PROBLEM: all bytes of extracted payload from a dump file appears to be zero

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am using TCPTRACE in Fedora Linux Kernel version 2.6.18.1 to extract and process packets from a packet dump file. To process each packet, the md_read() function is called . The code of which is as follows.
I am trying to extract payload from these packets. but when I display the bytes of the payload or infact the packet using *payload or *pip pointer ...........all bytes appear to be zero.........
I could not figure out why this is happening............

any suggestions or help ..............

void
md_read(
    struct ip *pip,        /* the packet */
    tcp_pair *ptp,        /* info I have about this connection */
    void *plast,        /* past byte in the packet */
    void *mod_data)        /* connection info for this one */
{
        unsigned int j;
    unsigned char *payload,*packet;
    long  bytes,payload_length,size_iphdr,size_tcphdr;

    if (pip->ip_p != IPPROTO_TCP) return; //only process tcp packets

    packet =  pip;

    size_iphdr = 4*IP_HL(pip);
    if(size_iphdr<20){printf("Invalid IP header:%u bytes\n",size_iphdr); return;}
    struct tcphdr *ptcp = (struct tcphdr *) (packet + size_iphdr); 

    size_tcphdr = 4*TH_OFF(ptcp);
    if(size_tcphdr<20){printf("Invalid TCP header:%u bytes\n",size_tcphdr); return;}

       //contains the pointer to the payload
     payload =  (packet + size_iphdr + size_tcphdr ); 

        bytes = ntohs(pip->ip_len);    //total length of the packet
    payload_length = bytes - size_iphdr  -size_tcphdr  ;  //payload length   

}

Send instant messages to your online friends http://uk.messenger.yahoo.com
[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux