†††
†1 /* 2 * packet monitor program 3 * pckmon2.c 4 * cc pckmon2.c -lnsl -o pckmon2 5 */ 6 #include <stdio.h> 7 #include <stdlib.h> 8 #include <netinet/in.h> 9 #include <errno.h> 10 #include <netdb.h> 11 #include <netinet/tcp.h> 12 #include <netinet/ip.h> 13 #include <sys/socket.h> 14 #include <arpa/inet.h> 15 #include <sys/ioctl.h> 16 #include <net/if.h> 17 #include <net/ethernet.h> 18 #include <netpacket/packet.h> 19 20 void recv_pkt(); 21 int sock ; 22 23 int 24 main(int argc, char *argv[]) 25 { 26 struct ifreq ifr; 27 struct packet_mreq mreq; 28 29 if(argc != 2) { 30 printf("Usage: %s interface\n", argv[0]); 31 exit(1); 32 } 33 34 if ((sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0 ){ 35 perror("socket"); 36 exit(1); 37 } 38 39 strcpy(ifr.ifr_name, argv[1]); 40 41 if(ioctl(sock, SIOCGIFINDEX, &ifr) < 0 ){ 42 perror("ioctl SIOCGIFINDEX"); 43 exit(1); 44 } 45 46 memset(&mreq,0,sizeof(mreq)); 47 mreq.mr_type = PACKET_MR_PROMISC; 48 mreq.mr_ifindex = ifr.ifr_ifindex; 49 50 if((setsockopt(sock,SOL_PACKET,PACKET_ADD_MEMBERSHIP,(void *)&mreq,sizeof(mreq))) < 0){ 51 perror("setsockopt"); 52 exit(1); 53 } 54 55 recv_pkt(); 56 } 57 58 /*********************************************** 59 * recv_pkt() 60 * Receive and display packets 61 ***********************************************/ 62 void 63 recv_pkt() 64 { 65 int rsin_size, count; 66 struct sockaddr_in rsin; 67 struct in_addr insaddr,indaddr; 68 fd_set fds; 69 70 struct buf { 71 struct iphdr ip; 72 struct tcphdr tcp; 73 unsigned char blah[65535]; 74 } buf; 75 76 rsin_size = sizeof(rsin); 77 78 FD_ZERO(&fds); 79 FD_SET(sock, &fds); 80 81 for ( count = 0 ;; count++){ 82 if( select(sock + 1, &fds , NULL, NULL, NULL) < 0 ){ 83 perror("select"); 84 exit(1); 85 } 86 87 if ( FD_ISSET(sock, &fds)){ 88 if(recvfrom(sock,&buf,sizeof(buf),0,(struct sockaddr *)&rsin,&rsin_size) < 0 ){ 89 perror("recvfrom"); 90 } 91 /* 92 * Ignore the packets other than TCP 93 */ 94 if ( buf.ip.protocol != IPPROTO_TCP) 95 continue; 96 insaddr.s_addr = buf.ip.saddr; 97 indaddr.s_addr = buf.ip.daddr; 98 99 printf("Packet number : %d\n", count); 100 printf("----IP Header--------------------\n"); 101 printf("version : %u\n",buf.ip.version); 102 printf("ihl : %u\n",buf.ip.ihl); 103 printf("tos : %u\n",buf.ip.tos); 104 printf("tot length : %u\n",ntohs(buf.ip.tot_len)); 105 printf("id : %u\n",ntohs(buf.ip.id)); 106 printf("frag_off : %u\n",ntohs(buf.ip.frag_off) & 8191); 107 printf("ttl : %u\n",buf.ip.ttl); 108 printf("protocol : %u\n",buf.ip.protocol); 109 printf("check : 0x%x\n",ntohs(buf.ip.check)); 110 printf("saddr : %s\n",inet_ntoa(insaddr)); 111 printf("daddr : %s\n",inet_ntoa(indaddr)); 112 113 printf("----TCP Header-------------------\n"); 114 printf("source port : %u\n",ntohs(buf.tcp.source)); 115 printf("dest port : %u\n",ntohs(buf.tcp.dest)); 116 printf("sequence : %u\n",ntohl(buf.tcp.seq)); 117 printf("ack seq : %u\n",ntohl(buf.tcp.ack_seq)); 118 printf("frags :"); 119 buf.tcp.fin ? printf(" FIN") : 0 ; 120 buf.tcp.syn ? printf(" SYN") : 0 ; 121 buf.tcp.rst ? printf(" RST") : 0 ; 122 buf.tcp.psh ? printf(" PSH") : 0 ; 123 buf.tcp.ack ? printf(" ACK") : 0 ; 124 buf.tcp.urg ? printf(" URG") : 0 ; 125 printf("\n"); 126 printf("window : %u\n",ntohs(buf.tcp.window)); 127 printf("check : 0x%x\n",ntohs(buf.tcp.check)); 128 printf("urt_ptr : %u\n\n\n",buf.tcp.urg_ptr); 129 } 130 } /* for() loop */ 131 } †
# ./pckmon2 eth0 Packet number : 0 ----IP Header-------------------- version : 4 ihl : 5 tos : 0 tot length : 40 id : 14879 frag_off : 0 ttl : 128 protocol : 6 check : 0xd575 saddr : 172.29.73.2 daddr : 172.29.73.254 ----TCP Header------------------- source port : 1270 dest port : 22 sequence : 1671008060 ack seq : 1093140794 frags : ACK window : 17340 check : 0x4699 urt_ptr : 0 Packet number : 1 ----IP Header-------------------- version : 4 ihl : 5 tos : 16 tot length : 540 id : 11933 frag_off : 0 ttl : 64 protocol : 6 check : 0x1ef4 saddr : 172.29.73.254 daddr : 172.29.73.2 ----TCP Header------------------- source port : 22 dest port : 1270 sequence : 1093140794 ack seq : 1671008060 frags : PSH ACK window : 6432 check : 0xbbdc urt_ptr : 0
†34 if ((sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0 ){
70 struct buf { 74 } buf;
† |