免费注册	查看新帖 \|


平台论坛博客文库

› 论坛 › 程序设计 › C/C++ › IPDUMP SOURCE

12 / 2 页下一页

最近访问板块

发新帖

查看: 2499 | 回复: 15

上一主题

下一主题

IPDUMP SOURCE [复制链接]

论坛徽章:: 0

电梯直达

跳转到指定楼层

1楼 [收藏(0)] [报告]

发表于 2004-05-19 14:18 |只看该作者 |倒序浏览

在LINUX下调试通过,没有在UNIX下试过,哈哈
#include <stdio.h>;
#include <stdlib.h>;
#include <unistd.h>;
#include <sys/time.h>;
#include <sys/socket.h>;
#include <net/ethernet.h>;
#include <netinet/in_systm.h>;
#include <netinet/in.h>;
#include <netinet/ip.h>;
#include <netinet/ip_icmp.h>;
#include <getopt.h>; //added for getopt()&&optarg,optind

#define __FAVOR_BSD //due to some BSD style structure,tcphdr
#include <netinet/tcp.h>;
#include <netinet/udp.h>;
#include <netinet/if_ether.h>;
#include <arpa/inet.h>;

#ifdef __linux
#include <linux/sockios.h>;
#include <linux/if.h>;
#else
#include <sys/ioctl.h>;
#include <net/bpf.h>;
#include <net/if.h>;
#include <fcntl.h>;
#endif

#define MAXSIZE 4096
#define OPTNUM 8
#define ON 1
#define OFF 0

enum
{ ETHER, ARP, IP, TCP, UDP, ICMP, DUMP, ALL };

#ifdef __linux
int open_bpf (char *ifname);
#endif

void print_ethernet (struct ether_header *eth);
void print_arp (struct ether_arp *arp);
void print_ip (struct ip *ip);
void print_icmp (struct icmp *icmp);
void print_tcp (struct tcphdr *tcp);
void print_udp (struct udphdr *udp);

void dump_packet (unsigned char *buff, int len);

char *mac_ntoa (u_char * d);
char *tcp_ftoa (int flag);
char *ip_ttoa (int flag);
char *ip_ftoa (int flag);
void help (char *cmd);

struct ip *ip; //this structure can be used for all

int
main (int argc, char *argv[])
{
struct ether_header *eth;
struct ether_arp *arp;
//struct ip *ip;
struct icmp *icmp;
struct tcphdr *tcp;
struct udphdr *udp;
int s; //socket
int len; //received len
int c; //char from getopt()
int disp; //flg of displaying on screen
char buff[MAXSIZE]; //recv buffer
char *p; //datagram header pointer
char *p0; //datagram pointer
char ifname[256] = "x10"; //FreeBSD socket
int opt[OPTNUM]; //area flag
//extern int optind; //getopt() variable
#ifndef __linux
int bpf_len; //len received from BPF
struct bpf_hdr *bp; //BPF header struct
#endif

//init value of every type packet
//setbuf(stdout,NULL);
opt[ETHER] = OFF;
opt[ARP] = ON;
opt[IP] = ON;
opt[TCP] = ON;
opt[UDP] = ON;
opt[ICMP] = ON;
opt[DUMP] = OFF;
opt[ALL] = OFF;

文库|博客

论坛徽章:: 0

2楼 [报告]

发表于 2004-05-19 14:18 |只看该作者

IPDUMP SOURCE

//command line check
while ((c = getopt (argc, argv, "aei:p:dh"

) != EOF) //command parameter process
{
switch (c)
{
case 'a': //all
{
opt[ALL] = ON;
break;
}
case 'i': //ifname
{
strcpy (ifname, optarg);
break;
}
case 'e': //ethernet
{
opt[ETHER] = ON;
break;
}
case 'd': //dump
{
opt[DUMP] = ON;
break;
}
case 'p': //protocol
{
opt[ARP] = OFF;
opt[IP] = OFF;
opt[TCP] = OFF;
opt[UDP] = OFF;
opt[ICMP] = OFF;
optind--;
while (argv[optind] != NULL && argv[optind][0] != '-')
{
if (strcmp (argv[optind], "arp"

== 0) //arp
opt[ARP] = ON;
else if (strcmp (argv[optind], "ip"

