tcpdump mailing list archives
Re: Sending a packet to localhost?
From: Guy Harris <guy () alum mit edu>
Date: Mon, 23 Feb 2009 15:24:32 -0800
On Feb 23, 2009, at 3:14 PM, Oliver Zheng wrote:
How does Libpcap do it then if it's not with raw sockets?
To what does "it" refer in "how does libpcap do it"?If by "it" you mean "capture and send raw link-layer packets", then, on Linux, it uses a PF_PACKET socket (raw or cooked) rather than a raw PF_INET socket. The latter might let you inject packets that look as if they come from another machine, and have them seen by the Linux TCP/ IP stack; for better or worse, the former doesn't. PF_INET sockets don't let you capture and send raw link-layer packets, so libpcap can't use them, as its purpose is to capture and send raw link-layer packets, not inject packets and have them seen by the local machine's TCP/IP stack.
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Sending a packet to localhost? Oliver Zheng (Feb 22)
- Re: Sending a packet to localhost? Tyler Littlefield (Feb 22)
- Re: Sending a packet to localhost? Oliver Zheng (Feb 23)
- Re: Sending a packet to localhost? Aaron Turner (Feb 23)
- Re: Sending a packet to localhost? Oliver Zheng (Feb 23)
- Re: Sending a packet to localhost? Aaron Turner (Feb 23)
- Re: Sending a packet to localhost? Guy Harris (Feb 23)
- Re: Sending a packet to localhost? Aaron Turner (Feb 23)
- Re: Sending a packet to localhost? Oliver Zheng (Feb 23)
- Re: Sending a packet to localhost? ronnie sahlberg (Feb 23)
- Re: Sending a packet to localhost? Oliver Zheng (Feb 23)
- Re: Sending a packet to localhost? Guy Harris (Feb 23)
- Re: Sending a packet to localhost? Tyler Littlefield (Feb 22)