Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Raw Socket Programming - Efficient Packet Sniffer
Top Forums Programming Raw Socket Programming - Efficient Packet Sniffer Post 302829033 by rstnsrr on Thursday 4th of July 2013 12:51:21 AM
Old 07-04-2013
Thank you DGPickett. I shall eliminate the printfs for sure..
As for now I am sniffing the code on my workstation and
pumping the packets with an external simulator. My concern
is as the simulator can pump more and more packets in short
interval of time, my sniffer will definitely loose packets. What
can I do for a minimum packet loss ?

Do i need to have multiple threads to receive the packets or
can using select()/poll sys calls would help ??
 

9 More Discussions You Might Find Interesting

1. Programming

Getting an ACK for RAW SYN packet

Hi, I'm trying to create a RAW TCP SYN packet and send it from one Linux machine to another. I know the packet I have created is well formed and is received by the peer. Now what I want is to get an ACK for my SYN. I want the peer's Network protocol stack to send me an ACK for that. I know... (17 Replies)
Discussion started by: zampya
17 Replies

2. Linux

Kernel programming: packet divertion

Hi All, Not sure if this is the right place to ask, so please tell me where is appropriate... Anyway, here is the problem. I'm a bit new to kernel programming, so nothing works :confused: . I need to intercept cetrtain ethernet packets from Host1("eth0") to Host2("eth1") and send them to... (1 Reply)
Discussion started by: sl_king
1 Replies

3. Programming

sendto in packet socket

Hi, I have created a packet socket (PF_PACKET, SOCK_DGRAM, htons(ETH_P_ARP)) to catch the ARP packets coming to my machine and send appropriate reply. Now I'm able to recieve the ARP requests using recvfrom but don't know how to send the reply. I looked into man page but I'm not able to... (5 Replies)
Discussion started by: Rakesh Ranjan
5 Replies

4. Programming

RAW socket and CONFIG_FILTER

Hi, Im doin a project on DHCp client-server setup. i have to use RAW sockets in the code for this. The call PF_PACKET, SOCK_RAW as the first two arguments. The code compiles but when i try to start the Dhcp client, I get an error saying "Make sure CONFIG_PACKET and CONFIG_FILTER is enabled". I... (4 Replies)
Discussion started by: yannifan
4 Replies

5. IP Networking

Changing the source IP?? using RAW Socket.

Hi There, Suppoose we have configured logical Interface 2.2.2.2 on a server with Primary IP 1.1.1.1. Now when I am sending a packet from this server, is it possible to make receiver assume that this packet has come from IP 2.2.2.2 and not 1.1.1.1 I think it is possibl using RAW sockets??? but... (1 Reply)
Discussion started by: Ankit_Jain
1 Replies

6. UNIX for Advanced & Expert Users

Why root permissions required for creating of RAW Socket

To create RAW socket in Unix/Linux why should one have root permissions? Any other work around to create raw sockets in Unix/Linux using a normal login id? Since I don't have super user credentials and I want to create RAW sockets. Let me know if you are aware of any work around. (3 Replies)
Discussion started by: anilgurwara
3 Replies

7. Programming

Writing a Packet sniffer

Hi, I want to write a packet sniffer in C without using libpcap. Can anyone suggest me how to begin writing it? Any tutorials or books? Thanks in advance! (2 Replies)
Discussion started by: nefarious_genus
2 Replies

8. IP Networking

Raw Sockets Programming

Hi everybody!! I'm studding at the university raw sockets, but i can't find a good place to read about them... Does anybody now where i can find some information??? I've been goggling a lot but couldn't find nothing useful, just man pages... by the way, I'm programming under Linux... Bye! (4 Replies)
Discussion started by: Sandia_man
4 Replies

9. Programming

Receiving broadcast packets using packet socket

Hello I try to send DHCP RENEW packets to the network and receive the responses. I broadcast the packet and I can see that it's successfully sent using Wireshark. But I have difficulties receiving the responses.I use packet sockets to catch the packets. I can see that there are responses to my... (0 Replies)
Discussion started by: xyzt
0 Replies

LEARN ABOUT PLAN9

snoopy

SNOOPY(8)						      System Manager's Manual							 SNOOPY(8)

NAME

       snoopy - spy on Ethernet packets

SYNOPSIS

       snoopy [ -abceiltup9 ] [ -np ] [ -N count ]

DESCRIPTION

       Snoopy  displays  the  header  and  first  20  data bytes of packets received from the local Ethernet.  The packets displayed depend on the
       options chosen.	The following options each select packets from a particular protocol.  If more than one flag is given,	packets  from  all
       those protocols are displayed.

       a      ARP

       b      BOOTP

       c      ICMP

       e      all Ethernet packets

       i      IP

       l      IL

       t      TCP

       u      UDP

       By default all addresses are translated into system names.  The option n suppresses this.

       Snoopy runs in promiscuous mode by default, displaying all packets it can capture from the Ethernet.  The option p causes only packets sent
       to or from the system snoopy is running on to be displayed.

       Option 9 causes the data of TCP and IL messages to be interpreted and displayed as 9P messages.	The N option sets the count  (default  20)
       of the number of bytes to dump in hexadecimal from each packet.

FILES

       /net/ether
	      Ethernet device

SOURCE

       /sys/src/cmd/ip/snoopy.c

BUGS

       The CPU servers do not take well to running in promiscuous mode.  If run on them, snoopy may kill their Ethernets.

																	 SNOOPY(8)
All times are GMT -4. The time now is 12:03 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy