Find the answer to your Linux question:
Results 1 to 4 of 4
I want to access TCP packets from application/user level.. how to do that. I guess raw socket won't help in this case as raw socket only provides IP level accessibility....
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2012
    Posts
    3

    Accessing TCP packets


    I want to access TCP packets from application/user level.. how to do that. I guess raw socket won't help in this case as raw socket only provides IP level accessibility.

  2. #2
    Just Joined!
    Join Date
    Jun 2012
    Posts
    6

    use libpcap

    Use libpcap library....

  3. #3
    Just Joined!
    Join Date
    Jun 2012
    Posts
    3
    @raghumag
    by the time packet reaches application level TCP headers are already stripped off.... libpcap may give you traces of TCP headers but in-the code how do you access them.

  4. #4
    Just Joined!
    Join Date
    Jun 2012
    Posts
    6
    libpcap captures packet and doesnt strip any header....by using libpcap API you will be able to access TCP header in complete format without any stripping....libpcap provides APIs to access the entire data frame...you will have to use offset to get tcp header(i.e, L2_hdr+L3_HDR=aprrox(34 bytes))...your code should verify L3 header whether it is TCP/UDP or something and then carry on with L4 header.
    Just try some example code with libpcap....its pretty simple ...wireshark uses libpcap....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •