[Winpcap-users] Getting protocol from IPv4 header
Ravi Sankar
s_rsy at yahoo.com
Mon Aug 1 05:10:43 GMT 2005
Hi Eric,
If you are using C/C++ here is the method.
/* IPv4 header */
typedef struct ip_header{
u_char ver_ihl; // Version (4 bits) + Internet
header length (4 bits)
u_char tos; // Type of service
u_short tlen; // Total length
u_short identification; // Identification
u_short flags_fo; // Flags (3 bits) + Fragment
offset (13 bits)
u_char ttl; // Time to live
u_char proto; // Protocol
u_short crc; // Header checksum
ip_address saddr; // Source address
ip_address daddr; // Destination address
u_int op_pad; // Option + Padding
}ip_header;
Above is the IP Header typecast the packet received to
this object and you can get the Protocol type. Sample
code
ip_header *l_pIpHeader = NULL;
/* pkt_data is the pointer to unsigned char
which points to the received packet.*/
/* retireve the position of the ip header */
l_pIpHeader = (ip_header *) (pkt_data +
14); //length of ethernet header
/* Now l_pIpHeader->proto contains the protocol
type.*/
Regarding protocol headers you can refer to
http://www.networksorcery.com - A Very good site for
protocol details.
Hope this helps
Ravi
--- Eric Hansen <nightskywriter at gmail.com> wrote:
> Can someone help me get the protocol type from the
> IPv4 header? I need to
> get this to test out my filter-part, and Google'ing
> doesn't give me anything
> useful.
> > _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
>
https://www.winpcap.org/mailman/listinfo/winpcap-users
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Winpcap-users
mailing list