|
|
Sponsored Content
Top Forums
Programming
Raw Socket Programming - Efficient Packet Sniffer
Post 302826483 by Corona688 on Wednesday 26th of June 2013 04:42:16 PM
|
|
9 More Discussions You Might Find Interesting
1. Programming
Hi,
I'm trying to create a RAW TCP SYN packet and send it from one Linux machine to another. I know the packet I have created is well formed and is received by the peer.
Now what I want is to get an ACK for my SYN. I want the peer's Network protocol stack to send me an ACK for that. I know... (17 Replies)
Discussion started by: zampya
17 Replies
2. Linux
Hi All,
Not sure if this is the right place to ask, so please tell me where is appropriate...
Anyway, here is the problem. I'm a bit new to kernel programming, so nothing works :confused: . I need to intercept cetrtain ethernet packets from Host1("eth0") to Host2("eth1") and send them to... (1 Reply)
Discussion started by: sl_king
1 Replies
3. Programming
Hi,
I have created a packet socket (PF_PACKET, SOCK_DGRAM, htons(ETH_P_ARP)) to catch the ARP packets coming to my machine and send appropriate reply.
Now I'm able to recieve the ARP requests using recvfrom but don't know how to send the reply. I looked into man page but I'm not able to... (5 Replies)
Discussion started by: Rakesh Ranjan
5 Replies
4. Programming
Hi,
Im doin a project on DHCp client-server setup. i have to use RAW sockets in the code for this. The call PF_PACKET, SOCK_RAW as the first two arguments. The code compiles but when i try to start the Dhcp client, I get an error saying "Make sure CONFIG_PACKET and CONFIG_FILTER is enabled". I... (4 Replies)
Discussion started by: yannifan
4 Replies
5. IP Networking
Hi There,
Suppoose we have configured logical Interface 2.2.2.2 on a server with Primary IP 1.1.1.1.
Now when I am sending a packet from this server, is it possible to make receiver assume that this packet has come from IP 2.2.2.2 and not 1.1.1.1
I think it is possibl using RAW sockets??? but... (1 Reply)
Discussion started by: Ankit_Jain
1 Replies
6. UNIX for Advanced & Expert Users
To create RAW socket in Unix/Linux why should one have root permissions?
Any other work around to create raw sockets in Unix/Linux using a normal login id? Since I don't have super user credentials and I want to create RAW sockets.
Let me know if you are aware of any work around. (3 Replies)
Discussion started by: anilgurwara
3 Replies
7. Programming
Hi,
I want to write a packet sniffer in C without using libpcap. Can anyone suggest me how to begin writing it? Any tutorials or books?
Thanks in advance! (2 Replies)
Discussion started by: nefarious_genus
2 Replies
8. IP Networking
Hi everybody!!
I'm studding at the university raw sockets, but i can't find a good place to read about them...
Does anybody now where i can find some information???
I've been goggling a lot but couldn't find nothing useful, just man pages...
by the way, I'm programming under Linux...
Bye! (4 Replies)
Discussion started by: Sandia_man
4 Replies
9. Programming
Hello
I try to send DHCP RENEW packets to the network and receive the responses. I broadcast the packet and I can see that it's successfully sent using Wireshark. But I have difficulties receiving the responses.I use packet sockets to catch the packets. I can see that there are responses to my... (0 Replies)
Discussion started by: xyzt
0 Replies
LEARN ABOUT NETBSD
etherip
ETHERIP(4) BSD Kernel Interfaces Manual ETHERIP(4) NAME
etherip -- EtherIP tunneling device SYNOPSIS
pseudo-device etherip DESCRIPTION
The etherip interface is a tunneling pseudo device for Ethernet frames. It can tunnel Ethernet traffic over IPv4 and IPv6 using the EtherIP protocol specified in RFC 3378. The only difference between an etherip interface and a real Ethernet interface is that there is an IP tunnel instead of a wire. Therefore, to use etherip the administrator must first create the interface and then configure protocol and addresses used for the outer header. This can be done by using ifconfig(8) create and tunnel subcommands, or SIOCIFCREATE and SIOCSLIFPHYADDR ioctls. Packet format Ethernet frames are prepended with a EtherIP header as described by RFC 3378. The resulting EtherIP packets will be encapsulated in an outer packet, which may be either an IPv4 or IPv6 packet, with IP protocol number 97. Ethernet address When a etherip device is created, it is assigned an Ethernet address of the form f2:0b:a5:xx:xx:xx. This address can later be changed through a sysctl node. The sysctl node is net.link.etherip.<iface>. Any string of six colon-separated hexadecimal numbers will be accepted. Reading that node will provide a string representation of the current Ethernet address. Security The EtherIP header of incoming packets is not checked for validity. This is because there seems to be some confusion about how such a header has to look like. For outgoing packets, the header is set up the same way as done in OpenBSD, FreeBSD, and Linux to be compatible with those systems. Converting from previous implementation A tunnel configured for the previous (undocumented) implementation will work with just renaming the device from gif to etherip. SEE ALSO
bridge(4), gif(4), inet(4), inet6(4), tap(4), ifconfig(8) HISTORY
The etherip device first appeared in NetBSD 4.0, it is based on tap(4), gif(4), and the former gif-based EtherIP implementation ported from OpenBSD. BUGS
Probably many. There is lots of code duplication between etherip, tap(4), gif(4), and probably other tunnelling drivers which should be cleaned up. BSD
November 23, 2006 BSD