Packet Sniffing using Raw Sockets in Linux in C

linux network-programming network-protocols packet-sniffers sniffing
Sajad Bahmani picture Sajad Bahmani · Oct 28, 2009 · Viewed 11k times · Source

I need to write a packet sniffer in Linux that detects HTTPS packet that are sent and save the url from the request. I found code for this in security-freak and ran it. This code runs and only sniffs the received packet but I need to get the sent packet in the sniffer. How do I get the sent packet in this code?

I can't use any library like libcap (forbidden). The code is :sniffer.c

Answer

gte525u picture gte525u · Nov 3, 2009

You should be using ETH_P_ALL instead of ETH_P_IP as the protocol. ETH_P_IP only listens for incoming IP packets.

Related questions

Tcp connections hang on CLOSE_WAIT status

Client close the socket first, when there is not much data from server, tcp connection shutdown is okay like: FIN --> <-- ACK <-- FIN, ACK ACK --> When the server is busying sending data: FIN …

Read More
Accessing wireless interface (802.11) at MAC layer (Linux)

I spent the last days reading through man pages, documentations and anything else google brought up, but I suppose I'm even more confused now than I was at the beginning. Here is what I want to do: I want to …

Read More
trace a particular IP and port

I have an app running on port 9100 on a remote server serving http pages. After I ssh into the server I can curl localhost 9100 and I receive the response. However I am unable to access the same app from the …

Read More