Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Raw Socket Programming - Efficient Packet Sniffer
Top Forums Programming Raw Socket Programming - Efficient Packet Sniffer Post 302826551 by rstnsrr on Thursday 27th of June 2013 12:27:13 AM
Old 06-27-2013
Hi corona,
The following is the code in C:
Code:
 1 /* pkt_sniffer.c - sniffing all the packets received at network interface.
  2  */
  3 
  4 #include <stdio.h>
  5 #include <stdlib.h>
  6 #include <sys/socket.h>
  7 #include <sys/types.h>
  8 #include <errno.h>
  9 #include <net/if.h>
 10 #include <sys/ioctl.h>
 11 #include <linux/if_ether.h>
 12 #include <string.h>
 13 #include <linux/in.h>
 14 
 15 int main(int argc, char **argv)
 16 {
 17   int sock, n;
 18   char buffer[2048];
 19   unsigned char *iphead, *ethhead;
 20   struct ifreq ethreq;
 21 
 22   if ( (sock=socket(PF_PACKET, SOCK_RAW,
 23                     htons(ETH_P_ALL)))<0) {
 24     perror("socket");
 25     exit(1);
 26   }
 27 
 28   /* Set the network card in promiscuos mode */
 29   strncpy(ethreq.ifr_name,"eth0",IFNAMSIZ);
 30   if (ioctl(sock,SIOCGIFFLAGS,&ethreq)==-1) {
 31     perror("ioctl");
 32     close(sock);
 33     exit(1);
 34   }
 35   ethreq.ifr_flags|=IFF_PROMISC;
 36   if (ioctl(sock,SIOCSIFFLAGS,&ethreq)==-1) {
 37     perror("ioctl");
 38     close(sock);
 39     exit(1);
 40   }
 41 
 42   while (1) {
 43     printf("----------\n");
 44     n = recvfrom(sock,buffer,2048,0,NULL,NULL);
 45 
 46     /* pkt processing done here and then sent
 47      * to the RANAP stack
 48      * */
 49 
 50     }
 51   return 0;
 52 
 53 }

Thanks in advance.
Royz
 

9 More Discussions You Might Find Interesting

1. Programming

Getting an ACK for RAW SYN packet

Hi, I'm trying to create a RAW TCP SYN packet and send it from one Linux machine to another. I know the packet I have created is well formed and is received by the peer. Now what I want is to get an ACK for my SYN. I want the peer's Network protocol stack to send me an ACK for that. I know... (17 Replies)
Discussion started by: zampya
17 Replies

2. Linux

Kernel programming: packet divertion

Hi All, Not sure if this is the right place to ask, so please tell me where is appropriate... Anyway, here is the problem. I'm a bit new to kernel programming, so nothing works :confused: . I need to intercept cetrtain ethernet packets from Host1("eth0") to Host2("eth1") and send them to... (1 Reply)
Discussion started by: sl_king
1 Replies

3. Programming

sendto in packet socket

Hi, I have created a packet socket (PF_PACKET, SOCK_DGRAM, htons(ETH_P_ARP)) to catch the ARP packets coming to my machine and send appropriate reply. Now I'm able to recieve the ARP requests using recvfrom but don't know how to send the reply. I looked into man page but I'm not able to... (5 Replies)
Discussion started by: Rakesh Ranjan
5 Replies

4. Programming

RAW socket and CONFIG_FILTER

Hi, Im doin a project on DHCp client-server setup. i have to use RAW sockets in the code for this. The call PF_PACKET, SOCK_RAW as the first two arguments. The code compiles but when i try to start the Dhcp client, I get an error saying "Make sure CONFIG_PACKET and CONFIG_FILTER is enabled". I... (4 Replies)
Discussion started by: yannifan
4 Replies

5. IP Networking

Changing the source IP?? using RAW Socket.

Hi There, Suppoose we have configured logical Interface 2.2.2.2 on a server with Primary IP 1.1.1.1. Now when I am sending a packet from this server, is it possible to make receiver assume that this packet has come from IP 2.2.2.2 and not 1.1.1.1 I think it is possibl using RAW sockets??? but... (1 Reply)
Discussion started by: Ankit_Jain
1 Replies

6. UNIX for Advanced & Expert Users

Why root permissions required for creating of RAW Socket

To create RAW socket in Unix/Linux why should one have root permissions? Any other work around to create raw sockets in Unix/Linux using a normal login id? Since I don't have super user credentials and I want to create RAW sockets. Let me know if you are aware of any work around. (3 Replies)
Discussion started by: anilgurwara
3 Replies

7. Programming

Writing a Packet sniffer

Hi, I want to write a packet sniffer in C without using libpcap. Can anyone suggest me how to begin writing it? Any tutorials or books? Thanks in advance! (2 Replies)
Discussion started by: nefarious_genus
2 Replies

8. IP Networking

Raw Sockets Programming

Hi everybody!! I'm studding at the university raw sockets, but i can't find a good place to read about them... Does anybody now where i can find some information??? I've been goggling a lot but couldn't find nothing useful, just man pages... by the way, I'm programming under Linux... Bye! (4 Replies)
Discussion started by: Sandia_man
4 Replies

9. Programming

Receiving broadcast packets using packet socket

Hello I try to send DHCP RENEW packets to the network and receive the responses. I broadcast the packet and I can see that it's successfully sent using Wireshark. But I have difficulties receiving the responses.I use packet sockets to catch the packets. I can see that there are responses to my... (0 Replies)
Discussion started by: xyzt
0 Replies

LEARN ABOUT DEBIAN

wx::socket

Wx::Socket(3pm) 					User Contributed Perl Documentation					   Wx::Socket(3pm)

NAME

       Wx::Socket - wxSocket* classes

USAGE

	 use Wx qw(:socket) ;
	 use Wx::Event qw(EVT_SOCKET_INPUT EVT_SOCKET_LOST) ;
	 use Wx::Event qw(EVT_SOCKET_CONNECTION) ;

	 ##########
	 # CLIENT #
	 ##########

	 my $sock = Wx::SocketClient->new(wxSOCKET_WAITALL);

	 EVT_SOCKET_INPUT($parent , $sock , &onInput ) ;
	 EVT_SOCKET_LOST($parent , $sock , &onClose ) ;

	 $sock->Connect('localhost',5050) ;

	 if (! $sock->IsConnected ) { print "ERROR
" ;}

	 sub onInput {
	   my ( $sock , $this , $evt ) = @_ ;
	   my $length = 123;
	   my $buffer ;
	   $sock->Read($buffer , 1024 , $length ) ;
	 }

	 ##########
	 # SERVER #
	 ##########

	 my $sock = Wx::SocketServer->new('localhost',5050,wxSOCKET_WAITALL);

	 EVT_SOCKET_CONNECTION($parent , $sock , &onConnect ) ;

	 if ( !$sock->Ok ) { print "ERROR
" ;}

	 sub onConnect {
	   my ( $sock , $this , $evt ) = @_ ;
	   my $client = $sock->Accept(0) ;

	   my ($local_host,$local_port) = $client->GetLocal ;
	   my ($peer_host,$peer_port) = $client->GetPeer ;

	   $client->Write("This is a data test!
") ;

       ... or ...

	   $client->Write( $data , length($data) ) ;

	   $client->Close ;
	 }

METHODS

       All the methods work as in wxWidgets (see the documentation).

       The functions for reading data (Read, ReadMsg, Peek) take 3 arguments, like the Perl read() function:

	 ## To read the data into the variable
	 $sock->Read($buffer , 1024) ;

       ... or ...

	 ## To append data at the given offset:
	 $sock->Read($buffer , 1024 , $offset ) ;

       The write functions (Write, WriteMsg, Unread) can be used with 1 or 2 arguments:

	 $client->Write("This is a data test!
") ;

	 $client->Write($data , $length) ;

EVENTS

       The events are:

	   EVT_SOCKET
	   EVT_SOCKET_ALL
	   EVT_SOCKET_INPUT
	   EVT_SOCKET_OUTPUT
	   EVT_SOCKET_CONNECTION
	   EVT_SOCKET_LOST

       The EVT_SOCKET works as in wxWidgets, the others are wxPerl extensions.

       Note that EVT_SOCKET events of wxSocketClient and wxSocketServer work differently than other event types.

       First you need to set the event handler:

	   $sock->SetEventHandler($handler, $id) ;

       Then you set what types of event you want to receive:

	   ## this select all.
	   $sock->SetNotify(wxSOCKET_INPUT_FLAG|wxSOCKET_OUTPUT_FLAG|
			    wxSOCKET_CONNECTION_FLAG|wxSOCKET_LOST_FLAG) ;

       Enable the event notification:

	   $sock->Notify(1) ;

       And only after this use:

	   ## note that $handler must be the same that was used in
	   ## SetEventHandler
	   EVT_SOCKET($handler, $id , sub{...} )

       To make the events easier to use, all the proccess is automatic, and you just use:

	   EVT_SOCKET_INPUT($handler , $socket , sub{...} )
	   EVT_SOCKET_OUTPUT($handler , $socket , sub{...} )
	   EVT_SOCKET_CONNECTION($handler , $socket , sub{...} )
	   EVT_SOCKET_LOST($handler , $socket , sub{...} )

	   ## This is for the events not used yet by the above:
	   EVT_SOCKET_ALL($parent , $socket , sub{...} )

       ** The new way is better to handle more than one socket in the same time too.
	  Take a look in the demos.

SEE ALSO

       Wx, The wxWxwindows documentation at <http://www.wxwindows.org/>

AUTHOR

       Graciliano M. P. <gm@virtuasites.com.br>

COPYRIGHT

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.14.2							    2007-06-18							   Wx::Socket(3pm)
All times are GMT -4. The time now is 04:07 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy