In the program I use the libpcap library to intercept packets from a card that does not have an IP address (the router sends packets to this port).
Same code on debian 7 (kernel 3.2.0-4-amd64) , and on ubuntu 14.04 (kernel 3.13.0-24-generic) and on debian 8.1 (kernel 3.16.0) .
At the same time, on debian 7 and on ubuntu 12.04 (kernel 3.11.0-19-generic) , using the pcap_next_ex () function, I can get the package, but on ubuntu 14.04 and debian 8.1 I can't.
What could be the problem?
#include <pcap.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <string.h> void intranet_packages(u_char *user, const struct pcap_pkthdr *header, const u_char *packet); int main() { char errbuf[PCAP_ERRBUF_SIZE]; char *dev = pcap_lookupdev(errbuf); pcap_t *handle = pcap_open_live(dev, 1600, 1, -1, errbuf); const unsigned char *packet; if (handle == NULL) { printf("1 fasfas %s\n", errbuf); return -1; } char filter[] = ""; struct bpf_program fp; memset((void*)&fp, 0, sizeof(struct bpf_program)); int result = pcap_compile(handle, &fp, filter, 0, 0); if (result < 0) { printf("2 fasfas\n"); return -1; } result = pcap_setfilter(handle, &fp); if (result < 0) { printf("3 fasfas\n"); return -1; } struct pcap_pkthdr header; int i; while (1) { packet = pcap_next(handle, &header); printf("%d ", header.len); if (result < 0) { return -1; } } pcap_close(handle); } PS wireshark and tcpdump using the same library for some reason receive the packets, and with the help of this code, as written above, on debian 8.1 and ubuntu 14.04 I can not get the packets.
