Hi i am new to this mailing list.
I have written a program to capture packets using pcap library routines. I have a
FreeBSD 5.1. The problem I faced was I successfully captured packets and parsed to
ethernet header and ip header.
i present a section of code how i did it.
--
char *ptr;
ptr=pcap_next(.....);
struct ether_header *eth;
struct ip *ip;
eth=(struct ether_header *)ptr; // datalink type DLT_EN10MB
ptr+=14; // the size of the ether_header being 14 bytes;
ip=(struct ip *)ptr;
printf("\n %s %s", ether_ntoa(eth->ether_dhost), ether_ntoa(eth->ether_shost));
printf("\n %s %s", inet_ntoa(ip->ip_src), inet_ntoa(ip->ip_dst));
----------------
Now the problem is that the ethernet destination and sender host is printed the same.
it is equal to that of the sender MAC address(linux) when ICMP packets (by ping
utility)
is sent to the host(FreeBSD) running the program.
Also that the ip adresses printed is the same as the sender ip address(ie linux).
The program is run on host with FreeBSD.
The ip address of the computers are:
192.168.1.10 has Linux
192.168.1.11 has FreeBSD
I couldn't think of a solution as i guess the coding was alright.
Anybody could help
Kamal
---------------------------------
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
