Results 1 to 4 of 4
I want to access TCP packets from application/user level.. how to do that. I guess raw socket won't help in this case as raw socket only provides IP level accessibility....
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 06-12-2012 #1Just Joined!
- Join Date
- Jun 2012
- Posts
- 3
Accessing TCP packets
I want to access TCP packets from application/user level.. how to do that. I guess raw socket won't help in this case as raw socket only provides IP level accessibility.
- 06-13-2012 #2Just Joined!
- Join Date
- Jun 2012
- Posts
- 6
use libpcap
Use libpcap library....
- 06-13-2012 #3Just Joined!
- Join Date
- Jun 2012
- Posts
- 3
@raghumag
by the time packet reaches application level TCP headers are already stripped off.... libpcap may give you traces of TCP headers but in-the code how do you access them.
- 06-13-2012 #4Just Joined!
- Join Date
- Jun 2012
- Posts
- 6
libpcap captures packet and doesnt strip any header....by using libpcap API you will be able to access TCP header in complete format without any stripping....libpcap provides APIs to access the entire data frame...you will have to use offset to get tcp header(i.e, L2_hdr+L3_HDR=aprrox(34 bytes))...your code should verify L3 header whether it is TCP/UDP or something and then carry on with L4 header.
Just try some example code with libpcap....its pretty simple ...wireshark uses libpcap....
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
