仅获取传入数据包 [英] Get only Incoming Packets
本文介绍了仅获取传入数据包的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我只需要传入数据包.如何从滥交切换?
I only need incoming packets. How do I switch this from promiscuous?
// Set socket to promiscuous mode
if ( WSAIoctl( sniff_socket,
SIO_RCVALL,
&optval,
sizeof(optval),
NULL,
0,
&dwLen,
NULL,
NULL ) == SOCKET_ERROR )
{
exit(-3);
}
推荐答案
您可能想使用RCVALL_IPLEVELIOCTL选项.
请参阅此处: http://msdn.microsoft.com/zh-CN /library/ee309610%28v=vs.85%29.aspx [
You probably want to useRCVALL_IPLEVELIOCTL option.
See here: http://msdn.microsoft.com/en-us/library/ee309610%28v=vs.85%29.aspx[^]
由于您使用的是winpcap,这是另一个过滤器选项...就像我一样之前已经建议过,请熟悉您的过滤选项.您确实必须下载并学习使用Wireshark,这将使您看到winpcap的功能.
请参见 dst主机 主机:
http://www. mirrorservice.org/sites/ftp.wiretapped.net/pub/security/packet-capture/winpcap/docs/docs31/html/group__language.html [ http://www.wireshark.org/ [ ^ ]
P.S.不知道您要构建什么,但是似乎您正在尝试构建Wireshark.也许您需要停下来花点时间看一下该工具的功能以及可以使用的工具.
since you''re using winpcap, this is another filter option... like i''ve suggested before, get familiar with your filtering options. you really have to download and learn to use wireshark, this would allow you to see the capabilities of winpcap.
See dst host host:
http://www.mirrorservice.org/sites/ftp.wiretapped.net/pub/security/packet-capture/winpcap/docs/docs31/html/group__language.html[^]
...And here''s the wireshark site:
http://www.wireshark.org/[^]
P.S. Not sure what you''re trying to build, but it seems like you''re trying to build wireshark. Maybe you need to stop and take the time to see what that tool has and if its something you can use.
这篇关于仅获取传入数据包的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
