📄 ipdumpinlinux.cpp
字号:
ntohs(arp->ea_hdr.ar_pro),
(ntohs(arp->ea_hdr.ar_pro)==ETHERTYPE_IP)?"(IP)":"(NOT IP)");
printf("+------------------+----------------+\n");
printf("| Hardlen:%3u| Addr len :%2u|op: %4d %16s |\n",
arp->ea_hdr.ar_hln,arp->ea_hdr.ar_pln,ntohs(arp->ea_hdr.ar_op),
arp_operation[op]);
printf(+----------------+-------------------+-----------------------"
"+-------------------+\n");
printf(" | Source MAC Address:
" %17s|\n,mac_ntoa(arp->arp_sha));
printf(+----------------+-------------------+-----------------------"
"+-------------------+\n");
printf(" | Source IP Address: %15s|\n",
inet_ntoa( * (struct in _addr * )&arp->arp_spa));
printf(+----------------+-------------------+-----------------------"
"+-------------------+\n");
printf(" | Destination MAC Address:
"% 17s|\n,mac_ntoa(arp->arp_tha));
printf(+----------------+-------------------+-----------------------"
"+-------------------+\n");
printf(" | Destination IP Address: %15s|\n",
inet_ntoa(* (struct in _addr * )&arp->arp_arp_tpa));
printf("+--------------------------------------------+\n");
}
/*
* void print_ip (struct ip * ip);
* 功能
* 显示IP报头
* 实际参数
* struct ip * ip;ip报头结构体的指针
* 返回值
* 无
*/
void print_ip(struct ip * ip);
{
printf("Protocol:IP\n");
printf("+-----+-----+-----+-------+--------+\n");
printf("|IV:%1u|HL:&2u|T:%8s| totle length:%10u|\n",
ip->ip_v,ip->ip_hl,ip_ttoa(ip->ip_tos),ntohs(ip->ip_len));
printf("+-----+-----+-----+-------+--------+\n");
printf("Identifier: %5u|FF:%3S|FO:%5u|\n"
ntohs(ip->ip_id),ip_ftoa(ntohs(ip->ip_off)),
ntohs(ip->ip_off)&IP_OFFMASK);
printf("+-----+-----+-----+-------+--------+\n");
printf(* | TTL:%3|Pro:%3u|Header Checksum:%5u|\n"
ip->ip_ttl,ip->ip_p,ntohs(ip->ip_sum));
printf("+-----+-----+-----+-------+--------+\n");
printf("| Source IP Address:%15s|\n",
inet_ntoa( * (struct in addr * )&(ip->ip_src)));
printf("+----------------------------------+\n");
printf(| Destination IP Address: %15s|/n"
inet_ntoa( * (struct in addr *)&(ip->ip_dst)));
printf("+----------------------------------+\n");
}
/*
* char * ip_ftoa(int flag);
* 功能
* 将IP报头的段位变换为字符串
* 实际参数
* int flag;段域的值
* 返回值
* cha * 变换的字符串
*/
char * ip_ftoa(int flag)
{
static int f [] = ('R','D','M'); //显示段标志的字符
static char str [17]; //存储返回值的缓冲区
u_int mask = 0x8000;
int i;
for (i=0;i<3;i++){
if ( ( (flag<<i)&mask)! = 0)
str[i] = f[i];
else
str[i]='0';
}
str[i]='\0';
return str;
}
/*
* char * ip_ttoa(int flag);
* 功能
* 将IP报头的TOS域变换为字符串
* 实际参数
* int flag;TOS域的值
* 返回值
* char * 变换的字符串
*/
char * ip_ttoa(int flag);
{
static int f[]=('1','1','1','D','T','R','C','X');
//将TOS域显示为字符串
static char str [17] //存储返回值的缓冲区
u_int mask = 0x80; //取出TOS域的掩码
int i;
for (i=0;i<8;i++){
if (((flag<<i)&mask)!=0)
str[i]=f[i];
else
str[i]='0';
}
str[i]='0\';
return str;
}
/*
* viod print_icmp(struct icmp * icmp);
* 功能
* 显示IP报头
* 实际参数
* struct icmp * icmp;
* 返回值
* 无
*/
void print_icmp(struct icmp * icmp)
{
static char * type_name[] = {
"Echo Reply", /*Type 0(类型0) */
"Undefine", /*Type 1(类型1) */
"Undefine", /*Type 2(类型2) */
"Destination Unreachable",/*Type 3(类型3) */
"Source Quench", /*Type 4(类型4) */
"Redirect(change route)", /*Type 5(类型5) */
"Undefine", /*Type 6(类型6) */
"Undefine", /*Type 7(类型7) */
"Echo Request", /*Type 8(类型8) */
"Undefine", /*Type 9(类型9) */
"Undefine", /*Type 10(类型10) */
"Time Exceeded", /*Type 11(类型11) */
"Parameter Problem", /*Type 12(类型12) */
"Timestamp Request", /*Type 13(类型13) */
"Timestamp Reply", /*Type 14(类型14) */
"Information Request", /*Type 15(类型15) */
"Information Reply", /*Type 16(类型16) */
"Address Mask Request", /*Type 17(类型17) */
"Address Mask Reply", /*Type 18(类型18) */
"Unknown" /*Unkown(未知)*/
} /* 显示icmp类型的字符串 */
int type = icmp->icmp_type; /*ICMP类型 */
if(type<0 || type>18)
type = 19;
printf(" Protocol:ICMP(%S) \n",type_name[type]);
printf("+--------+-------+----------------+\n");
printf(" |Type: %3u| Checksum: %5u| \n",
icmp->icmp_type,icmp->icmp_code,ntohs(icmp->icmp_cksum));
printf("+--------+-------+----------------+\n");
if(icmp->icmp_type==0 || icmp->icmp_type==8){
printf(" |Identification: %5u| Sequence Number: %5u| \n",
ntohs(icmp->icmp_id),ntohs(icmp->icmp_seq));
printf("+--------+-------+----------------+\n");
}else if (icmp->icmp_type==3){
if(icmp->icmp_code == 4){
printf(" |void: %5u| NextMTU: %5u| \n",
ntohs(icmp->icmp_pmvoid),ntohs(icmp->icmp_nextmtu));
printf(" +---------------+----------------+\n");
}else{
printf(" |Unused: %10lu| \n",
(u_long) ntohl (icmp->icmp_void));
printf(" +---------------+----------------+\n");
}
}else if (icmp->icmp_type== 5){
printf(" |Router IP Address: %15s| \n",
inet_ntoa(* (struct in_addr *) & (icmp->icmp_gwaddf)));
printf(" +---------------+----------------+\n");
}else if (icmp->icmp_type== 11){
printf(" |Unused: %10lu| \n",
(u_long) ntohl (icmp->icmp_void));
printf(" +---------------+----------------+\n");
}
if(icmp->icmp_type == 3 || icmp->icmp_type == 5 || icmp->icmp_type == 11)
print_ip ((struct ip *)(((char *) icmp)+8));
}
/*
*void print_tcp(struct tcphdr * tcp);
*功能
*显示TCP报头
*实际参数
* struct tcphdr * tcp;一个TCP报头的结构体
*返回值
*无
*/
void print_tcp(struct tcphdr *tcp)
{
printf("protocol:TCP\n");
printf(" +---------------+----------------+\n");
printf(" |Source Port: %5u| Destination Port: %5u| \n",
ntohs(tcp->th_sport),ntohs(tcp->th_dport));
printf(" +---------------+----------------+\n");
printf(" | Sequence Number: %10lu| \n",
(u_long) ntohl (tcp->th_seq));
printf(" +---------------+----------------+\n");
printf(" | Acknowledgement Number: %10lu| \n",
(u_long) ntohl (tcp->th_ack));
printf(" +--------------+-------+----------+\n");
printf(" |Do:%2u| Reserved|F:%6s| Window Size: %5u| \n",
tcp->th_off,tcp_ftoa(tcp->th_flags),ntohs(tcp->th_win));
printf(" +--------------+-------+----------+\n");
