Re: [tcpdump-workers]

["Amine Mustapha Smaali" <mustapha.smaali () setcom eu>]

Hi Harley,

Thanks for you help. I was able to get it working with raw socket.

BRs,
Mustapha

-----Original Message-----
From: tcpdump-workers-owner () lists tcpdump org
[mailto:tcpdump-workers-owner () lists tcpdump org]On Behalf Of Harley
Stenzel
Sent: Montag, 24. September 2007 19:36
To: tcpdump-workers () lists tcpdump org
Subject: Re: [tcpdump-workers]


On 9/24/07, Amine Mustapha Smaali <mustapha.smaali () setcom eu> wrote:
> Hi Harley,
>
> I'm trying to use internal stack functions. I found that the function
> netisr_queue() is delivering packets to IP layer. When I'm calling this
> function in my C program the compiler does not know this function even I
> include netisr.h. It seems that it needs the library to be included during
> the compilation but I don't know what is the lib file including the
function
> netisr_queue().
>
> Do you have any idea on how to inject the packet into local stack?

I believe that the functions you're referring to are in the bsd
kernel; your libpcap application is in userspace.  Therefore, those
functions are not available to you and you'll need to use a technique
in userspace to deliver packets into the kernel.

The two techniques I mentioned earlier:

1) Raw sockets may be able to be used if the destination IP address is
on the stack of the host running the application.

2) A helper, such as the universal tun/tap driver, can be used to
write any IP-layer (tun) or ethernet-layer (tap) packet in userspace
and have the packet be delivered into the stack.

 --Harley
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.

-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.