Chinaunix首页 | 论坛 | 博客

Keepfvcking!zooyo.blog.chinaunix.net

首页 |  博文目录 |  关于我

zooyo

  • 博客访问: 3024154
  • 博文数量: 272
  • 博客积分: 5544
  • 博客等级: 大校
  • 技术积分: 5496
  • 用 户 组: 普通用户
  • 注册时间: 2011-03-08 00:48
个人简介

  每个人都要有一个骨灰级的爱好,不为金钱,而纯粹是为了在这个领域享受追寻真理的快乐。

文章分类

全部博文(272)

文章存档

2015年(2)

2014年(5)

2013年(25)

2012年(58)

2011年(182)

我的朋友
最近访客
推荐博文
相关博文
ICMP类型统计代码

分类: LINUX

2012-05-29 16:24:12
  1. /*
  2. 记录icmp_tpye类型数据包接收的数量。
  3. kill -SIGHUP $(pidof filename) 生成文件
  4. kill -SIGQUIT $(pidof filename) 退出程序
  5. 程序在接收到SIGHUP信号后在当前目录下生成result文件,
  6. 接收SIGQUIT信号后退出程序,并删除result文件。
  7. */

  9. #include <pcap.h>
  10. #include <stdio.h>
  11. #include <stdlib.h>
  12. #include <signal.h>
  13. #include <string.h>
  14. #include <linux/if_ether.h>
  15. #include <linux/ip.h>
  16. #include <linux/icmp.h>

  18. #define SNAP_LEN 1518        /*数据包最大长度*/
  19. #define MIN_LEN    (sizeof(struct ethhdr) + sizeof(struct iphdr) \
  20.                  + sizeof(struct icmphdr))        /* 所分析的数据包最小长度 避免访问到空指针 */
  21. #define ICMP_TPYE 19        /* icmp_tpye的类型为0~18 */
  22. #define MAXBUFSIZE 1024        /* 路径数组的长度 */

  24. static pcap_t *handle;
  25. static struct bpf_program fp;
  26. static unsigned int count[ICMP_TPYE];
  27. //static int fd;
  28. static FILE *fd;
  29. static char path[MAXBUFSIZE];

  31. static void Exit_Free()
  32. {
  33.     /* cleanup */
  34.     pcap_freecode(&fp);
  35.     pcap_close(handle);
  36.     unlink(path);
  37.     exit(EXIT_SUCCESS);
  38. }

  40. static void Print_Count()
  41. {
  42.     int i, len;
  43.     char buffer[256] = {0};

  45. #if 0
  46.     if ((fd = open(path, O_CREAT|O_WRONLY|O_TRUNC, 0644)) == -1)    exit(EXIT_FAILURE);
  47.     for(i=0; i<ICMP_TPYE; i++){
  48.         if ((len = snprintf(buffer, sizeof(buffer)-1,
  49.             "The Tpye: %2d, Count: %d\n", i, count[i])) == -1)    exit(EXIT_FAILURE);
  50.         if (write(fd, buffer, len) != len)    exit(EXIT_FAILURE);
  51.     }
  52.     close(fd);
  53. #endif

  55.     if ((fd = fopen(path, "w")) == NULL)    exit(EXIT_FAILURE);
  56.     for(i=0; i<ICMP_TPYE; i++){
  57.         fprintf(fd, "The Tpye: %2d, Count: %d\n", i, count[i]);
  58.     }
  59.     fclose(fd);
  60. }

  62. static void packet_callback(u_char *args, const struct pcap_pkthdr *header,
  63.                             const u_char *packet)
  64. {
  65.     struct icmphdr *ih;
  66.     size_t qlen, hlen;
  67.     
  68.     /* 长度校验 */
  69.     if (header->caplen < MIN_LEN)    return;
  70.     /* 取得ICMP报文首部地址 */
  71.     hlen = MIN_LEN - sizeof(struct icmphdr);
  72.     /* 获得icmphdr头部指针地址 */
  73.     packet += hlen;
  74.     ih = (struct icmphdr *)packet;
  75.     /* 计数统计 */
  76.     count[ih->type]++;
  77.     return;
  78. }

  80. int main(int argc, char **argv)
  81. {
  82.     char *dev = NULL;            /* capture device name */
  83.     char filter_exp[] = "icmp";        /* filter expression [3] */
  84.     char errbuf[PCAP_ERRBUF_SIZE];        /* error buffer */
  85.     bpf_u_int32 mask;            /* subnet mask */
  86.     bpf_u_int32 net;            /* ip */
  87.     int num_packets = -1;        /* 包捕获的数量,-1为无限捕获 */
  88.     
  89. //    unsigned int *count = (unsigned int *)malloc(ICMP_TPYE * sizeof(unsigned int));
  90. //    memset(count, 0, sizeof(unsigned int));
  91.         
  92.     /* check for capture device name on command-line */
  93.     if (argc == 2) {
  94.         dev = argv[1];
  95.     } else if (argc > 2) {
  96.         fprintf(stderr, "error: unrecognized command-line options\n\n");
  97.         exit(EXIT_FAILURE);
  98.     } else {
  99.         /* find a capture device if not specified on command-line */
  100.         dev = pcap_lookupdev(errbuf);
  101.         if (dev == NULL) {
  102.             fprintf(stderr, "Couldn't find default device: %s\n",
  103.                     errbuf);
  104.             exit(EXIT_FAILURE);
  105.         }
  106.     }

  108. #if 0
  109.     printf("Device: %s\n", dev);
  110.     printf("Number of packets: %d\n", num_packets);
  111.     printf("Filter expression: %s\n", filter_exp);
  112. #endif

  114.     

  116.     /* get network number and mask associated with capture device */
  117.     if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
  118.         fprintf(stderr, "Couldn't get netmask for device %s: %s\n",
  119.                 dev, errbuf);
  120.         net = 0;
  121.         mask = 0;
  122.     }
  123.     
  124.     /* open capture device */
  125.     handle = pcap_open_live(dev, SNAP_LEN, 1, 1000, errbuf);
  126.     if (handle == NULL) {
  127.         fprintf(stderr, "Couldn't open device %s: %s\n",
  128.                 dev, errbuf);
  129.         exit(EXIT_FAILURE);
  130.     }

  132.     /* make sure we're capturing on an Ethernet device [2] */
  133.     if (pcap_datalink(handle) != DLT_EN10MB) {
  134.         fprintf(stderr, "%s is not an Ethernet\n", dev);
  135.         exit(EXIT_FAILURE);
  136.     }

  138.     /* compile the filter expression */
  139.     if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
  140.         fprintf(stderr, "Couldn't parse filter %s: %s\n",
  141.          filter_exp, pcap_geterr(handle));
  142.         exit(EXIT_FAILURE);
  143.     }

  145.     /* apply the compiled filter */
  146.     if (pcap_setfilter(handle, &fp) == -1) {
  147.         fprintf(stderr, "Couldn't install filter %s: %s\n",
  148.          filter_exp, pcap_geterr(handle));
  149.         exit(EXIT_FAILURE);
  150.     }
  151.     
  152.     /* 接收到信号触发函数 */
  153.     signal(SIGHUP, Print_Count);
  154.     signal(SIGQUIT, Exit_Free);
  155.     
  156.     /* 获得当前路径 */
  157.     getcwd(path, MAXBUFSIZE);
  158.     strcat(path,"/result");
  159.     daemon(0, 0);
  160.     
  161.     /* now we can set our callback function */
  162.     pcap_loop(handle, num_packets, packet_callback, NULL);

  164.     return 0;
  165. }

阅读(2487) | 评论(0) | 转发(0) |
0

上一篇:MTU MSS PPPoE 的关系

下一篇:mkdir()创建多级目录

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6