void analyze_sniff_bootp(const struct sniff_bootp *bootp)
{
char buffer[80];
ets_uart_printf("+..............................................................+\r\n");
ets_uart_printf("| BOOTP |\r\n");
ets_uart_printf("+..............................................................+\r\n");
os_sprintf(buffer,"| Op : %d %s Transaction : %10d |\r\n",bootp->bootp_op,analyze_bootp_op(bootp->bootp_op),htons(bootp->bootp_xid));
ets_uart_printf(buffer);
os_sprintf(buffer,"| Hardware Address Type : %3d Hardware Address Length : %3d |\r\n",bootp->bootp_ht,bootp->bootp_hl);
ets_uart_printf(buffer);
os_sprintf(buffer,"| Hops : %3d Secs : %5d Flags : %5d |\r\n",bootp->bootp_hops,htons(bootp->bootp_secs),htons(bootp->bootp_flags));
ets_uart_printf(buffer);
os_sprintf(buffer,"| Client IP Address : %15s |\r\n",iptos(bootp->bootp_ciaddr.s_addr));
ets_uart_printf(buffer);
os_sprintf(buffer,"| 'your' (client) IP address : %15s |\r\n",iptos(bootp->bootp_yiaddr.s_addr));
ets_uart_printf(buffer);
os_sprintf(buffer,"| Server IP address : %15s |\r\n",iptos(bootp->bootp_siaddr.s_addr));
ets_uart_printf(buffer);
os_sprintf(buffer,"| Relay agent IP address : %15s |\r\n",iptos(bootp->bootp_giaddr.s_addr));
ets_uart_printf(buffer);
os_sprintf(buffer,"| Client Hardware Address : %02x-%02x-%02x-%02x-%02x-%02x |\r\n",bootp->bootp_chaddr[0],bootp->bootp_chaddr[1],bootp->bootp_chaddr[2],bootp->bootp_chaddr[3],bootp->bootp_chaddr[4],bootp->bootp_chaddr[5]);
ets_uart_printf(buffer);
os_sprintf(buffer,"| Server : %51s |\r\n",bootp->bootp_sname);
ets_uart_printf(buffer);
}
u_long findsrc(u_long dest)
{
struct sockaddr_in sinsrc, sindest;
int s, size;
if ((s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
pfatal("socket error");
memset(&sinsrc, 0, sizeof(struct sockaddr_in));
memset(&sindest, 0, sizeof(struct sockaddr_in));
sindest.sin_family = AF_INET;
sindest.sin_addr.s_addr = dest;
sindest.sin_port = htons(53); /* can be anything but zero */
if (connect(s, (struct sockaddr *)&sindest, sizeof(sindest)) < 0)
pfatal("connect");
size = sizeof(sinsrc);
if (getsockname(s, (struct sockaddr *)&sinsrc, &size) < 0)
pfatal("getsockname");
close(s);
debug("Determined source address of %s to reach %s\n",
iptos(sinsrc.sin_addr.s_addr), iptos(dest));
return sinsrc.sin_addr.s_addr;
}
/* 输出列表 */
void ifprint(pcap_if_t *d)
{
pcap_addr_t *a;
/* Name */
printf("设备名称:%s\n",d->name);
/* Description */
if (d->description)
printf("Description(设备描述): %s\n",d->description);
/* Loopback Address*/
printf("\tLoopback: %s\n",(d->flags & PCAP_IF_LOOPBACK)?"yes":"no");
/* IP addresses */
for(a=d->addresses;a;a=a->next)
{
printf("\tAddress Family: #%d\n",a->addr->sa_family);
switch(a->addr->sa_family)
{
case AF_INET:
printf("\tAddress Family Name: AF_INET\n");
if (a->addr)
printf("\tAddress(IP): %s\n",iptos(((struct sockaddr_in*)a->addr)->sin_addr.s_addr));
if (a->netmask)
printf("\tNetmask(掩码): %s\n",iptos(((struct sockaddr_in*)a->netmask)->sin_addr.s_addr));
if (a->broadaddr)
printf("\tBroadcast Address(广播地址): %s\n",iptos(((struct sockaddr_in*)a->broadaddr)->sin_addr.s_addr));
if (a->dstaddr)
printf("\tDestination Address(目标地址): %s\n",iptos(((struct sockaddr_in*)a->dstaddr)->sin_addr.s_addr));
break;
default:
printf("\tAddress Family Name: Unknown\n");
break;
}
}
printf("\n");
}
void CDeviceDlg::OnLbnSelchangeListDevice()
{
// TODO: 在此添加控件通知处理程序代码
pcap_if_t* alldevs=finddevs();
pcap_if_t* d=NULL;
CString nicDes,strInfo;
int index=m_lstDev.GetCurSel();
if (index>=0)
{
m_lstDev.GetText(index,nicDes);
}
for(d = alldevs; d != NULL; d = d->next)
{
if (nicDes==CString(d->description))
{
m_curNIC=CString(d->name);
strInfo=CString(d->name);
strInfo+=CString(L"\r\n\r\nDescription: ")+CString(d->description);
strInfo+=CString(L"\r\nLoopback: ")+CString((d->flags & PCAP_IF_LOOPBACK)?"yes":"no");
for(pcap_addr_t *a=d->addresses;a;a=a->next)
{
char ip6str[128];
CString temp;
temp.Format(L"\r\nAddress Family: #%d",a->addr->sa_family);
strInfo+=temp;
switch(a->addr->sa_family)
{
case AF_INET:
strInfo+=CString(L"\r\nAddress Family Name: AF_INET");
if (a->addr)
strInfo+=CString(L"\r\nAddress: ")+CString(iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr));
if (a->netmask)
strInfo+=CString(L"\r\nNetmask: ")+CString(iptos(((struct sockaddr_in *)a->netmask)->sin_addr.s_addr));
if (a->broadaddr)
strInfo+=CString(L"\r\nBroadcast Address: ")+CString(iptos(((struct sockaddr_in *)a->broadaddr)->sin_addr.s_addr));
if (a->dstaddr)
strInfo+=CString(L"\r\nDestination Address: ")+CString(iptos(((struct sockaddr_in *)a->dstaddr)->sin_addr.s_addr));
break;
case AF_INET6:
strInfo+=CString(L"\r\nAddress Family Name: AF_INET6");
if (a->addr)
strInfo+=CString(L"\r\nAddress: ")+CString(ip6tos(a->addr, ip6str, sizeof(ip6str)));
break;
default:
strInfo+=CString(L"\r\nAddress Family Name: Unknown");
break;
}
}
m_txtDevInfo.SetWindowText(strInfo);
break;
}
}
if (alldevs)
{
pcap_freealldevs(alldevs);
}
}
void dhcp_cache_flush_old(void)
{
cache_wrlock();
cache_now = time(NULL);
if(cache_last_flush + CACHE_FLUSH_PERIOD > cache_now)
{
cache_unlock();
return;
}
log_wr(DLOG, "Flushing cache: last flush ts - %lu, flush period - %lu, now is %lu.",
cache_last_flush, CACHE_FLUSH_PERIOD, cache_now);
size_t num_del = 0;
dhcp_fqueue_t * deleting_queue = search_obsolete_nodes(cache->root->left, NULL);
char str_ether[STR_ETHER_ALEN + 1];
char str_ipaddr[2][IP4_MAXSTR_ALEN + 1];
dhcp_fqueue_t * q_ptr;
dhcp_cache_node_t * del_node;
uint32_t gw_ipaddr;
/* Removing him's if exists */
while(deleting_queue)
{
del_node = deleting_queue->node->info;
etheraddr_bin_to_str(del_node->cli_ethaddr, str_ether);
iptos(del_node->cached_response.dhcp_data.you_iaddr.s_addr, str_ipaddr[0]);
gw_ipaddr = del_node->gw_ipaddr;
RBDelete(cache, deleting_queue->node);
log_wr(DLOG, "Cache node for %s/%s%s%s%s deleted.", str_ether, str_ipaddr[0],
gw_ipaddr ? " (relay: " : "",
gw_ipaddr ? iptos(gw_ipaddr, str_ipaddr[1]) : "",
gw_ipaddr ? ")" : "");
++num_del;
q_ptr = deleting_queue->next;
free(deleting_queue);
deleting_queue = q_ptr;
}
log_wr(DLOG, "Cache flushed. Total %u nodes deleted.", num_del);
cache_last_flush = cache_now;
cache_unlock();
return;
}
/* Print all the available information on the given interface */
void ifprint(pcap_if_t *d)
{
pcap_addr_t *a;
char ip6str[128];
/* Name */
printf("%s\n",d->name);
/* Description */
if (d->description)
printf("\tDescription: %s\n",d->description);
/* Loopback Address*/
printf("\tLoopback: %s\n",(d->flags & PCAP_IF_LOOPBACK)?"yes":"no");
/* IP addresses */
for(a=d->addresses;a;a=a->next) {
printf("\tAddress Family: #%d\n",a->addr->sa_family);
switch(a->addr->sa_family)
{
case AF_INET:
printf("\tAddress Family Name: AF_INET\n");
if (a->addr)
printf("\tAddress: %s\n",iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr));
if (a->netmask)
printf("\tNetmask: %s\n",iptos(((struct sockaddr_in *)a->netmask)->sin_addr.s_addr));
if (a->broadaddr)
printf("\tBroadcast Address: %s\n",iptos(((struct sockaddr_in *)a->broadaddr)->sin_addr.s_addr));
if (a->dstaddr)
printf("\tDestination Address: %s\n",iptos(((struct sockaddr_in *)a->dstaddr)->sin_addr.s_addr));
break;
case AF_INET6:
printf("\tAddress Family Name: AF_INET6\n");
#ifndef __MINGW32__ /* Cygnus doesn't have IPv6 */
if (a->addr)
printf("\tAddress: %s\n", ip6tos(a->addr, ip6str, sizeof(ip6str)));
#endif
break;
default:
printf("\tAddress Family Name: Unknown\n");
break;
}
}
printf("\n");
}
/* Send game info to all players in this game */
void NetworkSendNetgameUpdate (void)
{
char oldType, old_status, szIP [30];
int i;
NetworkUpdateNetGame (); // Update the values in the netgame struct
oldType = netGame.nType;
old_status = netGame.gameStatus;
netGame.nType = PID_GAME_UPDATE;
if (gameStates.app.bEndLevelSequence || gameData.reactor.bDestroyed)
netGame.gameStatus = NETSTAT_ENDLEVEL;
PrintLog ("sending netgame update:\n");
for (i = 0; i < gameData.multiplayer.nPlayers; i++) {
if ((gameData.multiplayer.players [i].connected) && (i != gameData.multiplayer.nLocalPlayer)) {
if (gameStates.multi.nGameType >= IPX_GAME) {
PrintLog (" %s (%s)\n", netPlayers.players [i].callsign,
iptos (szIP, (char *) netPlayers.players [i].network.ipx.node));
SendLiteNetGamePacket (
netPlayers.players [i].network.ipx.server,
netPlayers.players [i].network.ipx.node,
gameData.multiplayer.players [i].netAddress);
}
}
}
netGame.nType = oldType;
netGame.gameStatus = old_status;
}
/* Print all the available information on the given interface */
void ifprint(pcap_if_t *d)
{
pcap_addr_t *a;
/* Name */
printf("%s\n",d->name);
/* Description */
if (d->description)
printf("\tDescription: %s\n",d->description);
/* Loopback Address*/
printf("\tLoopback: %s\n",(d->flags&PCAP_IF_LOOPBACK)?"yes":"no");
/* IP addresses */
for(a=d->addresses; a; a=a->next)
{
printf("\tAddress Family: #%d\n",a->addr->sa_family);
/* sockaddr_in */
switch(a->addr->sa_family)
{
case AF_INET:
printf("\tAddress Family Name: AF_INET\n");//
if (a->addr)// IP
printf("\tAddress: %s\n",
iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr));
if (a->netmask)//
printf("\tNetmask: %s\n",
iptos(((struct sockaddr_in *)a->netmask)->sin_addr.s_addr));
if (a->broadaddr)//
printf("\tBroadcast Address: %s\n",
iptos(((struct sockaddr_in*)a->broadaddr)->sin_addr.s_addr));
printf("\tbame%d.%d.%d.%d\n",
((unsigned char*)(&(((struct sockaddr_in*)a->netmask)->sin_addr.s_addr)))[0],
((unsigned char*)(&(((struct sockaddr_in*)a->netmask)->sin_addr.s_addr)))[1],
((unsigned char*)(&(((struct sockaddr_in*)a->netmask)->sin_addr.s_addr)))[2],
((unsigned char*)(&(((struct sockaddr_in*)a->netmask)->sin_addr.s_addr)))[3]
);
break;
default:
printf("\tAddress Family Name: Unknown\n");
break;
}
}
printf("\n");
}
// 输出网卡信息
void ifprint(pcap_if_t *d, int num)
{
pcap_addr_t *a;
printf("\n\n************网卡%d信息************\n",num);
// 输出网卡名称
printf("网卡名 : %s \n",d->name);
// 网卡描述信息
if (d->description)
{
printf("网卡描述: %s \n",d->description);
}
// 反馈
printf("反馈 : %s \n",(d->flags & PCAP_IF_LOOPBACK)?"yes":"no");
// IP地址
for(a=d->addresses;a;a=a->next)
{
switch(a->addr->sa_family)
{
case AF_INET:
printf("IP地址类型: AF_INET\n");//打印网络地址类型
if (a->addr)//打印IP地址
printf("IP地址 : %s\n",
iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr));
if (a->netmask)//打印掩码
printf("掩码 : %s\n",
iptos(((struct sockaddr_in *)a->netmask)->sin_addr.s_addr));
if (a->broadaddr)//打印广播地址
printf("广播地址: %s\n",
iptos(((struct sockaddr_in *)a->broadaddr)->sin_addr.s_addr));
if (a->dstaddr)//目的地址
printf("Destination Address: %s\n",
iptos(((struct sockaddr_in *)a->dstaddr)->sin_addr.s_addr));
break;
default:
printf("Address Family Name: Unknown\n");
break;
}
}
}
dhcp_fqueue_t * search_obsolete_nodes(rb_red_blk_node* x, dhcp_fqueue_t * deleting_queue)
{
char str_ether[STR_ETHER_ALEN + 1];
char str_ipaddr[2][IP4_MAXSTR_ALEN + 1];
if (x != cache->nil)
{
deleting_queue = search_obsolete_nodes(x->left, deleting_queue);
dhcp_cache_node_t * node = x->info;
if(node->timestamp + cache_node_ttl < cache_now)
{
etheraddr_bin_to_str(node->cli_ethaddr, str_ether);
iptos(node->cached_response.dhcp_data.you_iaddr.s_addr, str_ipaddr[0]);
log_wr(DLOG, "Adding DHCP cache node %s/%s%s%s%s to deleting queue - TTL exceeded.",
str_ether, str_ipaddr[0],
node->gw_ipaddr ? " (relay: " : "",
node->gw_ipaddr ? iptos(node->gw_ipaddr, str_ipaddr[1]) : "",
node->gw_ipaddr ? ")" : "");
dhcp_fqueue_t * del_node = calloc(1, sizeof(dhcp_fqueue_t));
if(!del_node)
{
log_wr(CLOG, "Can't allocate memory for adding node to deleting queue: '%s'", strerror(errno));
exit(error_memory);
}
del_node->node = x;
if(deleting_queue)
{
del_node->next = deleting_queue;
deleting_queue = del_node;
}
else /* Empty queue */
deleting_queue = del_node;
}
deleting_queue = search_obsolete_nodes(x->right, deleting_queue);
}
return deleting_queue;
}
int main(int argc, char **argv)
{
pcap_if_t *alldevs;
pcap_if_t *d;
char *s;
bpf_u_int32 net, mask;
int exit_status = 0;
char errbuf[PCAP_ERRBUF_SIZE+1];
if (pcap_findalldevs(&alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n",errbuf);
exit(1);
}
for(d=alldevs;d;d=d->next)
{
if (!ifprint(d))
exit_status = 2;
}
if ( (s = pcap_lookupdev(errbuf)) == NULL)
{
fprintf(stderr,"Error in pcap_lookupdev: %s\n",errbuf);
exit_status = 2;
}
else
{
printf("Preferred device name: %s\n",s);
}
if (pcap_lookupnet(s, &net, &mask, errbuf) < 0)
{
fprintf(stderr,"Error in pcap_lookupnet: %s\n",errbuf);
exit_status = 2;
}
else
{
printf("Preferred device is on network: %s/%s\n",iptos(net), iptos(mask));
}
exit(exit_status);
}
static void ifprint(const pcap_if_t *dev)
{
pcap_addr_t *pcap_addr;
/* Name */
printf("%s", dev->name);
/* Description */
if (dev->description)
printf("\n descr: %s", dev->description);
/* IP addresses */
char addr_buf[IP4_MAXSTR_ALEN + 1];
for(pcap_addr = dev->addresses; pcap_addr; pcap_addr = pcap_addr->next)
{
if(!pcap_addr->addr)
continue;
switch(pcap_addr->addr->sa_family)
{
case AF_INET:
if (pcap_addr->addr)
printf("\n IPv4 addresss: %s",
iptos(((struct sockaddr_in *)pcap_addr->addr)->sin_addr.s_addr, addr_buf));
if (pcap_addr->netmask)
printf("/%d ", to_cidr(((struct sockaddr_in *)pcap_addr->netmask)->sin_addr.s_addr));
if (pcap_addr->broadaddr)
printf(" bcast: %s",
iptos(((struct sockaddr_in *)pcap_addr->broadaddr)->sin_addr.s_addr, addr_buf));
