Hi Alan, Thanks for your help. From what u mentioned abt AF_PACKET and SOCK_* replacing the SOCK_PACKET i undrstand that the packet family must have some hook function in the kernel and this should work as a network tap. I tired to create a socket but it fails at bin. I am unable to figure out why...I woud appreciate if you could help. Thanks a lot VJ
> ethernet and everything else) . But i recently read in a couple of man > pages and in documentation that SOCK PACKET is going to be obsoleted( > SOCK PACKET is what LPF uses..) .And there are places in the document It became AF_PACKET, SOCK_* and a whole proper socket family. > anything else that replaces the functionality of Linux Paket Filters and > the SOCK packets. Some man pages advice referring to packet(4) which is > a filter but is veryhigh level filter which filters on Broadcast or > multicast and all packets to the machine .I am looking for a mechanism > that replaces this SOCK packet with about the same amount of > functionality. The filters btw work on any kind of socket. You can even push them onto things like mailserver or webserver tcp sockets. Very handy for anti DoS handlers
