I reviewed a recent version of tcdump (that won't comple anymore with
the new glibc, BTW).
I can't get any raw packets. Perhaps someone knows out of the top of
their head what I forgot to do....
Basic stuff is:
if((s = socket(AF_INET, SOCK_RAW, SOCK_RAW)) < 0)
ERRORS;
strcpy(ifr.ifr_name, device);
if(ioctl(s, SIOCGIFFLAGS, &ifr) < 0)
ERRORS;
ifr_orig = ifr;
ifr.ifr_flags |= IFF_PROMISC;
if(ioctl(s, SIOCSIFFLAGS, &ifr) < 0)
ERRORS;
(void)signal(SIGINT, quit);
i = 1;
if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, (char *)&i, sizeof(i)) < 0)
ERRORS;
i = BUF_LEN;
if(setsockopt(s, SOL_SOCKET, SO_RCVBUF, (char *)&i, sizeof(i)) < 0)
ERRORS;
Problem: select() never shows any activity and recvfrom() will wait
forever. If I change the 3rd parameter of socket to 3, I get ICMP
packets. If I change it to 6, I get IP packets. I need to get all
packets.
The device, eth0, does get set to promiscous mode and set back to
normal by my exit handler.
Cheers,
Dick Johnson
***** FILE SYSTEM MODIFIED *****
Penguin : Linux version 2.1.92 on an i586 machine (66.15 BogoMips).
Warning : It's hard to remain at the trailing edge of technology.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu