TechQA.

Sniff all network interfaces

906 views Asked by At

I've written a program that uses sockets to capture packets on network interfaces. First I gather all IPs of my machine using gethostbyname, then bind a raw socket to each ip with SOCK_RAW, IPPROTO_IP and SIO_RCVALL options. A thread is executed for each IP that calls recv on the appropriate socket (one socket for each ip). This program works fine.

But I found a special address named INADDR_ANY. MSDN says SIO_RCVALL cannot be used with INADDR_ANY, it's here:

The socket also must be bound to an explicit local IPv4 or IPv6 interface, which means that you cannot bind to INADDR_ANY or in6addr_any.

Is it possible to monitor and capture all packets (packets related to the local computer and not packets of other computers) with one socket?

Thanks

sockets networking sniffing
Original Q&A
1

There are 1 answers

1
Matt Ball On

INADDR_ANY means "I don't care which local address," not "All local addresses."

From MSDN:

If an application does not care what local address is assigned, specify the constant value INADDR_ANY for an IPv4 local address or the constant value in6addr_any for an IPv6 local address in the sa_data member of the name parameter. This allows the underlying service provider to use any appropriate network address, potentially simplifying application programming in the presence of multihomed hosts (that is, hosts that have more than one network interface and address).

Related Questions in SOCKETS

Related Questions in NETWORKING

Related Questions in SNIFFING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions