From owner-freebsd-net@FreeBSD.ORG Fri Jun 25 10:49:54 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 84DCD16A4CE for ; Fri, 25 Jun 2004 10:49:54 +0000 (GMT) Received: from web13004.mail.yahoo.com (web13004.mail.yahoo.com [216.136.174.14]) by mx1.FreeBSD.org (Postfix) with SMTP id 6733843D49 for ; Fri, 25 Jun 2004 10:49:54 +0000 (GMT) (envelope-from rosey_kc@yahoo.com) Message-ID: <20040625104911.69479.qmail@web13004.mail.yahoo.com> Received: from [202.51.78.5] by web13004.mail.yahoo.com via HTTP; Fri, 25 Jun 2004 03:49:11 PDT Date: Fri, 25 Jun 2004 03:49:11 -0700 (PDT) From: kamal kc To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: newbie: ethernet, ip header proble X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 10:49:54 -0000 Hi i am new to this mailing list. I have written a program to capture packets using pcap library routines. I have a FreeBSD 5.1. The problem I faced was I successfully captured packets and parsed to ethernet header and ip header. i present a section of code how i did it. -- char *ptr; ptr=pcap_next(.....); struct ether_header *eth; struct ip *ip; eth=(struct ether_header *)ptr; // datalink type DLT_EN10MB ptr+=14; // the size of the ether_header being 14 bytes; ip=(struct ip *)ptr; printf("\n %s %s", ether_ntoa(eth->ether_dhost), ether_ntoa(eth->ether_shost)); printf("\n %s %s", inet_ntoa(ip->ip_src), inet_ntoa(ip->ip_dst)); ---------------- Now the problem is that the ethernet destination and sender host is printed the same. it is equal to that of the sender MAC address(linux) when ICMP packets (by ping utility) is sent to the host(FreeBSD) running the program. Also that the ip adresses printed is the same as the sender ip address(ie linux). The program is run on host with FreeBSD. The ip address of the computers are: 192.168.1.10 has Linux 192.168.1.11 has FreeBSD I couldn't think of a solution as i guess the coding was alright. Anybody could help Kamal --------------------------------- Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage!