网络数据分析器
2015-08-19 14:42
399 查看
/*
* =====================================================================================
*
* Filename:
*
* Description:
*
* Version: 1.0
* Created: 2015年03月10日 11时44分14秒
* Revision: none
* Compiler: gcc
*
* Author: Dr. moshui (no_water), 276908080@qq.com
* Organization:
*
* =====================================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netinet/ether.h>
int main(int argc,char *argv[])
{
int i = 0;
unsigned char buf[1024] = "";
unsigned char type[10] = {1, 6, 17};//ICMP->1、TCP->6、UDP->17
char name[10][128] = {"ICMP", "TCP", "UDP"};
int sock_raw_fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
while(1)
{
unsigned char src_mac[18] = "";
unsigned char dst_mac[18] = "";
unsigned char dst_ip[16] = "";
unsigned char src_ip[16] = "";
//获取链路层的数据帧
recvfrom(sock_raw_fd, buf, sizeof(buf),0,NULL,NULL);
//从buf里提取目的mac、源mac
sprintf(dst_mac,"%02x:%02x:%02x:%02x:%02x:%02x", buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
sprintf(src_mac,"%02x:%02x:%02x:%02x:%02x:%02x", buf[6], buf[7], buf[8], buf[9], buf[10], buf[11]);
//判断是否为IP数据包
if(buf[12]==0x08 && buf[13]==0x00)
{
printf("______________IP数据报_______________\n");
printf("MAC:%s >> %s\n",src_mac,dst_mac);
//获取源IP、目的IP
sprintf(src_ip,"%d:%d:%d:%d", buf[26], buf[27], buf[28], buf[29]);
sprintf(dst_ip,"%d:%d:%d:%d", buf[30], buf[31], buf[32], buf[33]);
printf("IP:%s >> %s\n",src_ip,dst_ip);
for(i=0;i<10;i++)
{
if(buf[23] == type[i])
{
printf("协议类别:%s\n",name[i]);
}
}
}//判断是否为ARP数据包
else if(buf[12]==0x08 && buf[13]==0x06)
{
printf("______________ARP数据报_______________\n");
printf("MAC:%s >> %s\n",src_mac,dst_mac);
//获取源IP、目的IP
sprintf(src_ip,"%d:%d:%d:%d", buf[28], buf[29], buf[30], buf[31]);
sprintf(dst_ip,"%d:%d:%d:%d", buf[38], buf[39], buf[40], buf[41]);
printf("IP:%s >> %s\n",src_ip,dst_ip);
}//判断是否为RARP数据包
else if(buf[12]==0x80 && buf[13]==0x35)
{
printf("______________RARP数据报_______________\n");
printf("MAC:%s>>%s\n",src_mac,dst_mac);
//获取源IP、目的IP(RARP报文格式与ARP报文格式一样)
sprintf(src_ip,"%d:%d:%d:%d", buf[28], buf[29], buf[30], buf[31]);
sprintf(dst_ip,"%d:%d:%d:%d", buf[38], buf[39], buf[40], buf[41]);
printf("IP:%s>>%s\n",src_ip,dst_ip);
}
}
return 0;
}
* =====================================================================================
*
* Filename:
*
* Description:
*
* Version: 1.0
* Created: 2015年03月10日 11时44分14秒
* Revision: none
* Compiler: gcc
*
* Author: Dr. moshui (no_water), 276908080@qq.com
* Organization:
*
* =====================================================================================
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netinet/ether.h>
int main(int argc,char *argv[])
{
int i = 0;
unsigned char buf[1024] = "";
unsigned char type[10] = {1, 6, 17};//ICMP->1、TCP->6、UDP->17
char name[10][128] = {"ICMP", "TCP", "UDP"};
int sock_raw_fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
while(1)
{
unsigned char src_mac[18] = "";
unsigned char dst_mac[18] = "";
unsigned char dst_ip[16] = "";
unsigned char src_ip[16] = "";
//获取链路层的数据帧
recvfrom(sock_raw_fd, buf, sizeof(buf),0,NULL,NULL);
//从buf里提取目的mac、源mac
sprintf(dst_mac,"%02x:%02x:%02x:%02x:%02x:%02x", buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
sprintf(src_mac,"%02x:%02x:%02x:%02x:%02x:%02x", buf[6], buf[7], buf[8], buf[9], buf[10], buf[11]);
//判断是否为IP数据包
if(buf[12]==0x08 && buf[13]==0x00)
{
printf("______________IP数据报_______________\n");
printf("MAC:%s >> %s\n",src_mac,dst_mac);
//获取源IP、目的IP
sprintf(src_ip,"%d:%d:%d:%d", buf[26], buf[27], buf[28], buf[29]);
sprintf(dst_ip,"%d:%d:%d:%d", buf[30], buf[31], buf[32], buf[33]);
printf("IP:%s >> %s\n",src_ip,dst_ip);
for(i=0;i<10;i++)
{
if(buf[23] == type[i])
{
printf("协议类别:%s\n",name[i]);
}
}
}//判断是否为ARP数据包
else if(buf[12]==0x08 && buf[13]==0x06)
{
printf("______________ARP数据报_______________\n");
printf("MAC:%s >> %s\n",src_mac,dst_mac);
//获取源IP、目的IP
sprintf(src_ip,"%d:%d:%d:%d", buf[28], buf[29], buf[30], buf[31]);
sprintf(dst_ip,"%d:%d:%d:%d", buf[38], buf[39], buf[40], buf[41]);
printf("IP:%s >> %s\n",src_ip,dst_ip);
}//判断是否为RARP数据包
else if(buf[12]==0x80 && buf[13]==0x35)
{
printf("______________RARP数据报_______________\n");
printf("MAC:%s>>%s\n",src_mac,dst_mac);
//获取源IP、目的IP(RARP报文格式与ARP报文格式一样)
sprintf(src_ip,"%d:%d:%d:%d", buf[28], buf[29], buf[30], buf[31]);
sprintf(dst_ip,"%d:%d:%d:%d", buf[38], buf[39], buf[40], buf[41]);
printf("IP:%s>>%s\n",src_ip,dst_ip);
}
}
return 0;
}
相关文章推荐
- httpd.conf 禁止运行PHP和html页面
- Linux网络编程下send到一个disconnected socket上
- springmvc使用和经验总结(长沙师说网络科技有限公司)
- 网络系统设计过程
- Android 判断用户2G/3G/4G移动数据网络
- ftp,http,https有啥区别?
- httpd源码分析
- ZOJ 3814 Sawtooth Puzzle (2014年牡丹江赛区网络赛F题)
- HTTP 错误 404.2 - Not Found
- HTTP 错误 404.17 - Not Found
- TCP/IP,http,socket,长连接,短连接
- linux socket网络编
- iOS网络-02-数据解析(JSON与XML)
- HttpClient post 请求实例
- Python入门网络爬虫之精华版
- 【转】 VC中TCP实现 异步套接字编程的原理+代码
- Linux————TCP/IP协议
- iOS网络-01-NSURLRequest与NSURLConnection
- 网络爬虫简单原理
- httpclient模拟登陆,不支持https的问题