Packet Sniffing using Raw Sockets in Linux in C

views:

1011

answers:

+1 Q:

Packet Sniffing using Raw Sockets in Linux in C

I need to write packet sniffer in Linux that detect http packet that send and save the url that request . I see code in security-freak

and run related code . This code run and only sniff received packet but I need send packet to sniff . In this code how to detect sent packet ?

I can't use any library like libcap or ... (forbidden)
the code is :sniffer.c

With appropriate libpcap or DNET usage You should be able to get all network traffic on the desired layer (protocol - 5) (also this outgoing). But You should know that already.

You need to go through the above libraries manuals and find the appropriate filtering.

bua 2009-10-28 15:11:58

we cant use any library like libcap or dnet

SjB 2009-10-28 15:12:47

Are you sure that your system allows detecting outgoing packets? You could use libpcap to determine if it's even possible.

JXG 2009-11-03 13:56:53

Why can't you use any library? Homework?

It's hard to answer without having examples from your code, for example how you set sll_pkttype.

The urlsnarf tool in the dnsiff suite could be worth a look.

Anders Lindahl 2009-10-28 15:36:42

post edited and attach my code

SjB 2009-10-28 15:53:05

+1 A:

You should be using ETH_P_ALL instead of ETH_P_IP as the protocol. ETH_P_IP only listens for incoming IP packets.

gte525u 2009-11-03 12:51:37

If the goal is to see http packets, why not use ETH_P_IP? You don't need everything.

JXG 2009-11-03 13:42:09

The goal is to see outgoing http packets. ETH_IP_P only sees incoming packets. See thread: http://lkml.indiana.edu/hypermail/linux/kernel/9604.1/0603.html

gte525u 2009-11-03 15:18:24

ansaurus

tags:

views:

answers:

Packet Sniffing using Raw Sockets in Linux in C

related questions