Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 25 Jun 2004 15:01:53 +0300
From:      Ruslan Ermilov <ru@freebsd.org>
To:        kamal kc <rosey_kc@yahoo.com>
Cc:        freebsd-net@freebsd.org
Subject:   Re: newbie: ethernet, ip header proble
Message-ID:  <20040625120153.GA37003@ip.net.ua>
In-Reply-To: <20040625104911.69479.qmail@web13004.mail.yahoo.com>
References:  <20040625104911.69479.qmail@web13004.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--9amGYk9869ThD9tj
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jun 25, 2004 at 03:49:11AM -0700, kamal kc wrote:
> Hi i am new to this mailing list.
> =20
> I have written a program to capture packets using pcap library routines. =
I have a FreeBSD 5.1. The problem I faced was I successfully captured packe=
ts and parsed to ethernet header and ip header.
> =20
> i present a section of code how i did it.
> =20
> --
> char *ptr;
> ptr=3Dpcap_next(.....);
> =20
> struct ether_header *eth;
> struct ip *ip;
> =20
> eth=3D(struct ether_header *)ptr;  // datalink type DLT_EN10MB
> ptr+=3D14; // the size of the ether_header being 14 bytes;=20
> =20
> ip=3D(struct ip *)ptr;
> =20
> printf("\n %s %s", ether_ntoa(eth->ether_dhost), ether_ntoa(eth->ether_sh=
ost));
> printf("\n %s %s", inet_ntoa(ip->ip_src), inet_ntoa(ip->ip_dst));
> =20
> ----------------
> =20
> Now the problem is that the ethernet destination and sender host is print=
ed the same.
> it is equal to that of the sender MAC address(linux) when ICMP packets (b=
y ping utility)
> is sent to the host(FreeBSD) running the program.
> =20
> Also that the ip adresses printed is the same as the sender ip address(ie=
 linux).
> =20
> The program is run on host with FreeBSD.
> =20
> The ip address of the computers are:=20
>    192.168.1.10  has Linux
>    192.168.1.11  has FreeBSD
> =20
> I couldn't think of a solution as i guess the coding was alright.
> =20
> Anybody could help
> =20
Sure, carefully read the BUGS sections of both ether_ntoa(3) and inet_ntoa(=
3)
manpages.


Cheers,
--=20
Ruslan Ermilov
ru@FreeBSD.org
FreeBSD committer

--9amGYk9869ThD9tj
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFA3BQwqRfpzJluFF4RAnZkAKCbIdz5laNFp8EFa2xpJg8V12IccwCfcSiP
Q7fXrsR7FYqnXQEc3dATXFY=
=KkzS
-----END PGP SIGNATURE-----

--9amGYk9869ThD9tj--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040625120153.GA37003>