Accessing raw TCP packet payload data

  • Thread starter Thread starter Chris Crowther
  • Start date Start date
C

Chris Crowther

Hi All,

Does anyone know if it's possible to grab the raw payload data from
a TCP packet, using .NET (C# to be exact).

I'm writing a piece of software that communicates to a networked
device using a protocol encapsulated inside TCP. The structure of
the protocol is such that stream semantics aren't really appropiate
for communication; all the data for an encapsulated packet has to
fit inside a single TCP packet. I just want to be able to pickup
the payload for each TCP packet that comes in from the device, on
the established connection.
 
As has already been mentioned you can use raw sockets etc to access this
information. I would however have to wonder the point of using TCP in such a
scenario.
 
Greg said:
As has already been mentioned you can use raw sockets etc to access this
information. I would however have to wonder the point of using TCP in such a
scenario.
Click to expand...

Given I'd have to re-implement the mechanics of TCP myself, there
isn't much point at all. If I could just pick up the payloads then
it would have been slightly more error tolerant without requiring
any extra work on my part.

I may as well just use the UDP version of the protocol - there's
session registration within the encapsulated protocol anyway.
Actually there's session registration within the encapsulated
protocol and the protocol that the encapsulation is encapsulating.
 
Hi Chris,

There are some code samples on code project for network sniffers. Here is
one of them which is coded with C#.

http://www.codeproject.com/cs/internet/hssniffer.asp

HTH.

Kevin Yu
Microsoft Online Community Support

============================================================================
==========================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
============================================================================
==========================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
Kevin said:
There are some code samples on code project for network sniffers. Here is
one of them which is coded with C#.

http://www.codeproject.com/cs/internet/hssniffer.asp
Click to expand...

I shall have a wade through it at some point; I don't suppose you
know if has the answer to my current quandary in it?

If I set SocketOptionName.HeaderIncluded to true on the socket I'm
using, then SendTo() throws the follow SocketException:

"A blocking operation was interrupted by a call to
WSACancelBlockingCall"

It's a mite annoying, to say the least; if only because I don't see
how setting HeaderIncluded to true would affect that. And of course
the fact that I have Blocking set to false as well.
 
Hi Chris,

Are you developing on a Windows XP SP2 machine? If so, Windows XP SP2
disables most of the RAW sockets support. You can check the following links
for more infromation.

http://blogs.msdn.com/michael_howard/archive/2004/08/12/213611.aspx ,
http://www.kayodeok.co.uk/weblog/200408/12/nmap_and_raw_sockets.html

Check out http://www.thecodeproject.com/csharp/SendRawPacket.asp for
how to do it with an NDIS protocol driver.

Some one has also come to this problem.

http://groups.google.com/group/microsoft.public.dotnet.languages.csharp/brow
se_thread/thread/234f946345470fc3/a036f8dc5e371a78?lnk=st&q=%22A+blocking+op
eration+was+interrupted+by+a+call+to+WSACancelBlockingCall%22+SocketOptionNa
me.HeaderIncluded&rnum=2&hl=en#a036f8dc5e371a78

HTH.

Kevin Yu
Microsoft Online Community Support

============================================================================
==========================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
============================================================================
==========================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
Kevin said:
Are you developing on a Windows XP SP2 machine? If so, Windows XP SP2
disables most of the RAW sockets support. You can check the following links
for more infromation.
Click to expand...

Developing on XP SP2, deploying on a Windows 2003 Standard Edition
server. Though I suspect it would have the same limitation?

I've come at it from a slightly different angle; using a TcpClient
to handle the TCP connection and sending data (as I can just poke a
Byte[] at the Socket directly) and using the raw socket on a
seperate thread to grab the incoming packets.

I shall now return to trying to remember how to resolve what I
suspect is a threading problem (damn events).
 
Hi Chris,

Yes, they have the same limitaitions. I think you have to change the raw
socket communication on the seperate thread.

If anything is unclear, please feel free to let me know.

Kevin Yu
Microsoft Online Community Support

============================================================================
==========================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
============================================================================
==========================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
Kevin said:
Yes, they have the same limitaitions. I think you have to change the raw
socket communication on the seperate thread.
Click to expand...

It's working fine now; grabbing packets on a seperate thread and
discarding the ones I don't need.

Thanks for the pointers.
 
You're welcome, Chris. Thanks for sharing your experience with all the
people here. If you have any questions, please feel free to post them in
the community.

Kevin Yu
Microsoft Online Community Support

============================================================================
==========================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
============================================================================
==========================

(This posting is provided "AS IS", with no warranties, and confers no
rights.)
 
Back
Top