|
Home > Archive > Unix Programming > July 2006 > Help!: problems when printing packet payload
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Help!: problems when printing packet payload
|
|
| g03s1643@campus.ru.ac.za 2006-07-02, 1:44 pm |
| Hi there!
I am building a packet sniffer using libpcap and have been trying for 3
days to solve this problem with no results.
I've been through the relative pcap tutorials & looked at example
code.
The bulk of where the problem occurs is in the skeleton code below.
Has it got something to do with mixing u_char, char & const char for
the packets payload?
.....
.....
//these are just the relative sizes in bytes of each of the headers
ethlen = sizeof(struct ether_header); // 14
iplen = sizeof(struct ip); // 20
tcplen = sizeof(struct tcphdr); // 20
udplen = sizeof(struct udphdr); // 8
....
//this is the function pcap calls each time a packet is captured
void Packet_Handler(u_char *temp1, const struct pcap_pkthdr *header,
const u_char *packet)
{
....
const char *payload;
....
//define data position
ethernet = (struct ether_header *)(packet);
ip = (struct ip *)(packet + ethlen);
if (ip->ip_p == IPPROTO_TCP)
{
tcp = (struct tcphdr*)(packet + ethlen + iplen);
payload = (const u_char*)(packet + ethlen + iplen + tcplen);
}
.....
cout << "Packet payload: \n " <<payload;
}
Basically my problem is that when i call a function to print out a
packets payload (using cout or printf), the payload appears in all
sorts of funny characters. I think its a memory leak or something. The
rest of the fields, ie src port , dest, ip adresses etc are fine. Below
is an example of some output the code produces. As you can see,
everything is fine until the packet payload, whereby weird ascii
characters are outputted.
Packet Number: 2 Packet Length: 157
Time: 13:38:39
Source IP: 145.231.123.83 Port: 10328
Dest IP: 145.231.123.82 Port: 41174
Protocol: UDP
%@($*&
weoi
etc etc
Any Ideas?
Thanks,
Gringo
| |
| Barry Margolin 2006-07-03, 1:27 am |
| In article <1151844156.433640.11240@a14g2000cwb.googlegroups.com>,
g03s1643@campus.ru.ac.za wrote:
> Basically my problem is that when i call a function to print out a
> packets payload (using cout or printf), the payload appears in all
> sorts of funny characters
The payload isn't a null-terminated C string, so printf and cout won't
display it properly. You should probably convert to hex like tcpdump
and Ethereal do.
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
|
|
|
|
|