I started implementing a sniffer using packet sockets. I looked into the pcap, and its too limited of the things my sniffer has to do. That way, i thought the best thing was using packets sockets. The only problem is that there little info on the net (spent a day googlelating), and the man pages are incomplete and confusing.
Here's my question:
Does anyone knows where i can find help about packet sockets, and related syscalls calls?
Well... packet sockets could help you. but you could try sniffers using pcap libraries. It is very handy to use. It takes filters like the way tcpdump and ethreal takes (Of course, ethreal and tcpdump use pcap libraries).
Yes, I studied the darkstat. Its a really good sniffer, but is too "heavy". The reason? pcap :???: . That's the catch. I'm doing a sniffer for a asus router, so it has to be simple, and compact. Libpcap, has stuff that i dont need, and lacks others. With packet sockets, i'm the boss. I actually found some docs about it, but i need more. If someone has documentation about packets sockets syscalls, I would be very thankfull.