Hello people,
I am writing a sort of packet capturing piece, which is supposed to
analyze various packets hitting my interface,(all IP packets:
ICMP,UDP,TCP) and I got abit confused with one thing:
first i tried to open raw socket like:
rawfd=socket(PF_INET,SOCK_RAW,IPPROTO_RAW);
or
rawfd=socket(PF_INET,SOCK_RAW,IPPROTO_IP);
(using later setsockopt IP_HDRINCL). to get them all.but nothing gets
passed by kernel to my recvfrom. However when I specify the proto
explictly, f.e.:
IPPROTO_TCP, IPPROTO_UDP, things work just fine, but I am able to get only
single proto pieces per one sockfd.(running kernel 2.0.36) Any hints?
thanks beforehands
Fyodor
--
[EMAIL PROTECTED] http://www.kalug.lug.net
