RE: [WinPcap-users] how to receive an ICMP echo reply

[Steighton_Haley]

Looking at your code more thoroughly, I think that the reason that you are missing some packets is because your code assumes that each return from PacketReceivePacket() will return only a single network packet.  However, the documentation of PacketReceivePacket() clearly indicates that there can be multiple packets in the buffer returned in the _PACKET structure.   My guess is that you are only parsing the first packet in the buffer, there are still more packets in the buffer, an you are inadvertently dropping them on the floor.   SLH. -----Original Message----- From: Annie Deroo [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2003 1:18 AM To: [EMAIL PROTECTED] Subject: Re: [WinPcap-users] how to receive an ICMP echo reply Is there realy nobody how knows what the problem might be? or is my question wrong? Could it help to devide the program in two programs, one for sending and one for capturing the answers? But then I still need a connection between the two programs fot passing parameters, now I can share them because of the two threads, but then ... ? ----- Original Message ----- From: Annie Deroo To: [EMAIL PROTECTED] Sent: Monday, July 07, 2003 11:20 AM Subject: [WinPcap-users] how to receive an ICMP echo reply I'm trying to write something like a ping program. I send an ICMP echo request with the thread SendICMPPacket. Sending works fine, but I'm not capable of capturing the reply and recognize it as the reply. The program captures packets, but not all the packets, how can I change that? If somebody could check my code and give an answer why I don't capture everything and if IsICMPReply() should work. The code is written in Visual C++ and OnBICMP is the starting point.   Thank u.   void CPIGDlg::OnBICMP() {  if(initAdapter()){   //begin listening   AfxBeginThread(ListenThread,this);     Sleep(500);     //send the packet   AfxBeginThread(SendICMPPacket,this);   Sleep(6000); //wait for listenthread to finish  } }   UINT CPIGDlg::ListenThread(LPVOID pParam) {  CPIGDlg * dlg = (CPIGDlg *) pParam;  dlg->ListenThread();  return 0; }   void CPIGDlg::ListenThread() {  LPPACKET   lpPacket;  char buffer[256000];    if (!m_lpAdapter || (m_lpAdapter->hFile == INVALID_HANDLE_VALUE))  {   AfxMessageBox("Unable to open the adapter");  }     // set the network adapter in promiscuous mode   if(PacketSetHwFilter(m_lpAdapter,NDIS_PACKET_TYPE_PROMISCUOUS)==FALSE){    AfxMessageBox("Warning: unable to set promiscuous mode!");  }    // set a 512K buffer in the driver  if(PacketSetBuff(m_lpAdapter,512000)==FALSE){    AfxMessageBox("Unable to set the kernel buffer!");  }    // set a 1 second read timeout  if(PacketSetReadTimeout(m_lpAdapter,1000)==FALSE){    AfxMessageBox("Warning: unable to set the read timeout!");  }    //allocate and initialize a packet structure that will be used to  //receive the packets.  if((lpPacket = PacketAllocatePacket())==NULL){   AfxMessageBox("Error: failed to allocate the LPPACKET structure.");  }  PacketInitPacket(lpPacket,(char*)buffer,256000);    //main capture loop  while(true)  {      // capture the packets   if(PacketReceivePacket(m_lpAdapter,lpPacket,TRUE)==FALSE){    MessageBox("Error: PacketReceivePacket failed");   }   else{    if(lpPacket->ulBytesReceived!=0){     AfxMessageBox("packet captured");     (void)IsICMPReply(lpPacket);    }   }  }    PacketFreePacket(lpPacket);    // close the adapter and exit  PacketCloseAdapter(m_lpAdapter); }   BOOL CPIGDlg::IsICMPReply(LPPACKET lpPacket) {  BOOL bFlag = FALSE;  PIPHEADER pIPHeader;  PICMPPACKET pICMPPacket;   char *buf;  u_int off=0;  struct bpf_hdr *hdr;    buf = (char*)lpPacket->Buffer;  off=0;  hdr=(struct bpf_hdr *)(buf+off);  off+=hdr->bh_hdrlen;    pICMPPacket = (PICMPPACKET) (buf + off);  //cast the received lpPacket to a ICMPPacket    if (pICMPPacket->ehhdr.eh_type == htons(0x0800)){     //if the ethernet type = IP, can be icmp   if (strcmp((char*)(pICMPPacket->ehhdr.eh_dmac),m_myMAC) == 0    && pICMPPacket->icmphead.i_id == (USHORT)GetCurrentProcessId())    //if m_myMac = destination MAC and id = current process id   {    char szTemp[10];    pIPHeader = (PIPHEADER)(buf + off + sizeof(EHHDR));    memcpy(szTemp, &pIPHeader->sourceIP, sizeof(pIPHeader->sourceIP));    AfxMessageBox((char*)inet_ntoa(*((struct in_addr *)(szTemp))));    return TRUE;   }  }  return FALSE; }