[Winpcap-users] Re: generating a tcp packet
Guy Harris
guy at alum.mit.edu
Thu May 25 20:51:24 GMT 2006
On May 25, 2006, at 8:50 AM, joe kibz wrote:
> i have [ethernet , ip , tcp packet header structures and data]
> filled .
> i want to send a tcp packet using pcap_sendpacket .
> how do i put [ all the above ] packet info in a u_char* ,
You don't. You put it into a buffer to which the u_char * points.
You must make sure the buffer is big enough for your packet.
> especially things like source and destination ip addresses ?
If "[you] have [ethernet , ip , tcp packet header structures and
data] filled", then you've already filled the source and destination
IP addresses in somewhere.
I would suggest that, when you fill that stuff up, you:
arrange to have a buffer big enough for all of them put together
(for example, by allocating it);
fill in the Ethernet header at the beginning of the buffer, i.e. the
first 14 bytes of the buffer;
fill in the IP header right after the Ethernet header;
fill in the TCP header right after the IP header;
fill in the data right after the TCP header.
I.e., don't fill them in as separate structures, fill them in as data
in the buffer.
NOTE: the headers in the buffer might not be aligned on the right
boundaries in memory, so you should either fill them in by copying
the data as bytes, or by, for example, making the buffer two bytes
bigger than is necessary, and filling in the Ethernet header starting
at the *third* byte of the buffer (in C, that'd be starting at &buffer
[2]) - the Ethernet header is 14 bytes, so that'll put the IP header
on a 4-byte boundary, and, as the IP header length is a multiple of 4
bytes, the TCP header will also be on a 4-byte boundary, and, as the
TCP header length is also a multiple of 4 bytes, the data will also
be on a 4-byte boundary.
Once you've done that, you just construct a pointer to the first byte
of the Ethernet header (that'd be &buffer[0] if you put it at the
beginning of the buffer, or &buffer[2] if you put it after two
padding bytes), and pass that pointer to pcap_sendpacket().
More information about the Winpcap-users
mailing list