May be you need to wite a kernel module to do this. To register a hook function in netfilter architecture will get you the real packet rather then a copy of it.
On 10/11/07, Vivek Satpute <vivekonline86@xxxxxxxxx> wrote:
Respected Sir/Madam,
I am student of Pune University, doing project on WAN Emulator.
I have following query :
wireshark uses the libpcap library which gives the copy of packet.
So, How to capture the original packet at data link layer or network layer ?
We want to experiment the behavior by adding delays to those packets, and
that is why we want the actual packet and a copy of packet wont serve purpose.
Thanks in advance.
_______________________________________________
Wireshark-dev mailing list
Wireshark-dev@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-dev
