Hi all,
I have written a small program to capture 20 packets using pcap library. It
is working fine if I captured packets from interface eth0 or eth1 by assigning
either of these to variable "dev" used in the program below as the first
parameter to pcap_open_live(). The output of the program
...
But the problem is when i assign "any" or NULL to the variable "dev" , the program
> is capturing the packets but showing wrong destination address like
00:01:00:01:00:06
> for each of the 20 packets I captured.
I just went through this... look at pcap_datalink(). If it doesn't return
DLT_E
kers] some problem in the source code
...
> But the problem is when i assign "any" or NULL to the variable "dev" ,
the program
> is capturing the packets but showing wrong destination address like
00:01:00:01:00:06
> for each of the 20 packets I captured.
I just wen
Hi Robert Lowe,
But when I assign either eth0 or eth1 is working fine , I am able to capture
correct packets: But I fail to understand why I am getting corrupt packets if
"any" or NULL is set (logic is I want to capture the packets from all of the
interfaces).
Please explain to me briefly wh
hi,
can u tell me where can i get the information for any device. providing links
will be appreciated.
Aman.
-
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.-
This is the tcpdump-workers list.
Visit https://lists.sandelman
Aman,
But when I assign either eth0 or eth1 is working fine , I am able to
> capture correct packets: But I fail to understand why I am getting
> corrupt packets if "any" or NULL is set (logic is I want to capture
> the packets from all of the interfaces).
The ethernet header is at the link layer;
L PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of aman Reddy
Sent: 09 December 2004 15:27
To: [EMAIL PROTECTED]
Subject: Re: [tcpdump-workers] some problem in the source code
hi,
can u tell me where can i get the information for any device. providing
links will be
Hi Robert,
So nice of u for replying. As I am novice to this field, please can u guide me
where I can get the information related to write extra logic in my program to
deal with each possible link layer.
Please give me the starting step.
with regards,
Aman.
Hi Peter,
But one thing I didn`t understand is If I keep "any" as the first argument to
the pcap_open_live() then it will capture packets coming from the devices like
etho or eth1 which are ethernet type.
U mean if I capture packet using eth0 interface then I will get ethernet link
layer
lf Of aman Reddy
Sent: 09 December 2004 16:16
To: [EMAIL PROTECTED]
Subject: Re: [tcpdump-workers] some problem in the source code
Hi Peter,
But one thing I didn`t understand is If I keep "any" as the first
argument to the pcap_open_live() then it will capture packets coming
from the
aman Reddy wrote:
But when I assign either eth0 or eth1 is working fine , I am able to capture
correct
packets: But I fail to understand why I am getting corrupt packets if "any" or
NULL is set
You're *not* getting corrupt packets.
You're getting packets that don't have an Ethernet header on them
11 matches
Mail list logo
