www.delorie.com/archives/browse.cgi   search  
Mail Archives: djgpp/1999/01/22/23:24:09

From: "John S. Fine" <johnfine AT erols DOT com>
Newsgroups: comp.os.msdos.djgpp
Subject: Re: Library for capture packet ?
Date: Thu, 21 Jan 1999 21:29:16 -0500
Lines: 63
Message-ID: <36A7E27C.5782@erols.com>
References: <Pine DOT GSO DOT 4 DOT 05 DOT 9901210809440 DOT 12922-100000 AT Chaokhun DOT kmitl DOT ac DOT th>
Mime-Version: 1.0
X-Trace: eS09uOx3GW3/XQZzhNkRp20/KR4uScSJyk4az1vD/bg=
X-Complaints-To: abuse AT rcn DOT com
NNTP-Posting-Date: 22 Jan 1999 02:30:31 GMT
X-Mailer: Mozilla 3.01 (Win95; U)
To: djgpp AT delorie DOT com
DJ-Gateway: from newsgroup comp.os.msdos.djgpp
Reply-To: djgpp AT delorie DOT com 

Thanathip Tharavanich wrote:
> 
>      Where i can find any library or source code for capture packets
> from ethernet card ? (djgpp version) , I need it urgenly .

  You should get a copy of the crynwr packet driver for your network
card.  You should read the crynwr text file packet_d.109 which
describes the API for calling the packet driver.

  If you must call it from DJGPP, you should read the DJGPP FAQ
section 18.8 to learn about real_mode_callbacks.  (The way the
packet driver works, you initialize it, then it calls your code
when a packet arrives).

  I examined my own source code for capturing packets and
determined that it uses too many things in my collection of
strange build methods and utility routines etc.  No one
else would be able to understand or even recompile it.
The capture program is 16-bit anyway (Turbo-C and OPTASM)
because I *haven't* read section 18.8 of the DJGPP FAQ.

  Except for any complications in real mode callbacks
(and allocating real mode buffer space) it is quite
easy to use a crynwr driver.

1)  When you load the driver you must select a software
interrupt for it to use.  Your program then calls it at
that interrupt.

2)  Call it with AX=0x1FF (see driver_info() in packet_d.109)
to get the class, type, number required below.

3)  Call it with AH=2 (see access_type())
CX=0 (to receive all packet types), ES:DI = address of your
real mode call back.  Other values derived from the
previous call (but in different registers, see documentation).
This operation returns a handle in AX

4)  Call it with AH=20 (0x14), BX = handle, CX=6 to
receive packets regardless of destination (whether or
not they are addressed to you).  (see set_rcv_mode()).

5)  Wait:  It will call your real mode callback
twice per packet.  The first time AX will be zero and
CX will be the length of an incomming packet.  You must
allocate a real mode buffer for the packet and return
the address in ES:DI.
Second it will call you after it has copied the packet
to your buffer, with AX=1, CX=length, DS:SI=the address
you returned to it in ES:DI.

6)  When you want to stop, call it (the interrupt) twice 
with BX=handle, AH = 3 the first time (release_type) and
AH = 5 the second time (terminate).

  Sorry, this isn't source code, but as you can see the
whole thing is pretty easy.  Doing something with all
the packets you capture is a whole 'nuther story.  That
is what most of my program is about;  But you didn't
ask that part, just how to capture them.
-- 
http://www.erols.com/johnfine/
http://www.geocities.com/SiliconValley/Peaks/8600/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019