From the sock_raw man page, "Raw sockets allow new IPv4 protocols to be implemented in user space. A raw socket receives or sends the raw datagram not including link level headers.". So in your example, even though you are casting the buffer to an ethernet header structure, you are not actually getting ethernet headers.
To receive ethernet headers, you need to us an AF_PACKET socket. Here is a tweaked version of your code that should do what you want.
#include <stddef.h>
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/socket.h>
#include <netinet/ether.h>
#include <linux/if_packet.h>
#include <linux/if_ether.h>
#include <arpa/inet.h>
static FILE *logfile;
static void ProcessPacket(const void *Buffer, ssize_t data_size) {
fprintf(logfile,"\n###########################################################");
struct ether_header *ethh;
ethh = (struct ether_header *)Buffer;
fprintf(logfile,"\n\n***********************ETHERNET Packet*************************\n");
fprintf(logfile,"\n");
fprintf(logfile,"Ethernet Header\n");
fprintf(logfile," |-Source Address : %s\n", ether_ntoa((struct ether_addr *)ðh->ether_dhost));;
fprintf(logfile," |-Destination Address : %s\n", ether_ntoa((struct ether_addr *)ðh->ether_shost));
fprintf(logfile,"\n");
fprintf(logfile,"\n###########################################################");
}
int main(int argc, char **argv) {
logfile = stdout;
int sock_raw = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
char buffer[65536];
if(sock_raw < 0)
{
printf("Socket Error\n");
return 1;
}
while(1)
{
//Receive a packet
ssize_t data_size = recvfrom(sock_raw , buffer , sizeof(buffer) , 0 , NULL, NULL);
if(data_size <0 )
{
printf("Recvfrom error , failed to get packets\n");
break;
}
//Now process the packet
ProcessPacket(buffer , data_size);
}
close(sock_raw);
return 0;
}