当前位置: 技术问答>linux和unix
有监视网卡数据流的开源软件吗?
来源: 互联网 发布时间:2015-10-31
本文导语: 我要监视通过网卡的数据流,并分析,根据数据类型做一定的统计,有这样的相关开源软件吗? | Ethereal 有windows和linux版本 ,是基于libpcap的. 是gpl的. | 一个简单的程序,获...
我要监视通过网卡的数据流,并分析,根据数据类型做一定的统计,有这样的相关开源软件吗?
|
Ethereal 有windows和linux版本 ,是基于libpcap的.
是gpl的.
是gpl的.
|
一个简单的程序,获得网卡列表及每个网卡的流量,大家参考!
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include //for close()
#define BUFFERSIZE 20
#define MAXINTERFACES 16
struct netCardInfo
{
char Name[BUFFERSIZE];
unsigned int mode;// it is promisc or normal mode
unsigned int status; // up or down
char IP[BUFFERSIZE]; // ip address
char MacAdd[BUFFERSIZE];//mac address
unsigned int BytesRcv;//
unsigned int RytesTrans;//
unsigned int PackRcv;
unsigned int PackTrans;
};
int getNetList(struct netCardInfo a[]);
int getDDX(struct netCardInfo *);
int main(void)
{
int i,j;
while(1){
sleep(3);
struct netCardInfo netcards[MAXINTERFACES];
i = getNetList(netcards);
for(j = 0; j= 0)
{
ifc.ifc_len = sizeof(buf);
ifc.ifc_buf = (caddr_t) buf;
if (!ioctl(fd, SIOCGIFCONF, (char *) &ifc))
{
intrface = ifc.ifc_len / sizeof(struct ifreq);
//printf("interface num is intrface=%dnnn", intrface);
num = intrface;
while (intrface-- > 0)
{
//printf("net device %sn", buf[intrface].ifr_name);
memset(a[i].Name,0,sizeof(a[i].Name));
sprintf( a[i].Name,"%s",buf[intrface].ifr_name);
/*Jugde whether the net card status is promisc */
if (!(ioctl(fd, SIOCGIFFLAGS, (char *) &buf[intrface])))
{
if (buf[intrface].ifr_flags & IFF_PROMISC)
{
//puts("the interface is PROMISC");
a[i].mode =1;
//retn++;
} else a[i].mode = 0;
}
else
{
//char str[256];
//sprintf(str, "cpm: ioctl device %s",
// buf[intrface].ifr_name);
a[i].mode = 0;
//perror(str);
}
/*Jugde whether the net card status is up */
if (buf[intrface].ifr_flags & IFF_UP)
{
//puts("the interface status is UP");
a[i].status = 1;
}
else
{
//puts("the interface status is DOWN");
a[i].status = 0;
}
/*Get IP of the net card */
if (!(ioctl(fd, SIOCGIFADDR, (char *) &buf[intrface])))
{
//puts("IP address is:");
/*puts(inet_ntoa(((struct sockaddr_in *)
(&buf[intrface].ifr_addr))->sin_addr));
*/
//puts("");
//puts (buf[intrface].ifr_addr.sa_data);
memset(a[i].IP,0,sizeof(a[i].IP));
sprintf(a[i].IP,"%s",inet_ntoa(((struct sockaddr_in *)
(&buf[intrface].ifr_addr))->sin_addr));
}
else
{
/*char str[256];
sprintf(str, "cpm: ioctl device %s",
buf[intrface].ifr_name);
perror(str);*/
memset(a[i].IP,0,sizeof(a[i].IP));
sprintf(a[i].IP,"%s","0.0.0.0");
}
/*Get HW ADDRESS of the net card */
memset(a[i].MacAdd,0,sizeof(a[i].MacAdd));
if (!(ioctl(fd, SIOCGIFHWADDR, (char *) &buf[intrface])))
{ //puts("HW address is:");
sprintf(a[i].MacAdd,"%02x:%02x:%02x:%02x:%02x:%02x",
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[0],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[1],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[2],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[3],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[4],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[5]);
}
else
{
/*char str[256];
sprintf(str, "cpm: ioctl device %s",
buf[intrface].ifr_name);
perror(str);*/
sprintf(a[i].MacAdd,"%s","00:00:00:00:00:00");
}
i++;
}
}
else return -1;
}
else return -1;
close(fd);
return i;
}
int getDDX(struct netCardInfo * netcard)
{
char text[201];
char data[201];
FILE *fp;
char seps[] = " ,t";
char *token;
int i;
char net[20];
fp = fopen("/proc/net/dev", "r");
if(!fp) return -1;
memset(text,0,201);
while (fgets(text, 200, fp))
{
memset(net,0,20);
strcat(net,netcard->Name);
strcat(net,":");
token = strtok( text, seps );
memset(data,0,201);
if(strcmp(token,net)==0)
{
token = strtok( NULL, seps );
if(token == NULL) return -1;
strcat(data,token);
strcat(data," ");
token = strtok( NULL, seps );
if(token == NULL) return -1;
strcat(data,token);
for(i=0;iBytesRcv),&(netcard->PackRcv),
&(netcard->RytesTrans),&(netcard->PackTrans));
}
memset(text,0,201);
}
fclose(fp);
return 0;
}
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include //for close()
#define BUFFERSIZE 20
#define MAXINTERFACES 16
struct netCardInfo
{
char Name[BUFFERSIZE];
unsigned int mode;// it is promisc or normal mode
unsigned int status; // up or down
char IP[BUFFERSIZE]; // ip address
char MacAdd[BUFFERSIZE];//mac address
unsigned int BytesRcv;//
unsigned int RytesTrans;//
unsigned int PackRcv;
unsigned int PackTrans;
};
int getNetList(struct netCardInfo a[]);
int getDDX(struct netCardInfo *);
int main(void)
{
int i,j;
while(1){
sleep(3);
struct netCardInfo netcards[MAXINTERFACES];
i = getNetList(netcards);
for(j = 0; j= 0)
{
ifc.ifc_len = sizeof(buf);
ifc.ifc_buf = (caddr_t) buf;
if (!ioctl(fd, SIOCGIFCONF, (char *) &ifc))
{
intrface = ifc.ifc_len / sizeof(struct ifreq);
//printf("interface num is intrface=%dnnn", intrface);
num = intrface;
while (intrface-- > 0)
{
//printf("net device %sn", buf[intrface].ifr_name);
memset(a[i].Name,0,sizeof(a[i].Name));
sprintf( a[i].Name,"%s",buf[intrface].ifr_name);
/*Jugde whether the net card status is promisc */
if (!(ioctl(fd, SIOCGIFFLAGS, (char *) &buf[intrface])))
{
if (buf[intrface].ifr_flags & IFF_PROMISC)
{
//puts("the interface is PROMISC");
a[i].mode =1;
//retn++;
} else a[i].mode = 0;
}
else
{
//char str[256];
//sprintf(str, "cpm: ioctl device %s",
// buf[intrface].ifr_name);
a[i].mode = 0;
//perror(str);
}
/*Jugde whether the net card status is up */
if (buf[intrface].ifr_flags & IFF_UP)
{
//puts("the interface status is UP");
a[i].status = 1;
}
else
{
//puts("the interface status is DOWN");
a[i].status = 0;
}
/*Get IP of the net card */
if (!(ioctl(fd, SIOCGIFADDR, (char *) &buf[intrface])))
{
//puts("IP address is:");
/*puts(inet_ntoa(((struct sockaddr_in *)
(&buf[intrface].ifr_addr))->sin_addr));
*/
//puts("");
//puts (buf[intrface].ifr_addr.sa_data);
memset(a[i].IP,0,sizeof(a[i].IP));
sprintf(a[i].IP,"%s",inet_ntoa(((struct sockaddr_in *)
(&buf[intrface].ifr_addr))->sin_addr));
}
else
{
/*char str[256];
sprintf(str, "cpm: ioctl device %s",
buf[intrface].ifr_name);
perror(str);*/
memset(a[i].IP,0,sizeof(a[i].IP));
sprintf(a[i].IP,"%s","0.0.0.0");
}
/*Get HW ADDRESS of the net card */
memset(a[i].MacAdd,0,sizeof(a[i].MacAdd));
if (!(ioctl(fd, SIOCGIFHWADDR, (char *) &buf[intrface])))
{ //puts("HW address is:");
sprintf(a[i].MacAdd,"%02x:%02x:%02x:%02x:%02x:%02x",
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[0],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[1],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[2],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[3],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[4],
(unsigned char) buf[intrface].ifr_hwaddr.sa_data[5]);
}
else
{
/*char str[256];
sprintf(str, "cpm: ioctl device %s",
buf[intrface].ifr_name);
perror(str);*/
sprintf(a[i].MacAdd,"%s","00:00:00:00:00:00");
}
i++;
}
}
else return -1;
}
else return -1;
close(fd);
return i;
}
int getDDX(struct netCardInfo * netcard)
{
char text[201];
char data[201];
FILE *fp;
char seps[] = " ,t";
char *token;
int i;
char net[20];
fp = fopen("/proc/net/dev", "r");
if(!fp) return -1;
memset(text,0,201);
while (fgets(text, 200, fp))
{
memset(net,0,20);
strcat(net,netcard->Name);
strcat(net,":");
token = strtok( text, seps );
memset(data,0,201);
if(strcmp(token,net)==0)
{
token = strtok( NULL, seps );
if(token == NULL) return -1;
strcat(data,token);
strcat(data," ");
token = strtok( NULL, seps );
if(token == NULL) return -1;
strcat(data,token);
for(i=0;iBytesRcv),&(netcard->PackRcv),
&(netcard->RytesTrans),&(netcard->PackTrans));
}
memset(text,0,201);
}
fclose(fp);
return 0;
}
|
我一直都用ethreal,不过要装wincap,特别是用来分析协议。
|
呵呵,我不知道你说的是否是sniffer软件,这种软件是比较多的。
你可以上网搜索一下,另外,如果相关的软件不是很符合要求的话,我建议你使用libpcap函数库自己来编写相关的抓包工具,很简单的。
祝你好运。
你可以上网搜索一下,另外,如果相关的软件不是很符合要求的话,我建议你使用libpcap函数库自己来编写相关的抓包工具,很简单的。
祝你好运。
|
tcpdump本身就有这个功能,tcpdump的原代码好找吧
|
iptable就可以实现
|
可以看看TC,这个是做流量控制的。
|
我研究一下 看能不能编译通国
您可能感兴趣的文章:
本站(WWW.)旨在分享和传播互联网科技相关的资讯和技术,将尽最大努力为读者提供更好的信息聚合和浏览方式。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。