printf(" | Checksum: %5u| Urgent Pointer: %5u| \n",
ntohs(tcp->th_sum),ntohs(tcp->th_urp));
printf(" +-------+------+-------+----------+\n");
}
/*
*char * tcp_ftoa(int flag);
*功能
* 将TCP报头的协议标志变换为字符串
*实际参数
* int flag TCP的协议标志
*返回值
*char * 变换为字符串
*/
char * tcp_ftoa(int flag)
{
static int f[]={'U','A','P','R','S','F'};
/*显示TCP协议标志的字符*/
static char str[17]; /*储存返回值的缓冲区*/
u_int mask = 1<<5; /*取出TCP协议标志的掩码*/
int i; /*循环变量*/
for(i=0;i<6;i++){
if(((flag<<i)&mask) ! =0)
str[i]=f[i];
else
str[i]='0';
}
str[i]='\0';
return str;
}
/*
*void print_udp(struct udphdr * udp);
*功能
*显示UDP报头
*实际参数
* struct udphdr * udp; UDP报头结构体的指针
*返回值
*无
*/
void print_udp(struct udphdr * udp);
{
printf("protocol:UDP\n");
printf(" +---------------+----------------+\n");
printf(" |Source Port: %5u| Destination Port: %5u| \n",
ntohs(udp->uh_sport),ntohs(udp->uh_dport));
printf(" +---------------+----------------+\n");
printf(" |Length: %5u| Checksum: %5u| \n",
ntohs(udp->uh_ulen),ntohs(udp->uh_sum));
printf(" +---------------+----------------+\n");
}
/*
* void dump_packet (unsigned char * buff ,int len);
*功能
* 从Ethernet桢开始用十六进制整数打印出来(用ASCII码显示)
*实际参数
* unsigned char * buff; 打印数据初始地址
* int len; 打印数据的长度
*返回值
*无
*/
void dump_packet (unsigned char * buff ,int len);
{
int i,j; /*循环变量*/
printf("Frame Dump: \n");
for(i=0;i<len;i +=16){
/*用十六进制整数打印*/
for (j=i;j<i+16&&j<len;j++){
printf("%02x",buff[j]);
if(j%2==1)
printf(" ");
}
/*将最后一行数据对齐*/
if(j==len && len%16 !=0)
for(j=0;j<40-(len % 16) *2.5;j++)
printf(" ");
printf(":");
/*用ASCII码显示*/
for(j=i; j<i+16&&j<len;j++){
if((buff[j]>=0x20)&&(buff[j]<=0x7e))
putchar (buff[j]);
else
printf(".");
}
printf("\n");
}
fflush(stdout);
}
#ifnedf_linux
/*
*int open_bpf(char * ifname);
*功能
*打开一个BPF
*实际参数
* char * ifname 接口名称
*返回值
* int 文件描述符
*/
int open_bpf(char * ifname)
{
char buf [256]; /*储存字符串*/
int bpfd; /*文件描述符*/
struct ifreq ifr; /*接口属性结构体*/
int i; /*循环变量*/
/*打开BPF的设备文件*/
for(i=0;i<4;i++){
sprintf(buf," /dev/bpf%d",i);
if((bpfd=open(buf,0_RDWR,0))>0)
goto bpf_ok;
}
fprintf(stderr,"can not open BPF\n");
return -1;
bpf_ok;
/*设定一个接口名称*/
strcpy(ifr.ifr_name,ifname);
if(ioctl(bpfd,BIOCSETIF,&ifr)<0){
sprintf(buf,"ioctl (BIOCSETIF,'%s')",ifname);
perror(buf);
return -1;
}
fprintf(stderr,"BPF read from'%s'(%s) \n",ifr.ifr_name,buf);
/*promiscuous方式*/
if (ioctl (bpfd,BIOCPROMISC,NULL)<0){
perror("ioctl(BIOCPROMISC)");
return -1;
}
/*实时方式*/
i=1;
if(ioctl(bpid,BIOCIMMEDIATE,&i)<0){
perror("ioctl(BIOCIMMEDIATE)");
return -1;
}
return bpfd;
}
#endif
void help(char*cmd)
{
fprintf(stderr."usage: %s[-aedh][-i ifname][-p protocols] \n",cmd);
fprintf(stderr,"protocols:arp ip icmp tcp udp other\n");
#ifdef_linux
fprintf(stderr,"default: %s -p arp ip icmp tcp udp\n",cmd);
#else
fprintf(stderr,"default: %s-ixl0 -p arp ip icmp tcp udp\n",cmd);
#endif
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -