sniffer_vxw.c

vxworks平台下的siniffer源代码

/*
 * quick and dirty ethernet sniffer for vxworks
 */

#include "vxWorks.h"
#include "sys/types.h"
#include "ioLib.h"
#include "iosLib.h"
#include "fioLib.h"
#include "stdio.h"
#include "unistd.h"
#include "string.h"
#include "usrLib.h"
#include "errnoLib.h"
#include "hostLib.h"
#include "sockLib.h"
#include "socket.h"
#include "inetLib.h"
#include "in.h"
#include "selectLib.h"
#include "taskLib.h"
#include "dosFsLib.h"
#include "etherLib.h"
#include "net/systm.h"
#include "net/mbuf.h"
#include "net/domain.h"
#include "tickLib.h"
#include "net/protosw.h"
#include "socket.h"
#include "errno.h"
#include "net/if.h"
#include "net/if_arp.h"
#include "net/route.h"
#include "in.h"
#include "netinet/in_pcb.h"
#include "netinet/in_systm.h"
#include "netinet/in_var.h"
#include "netinet/ip.h"
#include "netinet/ip_var.h"
#include "netinet/ip_icmp.h"
#include "netinet/udp.h"
#include "netinet/tcp.h"
#include "netinet/if_ether.h"
#include "inetLib.h"

char vxSniffLog[200][200];
int vxSniffLogIdx= 0;

char* arpTxt[] = {"ARP Request", "ARP Reply  ", "ARP Rev Request", "ARP Rev Reply", "ARP Inv Request", "ARP Inv Reply"};

STATUS
vxSniffHook(struct ifnet *ifp, char *buf, int len, BOOL msgIn)
{
    struct ip *ip;
    struct  udphdr *udp;
    struct tcphdr *tcp;
    struct arphdr *arp;
    struct icmp *icmp;
    unsigned long ticks;
    char *proto;
    int optlen;
    int type;
    struct in_addr addr;
    char  srcAddr[20],  dstAddr[20];
    char eSrcAddr[20], eDstAddr[20];
    char protoxxx[10];

    type = (unsigned int)buf[12]<<8  | (unsigned int)buf[13];
    switch(type)
    {
    case ETHERTYPE_IP:
        ip = (struct ip *)(buf + 14);
        inet_ntoa_b(ip->ip_src, srcAddr);
        inet_ntoa_b(ip->ip_dst, dstAddr);
        switch (ip->ip_p)
        {
        case IPPROTO_TCP:
            proto = "TCP";
            break;
        case IPPROTO_UDP:
            proto = "UDP";
            break;
        case IPPROTO_ICMP:
            proto = "ICMP";
            break;
        default:
            sprintf(protoxxx, "?0x%x", ip->ip_p);
            proto = protoxxx;
            break;
        }

        ticks = tickGet ();

        sprintf(vxSniffLog[vxSniffLogIdx++],
            "%c 0x%8.8x:IP(p:%s,v:%d,h:%d,l:%d) %s -> %s\n", 
            (msgIn == TRUE) ? 'R' : 'T', ticks, proto, (ip->ip_v)&0xf, 
            (ip->ip_hl & 0xf)<<2, ip->ip_len, srcAddr, dstAddr);

        if (vxSniffLogIdx == 200)
            vxSniffLogIdx = 0;

        optlen = ((ip->ip_hl & 0xf)<<2) - sizeof( struct ip );

        switch (ip->ip_p)
        case IPPROTO_UDP:
            udp = (struct udphdr *)((char *)(ip + 1) + optlen);
            sprintf(vxSniffLog[vxSniffLogIdx++], "    UDP(s:%d,d:%d,l:%d)\n",
                udp->uh_sport, udp->uh_dport, udp->uh_ulen);
            break;
        case IPPROTO_TCP:
            tcp = (struct tcphdr *)((char *)(ip + 1) + optlen);
            sprintf(vxSniffLog[vxSniffLogIdx++],
                "    TCP(s:%d,d:%d,q:%d,a:%d,f:0x%x,w:%d)\n", tcp->th_sport,
                tcp->th_dport, tcp->th_seq, tcp->th_ack, tcp->th_flags,
                tcp->th_win);
            break;
        case IPPROTO_ICMP:
            icmp = (struct icmp *)((char *)(ip + 1) + optlen);
            sprintf(vxSniffLog[vxSniffLogIdx++], "    ICMP(t:%d,c:%d)\n",
                icmp->icmp_type, icmp->icmp_code);
            break;
        default:
            break;
        }
        break;

    case ETHERTYPE_ARP:
        arp = (struct arphdr *)(buf + 14);
        sprintf (eSrcAddr, "%8.8x%4.4x",
                  (unsigned int)buf[22]<<24 | (unsigned int)buf[23]<<16 | (unsigned int)buf[24]<<8 | (unsigned int)buf[25],
                  (unsigned int)buf[26]<<8  | (unsigned int)buf[27]);
        sprintf (eDstAddr, "%8.8x%4.4x",
                  (unsigned int)buf[32]<<24 | (unsigned int)buf[33]<<16 | (unsigned int)buf[34]<<8 | (unsigned int)buf[35],
                  (unsigned int)buf[36]<<8  | (unsigned int)buf[37]);

        addr.s_addr = (unsigned int)buf[28]<<24 | (unsigned int)buf[29]<<16 | (unsigned int)buf[30]<<8 | (unsigned int)buf[31];
        inet_ntoa_b(addr, srcAddr);
        addr.s_addr = (unsigned int)buf[38]<<24 | (unsigned int)buf[39]<<16 | (unsigned int)buf[40]<<8 | (unsigned int)buf[41];
        inet_ntoa_b(addr, dstAddr);
        ticks = tickGet ();
        sprintf(vxSniffLog[vxSniffLogIdx++],"%c 0x%8.8x:%s %s -> %s\n", 
                        (msgIn == TRUE) ? 'R' : 'T',
                        ticks, arpTxt[arp->ar_op-1], eSrcAddr, eDstAddr);
        if (vxSniffLogIdx == 200)
            vxSniffLogIdx = 0;
        sprintf(vxSniffLog[vxSniffLogIdx++],"    SRC = %s (%s), DST = %s (%s)\n",
                        srcAddr, eSrcAddr, dstAddr, eDstAddr);
        break;

    default:
        break;
    }

    if (vxSniffLogIdx == 200)
        vxSniffLogIdx = 0;

    return FALSE;
}

STATUS
vxSniffInHook(struct ifnet *ifp, char *buf, int len)
{
    return (vxSniffHook(ifp, buf, len, TRUE));
}

STATUS
vxSniffOutHook(struct ifnet *ifp, char *buf, int len)
{
    return (vxSniffHook(ifp, buf, len, FALSE));
}


int vxSniffStartIdx = 0;

void
vxSniffStart()
{
    vxSniffStartIdx = vxSniffLogIdx;
}

void
vxSniffShow()
{
    int end = vxSniffLogIdx;
    int i;

    if (end < vxSniffStartIdx) {
        for (i = vxSniffStartIdx; i < 200; i++)
            printf("%s", vxSniffLog[i]);
        for (i = 0; i < end; i++)
            printf("%s", vxSniffLog[i]);
    } else {
        for (i = vxSniffStartIdx; i < end; i++)
            printf("%s", vxSniffLog[i]);
    }
}

void
vxSniffInit()
{
    /* XXX do something here to put ethernet driver in promiscuous mode */

    etherInputHookAdd(vxSniffInHook, "cpm", 0);
    etherOutputHookAdd(vxSniffOutHook, "cpm", 0);
}