tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: print location

From: Max Laier <max () love2party net>
Date: Sun, 2 Nov 2008 22:42:16 +0100
On Sunday 02 November 2008 22:27:22 stephen () stephengarrett net wrote:

Hi,

I'm trying to find where in the code tcpdump prints the packet info like
source and destination IP addresses.  I need to insert some code to make a
custom version of tcpdump that will send a message to another program every
time tcpdump prints a line, and I also need to know if those source and
destination IP addresses are stored in a variable somewhere and if not, how
can I access them.

Any help or direction is greatly appreciated.


Search for "ip->ip_{src,dst}" in combination with "ipaddr_string" in
print-ip.c.  But note, that some protocols (TCP, UDP, DCCP, SCTP) like to 
print their own representation of IP addresses (with port numbers added) and 
you have to look at the respective print-{tcp,udp,sctp,dccp}.c.  All that 
considered you are probably better off by simply using libpcap directly.

-- 
/"\  Best regards,                      | mlaier () freebsd org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: