- This topic has 2 replies, 2 voices, and was last updated 20 years, 3 months ago by
.
-
Posts
-
I do not seem to be typecasting the Buffer correctly when trying to return IP specific packet information. Buffer is of type INTERMEDIATE_BUFFER. The IpProto variable always returns a 7 value which does not match any IP protocols. Is there some sort of offset that has to be applied to Buffer? Below is the section of code that deals with determining the IP packet type:
if ntohs(pEtherHeader.h_proto) = ETH_P_IP then begin
pktProto := ‘Unknown’;
pIPHeader := TIPHeaderPtr (@Buffer.m_IBuffer);
IpProto := pIPHeader.Protocol;
case IpProto of
IPPROTO_ICMP : pktProto := ‘ICMP’;
IPPROTO_IGMP : pktProto := ‘IGMP’;
IPPROTO_GGP : pktProto := ‘GTWY’;
IPPROTO_TCP : pktProto := ‘TCP’;
IPPROTO_PUP : pktProto := ‘PUP’;
IPPROTO_UDP : pktProto := ‘UDP’;
IPPROTO_IDP : pktProto := ‘IDP’;
IPPROTO_ND : pktProto := ‘NDSK’;
IPPROTO_RAW : pktProto := ‘RAW’;
end;
PacketItem.SubItems.Add(pktProto);
end;I seem to get information about the Ethernet header just fine by typecasting the following:
pEtherHeader := TEtherHeaderPtr (@Buffer.m_IBuffer);
So the above problem makes me think I need to move to an offset of Buffer or something? Thanks in advance for any help given.
Regards,
Troy CarpenterI did have to offset it by the Ethernet header. The typecast ended up looking like this:
pIPHeader := TIPHeaderPtr (@Buffer.m_IBuffer[15]);
- You must be logged in to reply to this topic.