| |
| socket(PF_PACKET,SOCK_DGRAM, ) | |
| |
| ioctl(,SIOCGIFINDEX,) | |
| |
| setsockopt(,,PACKET_ADD_MEMBERSHIP,,) | |
| |
| recvfrom() | |
| |
| printf() | |
1 /*
2 * packet monitor program
3 * pckmon2.c
4 * cc pckmon2.c -lnsl -o pckmon2
5 */
6 #include <stdio.h>
7 #include <stdlib.h>
8 #include <netinet/in.h>
9 #include <errno.h>
10 #include <netdb.h>
11 #include <netinet/tcp.h>
12 #include <netinet/ip.h>
13 #include <sys/socket.h>
14 #include <arpa/inet.h>
15 #include <sys/ioctl.h>
16 #include <net/if.h>
17 #include <net/ethernet.h>
18 #include <netpacket/packet.h>
19
20 void recv_pkt();
21 int sock ;
22
23 int
24 main(int argc, char *argv[])
25 {
26 struct ifreq ifr;
27 struct packet_mreq mreq;
28
29 if(argc != 2) {
30 printf("Usage: %s interface\n", argv[0]);
31 exit(1);
32 }
33
34 if ((sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0 ){
35 perror("socket");
36 exit(1);
37 }
38
39 strcpy(ifr.ifr_name, argv[1]);
40
41 if(ioctl(sock, SIOCGIFINDEX, &ifr) < 0 ){
42 perror("ioctl SIOCGIFINDEX");
43 exit(1);
44 }
45
46 memset(&mreq,0,sizeof(mreq));
47 mreq.mr_type = PACKET_MR_PROMISC;
48 mreq.mr_ifindex = ifr.ifr_ifindex;
49
50 if((setsockopt(sock,SOL_PACKET,PACKET_ADD_MEMBERSHIP,(void *)&mreq,sizeof(mreq))) < 0){
51 perror("setsockopt");
52 exit(1);
53 }
54
55 recv_pkt();
56 }
57
58 /***********************************************
59 * recv_pkt()
60 * Receive and display packets
61 ***********************************************/
62 void
63 recv_pkt()
64 {
65 int rsin_size, count;
66 struct sockaddr_in rsin;
67 struct in_addr insaddr,indaddr;
68 fd_set fds;
69
70 struct buf {
71 struct iphdr ip;
72 struct tcphdr tcp;
73 unsigned char blah[65535];
74 } buf;
75
76 rsin_size = sizeof(rsin);
77
78 FD_ZERO(&fds);
79 FD_SET(sock, &fds);
80
81 for ( count = 0 ;; count++){
82 if( select(sock + 1, &fds , NULL, NULL, NULL) < 0 ){
83 perror("select");
84 exit(1);
85 }
86
87 if ( FD_ISSET(sock, &fds)){
88 if(recvfrom(sock,&buf,sizeof(buf),0,(struct sockaddr *)&rsin,&rsin_size) < 0 ){
89 perror("recvfrom");
90 }
91 /*
92 * Ignore the packets other than TCP
93 */
94 if ( buf.ip.protocol != IPPROTO_TCP)
95 continue;
96 insaddr.s_addr = buf.ip.saddr;
97 indaddr.s_addr = buf.ip.daddr;
98
99 printf("Packet number : %d\n", count);
100 printf("----IP Header--------------------\n");
101 printf("version : %u\n",buf.ip.version);
102 printf("ihl : %u\n",buf.ip.ihl);
103 printf("tos : %u\n",buf.ip.tos);
104 printf("tot length : %u\n",ntohs(buf.ip.tot_len));
105 printf("id : %u\n",ntohs(buf.ip.id));
106 printf("frag_off : %u\n",ntohs(buf.ip.frag_off) & 8191);
107 printf("ttl : %u\n",buf.ip.ttl);
108 printf("protocol : %u\n",buf.ip.protocol);
109 printf("check : 0x%x\n",ntohs(buf.ip.check));
110 printf("saddr : %s\n",inet_ntoa(insaddr));
111 printf("daddr : %s\n",inet_ntoa(indaddr));
112
113 printf("----TCP Header-------------------\n");
114 printf("source port : %u\n",ntohs(buf.tcp.source));
115 printf("dest port : %u\n",ntohs(buf.tcp.dest));
116 printf("sequence : %u\n",ntohl(buf.tcp.seq));
117 printf("ack seq : %u\n",ntohl(buf.tcp.ack_seq));
118 printf("frags :");
119 buf.tcp.fin ? printf(" FIN") : 0 ;
120 buf.tcp.syn ? printf(" SYN") : 0 ;
121 buf.tcp.rst ? printf(" RST") : 0 ;
122 buf.tcp.psh ? printf(" PSH") : 0 ;
123 buf.tcp.ack ? printf(" ACK") : 0 ;
124 buf.tcp.urg ? printf(" URG") : 0 ;
125 printf("\n");
126 printf("window : %u\n",ntohs(buf.tcp.window));
127 printf("check : 0x%x\n",ntohs(buf.tcp.check));
128 printf("urt_ptr : %u\n\n\n",buf.tcp.urg_ptr);
129 }
130 } /* for() loop */
131 }
pckmon2.c
# ./pckmon2 eth0
Packet number : 0
----IP Header--------------------
version : 4
ihl : 5
tos : 0
tot length : 40
id : 14879
frag_off : 0
ttl : 128
protocol : 6
check : 0xd575
saddr : 172.29.73.2
daddr : 172.29.73.254
----TCP Header-------------------
source port : 1270
dest port : 22
sequence : 1671008060
ack seq : 1093140794
frags : ACK
window : 17340
check : 0x4699
urt_ptr : 0
Packet number : 1
----IP Header--------------------
version : 4
ihl : 5
tos : 16
tot length : 540
id : 11933
frag_off : 0
ttl : 64
protocol : 6
check : 0x1ef4
saddr : 172.29.73.254
daddr : 172.29.73.2
----TCP Header-------------------
source port : 22
dest port : 1270
sequence : 1093140794
ack seq : 1671008060
frags : PSH ACK
window : 6432
check : 0xbbdc
urt_ptr : 0
34 if ((sock = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL))) < 0 ){
| recvfrom() |
| |
| #include <sys/types.h>
#include <sys/socket.h> |
| int recvfrom(int s, void *buf, int len, unsigned int flags struct sockaddr *from, int *fromlen); |
|
|
|
|
70 struct buf {
74 } buf;
