Read raw IPv4 in promiscuous mode on Linux?

别等时光非礼了梦想. 提交于 2020-02-06 02:57:47

问题


I am trying to write an application to sniff traffic being sent to an ethernet port on my server. My application never needs to send data. It only needs to receive and decode the 5-tuple.

I am opening the socket with:

socket (AF_INET, SOCK_RAW, htons (ETH_P_ALL))

and setting it to promiscuous mode:

struct ifreq ifr;
ioctl (raw_socket, SIOCGIFFLAGS, &ifr);
/* Set the old flags plus the IFF_PROMISC flag */
ifr.ifr_flags |= IFF_PROMISC;
ioctl (raw_socket, SIOCSIFFLAGS, &ifr);

I am using recv to receive data from the socket, but it appears that I'm not receiving the full packets including the from/to IP addresses inside the packet.

Any idea how best to do this?

来源:https://stackoverflow.com/questions/27069400/read-raw-ipv4-in-promiscuous-mode-on-linux

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!