On Tuesday 29 March 2005 12:51, rajat swarup wrote: > Hi, > I am doing an academic project in which I need to capture the network > packets off the wire. This capturing needs to be done in the kernel > itself as the other component of this project works in the kernel and > takes input from a data structure generated by this packet capturing > module. > I was looking through the kernel code and could not find specific > places where something like a "raw packet" could be found. > Should I capture the packets through the device driver module? > Or Could someone advise me as to where in the kernel I should look to > get access to the raw data packets? You can use the netfilter API. Look the patch-o-matic and patch-o-matic-ng projects to look some samples about hooking and capturing packets. Anyway you will also need to know about socket buffers. Regards, -- The first is to ensure your partner understands that nature has root privileges - nature doesn't have to make sense. -- Telsa Gwynne
Attachment:
pgpNLYVSFLRCR.pgp
Description: PGP signature