if (pcap_addr->dstaddr)
printf(" dst addr: %s",
iptos(((struct sockaddr_in *)pcap_addr->dstaddr)->sin_addr.s_addr, addr_buf));
break;
case AF_INET6:
/* fprintf(stderr, "Error: IPv6 address unsupported yet.\n"); */
break;
default:
/* fprintf(stderr, "Error: unknown address family.\n"); */
break;
}
}
printf("\n");
}
// Print all the available information on the given interface
void ifprint(int n, pcap_if_t *d)
{
pcap_addr_t *a;
// Name
printf("%d - %s\n", n+1, d->name);
// Description
if (d->description)
printf("\tDescription: %s\n", d->description);
// Loopback Address
printf("\tLoopback: %s\n", (d->flags & PCAP_IF_LOOPBACK)?"yes":"no");
// IP addresses
for (a=d->addresses; a; a=a->next) {
printf("\tAddress Family: #%d\n", a->addr->sa_family);
switch (a->addr->sa_family)
{
case AF_INET:
printf("\tAddress Family Name: AF_INET\n");
if (a->addr)
printf("\tAddress: %s\n", iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr));
if (a->netmask)
printf("\tNetmask: %s\n", iptos(((struct sockaddr_in *)a->netmask)->sin_addr.s_addr));
if (a->broadaddr)
printf("\tBroadcast Address: %s\n", iptos(((struct sockaddr_in *)a->broadaddr)->sin_addr.s_addr));
if (a->dstaddr)
printf("\tDestination Address: %s\n", iptos(((struct sockaddr_in *)a->dstaddr)->sin_addr.s_addr));
break;
default:
printf("\tAddress Family Name: Unknown\n");
break;
}
}
printf("\n");
}
void ethIfInitialize(Properties* properties)
{
UInt32 nameLen;
ethIf.ifCount = 1;
strcpy(ethIf.devList[0].description, langTextNone());
memcpy(ethIf.devList[0].macAddress, InvalidMac, 6);
if (!properties->ports.Eth.disabled) {
if (loadPacketLibrary()) {
pcapPacketGetAdapterNames(NULL, &nameLen);
if (nameLen > 0) {
char* nameStr = malloc(nameLen);
if (pcapPacketGetAdapterNames(nameStr, &nameLen)) {
char* devName;
for (devName = nameStr; *devName; devName += strlen(devName) + 1) {
if (!getMacAddress(devName, ethIf.devList[ethIf.ifCount].macAddress)) {
continue;
}
sprintf(ethIf.devList[ethIf.ifCount].description, "[%s] - %s",
mactos(ethIf.devList[ethIf.ifCount].macAddress), iptos(getIpAddress(devName)));
strcpy(ethIf.devList[ethIf.ifCount].devName, devName);
if (++ethIf.ifCount == 32) {
break;
}
}
}
free(nameStr);
}
}
}
ethIf.currIf = properties->ports.Eth.ethIndex;
if (ethIf.currIf < 0 || ethIf.currIf >= ethIf.ifCount) {
ethIf.currIf = 0;
}
parseMac(ethIf.defaultMac, properties->ports.Eth.macAddress);
}
void analyze_sniff_ip(const struct sniff_ip *ip)
{
char buffer[80];
ets_uart_printf("+..............................................................+\r\n");
ets_uart_printf("| IP |\r\n");
ets_uart_printf("+..............................................................+\r\n");
os_sprintf(buffer,"| Version : %5d Header Length : %5d |\r\n",ip->ip_v,ip->ip_hl);
ets_uart_printf(buffer);
os_sprintf(buffer,"| Type of Service : %5x Total Length : %5d |\r\n",ip->ip_tos,ntohs(ip->ip_len));
ets_uart_printf(buffer);
if(ntohs(ip->ip_tos)>0) {
// Type of Service
}
os_sprintf(buffer,"| Identification : %5d Flags : %5x |\r\n",ntohs(ip->ip_id),ntohs(ip->ip_off));
ets_uart_printf(buffer);
os_sprintf(buffer,"| Protocol %5x : %s TTL : %5d |\r\n",ip->ip_p,analyze_ip_proto(ip->ip_p),ip->ip_ttl);
ets_uart_printf(buffer);
os_sprintf(buffer,"| From : %15s To : %15s |\r\n",iptos(ip->ip_src.s_addr),iptos(ip->ip_dst.s_addr));
ets_uart_printf(buffer);
}
int main(int argc, char** argv)
{
int ret;
int inum;
int port;
int i = 0;
char err[PCAP_ERRBUF_SIZE];
char filter[32];
char loopback = 0;
char *server = NULL;
struct bpf_program fp;
pcap_if_t *d;
pcap_addr_t *a;
signal(SIGINT, sig_handler);
#ifndef _WIN32
ssl_InitSniffer();
#endif
ssl_Trace("./tracefile.txt", err);
if (pcap_findalldevs(&alldevs, err) == -1)
err_sys("Error in pcap_findalldevs");
for (d = alldevs; d; d=d->next) {
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
err_sys("No interfaces found! Make sure pcap or WinPcap is installed");
printf("Enter the interface number (1-%d): ", i);
scanf("%d", &inum);
if (inum < 1 || inum > i)
err_sys("Interface number out of range");
/* Jump to the selected adapter */
for (d = alldevs, i = 0; i < inum - 1; d = d->next, i++);
pcap = pcap_create(d->name, err);
if (pcap == NULL) printf("pcap_create failed %s\n", err);
if (d->flags & PCAP_IF_LOOPBACK)
loopback = 1;
/* get an IPv4 address */
for (a = d->addresses; a; a = a->next) {
switch(a->addr->sa_family)
{
case AF_INET:
server =iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr);
printf("server = %s\n", server);
break;
}
}
if (server == NULL)
err_sys("Unable to get device IPv4 address");
ret = pcap_set_snaplen(pcap, 65536);
if (ret != 0) printf("pcap_set_snaplen failed %s\n", pcap_geterr(pcap));
ret = pcap_set_timeout(pcap, 1000);
if (ret != 0) printf("pcap_set_timeout failed %s\n", pcap_geterr(pcap));
ret = pcap_set_buffer_size(pcap, 1000000);
if (ret != 0)
printf("pcap_set_buffer_size failed %s\n", pcap_geterr(pcap));
ret = pcap_set_promisc(pcap, 1);
if (ret != 0) printf("pcap_set_promisc failed %s\n", pcap_geterr(pcap));
ret = pcap_activate(pcap);
if (ret != 0) printf("pcap_activate failed %s\n", pcap_geterr(pcap));
printf("Enter the port to scan: ");
scanf("%d", &port);
SNPRINTF(filter, sizeof(filter), "tcp and port %d", port);
ret = pcap_compile(pcap, &fp, filter, 0, 0);
if (ret != 0) printf("pcap_compile failed %s\n", pcap_geterr(pcap));
ret = pcap_setfilter(pcap, &fp);
if (ret != 0) printf("pcap_setfilter failed %s\n", pcap_geterr(pcap));
ret = ssl_SetPrivateKey(server, port, "../../certs/server-key.pem",
FILETYPE_PEM, NULL, err);
if (ret != 0)
err_sys(err);
while (1) {
struct pcap_pkthdr header;
const unsigned char* packet = pcap_next(pcap, &header);
if (packet) {
byte data[65535];
if (header.caplen > 40) { /* min ip(20) + min tcp(20) */
int frame = ETHER_IF_FRAME_LEN;
if (loopback)
frame = LOCAL_IF_FRAME_LEN;
packet += frame;
header.caplen -= frame;
}
else
continue;
ret = ssl_DecodePacket(packet, header.caplen, data, err);
if (ret < 0)
printf("ssl_Decode ret = %d\n", ret);
if (ret > 0) {
data[ret] = 0;
printf("SSL App Data:%s\n", data);
}
}
}
return 0;
}
void getinterfaces(void)
{
struct interface_entry *p;
struct ifconf ifc;
struct ifreq *ifrp, ifr;
int numreqs, i, s;
u_long addr;
int salen;
char *x;
debug("entering getinterfaces()\n");
if (o_nogetinterfaces)
{
debug("Not fetching the interface list\n");
return;
}
if (interfaces)
fatal("Double call to getinterfaces()\n");
ifc.ifc_buf = NULL;
p = NULL;
numreqs = 32;
if ((s = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
fatal("socket error");
debug("ifreq buffer set to %d\n", numreqs);
for (;;)
{
ifc.ifc_len = sizeof(struct ifreq) * numreqs;
ifc.ifc_buf = xrealloc(ifc.ifc_buf, ifc.ifc_len);
if (ioctl(s, SIOCGIFCONF, &ifc) < 0)
pfatal("ioctl");
/* This "+ sizeof(struct ifreq) + 64" crap seems to be an (Open?)BSDism. */
if ( (ifc.ifc_len + sizeof(struct ifreq) + 64) >= (sizeof(struct ifreq) * numreqs) )
{
/* Assume it overflowed and try again */
numreqs += 32;
if (numreqs > 20000)
break; /* Too big! */
debug("ifreq buffer grown to %d\n", numreqs);
continue;
}
break;
}
debug("Successfully retrieved interface list\n");
#ifdef HAVE_SOCKADDR_SA_LEN
debug("Using HAVE_SOCKADDR_SA_LEN method for finding addresses.\n");
#endif
for (x = ifc.ifc_buf; x < (ifc.ifc_buf + ifc.ifc_len); x += salen)
{
ifrp = (struct ifreq *)x;
memset(&ifr, 0, sizeof(struct ifreq));
strcpy(ifr.ifr_name, ifrp->ifr_name);
#ifdef HAVE_SOCKADDR_SA_LEN
salen = sizeof(ifrp->ifr_name) + ifrp->ifr_addr.sa_len;
if (salen < sizeof(*ifrp))
salen = sizeof(*ifrp);
addr = ((struct sockaddr_in *)&ifrp->ifr_addr)->sin_addr.s_addr;
if (ioctl(s, SIOCGIFFLAGS, &ifr) < 0)
pfatal("ioctl(SIOCGIFFLAGS)");
#else /* HAVE_SOCKADDR_SA_LEN */
salen = sizeof(*ifrp);
if (ioctl(s, SIOCGIFADDR, &ifr) < 0)
{
debug("ioctl(SIOCGIFADDR) on unconfigured interface %s failed; skipping\n",
sprintable(ifr.ifr_name));
continue;
}
addr = ((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr;
#endif /* HAVE_SOCKADDR_SA_LEN else */
#ifdef AF_INET6
if (ifrp->ifr_addr.sa_family == AF_INET6)
{
debug("Ignoring AF_INET6 address on interface %s\n",
sprintable(ifr.ifr_name));
continue;
}
#endif
if (ifrp->ifr_addr.sa_family != AF_INET &&
ifrp->ifr_addr.sa_family != AF_LINK)
{
debug("Ignoring non-AF_INET address on interface %s\n",
sprintable(ifr.ifr_name));
continue;
}
if (ioctl(s, SIOCGIFFLAGS, &ifr) < 0)
pfatal("ioctl(SIOCGIFFLAGS)");
if ((ifr.ifr_flags & IFF_UP) == 0)
{
debug("Ignoring down interface %s\n",
sprintable(ifr.ifr_name));
continue;
}
/* Deal with virtual hosts */
for (i = 0; ifr.ifr_name[i]; i++)
if (ifr.ifr_name[i] == ':')
ifr.ifr_name[i] = '\0';
/* Grow another node on the linked list... */
if (!p)
p = interfaces = xrealloc(NULL, sizeof(struct interface_entry));
else
p = p->next = xrealloc(NULL, sizeof(struct interface_entry));
p->next = NULL;
/* ... and fill it in */
p->addr = addr;
p->name = xrealloc(NULL, strlen(ifr.ifr_name) + 1);
strcpy(p->name, ifr.ifr_name);
debug("Discovered interface %s with address %s\n",
sprintable(p->name), iptos(p->addr));
}
free(ifc.ifc_buf);
debug("leaving getinterfaces()\n");
}
int main(int argc, char** argv)
{
int ret = 0;
int hadBadPacket = 0;
int inum;
int port;
int saveFile = 0;
int i = 0;
int frame = ETHER_IF_FRAME_LEN;
char err[PCAP_ERRBUF_SIZE];
char filter[32];
const char *server = NULL;
struct bpf_program fp;
pcap_if_t *d;
pcap_addr_t *a;
signal(SIGINT, sig_handler);
#ifndef _WIN32
ssl_InitSniffer(); /* dll load on Windows */
#endif
ssl_Trace("./tracefile.txt", err);
if (argc == 1) {
/* normal case, user chooses device and port */
if (pcap_findalldevs(&alldevs, err) == -1)
err_sys("Error in pcap_findalldevs");
for (d = alldevs; d; d=d->next) {
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
err_sys("No interfaces found! Make sure pcap or WinPcap is"
" installed correctly and you have sufficient permissions");
printf("Enter the interface number (1-%d): ", i);
ret = scanf("%d", &inum);
if (ret != 1)
printf("scanf port failed\n");
if (inum < 1 || inum > i)
err_sys("Interface number out of range");
/* Jump to the selected adapter */
for (d = alldevs, i = 0; i < inum - 1; d = d->next, i++);
pcap = pcap_create(d->name, err);
if (pcap == NULL) printf("pcap_create failed %s\n", err);
/* get an IPv4 address */
for (a = d->addresses; a; a = a->next) {
switch(a->addr->sa_family)
{
case AF_INET:
server =
iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr);
printf("server = %s\n", server);
break;
default:
break;
}
}
if (server == NULL)
err_sys("Unable to get device IPv4 address");
ret = pcap_set_snaplen(pcap, 65536);
if (ret != 0) printf("pcap_set_snaplen failed %s\n", pcap_geterr(pcap));
ret = pcap_set_timeout(pcap, 1000);
if (ret != 0) printf("pcap_set_timeout failed %s\n", pcap_geterr(pcap));
ret = pcap_set_buffer_size(pcap, 1000000);
if (ret != 0)
printf("pcap_set_buffer_size failed %s\n", pcap_geterr(pcap));
ret = pcap_set_promisc(pcap, 1);
if (ret != 0) printf("pcap_set_promisc failed %s\n", pcap_geterr(pcap));
ret = pcap_activate(pcap);
if (ret != 0) printf("pcap_activate failed %s\n", pcap_geterr(pcap));
printf("Enter the port to scan: ");
ret = scanf("%d", &port);
if (ret != 1)
printf("scanf port failed\n");
SNPRINTF(filter, sizeof(filter), "tcp and port %d", port);
ret = pcap_compile(pcap, &fp, filter, 0, 0);
if (ret != 0) printf("pcap_compile failed %s\n", pcap_geterr(pcap));
ret = pcap_setfilter(pcap, &fp);
if (ret != 0) printf("pcap_setfilter failed %s\n", pcap_geterr(pcap));
ret = ssl_SetPrivateKey(server, port, "../../certs/server-key.pem",
FILETYPE_PEM, NULL, err);
if (ret != 0) {
printf("Please run directly from sslSniffer/sslSnifferTest dir\n");
}
#ifdef HAVE_SNI
{
char altName[128];
printf("Enter alternate SNI: ");
ret = scanf("%s", altName);
if (strnlen(altName, 128) > 0) {
ret = ssl_SetNamedPrivateKey(altName,
server, port, "../../certs/server-key.pem",
FILETYPE_PEM, NULL, err);
if (ret != 0) {
printf("Please run directly from "
"sslSniffer/sslSnifferTest dir\n");
}
}
}
#endif
}
else if (argc >= 3) {
saveFile = 1;
pcap = pcap_open_offline(argv[1], err);
if (pcap == NULL) {
printf("pcap_open_offline failed %s\n", err);
ret = -1;
}
else {
const char* passwd = NULL;
/* defaults for server and port */
port = 443;
server = "127.0.0.1";
if (argc >= 4)
server = argv[3];
if (argc >= 5)
port = atoi(argv[4]);
if (argc >= 6)
passwd = argv[5];
ret = ssl_SetPrivateKey(server, port, argv[2],
FILETYPE_PEM, passwd, err);
}
}
else {
/* usage error */
printf( "usage: ./snifftest or ./snifftest dump pemKey"
" [server] [port] [password]\n");
exit(EXIT_FAILURE);
}
if (ret != 0)
err_sys(err);
if (pcap_datalink(pcap) == DLT_NULL)
frame = NULL_IF_FRAME_LEN;
while (1) {
static int packetNumber = 0;
struct pcap_pkthdr header;
const unsigned char* packet = pcap_next(pcap, &header);
packetNumber++;
if (packet) {
byte data[65535+16384]; /* may have a partial 16k record cached */
if (header.caplen > 40) { /* min ip(20) + min tcp(20) */
packet += frame;
header.caplen -= frame;
}
else
continue;
ret = ssl_DecodePacket(packet, header.caplen, data, err);
if (ret < 0) {
printf("ssl_Decode ret = %d, %s\n", ret, err);
hadBadPacket = 1;
}
if (ret > 0) {
data[ret] = 0;
printf("SSL App Data(%d:%d):%s\n", packetNumber, ret, data);
}
}
else if (saveFile)
break; /* we're done reading file */
}
FreeAll();
return hadBadPacket ? EXIT_FAILURE : EXIT_SUCCESS;
}
int
libnet_ifaddrlist(register struct libnet_ifaddr_list **ipaddrp, int8_t *dev,
register int8_t *errbuf)
{
register struct libnet_ifaddr_list *al;
struct ifreq *ifr, *lifr, *pifr, nifr;
int8_t device[sizeof(nifr.ifr_name)];
static struct libnet_ifaddr_list ifaddrlist[MAX_IPADDR];
char *p;
struct ifconf ifc;
struct ifreq ibuf[MAX_IPADDR];
register int fd, nipaddr;
#ifdef HAVE_LINUX_PROCFS
FILE *fp;
char buf[2048];
#endif
fd = socket(AF_INET, SOCK_DGRAM, 0);
if (fd < 0)
{
snprintf(errbuf, LIBNET_ERRBUF_SIZE, "%s(): socket error: %s\n",
__func__, strerror(errno));
return (-1);
}
#ifdef HAVE_LINUX_PROCFS
if ((fp = fopen(PROC_DEV_FILE, "r")) == NULL)
{
snprintf(errbuf, LIBNET_ERRBUF_SIZE,
"%s(): fopen(proc_dev_file) failed: %s\n", __func__,
strerror(errno));
return (-1);
}
#endif
memset(&ifc, 0, sizeof(ifc));
ifc.ifc_len = sizeof(ibuf);
ifc.ifc_buf = (caddr_t)ibuf;
if(ioctl(fd, SIOCGIFCONF, &ifc) < 0)
{
snprintf(errbuf, LIBNET_ERRBUF_SIZE,
"%s(): ioctl(SIOCGIFCONF) error: %s\n",
__func__, strerror(errno));
return(-1);
}
pifr = NULL;
lifr = (struct ifreq *)&ifc.ifc_buf[ifc.ifc_len];
al = ifaddrlist;
nipaddr = 0;
#ifdef HAVE_LINUX_PROCFS
while (fgets(buf, sizeof(buf), fp))
{
if ((p = strchr(buf, ':')) == NULL)
{
continue;
}
*p = '\0';
for(p = buf; *p == ' '; p++) ;
strncpy(nifr.ifr_name, p, sizeof(nifr.ifr_name) - 1);
nifr.ifr_name[sizeof(nifr.ifr_name) - 1] = '\0';
#else /* !HAVE_LINUX_PROCFS */
for (ifr = ifc.ifc_req; ifr < lifr; ifr = NEXTIFR(ifr))
{
/* XXX LINUX SOLARIS ifalias */
if((p = strchr(ifr->ifr_name, ':')))
{
*p='\0';
}
if (pifr && strcmp(ifr->ifr_name, pifr->ifr_name) == 0)
{
continue;
}
strncpy(nifr.ifr_name, ifr->ifr_name, sizeof(nifr.ifr_name) - 1);
nifr.ifr_name[sizeof(nifr.ifr_name) - 1] = '\0';
#endif
/* save device name */
strncpy(device, nifr.ifr_name, sizeof(device) - 1);
device[sizeof(device) - 1] = '\0';
if (ioctl(fd, SIOCGIFFLAGS, &nifr) < 0)
{
pifr = ifr;
continue;
}
if ((nifr.ifr_flags & IFF_UP) == 0)
{
pifr = ifr;
continue;
}
if (dev == NULL && LIBNET_ISLOOPBACK(&nifr))
{
pifr = ifr;
continue;
}
strncpy(nifr.ifr_name, device, sizeof(device) - 1);
nifr.ifr_name[sizeof(nifr.ifr_name) - 1] = '\0';
if (ioctl(fd, SIOCGIFADDR, (int8_t *)&nifr) < 0)
{
if (errno != EADDRNOTAVAIL)
{
snprintf(errbuf, LIBNET_ERRBUF_SIZE,
"%s(): SIOCGIFADDR: dev=%s: %s\n", __func__, device,
strerror(errno));
close(fd);
return (-1);
}
else /* device has no IP address => set to 0 */
{
al->addr = 0;
}
}
else
{
al->addr = ((struct sockaddr_in *)&nifr.ifr_addr)->sin_addr.s_addr;
}
if ((al->device = strdup(device)) == NULL)
{
snprintf(errbuf, LIBNET_ERRBUF_SIZE,
"%s(): strdup not enough memory\n", __func__);
return(-1);
}
++al;
++nipaddr;
#ifndef HAVE_LINUX_PROCFS
pifr = ifr;
#endif
} /* while|for */
#ifdef HAVE_LINUX_PROCFS
if (ferror(fp))
{
snprintf(errbuf, LIBNET_ERRBUF_SIZE,
"%s(): ferror: %s\n", __func__, strerror(errno));
return (-1);
}
fclose(fp);
#endif
*ipaddrp = ifaddrlist;
return (nipaddr);
}
#else
/* From tcptraceroute, convert a numeric IP address to a string */
#define IPTOSBUFFERS 12
static int8_t *iptos(u_int32_t in)
{
static int8_t output[IPTOSBUFFERS][ 3 * 4 + 3 + 1];
static int16_t which;
u_int8_t *p;
p = (u_int8_t *)∈
which = (which + 1 == IPTOSBUFFERS ? 0 : which + 1);
snprintf(output[which], IPTOSBUFFERS, "%d.%d.%d.%d",
p[0], p[1], p[2], p[3]);
return output[which];
}
int
libnet_ifaddrlist(register struct libnet_ifaddr_list **ipaddrp, int8_t *dev,
register int8_t *errbuf)
{
int nipaddr = 0; int i = 0;
static struct libnet_ifaddr_list ifaddrlist[MAX_IPADDR];
pcap_if_t *alldevs;
pcap_if_t *d;
int8_t err[PCAP_ERRBUF_SIZE];
/* Retrieve the interfaces list */
if (pcap_findalldevs(&alldevs, err) == -1)
{
snprintf(errbuf, LIBNET_ERRBUF_SIZE,
"%s(): error in pcap_findalldevs: %s\n", __func__, err);
return (-1);
}
/* Scan the list printing every entry */
for (d = alldevs; d; d = d->next)
{
if((!d->addresses) || (d->addresses->addr->sa_family != AF_INET))
continue;
if(d->flags & PCAP_IF_LOOPBACK)
continue;
/* XXX - strdup */
ifaddrlist[i].device = strdup(d->name);
ifaddrlist[i].addr = (u_int32_t)
strdup(iptos(((struct sockaddr_in *)
d->addresses->addr)->sin_addr.s_addr));
++i;
++nipaddr;
}
*ipaddrp = ifaddrlist;
return (nipaddr);
}
char* nr_parse_ip(pcap_addr_t* t) {
return iptos(((struct sockaddr_in *)t->addr)->sin_addr.s_addr);
}
int dhcp_cache_update(const dhcp_parsed_message_t * request, const dhcp_full_packet_t * response,
uint16_t dhcp_data_len)
{
char str_ether[STR_ETHER_ALEN + 1];
char str_ipaddr[2][IP4_MAXSTR_ALEN + 1];
etheraddr_bin_to_str(request->raw_dhcp_msg->cli_hwaddr, str_ether);
iptos(response->dhcp_data.you_iaddr.s_addr, str_ipaddr[0]);
dhcp_cache_node_t s_data;
s_data.if_ipaddr = request->dhcp_dev->ipaddr;
s_data.gw_ipaddr = request->raw_dhcp_msg->gw_iaddr.s_addr;
s_data.cli_ethaddr = (typeof(s_data.cli_ethaddr))request->raw_dhcp_msg->cli_hwaddr;
s_data.header_ethaddr = (typeof(s_data.header_ethaddr))request->from_ether;
rb_red_blk_node *f_node;
cache_wrlock();
time_t now = time(NULL);
dhcp_cache_node_t * cached_node = NULL;
if ( ( f_node = RBExactQuery(cache, &s_data) ) )
{
cached_node = f_node->info;
log_wr(DLOG, "Update cached data for client %s/%s.", str_ether, str_ipaddr[0]);
cached_node->timestamp = now;
memcpy(&cached_node->cached_response, response, sizeof(*response));
}
else
{ /* Node not found in cache. Add. */
cached_node = calloc(1, sizeof(dhcp_cache_node_t));
if(!cached_node)
{
log_wr(CLOG, "Can't allocate memory for new DHCP cache node: '%s'", strerror(errno));
exit(error_memory);
}
memcpy(&cached_node->cached_response, response, sizeof(cached_node->cached_response));
cached_node->if_ipaddr = request->dhcp_dev->ipaddr;
cached_node->gw_ipaddr = request->raw_dhcp_msg->gw_iaddr.s_addr;
cached_node->cli_ethaddr = cached_node->cached_response.dhcp_data.cli_hwaddr;
cached_node->header_ethaddr = cached_node->cached_response.eth_head.ether_dhost;
cached_node->timestamp = now;
f_node = RBTreeInsert(cache, cached_node, cached_node);
log_wr(DLOG, "Added response for client %s/%s%s%s%s to DHCP cache.", str_ether, str_ipaddr[0],
cached_node->gw_ipaddr ? " (relay: " : "",
cached_node->gw_ipaddr ? iptos(cached_node->gw_ipaddr, str_ipaddr[1]) : "",
cached_node->gw_ipaddr ? ")" : "");
}
/* Set DHCPACK message type for cached response */
uint16_t type_len;
uint8_t * cached_response_type = get_dhcp_option_ptr(&cached_node->cached_response.dhcp_data,
cached_node->cached_response.udp_header.len, DHCP_OPT_MESSAGE_TYPE, &type_len);
if(!cached_response_type)
{
log_wr(CLOG, "Invalid DHCP message cached (%s/%s): DHCP message type option not found.",
str_ether, str_ipaddr);
RBDelete(cache, f_node);
free(cached_node);
cache_unlock();
return 0;
}
cached_node->dhcp_data_len = dhcp_data_len;
*cached_response_type = DHCPACK;
cache_unlock();
return 1;
}
//获得自己的IP与掩码
void Device::GetInfo(pcap_if_t *d)
{
pcap_addr_t *a;
for (a = d->addresses; a; a = a->next)
{
if (a->addr->sa_family == AF_INET)//internetwork: UDP, TCP, etc. 即取IP包
{
if (a->addr)
{
char *ipstr;
ipstr = iptos(((sockaddr_in *)a->addr)->sin_addr.s_addr);
memcpy(ip, ipstr, 16);
}
if (a->netmask)
{
char *netmaskstr;
netmaskstr = iptos(((sockaddr_in *)a->netmask)->sin_addr.s_addr);
memcpy(netmask, netmaskstr, 16);
}
}
}
/*=================================WindowsAPI部分================================*/
//PIP_ADAPTER_INFO结构体指针存储本机网卡信息
PIP_ADAPTER_INFO pIpAdapterInfo = new IP_ADAPTER_INFO();
//得到结构体大小,用于GetAdaptersInfo参数
DWORD stSize = sizeof(IP_ADAPTER_INFO);
//调用GetAdaptersInfo函数,填充pIpAdapterInfo指针变量;其中stSize参数既是一个输入量也是一个输出量
int nRel = GetAdaptersInfo(pIpAdapterInfo, &stSize);
if (ERROR_BUFFER_OVERFLOW == nRel)
{
//如果函数返回的是ERROR_BUFFER_OVERFLOW
//则说明GetAdaptersInfo参数传递的内存空间不够,同时其传出stSize,表示需要的空间大小
//这也是说明为什么stSize既是一个输入量也是一个输出量
//释放原来的内存空间
delete pIpAdapterInfo;
//重新申请内存空间用来存储所有网卡信息
pIpAdapterInfo = (PIP_ADAPTER_INFO)new BYTE[stSize];
//再次调用GetAdaptersInfo函数,填充pIpAdapterInfo指针变量
nRel = GetAdaptersInfo(pIpAdapterInfo, &stSize);
}
if (ERROR_SUCCESS == nRel)
{
while (pIpAdapterInfo)
{
IP_ADDR_STRING *pIpAddrString = &(pIpAdapterInfo->IpAddressList);
do{
if (strcmp(ip, pIpAddrString->IpAddress.String) == 0)//WinPcap取到的本机IP和WindowsAPI取到的本机IP相同:同一张网卡
{
//获取网关IP
gateway_ip = pIpAdapterInfo->GatewayList.IpAddress.String;
//获取自己的MAC地址
sprintf_s(macStr, 18,"%02X-%02X-%02X-%02X-%02X-%02X",
pIpAdapterInfo->Address[0],
pIpAdapterInfo->Address[1],
pIpAdapterInfo->Address[2],
pIpAdapterInfo->Address[3],
pIpAdapterInfo->Address[4],
pIpAdapterInfo->Address[5]);
for (int i = 0; i < 6; i++)mac[i] = pIpAdapterInfo->Address[i];
goto endWindowsAPI;//乖,不和你玩了哦!
}
pIpAddrString = pIpAddrString->Next;
} while (pIpAddrString);
pIpAdapterInfo = pIpAdapterInfo->Next;
}
}
endWindowsAPI:
;//大家一起和WindowsAPI说拜拜~
}