The libpcap project / Bugs / #183 capture on PPP

#183 capture on PPP

Milestone: Git head

Status: closed

Owner: nobody

Labels: None

Priority: 5

Updated: 2013-11-20

Created: 2013-02-14

Creator: Jeppo

Private: No

Hello, I'm capturing traffic on a PPP interface, my bfp filter is (TCP[13]==18 SYN/ACK) I correctly get SYN/ACK packets delivered to my callback function and by adding 16bytes (cooked header) to the packet data and so I'm able to point to IP and TCP headers, the only problem I'm facing is that the tcp->flags are 0. This is very weird, since the other fields (ip->src, ip->dst, tcp->sport, tcp->dport) are correctly displayed, my question is who is zeroing this fields?
My libpcap is libpcap.so.0.8.

Thanks
Jeppo

Discussion

Denis Ovsienko - 2013-11-20

status: open --> closed

Group: --> Git head
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Denis Ovsienko - 2013-11-20

Administrators of the "libpcap" SourceForge project have superseded this tracker item (formerly artifact 3604686, now bug 183) with issue 187 of the "libpcap" GitHub project.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

capture on PPP

Group

Searches

Help

#183 capture on PPP

Discussion