Originally posted by allegro
That's like the most stupid oneliner I've ever seen.
iptables is a firewall, not a packet sniffer.
As for your questions: I don't know anything about raw sockets, but if you want to sniff packets, snort is a good choise imho
edit: you might want to check this out if you want to code it yourself: http://www.ecst.csuchico.edu/~beej/guide/net/