SV: [Winpcap-users] how to open the IP packet data
Guy Harris
guy at alum.mit.edu
Fri Feb 10 20:49:17 GMT 2006
On Feb 10, 2006, at 6:46 AM, Mario und Martina Müller wrote:
> i dont know whats wrong.
> to see the packet data it must be a string and not an integer.
Packet data isn't necessarily just a character string. The payload
of an IP packet is almost never (probably never) just a string - it
usually has a TCP, UDP, ICMP, SCTP, etc. header, which is binary
data. Even with TCP, there might be binary data in the payload. If
you try to print packet data as a string, you might just get a lot of
garbage characters printed.
What you see printed by tcpdump/WinDump or Tethereal, or displayed by
Ethereal, etc. is *NOT* the raw packet data, it's the result of the
program analyzing the possibly-binary packet data and printing or
displaying text that describes the contents of the packet. To
produce something such as *that* you'll need a *lot* of code; take a
look at the tcpdump source code, for example.
More information about the Winpcap-users
mailing list