📄 430.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="317.htm">上一层</a>][<a href="431.htm">下一篇</a>]
<hr><p align="left"><small>/* <br>
** 简单的窃听器,看看同网段有些什么类型的包,for linux <br>
** 很容易看出谁在搜proxy,或者干同icmp有关的坏事;) <br>
** 原作:hp,整理:digger, redhat 5.1编译通过 <br>
*/ <br>
<br>
#include <stdio.h> <br>
#include <string.h> <br>
#include <netdb.h> <br>
#include <arpa/inet.h> <br>
#include <netinet/in.h> <br>
#include <sys/types.h> <br>
#include <sys/socket.h> <br>
#include <sys/ioctl.h> <br>
#include <net/if.h> <br>
#include <signal.h> <br>
#include <netinet/ip.h> <br>
<br>
#define __FAVOR_BSD <br>
#include <netinet/tcp.h> <br>
<br>
#define IP_ICMP 1 <br>
#define IP_TCP 6 <br>
#define IP_UDP 17 <br>
<br>
#define PACKET_SIZE 4096 <br>
<br>
void leave(); <br>
<br>
int fd_recv = -1; // socket fd for receive packets <br>
struct ifreq ifr, ifr_old; // ifr structure <br>
<br>
main(int argc, char *argv[]) <br>
{ <br>
char device[] = "hme0"; // ethernet device name <br>
char protocol[16]; <br>
u_char buf_recv[PACKET_SIZE]; // buffer for receive <br>
u_short i = 0; // packet number <br>
int ihl; <br>
u_short port = 0; // if it is tcp, udp <br>
struct iphdr * ip; <br>
struct tcphdr * tcp; <br>
struct in_addr in1, in2; <br>
int from_len, datalen; <br>
struct sockaddr from; <br>
<br>
fd_recv = socket(AF_INET, SOCK_PACKET, htons(0x0003)); <br>
if (fd_recv < 0) { perror( "packet socket error"); exit(-1); } <br>
strcpy(ifr.ifr_name, device); <br>
if (ioctl(fd_recv, SIOCGIFFLAGS, &ifr) < 0 ) { <br>
perror("ioctl SIOCGIFFLAGS error"); <br>
if (fd_recv >= 0) close(fd_recv); <br>
exit(-1); <br>
} <br>
ifr_old = ifr; <br>
ifr.ifr_flags |= IFF_PROMISC; <br>
if (ioctl(fd_recv, SIOCSIFFLAGS, &ifr) < 0 ) { <br>
perror("ioctl SIOCSIFFLAGS error"); <br>
if (fd_recv >= 0) close(fd_recv); <br>
exit(-1); <br>
} <br>
signal(SIGINT, leave); <br>
signal(SIGTERM, leave); <br>
<br>
AGAIN: <br>
port = 0; <br>
bzero(&from, sizeof(from)); <br>
from_len = sizeof(from); <br>
bzero(buf_recv, PACKET_SIZE); <br>
datalen = recvfrom(fd_recv, (char *)buf_recv, 4096, 0, <br>
&from, &from_len); <br>
if (datalen < 0) { <br>
perror("recvfrom error"); <br>
exit(-1); <br>
} <br>
buf_recv[datalen] = '\0'; <br>
if (strcmp(device, from.sa_data) != 0) goto AGAIN; <br>
<br>
/* not packet for ip protocol, discard */ <br>
if (buf_recv[12] != 0x08 && buf_recv[13] != 0x00) goto AGAIN; <br>
<br>
ip = (struct iphdr *)&buf_recv[14]; <br>
ihl = (int)ip->ihl << 2; <br>
tcp = (struct tcphdr *)&buf_recv[14 + ihl]; <br>
<br>
switch(ip->protocol) { <br>
case IP_ICMP: <br>
strcpy(protocol, "ICMP"); <br>
break; <br>
case IP_TCP: <br>
strcpy(protocol, "TCP"); <br>
port = 1; <br>
break; <br>
case IP_UDP: <br>
strcpy(protocol, "UDP"); <br>
port = 1; <br>
break; <br>
default: <br>
goto AGAIN; <br>
} <br>
in1.s_addr = ip->saddr; <br>
in2.s_addr = ip->daddr; <br>
printf("%05d\t%s\t%s\t-> ", ++i, protocol, inet_ntoa(in1)); <br>
printf(" %s\t", inet_ntoa(in2)); <br>
if (port) { <br>
printf("%5d ->%5d\n", ntohs(tcp->th_sport), <br>
ntohs(tcp->th_dport)); <br>
} else <br>
printf("\n"); <br>
goto AGAIN; <br>
} <br>
<br>
void leave() <br>
{ <br>
if (ioctl(fd_recv, SIOCSIFFLAGS, &ifr_old) < 0) { <br>
perror("ioctl SIOCSIFFLAGS error"); <br>
} <br>
if (fd_recv > 0) close(fd_recv); <br>
printf("process terminamted.\n"); <br>
exit(0); <br>
} <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="317.htm">上一层</a>][<a href="431.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -