I'm trying to make a C sniffer using the Socket API.
I saw a good solution was to use the raw socket:
sock_raw = socket(AF_INET , SOCK_RAW , 'Tipo do protocolo aqui UDP/TCP/ICMP');
But I did not understand the foundation of the raw socket. Could someone explain how it works? In what layers does it work?
And no recvfrom:
ssize_t recvfrom(int sockfd, void *buf, size_t len, int flags,
struct sockaddr *src_addr, socklen_t *addrlen)
What is the real purpose of *buf and flags ?
And if someone can show you how to get a specific field from a package received with this recvfrom, I appreciate it. I need to make a sniffer with this API and get the message that is transmitted by a packet (an integer and a char vector transmitted by a socker for example).