- 论坛徽章:
- 0
|
#include
#include
int main()
{
char error_content[PCAP_ERRBUF_SIZE];
/* 错误信息 */
struct pcap_pkthdr protocol_header;
/* 数据包头 */
pcap_t *pcap_handle;
/* Libpcap句柄 */
struct bpf_program bpf_filter;
/* bpf过滤规则 */
char bpf_filter_string[] = "";
/* 过滤规则 */
const u_char *packet_content;
/* 数据包内容 */
bpf_u_int32 net_mask;
/* 网络掩码 */
bpf_u_int32 net_ip;
/* 网络地址 */
char *net_interface;
/* 网络接口 */
net_interface = pcap_lookupdev(error_content);
/* 获取网络接口 */
pcap_lookupnet(net_interface, &net_ip, &net_mask, error_content);
/* 获取网络地址和掩码地址 */
pcap_handle = pcap_open_live(net_interface, /* 网络接口 */
BUFSIZ, /* 数据包大小 */
1, /* 混杂模式 */
0, /* 等待时间 */
error_content); /* 错误信息 */
/* 打开网络接口 */
pcap_compile(pcap_handle, /* Libpcap句柄 */
&bpf_filter, /* BPF过滤规则 */
bpf_filter_string, /* BPF过滤规则字符串 */
0, /* 优化参数 */
net_ip); /* 网络地址 */
/* 编译过滤规则 */
pcap_setfilter(pcap_handle, /* Libpcap句柄 */ &bpf_filter); /* BPF过滤规则 */
/* 设置过滤规则 */
packet_content = pcap_next(pcap_handle, /* Libpcap句柄 */ &protocol_header); /* 数据包信息 */
/* 捕获一个数据包,返回此数据包的内容 */
printf("Capture a packet from : %s\n", net_interface);
/* 输出网络接口名字 */
printf("The packet length is :%d\n", protocol_header.len);
/* 输出捕获的数据包的长度 */
pcap_close(pcap_handle);
/* 关闭Libpcap操作 */
return 0;
}
上面是《网络安全工具包》中的一段代码,要在linux下面进行网络安全方面的编程,主要是应用libpcap来进行编程。
fisherman:/home/wangyao/Desktop/3.5.1# apt-cache search pcap etherape - graphical network monitor modeled after etherman
fprobe - export captured traffic to remote NetFlow Collector
fprobe-ng - export captured traffic to remote NetFlow Collector (meta)
libcap-bin - basic utility programs for using capabilities
libmlpcap-ocaml - binding of libpcap for OCaml
libmlpcap-ocaml-dev - binding of libpcap for OCaml
libnet-pcap-perl - Pcap interface for perl
libnet0 - library for the construction and handling of network packets (obsolete)
libnet1 - library for the construction and handling of network packets
libnet1-dev - development files for libnet
libpcap-dev - Development library for libpcap (transitional package)
libpcap-ruby1.8 - Ruby interface for the libpcap packet capture library
libpcap0.7 - System interface for user-level packet capture
libpcap0.7-dev - Development library and header files for libpcap 0.7
libpcap0.8 - System interface for user-level packet capture
libpcap0.8-dev - Development library and header files for libpcap 0.8
libprintsys - printcap parser, helper for gnulpr's printfilters
netdiscover - active/passive address scanner using arp requests
ngrep - grep for network traffic
pike-public.network.pcap - Pike interface module for the pcap library (default)pike7.6-public.network.pcap - Pike interface module for the pcap library
python-impacket - Python module to easily build and dissect network protocols
python-pcapy - Python interface to the libpcap packet capture library
sing - A fully programmable ping replacement
snort - Flexible Network Intrusion Detection System
snort-common - Flexible Network Intrusion Detection System [common files]
snort-doc - Documentation for the Snort IDS [documentation]
snort-mysql - Flexible Network Intrusion Detection System [MySQL]
snort-pgsql - Flexible Network Intrusion Detection System [PostgreSQL]
tcpick - TCP stream sniffer and connection tracker
tcpspy - Incoming and Outgoing TCP/IP connections logger
tcptrace - Tool for analyzing tcpdump output
tcpxtract - extracts files from network traffic based on file signatures
ulogd - The Netfilter Userspace Logging Daemon
ulogd-pcap - pcap extension to ulogd
at76c503a-source - at76c503a driver source
安装必须的软件包libpcap0.8-dev,注意是dev包而不是libpcap0.8,因为我们开发需要必须的头文件。
在编译的时候,需要注意一些地方,指定编译链接库。
#gcc get_a_packet_code.c -o get_a_packet_code -lpcap
注意:编译结束后,运行程序需要以root的身份运行,因为系统不允许非root用户进行一些网络操作。
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u/12592/showart_180399.html |
|