tcpdump mailing list archives
Re: IP Header Size is always 5
From: Guy Harris <guy () alum mit edu>
Date: Wed, 1 Apr 2009 11:21:12 -0700
On Apr 1, 2009, at 8:32 AM, Shameem Ahamed wrote:
In that case also, we should be able to get the source and destination IP address from the below codeprintf("Source IP: %s \n",inet_ntoa(ipHeader->ip_src)); For me it gives me Segmentation Fault.
inet_ntoa() takes a "struct in_addr" as an argument; is the ip_src field in "struct ip" a "struct in_addr"?
If not, then you would need to declare a "struct in_addr" variable: struct in_addr addr; and do memcpy(&addr.s_addr, ipHeader->ip_src, sizeof addr.s_addr); printf("Source IP: %s\n", inet_ntoa(addr)); as1) there might be an alignment issue, as Sebastien said (admittedly, he works at Sun, who have one of the few lines of processors that don't do unaligned accesses; most people are probably programming on x86 machines these days, and they don't have alignment issues with any OS I know of, *but* they shouldn't assume a lack of alignment issues in the general case);
2) there is no *guarantee* that a 4-byte structure such as a "struct in_addr" is passed as an argument the same way a 4-byte integral value, for example, is passed (it might be likely, but it's not guaranteed, and code should *NOT* assume it in the general case).
Also, i am not able to access the tcp header details.
...
tcpHeader=(struct tcphdr *)(packet +ETHER_SIZE+size_ip);
size_ip is set to ipHeader->ip_hl*4, right? If not, it should be, as per what Sebastien said.
printf("====================TCP Header Details================\n"); size_tcp=tcpHeader->doff; printf("TCP Header Size is: %d \n",size_tcp);
That's also in units of 4-byte words, so the TCP header size is tcpHeader->doff*4.
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- IP Header Size is always 5 Shameem Ahamed (Apr 01)
- Re: IP Header Size is always 5 Sebastien Roy (Apr 01)
- Re: IP Header Size is always 5 Shameem Ahamed (Apr 01)
- Re: IP Header Size is always 5 Guy Harris (Apr 01)
- Re: IP Header Size is always 5 Shameem Ahamed (Apr 01)
- Re: IP Header Size is always 5 Shameem Ahamed (Apr 01)
- Re: IP Header Size is always 5 Sebastien Roy (Apr 01)
- Re: IP Header Size is always 5 Florian Weimer (Apr 01)