📄 probepacket.cpp
字号:
// ProbePacket.cpp: implementation of the ProbePacket class.
//
//////////////////////////////////////////////////////////////////////
#include "stdafx.h"
#include "CCAMSC.h"
#include "ProbePacket.h"
#ifdef _DEBUG
#undef THIS_FILE
static char THIS_FILE[]=__FILE__;
#define new DEBUG_NEW
#endif
//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////
ProbePacket::ProbePacket()
{
}
void ProbePacket::parcket_handle(u_char * user,const struct pcap_pkthdr *h,const u_char * p)
{
struct tm * tm=localtime(&h->ts.tv_sec);
char buffer[256];
std::string l_strPacket("");
int flag =0;//is local ip
int port=0;
//time
memset(buffer,0,256);
sprintf(buffer,"%d:%d:%d",tm->tm_hour,tm->tm_min,tm->tm_sec);
l_strPacket+=buffer;
//保存数据
byte * data=new byte[h->len];
memcpy(data,p,h->len);
//add lable NET and repeat
l_strPacket+=" NET 1 ";
//包的类型
memset(buffer,0,256);
sizeof(buffer);
sprintf(buffer,"0x%02X%02X",p[12],p[13]);
if(strcmp(buffer,IP)==0){//IP数据包
PROTOCOL_DEFINE::IP_HEADER * ip=(PROTOCOL_DEFINE::IP_HEADER *)(p+14);
char t_localip[16];
memset(t_localip,0,16);
memset(buffer,0,256);
sprintf(buffer,"%d.%d.%d.%d",ip->src_addr[0],ip->src_addr[1],ip->src_addr[2],ip->src_addr[3]);
if ( glocalIP.GetLocalIpAddr(t_localip, sizeof(t_localip)) )
if(strcmp(buffer,t_localip)){
l_strPacket+="OUT ";
flag=1;
}
else{
l_strPacket+="IN ";
flag=0;
}
//协议
memset(buffer,0,256);
switch(ip->protocol)
{
case ICMP:
strcpy(buffer,"ICMP");
break;
case TCP:
strcpy(buffer,"TCP");
break;
case UDP:
strcpy(buffer,"UDP");
break;
default:
sprintf(buffer," OTHER");
break;
}
//TIME NET REPEAT IN OUT TCP FLAG IP PORT SIZE
int len=PROTOCOL_DEFINE::get_IP_HEADER_length(ip);
PROTOCOL_DEFINE::TCP_HEADER * tcp=(PROTOCOL_DEFINE::TCP_HEADER *)((DWORD)ip+len);
if (strcmp(buffer,"TCP")) {
l_strPacket+=buffer;
int control=tcp->offset_reser_con[1]&63;
memset(buffer,0,256);
sprintf(buffer,"%d",control);
l_strPacket=l_strPacket+" "+buffer;
}
else
{
strcat(buffer," 0 ");
l_strPacket+=buffer;
}
if (!flag) {
//目标地址
memset(buffer,0,256);
sprintf(buffer,"%d.%d.%d.%d",ip->des_addr[0],ip->des_addr[1],ip->des_addr[2],ip->des_addr[3]);
l_strPacket+=" ";
l_strPacket+=buffer;
l_strPacket+=" ";
//目标端口
memset(buffer,0,256);
port=tcp->des_port[0]*0x100+tcp->des_port[1];
sprintf(buffer,"%d",port);
l_strPacket+=" ";
l_strPacket+=buffer;
l_strPacket+=" ";
}
else{
//源地址
memset(buffer,0,256);
sprintf(buffer,"%d.%d.%d.%d",ip->src_addr[0],ip->src_addr[1],ip->src_addr[2],ip->src_addr[3]);
l_strPacket+=" ";
l_strPacket+=buffer;
l_strPacket+=" ";
//源端口
memset(buffer,0,256);
port=tcp->src_port[0]*0x100+tcp->src_port[1];
sprintf(buffer,"%d",port);
l_strPacket+=" ";
l_strPacket+=buffer;
l_strPacket+=" ";
}
//包的大小
memset(buffer,0,256);
sprintf(buffer,"%d",h->len);
l_strPacket+=buffer;
l_strPacket+="\n";
EnterCriticalSection(&gCriticalSectionForPrtBuff);
PtrBuffWrite->str+=l_strPacket;
PtrBuffWrite->len+=l_strPacket.size();
LeaveCriticalSection(&gCriticalSectionForPrtBuff);
// AfxMessageBox(l_strPacket.c_str());
}
}
bool ProbePacket::StartProbe(int NICid)
{
pcap_if_t *alldevs,*l_dev;
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t *fp=NULL;
//取得网络设备列表
if(pcap_findalldevs(&alldevs, errbuf) == -1)
{
AfxMessageBox("Error in pcap_findalldevs");
return FALSE;
}
l_dev=alldevs;
for(int i=0;i<NICid;i++)
{
l_dev=l_dev->next;
}
if ( (fp= pcap_open_live(l_dev->name, 68, 0, 1000, errbuf) ) == NULL)
{
AfxMessageBox("PCAP error: Error opening the adapter");
return FALSE;
}
if(pcap_loop(fp,-1,parcket_handle,NULL))
{
AfxMessageBox("pcap_loop error !" );
return FALSE;
}
pcap_close(fp);
}
ProbePacket::~ProbePacket()
{
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -