Date: Mon, 7 Oct 1996 17:29:06 -0400 (EDT) From: Dev Chanchani <dev@trifecta.com> To: Chris Timmons <skynyrd@tahoma.cwu.edu> Cc: freebsd-isp@FreeBSD.org Subject: Re: BPF Message-ID: <Pine.BSF.3.91.961007172810.12452A-100000@www.trifecta.com> In-Reply-To: <Pine.OSF.3.95.961007134406.8277D-100000@tahoma.cwu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Chris, I looked at the tcpdump source code and did not find what I was looking for. It must be in there somewhere, guess I will take another gander. As well as Stevens Programming Books (I have the Network Programming), would that be BSD specific (deal with /dev/bpf?) Thanks, Dev On Mon, 7 Oct 1996, Chris Timmons wrote: > > man pcap > man tcpdump > > cd /usr/src/usr.sbin/tcpdump/tcpdump; more *.c > > :) > > This is a very good start. Stevens TCP Illustrated v1 and possibly v2 > might also be of interest to you. > > -Chris > > On Mon, 7 Oct 1996, Dev Chanchani wrote: > > > I was doing some tinkering with the /dev/bpf device. > > > > My understanding is that reading from the bpf device gives you a raw dump > > of the data over the network. > > > > You will have a bpf header (18 bytes?) > > Then I need to know the ip_offset for packets comming > > in over the ed1 network interface so I can start calculating > > how much traffic is going to what address based on the ip header. > > > > Any help would be appreciated. > > > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.961007172810.12452A-100000>