Administrivia: - Exam marking should be finished soon. - Exam solutions will be posted to the web page - Lab 4 is out -- get working on it! (It seems to be quite long...) So you want to write a packet sniffer? - We have provided you with a file descriptor - All things in Unix are files. The ethernet card is just a file you can read from and write to... - This is just an int, describing a file. It is what you pass to the OS when you want to manipulate the raw file. - open() will open a specified file - read() reads raw data from a file (whatever data is available -- does not read data a line at a time or anything nice like that) - write() writes data to a file - close() closes the file when you are finished - If you want buffering and formatted I/O, you can turn a file descriptor into a FILE * (a stream) using fdopen() - This lets you use fprintf(), fgets(), fscanf() etc. - Buffering can hurt you as well as help you. Make sure you know it is happening. setvbuf() can be used to change how it works. - So read() gives me the stream of bytes that was on the wire. What do I need to know to understand this stream? - Data transmitted in packets - Packets have headers describing what is in them, and how it is encoded. - Packets in this lab are encrypted using rotn() encoding. - Any data type larger than a byte is transmitted in Network Byte Order - This is to neutralize endianness issues. - Network byte order != Alpha byte order. - Network byte order != Intel byte order. - Use htons(), ntohs(), htonl(), ntohl() to convert from host to network and network to host byte order. - Many of the network syscalls expect their arguments to be in network byte order. - Who am I talking to on the internet? - IP address specifies which machine you talk to - IP will transmit packet between hosts -- no more, no less - Higher level protocol takes care of giving the data to the correct program. - Illustrates layering of protocols. IP talks to IP. TCP talks to TCP. - TCP does reliable streams between processes - UDP does unreliable datagrams between processes - A port specifies who to talk to on a particular machine