Home > LIBIPQ, Linux, Netfiliter > LIBIPQ udp packet parsing

LIBIPQ udp packet parsing

January 31st, 2005 SuperHac Leave a comment Go to comments

Here’s another snippet of code for calculating and parsing a UDP packet with LIBIPQ. This function gets the first two bytes of the UDP packet payload(data).
>
>

__u16 get_udp_two_payload_bytes(ipq_packet_msg_t *msg)
> {
>
> unsigned int udp_header_size = 8; /* UDP always has an 8 byte header! */
> __u16 fist_two_bytes;
>
> /* Cast the IP Header from the raw packet */
> struct iphdr *iph = ((struct iphdr *) msg->payload);
>
> /* Cast the UDP Header from the raw packet */
> struct udphdr *udp = (struct udphdr *) (msg->payload + (iph->ihl 2));
>
> /* get the payload offset from within the raw packet */
> int unsigned payload_offset = ( udp_header_size + (iph->ihl 2) );
>
> /* calculate the length of the UDP payload */
> int unsigned payload_length = ntohs(udp->len) – udp_header_size;

 

/* get the first two bytes of the payload */
if(payload_length)
first_two_bytes = *(__u16 *) (msg->payload + payload_offset);
else /* There was no payload… */
printf(“ERROR: Payload is zero….\n”);
return(first_two_bytes);
}

Categories: LIBIPQ, Linux, Netfiliter Tags:
  1. No comments yet.
  1. No trackbacks yet.