thanks ,but i ran into problems when coding the program for listening to
the raw connection.
i have attached two programs ,
raw.c just keeps on waiting even when there is traffic ,
while the serraw.c doesn't gets bind itself
i am running the programs as root.
Gaurav.Rajput
<[EMAIL PROTECTED]>
> On Tue, 4 Apr 2000, rajesh balan wrote:
>
> > hi
> > i've written something similar to this. i developed a intrusion detection
> > system, so i wrote this kind.
> > 1. create a socket of SOCK_PACKET (man page says obsolete, so use
> > PF_PACKET
> > 2. set the device in promiscuous mode (if u want to see all the packets in
> > the wire(ethernet).
> > 3. do a normal read call
> > read(sockfd,buff,sizeof(buff));
> > that's it.
> > hope this will be useful to u.
> > bye
> > rajesh balan
> >
> > >From: rajput g v be comp 56 <[EMAIL PROTECTED]>
> > >To: [EMAIL PROTECTED]
> > >Subject: packet capturing
> > >Date: Fri, 31 Mar 2000 14:18:01 +0530 (IST)
> > >
> > >hi,
> > > packet can be captured by using "tcpdump" straightway,but can i write
> > >something of my own (in C or assembly language) so as to capture the
> > >packets in raw format on my own.
> > > the idea is the same as writing a driver on Win@#$ so as to capture
> > >capture in there raw format ,so i was wondering whether that could be done
> > >on linux ?if yes then please help
> > >
> > >
> > >-
> > >To unsubscribe from this list: send the line "unsubscribe linux-net" in
> > >the body of a message to [EMAIL PROTECTED]
> >
> > ______________________________________________________
> > Get Your Private, Free Email at http://www.hotmail.com
> >
>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
