03-03-2008
Filtering paquets with pcap.h
Hello everybody!!
I am currently doing my intership and I need some tips for Pcap.h.
I search some tips tp filter my paquets in a C program with the Pcap.h librairy. The onlys thing I have found is thaht I can filter low level protocol with their name like (tcp/udp..). But for the higher protocols I have to use lower protocol names with ports number. Do you know I could do to filter the higher protocols with their name like (HTTP, MSNP...)
Thanks for you help.
10 More Discussions You Might Find Interesting
1. Programming
I don't know if this is the correct forum to post this but hopefully someone can atleast point me in the right direction if they can't help me.
I am trying to install the Net::Pcap module for perl from Tim Potter version .04. I have installed gcc 2.95.3 on my Solaris 8 box. I am sure it's just... (6 Replies)
Discussion started by: TioTony
6 Replies
2. Programming
I cant use pcap.h include file. How can I do so? :confused: (8 Replies)
Discussion started by: Pervez Sajjad
8 Replies
3. Programming
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
4. Shell Programming and Scripting
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
5. UNIX for Dummies Questions & Answers
Hi,
I am new at UNIX and programing in general and only have a basic knowledge of C++. I am helping out with some research at a college and was given the task to sort through captured packets via IP addresses. I was wondering if anyone could help me with writing a code which filters through pcap... (1 Reply)
Discussion started by: hershey101
1 Replies
6. Programming
Hi,
I am new at UNIX and programing in general and only have a basic knowledge of C++. I am helping out with some research at a college and was given the task to sort through captured packets via IP addresses. I was wondering if anyone could help me with writing a code which filters through pcap... (4 Replies)
Discussion started by: hershey101
4 Replies
7. Programming
Hi,
i am using a linux CentOS machine. I have 2 real network interfaces
eth0, eth1 and 2 virtual interfaces tap0 and tap1. I am using PCAP library to capture
the packets on theses interfaces. If i specify the interface as "any",
i cannot find a way to know from which interface the packet... (1 Reply)
Discussion started by: rahulnitk2004
1 Replies
8. Shell Programming and Scripting
Hi,
I have a standard pcap file created using tcpdump. The file looks like
06:49:36.487629 IP 202.1.175.252 > 71.126.222.64: ICMP echo request, id 52765, seq 1280, length 40
06:49:36.489552 IP 192.120.148.227 > 71.126.222.64: ICMP echo request, id 512, seq 1280, length 40
06:49:36.491812 IP... (8 Replies)
Discussion started by: sajal.bhatia
8 Replies
9. Programming
Dear All,
Which is better to use ? Ascii or Pcap tracing ? Or are they complementary ? (1 Reply)
Discussion started by: knowledgeSeeker
1 Replies
10. Programming
Hi I have a program that captures packets with the libpcap library by calling the pcap-functions, e.g. pcap_next(...).
I would like to use PF_RING for the program and therefore I would have to adjust the calling functions to
pfring_open(...)
pfring_recv(...)
I'm pretty knew in network... (0 Replies)
Discussion started by: Freaky123
0 Replies
LEARN ABOUT OSF1
protocols
protocols(4) Kernel Interfaces Manual protocols(4)
NAME
protocols - Defines the Internet protocols used on the local host
SYNOPSIS
/etc/protocols
DESCRIPTION
The /etc/protocols file contains information about the known protocols used in the DARPA (Defense Advanced Research Projects Agency) Inter-
net. Each protocol is represented by a single line in the protocols file. Each entry is of the form: Name Number Aliases
The fields contain the following information: Official Internet protocol name. Protocol number. Unofficial names used for the protocol.
Items on a line are separated by one or more spaces or tab characters. Comments begin with the # (number sign), and routines that search
the protocols file do not interpret characters from the beginning of a comment to the end of the line. A protocol name can contain any
printable character except a field delimiter, newline character, or comment character.
The lines in the file appear as follows: # # Internet (IP) protocols # ip 0 IP # internet protocol, pseudo protocol number
icmp 1 ICMP # internet control message protocol igmp 2 IGMP # internet group management protocol ggp 3 GGP
# gateway-gateway protocol tcp 6 TCP # transmission control protocol egp 8 EGP # exterior gateway protocol pup
12 PUP # PARC universal packet protocol udp 17 UDP # user datagram protocol hmp 20 HMP # host monitoring
protocol rdp 27 RDP # "reliable datagram" protocol
RELATED INFORMATION
Functions: endprotoent(3), getprotobyname(3), getprotobynumber(3), getprotoent(3), setprotoent(3) delim off
protocols(4)