Hi there, Im having some problems with this packet sniffer i wrote. It
will capture all packets fine but i also need it to send these
captured packets forwarded on to a client machine. this part of the
program is not working so well. Any help appreciated as i am at my
wits end. Also forgive the poor coding style
Here is the code:


#include
#include
#include
#include
#include
#include
#include
#include < string.h>

int go = -1;
int x; /*global var for passing no of bytes recieved by sniffer*/

struct ipheader { /*Ip header structure*/

unsigned char headl:4, version:4;
unsigned char tos;
unsigned short int len;
unsigned short int id_seq;
unsigned short int offset;
unsigned char ttl;
unsigned char proto;
unsigned short int chksum;
unsigned int source;
unsigned int dest;
};

struct tcpheader {

unsigned short int srcport;
unsigned short int destport;
unsigned int seqnum;
unsigned int acknum;
unsigned char x2:4, offset:4;
unsigned char flags;
unsigned short int windowsize;
unsigned short int chksum;
unsigned short int urgentptr;
};

struct udpheader {
unsigned short int srcport;
unsigned short int destport;
unsigned short int len;
unsigned short int chksum;
};


int udpForward(char *buffer)
{
int t;

char data2[(x+1064)];


struct ipheader *ip=(void*)buffer;
int store = ip->id_seq;

printf("\n%i\n", store);

if (store!= go){ /*this guy checks to see if this packet was
forwarded already*/
go = store;

strcpy(data2, buffer); /*copies whole packet into data2*/
printf("copy successful \n");
/*Client initiated*/

int ipsoc = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);

/*Now for the standard stuff*/
struct sockaddr_in raddrin;
raddrin.sin_family = AF_INET;
raddrin.sin_port = htons(3333);
raddrin.sin_addr.s_addr = inet_addr(" 192.168.1.66");/*Ip address
of data analysis client*/

/* ssize_t sendto(int socket, const void *message, size_t length,
int flags, const struct sockaddr *dest_addr, socklen_t
dest_len);*/

t = sendto(ipsoc, data2, sizeof(data2), 0, (struct sockaddr
*)&raddrin, x);
printf("t= %i\n", t);
if (t > -1)
printf("great success\n"); /*new packet sent*/

}

else{
perror( "t" );
printf("already sent\n");
go = -1;}

}

void sniffnetwork()
{
int n, bytes_read,i;
char data[1024];
n = socket(AF_INET, SOCK_PACKET, htons(ETH_P_IP));

if ( n < 0 )
printf("Snooper socket error");


do{
bytes_read = recvfrom(n, data, sizeof(data), 0, 0, 0);
if ( bytes_read > 0 ){
x = bytes_read;
printf("captured data:\n");
/*for (i=0; i<=bytes_read; i++){
printf("%X", data[i]);

}*/
printf("\n");
udpForward(data);

}
}
while ( bytes_read > 0 );
}

int main()
{
sniffnetwork();

return 0;
}



I think UDP is appropriate for forwarding on the packets as every
single one is not essential nor is the order.