Hi salinarl!
You don't need to write a kernel module to do this.
Use RAW sockets. (See man 2 socket). If you're not interested in the link
layer, you can also use DGRAM sockets to get everything from layer 3 and up
(ip, arp, etc.)
> I am new to kernel internals, and I would like to know how can a sniffer
> read whole packets, I mean including the link layer header. In the receive
> path, this happens, I think, in the net_rx_action(), but in the transmit
> path?
> I know that there is a function called dev_queue_xmit_nit() for this, but
> how can a driver add a link layer header to a packet before this function
> gets called? The hard_start_xmit() of the driver is, in fact, called after
> the dev_queue_xmit_nit(), (in the function dev_queue_xmit() ).
> I think I'm missing something important about the subject, but I hope someone
> will answer me, anyway.
> Thank you in advance,
>
> Lanfranco
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--Regards Abraham
What we wish, that we readily believe. -- Demosthenes
__________________________________________________________ Abraham vd Merwe - 2d3D, Inc.
Device Driver Development, Outsourcing, Embedded Systems
Cell: +27 82 565 4451 Snailmail: Tel: +27 21 761 7549 Block C, Antree Park Fax: +27 21 761 7648 Doncaster Road Email: abraham@2d3d.co.za Kenilworth, 7700 Http: http://www.2d3d.com South Africa
This archive was generated by hypermail 2b29 : Sat Dec 15 2001 - 21:00:16 EST