Socket raw in C

0

I'm trying to make a C sniffer using the Socket API.

I saw a good solution was to use the raw socket:

sock_raw = socket(AF_INET , SOCK_RAW , 'Tipo do protocolo aqui UDP/TCP/ICMP');

But I did not understand the foundation of the raw socket. Could someone explain how it works? In what layers does it work?

And no recvfrom:

ssize_t recvfrom(int sockfd, void *buf, size_t len, int flags,
                 struct sockaddr *src_addr, socklen_t *addrlen)

What is the real purpose of *buf and flags ?

And if someone can show you how to get a specific field from a package received with this recvfrom, I appreciate it. I need to make a sniffer with this API and get the message that is transmitted by a packet (an integer and a char vector transmitted by a socker for example).

    
asked by anonymous 21.10.2018 / 21:21

1 answer

-1

If you are a high-level hacker then you can think of creating a sniffer using raw sockets. Otherwise you can do as most people write sniffers and use a capture library, such as libpcap .

    
21.10.2018 / 23:49