Hello,

I am having a diploma project about building a LAN Monitor, in wich I need to capture the traffic from network card at low level layer. More like Data-Link layer.

Can anyone help me with a suggestion of a function or a method to substract bit packets directly via the network card driver?

Any opinion is welcome :)

Thanks in advance
Valentin

There's a lot of factors involved here. Like, what platform do you intend to develop this on, which network cards do you intend to support, and is this supposed to monitor the LAN connection between the host and its connected peers, or monitor *all* network traffic that comes in contact with your NIC? (this especially applies to wireless NICs)

If it's the latter, you'll need to keep in mind that network cards can only capture all data if they're switched into 'promiscuous mode'. Some NIC drivers support this option, making your task relatively simple, however, you might end up having to write your own drivers or use third party drivers if the ones provided with the card/OS don't support this feature.

Hello and thanks for the replies.

The network card I am using is : Realtek RTL8102E Family PCI-E Fast Ethernet NIC. I am though not aware of any existing applications for it, except the driver provided.

For the application I am intending to use Linux since I suspect it will be easier to get access to drivers and because I suspect that NDISWrapper project will provide me some help.

But is there the possibility to leave the network card alone and intersect a software I make within the DataLink Layer 2 and The IP Layer3 ? I could take the data from some transport protocols wich I am not familiar yet with.

Thanks again, and I appreciate the help
Valentin

This article has been dead for over six months. Start a new discussion instead.