Very Computer

Hi!
I want to write a program like traceroute monitoring which hops a packet
passes on his way. I want to use icmp and need information about how to
capture the replies i get when sending an icmp-echo-request.
I read that every gateway which gets an echo-reply-icmp packet sends one
packet back to the sender but how do i no if there are any incoming
packets.

(has anyone got the code of tcpdump???)

if anyone has an idea, source code, good sites...

thanx martin

Traceroute works by sending packets with ever-increasing TTLs and
looking at the ICMP Time Exceeded messages returned by intermediate
routers.  Example:

1.  First packet sent with TTL=1
2.  Router A receives packet and decrements TTL by 1 (TTL now = 0)
3.  Since the TTL is now 0, router A sends Time Exceeded to the originator

4.  Second packet sent with TTL=2
5.  Router A receives packet and decrements TTL by 1 (TTL now = 1)
6.  Router B receives packet and decrements TTL by 1 (TTL now = 0)
7.  Router B sends Time Exceeded to originator

8.  Third packet sent with TTL=3
9.  Router A receives packet and decrements TTL by 1 (TTL now = 2)
10. Router B receives packet and decrements TTL by 1 (TTL now = 1)
11. Router C receives packet and decrements TTL by 1 (TTL now = 0)
12. Router C sends Time Exceeded to originator

etc.

The Unix traceroute program uses high UDP ports; the NT tracert program
uses ICMP Echo Request (ping).  It's also possible to use TCP, which
can come in handy when troubleshooting a connection that passes through
packet filters or a firewall.

Quote:> (has anyone got the code of =B4tcpdump=B4???)

> if anyone has an idea, source code, good sites...

You can find source for both traceroute and tcpdump (and libpcap, which
you'll need for tcpdump) at:

ftp://ftp.ee.lbl.gov/

Hope this helps.

--
Michael Fuhr
http://www.fuhr.org/~mfuhr/