From a C/system call perspective, I need to do the following to get
Before I reinvent the wheel, has anybody put together an asio encapsulation of Linux' AF_PACKET sockets with SOCK_RAW? Also, I'm trying to wrap my brain around how I might represent the concept of an "endpoint" for a socket like this. Rather than an IPv4/v6 address, one binds to an interface. So, while there is a concept of a resolver, it resolves an interface name to an interface index value. the ball rolling: 1. s = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)) 2. sockaddr_ll myinterface = { .sll_family = AF_PACKET, .sll_protocol = htons(ETH_P_ALL), .sll_ifindex = interfaceIndex("eth0") }, then bind(s, &myinterface) 3. packet_mreq promiscuous_cmd = { .mr_ifindex = interfaceIndex("eth0"), .mr_type = PACKET_MR_PROMISC }, then setsockopt(s, PACKET_ADD_MEMBERSHIP, &promiscuous_cmd) I'm pretty sure that for #1, I need a class packet that models the Protocol concept. But where to put the rest is a bit fuzzier. Do I need to create a whole new "resolver" for interface names? I guess I should also note that, at least for the moment, this is just a means to an end, rather than the end itself. So, I don't need to craft the entire thing--I need to get enough working to be able to easily write some code that can capture all network packets on a given interface, e.g., class snooper { public: snooper(std::string interfacename); void start(); void stop(); ... }; so I can just do something like snooper s("eth0"); s.start(); ...capture stuff... s.stop(); (I'm obviously omitting the part where snooper would hook into objects that would receive and process captured packets, but I'd like for that to work similar to how one plumbs up receipt of udp packets.) -- Chris Cleeland