⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 sniff_protocol.h

📁 嵌入式Linux环境下的网络安全检测软件
💻 H
字号:
🔍 
#ifndef PROTOCOL_H#define PROTOCOL_H#include <netinet/in.h>		//for struct in_addr  htons()#include <sys/socket.h>#include <arpa/inet.h>		//for inet_ntoa(),inet_aton()#include <netinet/if_ether.h>#include <netinet/ether.h>	//for ether_header#include <iostream>#include <cstdio>#include <cstdlib>#include <cstring>#include <fstream>#include <string>#include <vector>#include "network.h"#define SNIFF_TMP_DIR "./Sniff.txt"using namespace std;ofstream sniff_out_file(SNIFF_TMP_DIR);/* ARP header */class sniff_arp{    unsigned short int ar_hrd;		/* Format of hardware address.  */    unsigned short int ar_pro;		/* Format of protocol address.  */    unsigned char ar_hln;		/* Length of hardware address.  */    unsigned char ar_pln;		/* Length of protocol address.  */    unsigned short int ar_op;		/* ARP opcode (command).  */    /* Ethernet looks like this : This bit is variable sized       however...  */    unsigned char src_eth[ETH_ALEN];	/* Sender hardware address.  */    unsigned char src_ip[IP_ALEN];		/* Sender IP address.  */    unsigned char dest_eth[ETH_ALEN];	/* Target hardware address.  */    unsigned char dst_ip[IP_ALEN];		/* Target IP address.  */   public:   void display()    {      		sniff_out_file<<"------ARP/RARP:"<<endl;	sniff_out_file<<"      Format of hardware address = "<<ntohs(ar_hrd);	if( ntohs(ar_hrd)==1 ) sniff_out_file<<" (10Mb Ethernet)"<<endl;	sniff_out_file<<"      Format of protocol address = "<<ntohs(ar_pro);	if( ntohs(ar_pro)==0x800 ) sniff_out_file<<" (IP)"<<endl;	sniff_out_file<<"      Length of hardware address = "<<int(ar_hln)<<endl;	sniff_out_file<<"      Length of protocol address = "<<int(ar_pln)<<endl;	sniff_out_file<<"      ARP opcode (comand)        = "<<ntohs(ar_op);	switch( ntohs(ar_op) )	{	case 1:sniff_out_file<<" (ARP request)"<<endl;break;	case 2:sniff_out_file<<" (ARP reply)"<<endl;break;	case 3:sniff_out_file<<" (RARP request)"<<endl;break;	case 4:sniff_out_file<<" (RARP reply)"<<endl;break;	default:sniff_out_file<<" (ARP?)"<<endl;	}       ether_addr addr;       u_int8_t* p1=addr.ether_addr_octet;       u_int8_t* p2=src_eth;       for(int i=0;i<ETH_ALEN;i++,p1++,p2++)       {	*p1=*p2;       }      sniff_out_file<<"  Sender hardware address: "<<ether_ntoa(&addr)<<endl;      sniff_out_file<<"  Sender ip address: "<<src_ip[0]<<"."<<src_ip[1]<<"."<<src_ip[2]<<"."<<src_ip[3]<<endl;      p1=addr.ether_addr_octet;      p2=dest_eth;      for(int i=0;i<ETH_ALEN;i++,p1++,p2++)      {	  *p1=*p2;      }      sniff_out_file<<" Destination hardware address:"<<ether_ntoa(&addr)<<endl;        //sniff_out_file<<"%02x:%02x:%02x:%02x:%02x:%02x"<<dest_eth[0],      sniff_out_file<<"  Destination ip address: "<<dst_ip[0]<<"."<<dst_ip[1]<<"."<<dst_ip[2]<<"."<<dst_ip[3]<<endl;    }};/* IP header */class sniff_ip{    u_char  ip_vhl;                 /* version << 4 | header length >> 2 */    u_char  ip_tos;                 /* type of service */    u_short ip_len;                 /* total length */    u_short ip_id;                  /* identification */    u_short ip_off;                 /* fragment offset field */#define IP_RF 0x8000            /* reserved fragment flag */#define IP_DF 0x4000            /* dont fragment flag */#define IP_MF 0x2000            /* more fragments flag */#define IP_OFFMASK 0x1fff       /* mask for fragmenting bits */    u_char  ip_ttl;                 /* time to live */    u_char  ip_p;                   /* protocol */    u_short ip_sum;                 /* checksum */    struct  in_addr ip_src,ip_dst;  /* source and dest address */    int ip_hl(){ return ip_vhl & 0x0f; }    int ip_v(){ return ip_vhl >>4; } public:    u_short get_len(){ return ip_len; }    int display()    {    		sniff_out_file<<"  ----IP:"<<endl;	int size_ip=ip_hl()*4;	if( size_ip<20 )	{	    sniff_out_file<<"  Invalid IP header length: "<<size_ip<<endl;	    exit(1);	}	sniff_out_file<<"      Version = "<<ip_v()<<",  header length = "<<size_ip<<" bytes"<<endl;	