#include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <pcap.h>
#include <netinet/if_ether.h>
#define FALSE 0 #define TRUE 1 #define MAC_ALEN 6
/*********************************/ #define IP_PROTO_TCP 6 #define IP_PROTO_UDP 17
#define SYSTEM_IP inet_addr("10.8.0.27")
#define TCP_HLEN(pTcp) ((pTcp->hlen & 0xf0) >> 2) #define TCP_DATA(pTcp) ((char *)pTcp+TCP_HLEN(pTcp))
typedef signed char BOOL;
typedef unsigned char UINT1; typedef unsigned short UINT2; typedef unsigned long UINT4; typedef unsigned long long int UINT8;
typedef struct __st_ether { UINT1 dest[MAC_ALEN]; UINT1 src[MAC_ALEN]; UINT2 proto; UINT1 data[1]; } tEther;
typedef struct __st_ip { UINT1 hlen; UINT1 tos; UINT2 len; UINT2 ipid; UINT2 flagoff; UINT1 ttl; UINT1 proto; UINT2 cksum; UINT4 src; UINT4 dest; UINT1 data[1]; }tIp;
typedef struct __st_tcp { UINT2 sport; UINT2 dport; UINT4 seq; UINT4 ack; UINT1 hlen; UINT1 code; UINT2 window; UINT2 chsum; UINT2 urg; char data[1]; }tTcp;
typedef struct __st_udp { UINT2 sport; UINT2 dport; UINT2 len; UINT2 cksum; char data[1]; }tUdp;
void proc_pkt(u_char *user, const struct pcap_pkthdr *hp, const u_char *packet);
char *inet_htoa(UINT4 ipaddr);
//UINT4 system_ip;
//system_ip = inet_addr("10.8.0.27");
int main(int argc, char **argv) { char *dev = NULL; pcap_t *descr; struct pcap_pkthdr hdr; u_char *packet; char errbuf[PCAP_ERRBUF_SIZE]; int promisc = 0; int pcap_time_out = 100;
struct tEther *pEpkt;
bpf_u_int32 net, mask;
dev = pcap_lookupdev(errbuf);
pcap_lookupnet(dev, &net, &mask, errbuf);
pcap_open_live(dev, 3000, 1, 100, errbuf);
net = ntohl(net); mask = ntohl(mask);
descr = pcap_open_live(dev,BUFSIZ,promisc,pcap_time_out,errbuf);
pcap_loop (descr, -1, proc_pkt, NULL);
printf("Net [%s], mask [%s]\n", inet_htoa(net), inet_htoa(mask));
//printf("%s\n", dev);
return 0; }
void proc_pkt(u_char *user, const struct pcap_pkthdr *hp, const u_char *packet) { tEther *pEther; tIp *pIp;
pEther = (tEther *)packet;
if (ntohs(pEther->proto) == ETHERTYPE_IP) { //printf("Get a ip pkt\n");
//pIp = (tIp *)(packet + sizeof(tEther));
pIp = (tIp *)pEther->data;
if (pIp->dest == SYSTEM_IP || pIp->src == SYSTEM_IP) { //printf("fasfd");
return ; } //printf("Src ip [%s], dest ip [%s], proto [%d]\n", inet_htoa(ntohl(pIp->src)), inet_htoa(ntohl(pIp->dest)), pIp->proto);
if (pIp->proto == IP_PROTO_TCP) { tTcp *pTcp; char *tcp_data; char *pNext; char *http_get; int get_len; int host_len; char *http_host; char *tmp; char *tmp1 = NULL;
pTcp = (tTcp *)pIp->data;
tcp_data = (char *)pTcp->data; //tcp_data = TCP_DATA(pTcp);
if (pTcp->dport == htons(80)) { //printf("This is http pkt, dport [%d]\n", ntohs(pTcp->dport));
pNext = strstr(tcp_data, " HTTP/1."); if (pNext == NULL) return ;
*pNext = '\0'; http_get = tcp_data + 4; get_len = pNext - http_get; tmp = strstr(pNext+1, "Host: "); if (tmp == NULL) return ;
http_host = tmp + 6; tmp1 = strchr(http_host, '\r');
if (tmp1 == NULL) return ;
*tmp1 = '\0'; host_len = tmp1 - http_host; printf("Host [%s], host_len [%d]\n", http_host, host_len); } //printf("%5s %19s %19s %8d %8d\n", "tcp", inet_htoa(ntohl(pIp->src)), inet_htoa(ntohl(pIp->dest)), ntohs(pTcp->sport), ntohs(pTcp->dport));
} else if (pIp->proto == IP_PROTO_UDP) { tUdp *pUdp; pUdp = (tUdp *)pIp->data; //printf("%5s %19s %19s %8d %8d\n", "udp",inet_htoa(ntohl(pIp->src)), inet_htoa(ntohl(pIp->dest)), ntohs(pUdp->sport), ntohs(pUdp->dport));
} }
return ; }
char *inet_htoa(UINT4 ipaddr) { static char buf[10][20]; static int index=0; UINT1 t1; BOOL bFlag = FALSE; char *pbuf = buf[index];
t1 = (ipaddr >> 24) & 0xff; *pbuf = (t1 / 100); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; bFlag = TRUE; } *pbuf = ((t1 / 10) % 10); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; } else if (bFlag) { *pbuf += 0x30; pbuf++; } *pbuf++ = (t1 % 10) + 0x30; *pbuf++ = '.';
/******************************/ bFlag = FALSE; t1 = (ipaddr >> 16) & 0xff; *pbuf = (t1 / 100); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; bFlag = TRUE; } *pbuf = ((t1 / 10) % 10); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; } else if (bFlag) { *pbuf += 0x30; pbuf++; } *pbuf++ = (t1 % 10) + 0x30; *pbuf++ = '.';
/******************************/ bFlag = FALSE; t1 = (ipaddr >> 8) & 0xff; *pbuf = (t1 / 100); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; bFlag = TRUE; } *pbuf = ((t1 / 10) % 10); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; } else if (bFlag) { *pbuf += 0x30; pbuf++; } *pbuf++ = (t1 % 10) + 0x30; *pbuf++ = '.';
/******************************/ bFlag = FALSE; t1 = ipaddr & 0xff; *pbuf = (t1 / 100); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; bFlag = TRUE; } *pbuf = ((t1 / 10) % 10); if (*pbuf != 0) { *pbuf += 0x30; pbuf++; } else if (bFlag) { *pbuf += 0x30; pbuf++; } *pbuf++ = (t1 % 10) + 0x30; *pbuf = '\0';
pbuf = buf[index++]; index = index % 10; return pbuf; }
|