[Winpcap-users] how to find active ports
Mark Pizzolato - WinPCap-Users
winpcap-users-20040408 at subscriptions.pizzolato.net
Tue Jul 12 19:57:13 PDT 2011
Hi there Rajath,
Winpcap doesn't contain a single API which provides the specific answer you are looking for.
However, you could determine the answer you are looking for with a little coding on your part. The following steps will achieve the desired result:
1) Use pcap_findalldevs to enumerate the set of 'ports' as you say.
2) For each enumerated port, use pcap_openlive to open a promiscuous mode pcap handle to the port.
3) For each enumerated port, Craft a packet which says "Sending on Port #N" and use any source MAC address (without Bi1#1 set (i.e. the Broadcast/multicast bit sent), use a destination MAC address of FF:FF:FF:FF:FF:FF. Send the packet on the pcap handle using pcap_sendpacket. Read arriving packets on each of the pcap handles looking for the crafted packet. Each time you find a packet you sent, you've found a 'loopbacked' port (the loopbacks here could also indicate multiple ports connected to the same switch, which is equivalent to a set of ports connected with a crossover cable).
Good Luck.
- Mark Pizzolato
From: winpcap-users-bounces at winpcap.org [mailto:winpcap-users-bounces at winpcap.org] On Behalf Of rajath kumara
Sent: Monday, July 04, 2011 5:44 AM
To: winpcap-users at winpcap.org
Subject: Re: [Winpcap-users] how to find active ports
Thanks for the reply.
However guess, its better to restate my problem, so that i can make you
people clear about my query.
I am using some 3 NICS ( network interface cards), which together get me 10
ports.
2 NICs are are from D-Link NIC cards which have 4 ports each in them, and
another is NETGEAR NIC, which has 2 ports in it.
with the help of pcap_findalldevs() , i can obtain the list of all ports ,
along with details of NIC cards, their MAC_ addresses and others.
But my question is , pcap_findalldevs( ), gives me list of all 10 ports i am
using,
assume i use a cross-cable and connect any 2 ports to form a loopback
condition,then is their any function in wpcap, which tells me
which 2 ports are in loopback state among the 10 ports i am using.
or any other function is their apart from wpcap, which helps me to do this.
please help me to figure out this problem.
On Mon, Jul 4, 2011 at 12:08 PM, <winpcap-users-request at winpcap.org<mailto:winpcap-users-request at winpcap.org>> wrote:
Send Winpcap-users mailing list submissions to
winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
To subscribe or unsubscribe via the World Wide Web, visit
https://www.winpcap.org/mailman/listinfo/winpcap-users
or, via email, send a message with subject or body 'help' to
winpcap-users-request at winpcap.org<mailto:winpcap-users-request at winpcap.org>
You can reach the person managing the list at
winpcap-users-owner at winpcap.org<mailto:winpcap-users-owner at winpcap.org>
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Winpcap-users digest..."
Today's Topics:
1. Re: . PacketRequest() (rajath kumara)
2. Re : how to find active ports (rajath kumara)
----------------------------------------------------------------------
Message: 1
Date: Mon, 4 Jul 2011 12:07:10 +0530
From: rajath kumara <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>>
To: winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
Subject: Re: [Winpcap-users] . PacketRequest()
Message-ID:
<CANT-2GQ+d_G++Ajt_gLT0rX=dcGwx5JU1cox3tt248Fd-XnyVA at mail.gmail.com<mailto:dcGwx5JU1cox3tt248Fd-XnyVA at mail.gmail.com>>
Content-Type: text/plain; charset="iso-8859-1"
Thanks for the reply.
However guess, its better to restate my problem, so that i can make you
people clear about my query.
I am using some 3 NICS ( network interface cards), which together get me 10
ports.
2 NICs are are from D-Link NIC cards which have 4 ports each in them, and
another is NETGEAR NIC, which has 2 ports in it.
with the help of pcap_findalldevs() , i can obtain the list of all ports ,
along with details of NIC cards, their MAC_ addresses and others.
But my question is , pcap_findalldevs( ), gives me list of all 10 ports i am
using,
assume i use a cross-cable and connect any 2 ports to form a loopback
condition,then is their any function in wpcap, which tells me
which 2 ports are in loopback state among the 10 ports i am using.
or any other function is their apart from wpcap, which helps me to do this.
please help me to figure out this problem.
