Sign in to follow this  
dongzhe

icmp ping with on relpy

Recommended Posts

I try to write the app to same thing like "Ping" in windows. I get problem that I can not receive the reply. In this app also has sniffing function. what happened : When I use "Ping" in windows, my sniffer can catch all the send/rev. When I use my app to send icmp to same address. I can catch what I send, but never rev the reply. When I use my app to send icmp to 127.0.0.1, I get nothing in sniffer. pls help me, thanks here is related code: (do i need any settings? like WSAIoctl and setsockopt) <code> RecvAddr.sin_family=AF_INET; RecvAddr.sin_port = htons(Port); RecvAddr.sin_addr.s_addr=inet_addr(DEFAULT_RECV_ADDR); icmp_socket=WSASocket(AF_INET, SOCK_RAW, IPPROTO_ICMP, NULL, 0, WSA_FLAG_OVERLAPPED); //initialise the icmp header ZeroMemory(buf,sizeof(buf)); int size=sizeof(buf); size=sizeof(ICMP); //icmp_icmp=*(ICMP *)buf; icmp_icmp.icmp_type= 8;//ICMP ECHO icmp_icmp.icmp_code=0; icmp_icmp.icmp_sequence=0; icmp_icmp.icmp_id=(WORD)GetCurrentProcessId(); icmp_icmp.icmp_timestamp=GetTickCount(); icmp_icmp.icmp_checksum=ICMPChecksum((WORD *)buf,(sizeof(ICMP)+32)); memcpy(buf,&icmp_icmp,sizeof(icmp_icmp)); //fill the payload with anything memset(&buf[sizeof(ICMP)], '@', 32); WORD ICMPClass::ICMPChecksum(WORD * data, int len) { DWORD cksum=0; while(len>1) { cksum+=*data++; len-=sizeof(WORD); } if(len) { cksum+= *(WORD*)data; } cksum=(cksum >>16)+(cksum &0xffff); cksum+=(cksum >> 16); return (WORD)(~cksum); } In IO class DataBuf.len=ICMP_SEND_BUFFER_SIZE; DataBuf.buf=buf; overlapEventList[ICMP_WRITE]=WSACreateEvent(); overlapList[ICMP_WRITE].hEvent=overlapEventList[ICMP_WRITE]; result = WSASendTo(icmp_socket, &DataBuf, 1,&BytesSent, Flags, (SOCKADDR *) icmp->GetRecvAddr(), sizeof(SOCKADDR), &overlapList[ICMP_WRITE], NULL); </code>

Share this post


Link to post
Share on other sites
Quote:
Original post by Antheus
Assuming the above is implemented correctly, the problem might be with the ISP. Many filter out ICMP traffic. UDP is sometimes used instead. TCP SYN is another option.


I said when I use windows "Ping" app, it works. it means nothing to do with ISP.

Share this post


Link to post
Share on other sites
Quote:
Original post by dongzhe
When I use "Ping" in windows, my sniffer can catch all the send/rev.

When I use my app to send icmp to same address. I can catch what I send, but never rev the reply.
When you say "my sniffer" are you talking about a network packet sniffer such as Ethereal or something?

In that case, can you compare the contents of the ICMP payload in the case that it works and does not work? Is there a difference?
Quote:
Original post by dongzhe
When I use my app to send icmp to 127.0.0.1, I get nothing in sniffer.
This is usually because sniffers only listen to network traffic that actually goes to your network adapter - traffic to 127.0.0.1 bypasses your network adapter and so a sniffer will never see it. Typically, you can change 127.0.0.1 to your network local IP address (10.x.y.z or whatever) and it'll pick it up then.

Share this post


Link to post
Share on other sites
I found the problem. I did the data(catched by sniffer) compare, it turns out the checksum is wrong.

just for sharing, the correct code should be

<code>

//initialise the icmp header
ZeroMemory(buf,sizeof(buf));
int size=sizeof(buf);
size=sizeof(ICMP);
icmp_icmp=(ICMP *)buf;
icmp_icmp->icmp_type= 8;//ICMP ECHO
icmp_icmp->icmp_code=0;
icmp_icmp->icmp_sequence=0;
icmp_icmp->icmp_id=(WORD)GetCurrentProcessId();
icmp_icmp->icmp_checksum = 0;
icmp_icmp->icmp_timestamp=GetTickCount();

//memcpy(buf,icmp_icmp,sizeof(icmp_icmp));
//fill the payload with anything
memset(&buf[sizeof(ICMP)], '@', 32);

icmp_icmp->icmp_checksum=ICMPChecksum((WORD *)buf,(sizeof(ICMP)+32));

<\code>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this