How to retrieve TCP header?

Hello,

Is there anybody knowing how to retrieve the TCP header (I am particulary interested int the Source port, perhaps checksum and flags).

Do you really need to look at the IP packets or you just need to know where the packet is coming from ?
For the first part you can use libpcap to capture all the packets and then analyze them.
For the second part you can use getpeername:

http://msdn.microsoft.com/library/de...peername_2.asp

Dan

I really do need TCP socket level information, so this stuff does not really help me. Both for UNIX and Windows.

Can you be a little bit more specific about the problem you are tring to solve ?

Do you have an existing connection and a socket and you want to capture all the packets that are coming on that socket and look at the TCP header ?

Dan

Yes. I have an existing connection (created by a connect call) and I would like to retrieve the header of each TCP packets (the same what you can see in Sniffer).

Since any socket read operation can read more or less than one packet at a time, I don't believe there is a way to get the header at the time when you do a read. But I think you should be able to achieve this by using libpcap and changing it so it doesn't set the ethernet adapetr in promiscous mode (just to avoid extra processing). Then set up another thread that is doing pcap_loop and choose only the packets that have the source equal to the remote address & port.

Kind of complicated but I don't know other solution right now.

Dan

Seems difficult. My boss is a network specialist for about 15 years and he designed a very complicated protocol sitting on TCP.

BTW, is this libpcap available for UNIX and windows too?

Yes, it is available both on Windows and UNIX - I think it is called winpcap on Windows.
What is the reason why you want see the packet headers ?

Dan

I will try it, perhaps on Monday.

The reason is a long story and finally the technical project manager (who is not a programmer) decided to use it.