On Sat, Jul 2, 2011 at 12:30 AM, <winpcap-users-request at winpcap.org<mailto:winpcap-users-request at winpcap.org>> wrote:
> Send Winpcap-users mailing list submissions to
> winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://www.winpcap.org/mailman/listinfo/winpcap-users
> or, via email, send a message with subject or body 'help' to
> winpcap-users-request at winpcap.org<mailto:winpcap-users-request at winpcap.org>
>
> You can reach the person managing the list at
> winpcap-users-owner at winpcap.org<mailto:winpcap-users-owner at winpcap.org>
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Winpcap-users digest..."
>
>
> Today's Topics:
>
> 1. Re: PacketRequest() (geek techie)
> 2. Re: how to find active ports (rajath kumara)
> 3. Re: PacketRequest() (Gisle Vanem)
> 4. Re: how to find active ports (Gisle Vanem)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 1 Jul 2011 11:22:52 +0530
> From: geek techie <geektechgo at gmail.com<mailto:geektechgo at gmail.com>>
> To: winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
> Subject: Re: [Winpcap-users] PacketRequest()
> Message-ID: <BANLkTinLEjMWb7e_5N4zGTnPTXciqZ=cFQ at mail.gmail.com<mailto:cFQ at mail.gmail.com>>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hello,
> Please help me to understand wpcap API - PacketRequest ( ).
>
>
> any suggestions?
>
> On Thu, Jun 30, 2011 at 11:09 AM, geek techie <geektechgo at gmail.com<mailto:geektechgo at gmail.com>>
> wrote:
>
> > Hello,
> > could someone please elaborate on wpcap API - PacketRequest( ) ,
> > regarding its functionalities and what does it do?
> >
> > Also is this function PacketRequest connected with NDIS-OID( object
> > identifiers), in any way ?
> > if so, explain how ?
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://www.winpcap.org/pipermail/winpcap-users/attachments/20110701/e529e115/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 2
> Date: Fri, 1 Jul 2011 17:16:27 +0530
> From: rajath kumara <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>>
> To: winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
> Subject: Re: [Winpcap-users] how to find active ports
> Message-ID: <BANLkTikTpk=tjVbdNwyy7Vc0qq9LPK57yA at mail.gmail.com<mailto:tjVbdNwyy7Vc0qq9LPK57yA at mail.gmail.com>>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi,
>
> Kindly suggest me how to proceed for the below mentioned problem.
> your replies, will be valuable to me.
>
> On Thu, Jun 30, 2011 at 10:42 AM, rajath kumara <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>
> >wrote:
>
> > Hi,
> >
> > Currently I am using wpcap function to obtain list of all ports in my
> > system.
> >
> > but assume i need to find only active ports in my system, for this, is
> > their any wpcap function which will provide me
> > list of all active ports in my system?
> >
> > for eg: i have some 10 ports in my system.
> > if i use a cross cable and create a loopback among 2 ports,
> then,
> > is their any wpcap function, which gives me list of only
> > loopback active ports?
> >
> >
> > kindly suggest me.
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://www.winpcap.org/pipermail/winpcap-users/attachments/20110701/1ccb4127/attachment-0001.html
> >
>
> ------------------------------
>
> Message: 3
> Date: Fri, 01 Jul 2011 14:55:08 +0200
> From: Gisle Vanem <gvanem at broadpark.no<mailto:gvanem at broadpark.no>>
> To: WinDump <winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>>
> Subject: Re: [Winpcap-users] PacketRequest()
> Message-ID: <C0AE5B30A04E435E889740C843F77518 at broadpark.no<mailto:C0AE5B30A04E435E889740C843F77518 at broadpark.no>>
> Content-Type: text/plain; CHARSET=US-ASCII; format=flowed;
> reply-type=original
>
> "geek techie" <geektechgo at gmail.com<mailto:geektechgo at gmail.com>> wrote:
>
> > Please help me to understand wpcap API - PacketRequest ( ).
>
> the PacketRequest() function is used to send an OID (object ID number) to
> the interface card driver. It can be used, for example, to retrieve the
> status
> of the error counters on the adapter, its MAC address, the list of the
> multicast
> groups defined on it, and so on.
