tcpdump mailing list archives
Capture icmp type = 3
From: Luis Del Pino <desanlu () gmail com>
Date: Wed, 11 Jan 2006 17:03:19 +0000
Hello i have a problem. I can't capture the packets ICMP type 3 "Destination Host Unreachable". I can capture packets ICMP type 0 "echo reply" but i do "ping IP(unknow)" I can't the answer . Here it is the code of program. I believe that libpcap doesn't capture this packets well because i capture Echo reply perfectly. device = pcap_lookupdev(errbuf); if (device == NULL) { fprintf(stderr,"pcap_lookupdev() fallo: error %s\n",errbuf); return (void*) NULL; } printf("dispositivo:%s\n",device); //Abrimos una sesión de captura p_session = pcap_open_live(device, 256, 0, 0, errbuf); if (p_session == NULL) { fprintf(stderr,"pcap_open_live() fallo: error %s\n",errbuf); return (void*) NULL; } //Se obtiene la dirección IP y la máscara de red if (pcap_lookupnet(device, &local_net, &mascara, errbuf) == -1) { fprintf(stderr,"pcap_lookupnet() fallo: error %s\n",errbuf); return (void*) NULL; } //Compilamos la expresión que especifica el filtrado de los paquetes if (pcap_compile(p_session, &filtro_cod, FILTRADO, 1, mascara) == -1) { fprintf(stderr,"pcap_compile() fallo: error %s\n",pcap_geterr(p_session)); return (void*) NULL; } //Aplicamos el filtro a la captura de paquetes if (pcap_setfilter(p_session, &filtro_cod) == -1) { fprintf(stderr,"pcap_setfilter() fallo: error %s\n",pcap_geterr(p_session)); return (void*) NULL; } //Tratamos los paquetes capturados comprobando que son las respuesta a las solicitudes de eco while(1) { pthread_testcancel(); packet = (u_int8_t *) pcap_next(p_session, &pc_hdr); //eth_hdr = (struct libnet_802_3_hdr *)(packet); gettimeofday (&time_now, NULL); //printf("Algo va mal\n"); if (packet == NULL) { printf("No capturo"); continue; } //printf("ETHERNET %d %d %d %d\\n",eth_hdr->_802_3_dhost[0], eth_hdr->_802_3_dhost[1],eth_hdr->_802_3_dhost[2], eth_hdr->_802_3_dhost[3]); //printf("ETHERNET %d %d %d %d\\n",eth_hdr->_802_3_dhost[0], eth_hdr->_802_3_shost[1],eth_hdr->_802_3_shost[2], eth_hdr->_802_3_shost[3]); ip_hdr = (struct libnet_ipv4_hdr *)(packet + sizeof(struct ethhdr)); //printf("Protocolo IP %d %d\n",ip_hdr->ip_p, ip_hdr->ip_len); if (ip_hdr->ip_p == IPPROTO_ICMP) { gettimeofday (&time_now, NULL); icmp_hdr = (struct libnet_icmpv4_hdr *)(packet + sizeof(struct ethhdr) + 20); //printf("Protocolo IP %d %d\n",ip_hdr->ip_p, icmp_hdr->icmp_type); if (ip_hdr->ip_src.s_addr != dst_ip) continue; if ((icmp_hdr->icmp_type == ICMP_ECHOREPLY) || (icmp_hdr->icmp_type == 3)) {} - This is the tcpdump-workers list. Visit https://lists.sandelman.ca/ to unsubscribe.
Current thread:
- Capture icmp type = 3 Luis Del Pino (Jan 11)