Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: how to analyse the contents of a give IP packet?
Top Forums UNIX for Advanced & Expert Users how to analyse the contents of a give IP packet? Post 302220671 by solomonml on Friday 1st of August 2008 10:53:20 AM
Old 08-01-2008
how to analyse the contents of a give IP packet?
hi you all!
I can write a network program to send and receive some messages. I use
read() and write() functions for extracting of sending messages via a given socket. By doing so, i know only the actions performed at the application layer of the TCP/IP suite. But i want to control the actual contents of each IP packets(i.e data and ip header) sent/received.Lets say I want to write a routing application which analyses the destination address found in the IP header(TCP header) and sends the packet to its destination.
Give me some hint on how to tackle such cases or give me a reference book/site...

thank you
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Using GDB to analyse different CORE dumps

Hi, Can we modify the GDB source code so as to analyze core dumps from different targets? From my analysis, I think we need to build our section table statically for each target. i.e., including the various address boundaries in build_section_table() function. If this is the case, then the GDB... (2 Replies)
Discussion started by: nsdeeps
2 Replies

2. Solaris

Ways to analyse root disk slice

Hi, Recently I faced with need of analyze root disk. I figured out two possible ways to do it: 1. Practical. Boot from CD and run format 2. Theoretical. Create live upgrade boot environment on another disk, activate it, reboot, unmont all root disk partitions and run format. I've already... (3 Replies)
Discussion started by: Sapfeer
3 Replies

3. Shell Programming and Scripting

Logfile analyse | problem with regex

Hello there, i am trying to write a shell script to analyse some of my log files. I want the script to check if there is a logfile from yesterday or today (some times the script that creates the logfile takes a bit longer and its after 00:00) and search the logfile itself if the script was... (0 Replies)
Discussion started by: Linien
0 Replies

4. UNIX for Advanced & Expert Users

analyse core file using pmap and pstack

Dear All, I am new to this forum. This is my first. I am facing customer issue. Customer has got core file while running the server. He had sent core file and details from pstack, pmap and pldd commands. I have to debug this application, please help me to fix this issue. I am using sparc... (1 Reply)
Discussion started by: KiranBangalore
1 Replies

5. Solaris

analyse core file using pmap and pstack

Dear All, I am new to this forum. This is my first. I am facing customer issue. Customer has got core file while running the server. He had sent core file and details from pstack, pmap and pldd commands. I have to debug this application, please help me to fix this issue. I am using sparc 10... (4 Replies)
Discussion started by: KiranBangalore
4 Replies

6. Solaris

I need to analyse some vmcore files

I need to analyse some vmcore files, do you guys know how can i get a free version of the "Solaris Crash Analysis Tool " (2 Replies)
Discussion started by: feg
2 Replies

7. Shell Programming and Scripting

How to analyse results of grep

Hi all, I'm working with a peice of software that runs on Linux that allows planning trips in cars through maps. This software has different variations depending on the type of car, e.g. BMW, Audi, Hyundai, etc... Each variation has a dependency on common external components that are not... (1 Reply)
Discussion started by: emoshaya
1 Replies

8. UNIX for Dummies Questions & Answers

Analyse this fdisk -l

Hi, Someone please analyse the following o/p of fdisk -l and tell me what it means for /dev/sda, /dev/sdb, /dev/sdc .... Disk /dev/sda: 53.6 GB, 53687091200 bytes 255 heads, 63 sectors/track, 6527 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start ... (5 Replies)
Discussion started by: stunn3r
5 Replies

9. HP-UX

How to analyse the syslog?

Hi All, When can we see these messages in the syslog. We have service guard cluster software installed on hpux 11iv3 servers. We were able to see the below error so many times in our syslog messages cmdisklockd: Unable to convert device to I/O tree node: I/O tree node does not exist. ... (2 Replies)
Discussion started by: Sachin1987
2 Replies

10. AIX

Packet loss coming with big packet size ping

(5 Replies)
Discussion started by: Vishal_dba
5 Replies

LEARN ABOUT SUNOS

udp

udp(7P) 							     Protocols								   udp(7P)

NAME

       udp, UDP - Internet User Datagram Protocol

SYNOPSIS

       #include <sys/socket.h>

       #include <netinet/in.h>

       s = socket(AF_INET, SOCK_DGRAM, 0);

       s = socket(AF_INET6, SOCK_DGRAM, 0);

       t = t_open("/dev/udp", O_RDWR);

       t = t_open("/dev/udp6", O_RDWR);

DESCRIPTION

       UDP is a simple datagram protocol which is layered directly above the Internet Protocol ("IP") or the Internet Protocol Version 6 ("IPv6").
       Programs may access  UDP using the socket interface, where it supports the SOCK_DGRAM socket type, or using the Transport  Level  Interface
       ("TLI"), where it supports the connectionless (T_CLTS) service type.

