int main(int argc, char *argv[])
{
char *dev, errbuf[PCAP_ERRBUF_SIZE];
pcap_t *handle;
print_app_banner();
check_requirements();
init_pcap();
return(0);
}
/* print help text */
void print_app_usage(char *name) {
print_app_banner();
printf("usage:\n %s <interface> [options]\n\n", name);
printf("interface:\n");
printf(" -i interface1 Capture packets from interface1.\n\n");
printf("options:\n");
printf(" -I interface2 Forward packets to interface2.\n");
printf(" -d ip address Destination ip address of forwarded packets.\n");
printf(" -n number Number of packets to capture.\n");
printf(" -h Hide packet headers.\n");
printf(" -p Hide payload.\n");
printf(" -c Capture packets only.\n");
printf(" -f 'filter' Tcpdump packet filter expression.\n\n");
printf("example:\n");
printf(" sudo packetforward -i en1 -I tap0 -d 5.124.100.100 -f 'udp port 6112 and dst host 255.255.255.255'\n\n'");
return;
}
int main(int argc, char **argv)
{
char *dev = NULL; /* capture device name */
char errbuf[PCAP_ERRBUF_SIZE]; /* error buffer */
pcap_t *handle; /* packet capture handle */
char filter_exp[] = "ip"; /* filter expression [3] */
struct bpf_program fp; /* compiled filter program (expression) */
bpf_u_int32 mask; /* subnet mask */
bpf_u_int32 net; /* ip */
int num_packets = 10; /* number of packets to capture */
print_app_banner();
/* check for capture device name on command-line */
if (argc == 2) {
dev = argv[1];
}
else if (argc > 2) {
fprintf(stderr, "error: unrecognized command-line options\n\n");
print_app_usage();
exit(EXIT_FAILURE);
}
else {
/* find a capture device if not specified on command-line */
dev = pcap_lookupdev(errbuf);
if (dev == NULL) {
fprintf(stderr, "Couldn't find default device: %s\n",
errbuf);
exit(EXIT_FAILURE);
}
}
/* get network number and mask associated with capture device */
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n",
dev, errbuf);
net = 0;
mask = 0;
}
/* print capture info */
printf("Device: %s\n", dev);
printf("Number of packets: %d\n", num_packets);
printf("Filter expression: %s\n", filter_exp);
/* open capture device */
handle = pcap_open_live(dev, SNAP_LEN, 1, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
exit(EXIT_FAILURE);
}
/* make sure we're capturing on an Ethernet device [2] */
if (pcap_datalink(handle) != DLT_EN10MB) {
fprintf(stderr, "%s is not an Ethernet\n", dev);
exit(EXIT_FAILURE);
}
/* compile the filter expression */
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* apply the compiled filter */
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* now we can set our callback function */
pcap_loop(handle, num_packets, got_packet, NULL);
/* cleanup */
pcap_freecode(&fp);
pcap_close(handle);
printf("\nCapture complete.\n");
return 0;
}
int main(int argc, char **argv)
{
char *dev = NULL; /* capture device name */
int dev_is_file = 0; /* capture from a file, not from the network */
char errbuf[PCAP_ERRBUF_SIZE]; /* error buffer */
pcap_t *handle; /* packet capture handle */
/* filter expression [3]: port 5222, TLS Handshake, ClientHello/ServerHello */
char *filter_exp = filter_https;
struct bpf_program fp; /* compiled filter program (expression) */
bpf_u_int32 mask; /* subnet mask */
bpf_u_int32 net; /* ip */
/* Make sure pipe sees new packets unbuffered. */
setvbuf(stdout, (char *)NULL, _IOLBF, 0);
print_app_banner();
/* check for capture device name on command-line */
if (argc == 2) {
dev = argv[1];
}
else if (argc == 3) {
dev = argv[1];
if (strcmp(argv[2], "https") == 0)
filter_exp = filter_https;
else
if (strcmp(argv[2], "xmpp") == 0)
filter_exp = filter_xmpp;
else
filter_exp = argv[2];
}
else if (argc > 3) {
fprintf(stderr, "error: unrecognized command-line options\n\n");
print_app_usage();
exit(EXIT_FAILURE);
}
else {
/* find a capture device if not specified on command-line */
dev = pcap_lookupdev(errbuf);
if (dev == NULL) {
fprintf(stderr, "Couldn't find default device: %s\n",
errbuf);
exit(EXIT_FAILURE);
}
}
/* try to open capture "device" as a file, if it fails */
/* get network number and mask associated with capture device */
if (access(dev, R_OK) != -1) {
dev_is_file = 1;
} else
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n",
dev, errbuf);
net = 0;
mask = 0;
}
/* print capture info */
printf("Source: %s\n", dev);
printf("Filter expression: %s\n", filter_exp);
printf("\n");
#ifdef LOG_COUNTER
printf("Counter\t");
#endif
#ifdef LOG_ADDRESSES
printf("Source\t\tDestination\t");
#endif
#ifdef LOG_PORTS
printf("SrcPort\tDstPort\t");
#endif
printf("Packet content\n");
/* open capture device */
if (dev_is_file)
handle = pcap_open_offline(dev, errbuf);
else
handle = pcap_open_live(dev, SNAP_LEN, 1, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open source %s: %s\n", dev, errbuf);
exit(EXIT_FAILURE);
}
/* make sure we're capturing on an Ethernet device [2] */
if (pcap_datalink(handle) != DLT_EN10MB) {
fprintf(stderr, "%s is not an Ethernet\n", dev);
exit(EXIT_FAILURE);
}
/* compile the filter expression */
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* apply the compiled filter */
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* now we can set our callback function */
pcap_loop(handle, -1, got_packet, NULL);
/* cleanup */
pcap_freecode(&fp);
pcap_close(handle);
printf("\nCapture complete.\n");
return 0;
}
void main()
{
(void) signal(SIGINT, termination_handler);
print_app_banner();
// ADDED mrd015 !!!!!
// trying to put code from fins_ethernet.sh here. This should allow mkfifo to be called w/o building coreutils for android?
printf("\n\nAttempting to make " FINS_TMP_ROOT "\n");
if(system("mkdir " FINS_TMP_ROOT) != 0){
printf(FINS_TMP_ROOT " already exists! Cleaning...\n");
// if cannot create directory, assume it contains files and try to delete them
if(system("cd " FINS_TMP_ROOT ";rm *") != 0){
printf("Cannot remove files in " FINS_TMP_ROOT "!\n");
}else {
printf(FINS_TMP_ROOT " was cleaned successfully.\n\n");
}
}
if(mkfifo(INCOME_PIPE, 0777) != 0){
PRINT_DEBUG("Failed to mkfifo(INCOME_PIPE, 0777)");
exit(1);
}
if(mkfifo(INJECT_PIPE, 0777) != 0){
PRINT_DEBUG("Failed to mkfifo(INJECT_PIPE, 0777)");
exit(1);
}
//^^^^^END^^^^^ !!!!!
fflush(stdout);
pid_t pID;
char device[20];
//strcpy(device, "lo"); //original !!!!!
strcpy(device, "eth0"); //changed to this !!!!!
//strcpy(device, "eth1"); //changed to this !!!!!
