Snooping in on IGMP traffic

Question

I built a library for doing IGMP stuff. Now, the silly thing is, my library also does presence monitoring to make sure others are still part of the group.

IGMP does exactly the same thing at a lower level. Parting messages, polling to the router that it's still part of the same group, the whole thing. I've just repeated all the same work, and it's likely not as robust.

I can make everything a lot cleaner (and I wouldn't be reinventing the wheel) if I could tap into those packets.

Anyone have any experience doing this? Maybe create some sort of crazy socket? I don't want to use libpcap for it. I don't think the language matters, as long as it's possible using Sockets on Windows/Linux

Answer 1

Alright, found a way. It's super dirty right now since I have to extract the information I need by hand, but this is in essence how you pull IGMP data on an interface (note that you need to have administrator privileges to pull raw data):

var buffer = new byte[65536];
var s = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.Igmp); // filter out non IGMP
byte[] one = BitConverter.GetBytes(1);
s.Bind(new IPEndPoint(IPAddress.Parse("192.168.1.148"), 0)); // Which interface to listen on
s.IOControl(IOControlCode.ReceiveAll, one, one); // enter promiscuous mode
s.Recieve(buffer); // get yourself some data (BeginRecieve didn't seem to work here)

then do something with said buffer. If you poke in wireshark you can see the packet breakdown