hello,
1. how does ifconfig and netstat get teh net statistics, where can i get
the source to that funtion or source file.
2. is there any funtion in the network device driver source by accessing
which i can get the packets received or the type of packets. if not can
anybody gimme some tips on how can i write it.
i am trying to write or modify the eth device driver(3c509.c) in such a
way that i can statistics of the traffic and then i also want to
identify teh traffic. in short i want to incorporate a function in my
driver which when acceseed would act as a sniffer/protocol analyzer .
any help or advise will be appreciated.
thanks,
phoram mehta
On Sun, 14 Oct 2001, Mehta, Phoram Kirtikumar (UMKC-Student) wrote:
> 1. how does ifconfig and netstat get teh net statistics, where can i get
> the source to that funtion or source file.
They are from /proc/net/.
> 2. is there any funtion in the network device driver source by accessing
> which i can get the packets received or the type of packets. if not can
> anybody gimme some tips on how can i write it.
You can use a packet filter.
> i am trying to write or modify the eth device driver(3c509.c) in such a
> way that i can statistics of the traffic and then i also want to
> identify teh traffic. in short i want to incorporate a function in my
> driver which when acceseed would act as a sniffer/protocol analyzer .
> any help or advise will be appreciated.
Do it in userspace with packet filters. Look at tcpdump for example
code.
Rasmus
--
-- [ Rasmus 'M?ffe' B?g Hansen ] ---------------------------------------
[...] Note that 120 sec is defined in the protocol as the maximum
possible RTT. I guess we'll have to use something other than TCP
to talk to the University of Mars.
--------------------------------- [ moffe at amagerkollegiet dot dk ] --
--- Rasmus_B?g_Hansen <[email protected]>
wrote:
> On Sun, 14 Oct 2001, Mehta, Phoram Kirtikumar
> (UMKC-Student) wrote:
>
> > 1. how does ifconfig and netstat get teh net
> statistics, where can i get
> > the source to that funtion or source file.
>
> They are from /proc/net/.
Yeah, here you can find src of network utilities:
http://www.tazenda.demon.co.uk/phil/net-tools/
>
> > 2. is there any funtion in the network device
> driver source by accessing
> > which i can get the packets received or the type
> of packets. if not can
> > anybody gimme some tips on how can i write it.
>
> You can use a packet filter.
>
> > i am trying to write or modify the eth device
> driver(3c509.c) in such a
> > way that i can statistics of the traffic and then
> i also want to
> > identify teh traffic. in short i want to
> incorporate a function in my
> > driver which when acceseed would act as a
> sniffer/protocol analyzer .
> > any help or advise will be appreciated.
>
> Do it in userspace with packet filters. Look at
> tcpdump for example
> code.
Sure. Or ... to use netfilter hook functions (if you
can't use user space code)
>
> Rasmus
>
> --
> -- [ Rasmus 'M?ffe' B?g Hansen ]
> ---------------------------------------
> [...] Note that 120 sec is defined in the protocol
> as the maximum
> possible RTT. I guess we'll have to use something
> other than TCP
> to talk to the University of Mars.
> --------------------------------- [ moffe at
> amagerkollegiet dot dk ] --
>
> -
> To unsubscribe from this list: send the line
> "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at
> http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com
Hello Kirti,
rather than doing it in kernel space why don't u do in userspace.
There's a lot of tools and libraries available! Take for example
tcpdump, ethereal, dniff and others as tools, libpcap (*nix packet
capturing library) or wincap (windows packet capturing library) and
many more. The kernel also provides a lot of other features via the
socket call to do these stuff. Could u please detail out what exactly
do u want to do and your major reason of getting inside the kernel ?
hope this helps..
mal
-------------------------------------------------------------------
On Sun, 14 Oct 2001, Mehta, Phoram Kirtikumar (UMKC-Student) wrote: >
1. how does ifconfig and netstat get teh net statistics, where can i
get
> the source to that funtion or source file. They are from /proc/net/.
> 2. is there any funtion in the network device driver source by
accessing
> which i can get the packets received or the type of packets. if not
can
> anybody gimme some tips on how can i write it. You can use a packet
filter. > i am trying to write or modify the eth device driver(3c509.c)
in such
a
> way that i can statistics of the traffic and then i also want to
> identify teh traffic. in short i want to incorporate a function in my
> driver which when acceseed would act as a sniffer/protocol analyzer .
> any help or advise will be appreciated. Do it in userspace with
packet filters. Look at tcpdump for example
code. Rasmus
=====
Image by FlamingText.com
__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com