidth while uploading attachment
(Size down the pipe)
Implementation Specification:
•The product had to be implemented on different location at the clients place having around some 10 client machines at each location.
•Voice will be between all these locations (A two way flow), from the clients locations among themselves.
•An IP based priority is used for implementing this, Priority may be set to the highest for the voice device (VoIP_Decive).
•Each location having the system implemented will have its own control, i.e. there is no any central thread of control for the application even though the clients at different locations share a common bandwidth pool.
•IP based control should be there, it can be live or private IP address.
for this proposal i made a theory or say concept
the first step of my theory is to sniff all the packets in the server i.e sniffing in promiscous mode
the second step is to identify the type of packet based on application layer protocol using transport layer(tcp udp), internet layer(ip) and datalink layer(ethernet) and prioritize them according to the bandwidth requirements.i.e high priority for high bandwidth requiring application packets
the final step is to implent CBQ.
that's all
i've already finished the sniffing phase
the rest is left
look into ip tables, i think u can do all that stuff already. i remember there being another post on here with nearly exact same idea, and someone suggested some advanced ip tables feature that i can't remember the name of. but it was able to prioritize traffic based on header values... damn ican't remember what it was exactly, try searching in here.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
