How can I obtain the MAC and IP addresses of a machine participating in ARP from the packet header data in C?

0
votes

Thanks for reading,

I'm in the midst of a homework assignment in which I need to, among other things, determine the MAC and IP addresses of a remote machine based on the captured packets I have. Using the pcap_loop function, I need to find the location of the proper struct (an ARP header which gives this information) relative to the pointer to the start of the packet (which is given as a u_char* in my callback function).

I haven't been able to find information online on how to obtain a struct, such as ether_arp, which has the addresses, in relation to the packet. It would be incredibly helpful if you could point me in the right direction - as I mentioned, this is homework, so I'm not looking for a complete answer.

Thanks again for your help!

1
cpacket-capturearp
What platform (Windows or Linux)? If it's Linux, the libdnet library (libdnet.sourceforge.net) is quite helpful for this sort of thing. It has structs defined for eth_hdr, ip_hdr, and arp_hdr.PherricOxide

1 Answers

1
votes

This article "http://en.wikipedia.org/wiki/Address_Resolution_Protocol" tells the layout of an ARP message. You don't need a structure, just use offsets.