Hey guys, I'm trying to code a lightweight sniffer that picks up individual UDP packets off the wire from a switch, from the broadcast IP. I'm compiling some code from
http://www.cet.nau.edu/~mc8/Socket/Tutorials/section2.html (but I'm running into the same problem with the rest of the samples) The problem arises when I set up the sniffer to pick up packets from the broadcast address. I'm writing 55 byte sized UDP packets and it won't recogzine that a single packet has come down the wire until I write 373 of these packets. (Quick math --> 373*55bytes=20515 bytes and 20515/1024=20.03k, and 372*55 bytes = 20460, and 20460/1024=19.98k) When I examine packets in ethereal, I can see individual packets, regardless of how many I send. I'm running on FreeBSD-current, and I've tried several versions of libpcap (including the newest), all with the same problem. Any ideas? Thanks, Sam - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
