socket_raw 抓包为什么抓不到发送的封包
这是一段设置网卡处于混杂模式的抓包代码:
Sock := socket(AF_INET, SOCK_RAW, IPPROTO_IP);
if Sock = INVALID_SOCKET then
begin
PostMessage(MainWnd, WT_ERROR, WT_ERRSOCKET, WSAGetLastError);
exit;
end;
SockAddr.sin_family := AF_INET;
SockAddr.sin_port := htons(0);
SockAddr.sin_addr.S_addr := inet_addr(PChar(IpAddr));
SockLen := sizeof(TSockAddr);
if bind(Sock, SockAddr, SockLen) = SOCKET_ERROR then
begin
PostMessage(MainWnd, WT_ERROR, WT_ERRBIND, WSAGetLastError);
closesocket(Sock);
exit;
end;
dwValue := 1;
if ioctlsocket(Sock, SIO_RCVALL, dwValue) = SOCKET_ERROR then
begin
PostMessage(MainWnd, WT_ERROR, WT_ERRIOCTL, WSAGetLastError);
closesocket(Sock);
exit;
end;
PostMessage(MainWnd, WT_SNIFF, WT_SNIFOK, 0);
while not Terminated do
begin
FillChar(Buffer, sizeof(Buffer), #0);
dwValue := recv(Sock, Buffer, sizeof(Buffer), 0);
if dwValue > 0 then
DecodeIPPackage(Buffer, dwValue);
Sleep(1);
end;
closesocket(Sock);
PostMessage(MainWnd, WT_SNIFF, WT_SNIFTER, 0);
运行后发现可以抓到本网卡收到的所有封包,但是发送的封包一个都抓不到,高手看看是什么问题,哪里的参数出错?
其中
const
IOC_VENDOR = $18000000;
SIO_RCVALL = IOC_IN or IOC_VENDOR or $1;
[解决办法]
抓包可以参考一下WinPacp
