Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Accessing TCP packets

    I want to access TCP packets from application/user level.. how to do that. I guess raw socket won't help in this case as raw socket only provides IP level accessibility.

  2. #2

    use libpcap

    Use libpcap library....

  3. #3
    by the time packet reaches application level TCP headers are already stripped off.... libpcap may give you traces of TCP headers but in-the code how do you access them.

  4. $spacer_open
  5. #4
    libpcap captures packet and doesnt strip any using libpcap API you will be able to access TCP header in complete format without any stripping....libpcap provides APIs to access the entire data will have to use offset to get tcp header(i.e, L2_hdr+L3_HDR=aprrox(34 bytes))...your code should verify L3 header whether it is TCP/UDP or something and then carry on with L4 header.
    Just try some example code with libpcap....its pretty simple ...wireshark uses libpcap....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts