This was found while experimenting with a sniffer, so I have IFF_PROMISC
set when doing the recv(). And my kernel is a 2.4.19-gentoo-r9, but a
normal 2.4.18 from slackware 8.1 has the same behavior.
socket(PF_PACKET,SOCK_RAW,htons(ETH_P_IP));
Does not return a copy of the packets send by the computer you are on. It
returns the IP traffic that other people send normally. So the sniffer
can't see packets from the computer it is running on. This shouldn't be so
as htons(ETH_P_IP) should only be a filter that would return IP only
packets.
socket(PF_PACKET,SOCK_RAW,htons(ETH_P_ALL));
Works just fine, so I think the filter is excluding too much.
Or isn't it a bug?
Please Cc it to me as I haven't subscribed the mailing list.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Mar 23 2003 - 22:00:31 EST