== 0) //ip
opt[IP] = ON;
else if (strcmp (argv[optind], "tcp"

== 0) //tcp
opt[TCP] = ON;
else if (strcmp (argv[optind], "udp"

== 0) //udp
opt[UDP] = ON;
else if (strcmp (argv[optind], "icmp"

== 0) //icmp
opt[ICMP] = ON;
else if (strcmp (argv[optind], "other"

== 0) //other
;
else
{
help (argv[0]);
exit (EXIT_FAILURE);
}
optind++;
}
break;
}
case 'h': //help
case '?':
default:
{
help (argv[0]);
exit (EXIT_FAILURE);
break;
}
}
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

3楼 [报告]

发表于 2004-05-19 14:19 |只看该作者

IPDUMP SOURCE

if (optind < argc)
{
while (optind < argc)
{
printf ("%s", argv[optind++]);
}
printf ("\n"

;
help (argv[0]);
exit (EXIT_FAILURE);
}
#ifdef __linux
//***********open socket with promiscuous***************
if ((s = socket (AF_INET, SOCK_PACKET, htons (ETH_P_ALL))) < 0)
//if ((s = socket (AF_INET, SOCK_STREAM, 0)) < 0)
{
perror ("socket"

;
exit (EXIT_FAILURE);
}
if (strcmp (ifname, "x10"

!= 0)
{
struct sockaddr sa;
memset (&sa, 0, sizeof sa);
sa.sa_family = AF_INET;
strcpy (sa.sa_data, ifname);
if (bind (s, &sa, sizeof sa) < 0)
{
perror ("bind"

;
exit (EXIT_FAILURE);
}
}
#else
if ((s = open_bpf (ifname)) < 0)
{
exit (EXIT_FAILURE);
}
bpf_len = 0;
#endif

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

4楼 [报告]

发表于 2004-05-19 14:20 |只看该作者

IPDUMP SOURCE

while (1)
{
#ifndef __linux
//******input from UNIX bpf*******
if (bpf_len <= 0)
{
//*********get some packet at onece********
if ((bpf_len = read (s, buff, MAXSIZE)) < 0)
{
perror ("read"

;
exit (EXIT_FAILURE);
}
bp = (struct bpf_hdr *) buff;
}
else
{
//*********move the next bpf pointer*******
bp = (struct bpf hdr *) ((char *) bp + bp->;bh_hdrlen +
bp->;bh_caplen);
bp = (struct bpf hdr *) BPF_WORDALIGN ((int) bp);
}
//*******init Ethernet header pointer********
p = p0 = (char *) bp + bp->;bh_hdrlen;
len = bp->;bh_caplen;
#ifdef DEBUG
//*******display BPF header struct***********
printf ("bpf_len=%d," p = p + ((int) (tcp->;hl_off) << 2);
, bpf_len);
printf ("hdrlen=%d,", bp->;bh_hdrlen);
printf ("caplen=%d,", bp->;bh_caplen);
printf ("datalen=%d\n", bp->;bh_datalen);
#endif
//*******process unit before next while loop**
bpf_len -= BPF_WORDALIGN (bp->;bh_hdrlen + bp->;bh_caplen);
#else
//*******input from Linux SOCK_PACKET********
if ((len = read (s, buff, MAXSIZE)) < 0)
{
perror ("read"

;
exit (EXIT_FAILURE);
}
//*******init Ethernet header pointer*********
p = p0 = buff;
#endif
//*******packet displaying process unit*******
disp = OFF; //flag of whether display on screen

//*******set the header of Ethernet's struct***
eth = (struct ether_header *) p;
p = p + sizeof (struct ether_header); //ethernet datagram pointer

if (ntohs (eth->;ether_type) == ETHERTYPE_ARP) //arp packet
{
if (opt[ARP] == ON)
{
if (opt[ETHER] == ON)
{
print_ethernet (eth);
}
arp = (struct ether_arp *) p;
print_arp (arp);
disp = ON;
}
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

5楼 [报告]

发表于 2004-05-19 14:20 |只看该作者

IPDUMP SOURCE

else if ((ntohs (eth->;ether_type) == ETHERTYPE_IP) && (eth->;ether_dhost != eth->;ether_shost)) //ip packet
{
ip = (struct ip *) p;
if (strcmp
(inet_ntoa (*(struct in_addr *) &(ip->;ip_src)),
"127.0.0.1"

