so this implies to all incoming packets(like IPPROTO_TCP/UDP etc) or just ICMP packets, I can get other ICMP packets just not echo request packet I beleive using ETH_P_IP means using linux lfs (linux filter system - link layer?) Can you point me to some tutorial/sample code for using ETH_P_IP etc? It will be helpful for me. Why ICMP_echo request incoming packet does not passed by kernel to RAW socket (as far as man raw is concerned, it didn't tell you anything like this ?) May be i am little bit confused here, a little explaination will certainly help me grasp things quickly Thanks for your help -- basit Graduate student Dept. Of Computer science Wichita state univ On Mon, 6 Jan 2003, Marian Jancar wrote: > On Mon, 6 Jan 2003 05:29:04 -0600 (CST) > Abdul Basit <basit@basit.cc> wrote: > > > > > Hello, > > > > i wrote a simple program to use raw sockets and catch all > > icmp packets. > > > > // -- code snipped > > > > buf = (char*) malloc(sizeof(struct ip)+sizeof(struct icmp)); > > > > sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); > > You get only incomming packets that way, use: > > sockfd = socket(PF_PACKET, SOCK_RAW, ETH_P_IP); > > and use socket filter or filter it youyself. > > Marian > - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
