|
-
February 12th, 2003, 11:02 AM
#1
How to retrieve TCP header?
Hello,
Is there anybody knowing how to retrieve the TCP header (I am particulary interested int the Source port, perhaps checksum and flags).
-
February 13th, 2003, 04:07 AM
#2
Do you really need to look at the IP packets or you just need to know where the packet is coming from ?
For the first part you can use libpcap to capture all the packets and then analyze them.
For the second part you can use getpeername:
http://msdn.microsoft.com/library/de...peername_2.asp
Dan
-
February 13th, 2003, 04:21 AM
#3
I really do need TCP socket level information, so this stuff does not really help me. Both for UNIX and Windows.
-
February 13th, 2003, 04:34 AM
#4
Can you be a little bit more specific about the problem you are tring to solve ?
Do you have an existing connection and a socket and you want to capture all the packets that are coming on that socket and look at the TCP header ?
Dan
-
February 13th, 2003, 04:46 AM
#5
Yes. I have an existing connection (created by a connect call) and I would like to retrieve the header of each TCP packets (the same what you can see in Sniffer).
-
February 13th, 2003, 12:27 PM
#6
Since any socket read operation can read more or less than one packet at a time, I don't believe there is a way to get the header at the time when you do a read. But I think you should be able to achieve this by using libpcap and changing it so it doesn't set the ethernet adapetr in promiscous mode (just to avoid extra processing). Then set up another thread that is doing pcap_loop and choose only the packets that have the source equal to the remote address & port.
Kind of complicated but I don't know other solution right now.
Dan
-
February 13th, 2003, 12:46 PM
#7
Seems difficult. My boss is a network specialist for about 15 years and he designed a very complicated protocol sitting on TCP.
BTW, is this libpcap available for UNIX and windows too?
-
February 13th, 2003, 02:15 PM
#8
Yes, it is available both on Windows and UNIX - I think it is called winpcap on Windows.
What is the reason why you want see the packet headers ?
Dan
-
February 14th, 2003, 04:29 AM
#9
I will try it, perhaps on Monday.
The reason is a long story and finally the technical project manager (who is not a programmer) decided to use it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
