thanks ,but i ran into problems when coding the program for listening to
the raw connection.
i have attached two programs ,
raw.c just keeps on waiting even when there is traffic ,
while the serraw.c doesn't gets bind itself
i am running the programs as root.
Gaurav.Rajput
<[EMAIL PROTECTED]>
On Tue, 4 Apr 2000, rajesh balan wrote:
> hi
> i've written something similar to this. i developed a intrusion detection
> system, so i wrote this kind.
> 1. create a socket of SOCK_PACKET (man page says obsolete, so use
> PF_PACKET
> 2. set the device in promiscuous mode (if u want to see all the packets in
> the wire(ethernet).
> 3. do a normal read call
> read(sockfd,buff,sizeof(buff));
> that's it.
> hope this will be useful to u.
> bye
> rajesh balan
>
> >From: rajput g v be comp 56 <[EMAIL PROTECTED]>
> >To: [EMAIL PROTECTED]
> >Subject: packet capturing
> >Date: Fri, 31 Mar 2000 14:18:01 +0530 (IST)
> >
> >hi,
> > packet can be captured by using "tcpdump" straightway,but can i write
> >something of my own (in C or assembly language) so as to capture the
> >packets in raw format on my own.
> > the idea is the same as writing a driver on Win@#$ so as to capture
> >capture in there raw format ,so i was wondering whether that could be done
> >on linux ?if yes then please help
> >
> >
> >-
> >To unsubscribe from this list: send the line "unsubscribe linux-net" in
> >the body of a message to [EMAIL PROTECTED]
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
>
#include<sys/types.h>
#include<sys/socket.h>
#include<net/if_packet.h>
#include<linux/if_ether.h>
#include<netinet/in.h>
#include<unistd.h>
#include<stdlib.h>
#include<stdio.h>
main()
{
int cont,create_socket,new_socket,addrlen;
int bufsize = 1024;
char *buffer = malloc(bufsize);
struct sockaddr_in address;
printf("\x1B[2J");//clear screen
if ((create_socket = socket(PF_PACKET,SOCK_RAW,ETH_P_ALL)) > 0)
printf("The socket was created\n");
read(create_socket,buffer,sizeof(buffer));
printf("%s",buffer);
close(create_socket);
}
#include<sys/types.h>
#include<sys/socket.h>
#include<net/if_packet.h>
#include<linux/if_ether.h>
#include<netinet/in.h>
#include<unistd.h>
#include<stdlib.h>
#include<stdio.h>
main()
{
int cont,create_socket,new_socket,addrlen;
int bufsize = 1024;
char *buffer = malloc(bufsize);
struct sockaddr_in address;
printf("\x1B[2J");
if ((create_socket = socket(PF_PACKET,SOCK_RAW,ETH_P_ALL)) > 0)
printf("The socket was created\n");
address.sin_family = PF_PACKET;
address.sin_addr.s_addr = INADDR_ANY;
address.sin_port = htons(ETH_P_ALL);
if (bind(create_socket,(struct sockaddr *)&address,sizeof(address)) == 0)
printf("Binding Socket\n");
listen(create_socket,3);
addrlen = sizeof(struct sockaddr_in);
new_socket = accept(create_socket,(struct sockaddr *)&address,&addrlen);
if (new_socket > 0){
printf("The Client %s is connected...\n",inet_ntoa(address.sin_addr));
for(cont=1;cont<5000;cont++)
printf("\x7");
}
send(new_socket,buffer,bufsize,0);
recv(new_socket,buffer,bufsize,0);
printf("Message recieved: %s\n",buffer);
close(new_socket);
close(create_socket);
}
-----------------------------------------------------------------------
LIH is all for free speech. But it was created for a purpose - to help
people discuss issues about installing and running Linux. If your
messages are counterproductive to this purpose, your privileges to
submit messages can and will be revoked.
