資源簡介
Linux 網絡編程—— libpcap 詳解,相關教程鏈接如下:
http://blog.csdn.net/tennysonsky/article/details/44811899
代碼片段和文件信息
/*=========================================================================
??工程名稱: 01-libpcap-demo
??組成文件: 01-libpcap-demo(接收一個數據包).c
??功能描述:? 通過捕獲一個網絡數據包,然后對其進行數據的解析分析
??維護記錄:
2015-04-02?v1.0 add?by?Mike
=========================================================================*/
#include?
#include?
#include?
#include?
#include?
struct?ether_header
{
unsigned?char?ether_dhost[6]; //目的mac
unsigned?char?ether_shost[6]; //源mac
unsigned?short?ether_type; //以太網類型
};
#define?BUFSIZE?1514
/*=========================================================================
??函數名稱:int?main(int?argcchar?*argv[])??
??功能描述:通過使用libpcap接收一個數據包,然后對數據包進行解析
??參數傳遞:無
??返回數據:無
??維護記錄:
2015-04-02?v1.0 add?by?Mike
=========================================================================*/
int?main(int?argcchar?*argv[])
{
pcap_t?*?pcap_handle?=?NULL;
char?error_content[100]?=?““; //?出錯信息
const?unsigned?char?*p_packet_content?=?NULL; //?保存接收到的數據包的起始地址
unsigned?char?*p_mac_string?=?NULL; //?保存mac的地址,臨時變量
unsigned?short?ethernet_type?=?0; //?以太網類型
char?*p_net_interface_name?=?NULL; //?接口名字
struct?pcap_pkthdr?protocol_header;
struct?ether_header?*ethernet_protocol;
//獲得接口名
p_net_interface_name?=?pcap_lookupdev(error_content);
if(NULL?==?p_net_interface_name)
{
perror(“pcap_lookupdev“);
exit(-1);
}
//打開網絡接口
pcap_handle?=?pcap_open_live(p_net_interface_nameBUFSIZE10error_content);
p_packet_content?=?pcap_next(pcap_handle&protocol_header);
printf(“------------------------------------------------------------------------\n“);
printf(“capture?a?Packet?from?p_net_interface_name?:%s\n“p_net_interface_name);
printf(“Capture?Time?is?:%s“ctime((const?time_t?*)&protocol_header.ts.tv_sec));
printf(“Packet?Lenght?is?:%d\n“protocol_header.len);
/*
*分析以太網中的?源mac、目的mac
*/
ethernet_protocol?=?(struct?ether_header?*)p_packet_content;
p_mac_string?=?(unsigned?char?*)ethernet_protocol->ether_shost;//獲取源mac
printf(“Mac?Source?Address?is?%02x:%02x:%02x:%02x:%02x:%02x\n“*(p_mac_string+0)*(p_mac_string+1)*(p_mac_string+2)*(p_mac_string+3)*(p_mac_string+4)*(p_mac_string+5));
p_mac_string?=?(unsigned?char?*)ethernet_protocol->ether_dhost;//獲取目的mac
printf(“Mac?Destination?Address?is?%02x:%02x:%02x:%02x:%02x:%02x\n“*(p_mac_string+0)*(p_mac_string+1)*(p_mac_string+2)*(p_mac_string+3)*(p_mac_string+4)*(p_mac_string+5));
/*
*獲得以太網的數據包的地址,然后分析出上層網絡協議的類型
*/
ethernet_type?=?ntohs(ethernet_protocol->ether_type);
printf(“Ethernet?type?is?:%04x\t“ethernet_type);
switch(ethernet_type)
{
case?0x0800:printf(“The?network?layer?is?IP?protocol\n“);break;//ip
case?0x0806:printf(“The?network?layer?is?ARP?protocol\n“);break;//arp
case?0x0835:printf(“The?network?layer?is?RARP?protocol\n“);break;//rarp
default:printf(“The?network?layer?unknow!\n“);break;
}
pcap_close(pcap_handle);
return?0;
}
?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----
?????文件????????3400??2015-04-02?19:24??libpcap?詳解源碼\01-libpcap-demo(接收一個數據包).c
?????文件????????3267??2015-04-02?19:28??libpcap?詳解源碼\02-libpcap-demo(接收多個數據包).c
?????文件????????1301??2012-04-28?20:26??libpcap?詳解源碼\03-demo(設置過濾規則).c
?????目錄???????????0??2015-04-02?20:07??libpcap?詳解源碼\
評論
共有 條評論
川公網安備 51152502000135號