코스웨어/15년 스마트컨트롤러
20150522 packet analyzer 소스코드
알 수 없는 사용자
2015. 5. 22. 17:15
#include <stdio.h>
#include <pcap/pcap.h>
#include <net/ethernet.h>
#include <arpa/inet.h>
#include <netinet/ip.h>
void printIP(const void *vp);
void printEther(const void *vp);
void hexaview(const void *vp, unsigned int uilen);
int main(void)
{
char *cpNICNAME;
char caErrmsg[PCAP_ERRBUF_SIZE];
pcap_t *stpDS;
const unsigned char *ucpData;
struct pcap_pkthdr stInfo;
cpNICNAME = pcap_lookupdev(caErrmsg);
if( 0 == cpNICNAME )
{
printf("caErrmsg : [%s] \n", caErrmsg);
return 100;
}
printf("cpNICNAME : [%s] \n", cpNICNAME);
stpDS = pcap_open_live( cpNICNAME , 1500 , 1 , 0 , caErrmsg );
ucpData = pcap_next(stpDS, &stInfo);
printEther(ucpData);
if( ETH_P_IP == ntohs( *((short *)(ucpData + 12) ) ) )
{
printIP(ucpData + sizeof(struct ether_header));
}
hexaview(ucpData, 400);
pcap_close(stpDS);
return 0;
}
void printIP(const void *vp)
{
const struct ip *v = vp;
printf("IP version : %d \n", v->ip_v);
printf("Header Length : %d byte \n", v->ip_hl * 4);
printf("Type of Service : 0x%02X \n", v->ip_tos);
printf("Total Length : %d byte \n", ntohs(v->ip_len));
printf("Src IP : %s \n", inet_ntoa(v->ip_src));
printf("Dst IP : %s \n", inet_ntoa(v->ip_dst));
}
void printEther(const void *vp)
{
int iCnt;
printf("Dest MAC : ");
for(iCnt = 0; iCnt < ETH_ALEN; iCnt++)
{
printf("%02X", ((struct ether_header *)vp)->ether_dhost[iCnt]);
printf(":");
}
printf("\b \n");
printf("Src MAC : ");
for(iCnt = 0; iCnt < ETH_ALEN; iCnt++)
{
printf("%02X", ((struct ether_header *)vp)->ether_shost[iCnt]);
printf(":");
}
printf("\b \n");
printf("Next Layer : ");
switch( ntohs( ((struct ether_header *)vp)->ether_type ))
{
case ETH_P_LOOP :
printf("Ethernet Loopback packet");
break;
case ETH_P_PUP :
printf("Xerox PUP packet");
break;
case ETH_P_PUPAT :
printf("Xerox PUP Addr Trans packet");
break;
case ETH_P_IP :
printf("Internet Protocol packet");
break;
case ETH_P_X25 :
printf("CCITT X.25");
break;
case ETH_P_ARP :
printf("Address Resolution packet");
break;
case ETH_P_BPQ :
printf("G8BPQ AX.25 Ethernet Packet [ NOT AN OFFICIALLY REGISTERED ID ]");
break;
case ETH_P_IEEEPUP :
printf("Xerox IEEE802.3 PUP packet");
break;
case ETH_P_IEEEPUPAT :
printf("Xerox IEEE802.3 PUP Addr Trans packet");
break;
case ETH_P_DEC :
printf("DEC Assigned proto");
break;
case ETH_P_DNA_DL :
printf("DEC DNA Dum");
break;
case ETH_P_DNA_RC :
printf("DEC DNA Remote Console");
break;
case ETH_P_DNA_RT :
printf("DEC DNA Routing");
break;
case ETH_P_LAT :
printf("DEC LAT");
break;
case ETH_P_DIAG :
printf("DEC Diagnostics");
break;
case ETH_P_CUST :
printf("DEC Customer use");
break;
case ETH_P_SCA :
printf("DEC Systems Comms Arch");
break;
case ETH_P_TEB :
printf("Trans Ether Bridging");
break;
case ETH_P_RARP :
printf("Reverse Addr Res packet");
break;
case ETH_P_ATALK :
printf("Appletalk DDP");
break;
case ETH_P_AARP :
printf("Appletalk AARP");
break;
case ETH_P_8021Q :
printf("802.1Q VLAN Extended Header");
break;
case ETH_P_IPX :
printf("IPX over DIX");
break;
case ETH_P_IPV6 :
printf("IPv6 over bluebook");
break;
case ETH_P_PAUSE :
printf("IEEE Pause frames. See 802.3 31B");
break;
case ETH_P_SLOW :
printf("Slow Protocol. See 802.3ad 43B");
break;
case ETH_P_WCCP :
printf("Web-cache coordination protocol defined in draft-wilson-wrec-wccp-v2-00.txt");
break;
case ETH_P_PPP_DISC :
printf("PPPoE discovery messages");
break;
case ETH_P_PPP_SES :
printf("PPPoE session messages");
break;
case ETH_P_MPLS_UC :
printf("MPLS Unicast traffic");
break;
case ETH_P_MPLS_MC :
printf("MPLS Multicast traffic");
break;
case ETH_P_ATMMPOA :
printf("MultiProtocol Over ATM");
break;
case ETH_P_LINK_CTL :
printf("HPNA, wlan link local tunnel");
break;
case ETH_P_ATMFATE :
printf("Frame-based ATM Transport over Ethernet");
break;
case ETH_P_PAE :
printf("Port Access Entity (IEEE 802.1X)");
break;
case ETH_P_AOE :
printf("ATA over Ethernet");
break;
case ETH_P_8021AD :
printf("802.1ad Service VLAN");
break;
case ETH_P_TIPC :
printf("TIPC");
break;
case ETH_P_8021AH :
printf("802.1ah Backbone Service Tag");
break;
case ETH_P_1588 :
printf("IEEE 1588 Timesync");
break;
case ETH_P_FCOE :
printf("Fibre Channel over Ethernet");
break;
case ETH_P_TDLS :
printf("TDLS");
break;
case ETH_P_FIP :
printf("FCoE Initialization Protocol");
break;
case ETH_P_QINQ1 :
printf("deprecated QinQ VLAN [ NOT AN OFFICIALLY REGISTERED ID ]");
break;
case ETH_P_QINQ2 :
printf("deprecated QinQ VLAN [ NOT AN OFFICIALLY REGISTERED ID ]");
break;
case ETH_P_QINQ3 :
printf("deprecated QinQ VLAN [ NOT AN OFFICIALLY REGISTERED ID ]");
break;
case ETH_P_EDSA :
printf("Ethertype DSA [ NOT AN OFFICIALLY REGISTERED ID ]");
break;
case ETH_P_AF_IUCV :
printf("IBM af_iucv [ NOT AN OFFICIALLY REGISTERED ID ]");
break;
case ETH_P_802_3 :
printf("Dummy type for 802.3 frames");
break;
case ETH_P_AX25 :
printf("Dummy protocol id for AX.25");
break;
case ETH_P_ALL :
printf("Every packet (be careful!!!)");
break;
case ETH_P_802_2 :
printf("802.2 frames");
break;
case ETH_P_SNAP :
printf("Internal only");
break;
case ETH_P_DDCMP :
printf("DEC DDCMP: Internal only");
break;
case ETH_P_WAN_PPP :
printf("Dummy type for WAN PPP frames");
break;
case ETH_P_PPP_MP :
printf("Dummy type for PPP MP frames");
break;
case ETH_P_LOCALTALK :
printf("Localtalk pseudo type");
break;
case ETH_P_CAN :
printf("Controller Area Network");
break;
case ETH_P_PPPTALK :
printf("Dummy type for Atalk over PPP");
break;
case ETH_P_TR_802_2 :
printf("802.2 frames");
break;
case ETH_P_MOBITEX :
printf("Mobitex (kaz@cafe.net)");
break;
case ETH_P_CONTROL :
printf("Card specific control frames");
break;
case ETH_P_IRDA :
printf("Linux-IrDA");
break;
case ETH_P_ECONET :
printf("Acorn Econet");
break;
case ETH_P_HDLC :
printf("HDLC frames");
break;
case ETH_P_ARCNET :
printf("1A for ArcNet :-)");
break;
case ETH_P_DSA :
printf("Distributed Switch Arch.");
break;
case ETH_P_TRAILER :
printf("Trailer switch tagging");
break;
case ETH_P_PHONET :
printf("Nokia Phonet frames");
break;
case ETH_P_IEEE802154 :
printf("IEEE802.15.4 frame");
break;
case ETH_P_CAIF :
printf("ST-Ericsson CAIF protocol");
break;
}
putchar('\n');
}
void hexaview(const void *vp, unsigned int uilen)
{
unsigned int uiCnt;
unsigned int uiLine;
printf("==============================================================================\n");
printf(" Address Hexa ASCII\n");
printf("------------------------------------------------------------------------------\n");
for (uiLine = 0; uiLine < uilen; uiLine = uiLine + 16)
{
printf(" %08X ", uiLine);//vp);
for (uiCnt = 0; uiCnt < 16; ++uiCnt)
{
printf("%02X ", *((unsigned char *)vp));
vp = (char *)vp + 1;
if (uiCnt == 7) putchar(' ');
}
vp = (char *)vp - 16;
putchar(' ');
for (uiCnt = 0; uiCnt < 16; ++uiCnt)
{
if (32 > *((unsigned char *)vp))
{
putchar('.');
}
else if (127 < *((unsigned char *)vp))
{
putchar('.');
}
else
{
printf("%c", *((unsigned char *)vp));
}
vp = (char *)vp + 1;
}
putchar('\n');
}
return;
}
|