//strcpy(device, "wlan0");
/** Time to split into two processes
* 1. the child Process is for capturing (incoming)
* 2. the parent process is for injecting frames (outgoing)
*/
pID = fork();
if (pID == 0) // child -- Capture process
{
// Code only executed by child process
PRINT_DEBUG("child started to capture \n");
//sleep(2);
capture_init(device);
}
else if (pID < 0) // failed to fork
{
PRINT_DEBUG ("Failed to Fork \n");
exit(1);
}
else // parent
{
// Code only executed by parent process
/** inject handler is supposed to be initialized earlier to make sure that forwarding
* feature is able to work even if the parent process did not start injecting yet
* we fix this by sleeping the capturing process for a while. To give the injection
* process a lead
*/
PRINT_DEBUG("parent started to Inject \n");
inject_init(device);
// while (1);
}
/**
if (inject_handle != NULL);
pcap_close(inject_handle);
if (capture_handle != NULL);
pcap_close(capture_handle);
*/
// return;
}
int main(int argc, char **argv) {
char *dev = NULL; /* capture device name */
char errbuf[PCAP_ERRBUF_SIZE]; /* error buffer */
pcap_t *handle; /* packet capture handle */
//TODO filters on tcp instead of ip
char filter_exp[] = "tcp"; /* filter expression [3] */
struct bpf_program fp; /* compiled filter program (expression) */
bpf_u_int32 mask; /* subnet mask */
bpf_u_int32 net; /* ip */
int num_packets = -1; /* number of packets to capture */
clear();
print_app_banner();
/* check for capture device name on command-line */
if (argc == 6) {
dev = argv[1];
g_src_address = argv[2];
g_dest_address = argv[3];
num_packets = atoi(argv[4]);
g_filename = argv[5];
}
else {
fprintf(stderr, "error: unrecognized command-line options\n\n");
print_app_usage();
exit(EXIT_FAILURE);
}
FILE *file;
file = fopen(g_filename, "w+"); //open for reading and writing (overwrite existing file)
fclose(file);
/* get network number and mask associated with capture device */
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n",
dev, errbuf);
net = 0;
mask = 0;
}
/* print capture info */
printf("Device: %s\n", dev);
printf("Number of packets: %d\n", num_packets);
printf("Filter expression: %s\n", filter_exp);
printf("Source address is %s and Destination address is %s\n", g_src_address, g_dest_address);
printf("RTT data will be stored in %s\n", g_filename);
/* open capture device */
//TODO iv'e disabled promiscuous mode
handle = pcap_open_live(dev, SNAP_LEN, 0, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
exit(EXIT_FAILURE);
}
/* make sure we're capturing on an Ethernet device [2] */
if (pcap_datalink(handle) != DLT_EN10MB) {
fprintf(stderr, "%s is not an Ethernet\n", dev);
exit(EXIT_FAILURE);
}
/* compile the filter expression */
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* apply the compiled filter */
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
pcap_loop(handle, num_packets, got_packet, NULL);
/* cleanup */
pcap_freecode(&fp);
pcap_close(handle);
printf("\nCapture complete.\n");
return 0;
}
int main(int argc, char **argv)
{
char *dev = NULL; /* 捕获设备的名称 | capture device name */
char errbuf[PCAP_ERRBUF_SIZE]; /* 错误的缓冲区 | error buffer */
pcap_t *handle; /* 数据包捕获句柄 | packet capture handle */
char filter_exp[] = "tcp"; /* 过滤表达示 | filter expression [3] */
struct bpf_program fp; /* 编译过滤表达示 | compiled filter program (expression) */
bpf_u_int32 mask; /* 子网掩码 | subnet mask */
bpf_u_int32 net; /* IP 地址 | ip */
int num_packets = 10; /* 捕获的数据包数量 | number of packets to capture */
/* 显示程序版本信息 */
print_app_banner();
/* 检查来自命令行参数需要捕获设备的名称
check for capture device name on command-line */
if (argc == 2) {
dev = argv[1];
}
else if (argc > 2) {
fprintf(stderr, "error: unrecognized command-line options\n\n");
print_app_usage();
exit(EXIT_FAILURE);
}
else {
/* 如果命令行参数没有指定, 则自动找到一个设备
find a capture device if not specified on command-line */
dev = pcap_lookupdev(errbuf);
if (dev == NULL) {
fprintf(stderr, "Couldn't find default device: %s\n",
errbuf);
exit(EXIT_FAILURE);
}
}
/* 获得捕获设备的网络号和掩码
get network number and mask associated with capture device */
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n",
dev, errbuf);
net = 0;
mask = 0;
}
/* 显示捕获设备信息
print capture info */
printf("Device: %s\n", dev);
printf("Number of packets: %d\n", num_packets);
printf("Filter expression: %s\n", filter_exp);
/* 打开捕获设备
@1 捕获的设备
@2 每次捕获数据的最大长度
@3 1 启用混杂模式
@4 捕获时间, 单位ms
@5 错误缓冲区
open capture device */
handle = pcap_open_live(dev, SNAP_LEN, 1, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
exit(EXIT_FAILURE);
}
/* pcap_datalink();
返回数据链路层类型,例如DLT_EN10MB;
确保我们对以太网设备捕获
make sure we're capturing on an Ethernet device [2] */
if (pcap_datalink(handle) != DLT_EN10MB) {
fprintf(stderr, "%s is not an Ethernet\n", dev);
exit(EXIT_FAILURE);
}
/* 编译过滤表达式
compile the filter expression */
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* 应用过滤规则
apply the compiled filter */
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* 设置回高函数并开始捕获包
now we can set our callback function */
pcap_loop(handle, num_packets, got_packet, NULL);
/* cleanup */
pcap_freecode(&fp);
pcap_close(handle);
printf("\nCapture complete.\n");
return 0;
}
void *packet_capture(void *device)
{
printf("\n capture thread \n");
pcap_t *handle; /* packet capture handle */
/* we need to filter frames based on the sender mac address !!
* if the sender mac address is our then, we dont sniff this frame !
* while we sniff any frame that is originated by someone else
* We can not depends on the sender IP address because this means we will
* still sniff outgoing packets generated by other network protocols
* such as ARP or IPv6
*/
char errbuf[PCAP_ERRBUF_SIZE]; /* error buffer */
unsigned char dev_macAddress[17];
char *filter_exp;
unsigned char *dev;
filter_exp= (char *)malloc (100);
strcat(filter_exp,"ether src not ");
//char filter_exp[] = "ether src 00:1e:2a:52:ec:9c"; /* filter expression [3] */
struct bpf_program fp; /* compiled filter program (expression) */
bpf_u_int32 mask; /* subnet mask */
bpf_u_int32 net; /* ip */
int num_packets = 20; /* number of packets to capture */
int data_linkValue;
print_app_banner();
dev =(unsigned char *)device;
/* Build the filter expression based on the mac address of the passed
* device name
*/
getDevice_MACAddress(dev_macAddress,dev);
strcat(filter_exp,dev_macAddress);
//strcat(filter_exp," and not arp");
strcpy(filter_exp,"not arp");
/* get network number and mask associated with capture device */
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n",
dev, errbuf);
net = 0;
mask = 0;
}
/* print capture info */
printf("Device: %s\n", dev);
printf("Number of packets: %d\n", num_packets);
printf("Filter expression: %s\n", filter_exp);
/* open capture device */
handle = pcap_open_live(dev, SNAP_LEN, 1, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
exit(EXIT_FAILURE);
}
/* make sure we're capturing on an Ethernet device [2] */
data_linkValue = pcap_datalink(handle);
if (data_linkValue != DLT_EN10MB) {
fprintf(stderr, "%s is not an Ethernet\n", dev);
exit(EXIT_FAILURE);
}
printf("Datalink layer Description: %s \n",pcap_datalink_val_to_description(data_linkValue));
/* compile the filter expression */
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* apply the compiled filter */
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n",
filter_exp, pcap_geterr(handle));
exit(EXIT_FAILURE);
}
/* now we can set our callback function */
pcap_loop(handle, 20, got_packet, NULL);
/* cleanup */
pcap_freecode(&fp);
pcap_close(handle);
return NULL;
}
