Sniffing only 1 IP
Sniffing only 1 IP
Im still learning all of this as I go because Im self taught so be easy on me. I have a program that is used as an alerting program for my fire station. The program uses Winpcap and Wpdpack to capture packets. My problem is the program is sniffing the whole cisco router and I only need it to watch the ip address that the printer is hosted on. Does any one have any suggestions?
What program? You'd have to specify the target in the actual program.
You could use Wireshark to sniff just the printer.
Put a hub between the printer & router. Connect comp & printer to same hub. Start capture.
You could use Wireshark to sniff just the printer.
Put a hub between the printer & router. Connect comp & printer to same hub. Start capture.
No one has any right to force data on you
and command you to believe it or else.
If it is not true for you, it isn't true.
LRH
and command you to believe it or else.
If it is not true for you, it isn't true.
LRH
I have a hub hooked to the router and lines to the computer and printer from the hub. The problem is the computer still sees all the traffic across the router, and all the traffic can cause the program to crash. Either way Im going to try the wireshark idea. It looks like it should be exactly what I need.
Im still learning the programing and I cant figure out how to exactly target the IP i want in the program. Its a pretty generic packet sniffer program from wpdpack at http://www.winpcap.org/devel.htm. The program is below.
Im still learning the programing and I cant figure out how to exactly target the IP i want in the program. Its a pretty generic packet sniffer program from wpdpack at http://www.winpcap.org/devel.htm. The program is below.
Code: Select all
#include "pcap.h"
/* prototype of the packet handler */
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data);
main()
{
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i=0;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
/* Retrieve the device list */
if(pcap_findalldevs(&alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for(d=alldevs; d; d=d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):",i);
scanf("%d", &inum);
if(inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);
/* Open the device */
/* Open the adapter */
if ((adhandle= pcap_open_live(d->name, // name of the device
65536, // portion of the packet to capture.
// 65536 grants that the whole packet will be captured on all the MACs.
1, // promiscuous mode (nonzero means promiscuous)
1000, // read timeout
errbuf // error buffer
)) == NULL)
{
fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", d->name);
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
printf("\nlistening on %s...\n", d->description);
/* At this point, we don't need any more the device list. Free it */
pcap_freealldevs(alldevs);
/* start the capture */
pcap_loop(adhandle, 0, packet_handler, NULL);
pcap_close(adhandle);
return 0;
}
/* Callback function invoked by libpcap for every incoming packet */
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
struct tm *ltime;
char timestr[16];
time_t local_tv_sec;
/* convert the timestamp to readable format */
local_tv_sec = header->ts.tv_sec;
ltime=localtime(&local_tv_sec);
strftime( timestr, sizeof timestr, "%H:%M:%S", ltime);
printf("%s,%.6d len:%d\n", timestr, header->ts.tv_usec, header->len);
}