sniff_out_file<<"      Type of service = "<<ntohs(ip_tos)<<endl;	sniff_out_file<<"      Total length    = "<<ntohs(ip_len)<<endl;	sniff_out_file<<"      Identification  = "<<ntohs(ip_id)<<endl;	sniff_out_file<<"      Flags           = "<<ntohs(ip_off)<<endl;	sniff_out_file<<"      Time to live    = "<<ntohs(ip_ttl)<<endl;	sniff_out_file<<"      Protocol        = ";	switch( ip_p )	{	case IPPROTO_TCP:	    sniff_out_file<<"TCP"<<endl;	    break;	case IPPROTO_UDP:	    sniff_out_file<<"UDP"<<endl;	    break;	case IPPROTO_ICMP:	    sniff_out_file<<"ICMP"<<endl;	    break;	case IPPROTO_IP:	    sniff_out_file<<"IP"<<endl;	    break;	default:	    sniff_out_file<<"Unknown"<<endl;	    exit(1);	}	sniff_out_file<<"      Checksum        = "<<ip_sum<<endl;	sniff_out_file<<"      From            = "<< ip_src.s_addr<<endl;	sniff_out_file<<"      To              = "<< ip_dst.s_addr<<endl; 	return size_ip;    }    u_char get_protocol(){ return ip_p; }};//#define IP_HL(ip)               (((ip)->ip_vhl) & 0x0f)//#define IP_V(ip)                (((ip)->ip_vhl) >> 4)/* TCP header */typedef u_int tcp_seq;class sniff_tcp{    u_short th_sport;               /* source port */    u_short th_dport;               /* destination port */    tcp_seq th_seq;                 /* sequence number */    tcp_seq th_ack;                 /* acknowledgement number */    u_char  th_offx2;               /* data offset, rsvd */    //#define TH_OFF      (((th_offx2 & 0xf0) >> 4)    u_char  th_flags;#define TH_FIN  0x01#define TH_SYN  0x02#define TH_RST  0x04#define TH_PUSH 0x08#define TH_ACK  0x10#define TH_URG  0x20#define TH_ECE  0x40#define TH_CWR  0x80#define TH_FLAGS        (TH_FIN|TH_SYN|TH_RST|TH_ACK|TH_URG|TH_ECE|TH_CWR)    u_short th_win;                 /* window */    u_short th_sum;                 /* checksum */    u_short th_urp;                 /* urgent pointer */    int th_off(){ return ((th_offx2 & 0xf0) >> 4);}    int dis_flag(int m){ return (th_flags & m)>>(m-1); } public:    int display()    {   	sniff_out_file<<"      ----TCP:"<<endl;	int size_tcp = th_off()*4;	if (size_tcp < 20) 	{	    printf("   * Invalid TCP header length: %u bytes\n", size_tcp);	    exit(1);	}		sniff_out_file<<"         Src port        = "<<ntohs(th_sport)<<endl;	sniff_out_file<<"         Dst port        = "<<ntohs(th_dport)<<endl;	sniff_out_file<<"         Sequence number = "<<ntohs(th_seq)<<endl;	sniff_out_file<<"         Acknowledgement = "<<ntohs(th_ack)<<endl;	sniff_out_file<<"         Data offset     = "<<int(th_offx2)<<endl;	sniff_out_file<<"         Flags           = "<<int(th_flags)<<endl;	sniff_out_file<<"                ......."<<dis_flag(TH_FIN)<<" = FIN"<<endl;	sniff_out_file<<"                ......"<<dis_flag(TH_SYN)<<". = SYN"<<endl;	sniff_out_file<<"                ....."<<dis_flag(TH_RST)<<".. = RST"<<endl;	sniff_out_file<<"                ...."<<dis_flag(TH_PUSH)<<"... = PUSH"<<endl;	sniff_out_file<<"                ..."<<dis_flag(TH_ACK)<<".... = ACK"<<endl;	sniff_out_file<<"                .."<<dis_flag(TH_URG)<<"..... = URG"<<endl;	sniff_out_file<<"                ."<<dis_flag(TH_ECE)<<"...... = ECE"<<endl;   	sniff_out_file<<"                "<<dis_flag(TH_CWR)<<"....... = CWR"<<endl;	sniff_out_file<<"         Windows num     = "<<ntohs(th_win)<<endl;	sniff_out_file<<"         Checksum        = "<<ntohs(th_sum)<<endl;	sniff_out_file<<"         Urgent pointer  = "<<ntohs(th_urp)<<endl;	return size_tcp;    }	u_short  get_dst_port(){ return ntohs(th_dport); }};/*  UDP header  */class sniff_udp{    u_int16_t uh_sport;    u_int16_t uh_dport;    u_int16_t uh_len;    u_int16_t uh_sum; public:   int display()    {    	sniff_out_file<<"      ----UDP:"<<endl;	sniff_out_file<<"          Source port     = "<<ntohs(uh_sport)<<endl;	sniff_out_file<<"          Destination port= "<<ntohs(uh_dport)<<endl;	sniff_out_file<<"          Udp length      = "<<ntohs(uh_len)<<endl;	sniff_out_file<<"          Check sum       = "<<ntohs(uh_sum)<<endl;	return uh_len;    }};#endif //protocol.h

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -