Re: packets contents

[Guy Harris <guy () alum mit edu>]

On Oct 29, 2008, at 8:49 AM, stephen () stephengarrett net wrote:

> Is there a pcap function that will allow me to view the ip addresses  
> (sending and receiving) of a packet

No.  Libpcap doesn't interpret the packet contents; you will have to  
do the same thing that tcpdump, Wireshark, Snort, etc. do, and dissect  
the packet yourself.

See some of the tutorials linked to from the "Documentation" section  
of the main page at www.tcpdump.org for examples of code that dissects  
packets.
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.