LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
Reload this Page How to Capture Raw Packets (no Decode) with PCAP
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 11-01-2005, 10:19 AM   #1
kidskc
LQ Newbie
 
Registered: May 2005
Posts: 9

Rep: Reputation: 0
How to Capture Raw Packets (no Decode) with PCAP

Hello,
I am trying to Capture a Packet on linux using
libpcap. I see that If I use 'pcap_next' to receive
the packet, PCAP actually decodes the packet into certain data
structures and returns a pointer to these structure.

Is there a way I can capture the entire packet as an
undecoded stream of octets ie., as a HEX array?
I dont want PCAP to decode the packet for me. If
this is not possible, is there a routine to convert
the decoded packet (Packet in structures as returned
by pcap) and convert it into a HEX array?

OR, is there a better way of capturing RAW packets (Complete packets as a stream of octets) on Linux?

Thanks,
Kidskc
 
Old 11-02-2005, 04:54 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,696

Rep: Reputation: 232Reputation: 232Reputation: 232
In the structture you get there is an array, in fact. The packet is passed to you as it was captured. Pcap only adds a small number of info that's really needed and couldn't be taken from the packet directly: time it arrived and it's length (full and captured, they may not match each other and they may not be correct, ebcause broken packets happen).

Another option you have is raw sockets interface, look into packet manual (man 7 packet).
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to capture & reorder the packets between two PC's Janarthanan Linux - Networking 2 09-04-2005 02:25 AM
how can i use libpcap to capture packets for the local loopback interface (lo) ? gajaykrishnan Programming 0 02-22-2005 04:03 AM
raw packets bassdemon Programming 7 01-28-2005 12:23 AM
RAW packets not permitted? (mandrake 9.1) core Linux - Networking 2 08-16-2003 07:48 AM
Capture Raw data from modem (ttyLT0) Avian00 Linux - Software 1 05-07-2003 01:45 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 08:26 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration