Re: [tcpdump-workers] complete struct for tcp_header

Mon, 11 Jul 2005 10:17:57 -0700 

Is there a struct for the options field of tcp_header?

On 7/9/05, rootclown <[EMAIL PROTECTED]> wrote:
> dear Thinh Ho:
>   get tcp header with the following way
> 
>         struct ethhdr *eth;
>     struct iphdr *ip;
>     struct tcphdr *tcp;
> 
>     eth=(struct ethhdr *)packet;
>     ip=(struct iphdr *)(eth+1);
>     tcp=(struct tcphdr *)((u_char *)ip+(ip->ihl<<2));
> 
>    and you can see linux/tcp.h for details
> 
> rootclown
> 
> 
> 
> ======= 2005-07-09 01:58:38 您在来信中写道:=======
> 
> >Hello,
> >I am new to the mailing list and also new to pcap, tcpdump, and tcp, in 
> >general.
> >I am trying to capture tcp packets and extract/print all its fields in
> >readable format. The sniffer works and I was able to print out the
> >whole packet (in hex) and confirmed it with Ethereal. The struct I
> >have for the tcp header is below:
> >
> >typedef struct tcp_header
> >{
> >       u_short sport;                  // Source port
> >       u_short dport;                  // Destination port
> >       u_int seqnum;                   // Sequence Number
> >       u_int acknum;                   // Acknowledgement number
> >       u_char   hlen;                  // Header length
> >       u_char   flags;                 // packet flags
> >       u_short win;                    // Window size
> >       u_short crc;                    // Header Checksum
> >       u_short urgptr;                 // Urgent pointer
> >
> >       // options field of tcp_header
> >       typedef struct option
> >       {
> >               byte kind;
> >               byte length;
> >               unsigned long tsval;
> >               unsigned long tserc;
> >       }option;
> >
> >       struct option op;
> >} tcp_header;
> >
> >When call the acknum and each field of options (and everything else,
> >but for now I am concentrating on these two fields), it is not
> >displaying the correct data for some packets because the sizes of
> >ethernet header and ip header varies:
> >
> >tcp_header* tcp = (tcp_header*) (pkt_data + sizeof(struct
> >ethernet_header) + sizeof(struct ip_header));
> >
> >Do I have to define every part of the tcp header such as flags,
> >padding, etc in the struct? Any input on this will greatly be
> >appreciated, and I apologize if this is a newbie question.
> >
> >-Thinh
> >-
> >This is the tcpdump-workers list.
> >Visit https://lists.sandelman.ca/ to unsubscribe.
> >
> 
> = = = = = = = = = = = = = = = = = = = =
> 
> 
> 致
> 礼!
> 
> 
> rootclown
> [EMAIL PROTECTED]
> 2005-07-09
> 
> -
> This is the tcpdump-workers list.
> Visit https://lists.sandelman.ca/ to unsubscribe.
> 


-- 
Thinh Ho
University of Virginia
Engineering School
C: 571-594-1473
-
This is the tcpdump-workers list.
Visit https://lists.sandelman.ca/ to unsubscribe.

Reply via email to