Thread: Ethernet Packet capture

  1. #1
    Registered User
    Join Date
    Aug 2009

    Post Ethernet Packet capture

    I am trying to write a program that will allow me to capture packets from an Ethernet Line. Here are the logistics The program has to be a C program and it has to run on windows XP. Here is what i've gathered so far from other people's programs:
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <arpa/inet.h>
    #include <netdb.h>
    #include <stdio.h>
    #include <unistd.h> /* close() */
    #include <string.h> /* memset() */
    #define LOCAL_SERVER_PORT 100
    #define MAX_MSG 500
    int main(int argc, char *argv[])
       int sd, rc, n, cliLen;
       struct sockaddr_in cliAddr, servAddr;
       char msg[MAX_MSG];
       /* socket creation */
       sd=socket(AF_INET, SOCK_DGRAM, 0);
       if(sd<0) {
          printf("%s: cannot open socket \n",argv[0]);
       /* bind local server port */
       servAddr.sin_family = AF_INET;
       servAddr.sin_addr.s_addr = htonl(INADDR_ANY);
       servAddr.sin_port = htons(LOCAL_SERVER_PORT);
       rc = bind (sd, (struct sockaddr *) &servAddr,sizeof(servAddr));
       if(rc<0) {
          printf("%s: cannot bind port number %d \n",
           argv[0], LOCAL_SERVER_PORT);
       printf("%s: waiting for data on port UDP %u\n",
       /* server infinite loop */
          /* init buffer */
          /* receive message */
         cliLen = sizeof(cliAddr);
         n = recvfrom(sd, msg, MAX_MSG, 0,(struct sockaddr *) &cliAddr, &cliLen);
             printf("%s: cannot receive data \n",argv[0]);
          /* print received message */
          printf("%s: from %s:UDP%u : %s \n",
       }/* end of server infinite loop */
    return 0;
    I believe the problem has to do with windows blocking my use of the Ethernet port. I've looked up the port for the ethernet several different ways the most efficent was thru the command window. The program compiles fine but stalls/ gets stuck after printing "waiting for data on port UDP #". Any help would be great thank you.

    Sorry i should have added a few things, first is that this is only the a part of the program i need to write. I need to capture and condition UDP packets from some instruments that i have running. I've tryed using many different ports, i've looked up these ports in the Windows command window. After doing some research, i've found that Windows wants exclusive control over the ports it is using. I've used wireshark and i can caputure packets that way but i can't condition the data using it. I need to know/find a way to unblock these ports. Thank you!
    Last edited by smash_boxes; 08-07-2009 at 10:36 AM. Reason: More information to give

  2. #2
    {Jaxom,Imriel,Liam}'s Dad Kennedy's Avatar
    Join Date
    Aug 2006
    The source for wireshark is out there. Same kind of deal. It may be more trouble than it is worth to hack it, though.

  3. #3
    Registered User
    Join Date
    Sep 2004
    but stalls/ gets stuck after printing "waiting for data on port UDP #". Any help would be great thank you.
    Are you sure that any packets are coming in on port 100? If no packets come in on that port, then your application is just going to hang on that recvfrom() call.
    bit∙hub [bit-huhb] n. A source and destination for information.

  4. #4
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    segmentation fault
    Quote Originally Posted by Kennedy View Post
    The source for wireshark is out there. Same kind of deal. It may be more trouble than it is worth to hack it, though.
    I was going to recommend the pcap library, which I used to write a packet sniffer* (I think this is what the OP is trying to do).

    When I googled "pcap windows", I found this:

    WinPcap, The Packet Capture and Network Monitoring Library for Windows

    Which, low and behold, "is the packet capture and filtering engine of" wireshark, among other things.

    *these are a riot w/ wifi
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

  5. #5
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Portland, OR
    An AF_INET/SOCK_DGRAM socket will not allow to to capture anything except UDP traffic. Moreover, you cannot capture packets with a destination MAC that differs from your interface MAC, unless you put the interface into promiscuous mode.

    Just use libpcap and be done with it.
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);

  6. #6
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Moved to Networking/Device Communication forum.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 4
    Last Post: 05-05-2009, 05:35 AM
  2. Global Variables
    By Taka in forum C Programming
    Replies: 34
    Last Post: 11-02-2007, 03:25 AM
  3. Obtaining source & destination IP,details of ICMP Header & each of field of it ???
    By cromologic in forum Networking/Device Communication
    Replies: 1
    Last Post: 04-29-2006, 02:49 PM
  4. Raw Packet (sorry tripple weird Post)
    By Coder87C in forum Networking/Device Communication
    Replies: 6
    Last Post: 03-04-2006, 11:34 AM

Tags for this Thread