0

In TCP Communication, when the packet is being transferred from ethernet to network(IP) layer, I want to print the data present in that packet?

I am working on linux (ununtu 14.04).

I got some information that it can be done with the help of linux kernel code i.e in linux NAT Firewall code. But where I will get linux kernel source code? Where these coding is being done? Please help me..

rbm
  • 1
  • If I understand you wish to see data garbed from network? You wish to grab raw packet and extract data? – 2707974 Apr 10 '15 at 08:37
  • You should look at this post: http://unix.stackexchange.com/questions/797/how-can-i-find-the-implementations-of-linux-kernel-system-calls/804#804 – knh190 Apr 10 '15 at 16:26

1 Answers1

1

To find the Linux source:

$ apt-cache search linux-source
linux-source - Linux kernel source with Ubuntu patches
linux-source-3.13.0 - Linux kernel source for version 3.13.0 with Ubuntu patches

To install the Linux source: 

$ sudo apt-get install linux-source linux-source-3.13.0

To see what you got: 

$ dpkg -L linux-source-3.13.0

Then, to find files with "_nat" or "nat_" in the name: 

$ tar tvf /usr/src/linux-source-3.13.0.tar.bz2 | egrep '_nat|nat_'
waltinator
  • 36,399
  • Are you aware of linux architecture? NAT is a broad range of functions built with Unix kernel, simply finding a package by name won't do, because system calls and kernel functions are NOT packages and standalone files. – knh190 Apr 10 '15 at 16:30
  • 1
    "Network Address Translation" is not a "broad range of functions built with Unix kernel" but a few functions in the packet handling code. I showed the OP how to get the Linux source, and how to find files like linux-source-3.13.0/net/netfilter/nf_nat_core.c, part of the Linux kernel that might have something to do with NAT. The rest is left as an exercise for the student. – waltinator Apr 10 '15 at 16:41
  • Maybe you really mean the package filter tools ipfwadm/ipchains/iptables (which can also be used for NAT) on top of kernel module? But what will you find by searching _nat? – knh190 Apr 10 '15 at 16:52
  • 1
    The question was "But where I will get linux kernel source code? Where these coding is being done? " ipfwadm/ipchains/iptables manipulate the kernel tables that are used in packet mangling, but the kernel does the actual packet manipulation. FInding files with "_nat" or "nat_" in the name will find (at least) some source files having to do with NAT. I figured this out using my 50+ years of Unix and Linux (and Exec II, EXEC VIII, TOPS-10, TOPS-20, and ...) – waltinator Apr 10 '15 at 17:14