On Fri, Jun 25, 2004 at 03:49:11AM -0700, kamal kc wrote:
> Hi i am new to this mailing list.
>
> I have written a program to capture packets using pcap library routines. I have a
> FreeBSD 5.1. The problem I faced was I successfully captured packets and parsed to
> ethernet header and ip header.
>
> i present a section of code how i did it.
>
> --
> char *ptr;
> ptr=pcap_next(.....);
>
> struct ether_header *eth;
> struct ip *ip;
>
> eth=(struct ether_header *)ptr; // datalink type DLT_EN10MB
> ptr+=14; // the size of the ether_header being 14 bytes;
>
> ip=(struct ip *)ptr;
>
> printf("\n %s %s", ether_ntoa(eth->ether_dhost), ether_ntoa(eth->ether_shost));
> printf("\n %s %s", inet_ntoa(ip->ip_src), inet_ntoa(ip->ip_dst));
>
> ----------------
>
> Now the problem is that the ethernet destination and sender host is printed the same.
> it is equal to that of the sender MAC address(linux) when ICMP packets (by ping
> utility)
> is sent to the host(FreeBSD) running the program.
>
> Also that the ip adresses printed is the same as the sender ip address(ie linux).
>
> The program is run on host with FreeBSD.
>
> The ip address of the computers are:
> 192.168.1.10 has Linux
> 192.168.1.11 has FreeBSD
>
> I couldn't think of a solution as i guess the coding was alright.
>
> Anybody could help
>
Sure, carefully read the BUGS sections of both ether_ntoa(3) and inet_ntoa(3)
manpages.Cheers, -- Ruslan Ermilov [EMAIL PROTECTED] FreeBSD committer
pgpt78gY1bsoF.pgp
Description: PGP signature
