tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Capture icmp type = 3

From: Luis Del Pino <desanlu () gmail com>
Date: Wed, 11 Jan 2006 17:03:19 +0000
Hello i have a problem. I can't capture the packets ICMP type 3 "Destination
Host Unreachable". I can capture packets ICMP type 0 "echo reply" but i do
"ping IP(unknow)" I can't the answer . Here it is the code of program. I
believe that libpcap doesn't capture this packets well because i capture
Echo reply perfectly.


device = pcap_lookupdev(errbuf);
    if (device == NULL)
    {
        fprintf(stderr,"pcap_lookupdev() fallo: error %s\n",errbuf);
        return (void*) NULL;
    }
    printf("dispositivo:%s\n",device);

    //Abrimos una sesión de captura
    p_session = pcap_open_live(device, 256, 0, 0, errbuf);
    if (p_session == NULL)
    {
        fprintf(stderr,"pcap_open_live() fallo: error %s\n",errbuf);
        return (void*) NULL;
    }

    //Se obtiene la dirección IP y la máscara de red
    if (pcap_lookupnet(device, &local_net, &mascara, errbuf) == -1)
    {
        fprintf(stderr,"pcap_lookupnet() fallo: error %s\n",errbuf);
        return (void*) NULL;
    }

    //Compilamos la expresión que especifica el filtrado de los paquetes
    if (pcap_compile(p_session, &filtro_cod, FILTRADO, 1, mascara) == -1)
    {
        fprintf(stderr,"pcap_compile() fallo: error
%s\n",pcap_geterr(p_session));
        return (void*) NULL;
    }

    //Aplicamos el filtro a la captura de paquetes
    if (pcap_setfilter(p_session, &filtro_cod) == -1)
    {
        fprintf(stderr,"pcap_setfilter() fallo: error
%s\n",pcap_geterr(p_session));
        return (void*) NULL;
    }

    //Tratamos los paquetes capturados comprobando que son las respuesta a
las solicitudes de eco
    while(1)
    {
        pthread_testcancel();
        packet = (u_int8_t *) pcap_next(p_session, &pc_hdr);
        //eth_hdr = (struct libnet_802_3_hdr *)(packet);
        gettimeofday (&time_now, NULL);

        //printf("Algo va mal\n");


        if (packet == NULL)
        {
            printf("No capturo");
            continue;
        }
        //printf("ETHERNET %d %d %d %d\\n",eth_hdr->_802_3_dhost[0],
eth_hdr->_802_3_dhost[1],eth_hdr->_802_3_dhost[2],
eth_hdr->_802_3_dhost[3]);
        //printf("ETHERNET %d %d %d %d\\n",eth_hdr->_802_3_dhost[0],
eth_hdr->_802_3_shost[1],eth_hdr->_802_3_shost[2],
eth_hdr->_802_3_shost[3]);
        ip_hdr = (struct libnet_ipv4_hdr *)(packet + sizeof(struct ethhdr));
        //printf("Protocolo IP %d %d\n",ip_hdr->ip_p, ip_hdr->ip_len);

        if (ip_hdr->ip_p == IPPROTO_ICMP)
        {
            gettimeofday (&time_now, NULL);


            icmp_hdr = (struct libnet_icmpv4_hdr *)(packet + sizeof(struct
ethhdr) + 20);
            //printf("Protocolo IP %d %d\n",ip_hdr->ip_p,
icmp_hdr->icmp_type);
            if (ip_hdr->ip_src.s_addr != dst_ip)
                continue;
            if ((icmp_hdr->icmp_type == ICMP_ECHOREPLY) ||
(icmp_hdr->icmp_type == 3))
            {}
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: