Reading Packets with libpcap Part 2
In the first part of the libpcap series a rudimentry packet reader (or sniffer) was built which could read and print tcp/ip traffic on a particular interface. In the second text a look at some simple checks of the data itself, adding options like interface selection, libpcap filter options and verbosity levels. Some of the checks included are: - IP Packet Truncation
- IP Header Length
- Ethernet Header Length
The filter options are eventually passed exactly like tcpdump using the tcpdump argv vector copy . Text
|
|
In the first part of the
libpcap series a rudimentry packet reader (or sniffer) was
built which could read and print tcp/ip traffic on a particular interface.
In the second text a look at some simple checks of the data itself, adding
options like interface selection, libpcap filter options
and verbosity levels. Some of the checks included are:
- IP Packet Truncation
- IP Header Length
- Ethernet Header Length
The filter options are eventually passed exactly like tcpdump
using the tcpdump argv vector copy .
Text
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.