ProtoID misunderstanding
33 views
Skip to first unread message
Thiago
Oct 4, 2013, 9:17:28 AM10/4/13
to libcr...@googlegroups.com
Hello,
Actually, i'm reading a PCAP file and i have created a new layer and it's following a UDP layer. So the RawLayer should be my new layer created. I am not sur to well understand how the ProtoID work. Can you hightlight me on this point please.
How can i interpred this Rawlayer as my new layer?
Thanks you,
Actually, i'm reading a PCAP file and i have created a new layer and it's following a UDP layer. So the RawLayer should be my new layer created. I am not sur to well understand how the ProtoID work. Can you hightlight me on this point please.
How can i interpred this Rawlayer as my new layer?
Thanks you,
Esteban Pellegrino
Oct 4, 2013, 4:37:13 PM10/4/13
to libcr...@googlegroups.com
Hello, the protoID is a member used by the protocol factory to create and identify different layers. Is an arbitrary number hard-coded inside the library ans is different for each layer.
What do you mean on interpret a RawLayer? To get the raw data given a packet? You don't need to use the protoID for that... Or you added a new protocol to libcrafter? Then, if you created a new libcrafter layer (protocol) you can construct it given the RawLayer in various ways. One easy way is :
MyNewLayer my_layer;
MyNewLayer my_layer;
/* Get size of the raw layer */size_t data_size = raw_layer.GetSize();/* Copy all the data */byte* data = new byte[data_size];raw_layer.GetData(data);/* Create the header */my_layer.PutData(data);
If you are using the version on the git repo you should be able to construct a layer more easily, using the RawLayer as an argument of your layer constructor. Also, if you want your application layer to be automatically interpreted by libcrafter, you can use the "Bind" method. An example for DNS is over here : https://github.com/pellegre/libcrafter-examples/blob/master/DNSQuery/main.cpp
Best,
--
You received this message because you are subscribed to the Google Groups "libcrafter" group.
To unsubscribe from this group and stop receiving emails from it, send an email to libcrafter+...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Thiago
Oct 7, 2013, 4:40:20 AM10/7/13
to libcr...@googlegroups.com
Hello Esteban,
Thanks you for your fast answer ! Your advice was usefull to me. I have interpret my Rawlayer as a new layer and use the methode given in your previously message.
Best regardsThiago
Thanks you for your fast answer ! Your advice was usefull to me. I have interpret my Rawlayer as a new layer and use the methode given in your previously message.
Best regardsThiago
Reply all
Reply to author
Forward
0 new messages