[erlang-questions] packet sniffing

Matthias Lang <>
Wed Jan 27 21:12:13 CET 2010


On Tuesday, January 26, Jachym Holecek wrote:
> # Joe Armstrong 2010-01-26:
> > Can I use the standard socket libraries to sniff all packets from an interface?
> > 
> > I have a C driver that does
> > 
> >           rawsock = socket(PF_PACKET, SOCK_RAW, htons(p ETH_P_IP))

> You're certainly aware of this, but for the record: this is Linux specific
> code. For a portable solution, one would have create a port driver on top
> of libpcap[*]. I don't know if that has been done though.

I have not looked at it myself, but the EDTK driver toolkit appears
to contain a libpcap driver

  http://www.snookles.com/erlang/edtk/

I'm guessing Joe's currently using the tuntap library Luke Gorrie wrote
a long time ago. It gets the job done, though probably not on BSD.

Matt


More information about the erlang-questions mailing list