On 08/08/2007, Luis Martín García <[EMAIL PROTECTED]> wrote: > > The only difference between the structure definitions that you are using > and > the sniffex_XXX ones is probably the name of the structure members. The > process detailed in > http://www.tcpdump.org/lists/workers/2005/05/msg00021.html is correct, > just > check that you translate the struct member names to the equivalents for > netinet/ip.h etc.
Ah, I thought the sniff_* structures had more members than the ones in netinet/* (as I managed to miss the relevant members when looking through netinet/*. Regards, > > > Luis. > > > NOTE: You might want to know that there are two ways to define a tcp > structure, the Linux way and the BSD way. You are probably using the Linux > definition 'cause the BSD one matches the sniff_tcp, check wikipedia entry > "tcphdr" for more information. Yes, I was aware of this and indeed I am using the Linux definition, since I haven't put #define __FAVOR_BSD in my program. Regards, NC On 8/8/07, Nick Chorley <[EMAIL PROTECTED]> wrote: > > > > Hi, > > > > I have found another post in the mailing list about this ( > > http://www.tcpdump.org/lists/workers/2005/05/msg00021.html), but it > > appears > > to use structs sniff_ip and sniff_tcp that are declared in the sniffex > > program. In my program, I'm using the structs for the IP and TCP headers > > as > > defined in netinet/ip.h and netinet/tcp.h, respectively. Is there a way > to > > get the TCP payload length using these, or do I necessarily need to > > "create" > > my own structs? > > > > On another (unrelated note), is there no search facility for the mailing > > lists? > > > > Regards, > > > > Nicky Chorley > > - > > This is the tcpdump-workers list. > > Visit https://cod.sandelman.ca/ to unsubscribe. > > > - > This is the tcpdump-workers list. > Visit https://cod.sandelman.ca/ to unsubscribe. > - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