>
> E.g. see here:
> http://www.winpcap.org/docs/docs_41b5/html/struct__PACKET__OID__DATA.html
>
> or Google for "PacketRequest + WinPcap".
>
> --gv
>
>
> ------------------------------
>
> Message: 4
> Date: Fri, 01 Jul 2011 15:11:07 +0200
> From: Gisle Vanem <gvanem at broadpark.no<mailto:gvanem at broadpark.no>>
> To: WinDump <winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>>
> Subject: Re: [Winpcap-users] how to find active ports
> Message-ID: <772EE3BDF5AF48A39F8A3738749D7FC7 at broadpark.no<mailto:772EE3BDF5AF48A39F8A3738749D7FC7 at broadpark.no>>
> Content-Type: text/plain; CHARSET=US-ASCII; format=flowed;
> reply-type=original
>
> "rajath kumara" <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>> wrote:
>
> > Currently I am using wpcap function to obtain list of all ports in my
> > system.
>
> I thought you were talking about TCP/UDP-ports until ...
>
> > but assume i need to find only active ports in my system, for this, is
> > their any wpcap function which will provide me
> > list of all active ports in my system?
> >
> > for eg: i have some 10 ports in my system.
> > if i use a cross cable and create a loopback among 2 ports,
> then,
>
> .. I read the above. You have a box with 10 network interfaces?
>
> > is their any wpcap function, which gives me list of only
> > loopback active ports?
>
> In any case, there isn't any WinPcap function that does this; neither finds
> active/listening UDP/TCP-ports nor makes a "list of all active physical
> ports".
> You have to specify your problem a bit more.
>
> If you want to find active/listening ports, then (depending on your OS)
> there
> are functions deep inside the OS for retrieving that information (like
> netstat
> does). In case you use Windows, the functions
> AllocateAndGetTcpExTableFromStack()
> and GetExtendedTcpTable() does that.
>
> --gv
>
>
> ------------------------------
>
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org<mailto:Winpcap-users at winpcap.org>
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
>
> End of Winpcap-users Digest, Vol 76, Issue 1
> ********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winpcap.org/pipermail/winpcap-users/attachments/20110704/a96f476e/attachment-0001.html>
------------------------------
Message: 2
Date: Mon, 4 Jul 2011 12:08:38 +0530
From: rajath kumara <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>>
To: winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
Subject: [Winpcap-users] Re : how to find active ports
Message-ID:
<CANT-2GSgobEA8LXSquVT+mBKjg9vMY=feoRhHtKNtQ9ejWM9Pw at mail.gmail.com<mailto:feoRhHtKNtQ9ejWM9Pw at mail.gmail.com>>
Content-Type: text/plain; charset="iso-8859-1"
Thanks for the reply.
However guess, its better to restate my problem, so that i can make you
people clear about my query.
I am using some 3 NICS ( network interface cards), which together get me 10
ports.
2 NICs are are from D-Link NIC cards which have 4 ports each in them, and
another is NETGEAR NIC, which has 2 ports in it.
with the help of pcap_findalldevs() , i can obtain the list of all ports ,
along with details of NIC cards, their MAC_ addresses and others.
But my question is , pcap_findalldevs( ), gives me list of all 10 ports i am
using,
assume i use a cross-cable and connect any 2 ports to form a loopback
condition,then is their any function in wpcap, which tells me
which 2 ports are in loopback state among the 10 ports i am using.
or any other function is their apart from wpcap, which helps me to do this.
please help me to figure out this problem.
On Mon, Jul 4, 2011 at 12:07 PM, rajath kumara <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>>wrote:
>
> Thanks for the reply.
>
> However guess, its better to restate my problem, so that i can make you
> people clear about my query.
>
> I am using some 3 NICS ( network interface cards), which together get me
> 10 ports.
> 2 NICs are are from D-Link NIC cards which have 4 ports each in them, and
> another is NETGEAR NIC, which has 2 ports in it.
>
> with the help of pcap_findalldevs() , i can obtain the list of all ports ,
> along with details of NIC cards, their MAC_ addresses and others.
>
> But my question is , pcap_findalldevs( ), gives me list of all 10 ports i
> am using,
>
> assume i use a cross-cable and connect any 2 ports to form a loopback
> condition,then is their any function in wpcap, which tells me
> which 2 ports are in loopback state among the 10 ports i am using.
