RE: [WinPcap-users] Remote Capture (TCP working/UDP not!)

Fri, 05 Dec 2003 13:38:36 -0800 

Hi Bruce.
I can confirm the bug.
It has been fixed in our CVS now.

Cheers,

        fulvio

> -----Original Message-----
> From: Kelley, Bruce [mailto:[EMAIL PROTECTED]
> Sent: mercoled� 3 dicembre 2003 21.42
> To: Winpcap-Users (E-mail)
> Cc: Kelley, Bruce
> Subject: [WinPcap-users] Remote Capture (TCP working/UDP not!)
>
>
>
> Has anyone got the remote packet capture feature in WinPcap 3.0.1
> to work using UDP??
>
> I am using the pktdump_ex example and TCP works fine. I modify
> the pcap_open() flags argument to use UDP and I get a stream on
> packets set to all zeros 170 bytes long. Below is the open
> statement used for each and sample output.
>
> TCP example
> ==========
>
>  This works fine.
>
>       if ( (fp= pcap_open(source,
>                       100 /*snaplen*/,
>                       PCAP_OPENFLAG_PROMISCUOUS  /*flags*/,
>                       20 /*read timeout*/,
>                       NULL /* remote authentication */,
>                       errbuf)
>                       ) == NULL)
>
> TCP OUTPUT:
> ---------------------
> Time=1070483564 (sec) 845152 (usec) (len=60, caplen=60)
> 00 00 0c 07 ac 00 00 09 6b 3f f6 1a 08 00 45 00
> 00 28 d6 77 40 00 80 06 41 aa c0 a8 d1 b3 c0 a8
> 8f a9 0b 08 01 bd d9 91 cb 94 53 8b 14 b2 50 11
> fd 8b b5 70 00 00 00 00 00 00 00 00
>
> Time=1070483564 (sec) 845345 (usec) (len=60, caplen=60)
> 00 09 6b 3f f6 1a 00 d0 04 d7 a3 fc 08 00 45 00
> 00 28 24 ed 40 00 7f 06 f4 34 c0 a8 8f a9 c0 a8
> d1 b3 01 bd 0b 08 53 8b 14 b2 d9 91 cb 95 50 11
> f7 e4 bb 16 00 00 00 00 00 00 00 00
>
>
> UDP Example:
> ===========
>
>   This returns a stream of packets with all 0's
>
>       if ( (fp= pcap_open(source,
>                       100 /*snaplen*/,
>                       PCAP_OPENFLAG_PROMISCUOUS |
> PCAP_OPENFLAG_UDP_DP /*flags*/,
>                       20 /*read timeout*/,
>                       NULL /* remote authentication */,
>                       errbuf)
>                       ) == NULL)
>
>
> UDP OUTPUT:
> ----------------------
> Time=1070483372 (sec) 284987 (usec) (len=170, caplen=100)
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00
>
> Time=1070483372 (sec) 285030 (usec) (len=170, caplen=100)
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 00 00 00 00
>
>
> This is the complete source file example I am using...
>
> /*
>  * Copyright (c) 1999 - 2003
>  * NetGroup, Politecnico di Torino (Italy)
>  * All rights reserved.
>  *
>  * Redistribution and use in source and binary forms, with or without
>  * modification, are permitted provided that the following conditions
>  * are met:
>  *
>  * 1. Redistributions of source code must retain the above copyright
>  * notice, this list of conditions and the following disclaimer.
>  * 2. Redistributions in binary form must reproduce the above copyright
>  * notice, this list of conditions and the following disclaimer in the
>  * documentation and/or other materials provided with the distribution.
>  * 3. Neither the name of the Politecnico di Torino nor the names of its
>  * contributors may be used to endorse or promote products derived from
>  * this software without specific prior written permission.
>  *
>  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
>  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
>  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
>  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
>  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
>  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
>  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
>  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>  *
>  */
>
>
> #include <stdlib.h>
> #include <stdio.h>
>
> #include <pcap.h>
>
> #define LINE_LEN 16
>
>
> main(int argc, char **argv)
> {
> //pcap_if_t *alldevs, *d;
> struct pcap_rmtauth auth;
> pcap_t *fp;
> char errbuf[PCAP_ERRBUF_SIZE];
> int res;
> struct pcap_pkthdr *header;
> u_char *pkt_data;
> char host[PCAP_BUF_SIZE];
> char port[PCAP_BUF_SIZE];
> char name[PCAP_BUF_SIZE];
> char source[PCAP_BUF_SIZE+1];
> char username[PCAP_BUF_SIZE+1];
> char password[PCAP_BUF_SIZE+1];
> int srctype;
> u_int i=0;
>
>
>       printf("pktdump_ex: prints the packets of the network using
> WinPcap.\n");
>       printf("   Usage: pktdump_ex [-s source]\n\n"
>                  "   Examples:\n"
>                  "      pktdump_ex -s file://c:/temp/file.acp\n"
>                  "      pktdump_ex -s
> rpcap://\\Device\\NPF_{C8736017-F3C3-4373-94AC-9A34B7DAD998}\n\n");
>
>               // Do not check for the switch type ('-s')
>
>       strcpy(host,"bruins");
>       strcpy(port,"2002");
>       strcpy(name,"\\Device\\NPF_{EEA29E97-E163-4625-ABFA-E09B12AB7EB6}");
>       srctype=PCAP_SRC_IFREMOTE;
>       res = pcap_createsrcstr(source, srctype, (const char *)
> host, (const char *)port, (const char *)name, errbuf);
>       if (res == -1)
>       {
>               fprintf(stderr,"\nError opening source: %s\n", errbuf);
>               return -1;
>       }
>       printf("%ld, %s\n", res, source);
>
>       strcpy(username, "foo");
>       strcpy(password,"bar");
>       auth.type = RPCAP_RMTAUTH_PWD;
>       auth.username = username;
>       auth.password = password;
>
>       if ( (fp= pcap_open(source,
>                       100 /*snaplen*/,
>                       PCAP_OPENFLAG_PROMISCUOUS |
> PCAP_OPENFLAG_UDP_DP /*flags*/,
> // This works using TCP!       PCAP_OPENFLAG_PROMISCUOUS /*flags*/,
>                       20 /*read timeout*/,
>                       NULL /* remote authentication */,
>                       errbuf)
>                       ) == NULL)
>       {
>               fprintf(stderr,"\nError opening source: %s\n", errbuf);
>               return -1;
>       }
>
>
>       /* Read the packets */
>       while((res = pcap_next_ex( fp, &header, &pkt_data)) >= 0)
>       {
>
>               if(res == 0)
>                       /* Timeout elapsed */
>                       continue;
>
>               /* print pkt timestamp and pkt len */
>               printf("Time=%ld (sec) %ld (usec) (len=%ld,
> caplen=%ld)\n", header->ts.tv_sec, header->ts.tv_usec,
> header->len, header->caplen);
>
>               /* Print the packet */
>               for (i=1; (i < header->caplen + 1 ) ; i++)
>               {
>                       printf("%.2x ", pkt_data[i-1]);
>                       if ( (i % LINE_LEN) == 0) printf("\n");
>               }
>
>               printf("\n\n");
>       }
>
>       if(res == -1)
>       {
>               printf("Error reading the packets: %s\n", pcap_geterr(fp));
>               return -1;
>       }
>
>       return 0;
> }
>
>
> ======================
>  This is the WinPcap users list. It is archived at
>  http://www.mail-archive.com/[EMAIL PROTECTED]/
>
>  To unsubscribe use
>  mailto: [EMAIL PROTECTED]
> ======================



==================================================================
 This is the WinPcap users list. It is archived at
 http://www.mail-archive.com/[EMAIL PROTECTED]/

 To unsubscribe use 
 mailto: [EMAIL PROTECTED]
==================================================================

Reply via email to