hi, i've a code shown like this..

#include <stdlib.h>
#include <stdio.h>
#include <winsock2.h>
#include <pcap.h>
#include <remote-ext.h>

#define ETH_IP			0x0800 		// type: IP
#define ETH_ARP		0x0806 		// type: ARP
#define ETH_ICMP		0x0800 		// type: ICMP = IP

#define ARP_HARDWARE	0x0001		// type for 802.3 frames
#define ARP_REQUEST	0x0001 		// ARP request
#define ARP_REPLY		0x0002 		// ARP reply

typedef struct eth_header{
	u_char eth_dst[6];
	u_char eth_src[6];
	u_short eth_type;

typedef struct arp_header{
	u_short arp_htype;
	u_short arp_ptype;
	u_char arp_hlen;
	u_char arp_plen;
	u_short arp_oper;
	u_char arp_sha[6];
	u_long arp_spa;
	u_char arp_tha[6];
	u_long arp_tpa;

int main(){
	pcap_if_t *alldevs;
	pcap_if_t *d;
	pcap_t *adhandle;
	ETH_HEADER eth_header;
	ARP_HEADER arp_header;
	char errbuf[PCAP_ERRBUF_SIZE];
	int inum;
	int i = 0;
	unsigned char src_mac[6] = {0x10,0x11, 0x11, 0x11, 0x11, 0x11};
	unsigned char dst_mac[6] = {0x00,0xff, 0xff, 0x00, 0x00, 0x00};

	u_char sendbuf[1024];

	/* Retrieve the device list */
	if (pcap_findalldevs(&alldevs, errbuf) == -1){
		fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
		return -1;

	/* Print the list */
	for(d=alldevs; d; d=d->next){
		printf("%d. %s", ++i, d->name);
		if (d->description)
			printf(" (%s)\n", d->description);
			printf(" (No description available)\n");

		printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
		return -1;
	printf("Enter the interface number (1-%d):",i);
	scanf("%d", &inum);
	//inum = 3;

	if(inum < 1 || inum > i){
		printf("\nInterface number out of range.\n");
		/* Free the device list */
		return -1;

	/* Jump to the selected adapter */
	for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);

	/* Open the adapter */
	if ( (adhandle= pcap_open_live(d->name, // name of the device
		65536,								// portion of the packet to capture.
		1,									// promiscuous mode
		1000,								// read timeout
		errbuf								// error buffer
		) ) == NULL){
		fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n");
		/* Free the device list */
		return -1;

        // ARP

	/* Fill in eth hdr */
	memcpy(eth_header.eth_dst, dst_mac, 6);
	memcpy(eth_header.eth_src, src_mac, 6);
	eth_header.eth_type = htons(ETH_ARP);

	/* Fill in arp hdr */
	arp_header.arp_htype = htons(ARP_HARDWARE);
	arp_header.arp_ptype = htons(ETH_IP);
	arp_header.arp_hlen = 6;
	arp_header.arp_plen = 4;
	arp_header.arp_oper = htons(ARP_REQUEST);
	memcpy(arp_header.arp_sha, src_mac, 6);
	arp_header.arp_spa = htonl(inet_addr(""));
	memcpy(arp_header.arp_tha, dst_mac, 6);
	arp_header.arp_tpa = htonl(inet_addr(""));

	memcpy(sendbuf, &eth_header, sizeof(eth_header));
	memcpy(sendbuf + sizeof(eth_header), &arp_header, sizeof(arp_header));

	/* Send down the packet */
	if (pcap_sendpacket(adhandle, sendbuf,sizeof(eth_header)+sizeof(arp_header)) != 0){
		fprintf(stderr,"\nError sending the packet: \n", pcap_geterr(adhandle));
		return 0;

	printf("\nSent ARP request\n");

	return 0;

Can anybody tell me why it keeps sending wrong ip address..
Any help will be greatly appreciated.. Thx..

8 Years
Discussion Span
Last Post by triadR

Is sizeof(ARP_HEADER) what you expect?
In other words, is padding and alignment an issue?

sorry for replying late..
no, i dont think there's a problem with the alignment.
I think it's a standard arp header struct.
when i used it to send packet the source address

arp_header.arp_spa = htonl(inet_addr(""));

and the destination address

arp_header.arp_tpa = htonl(inet_addr(""));


Is sizeof(ARP_HEADER) what you expect?
In other words, is padding and alignment an issue?

after i check it again..
yeah, i found that there's something about the arp_header
it seems like the type or something..


Finally, i've found the answer...

the memcpy(arp_header.arp_sha, src_mac, 6); takes more place than just 6 space of array

my suggest is copy it one by one or just find another way... :)

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.