Training, Open Source computer languages
PerlPHPPythonMySQLApache / TomcatTclRubyJavaC and C++LinuxCSS 
Search for:
Home Accessibility Courses Diary The Mouth Forum Resources Site Map About Us Contact
 
For 2023 (and 2024 ...) - we are now fully retired from IT training.
We have made many, many friends over 25 years of teaching about Python, Tcl, Perl, PHP, Lua, Java, C and C++ - and MySQL, Linux and Solaris/SunOS too. Our training notes are now very much out of date, but due to upward compatability most of our examples remain operational and even relevant ad you are welcome to make us if them "as seen" and at your own risk.

Lisa and I (Graham) now live in what was our training centre in Melksham - happy to meet with former delegates here - but do check ahead before coming round. We are far from inactive - rather, enjoying the times that we are retired but still healthy enough in mind and body to be active!

I am also active in many other area and still look after a lot of web sites - you can find an index ((here))
Getting Network Layer packet details

Posted by kinshuk_mishra (kinshuk_mishra), 8 November 2003
Hi there,

  In my scripts I need to validate source and destination IP address from the packets I am getting on my machine. How can i check that.....?

For example:

I initiate a ftp session to linux box which in turn sends me ack for the request sent. Now I want to know the source and destination IP address from that ACK packet. How can i check that?

Thanks in advance.


Posted by admin (Graham Ellis), 9 November 2003
The standard socket API that's provided in Tcl works at a higher level that your computer's network interface. From reading your question, I think that you want to analyse all network packets received by your system,  whether or not they're addressed to that system, and to do this you need some drivers at a lower level.  I haven't come across any in Tcl, but I have come across snoop and snort;  Snort is open source (see http://www.snort.org) and we ran it for sometime on our internal firewall;  you many find that there are elements of the source code that you can learn from, or you may find that using Snort to feed Expect offers you a possible solution.



This page is a thread posted to the opentalk forum at www.opentalk.org.uk and archived here for reference. To jump to the archive index please follow this link.

You can Add a comment or ranking to this page

© WELL HOUSE CONSULTANTS LTD., 2024: Well House Manor • 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • FAX: 01144 1225 793803 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho