Chinaunix

标题: kdump.exe原码 [打印本页]

作者: touch_itpub 时间: 2006-01-09 17:55
标题: kdump.exe原码
/*\n * Copyright (c) 1999 - 2002\n * Politecnico di Torino. All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that: (1) source code distributions\n * retain the above copyright notice and this paragraph in its entirety, (2)\n * distributions including binary code include the above copyright notice and\n * this paragraph in its entirety in the documentation or other materials\n * provided with the distribution, and (3) all advertising materials mentioning\n * features or use of this software display the following acknowledgement:\n * ``This product includes software developed by the Politecnico\n * di Torino, and its contributors.// Neither the name of\n * the University nor the names of its contributors may be used to endorse\n * or promote products derived from this software without specific prior\n * written permission.\n * THIS SOFTWARE IS PROVIDED ``AS IS// AND WITHOUT ANY EXPRESS OR IMPLIED\n * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.\n */\n\n#include <stdlib.h>\n#include <stdio.h>\n\n#include <pcap.h>\n\n#error At the moment the kernel dump feature is not supported in the driver\n\nmain(int argc, char **argv) {\n \n pcap_if_t *alldevs, *d;\n pcap_t *fp;\n u_int inum, i=0;\n char errbuf[PCAP_ERRBUF_SIZE];\n\n printf(\"kdump: saves the network traffic to file using WinPcap kernel-level dump faeature.\n\"

;\n printf(\" Usage: %s [adapter] | dump_file_name max_size max_packs\n\", argv[0]);\n printf(\" Where: max_size is the maximum size that the dump file will reach (0 means no limit)\n\"

;\n printf(\" Where: max_packs is the maximum number of packets that will be saved (0 means no limit)\n\n\"

;\n\n\n if(argc < 5){\n\n /* The user didn/t provide a packet source: Retrieve the device list */\n if (pcap_findalldevs(&alldevs, errbuf) == -1)\n {\n fprintf(stderr,\"Error in pcap_findalldevs: %s\n\", errbuf);\n exit(1);\n }\n \n /* Print the list */\n for(d=alldevs; d; d=d->next)\n {\n printf(\"%d. %s\", ++i, d->name);\n if (d->description)\n printf(\" (%s)\n\", d->description);\n else\n printf(\" (No description available)\n\"

;\n }\n \n if(i==0)\n {\n printf(\"\nNo interfaces found! Make sure WinPcap is installed.\n\"

;\n return -1;\n }\n \n printf(\"Enter the interface number (1-%d):\",i);\n scanf(\"%d\", &inum);\n \n if(inum < 1 || inum > i)\n {\n printf(\"\nInterface number out of range.\n\"

;\n /* Free the device list */\n return -1;\n }\n \n /* Jump to the selected adapter */\n for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);\n \n /* Open the device */\n if ( (fp = pcap_open_live(d->name, 100, 1, 20, errbuf) ) == NULL)\n {\n fprintf(stderr,\"\nError opening adapter\n\"

;\n return -1;\n }\n\n /* Free the device list */\n pcap_freealldevs(alldevs);\n\n /* Start the dump */\n if(pcap_live_dump(fp, argv[1], atoi(argv[2]), atoi(argv[3]))==-1){\n printf(\"Unable to start the dump, %s\n\", pcap_geterr(fp));\n return -1;\n }\n }\n else{\n \n /* Open the device */\n if ( (fp= pcap_open_live(argv[1], 100, 1, 20, errbuf) ) == NULL)\n {\n fprintf(stderr,\"\nError opening adapter\n\"

;\n return -1;\n }\n\n /* Start the dump */\n if(pcap_live_dump(fp, argv[0], atoi(argv[1]), atoi(argv[2]))==-1){\n printf(\"Unable to start the dump, %s\n\", pcap_geterr(fp));\n return -1;\n }\n }\n\n /* Wait until the dump finishes, i.e. when max_size or max_packs is reached*/\n pcap_live_dump_ended(fp, TRUE);\n \n /* Close the adapter, so that the file is correctly flushed */\n pcap_close(fp);\n\n return 0;\n}\n\n[ 本帖最后由 freeadmin 于 2006-1-8 10:59 PM 编辑 ]

作者: benbuerba 时间: 2006-01-09 19:33
提示: 作者被禁止或删除内容自动屏蔽

作者: Nathan_itpub 时间: 2006-01-10 14:38
我很想知道下”kdump.exe“是何方神圣，\n连GOOGLE都找不出来。

欢迎光临 Chinaunix (http://bbs.chinaunix.net/)