!= 0)
{
p = p + ((int) (ip->;ip_hl) << 2);
if (opt[IP] == ON && opt[TCP] == OFF
&& opt[UDP] == OFF && opt[ICMP] == OFF)
{
if (opt[ETHER] == ON)
{
print_ethernet (eth);
}
print_ip (ip);
disp = ON;
}
switch (ip->;ip_p)
{
case IPPROTO_TCP:
tcp = (struct tcphdr *) p;
p = p + ((int) (tcp->;th_off) << 2);
if (opt[TCP] == ON)
{
if (opt[IP] == ON)
{
if (opt[ETHER] == ON)
{
print_ethernet
(eth);
}
print_ip (ip);
}
print_tcp (tcp);
disp = ON;
}
break;
case IPPROTO_UDP:
udp = (struct udphdr *) p;
p = p + sizeof (struct udphdr);
if (opt[UDP] == ON)
{
if (opt[IP] == ON)
{
if (opt[ETHER] == ON)
{
print_ethernet
(eth);
}
print_ip (ip);
}
print_udp (udp);
disp = ON;
}
break;
case IPPROTO_ICMP:
icmp = (struct icmp *) p;
p = p + sizeof (struct udphdr);
if (opt[ICMP] == ON)
{
if (opt[IP] == ON)
{
if (opt[ETHER] == ON)
{
print_ethernet
(eth);
}
print_ip (ip);
}
print_icmp (icmp);
disp = ON;
}
break;
default:
if (opt[ALL] == ON)
{
if (opt[IP] == ON)
{
if (opt[ETHER] == ON)
{
print_ethernet
(eth);
}
print_ip (ip);
}
printf ("IP Protocol : unknown\n"

;
disp = ON;
}
break;
}
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

6楼 [报告]

发表于 2004-05-19 14:21 |只看该作者

IPDUMP SOURCE

else
{
if (opt[ALL] == ON)
{
if (opt[ETHER] == ON)
{
print_ethernet (eth);
}
printf ("Ethernet protocol:unknow\n"

;
disp = ON;
}
}
if (disp == ON)
{
if (opt[DUMP] == ON)
{
dump_packet (p0, len);
}
printf ("\n"

;
}
}
}
return EXIT_SUCCESS;
}

/************************************************
convert mac add. to str
************************************************/
char *
mac_ntoa (u_char * d)
{
static char str[50];

sprintf (str, "%02x:%02x:%02x:%02x:%02x:%02x",
d[0], d[1], d[2], d[3], d[4], d[5]);
return str;
}

/************************************************
disp Ethernet header
************************************************/
void
print_ethernet (struct ether_header *eth)
{
int type = ntohs (eth->;ether_type); //Ethernet type
//if (eth->;ether_dhost != eth->;ether_shost)
//{
if (type <= 1500)
{
printf ("IEEE 802.3 Ethernet Frame:\n"

;
}
else
{
printf ("Ethernet Frame:\n"

;
}
printf ("+------------------------------------------+\n"

;
printf ("|Destination MAC Address: %17s|\n",
mac_ntoa (eth->;ether_dhost));
printf ("+------------------------------------------+\n"

;
printf ("|Source MAC Address: %17s|\n",
mac_ntoa (eth->;ether_shost));
printf ("+------------------------------------------+\n"

;
if (type < 1500)
{
printf ("|Length:%5u|\n", type);
}
else
{
//printf ("|Ethernet Type: 0x%04x|\n",
//type);
if (type == 0x0200)
printf ("|Ethernet Type: Xerox PUP|\n"

;
else if (type == 0x0800)
printf ("|Ethernet Type: IP |\n"

;
else if (type == 0x0806)
printf ("|Ethernet Type: ARP |\n"

;
else if (type == 0x8035)
printf ("|Ethernet Type: ReversARP|\n");
else
printf ("|Ethernet Type: Unkonw |\n");
}
printf ("+------------------------------------------+\n");
//}
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

7楼 [报告]

发表于 2004-05-19 14:22 |只看该作者

IPDUMP SOURCE

/*****************************************************
display arp packet
*****************************************************/
void
print_arp (struct ether_arp *arp)
{
static char *arp_operation[] = {
"Undefine",
"(ARP Request)",
"(ARP Reply)",
"(RARP Request)",
"(RARP Reply)"
};
int op = ntohs (arp->;ea_hdr.ar_op);
//if (arp->;arp_sha != arp->;arp_tha)
//{
if (op <= 0 || 5 < op)
{
op = 0;
}
printf ("

rotocol:ARP\n"

;
printf ("+----------------------------------------------------------+\n"

;
printf ("|Header Type:%2u%-11s|  Protocol:0x%04x%-9s    |\n",
ntohs (arp->;ea_hdr.ar_hrd),
(ntohs (arp->;ea_hdr.ar_hrd) ==
   ARPHRD_ETHER) ? "(Ethernet)" : "(Not Ether)",
ntohs (arp->;ea_hdr.ar_pro),
(ntohs (arp->;ea_hdr.ar_pro) ==
   ETHERTYPE_IP) ? "(IP)" : "(Not IP)"

;
printf ("+----------------------------------------------------------+\n"

;
printf ("|HardwareLen:%3u|ProtocolAddrLen:%2u|op:%4d%16s|\n",
arp->;ea_hdr.ar_hln,
arp->;ea_hdr.ar_pln, ntohs (arp->;ea_hdr.ar_op),
arp_operation[op]);
printf ("+----------------------------------------------------------+\n"

;
printf ("|Source MAC Address: %17s |\n",
mac_ntoa (arp->;arp_sha));
printf ("+----------------------------------------------------------+\n"

;
printf ("|Source IP Address: %15s |\n",
inet_ntoa (*(struct in_addr *) &arp->;arp_spa));
printf ("+----------------------------------------------------------+\n"

;
printf ("|Destination MAC Address: %17s |\n",
mac_ntoa (arp->;arp_tha));
printf ("+----------------------------------------------------------+\n"

;
printf ("|Destination IP Address: %15s |\n",
inet_ntoa (*(struct in_addr *) &arp->;arp_tpa));
printf ("+----------------------------------------------------------+\n"

;
//}
}

/*****************************************************
display IP header
*****************************************************/
void
print_ip (struct ip *ip)
{
//if (ip->;ip_src != ip->;ip_dst)
//{
printf ("

rotocol:IP\n"

;
printf ("+------------------------------------------+\n");
printf ("|IV:%1u|HL:%2u|T:%8s| Total length:%6u|\n",
ip->;ip_v, ip->;ip_hl, ip_ttoa (ip->;ip_tos),
ntohs (ip->;ip_len));
printf ("+------------------------------------------+\n");
printf ("|Identifier:%5u|    FF:%3s|    FO:%5u|\n",
ntohs (ip->;ip_id), ip_ftoa (ntohs (ip->;ip_off)),
ntohs (ip->;ip_off) & IP_OFFMASK);
printf ("+------------------------------------------+\n");
printf ("|TTL:%3u|  Pro:%3u| Header Checksum:%5u|\n",
ip->;ip_ttl, ip->;ip_p, ntohs (ip->;ip_sum));
printf ("+------------------------------------------+\n");
printf ("|Source IP Address:       %15s|\n",
inet_ntoa (*(struct in_addr *) &(ip->;ip_src)));
printf ("+------------------------------------------+\n");
printf ("|Destination IP Address: %15s|\n",
inet_ntoa (*(struct in_addr *) &(ip->;ip_dst)));
printf ("+------------------------------------------+\n");
//}
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

8楼 [报告]

发表于 2004-05-19 14:22 |只看该作者

IPDUMP SOURCE

/*********************************************************
convert ip fragment_type to string
*********************************************************/
char *
ip_ftoa (int flag)
{
static int f[] = { 'R', 'D', 'M' };
static char str[17];
u_int mask = 0x8000; //mask
int i;

for (i = 0; i < 3; i++)
{
if (((flag << i) & mask) != 0)
{
str = f;
}
else
{
str = '0';
}
}
str = '\0';

return str;
}

/**********************************************************
convert ip header TOS into string
**********************************************************/
char *
ip_ttoa (int flag)
{
static int f[] = { '1', '1', '1', 'D', 'T', 'R', 'C', 'X' };
static char str[17];
u_int mask = 0x80;
int i;

for (i = 0; i < 8; i++)
{
if (((flag << i) & mask) != 0)
{
str = f;
}
else
{
str = '0';
}
}
str = '\0';

return str;
}

/***********************************************************
display icmp header
***********************************************************/
void
print_icmp (struct icmp *icmp)
{
static char *type_name[] = {
"Echo Reply",
"Undefine",
"Undefine",
"Destination Unreachable",
"source Quench",
"Redirect(change route)",
"Undefine",
"Undefine",
"Echo Request",
"Undefine",
"Undefine",
"Time Exceeded",
"arameter Problem",
"Timestamp Request",
"Timestamp Reply",
"Information Request",
"Information Reply",
"Address Mask Request",
"Address Mask Reply",
"Unknown"
};
print_ip (ip);
int type = icmp->;icmp_type;

if (type < 0 || type >;
{
type = 19;
}
printf ("rotocol:ICMP(%s)\n", type_name[type]);
printf ("+------------------------------------------+\n";
printf ("|Type:%3u| Code:%3u| Checksum:%5u|\n",
icmp->;icmp_type, icmp->;icmp_code, ntohs (icmp->;icmp_cksum));
printf ("+------------------------------------------+\n";

if (icmp->;icmp_type == 0 || icmp->;icmp_type ==
{
printf ("|Identification:%5u|Sequence Number:%5u|\n",
ntohs (icmp->;icmp_id), ntohs (icmp->;icmp_seq));
printf ("+------------------------------------------+\n";
}
else if (icmp->;icmp_type == 3)
{
if (icmp->;icmp_code == 4)
{
printf ("|Void:%5u|Next MTU:%5u|\n",
ntohs (icmp->;icmp_pmvoid),
ntohs (icmp->;icmp_nextmtu));
printf ("+------------------------------------------+\n";
}
else
{
printf ("|Unused:%10lu|\n",
(u_long) ntohl (icmp->;icmp_void));
printf ("+------------------------------------------+\n";
}
}
else if (icmp->;icmp_type == 5)
{
printf ("|Router IP Address:%15u|\n",
inet_ntoa (*(struct in_addr *) &(icmp->;icmp_gwaddr)));
printf ("+------------------------------------------+\n";
}
else if (icmp->;icmp_type == 11)
{
printf ("|Unused:%10lu|\n", (u_long) ntohl (icmp->;icmp_void));
printf ("+------------------------------------------+\n";
}
if (icmp->;icmp_type == 3 || icmp->;icmp_type == 5
|| icmp->;icmp_type == 11)
print_ip ((struct ip *) (((char *) icmp) + );
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

9楼 [报告]

发表于 2004-05-19 14:23 |只看该作者

IPDUMP SOURCE

/**************************************************************************
display tcp header
**************************************************************************/
void
print_tcp (struct tcphdr *tcp)
{
print_ip (ip);
printf ("protocol:TCP\n"

;
printf ("+------------------------------------------+\n"

;
printf ("|Source Port:%5u| Destination Port:%5u|\n",
ntohs (tcp->;th_sport), ntohs (tcp->;th_dport));
printf ("+------------------------------------------+\n"

;
printf ("|Sequence Number: %10lu|\n",
(u_long) ntohl (tcp->;th_seq));
printf ("+------------------------------------------+\n"

;
printf ("|Acknowledgmement Number: %10lu|\n",
(u_long) ntohl (tcp->;th_ack));
printf ("+------------------------------------------+\n"

;
//printf ("|Do:%2u|Reserved|F:%6s|Window Size: %5u|\n",
//tcp->;th_off, tcp_ftoa (tcp->;th_flags), ntohs (tcp->;th_win));
printf ("|Do:%2u|Reserved|F:%6s|Window Size: %5u|\n",
tcp->;th_off,tcp_ftoa(tcp->;th_flags), ntohs (tcp->;th_win));
printf ("+------------------------------------------+\n"

;
printf ("|Checksum:%5u| Urgent Pointer:%5u|\n",
ntohs (tcp->;th_sum), ntohs (tcp->;th_urp));
printf ("+------------------------------------------+\n"

;
}

/*************************************************************************
convert TCP header protocol flag into string
*************************************************************************/
char *
tcp_ftoa (int flag)
{
static int f[] = { 'U', 'A', 'P', 'R', 'S', 'F' }; //TCP protocol flag
static char str[17]; //return value buffer
u_int mask = 1 << 5;
int i;

for (i = 0; i < 6; i++)
{
if (((flag << i) & mask) != 0)
{
str = f;
}
else
{
str = '0';
}
}
str = '\0';

return str;
}

/**************************************************************************
display UDP header
**************************************************************************/
void
print_udp (struct udphdr *udp)
{
print_ip (ip);
printf ("rotocol:UDP\n";
printf ("+------------------------------------------+\n";
printf ("|Source Port:%5u|Destination Port: %5u|\n",
ntohs (udp->;uh_sport), ntohs (udp->;uh_dport));
printf ("+------------------------------------------+\n";
printf ("|Length:%5u| Checksum: %5u|\n",
ntohs (udp->;uh_ulen), ntohs (udp->;uh_sum));
printf ("+------------------------------------------+\n");
}

/**************************************************************************
display Ethernet packet with HEX
**************************************************************************/
void
dump_packet (unsigned char *buff, int len)
{
int i, j;

printf ("Ether Dump:\n");
for (i = 0; i < len; i += 16)
{
for (j = i; j < i + 16 && j < len; j++)
{
printf ("%02x", buff[j]);
if (j % 2 == 1)
{
printf (" ");
}
}

if ((j == len) && (len % 16 != 0))
{
for (j = 0; j < 40 - (len % 16) * 2.5; j++)
{
printf (" ");
}
}
printf (" ;");

//display with ASCII
for (j = i; j < i + 16 && j < len; j++)
{
if ((buff[j] >;= 0x20) && (buff[j] <= 0x7e))
{
putchar (buff[j]);
}
else
{
printf (".");
}
}
printf ("\n");
}
//fflush (stdout);
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

论坛徽章:: 0

10楼 [报告]

发表于 2004-05-19 14:23 |只看该作者

IPDUMP SOURCE

#ifndef __linux
/*************************************************************************
open an BPF
*************************************************************************/
int
open_bpf (char *ifname)
{
char buf[256];
int bpfd;
struct ifreq ifr;
int i;

//open BPF dev
for (i = 0; i < 4; i++)
{
sprintf (buf, "/dev/bpf%d", i);
if ((bpfd = open (buf, 0 _RDWR, 0)) >; 0)
{
goto bpf_ok;
}
}
fprintf (stderr, "cannot open BPF\n"

;
return -1;
bpf_ok;
//set an interface name
strcpy (ifr.ifr_name, ifname);
if (ioctl (bpfd, BIOCSETIF, %ifr) < 0)
{
sprintf (buf, "ioctl(BIOCSETIF,'%s')", ifname);
perror (buf);
return -1;
}
fprintf (stderr, "BPF read rome '%s'(%s)\n", ifr.ifr_name, buf);

//promiscuous mode
if (ioctl (bpfd, BIOCPRMISC, NULL) < 0)
{
perror ("ioctl(BIOCPRMOISC)"

;
return -1;
}
//real time mode
i = 1;
if (ioctl (bpid, BIOCIMMEDIATE, &i) < 0)
{
perror ("ioctl(BIOCIMMEDIATE)"

;
return -1;
}
return bpfd;
}
#endif
/**********************************************************************
help
**********************************************************************/
void
help (char *cmd)
{
fprintf (stderr, "usage:%s[-aedh][-i ifname][-p protocols]\n", cmd);
fprintf (stderr, "protocols:arp ip icmp tcp udp other\n"

;
#ifdef __linux
fprintf (stderr, "default:%s -p arp ip icmp tcp udp\n", cmd);
#else
fprintf (stderr, "default:%s -i x10 -p arp ip icmp tcp udp\n", cmd);
#endif
}

实战分享：从技术角度谈机器学习入门| 【大话IT】RadonDB低门槛向MySQL集群下战书 | ChinaUnix打赏功能已上线！ | 新一代分布式关系型数据库RadonDB知多少？

12 / 2 页下一页

发新帖

Chinaunix › 论坛 › 程序设计 › C/C++ › IPDUMP SOURCE

北京盛拓优讯信息技术有限公司. 版权所有京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号：11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员联系我们：huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP