[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tcpdump-workers
Subject:    Re: [tcpdump-workers] print location
From:       Max Laier <max () love2party ! net>
Date:       2008-11-02 21:42:16
Message-ID: 200811022242.17049.max () love2party ! net
[Download RAW message or body]

On Sunday 02 November 2008 22:27:22 stephen@stephengarrett.net wrote:
> Hi,
>
> I'm trying to find where in the code tcpdump prints the packet info like
> source and destination IP addresses.  I need to insert some code to make a
> custom version of tcpdump that will send a message to another program every
> time tcpdump prints a line, and I also need to know if those source and
> destination IP addresses are stored in a variable somewhere and if not, how
> can I access them.
>
> Any help or direction is greatly appreciated.

Search for "ip->ip_{src,dst}" in combination with "ipaddr_string" in
print-ip.c.  But note, that some protocols (TCP, UDP, DCCP, SCTP) like to 
print their own representation of IP addresses (with port numbers added) and 
you have to look at the respective print-{tcp,udp,sctp,dccp}.c.  All that 
considered you are probably better off by simply using libpcap directly.

-- 
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
[prev in list] [next in list] [prev in thread] [next in thread]