       Within  the  socket  interface,	UDP  is normally used with the sendto(), sendmsg(), recvfrom(), and recvmsg() calls (see send(3SOCKET) and
       recv(3SOCKET)). If the connect(3SOCKET) call is used to fix the destination for future packets,	then  the  recv(3SOCKET)  or  read(2)  and
       send(3SOCKET) or write(2) calls may be used.

       UDP  address  formats are identical to those used by the Transmission Control Protocol ("TCP"). Like TCP, UDP uses a port number along with
       an IPor IPv6 address to identify the endpoint of communication. The UDP port number space is separate from the TCP port number space,  that
       is,  a  UDP port may not be "connected" to a TCP port. The bind(3SOCKET) call can be used to set the local address and port number of a UDP
       socket.	The local IP or IPv6 address may be left unspecified in the bind() call by using the special  value  INADDR_ANY  for  IP,  or  the
       unspecified  address  (all zeroes) for IPv6. If the bind() call is not done, a local IP or IPv6 address and port number will be assigned to
       the endpoint when the first packet is sent. Broadcast packets may be sent, assuming the	underlying  network  supports  this,  by  using  a
       reserved "broadcast address." This address is network interface dependent. Broadcasts may only be sent by the privileged user.

       IPv6 does not support broadcast addresses; their function is supported by IPv6 multicast addresses.

       Options at the IP level may be used with UDP; see ip(7P) or ip6(7p).

       There  are a variety of ways that a UDP packet can be lost or corrupted, including a failure of the underlying communication mechanism. UDP
       implements a checksum over the data portion of the packet. If the checksum of a received packet is in error, the  packet  will  be  dropped
       with  no  indication  given  to	the  user. A queue of received packets is provided for each UDP socket. This queue has a limited capacity.
       Arriving datagrams which will not fit within its high-water capacity are silently discarded.

       UDP processes Internet Control Message Protocol ("ICMP") and Internet Control Message Protocol Version 6 ("ICMP6") error messages  received
       in response to UDP packets it has sent. See icmp(7P) and icmp6(7p).

       ICMP  "source quench" messages are ignored. ICMP "destination unreachable," "time exceeded" and "parameter problem" messages disconnect the
       socket from its peer so that subsequent attempts to send packets using that socket will return an error. UDP will not guarantee that  pack-
       ets are delivered in the order they were sent. As well, duplicate packets may be generated in the communication process.

       ICMP6  "destination  unreachable" packets are ignored unless the enclosed code indicates that the port is not in use on the target host, in
       which case, the application is notified. ICMP6 "parameter problem" notifications are similarly passed upstream. All  other  ICMP6  messages
       are ignored.

SEE ALSO

       read(2),  write(2),  bind(3SOCKET),  connect(3SOCKET),  recv(3SOCKET),  send(3SOCKET),  icmp(7P),  icmp6(7P),  inet(7P), inet6(7P), ip(7P),
       ip6(7P), tcp(7P)

       Postel, Jon, RFC 768, User Datagram Protocol, Network Information Center, SRI International, Menlo Park, Calif., August 1980

DIAGNOSTICS

       A socket operation may fail if:

       EISCONN		       A connect() operation was attempted on a socket on which a connect() operation had already been performed, and  the
			       socket could not be successfully disconnected before making the new connection.

       EISCONN		       A  sendto()  or	sendmsg()  operation  specifying an address to which the message should be sent was attempted on a
			       socket on which a connect() operation had already been performed.

       ENOTCONN 	       A send() or write() operation, or a sendto() or sendmsg() operation not specifying an address to which the  message
			       should be sent, was attempted on a socket on which a connect() operation had not already been performed.

       EADDRINUSE	       A  bind()  operation  was  attempted  on  a  socket with a network address/port pair that has already been bound to
			       another socket.

       EADDRNOTAVAIL	       A bind() operation was attempted on a socket with a network address for which no network interface exists.

       EINVAL		       A sendmsg() operation with a non-NULL msg_accrights was attempted.

       EACCES		       A bind() operation was attempted with a "reserved" port number and the effective user ID of the process was not the
			       privileged user.

       ENOBUFS		       The system ran out of memory for internal data structures.

SunOS 5.10							    4 Nov 1999								   udp(7P)
All times are GMT -4. The time now is 07:47 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy