tcpdump mailing list archives
RE: Packet captured with PCAP
From: "Allison, Jason (JALLISON)" <JALLISON () arinc com>
Date: Wed, 12 Mar 2003 18:32:12 -0500
Try this: http://www.cet.nau.edu/~mc8/Socket/Tutorials/section1.html Jason Allison Principal Engineer ARINC Incorporated Office: (410) 266-2006 FAX: (410) 573-3026 -----Original Message----- From: Marc-André Breton [mailto:marc.andre.breton () lagrit etsmtl ca] Sent: Wednesday, March 12, 2003 3:48 PM To: tcpdump-workers () tcpdump org Subject: [tcpdump-workers] Packet captured with PCAP Hi all, I begin to work with pcap and I have some problem. I would only see packet contents on my screen. First I called pcap_loop like this... pcap_loop(handle,-1,traitement_pkt,NULL); /*My callback function is*/ void traitement_pkt(u_char *args, const struct pcap_pkthdr *header, const u_char *packet) { printf("Voici le paquet capture via pcap_loop\n%s\n",packet); } In pcap-tutorial (http://www.tcpdump.org/pcap.htm) it is wrote : "Then they simply create a u_char string and stuff the structures into it." ... "Basically, all that has happened when pcap stuffed these structures into a u_char is that all of the data contained within them was put in a string, and that string was sent to our callback. " If I understand well, the packet passed to my callback function (const u_char *packet) is under a string format. So I don't understand why my callback function didn't show this string. It shows me "Voici le paquet capture via pcap_loop" and that's all !? In my future program, I would like that my callback function search a specific string inside this packet string. Is there someone who can help me please?? Another question, where can I see archives from Jan and Feb 2003? The following link stop at December 2002: http://www.tcpdump.org/lists/workers/ Thanks for your help! Marc-Andre - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe
Current thread:
- Packet captured with PCAP Marc-André Breton (Mar 12)
- Re: Packet captured with PCAP Jacky Buyck (Mar 13)
- <Possible follow-ups>
- RE: Packet captured with PCAP Allison, Jason (JALLISON) (Mar 12)
- Re: Packet captured with PCAP Mustafa Abu Sedera (Mar 13)