>
> or any other function is their apart from wpcap, which helps me to do this.
>
>
> please help me to figure out this problem.
>
>
>
>
>
> On Sat, Jul 2, 2011 at 12:30 AM, <winpcap-users-request at winpcap.org<mailto:winpcap-users-request at winpcap.org>>wrote:
>
>> Send Winpcap-users mailing list submissions to
>> winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>> or, via email, send a message with subject or body 'help' to
>> winpcap-users-request at winpcap.org<mailto:winpcap-users-request at winpcap.org>
>>
>> You can reach the person managing the list at
>> winpcap-users-owner at winpcap.org<mailto:winpcap-users-owner at winpcap.org>
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of Winpcap-users digest..."
>>
>>
>> Today's Topics:
>>
>> 1. Re: PacketRequest() (geek techie)
>> 2. Re: how to find active ports (rajath kumara)
>> 3. Re: PacketRequest() (Gisle Vanem)
>> 4. Re: how to find active ports (Gisle Vanem)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Fri, 1 Jul 2011 11:22:52 +0530
>> From: geek techie <geektechgo at gmail.com<mailto:geektechgo at gmail.com>>
>> To: winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
>> Subject: Re: [Winpcap-users] PacketRequest()
>> Message-ID: <BANLkTinLEjMWb7e_5N4zGTnPTXciqZ=cFQ at mail.gmail.com<mailto:cFQ at mail.gmail.com>>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>> Hello,
>> Please help me to understand wpcap API - PacketRequest ( ).
>>
>>
>> any suggestions?
>>
>> On Thu, Jun 30, 2011 at 11:09 AM, geek techie <geektechgo at gmail.com<mailto:geektechgo at gmail.com>>
>> wrote:
>>
>> > Hello,
>> > could someone please elaborate on wpcap API - PacketRequest( ) ,
>> > regarding its functionalities and what does it do?
>> >
>> > Also is this function PacketRequest connected with NDIS-OID( object
>> > identifiers), in any way ?
>> > if so, explain how ?
>> >
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <
>> http://www.winpcap.org/pipermail/winpcap-users/attachments/20110701/e529e115/attachment-0001.html
>> >
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Fri, 1 Jul 2011 17:16:27 +0530
>> From: rajath kumara <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>>
>> To: winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>
>> Subject: Re: [Winpcap-users] how to find active ports
>> Message-ID: <BANLkTikTpk=tjVbdNwyy7Vc0qq9LPK57yA at mail.gmail.com<mailto:tjVbdNwyy7Vc0qq9LPK57yA at mail.gmail.com>>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>> Hi,
>>
>> Kindly suggest me how to proceed for the below mentioned problem.
>> your replies, will be valuable to me.
>>
>> On Thu, Jun 30, 2011 at 10:42 AM, rajath kumara <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>
>> >wrote:
>>
>> > Hi,
>> >
>> > Currently I am using wpcap function to obtain list of all ports in my
>> > system.
>> >
>> > but assume i need to find only active ports in my system, for this, is
>> > their any wpcap function which will provide me
>> > list of all active ports in my system?
>> >
>> > for eg: i have some 10 ports in my system.
>> > if i use a cross cable and create a loopback among 2 ports,
>> then,
>> > is their any wpcap function, which gives me list of only
>> > loopback active ports?
>> >
>> >
>> > kindly suggest me.
>> >
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <
>> http://www.winpcap.org/pipermail/winpcap-users/attachments/20110701/1ccb4127/attachment-0001.html
>> >
>>
>> ------------------------------
>>
>> Message: 3
>> Date: Fri, 01 Jul 2011 14:55:08 +0200
>> From: Gisle Vanem <gvanem at broadpark.no<mailto:gvanem at broadpark.no>>
>> To: WinDump <winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>>
>> Subject: Re: [Winpcap-users] PacketRequest()
>> Message-ID: <C0AE5B30A04E435E889740C843F77518 at broadpark.no<mailto:C0AE5B30A04E435E889740C843F77518 at broadpark.no>>
>> Content-Type: text/plain; CHARSET=US-ASCII; format=flowed;
>> reply-type=original
>>
>> "geek techie" <geektechgo at gmail.com<mailto:geektechgo at gmail.com>> wrote:
>>
>> > Please help me to understand wpcap API - PacketRequest ( ).
>>
>> the PacketRequest() function is used to send an OID (object ID number) to
>> the interface card driver. It can be used, for example, to retrieve the
>> status
>> of the error counters on the adapter, its MAC address, the list of the
>> multicast
>> groups defined on it, and so on.
>>
>> E.g. see here:
>>
>> http://www.winpcap.org/docs/docs_41b5/html/struct__PACKET__OID__DATA.html
>>
>> or Google for "PacketRequest + WinPcap".
>>
>> --gv
>>
>>
>> ------------------------------
>>
>> Message: 4
>> Date: Fri, 01 Jul 2011 15:11:07 +0200
>> From: Gisle Vanem <gvanem at broadpark.no<mailto:gvanem at broadpark.no>>
>> To: WinDump <winpcap-users at winpcap.org<mailto:winpcap-users at winpcap.org>>
>> Subject: Re: [Winpcap-users] how to find active ports
>> Message-ID: <772EE3BDF5AF48A39F8A3738749D7FC7 at broadpark.no<mailto:772EE3BDF5AF48A39F8A3738749D7FC7 at broadpark.no>>
>> Content-Type: text/plain; CHARSET=US-ASCII; format=flowed;
>> reply-type=original
>>
>> "rajath kumara" <rajathkumara at gmail.com<mailto:rajathkumara at gmail.com>> wrote:
>>
>> > Currently I am using wpcap function to obtain list of all ports in my
>> > system.
>>
>> I thought you were talking about TCP/UDP-ports until ...
>>
Guess you got it wrong here, because i am not talking about TCP/UDP ports,
what i am talking is about ports, which are present in NIC's ( network interface cards).
>> > but assume i need to find only active ports in my system, for this, is
>> > their any wpcap function which will provide me
>> > list of all active ports in my system?
>> >
>> > for eg: i have some 10 ports in my system.
>> > if i use a cross cable and create a loopback among 2 ports,
>> then,
>>
>> .. I read the above. You have a box with 10 network interfaces?
>>
>> > is their any wpcap function, which gives me list of only
>> > loopback active ports?
>>
>> In any case, there isn't any WinPcap function that does this; neither
>> finds
>> active/listening UDP/TCP-ports nor makes a "list of all active physical
>> ports".
>> You have to specify your problem a bit more.
here is a description about problem i am facing .
I am using some 3 NICS ( network interface cards), which together get me 10 ports.
2 NICs are are from D-Link NIC cards which have 4 ports each in them, and another is NETGEAR NIC, which has 2 ports in it.
with the help of pcap_findalldevs() , i can obtain the list of all ports , along with details of NIC cards, their MAC_ addresses and others.
But my question is , pcap_findalldevs( ), gives me list of all 10 ports i am using,
assume i use a cross-cable and connect any 2 ports to form a loopback condition,then is their any function in wpcap, which tells me
which 2 ports are in loopback state among the 10 ports i am using.
or any other function is their apart from wpcap, which helps me to do this.
please help me to figure out this problem.
>>
>> If you want to find active/listening ports, then (depending on your OS)
>> there
>> are functions deep inside the OS for retrieving that information (like
>> netstat
>> does). In case you use Windows, the functions
>> AllocateAndGetTcpExTableFromStack()
>> and GetExtendedTcpTable() does that.
>>
>> --gv
>>
-- regards Rajath Kumar .
>>
>> ------------------------------
>>
>> _______________________________________________
>> Winpcap-users mailing list
>> Winpcap-users at winpcap.org<mailto:Winpcap-users at winpcap.org>
>> https://www.winpcap.org/mailman/listinfo/winpcap-users
>>
>>
>> End of Winpcap-users Digest, Vol 76, Issue 1
>> ********************************************
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winpcap.org/pipermail/winpcap-users/attachments/20110704/a475d08d/attachment.html>
------------------------------
_______________________________________________
Winpcap-users mailing list
Winpcap-users at winpcap.org<mailto:Winpcap-users at winpcap.org>
https://www.winpcap.org/mailman/listinfo/winpcap-users
End of Winpcap-users Digest, Vol 76, Issue 3
********************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winpcap.org/pipermail/winpcap-users/attachments/20110713/a073d289/attachment.html>
More information about the Winpcap-users
mailing list