[Winpcap-users] My Problem at Interpreting the packets
Gianluca Varenni
gianluca.varenni at cacetech.com
Wed Dec 13 16:21:12 GMT 2006
Mesut,
the sample you are using filters the packet with "ip and udp", so all the
tcp packets are discarded.
The filter is compiled in the line
00080 char packet_filter[] = "ip and udp";
00081 struct bpf_program fcode;
...
00153 //compile the filter
00154 if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) <0 )
...
00162 //set the filter
00163 if (pcap_setfilter(adhandle, &fcode)<0)
You need to either remove or modify the filter (e.g. "ip and tcp") to see
the web traffic.
Have a nice day
GV
----- Original Message -----
From: "Mesut Timur" <mesut_timur at hotmail.com>
To: <winpcap-users at winpcap.org>
Sent: Wednesday, December 13, 2006 1:46 AM
Subject: [Winpcap-users] My Problem at Interpreting the packets
> Hi everyone
> I have a problem at Interpreting the packets [WinPcap tutorial: a step by
> step guide to using WinPcap] tutorial.
> When i compile the code at this tutorial also can be found at
> http://www.winpcap.org/docs/docs_40b3/html/group__wpcap__tut6.html
> It is working as:
> ------------------------------------------------
> 11:39:32.981098 len:86 85.97.80.158.1105 -> 195.175.39.40.53
> 11:39:32.994606 len:211 195.175.39.40.53 -> 85.97.80.158.1105
> 11:39:42.197688 len:356 85.97.80.158.68 -> 192.168.1.1.67
> ------------------------------------------------
> First; 192.168.1.1 is local are interface of my router; and
> 85.97.80.158 is the ip of the wide area interface of my router; which has
> been assigned by my ISP.
> 195.175.39.40.53 is the dns server's ip of my ISP.
> And there isn't any different ip while sniffing.For example; when i am
> connecting www.winpcap.org [128.121.79.138]; it doesn't show that ip at
> sniffin window.
> So i wonder what is the problem about the code; how can i sniff all the
> traphic.I am waiting for your answers.
> Thanks!
> Mesut Timur
>
> _________________________________________________________________
> Share your latest news with your friends with the Windows Live Spaces
> friends module.
> http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mk
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
More information about the Winpcap-users
mailing list