Ethereal-dev: Re: [ethereal-dev] Need some advice and help getting started with real time pac

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Ben Fowler <wapdev@xxxxxxxxxxxx>
Date: Wed, 28 Jun 2000 19:11:12 +0100

Hello. I am working on a project that involves monitoring certain UDP
packets, and then responding to those in real time based on the data within
them. I came across ethereal and libpcap, but it looks like all the packet
data is buffered and then analyzed. Realizing that I need help from the
experts, I turn to you for advice.
[ ...]

What I want to do: look at all UDP packets coming across wire in real time ...
If packet data contains such and such, capture this data to a C struct or
something, and pass it to my client program for processing.

That's pretty much it. i am not sure if ethereal is the tool for this or if
libpcap is. If I am completely looking in the wrong direction, please let me
know so. I am very new to packet stuff, so sample source or pointers to such
would be very much appreciated.

If I were doing this, I would use ethereal and I would make a dissector
that worked the same as packet-udp.c; this code gets control for
each UDP packet received - you could do whatever you wanted.

Ben

--
Leedsnet - The information resource for Leeds and the West Riding
< URL:http://www.leedsnet.com/mobile/ >