Reading packet information example in VB

Home Forums Discussions Support Reading packet information example in VB

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • June 5, 2007 at 8:29 pm #5100
    kdub
    Participant

      Hi,

      I am a newbie here and I was wondering if you could provide an example of how to read the data contents of a packet using visual basic syntax. Also is the data in the packet the same as it would be if I were to view the contents at the winsock level.

      I want to get the source IP and Port and then view the data to determine whether to drop the packet or not, is that possible with WinPKFilter samples?

      Thanks,

      Kdub

      June 6, 2007 at 3:11 pm #6253
      Vadim Smirnov
      Keymaster

        I am a newbie here and I was wondering if you could provide an example of how to read the data contents of a packet using visual basic syntax.

        Regretfully I’m not a VB expert, but parsing Ethernet header is shown in the VB samples. You can parse follow up headers (IP, TCP/UDP) just on the same way.

        Also is the data in the packet the same as it would be if I were to view the contents at the winsock level.

        On WINSOCK level you work mostly with data streams (no packet headers), here you got packets with Ethernet, IP headers and etc… But packet payload contains the data you seen on winsock layer.

        I want to get the source IP and Port and then view the data to determine whether to drop the packet or not, is that possible with WinPKFilter samples?

        Yes, that is possible.

        June 6, 2007 at 6:51 pm #6254
        kdub
        Participant

          @SerpentFly wrote:

          You can parse follow up headers (IP, TCP/UDP) just on the same way.

          I am a newbie with all of this so sorry if this is a stupid question! The IP and TCP headers are all contained in the same packet right? What are the sizes of the IP header and TCP header? Does the data/payload section always follow the TCP header?

          Thanks

          KDUB

          June 7, 2007 at 11:02 am #6255
          Vadim Smirnov
          Keymaster

            The IP and TCP headers are all contained in the same packet right?

            Yes

            What are the sizes of the IP header and TCP header?

            IP header is usually 20 bytes length, but the actual length is specified in the header itself(http://www.erg.abdn.ac.uk/users/gorry/course/inet-pages/ip-packet.html). Same for TCP header (http://www.wtcs.org/snmp4tpc/images/TCP-Header.jpg) TCP header follows IP header, but IP can be used as transport for many other protocols, UDP, ICMP, GRE and etc…

            Does the data/payload section always follow the TCP header?

            If TCP packet contains data then yes they follow TCP header.

          • Author
            Posts
          Viewing 4 posts - 1 through 4 (of 4 total)
          • You must be logged in to reply to this topic.