Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Raw Socket Programming - Efficient Packet Sniffer
Top Forums Programming Raw Socket Programming - Efficient Packet Sniffer Post 302826551 by rstnsrr on Thursday 27th of June 2013 12:27:13 AM
Old 06-27-2013
Hi corona,
The following is the code in C:
Code:
 1 /* pkt_sniffer.c - sniffing all the packets received at network interface.
  2  */
  3 
  4 #include <stdio.h>
  5 #include <stdlib.h>
  6 #include <sys/socket.h>
  7 #include <sys/types.h>
  8 #include <errno.h>
  9 #include <net/if.h>
 10 #include <sys/ioctl.h>
 11 #include <linux/if_ether.h>
 12 #include <string.h>
 13 #include <linux/in.h>
 14 
 15 int main(int argc, char **argv)
 16 {
 17   int sock, n;
 18   char buffer[2048];
 19   unsigned char *iphead, *ethhead;
 20   struct ifreq ethreq;
 21 
 22   if ( (sock=socket(PF_PACKET, SOCK_RAW,
 23                     htons(ETH_P_ALL)))<0) {
 24     perror("socket");
 25     exit(1);
 26   }
 27 
 28   /* Set the network card in promiscuos mode */
 29   strncpy(ethreq.ifr_name,"eth0",IFNAMSIZ);
 30   if (ioctl(sock,SIOCGIFFLAGS,&ethreq)==-1) {
 31     perror("ioctl");
 32     close(sock);
 33     exit(1);
 34   }
 35   ethreq.ifr_flags|=IFF_PROMISC;
 36   if (ioctl(sock,SIOCSIFFLAGS,&ethreq)==-1) {
 37     perror("ioctl");
 38     close(sock);
 39     exit(1);
 40   }
 41 
 42   while (1) {
 43     printf("----------\n");
 44     n = recvfrom(sock,buffer,2048,0,NULL,NULL);
 45 
 46     /* pkt processing done here and then sent
 47      * to the RANAP stack
 48      * */
 49 
 50     }
 51   return 0;
 52 
 53 }

Thanks in advance.
Royz
 

9 More Discussions You Might Find Interesting

1. Programming

Getting an ACK for RAW SYN packet

Hi, I'm trying to create a RAW TCP SYN packet and send it from one Linux machine to another. I know the packet I have created is well formed and is received by the peer. Now what I want is to get an ACK for my SYN. I want the peer's Network protocol stack to send me an ACK for that. I know... (17 Replies)
Discussion started by: zampya
17 Replies

2. Linux

Kernel programming: packet divertion

Hi All, Not sure if this is the right place to ask, so please tell me where is appropriate... Anyway, here is the problem. I'm a bit new to kernel programming, so nothing works :confused: . I need to intercept cetrtain ethernet packets from Host1("eth0") to Host2("eth1") and send them to... (1 Reply)
Discussion started by: sl_king
1 Replies

3. Programming

sendto in packet socket

Hi, I have created a packet socket (PF_PACKET, SOCK_DGRAM, htons(ETH_P_ARP)) to catch the ARP packets coming to my machine and send appropriate reply. Now I'm able to recieve the ARP requests using recvfrom but don't know how to send the reply. I looked into man page but I'm not able to... (5 Replies)
Discussion started by: Rakesh Ranjan
5 Replies

4. Programming

RAW socket and CONFIG_FILTER

Hi, Im doin a project on DHCp client-server setup. i have to use RAW sockets in the code for this. The call PF_PACKET, SOCK_RAW as the first two arguments. The code compiles but when i try to start the Dhcp client, I get an error saying "Make sure CONFIG_PACKET and CONFIG_FILTER is enabled". I... (4 Replies)
Discussion started by: yannifan
4 Replies

5. IP Networking

Changing the source IP?? using RAW Socket.

Hi There, Suppoose we have configured logical Interface 2.2.2.2 on a server with Primary IP 1.1.1.1. Now when I am sending a packet from this server, is it possible to make receiver assume that this packet has come from IP 2.2.2.2 and not 1.1.1.1 I think it is possibl using RAW sockets??? but... (1 Reply)
Discussion started by: Ankit_Jain
1 Replies

6. UNIX for Advanced & Expert Users

Why root permissions required for creating of RAW Socket

To create RAW socket in Unix/Linux why should one have root permissions? Any other work around to create raw sockets in Unix/Linux using a normal login id? Since I don't have super user credentials and I want to create RAW sockets. Let me know if you are aware of any work around. (3 Replies)
Discussion started by: anilgurwara
3 Replies

7. Programming

Writing a Packet sniffer

Hi, I want to write a packet sniffer in C without using libpcap. Can anyone suggest me how to begin writing it? Any tutorials or books? Thanks in advance! (2 Replies)
Discussion started by: nefarious_genus
2 Replies

8. IP Networking

Raw Sockets Programming

Hi everybody!! I'm studding at the university raw sockets, but i can't find a good place to read about them... Does anybody now where i can find some information??? I've been goggling a lot but couldn't find nothing useful, just man pages... by the way, I'm programming under Linux... Bye! (4 Replies)
Discussion started by: Sandia_man
4 Replies

9. Programming

Receiving broadcast packets using packet socket

Hello I try to send DHCP RENEW packets to the network and receive the responses. I broadcast the packet and I can see that it's successfully sent using Wireshark. But I have difficulties receiving the responses.I use packet sockets to catch the packets. I can see that there are responses to my... (0 Replies)
Discussion started by: xyzt
0 Replies

LEARN ABOUT PHP

socket_bind

SOCKET_BIND(3)								 1							    SOCKET_BIND(3)

socket_bind - Binds a name to a socket

SYNOPSIS

       bool socket_bind (resource  $socket, string  $address, [int  $port])

DESCRIPTION

	Binds  the  name  given  in  $address  to the socket described by $socket. This has to be done before a connection is be established using
       socket_connect(3) or socket_listen(3).

PARAMETERS

	      o $socket
		- A valid socket resource created with socket_create(3).

	      o $address
		- If the socket is of the AF_INET family, the $address is an IP in dotted-quad notation (e.g.  127.0.0.1).  If the  socket  is	of
		the AF_UNIX family, the $address is the path of a Unix-domain socket (e.g.  /tmp/my.sock).

	      o $port (Optional)
		- The $port parameter is only used when binding an AF_INET socket, and designates the port on which to listen for connections.

RETURN VALUES

	Returns TRUE on success or FALSE on failure.

	The  error  code can be retrieved with socket_last_error(3). This code may be passed to socket_strerror(3) to get a textual explanation of
       the error.

EXAMPLES

       Example #1

	      Using socket_bind(3) to set the source address

	      <?php
	      // Create a new socket
	      $sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);

	      // An example list of IP addresses owned by the computer
	      $sourceips['kevin']    = '127.0.0.1';
	      $sourceips['madcoder'] = '127.0.0.2';

	      // Bind the source address
	      socket_bind($sock, $sourceips['madcoder']);

	      // Connect to destination address
	      socket_connect($sock, '127.0.0.1', 80);

	      // Write
	      $request = 'GET / HTTP/1.1' . "
" .
			 'Host: example.com' . "

";
	      socket_write($sock, $request);

	      // Close
	      socket_close($sock);

	      ?>

NOTES

       Note

	       This function must be used on the socket before socket_connect(3).

       Note

	       Windows 9x/ME compatibility note: socket_last_error(3) may return an invalid error code if trying to bind the  socket  to  a  wrong
	      address that does not belong to your machine.

SEE ALSO

       socket_connect(3), socket_listen(3), socket_create(3), socket_last_error(3), socket_strerror(3).

PHP Documentation Group 													    SOCKET_BIND(3)
All times are GMT -4. The time now is 07:08 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy