> I'm just writing a program to read DNS A? requests off the wire with
> libpcap. I didn't find an easy way to do this in the manpage or on the web.
Well, there's a libpcap tutorial at
http://www.cse.nau.edu/~mc8/Socket/Tutorials/section1.html
(there's a link to it from the "related projects" page:
http://www.tcpdump.org/related.html
on the tcpdump.org Web site), which may help you construct code to read
raw packet data using libpcap.
It won't, however, help you with the specific details of analyzing that
raw packet data to determine if it's a DNS request, or parsing the DNS
request - libpcap knows nothing about DNS (and doesn't even know very
much about IP or TCP or UDP), it just hands you raw packet data. You'll
have to figure out how to analyze that data yourself; see the source
code to tcpdump for examples.
-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
