I am working on the monitor network program using libpcap. I have searched but fail to find the good way to ignore the broadcast packages filter expression so that I set it to kernel.
Could you please give me the advice or the sample of code for that?
Thank you for you time!
The filter expression to ignore broadcast packets is "not broadcast".
Related
I tried to use send() back to back but it generates an error. I'm very new to network simulation software. Any guidance would be appreciated.
The main problem is that you do not provide code, to your question. Without, that, it's just guessing, so here is mine. You are sending the same packet two times which is NOT possible. You have to create a copy of the packet (with dup()) and send that copy in the second call.
As a general advice: you should do the TicToc tutorial, before going any further into OMNeT++ programming.
I am working on project that can capture the data passed from the user to the network in the same machine and modify its contents.
But I don't know if Winpcap can only capture or can also modify the data???
I hope my question was so obvious for you!
You can capture. You can modify what you capture, but that doesn't affect what goes through the network stack: only what you have in your own sniffing process. You can't filter packets out either.
I am trying to automate the process of capturing network packets send by a particular application.I don't have problem in windows as I am using Microsoft Network Monitoring tool and that gives all the traffic send based on the process.Now the problem is that we need to achieve the same result in mac as well.
We used Wire-shark in mac for capturing network traffic after a long research but still wireshark does not capture by process name.We tried some tools that captures based on process name but with very limited information. We need the full packet informations to be captured.
What will be the best way to achieve the result in mac as like we are getting in windows?
what all parameters can be used to filter the wanted data...?
I am in fact trying to get the port number used by the process but is that a right approach ? I am not sure we can zero down based on port number.
Any help would be greatly appreciated...
Thanks in advance...
You can use lsof command, but it's more complex than netstat.
Here is a guide: lsof survival guide
How to know the data bytes availability at serail port in windows?
I mean, I just want to check whether serail port empty or not?
NOTE:
there was function in Linux "ioctl(fd,FIONREAD,&availableBytes)", I need to implement similar functionality in windows.
~ Johnnie
This solved my problem:
Call the ClearCommError function and check the return in lpStat->cbInQue.
& I think it should solve yours too.
Refer windows api documentation for more clarification on ClearCommError() function.
https://msdn.microsoft.com/en-us/library/windows/desktop/aa363180%28v=vs.85%29.aspx
In .Net the SerialPort class has a BytesToRead property.
ClearCommError is used to obtain error and stats info.
http://msdn.microsoft.com/en-us/library/aa363180%28v=vs.85%29.aspx
I need to modify a kernel module(s) to count number of packets that the machine has sent / received over my wireless adapter for the linux 2.6 kernel. Please let me know which modules should I modify. Any references would also be helpful.
I am not very sure about wireless adapter, but I think it is similar to a wired one. For wired and wireless NIC, you can use ifconfig eth0 command, then in the output, you will see one or two lines telling you the number of packets sent(TX) or received(RX).
To get the same information from the kernel module, one way is to modify the device driver for the network card. One tutorial about rtl8139 (wired one) is here: http://linuxgazette.net/156/jangir.html
Also, I think there are some standard kernel interface that you can use to get the same info. For example, tp->stats.tx_packets mentioned in the above link.
If you're interested in IP packets you should consider creating a kernel module that uses netfilter hooks. It's very simple, here take a look at this:
http://www.netfilter.org/documentation/HOWTO/netfilter-hacking-HOWTO-3.html
Netfilter is primarily intended for firewalling, but it can do what you want and you don't need to mess with other kernel modules. Hope it helps.
cat /proc/net/dev
is probably not what you want, but then explain why.