📄 ipdump.c
字号:
mac_ntoa (eth->ether_shost)); printf (" ------------------------------------------ \n"); if (type < 1500) { printf ("|Length:%5u|\n", type); } else { if (type == 0x0200) printf ("|Ethernet Type: Xerox PUP|\n"); else if (type == 0x0800) printf ("|Ethernet Type: IP |\n"); else if (type == 0x0806) printf ("|Ethernet Type: ARP |\n"); else if (type == 0x8035) printf ("|Ethernet Type: ReversARP|\n"); else printf ("|Ethernet Type: Unkonw |\n"); } printf (" ------------------------------------------ \n"); //}} void print_arp (struct ether_arp *arp){ static char *arp_operation[] = { "Undefine", "(ARP Request)", "(ARP Reply)", "(RARP Request)", "(RARP Reply)" }; int op = ntohs (arp->ea_hdr.ar_op); if (op <= 0 || 5 < op) { op = 0; } printf ("rotocol:ARP\n"); printf (" ---------------------------------------------------------- \n"); printf ("|Header Type:%2u%-11s| Protocol:0x%04x%-9s |\n", ntohs (arp->ea_hdr.ar_hrd), (ntohs (arp->ea_hdr.ar_hrd) == ARPHRD_ETHER) ? "(Ethernet)" : "(Not Ether)", ntohs (arp->ea_hdr.ar_pro), (ntohs (arp->ea_hdr.ar_pro) == ETHERTYPE_IP) ? "(IP)" : "(Not IP)"); printf (" ---------------------------------------------------------- \n"); printf ("|HardwareLen:%3u|ProtocolAddrLen:%2u|op:%4d%16s|\n", arp->ea_hdr.ar_hln, arp->ea_hdr.ar_pln, ntohs (arp->ea_hdr.ar_op), arp_operation[op]); printf (" ---------------------------------------------------------- \n"); printf ("|Source MAC Address: %17s |\n", mac_ntoa (arp->arp_sha)); printf (" ---------------------------------------------------------- \n"); printf ("|Source IP Address: %15s |\n", inet_ntoa (*(struct in_addr *) &arp->arp_spa)); printf (" ---------------------------------------------------------- \n"); printf ("|Destination MAC Address: % 17s |\n", mac_ntoa (arp->arp_tha)); printf (" ---------------------------------------------------------- \n"); printf ("|Destination IP Address: %15s |\n", inet_ntoa (*(struct in_addr *) &arp->arp_tpa)); printf (" ---------------------------------------------------------- \n");}/*****************************************************display IP header*****************************************************/voidprint_ip (struct ip *ip){ //if (ip->;ip_src != ip->;ip_dst) //{ printf ("rotocol:IP\n"); printf (" ------------------------------------------ \n"); printf ("|IV:%1u|HL:%2u|T:%8s| Total length:%6u|\n", ip->ip_v, ip->ip_hl, ip_ttoa (ip->ip_tos), ntohs (ip->ip_len)); printf (" ------------------------------------------ \n"); printf ("|Identifier:%5u| FF:%3s| FO:%5u|\n", ntohs (ip->ip_id), ip_ftoa (ntohs (ip->ip_off)), ntohs (ip->ip_off) & IP_OFFMASK); printf (" ------------------------------------------ \n"); printf ("|TTL:%3u| Pro:%3u| Header Checksum:%5u|\n", ip->ip_ttl, ip->ip_p, ntohs (ip->ip_sum)); printf (" ------------------------------------------ \n"); printf ("|Source IP Address: %15s|\n", inet_ntoa (*(struct in_addr *) &(ip->ip_src))); printf (" ------------------------------------------ \n"); printf ("|Destination IP Address: %15s|\n", inet_ntoa (*(struct in_addr *) &(ip->ip_dst))); printf (" ------------------------------------------ \n"); //}} char * ip_ftoa (int flag){ static int f[] = { 'R', 'D', 'M' }; static char str[17]; u_int mask = 0x8000; //mask int i; for (i = 0; i < 3; i ) { if (((flag << i) & mask) != 0) { str[i] = f[i]; } else { str[i] = '0'; } } str[i] = '\0'; return str;}/**********************************************************convert ip header TOS into string**********************************************************/char *ip_ttoa (int flag){ static int f[] = { '1', '1', '1', 'D', 'T', 'R', 'C', 'X' }; static char str[17]; u_int mask = 0x80; int i; for (i = 0; i < 8; i ) { if (((flag << i) & mask) != 0) { str[i] = f[i]; } else { str[i] = '0'; } } str[i] = '\0'; return str;}/***********************************************************display icmp header***********************************************************/voidprint_icmp (struct icmp *icmp){ static char *type_name[] = { "Echo Reply", "Undefine", "Undefine", "Destination Unreachable", "source Quench", "Redirect(change route)", "Undefine", "Undefine", "Echo Request", "Undefine", "Undefine", "Time Exceeded", "arameter Problem", "Timestamp Request", "Timestamp Reply", "Information Request", "Information Reply", "Address Mask Request", "Address Mask Reply", "Unknown" }; print_ip (ip); int type = icmp->icmp_type; if (type < 0 || type > 18) { type = 19; } printf ("rotocol:ICMP(%s)\n", type_name[type]); printf (" ------------------------------------------ \n"); printf ("|Type:%3u| Code:%3u| Checksum:%5u|\n", icmp->icmp_type, icmp->icmp_code, ntohs (icmp->icmp_cksum)); printf (" ------------------------------------------ \n"); if (icmp->icmp_type == 0 || icmp->icmp_type == 8) { printf ("|Identification:%5u|Sequence Number:%5u|\n", ntohs (icmp->icmp_id), ntohs (icmp->icmp_seq)); printf (" ------------------------------------------ \n"); } else if (icmp->icmp_type == 3) { if (icmp->icmp_code == 4) { printf ("|Void:%5u|Next MTU:%5u|\n", ntohs (icmp->icmp_pmvoid), ntohs (icmp->icmp_nextmtu)); printf (" ------------------------------------------ \n"); } else { printf ("|Unused:%10lu|\n", (u_long) ntohl (icmp->icmp_void)); printf (" ------------------------------------------ \n"); } } else if (icmp->icmp_type == 5) { printf ("|Router IP Address:%15s|\n", inet_ntoa (*(struct in_addr *) &(icmp->icmp_gwaddr))); printf (" ------------------------------------------ \n"); } else if (icmp->icmp_type == 11) { printf ("|Unused:%19lu|\n", (u_long) ntohl (icmp->icmp_void)); printf (" ------------------------------------------ \n"); } if (icmp->icmp_type == 3 || icmp->icmp_type == 5 || icmp->icmp_type == 11) print_ip ((struct ip *) (((char *) icmp)) );} void print_tcp (struct tcphdr *tcp){ print_ip (ip); printf ("protocol:TCP\n"); printf (" ------------------------------------------ \n"); printf ("|Source Port:%5u| Destination Port:%5u|\n", ntohs (tcp->th_sport), ntohs (tcp->th_dport)); printf (" ------------------------------------------ \n"); printf ("|Sequence Number: %10lu|\n", (u_long) ntohl (tcp->th_seq)); printf (" ------------------------------------------ \n"); printf ("|Acknowledgmement Number: %10lu|\n", (u_long) ntohl (tcp->th_ack)); printf (" ------------------------------------------ \n"); //printf ("|Do:%2u|Reserved|F:%6s|Window Size: %5u|\n", //tcp->;th_off, tcp_ftoa (tcp->;th_flags), ntohs (tcp->;th_win)); printf ("|Do:%2u|Reserved|F:%6s|Window Size: %5u|\n", tcp->th_off,tcp_ftoa(tcp->th_flags), ntohs (tcp->th_win)); printf (" ------------------------------------------ \n"); printf ("|Checksum:%5u| Urgent Pointer:%5u|\n", ntohs (tcp->th_sum), ntohs (tcp->th_urp)); printf (" ------------------------------------------ \n");}/*************************************************************************convert TCP header protocol flag into string *************************************************************************/char *tcp_ftoa (int flag){ static int f[] = { 'U', 'A', 'P', 'R', 'S', 'F' }; //TCP protocol flag static char str[17]; //return value buffer u_int mask = 1 << 5; int i; for (i = 0; i < 6; i++) { if (((flag << i) & mask) != 0) { str[i] = f[i]; } else { str[i] = '0'; } } str[i] = '\0'; return str;}/**************************************************************************display UDP header**************************************************************************/voidprint_udp (struct udphdr *udp){ print_ip (ip); printf ("rotocol:UDP\n"); printf (" ------------------------------------------ \n"); printf ("|Source Port:%5u|Destination Port: %5u|\n", ntohs (udp->uh_sport), ntohs (udp->uh_dport)); printf (" ------------------------------------------ \n"); printf ("|Length:%5u| Checksum: %5u|\n", ntohs (udp->uh_ulen), ntohs (udp->uh_sum)); printf (" ------------------------------------------ \n");}/**************************************************************************display Ethernet packet with HEX **************************************************************************/voiddump_packet (unsigned char *buff, int len){ int i, j; printf ("Ether Dump:\n"); for (i = 0; i < len; i = 16) { for (j = i; j < i + 16 && j < len; j ) { printf ("%02x", buff[j]); if (j % 2 == 1) { printf (" "); } } if ((j == len) && (len % 16 != 0)) { for (j = 0; j < 40 - (len % 16) * 2.5; j ) { printf (" "); } } printf (" ;"); //display with ASCII for (j = i; j < i + 16 && j < len; j ) { if ((buff[j] >= 0x20) && (buff[j] <= 0x7e)) { putchar (buff[j]); } else { printf ("."); } } printf ("\n"); } //fflush (stdout);} #ifndef __linux/*************************************************************************open an BPF *************************************************************************/intopen_bpf (char *ifname){ char buf[256]; int bpfd; struct ifreq ifr; int i; //open BPF dev for (i = 0; i < 4; i ) { sprintf (buf, "/dev/bpf%d", i); if ((bpfd = open (buf, 0 _RDWR, 0)) > 0) { goto bpf_ok; } } fprintf (stderr, "cannot open BPF\n"); return -1; bpf_ok; //set an interface name strcpy (ifr.ifr_name, ifname); if (ioctl (bpfd, BIOCSETIF, %ifr) < 0) { sprintf (buf, "ioctl(BIOCSETIF,'%s')", ifname); perror (buf); return -1; } fprintf (stderr, "BPF read rome '%s'(%s)\n", ifr.ifr_name, buf); //promiscuous mode if (ioctl (bpfd, BIOCPRMISC, NULL) < 0) { perror ("ioctl(BIOCPRMOISC)"); return -1; } //real time mode i = 1; if (ioctl (bpid, BIOCIMMEDIATE, &i) < 0) { perror ("ioctl(BIOCIMMEDIATE)"; return -1; } return bpfd;}#endif/**********************************************************************help**********************************************************************/voidhelp (char *cmd){ fprintf (stderr, "usage:%s[-aedh][-i ifname][-p protocols]\n", cmd); fprintf (stderr, "protocols:arp ip icmp tcp udp other\n");#ifdef __linux fprintf (stderr, "default:%s -p arp ip icmp tcp udp\n", cmd);#else fprintf (stderr, "default:%s -i x10 -p arp ip icmp tcp udp\n", cmd);#endif}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -