How do I listen for packets with Racket?

StackOverflow https://stackoverflow.com/questions/18040504

Question

I am attempting to use Racket to listen for packets moving through port 80 on my machine. However, I seem to be running into a wall with either my understanding of how a packet sniffer works, my understanding of how Racket works, or both.

Here is my code (most of it comes from Racket's Wikipedia entry).

#lang racket

(require racket/tcp)

(define listener (tcp-listen 80))

(define (echo-server)
  (define-values (in out) (tcp-accept listener))
  (thread (lambda () (copy-port in out) 
                     (print (read in)) 
                     (close-output-port out)))
  (echo-server))

(echo-server)

When I connect to localhost:80 I get some feedback - but when I try to use my web browsers I can't get anything to print. How do I amend this code so that it will listen for packets coming in and going out from web requests?

Was it helpful?

Solution

However, I seem to be running into a wall with either my understanding of how a packet sniffer works

Yes. A packet sniffer does not use regular sockets; it uses whatever mechanisms are available to passively watch packets received by or sent on a network interface. If you just want to watch HTTP traffic on port 80, without responding to that traffic or altering that traffic, you will need to use something such as libpcap/WinPcap, which use the appropriate mechanism on your OS for passively watching packets. See, for example, the SPeaCap library for Racket.

Note, however, that if you passively sniff traffic, what you'll see are raw link-layer packets; to extract TCP content from them, you'll have to parse the link-layer header, IP header, and TCP header in order to find the contents. I will leave it up to you to figure out how to do that.

OTHER TIPS

Your TCP server is just acting as an echo server, which means that it's not conforming to HTTP. Your browser is expecting a valid HTTP response, so it's not surprising that it doesn't work.

Racket has libraries for all sorts of things. A quick search of the documentation turned up this: Web Server: HTTP Server

The packet-socket library (last updated 2017) allows access to raw ethernet frames. packet-socket on pkgd

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top