我正在用C编写一个工具,用于记录在我的Linux系统上运行的不同应用程序的数据使用情况。 为此,我创建了一个原始套接字然后用“eth0”绑定它,这是我的接口的名称。 但我的问题是,这个套接字只捕获传入的数据包(即:目的MAC地址作为我系统的MAC地址的数据包)。 我找不到任何源MAC地址作为我系统的MAC地址的数据包。 所以它意味着我自己的机器写的数据包不会被原始套接字捕获。 但我想在两个方向捕获数据包,以识别上传和下载的数据大小。 有人可以帮忙吗?
int main() { int rs,len; struct sockaddr_ll addr; char buf[65535]; rs = socket(PF_PACKET,SOCK_RAW,htons(ETH_ALL)); setsockopt(rs,SOL_SOCKET,SO_BINDDEVICE,"eth0",4); while(recvfrom(rs,buf,65535,&addr,&len) > 0){ //print packets } return 0; }I am writing a tool in C for logging data usage of different applications running on my Linux system. For this i had created a raw socket and then I bind it with "eth0" which is the name of my interface. But my problem is that, this sockets captures only incoming packets (ie: packets with destination MAC address as my system's MAC address). I can't find any packets that has source MAC address as my system's MAC address. So it means packets written by my own machine are not captured by the raw socket. But i want to capture packets in both directions for identifying uploaded and downloaded data size. Can anybody help?
int main() { int rs,len; struct sockaddr_ll addr; char buf[65535]; rs = socket(PF_PACKET,SOCK_RAW,htons(ETH_ALL)); setsockopt(rs,SOL_SOCKET,SO_BINDDEVICE,"eth0",4); while(recvfrom(rs,buf,65535,&addr,&len) > 0){ //print packets } return 0; }最满意答案
我在搜索你的问题时找到了这个。 我没试过这个。 可能这会起作用。
int v=0; v = PACKET_MASK_ANY & ~(1<<PACKET_OUTGOING) & ~(1 << PACKET_LOOPBACK); setsockopt( raw_sock, SOL_PACKET, PACKET_RECV_TYPE, &v, sizeof(v));I have found this while searching over your problem. I haven't tried this. May be this will work.
int v=0; v = PACKET_MASK_ANY & ~(1<<PACKET_OUTGOING) & ~(1 << PACKET_LOOPBACK); setsockopt( raw_sock, SOL_PACKET, PACKET_RECV_TYPE, &v, sizeof(v));更多推荐
发布评论