| |||||||||||
Getting Network Layer packet details Posted by kinshuk_mishra (kinshuk_mishra), 8 November 2003 Hi there,In my scripts I need to validate source and destination IP address from the packets I am getting on my machine. How can i check that.....? For example: I initiate a ftp session to linux box which in turn sends me ack for the request sent. Now I want to know the source and destination IP address from that ACK packet. How can i check that? Thanks in advance. Posted by admin (Graham Ellis), 9 November 2003 The standard socket API that's provided in Tcl works at a higher level that your computer's network interface. From reading your question, I think that you want to analyse all network packets received by your system, whether or not they're addressed to that system, and to do this you need some drivers at a lower level. I haven't come across any in Tcl, but I have come across snoop and snort; Snort is open source (see http://www.snort.org) and we ran it for sometime on our internal firewall; you many find that there are elements of the source code that you can learn from, or you may find that using Snort to feed Expect offers you a possible solution.This page is a thread posted to the opentalk forum
at www.opentalk.org.uk and
archived here for reference. To jump to the archive index please
follow this link.
|
Other Forum Posts Follow us on ... | ||||||||||
PH: 01144 1225 708225 • FAX: 01144 1225 793803 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho |