Hi to all,
I would like to know how do we grab the icmp header from an ethernet frame. I
believe we have to jump pass the ethernet and IP headers..
to jump pass the ethernet header, we do sth like this:
u_char * handle_IP(u_char *args, const struct pcap_pkthdr* pkthdr, const
u_char* packet)
{
const struct my_ip* p;
u_int length = pkthdr->len;
ip = (struct my_ip*)(packet + sizeof(struct ether_header));
length -= sizeof(struct ether_header);
}
I tried to check the tcpdump source code but couldn't understand it. I looked
in print_icmp.c and print_ip.c in particular.
Can anyone tell me how do I go abt it?
Regards,
Visham
This mail has been scanned for viruses by the UoM Antivirus Gateway.
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.
