[Winpcap-users] TCP Header and Flags
Marcel van Lieshout
marcel at hmcs.nl
Thu Jul 6 17:33:37 GMT 2006
It looks like &-ing with TH_FLAGS gives a quick check if any flag is set. The same & isolates all flags from the word they are contained in.
Something like:
if(flags = hdrword & TH_FLAGS) {
we_have_flags(flags);
} else {
all_flags_are_off();
}
----- Original Message -----
From: ahsan askari
To: winpcap-users at winpcap.org
Sent: Thursday, July 06, 2006 7:07 PM
Subject: [Winpcap-users] TCP Header and Flags
Hi
I had a look at sniffex.c at http://www.tcpdump.org/pcap.htm and I found the TCP Header structure. That structure has the following
u_char th_flags;
#define TH_FIN 0x01
#define TH_SYN 0x02
#define TH_RST 0x04
#define TH_PUSH 0x08
#define TH_ACK 0x10
#define TH_URG 0x20
#define TH_ECE 0x40
#define TH_CWR 0x80
#define TH_FLAGS (TH_FIN|TH_SYN|TH_RST|TH_ACK|TH_URG|TH_ECE|TH_CWR)
I know that if I want to check any flag value in th_flags field I just have to "&" that with flag value but could anyone tell me how I could use TH_FLAGS and why is it there ?
Thank you
------------------------------------------------------------------------------
_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org
https://www.winpcap.org/mailman/listinfo/winpcap-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.winpcap.org/pipermail/winpcap-users/attachments/20060706/7f5d590b/attachment.htm
More information about the Winpcap-users
mailing list