TCP/IP packets and wireshare

B

bkelly13

New member
Local time
4:56 AM
Messages
3
windows 7, 64 bit, Visual Studio 2008, C++

I am writing a TCP/IP application to send data to vendor software on another computer. In order to check my data I need to use Wireshare. I am practicting on my home computer. It is connected to a Belkin router than a cable modem.

when I capture some packets they are not formatted according to my SAMs book on TCP/IP. According to the book the packet starts with the version number and IHL and the source address begins in byte 13 (using decimal, counting one to N).
Picking an arbitrary transmission, in my wireshark display the version number begins in byte 15, not 1. The source address follows at the expected relative address, now byte 27 instead of the expected 13. The below was copied from my wireshark display.
What is this 13 byte offset? And what is in those first 12 bytes?
In this example my computer is 192.168.2.2 (C0.A8.2.2 hex) and the destination is 65.254.245.100 (41.fe.f8.64 hex)
0000 00 30 bd 9c 71 9e bc ae c5 01 b7 54 08 00 45 00 .0..q... ...T..E.
0010 00 34 1f 85 40 00 80 06 00 00 c0 a8 02 02 41 fe .4..@... ......A.
0020 f8 64 c1 f6 00 6e 59 4a a0 8a 00 00 00 00 80 02 .d...nYJ ........
0030 20 00 fd 33 00 00 02 04 05 b8 01 03 03 08 01 01 ..3.... ........
0040 04 02 ..
Thanks for your time
 

My Computer My Computer

OS
Windows 7 64 bit
Wireshare or Wireshark??? You mentioned both. If you meant Wireshark, as I suspect, it isnt an easy app to figure out on your own. I suggest looking at some of the many tutorials on Wireshark on their website and even youtube. It will take some time, but you eill get it.

Also, how old is the SAMS book you mentioned?
 

My Computer My Computer

Computer Manufacturer/Model Number
Homebrew PC - "Alpha_Dawg"
OS
Windows 7 Ultimate 64 bit Steve Ballmer Signature Edition
CPU
Intel Core 2 Quad - Q9550 - 2.83GHz stock - OC'd to 3.6GHz
Motherboard
Gigabyte EP45-UD3P
Memory
4GB DDR2 800MHz (PC6400) OCZ Reaper
Graphics Card(s)
Nvidia GE Force 8800 GTS
Sound Card
Asus Xonar DX
Monitor(s) Displays
Samsung SyncMaster 2333HD
Screen Resolution
1920 x 1080
Hard Drives
WD Caviar Black 750GB - 7200RPM - 32MB cache
WD Caviar Green 1.5TB - 5400RPM - 64MB cache
WD Caviar Green 2.0TB - 5400RPM - 64MB cache
PSU
PC Power & Cooling Silencer 750
Case
Gigabyte 3D Aurora
Cooling
Case is Air - 5ea. 120mm fans (mix of Arctic and Xigmatec)
Keyboard
MS Natural Wireless KB
Mouse
MS Wireless Mouse
Internet Speed
50 mbps down/5 mbps up
Other Info
AVerMedia - AVerTVHD G2 Dual Tuner Card
Oops, I did mean Wire Shark. The book has a copyright date of 2009. Title is "Sams Teach Yourself TCP/IP"

I need to look at date that is sent from or to 192.10.12.50. I don't want any of the regular polling and keep alive stuff. The communications of interest is initiated from 192.10.12.50 with a broadcast to any IP address and a request for port 49000. (That I how I read the code, The vendor's app resides on 192.10.12.100 and will accept that connection and respond.) Then *.50 will mostly send data and and *.100 will mostly receive the data. I need to see those packets.
 

My Computer My Computer

OS
Windows 7 64 bit
You must log in or register to reply here.

Similar threads

Remove tcp ip patch !!!!
Replies
5
Views
5K
antharr
antharr
Back
Top