当前位置: 技术问答>linux和unix
请问Linux下的sniffer实现的问题
来源: 互联网 发布时间:2015-06-28
本文导语: 下面这段代码是从网上的代码改的 #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define INTERFACE "eth0" struct Ip{ unsigned int ip_length:4; unsi...
下面这段代码是从网上的代码改的
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define INTERFACE "eth0"
struct Ip{
unsigned int ip_length:4;
unsigned int ip_version:4;
unsigned char ip_tos;
unsigned short ip_total_length;
unsigned short ip_id;
unsigned short ip_flags;
unsigned char ip_ttl;
unsigned char ip_protocol;
unsigned short ip_cksum;
unsigned int ip_source;
unsigned int ip_dest;
};
struct tcp{
unsigned short tcp_source_port;
unsigned short tcp_dest_port;
unsigned int tcp_seqno;
unsigned int tcp_res1:4,
tcp_hlen:4,
tcp_fin:1,
tcp_syn:1,
tcp_rst:1,
tcp_psh:1,
tcp_ack:1,
tcp_urg:1,
tcp_res2:2;
unsigned short tcp_winsize;
unsigned short tcp_cksum;
unsigned short tcp_urgnet;
};
int Open_Raw_Socket();
int Set_Promisc(char *interface,int sock);
int main()
{
int sock,bytes_received,fromlen;
char buffer[60000];
int i;
struct sockaddr_in from;
struct Ip *ip;
struct tcp *tcp;
FILE *fp;
sock=Open_Raw_Socket();
fp=fopen("log.txt","w+");
fclose(fp);
fp=fopen("log.txt","a+");
while(1)
{
fromlen=sizeof(from);
memset(buffer,0,sizeof(buffer));
bytes_received=recv(sock,buffer,sizeof(buffer),0);
/*此处有问题 即使将下面的循环换成fprintf(...)函数也有问题
for(i=0;iip_protocol==6)
{
printf("IP header:n");
printf("Ip header length....%dn",ip->ip_length);
printf("Protocol............%dn",ip->ip_protocol);
printf("version............%dn",ip->ip_version);
printf("total_length............%dn",ip->ip_total_length);
printf("ttl............%dn",ip->ip_ttl);
printf("source............%dn",ip->ip_source);
printf("dest............%dn",ip->ip_dest);
tcp=(struct tcp*)(buffer + (4*ip->ip_length));
printf("TCP hearder:n");
printf("Source port ....%dn",ntohs(tcp->tcp_source_port));
printf("seq.......%dn",ntohs(tcp->tcp_seqno));
}
}
fclose(fp);
}
int Open_Raw_Socket()
{
int sock;
if((sock=socket(AF_INET,SOCK_RAW,IPPROTO_TCP))
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define INTERFACE "eth0"
struct Ip{
unsigned int ip_length:4;
unsigned int ip_version:4;
unsigned char ip_tos;
unsigned short ip_total_length;
unsigned short ip_id;
unsigned short ip_flags;
unsigned char ip_ttl;
unsigned char ip_protocol;
unsigned short ip_cksum;
unsigned int ip_source;
unsigned int ip_dest;
};
struct tcp{
unsigned short tcp_source_port;
unsigned short tcp_dest_port;
unsigned int tcp_seqno;
unsigned int tcp_res1:4,
tcp_hlen:4,
tcp_fin:1,
tcp_syn:1,
tcp_rst:1,
tcp_psh:1,
tcp_ack:1,
tcp_urg:1,
tcp_res2:2;
unsigned short tcp_winsize;
unsigned short tcp_cksum;
unsigned short tcp_urgnet;
};
int Open_Raw_Socket();
int Set_Promisc(char *interface,int sock);
int main()
{
int sock,bytes_received,fromlen;
char buffer[60000];
int i;
struct sockaddr_in from;
struct Ip *ip;
struct tcp *tcp;
FILE *fp;
sock=Open_Raw_Socket();
fp=fopen("log.txt","w+");
fclose(fp);
fp=fopen("log.txt","a+");
while(1)
{
fromlen=sizeof(from);
memset(buffer,0,sizeof(buffer));
bytes_received=recv(sock,buffer,sizeof(buffer),0);
/*此处有问题 即使将下面的循环换成fprintf(...)函数也有问题
for(i=0;iip_protocol==6)
{
printf("IP header:n");
printf("Ip header length....%dn",ip->ip_length);
printf("Protocol............%dn",ip->ip_protocol);
printf("version............%dn",ip->ip_version);
printf("total_length............%dn",ip->ip_total_length);
printf("ttl............%dn",ip->ip_ttl);
printf("source............%dn",ip->ip_source);
printf("dest............%dn",ip->ip_dest);
tcp=(struct tcp*)(buffer + (4*ip->ip_length));
printf("TCP hearder:n");
printf("Source port ....%dn",ntohs(tcp->tcp_source_port));
printf("seq.......%dn",ntohs(tcp->tcp_seqno));
}
}
fclose(fp);
}
int Open_Raw_Socket()
{
int sock;
if((sock=socket(AF_INET,SOCK_RAW,IPPROTO_TCP))