Raw Sockets with Winsock

[fusion32]

Hello. Ive made a sniffer to get packets from a game i have. Well i wrote the program using winsock raw sockets and everything was just fine. Then i realized that the incoming packets didn't have any data except for the headers. Only the outgoing packets were captured with data. So my question is what is going on? And also i've considered using winpcap and it just doesn't looks like working correctly. I would appreciate if anyone could help me.

PS: my english sucks

[MikeAThon]

It's my understanding that Microsoft has crippled raw sockets since after WinXP SP2 (around 2005). See, for example, "TCP/IP Raw Sockets" at http://msdn.microsoft.com/en-us/libr...(v=vs.85).aspx , which states the following:

Limitations on Raw Sockets
On Windows 7, Windows Vista, Windows XP with Service Pack 2 (SP2), and Windows XP with Service Pack 3 (SP3), the ability to send traffic over raw sockets has been restricted in several ways:
•TCP data cannot be sent over raw sockets.
•UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
•A call to the bind function with a raw socket for the IPPROTO_TCP protocol is not allowed.
Note The bind function with a raw socket is allowed for other protocols (IPPROTO_IP, IPPROTO_UDP, or IPPROTO_SCTP, for example).

These above restrictions do not apply to Windows Server 2008 R2, Windows Server 2008 , Windows Server 2003, or to versions of the operating system earlier than Windows XP with SP2.

What exactly are you doing?

Mike