Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come
out every day, so no prevention program can catch 100% of them. For your own safety, please:
Re-scan downloaded files using your personal virus checker before using it.
NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
If you don't have a virus scanner, you can get one at many places on the net
including:McAfee.com
Terms of Agreement:
By using this code, you agree to the following terms...
You may use
this code in your own programs (and may compile it into a program and distribute it in compiled format for languages that allow it) freely and with no charge.
You MAY NOT redistribute this code (for example to a web site) without written permission from the original author. Failure to do so is a violation of copyright laws.
You may link to this code from another website, but ONLY if it is not wrapped in a frame.
You will abide by any additional copyright restrictions which the author may have placed in the code or code's description.
You don't need the ws2tcpip.h header. Put this at the top in main.cpp #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) and you don't need the mstcpip.h Winsock2.h should not be to hard to find on the web. http://doc.ddart.net/msdn/header/include/winsock2.h.html (If this comment was disrespectful, please report it.)
Nice job, 5 globes! (If this comment was disrespectful, please report it.)
10/15/2002 3:25:04 PM:
the WSAIoctl function returns error 10022 (WSAEINVAL). then I tried to use ioctlsocket and it give me the same error. Can you explain me why ? (I have Win2000) (If this comment was disrespectful, please report it.)
I don't known why WSAIoctl and ioctlsocket return "An invalid argument was supplied.". This should work fine on Windows 2000.
You might want to try to change the type of the variable I to some thing like unsigned int, char, unsigned char, unsigned long, bool, BOOL or some thing that can take the value 1.
"Cannot open include file: 'mstcpip.h': No such file or directory"
Any idea's where to get the file? Plz Email me or send me file. Nice Code. Will Vote 5 after i have recieved files. (If this comment was disrespectful, please report it.)
how come unresolved. i am using windows 2000 professional (5.00.2195)
help (If this comment was disrespectful, please report it.)
10/25/2002 7:10:03 AM:
ooopsss again.. sorry to bother u. but i've found the right lib to use. thanks anyway...
good job (If this comment was disrespectful, please report it.)
11/1/2002 2:18:02 PM:
Hi, this is a very usefull code!!!! Thank you for this piece of code!!! I have two questions,
1) Is this code stopping the program if no packets are sent/received?
2) Since the WSAIoctl retrieves the pointer of the buffer wrote/read, if I read the buffer, with some functions, will the buffer flush or not? I mean, will the packet be delivered or not? And if yes, it will contain the original data, or since I've read it, it will contain "nothing" ?
Thank you for your help (If this comment was disrespectful, please report it.)
11/2/2002 7:02:38 PM:
This code compiled fine with no errors after I got my hands on mstcpip.h - but when I try to build, it returns 11 errors. Also, my package apparently didn't come with [msdn]? I assume this is the help library so I don't get any reasons as to why the 11 errors. (If this comment was disrespectful, please report it.)
1) Is this code stopping the program if no packets are sent/received?
2) Since the WSAIoctl retrieves the pointer of the buffer wrote/read, if I read the buffer, with some functions, will the buffer flush or not? I mean, will the packet be delivered or not? And if yes, it will contain the original data, or since I've read it, it will contain "nothing" ?
I'm not quite sure what you are talking about.
The program only monitors packets it will not stop them or change them or any thing like that. The WSOIoctl function enables the socket to receive all IP packets on the network nothing else. I just tells windows we want to it to pass to us all IP packetes.
About the 11 errors. I don't know why you are getting 11 errors. If you could post them I might understand why.
And about those unresolved and undeclared errors you have to have ws2_32.lib not wsock32.lib. (If this comment was disrespectful, please report it.)
11/3/2002 6:31:40 AM:
thank you, but there's a way, with your code, to modify the packets reveived/transmitted? (If this comment was disrespectful, please report it.)
11/4/2002 5:36:57 PM:
Is there some way to modify your code to block packets?
(If this comment was disrespectful, please report it.)
No I don't think it can be done. If you want more information on what can be done with raw sockets search the MSDN. http://msdn.microsoft.com (If this comment was disrespectful, please report it.)
The program would not bind. Very annoying to compile and run, only to have the program fail to do what it is suppose to do. (If this comment was disrespectful, please report it.)
Did you set you'r ip address to bind to? You have to change this line #define BIND2IP "192.168.0.182" //Put you'r IP in her (If this comment was disrespectful, please report it.)
2/15/2003 11:22:56 PM:
Hi,
I included the line #define SIO_RCVALL_WIOC_VENDOR,1) like you said but received the following errors (I'm using VC++ 6.0 on W2K):
'1' : unexpected in macro formal parameter list.
Any idea why?
Thanks,
(If this comment was disrespectful, please report it.)
you'll find a vb version here : http://www.Planet-Source-Code.com/vb/default.asp?lngCId=42170&lngWId=1 and a delphi version here : http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=971&lngWId=7. some people also report that they can only see incoming packets, not outgoing one. i wonder if this is only happeing on XP?? (If this comment was disrespectful, please report it.)
3/25/2003 4:07:02 AM:
sorry ! I had one error at compiler time the message is: error C2065: 'WSAIOW' : undeclared identifier also, I set this code statement is : #define SIO_RCVALL WSAIOW //_WSAIOW(IOC_VENDOR,1)
what happend in this statement? (If this comment was disrespectful, please report it.)
Erwan L. "some people also report that they can only see incoming packets, not outgoing one. i wonder if this is only happeing on XP??" True, true. I remeber I fyrst made the packet sniffer back when I had a clean installation of WinXP I could se both incomming and outgoing packets. But now I can only se incomming. MS must have removed the option to see outgoing packets in the last service pack or some thing.
Anon. "sorry ! I had one error at compiler time the message is: error C2065: 'WSAIOW' : undeclared identifier also, I set this code statement is : #define SIO_RCVALL WSAIOW
//_WSAIOW(IOC_VENDOR,1)
what happend in this statement?"
Looks like you forgot a "_" behind WSAIOW #define SIO_RCVALL_WSAIOW _WSAIOW(IOC_VENDOR,1) (If this comment was disrespectful, please report it.)
4/29/2003 8:26:07 AM:
Great code!! Thanks, it helped a lot!! (If this comment was disrespectful, please report it.)
5/3/2003 8:53:49 AM:
i'm using win98/ME OS and Borland C++ compiler..
when i compile the code, the error:
(If this comment was disrespectful, please report it.)
5/3/2003 9:03:08 AM:
i'm using Wind9x/ME BC++ compiler. the error happened: Error:Error: Unresolved external 'WSAIoctl' referenced from module main.cpp
why?
(If this comment was disrespectful, please report it.)
5/3/2003 3:13:33 PM:
Cannot open include file: 'mstcpip.h': No such file or directory"
whats that error , please send me the solution asap at gulam_mustafa@yahoo.com
(If this comment was disrespectful, please report it.)
6/9/2003 4:37:38 AM:
What does this code need to work under win9x? (If this comment was disrespectful, please report it.)
7/29/2003 10:26:35 PM:
"socket() failed." (Win2000/Microsoft Visual Studio .net) Why? (If this comment was disrespectful, please report it.)
I made one that uses Winsock 1.1 and it works on all versions of Windows. I stopped work on it but this one is nice. Good work! (If this comment was disrespectful, please report it.)
9/16/2003 7:28:57 PM:
ermm.. guys i have the problemm.. unable to open (If this comment was disrespectful, please report it.)
9/16/2003 7:32:10 PM:
guys.. unable to open "mstcpip.h" what do i have to do in order to get it to run? can anyone teach me (If this comment was disrespectful, please report it.)
11/2/2003 9:00:35 PM:
need know where to download the mstcpip.h file
(If this comment was disrespectful, please report it.)
11/29/2003 7:01:45 PM:
Hi! I receive 11 errors during linking. They read as:
Main.obj : error LNK2001: unresolved external symbol __imp__ntohs@4 Main.obj : error LNK2001: unresolved external symbol __imp__inet_ntoa@4 Main.obj : error LNK2001: unresolved external symbol __imp__recvfrom@24 Main.obj : error LNK2001: unresolved external symbol __imp__WSACleanup@0 Main.obj : error LNK2001: unresolved external symbol __imp__closesocket@4 Main.obj : error LNK2001: unresolved external symbol __imp__WSAIoctl@36 Main.obj : error LNK2001: unresolved external symbol __imp__bind@12 Main.obj : error LNK2001: unresolved external symbol __imp__inet_addr@4 Main.obj : error LNK2001: unresolved external symbol __imp__socket@12 Main.obj : error LNK2001: unresolved external symbol __imp__WSAStartup@8
What's up?
tnx (If this comment was disrespectful, please report it.)
12/3/2003 2:51:41 PM:
the file 'mstcpip.h' is on the DSK library of microsoft (CORE section) http://www.microsoft.com/msdownload/platformsdk/sdkupdate/
the only problem is that I'm getting the same 11 unresolved external errors as the previous post, any help?
jerrymtz@hotmail.com (If this comment was disrespectful, please report it.)
1/16/2004 2:43:27 AM:
i am getting this error whta library i have to add its urgent error LNK2001: unresolved external symbol __imp__WSAIoctl@36
(If this comment was disrespectful, please report it.)
1/23/2004 8:26:29 AM:
The error I get is
'IOC_VENDOR': undeclared identifier.
Please help me (If this comment was disrespectful, please report it.)
2/6/2004 1:57:40 PM:
yes (If this comment was disrespectful, please report it.)
2/6/2004 2:05:50 PM:
having same XP difficulty as others. no matter what, XP seems to hide outgoing packets. tried many implementations of same sniffing and all had same results on XP. Finally tried same thing with WinPCap and VOILA! Im not sure if this is the difference: WinPCap sniffs directly from the network adapter whereas this sniffer binds the current ip. Im a newbie with network programming so im not sure if im right or way off base. i would much rather use this sniffer on XP due to the compactness & no need for mulitple external dlls which winPCap req's.
Any feed back GREATLY appreciated!! (If this comment was disrespectful, please report it.)
2/11/2004 3:48:35 AM:
This sniffer only captures traffic originating from or destined to the host computer's IP address... i.e it only sniffs IP traffic in PROMISC mode, not Ethernet traffic. This means it cannot sniff all network traffic even on a HUB. (If this comment was disrespectful, please report it.)
fatal error C1083: Cannot open include file: 'mstcpip.h': No such file or directory Error executing cl.exe. can u tell me why?? (If this comment was disrespectful, please report it.)
4/15/2004 12:04:57 AM:
Thanks for publishing this code. (If this comment was disrespectful, please report it.)
5/13/2004 3:02:06 PM:
None for above. (If this comment was disrespectful, please report it.)
6/16/2004 10:36:46 AM:
Nice code. A brief question: How do I know which library to include in order to get rid of my 11 errors (unresolved external symbol...). I finally found out here that the library ws2_32.lib should be included and not the library wsock32.lib. But in general, How do I know which libraries that are to be included?
Thank again for good code.
/Matt (If this comment was disrespectful, please report it.)
7/6/2004 2:41:32 AM:
i can't understand the code but i am interesting with it.can you tell me where to get the algorithm of the code. how i should do to start learn it.thanks a lot. sagi_ong@yahoo.com (If this comment was disrespectful, please report it.)
7/19/2004 2:03:03 PM:
How to set filters for this sniffer? (If this comment was disrespectful, please report it.)
7/19/2004 2:05:18 PM:
how do i set filters for this sniffer? like, i want to capture the source ip of the tcp packet and if the same source ip has appeared more than 10 times, i want to return src ip ...how do i do that? (If this comment was disrespectful, please report it.)
Nice code - In short, You must #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) and link ws2_32.lib You should also change the ip address to you own.
You probably should include those instructions in the source file.
(If this comment was disrespectful, please report it.)
3/2/2005 2:35:44 PM:
Sers Leute! Warum funktioniert des nicht, wenn ich die ws2_32.lib dazulinke und #define SIO_RCVALL_WSAIOW(IOC_VENDOR,1) dazuschreib! Habe 5 errors und keine Lösung!!! und zwar alle wegen dem define... ...unerwartetes zeichen in.... (If this comment was disrespectful, please report it.)
3/2/2005 2:44:50 PM:
Easy cheesy.... was ihr alle wahrscheinlich ned wisst is dass man #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) mit einem Abstand ^ hier schreibt!!! ...Pfiat eich und viel spas (If this comment was disrespectful, please report it.)
3/3/2005 10:39:36 AM:
"socket() failed." Know this error thanks
(If this comment was disrespectful, please report it.)
3/24/2005 4:33:17 AM:
i couldn't find any "ws2_32.lib" on the internet. So can anybody please send the link to me? thanks
lavelle_123@hotmail.com (If this comment was disrespectful, please report it.)
do { // This AND operation clears the the "garbage" in seen in the packet reducing the significant // bits from 16 to 8 bits by resetting the bits between 16-9
cheers (If this comment was disrespectful, please report it.)
4/12/2006 10:13:21 AM:
either or both ws2_32.lib and wsock32.lib need to be in Object/Library modules under Project Settings -> Link in order to avoid the 11 errors. I this this has something to do with this: http://support.microsoft.com/?scid=kb;en-us;291952&spid=3042&sid=194 (If this comment was disrespectful, please report it.)
Nice work..........I struggled with the BIND2IP until I figured that I am behind a DHCP machine but running ipconfig at the DOS prompt gave me my current machine IP address.
I also just see incoming packets (I am using XP), but that should be fine for my purposes (If this comment was disrespectful, please report it.)
wow, very nice brother . . . (If this comment was disrespectful, please report it.)
Add Your Feedback
Your feedback will be posted below and an email sent to
the author. Please remember that the author was kind enough to
share this with you, so any criticisms must be stated politely, or they
will be deleted. (For feedback not related to this particular code, please
click here instead.)
By 31 Users
Download code
10/13/2002 2:48:40 PM: 
