Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Raw Socket Programming - Efficient Packet Sniffer
Top Forums Programming Raw Socket Programming - Efficient Packet Sniffer Post 302826141 by rstnsrr on Wednesday 26th of June 2013 05:01:57 AM
Old 06-26-2013
Raw Socket Programming - Efficient Packet Sniffer
Hi,
I have the requirement to sniff packets from
the Ethernet card on my Linux machine and
process it and feed it to a RANAP protocol stack.
So far I have written the raw packet sniffer
and successfully sniffing packets and do little
processing. However, for huge number of packets
pumped from external machines, the sniffer will face packet loss!!


How to make the sniffer more efficient??
How can I segregate the processing part
from receiving part ?How can I use multi threading
and/or select() system calls to receive and
process packets without packet loss??

Regards,
Royz
Last edited by rstnsrr; 06-26-2013 at 06:12 AM..
 

9 More Discussions You Might Find Interesting

1. Programming

Getting an ACK for RAW SYN packet

Hi, I'm trying to create a RAW TCP SYN packet and send it from one Linux machine to another. I know the packet I have created is well formed and is received by the peer. Now what I want is to get an ACK for my SYN. I want the peer's Network protocol stack to send me an ACK for that. I know... (17 Replies)
Discussion started by: zampya
17 Replies

2. Linux

Kernel programming: packet divertion

Hi All, Not sure if this is the right place to ask, so please tell me where is appropriate... Anyway, here is the problem. I'm a bit new to kernel programming, so nothing works :confused: . I need to intercept cetrtain ethernet packets from Host1("eth0") to Host2("eth1") and send them to... (1 Reply)
Discussion started by: sl_king
1 Replies

3. Programming

sendto in packet socket

Hi, I have created a packet socket (PF_PACKET, SOCK_DGRAM, htons(ETH_P_ARP)) to catch the ARP packets coming to my machine and send appropriate reply. Now I'm able to recieve the ARP requests using recvfrom but don't know how to send the reply. I looked into man page but I'm not able to... (5 Replies)
Discussion started by: Rakesh Ranjan
5 Replies

4. Programming

RAW socket and CONFIG_FILTER

Hi, Im doin a project on DHCp client-server setup. i have to use RAW sockets in the code for this. The call PF_PACKET, SOCK_RAW as the first two arguments. The code compiles but when i try to start the Dhcp client, I get an error saying "Make sure CONFIG_PACKET and CONFIG_FILTER is enabled". I... (4 Replies)
Discussion started by: yannifan
4 Replies

5. IP Networking

Changing the source IP?? using RAW Socket.

Hi There, Suppoose we have configured logical Interface 2.2.2.2 on a server with Primary IP 1.1.1.1. Now when I am sending a packet from this server, is it possible to make receiver assume that this packet has come from IP 2.2.2.2 and not 1.1.1.1 I think it is possibl using RAW sockets??? but... (1 Reply)
Discussion started by: Ankit_Jain
1 Replies

6. UNIX for Advanced & Expert Users

Why root permissions required for creating of RAW Socket

To create RAW socket in Unix/Linux why should one have root permissions? Any other work around to create raw sockets in Unix/Linux using a normal login id? Since I don't have super user credentials and I want to create RAW sockets. Let me know if you are aware of any work around. (3 Replies)
Discussion started by: anilgurwara
3 Replies

7. Programming

Writing a Packet sniffer

Hi, I want to write a packet sniffer in C without using libpcap. Can anyone suggest me how to begin writing it? Any tutorials or books? Thanks in advance! (2 Replies)
Discussion started by: nefarious_genus
2 Replies

8. IP Networking

Raw Sockets Programming

Hi everybody!! I'm studding at the university raw sockets, but i can't find a good place to read about them... Does anybody now where i can find some information??? I've been goggling a lot but couldn't find nothing useful, just man pages... by the way, I'm programming under Linux... Bye! (4 Replies)
Discussion started by: Sandia_man
4 Replies

9. Programming

Receiving broadcast packets using packet socket

Hello I try to send DHCP RENEW packets to the network and receive the responses. I broadcast the packet and I can see that it's successfully sent using Wireshark. But I have difficulties receiving the responses.I use packet sockets to catch the packets. I can see that there are responses to my... (0 Replies)
Discussion started by: xyzt
0 Replies

LEARN ABOUT OPENSOLARIS

net_inject

net_inject(9F)						   Kernel Functions for Drivers 					    net_inject(9F)

NAME

       net_inject - determine if a network interface name exists for a network protocol

SYNOPSIS

       #include <sys/neti.h>

       int net_inject(const net_data_t net, inject_t style,
	     net_inject_t *packet);

INTERFACE LEVEL

       Solaris DDI specific (Solaris DDI).

PARAMETERS

       net	 value returned from a successful call to net_protocol_lookup(9F).

       style	 method that determines how this packet is to be injected into the network or kernel.

       packet	 details about the packet to be injected.

DESCRIPTION

       The  net_inject()  function  provides  an interface to allow delivery of network layer (layer 3) packets either into the kernel or onto the
       network. The method of delivery is determined by style.

       If NI_QUEUE_IN is specified, the packet is scheduled for delivery up into the kernel, imitating its reception by a  network  interface.	In
       this  mode,  packet->ni_addr  is  ignored and  packet->ni_physical  specifies the interface for which the packet is made to appear as if it
       arrived on.

       If NI_QUEUE_OUT is specified, the packet is scheduled for delivery out of the kernel, as if it were being sent by a  raw  socket.  In  this
       mode, packet->ni_addr and packet->ni_physical are both ignored.

       Neither	NI_QUEUE_IN or NI_QUEUE_OUT cause the packet to be immediately processed by the kernel. Instead, the packet is added to a list and
       a timeout is scheduled (if there are none already pending) to deliver the packet. The  call to net_inject() returns once the setup has been
       completed, and not after the packet has been processed. The packet processing is completed on a different thread and in a different context
       to that of the original packet. Thus, a packet queued up using net_inject() for either NI_QUEUE_IN or  NI_QUEUE_OUT  is	presented  to  the
       packet  event  again.  A  packet  received by a hook from NH_PHYSICAL_IN and then queued up with NI_QUEUE_IN is seen by the hook as another
       NH_PHYSICAL_IN packet. This also applies to both NH_PHYSICAL_OUT and NI_QUEUE_OUT packets.

       If NI_DIRECT_OUT is specified, an attempt is made to send the packet out to a network interface immediately. No processing on  the  packet,
       aside from prepending any required layer 2 information, is made. In this instance, packet->ni_addr may be used to specify the next hop (for
       the purpose of link layer address resolution) and packet->ni_physical determines which interface the packet should be sent out.

       For all three packets, packet->ni_packet must point to an mblk structure with the packet to be delivered.

       See net_inject_t(9S) for more details on the structure net_inject_t.

RETURN VALUES

       The net_inject() function returns:

       -1    The network protocol does not support this function.

       0     The packet is successfully queued or sent.

       1     The packet could not be queued up or sent out immediately.

CONTEXT

       The net_inject() function may be called from user,  kernel, or interrupt context.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Committed 		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       net_protocol_lookup(9F), netinfo(9F), net_inject_t(9S)

SunOS 5.11							    1 May 2008							    net_inject(9F)
All times are GMT -4. The time now is 02:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy