/* This function blatantly ripped from
http://www.winpcap.org/docs/docs31/html/group__wpcap__tut1.html */
void list_devices (void)
{
pcap_if_t *alldevs;
pcap_if_t *d;
int i=0;
char errbuf[PCAP_ERRBUF_SIZE];
/* Retrieve the device list from the local machine */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL /* auth is not needed */, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs_ex: %s\n", errbuf);
exit(1);
}
/* Print the list */
for(d= alldevs; d != NULL; d= d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return;
}
/* We don't need any more the device list. Free it */
pcap_freealldevs(alldevs);
}
void CommsThread::findNetworkInterfaces() {
pcap_if_t *list_if;
int interfaceCount = 0;
#ifdef _WIN32
if (pcap_findalldevs_ex((char *) PCAP_SRC_IF_STRING, NULL /* auth is not needed */, &list_if, CommsThread::errbuf) == -1) {
fprintf(stderr, "Error in pcap_findalldevs_ex: %s\n", CommsThread::errbuf);
exit(1);
}
#else
if (pcap_findalldevs(&list_if, CommsThread::errbuf) == -1) {
fprintf(stderr, "Error in pcap_findalldevs: %s\n", CommsThread::errbuf);
exit(1);
}
#endif
while (list_if != NULL) {
#ifdef _WIN32
emit addInterface(interfaceCount, QString(list_if->description));
#else
emit addInterface(interfaceCount, QString(list_if->name));
#endif
list_if = list_if->next;
interfaceCount++;
}
}
int main()
{
pcap_if_t *alldevs;
pcap_if_t *d;
char errbuf[PCAP_ERRBUF_SIZE+1];
char source[PCAP_ERRBUF_SIZE+1];
printf("Enter the device you want to list:\n"
"rpcap:// ==> lists interfaces in the local machine\n"
"rpcap://hostname:port ==> lists interfaces in a remote machine\n"
" (rpcapd daemon must be up and running\n"
" and it must accept 'null' authentication)\n"
"file://foldername ==> lists all pcap files in the give folder\n\n"
"Enter your choice: ");
fgets(source, PCAP_ERRBUF_SIZE, stdin);
source[PCAP_ERRBUF_SIZE] = '\0';
/* 获得接口列表 */
if (pcap_findalldevs_ex(source, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n",errbuf);
exit(1);
}
/* 扫描列表并打印每一项 */
for(d=alldevs;d;d=d->next)
{
ifprint(d);
}
pcap_freealldevs(alldevs);
return 1;
}
pcap_t *nr_open_current_device_adapter(int snaplen, pcap_addr_t ** sockaddr) {
pcap_if_t *devices;
pcap_if_t *device;
char errbuf[PCAP_ERRBUF_SIZE];
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &devices, errbuf) == -1) {
fprintf(stderr, "Error in pcap_findalldevs_ex: %s\n", errbuf);
return 0;
}
// Return first interface with an address
for (device = devices; device; device = device->next) {
if (device->description) {
pcap_addr_t *addr;
for (addr = device->addresses; addr; addr = addr->next) {
if (addr->addr->sa_family == AF_INET) { // IPv4 addr
if (addr->addr) {
(*sockaddr) = nr_get_device_ip_interface(device);
pcap_t *handle;
handle = pcap_open(device->name, snaplen, PCAP_OPENFLAG_PROMISCUOUS, 1000, NULL, errbuf);
return handle;
}
}
}
}
}
return 0;
}
void recv_inl::show_all_devices()
{
pcap_if_t *alldev, *d;
int idevs = 0;
char errbuf[PCAP_ERRBUF_SIZE];
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldev, errbuf) == -1){
std::cerr << "Findalldevs:" << errbuf;
return;
}
for (d = alldev; d; d = d->next){
if (d->description && d->name){
std::cout << ++idevs << "." << d->description << std::endl;
std::cout << " " << d->name << std::endl;
}
else
std::cout << ++idevs << ". No description available. " << std::endl;
}
if (idevs == 0){
std::cerr << "No interfaces found ! Make sure WinPcap is installed.";
}
}
/* Display Ethernet interfaces of the system */
int gen_eth_show_dev_list(void)
{
char pcap_errbuf[PCAP_ERRBUF_SIZE];
pcap_if_t *dev_list,*dev;
int res;
printf("Network device list:\n\n");
#ifndef CYGWIN
res = pcap_findalldevs(&dev_list,pcap_errbuf);
#else
res = pcap_findalldevs_ex(PCAP_SRC_IF_STRING,NULL,&dev_list,pcap_errbuf);
#endif
if (res < 0) {
fprintf(stderr,"PCAP: unable to find device list (%s)\n",pcap_errbuf);
return(-1);
}
for(dev=dev_list;dev;dev=dev->next) {
printf(" %s : %s\n",
dev->name,
dev->description ? dev->description : "no info provided");
}
printf("\n");
pcap_freealldevs(dev_list);
return(0);
}
static pcap_if_t * prvPrintAvailableNetworkInterfaces( void )
{
pcap_if_t * pxAllNetworkInterfaces = NULL, *xInterface;
long lInterfaceNumber = 1;
if( pcap_findalldevs_ex( PCAP_SRC_IF_STRING, NULL, &pxAllNetworkInterfaces, cErrorBuffer ) == -1 )
{
printf( "\r\nCould not obtain a list of network interfaces\r\n%s\r\n", cErrorBuffer );
pxAllNetworkInterfaces = NULL;
}
if( pxAllNetworkInterfaces != NULL )
{
/* Print out the list of network interfaces. The first in the list
is interface '1', not interface '0'. */
for( xInterface = pxAllNetworkInterfaces; xInterface != NULL; xInterface = xInterface->next )
{
printf( "%d. %s", lInterfaceNumber, xInterface->name );
if( xInterface->description != NULL )
{
printf( " (%s)\r\n", xInterface->description );
}
else
{
printf( " (No description available)\r\n") ;
}
lInterfaceNumber++;
}
}
if( lInterfaceNumber == 1 )
{
/* The interface number was never incremented, so the above for() loop
did not execute meaning no interfaces were found. */
printf( " \r\nNo network interfaces were found.\r\n" );
pxAllNetworkInterfaces = NULL;
}
printf( "\r\nThe interface that will be opened is set by configNETWORK_INTERFACE_TO_USE which should be defined in FreeRTOSConfig.h\r\n" );
printf( "Attempting to open interface number %d.\r\n", configNETWORK_INTERFACE_TO_USE );
if( ( configNETWORK_INTERFACE_TO_USE < 1L ) || ( configNETWORK_INTERFACE_TO_USE > lInterfaceNumber ) )
{
printf("\r\nconfigNETWORK_INTERFACE_TO_USE is not in the valid range.\r\n" );
if( pxAllNetworkInterfaces != NULL )
{
/* Free the device list, as no devices are going to be opened. */
pcap_freealldevs( pxAllNetworkInterfaces );
pxAllNetworkInterfaces = NULL;
}
}
return pxAllNetworkInterfaces;
}
static pcap_if_t * prvPrintAvailableNetworkInterfaces( void )
{
pcap_if_t * pxAllNetworkInterfaces = NULL, *xInterface;
int32_t lInterfaceNumber = 1;
char cBuffer[ 512 ];
if( pcap_findalldevs_ex( PCAP_SRC_IF_STRING, NULL, &pxAllNetworkInterfaces, cErrorBuffer ) == -1 )
{
printf( "Could not obtain a list of network interfaces\n%s\n", cErrorBuffer );
pxAllNetworkInterfaces = NULL;
}
if( pxAllNetworkInterfaces != NULL )
{
/* Print out the list of network interfaces. The first in the list
is interface '1', not interface '0'. */
for( xInterface = pxAllNetworkInterfaces; xInterface != NULL; xInterface = xInterface->next )
{
/* The descriptions of the devices can be full of spaces, clean them
a little. printf() can only be used here because the network is not
up yet - so no other network tasks will be running. */
printf( "%d. %s\n", lInterfaceNumber, prvRemoveSpaces( cBuffer, sizeof( cBuffer ), xInterface->name ) );
printf( " (%s)\n", prvRemoveSpaces(cBuffer, sizeof( cBuffer ), xInterface->description ? xInterface->description : "No description" ) );
printf( "\n" );
lInterfaceNumber++;
}
}
if( lInterfaceNumber == 1 )
{
/* The interface number was never incremented, so the above for() loop
did not execute meaning no interfaces were found. */
printf( " \nNo network interfaces were found.\n" );
pxAllNetworkInterfaces = NULL;
}
printf( "The interface that will be opened is set by\n" );
printf( "\"configNETWORK_INTERFACE_TO_USE\" which should be defined in FreeRTOSConfig.h\n" );
printf( "Attempting to open interface number %d.\n", xConfigNextworkInterfaceToUse );
if( ( xConfigNextworkInterfaceToUse < 1L ) || ( xConfigNextworkInterfaceToUse > lInterfaceNumber ) )
{
printf( "configNETWORK_INTERFACE_TO_USE is not in the valid range.\n" );
if( pxAllNetworkInterfaces != NULL )
{
/* Free the device list, as no devices are going to be opened. */
pcap_freealldevs( pxAllNetworkInterfaces );
pxAllNetworkInterfaces = NULL;
}
}
return pxAllNetworkInterfaces;
}
/** Get the index of an adapter by its network address
*
* @param netaddr network address of the adapter (e.g. 192.168.1.0)
* @return index of the adapter or negative on error
*/
static int
get_adapter_index_from_addr(struct in_addr *netaddr, char *guid, size_t guid_len)
{
pcap_if_t *alldevs;
pcap_if_t *d;
char errbuf[PCAP_ERRBUF_SIZE+1];
int index = 0;
memset(guid, 0, guid_len);
/* Retrieve the interfaces list */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1) {
printf("Error in pcap_findalldevs: %s\n", errbuf);
return -1;
}
/* Scan the list printing every entry */
for (d = alldevs; d != NULL; d = d->next, index++) {
pcap_addr_t *a;
for(a = d->addresses; a != NULL; a = a->next) {
if (a->addr->sa_family == AF_INET) {
ULONG a_addr = ((struct sockaddr_in *)a->addr)->sin_addr.s_addr;
ULONG a_netmask = ((struct sockaddr_in *)a->netmask)->sin_addr.s_addr;
ULONG a_netaddr = a_addr & a_netmask;
ULONG addr = (*netaddr).s_addr;
if (a_netaddr == addr) {
int ret = -1;
char name[128];
char *start, *end;
size_t len = strlen(d->name);
if(len > 127) {
len = 127;
}
memcpy(name, d->name, len);
name[len] = 0;
start = strstr(name, "{");
if (start != NULL) {
end = strstr(start, "}");
if (end != NULL) {
size_t len = end - start + 1;
memcpy(guid, start, len);
ret = index;
}
}
pcap_freealldevs(alldevs);
return ret;
}
}
}
}
printf("Network address not found.\n");
pcap_freealldevs(alldevs);
return -1;
}
pcap_t *CommsThread::initWinpcap(int interfaceNumber) {
pcap_t *fpl;
pcap_if_t *alldevs;
pcap_if_t *used_if;
pcap_if_t *list_if;
int interfaceCount = 0;
#ifdef _WIN32
if (pcap_findalldevs_ex((char *) PCAP_SRC_IF_STRING, NULL /* auth is not needed */, &alldevs, CommsThread::errbuf) == -1) {
fprintf(stderr, "Error in pcap_findalldevs_ex: %s\n", CommsThread::errbuf);
exit(1);
}
#else
if (pcap_findalldevs(&alldevs, CommsThread::errbuf) == -1) {
fprintf(stderr, "Error in pcap_findalldevs: %s\n", CommsThread::errbuf);
exit(1);
}
#endif
// list all interfaces
list_if = alldevs;
used_if = list_if; // default to first interface
while (list_if != NULL) {
if (interfaceCount == interfaceNumber) {
used_if = list_if;
break;
}
list_if = list_if->next;
interfaceCount++;
}
//fprintf(stdout, "%s\n", /*interfaceName.toLocal8Bit().data()*/used_if->description);
//fflush(stdout);
if ((fpl = pcap_open_live(used_if->name, // name of the device
65536, // portion of the packet to capture. It doesn't matter in this case
1, // promiscuous mode (nonzero means promiscuous)
1, // read timeout
errbuf // error buffer
)) == NULL)
{
fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n", alldevs->name);
exit(2);
}
pcap_freealldevs(alldevs);
//pcap_setnonblock(fpl, 1, errbuf);
return fpl;
}
Device::Device()
{
//初始化变量
adhandle = NULL;
ip = new char[16];
netmask = new char[16];
mac = new char[6];
macStr = new char[18];
gateway_ip = new char[16];
errbuf = new char[PCAP_ERRBUF_SIZE];
gatewayMAC = new char[6];
gatewayMACStr = new char[18];
/* 获取本机设备列表*/
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)exit(1);
}
static char*
getInterfaceName(int interfaceIndex)
{
char errbuf[PCAP_ERRBUF_SIZE];
char* interfaceName = NULL;
pcap_if_t *devices;
pcap_if_t *device;
/* Get the ethernet device list */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &devices, errbuf) == -1)
{
printf("pcap_findalldevs_ex: %s\n", errbuf);
return NULL;
}
bool ifaceFound = false;
/* Search device list for requested interface) */
int i = 0;
for(device = devices; device != NULL; device= device->next)
{
if (i == interfaceIndex) {
interfaceName = (char*) malloc(strlen(device->name) + 1);
strcpy(interfaceName, device->name);
printf("Use interface (%s)\n", interfaceName);
ifaceFound = true;
break;
}
i++;
}
if (!ifaceFound)
{
printf("No ethernet interfaces found! Make sure WinPcap is installed.\n");
return NULL;
}
pcap_freealldevs(devices);
return interfaceName;
}
static pcap_t *select_interface_by_id(int id)
{
pcap_if_t *alldevs;
pcap_if_t *dev;
pcap_t *res = NULL;
char errbuf[PCAP_ERRBUF_SIZE + 1];
int i;
if(pcap_findalldevs_ex("rpcap://", NULL, &alldevs, errbuf) == -1) { /* TODO: "rpcap://" -> PCAP_SRC_IF_STRING */
fprintf(stderr,"Error in pcap_findalldevs_ex: %s\n", errbuf);
return NULL;
}
for(dev=alldevs, i=0; dev != NULL; dev=dev->next, i++ ) {
if(i == id) {
res = pcap_open(dev->name,
2048, /* TODO: ? */
1 | 16, /* TODO: 1 | 16 -> PCAP_OPENFLAG_PROMISCUOUS | PCAP_OPENFLAG_MAX_RESPONSIVENESS */
1000,
NULL,
errbuf);
if(!res) {
fprintf(stderr,"Unable to open the adapter.\n");
return NULL;
}
pcap_setmintocopy(res, 0);
break;
}
}
if(dev == 0) {
printf("No interfaces found!\n");
return NULL;
}
pcap_freealldevs(alldevs);
return res;
}
int main()
{
pcap_if_t *alldevs;
pcap_if_t *d;
char errbuf[PCAP_ERRBUF_SIZE+1];
char source[PCAP_ERRBUF_SIZE+1];
#ifdef WIN32
/* Load Npcap and its functions. */
if (!LoadNpcapDlls())
{
fprintf(stderr, "Couldn't load Npcap\n");
exit(1);
}
#endif
printf("Enter the device you want to list:\n"
"rpcap:// ==> lists interfaces in the local machine\n"
"rpcap://hostname:port ==> lists interfaces in a remote machine\n"
" (rpcapd daemon must be up and running\n"
" and it must accept 'null' authentication)\n"
"file://foldername ==> lists all pcap files in the give folder\n\n"
"Enter your choice: ");
fgets(source, PCAP_ERRBUF_SIZE, stdin);
source[PCAP_ERRBUF_SIZE] = '\0';
/* Retrieve the interfaces list */
if (pcap_findalldevs_ex(source, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n",errbuf);
exit(1);
}
/* Scan the list printing every entry */
for(d=alldevs;d;d=d->next)
{
ifprint(d);
}
pcap_freealldevs(alldevs);
return 1;
}
pcap_t *init_pcap() {
pcap_t *fpl;
pcap_if_t *alldevs;
pcap_if_t *used_if;
// retrieve the device list from the local machine
#ifdef _WIN32
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL /* auth is not needed */, &alldevs, errbuf) == -1) {
fprintf(stderr, "Error in pcap_findalldevs_ex: %s\n", errbuf);
exit(1);
}
#else
if (pcap_findalldevs(&alldevs, errbuf) == -1) {
fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
#endif
used_if = alldevs;
#ifdef _WIN32
fprintf(stdout, "network interface: %s\n", used_if->description);
#else
fprintf(stdout, "network interface: %s\n", used_if->name);
#endif
fflush(stdout);
if ((fpl = pcap_open_live(used_if->name, // name of the device
65536, // portion of the packet to capture. It doesn't matter in this case
1, // promiscuous mode (nonzero means promiscuous)
1, // read timeout
errbuf // error buffer
)) == NULL)
{
fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n", alldevs->name);
exit(2);
}
pcap_freealldevs(alldevs);
return fpl;
}
/**
@brief
Select the winpcap adapter to sniff and send packets over :D
@details
It does the selection by matching the source ip with each adapters ip
This function still needs improvement
*/
bool turbotrace::select_pcap_adapter()
{
pcap_if_t *alldevs , *d;
char errbuf[PCAP_ERRBUF_SIZE+1];
pcap_addr_t *a;
int selected = 0;
/* The user didn't provide a packet source: Retrieve the local device list */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
log( wxT("Error in pcap_findalldevs_ex: \n") + wxString(errbuf , wxConvUTF8) );
return false;
}
//Jump to required device/adapter
for (d = alldevs ; d ;d = d->next)
{
//First address
a = d->addresses;
//Compare the ip address of the adapter and system source ip
if( ((struct sockaddr_in *)a->addr)->sin_addr.s_addr = inet_addr(source_ip))
{
adapter_info = *d;
log("Selected device : " + wxString(d->name , wxConvUTF8));
selected = 1;
}
}
//free the list , this will crash the application
//pcap_freealldevs(alldevs);
if(selected)
{
return true;
}
log("No pcap device selected");
return false;
}
BOOL CSelectAdapter::OnInitDialog()
{
char ebuf[PCAP_ERRBUF_SIZE];
char devicelist[65000];
pcap_if_t *alldevs, *d;
char *devicelistptr;
CDialog::OnInitDialog();
/* Retrieve the device list on the local machine */
/* Don't check for errors */
pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, ebuf);
devicelistptr= devicelist;
devicelist[0]= 0;
for(d=alldevs; d; d=d->next)
{
strcat(devicelistptr, d->name);
devicelistptr+= strlen(d->name);
strcat(devicelistptr, "\r\n");
devicelistptr+= strlen("\r\n");
}
m_Cmd= devicelist;
pcap_freealldevs(alldevs);
LineCollection lc(&m_Cmd);
m_ListCtrl.InsertColumn(0,SA_ADS /*Adapters*/, LVCFMT_LEFT,200);
m_ctlImage.Create(IDB_CAP_WIZ,16,0,RGB(255,0,255));
m_ListCtrl.SetImageList(&m_ctlImage,LVSIL_SMALL);
Update(lc);
m_ListCtrl.SetFocus();
m_CAdapter.SetWindowText(m_Adapter);
return FALSE; // return TRUE unless you set the focus to a control
// EXCEPTION: OCX Property Pages should return FALSE
}
std::vector<CString> get_All_Devs()
{
std::vector<CString> v;
pcap_if_t *alldevs;
pcap_if_t *d;
//pcap_addr_t *a;
char errbuf[PCAP_ERRBUF_SIZE];
/* 获取本地机器设备列表 */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL /* auth is not needed */, &alldevs, errbuf) == -1)
{
//fprintf(stderr,"Error in pcap_findalldevs_ex: %s\n", errbuf);
exit(1);
}
int i=0;
for(d=alldevs;d;d=d->next)
{
strcpy(dev_name[i],d->name);
if(d->addresses!=NULL)
{
//netmask[i++] = ((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
//cout<</*((struct sockaddr_in *)(d->addresses->addr))->sin_addr.S_un.S_addr<<endl*/d->addresses->addr->sa_family<<endl;
}
else
netmask[i++] = 0xffffff;
//dev_name[i++] = d->name;
CString str;
str.Format(_T("%s"),d->description);
::MessageBox(NULL,(LPCWSTR)d->description,NULL,MB_OK);
v.push_back(str);
}
pcap_freealldevs(alldevs);
return v;
}
int main(int argc, char **argv)
{
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i=0;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
pcap_dumper_t *dumpfile;
/* Check command line */
if(argc != 2)
{
printf("usage: %s filename", argv[0]);
return -1;
}
/* Retrieve the device list on the local machine */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for(d=alldevs; d; d=d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):",i);
scanf_s("%d", &inum);
if(inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);
/* Open the device */
if ( (adhandle= pcap_open(d->name, // name of the device
65536, // portion of the packet to capture
// 65536 guarantees that the whole packet will be captured on all the link layers
PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
1000, // read timeout
NULL, // authentication on the remote machine
errbuf // error buffer
) ) == NULL)
{
fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", d->name);
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Open the dump file */
dumpfile = pcap_dump_open(adhandle, argv[1]);
if(dumpfile==NULL)
{
fprintf(stderr,"\nError opening output file\n");
return -1;
}
printf("\nlistening on %s... Press Ctrl+C to stop...\n", d->description);
/* At this point, we no longer need the device list. Free it */
pcap_freealldevs(alldevs);
/* start the capture */
pcap_loop(adhandle, 0, packet_handler, (unsigned char *)dumpfile);
return 0;
}
int receive802package(){
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i = 0;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
u_int netmask;
char packet_filter[] = "ether proto 0x888e";
struct bpf_program fcode;
/* 获得设备列表 */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* 打印列表 */
for (d = alldevs; d; d = d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):", i);
scanf("%d", &inum);
if (inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
/* 跳转到已选设备 */
for (d = alldevs, i = 0; i < inum - 1; d = d->next, i++);
/* 打开适配器 */
if ((adhandle = pcap_open(d->name, // 设备名
65536, // 要捕捉的数据包的部分
// 65535保证能捕获到不同数据链路层上的每个数据包的全部内容
PCAP_OPENFLAG_PROMISCUOUS, // 混杂模式
1000, // 读取超时时间
NULL, // 远程机器验证
errbuf // 错误缓冲池
)) == NULL)
{
fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n", d->name);
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
/* 检查数据链路层,为了简单,我们只考虑以太网 */
if (pcap_datalink(adhandle) != DLT_EN10MB)
{
fprintf(stderr, "\nThis program works only on Ethernet networks.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
if (d->addresses != NULL)
/* 获得接口第一个地址的掩码 */
netmask = ((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
else
/* 如果接口没有地址,那么我们假设一个C类的掩码 */
netmask = 0xffffff;
//编译过滤器
if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) < 0)
{
fprintf(stderr, "\nUnable to compile the packet filter. Check the syntax.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
//设置过滤器
if (pcap_setfilter(adhandle, &fcode) < 0)
{
fprintf(stderr, "\nError setting the filter.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
printf("\nlistening on %s...\n", d->description);
/* 释放设备列表 */
pcap_freealldevs(alldevs);
/* 开始捕捉 */
pcap_loop(adhandle, 0, packet_handler1, NULL);
return 0;
}
struct netdriverdata *uaenet_enumerate (struct netdriverdata **out, const TCHAR *name)
{
static int done;
char errbuf[PCAP_ERRBUF_SIZE];
pcap_if_t *alldevs, *d;
int cnt;
HMODULE hm;
LPADAPTER lpAdapter = 0;
PPACKET_OID_DATA OidData;
struct netdriverdata *tc, *tcp;
pcap_t *fp;
int val;
TCHAR *ss;
if (enumerated) {
if (out)
*out = tds;
return enumit (name);
}
tcp = tds;
hm = LoadLibrary (L"wpcap.dll");
if (hm == NULL) {
write_log (L"uaenet: winpcap not installed (wpcap.dll)\n");
return NULL;
}
FreeLibrary (hm);
hm = LoadLibrary (L"packet.dll");
if (hm == NULL) {
write_log (L"uaenet: winpcap not installed (packet.dll)\n");
return NULL;
}
FreeLibrary (hm);
if (!isdllversion (L"wpcap.dll", 4, 0, 0, 0)) {
write_log (L"uaenet: too old winpcap, v4 or newer required\n");
return NULL;
}
ss = au (pcap_lib_version ());
if (!done)
write_log (L"uaenet: %s\n", ss);
xfree (ss);
if (pcap_findalldevs_ex (PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1) {
ss = au (errbuf);
write_log (L"uaenet: failed to get interfaces: %s\n", ss);
xfree (ss);
return NULL;
}
if (!done)
write_log (L"uaenet: detecting interfaces\n");
for(cnt = 0, d = alldevs; d != NULL; d = d->next) {
char *n2;
TCHAR *ss2;
tc = tcp + cnt;
if (cnt >= MAX_TOTAL_NET_DEVICES) {
write_log (L"buffer overflow\n");
break;
}
ss = au (d->name);
ss2 = d->description ? au (d->description) : L"(no description)";
write_log (L"%s\n- %s\n", ss, ss2);
xfree (ss2);
xfree (ss);
n2 = d->name;
if (strlen (n2) <= strlen (PCAP_SRC_IF_STRING)) {
write_log (L"- corrupt name\n");
continue;
}
fp = pcap_open (d->name, 65536, 0, 0, NULL, errbuf);
if (!fp) {
ss = au (errbuf);
write_log (L"- pcap_open() failed: %s\n", ss);
xfree (ss);
continue;
}
val = pcap_datalink (fp);
pcap_close (fp);
if (val != DLT_EN10MB) {
if (!done)
write_log (L"- not an ethernet adapter (%d)\n", val);
continue;
}
lpAdapter = PacketOpenAdapter (n2 + strlen (PCAP_SRC_IF_STRING));
if (lpAdapter == NULL) {
if (!done)
write_log (L"- PacketOpenAdapter() failed\n");
continue;
}
OidData = (PPACKET_OID_DATA)xcalloc (uae_u8, 6 + sizeof(PACKET_OID_DATA));
if (OidData) {
OidData->Length = 6;
OidData->Oid = OID_802_3_CURRENT_ADDRESS;
if (PacketRequest (lpAdapter, FALSE, OidData)) {
memcpy (tc->mac, OidData->Data, 6);
if (!done)
write_log (L"- MAC %02X:%02X:%02X:%02X:%02X:%02X (%d)\n",
tc->mac[0], tc->mac[1], tc->mac[2],
tc->mac[3], tc->mac[4], tc->mac[5], cnt++);
tc->active = 1;
tc->mtu = 1522;
tc->name = au (d->name);
tc->desc = au (d->description);
} else {
write_log (L" - failed to get MAC\n");
}
xfree (OidData);
}
PacketCloseAdapter (lpAdapter);
}
if (!done)
write_log (L"uaenet: end of detection\n");
done = 1;
pcap_freealldevs (alldevs);
enumerated = 1;
if (out)
*out = tds;
return enumit (name);
}
int main(){
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i = 0;
pcap_t *adhandle;
int res;
char errbuf[PCAP_ERRBUF_SIZE];
struct tm *ltime;
char timestr[16];
struct pcap_pkthdr *header;
const u_char *pkt_data;
time_t local_tv_sec;
/* 获取本机设备列表 */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* 打印列表 */
for (d = alldevs; d; d = d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):", i);
scanf("%d", &inum);
if (inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
/* 跳转到已选中的适配器 */
for (d = alldevs, i = 0; i< inum - 1; d = d->next, i++);
/* 打开设备 */
if ((adhandle = pcap_open(d->name, // 设备名
65536, // 要捕捉的数据包的部分
// 65535保证能捕获到不同数据链路层上的每个数据包的全部内容
PCAP_OPENFLAG_PROMISCUOUS, // 混杂模式
1000, // 读取超时时间
NULL, // 远程机器验证
errbuf // 错误缓冲池
)) == NULL)
{
fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n", d->name);
/* 释放设列表 */
pcap_freealldevs(alldevs);
return -1;
}
printf("\nlistening on %s...\n", d->description);
/* 释放设备列表 */
pcap_freealldevs(alldevs);
/* 获取数据包 */
while ((res = pcap_next_ex(adhandle, &header, &pkt_data)) >= 0){
if (res == 0)
/* 超时时间到 */
continue;
/* 将时间戳转换成可识别的格式 */
local_tv_sec = header->ts.tv_sec;
ltime = localtime(&local_tv_sec);
strftime(timestr, sizeof timestr, "%H:%M:%S", ltime);
printf("%s,%.6d len:%d\n", timestr, header->ts.tv_usec, header->len);
}
if (res == -1){
printf("Error reading the packets: %s\n", pcap_geterr(adhandle));
return -1;
}
return 0;
}
int main (int argc,char* argv[])
{
ULONG Src_IP, Dst_IP;
int count=0;
PMAC Victim_MAC = NULL;
UCHAR *arpPacketage=NULL,*pkt_data=NULL,*mac=NULL,*Victim_Mac=NULL; //Local MAC
u_int i, res , inum,choice ;
time_t seconds;
struct tm tbreak;
struct pcap_pkthdr *header;
char errbuf[PCAP_ERRBUF_SIZE],timestr[100];
pcap_if_t *alldevs, *d;
pcap_t *fp;
/* The user didn't provide a packet source: Retrieve the local device list */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs_ex: %s\n", errbuf);
return -1;
}
i = 0;
/* Print the list */
for(d=alldevs; d; d=d->next)
{
printf("%d. %s\n ", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i==0)
{
fprintf(stderr,"No interfaces found! Exiting.\n");
return -1;
}
//選擇網卡執行接下來的程序
printf("Enter the interface number you would like to sniff : ");
scanf("%d" , &inum);
if(inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for (d=alldevs, i=0; i< inum-1 ;d=d->next, i++);
/* Open the device */
if ( (fp= pcap_open(d->name,// name of the device
65536 /*portion of the packet to capture*/,
PCAP_OPENFLAG_PROMISCUOUS /*promiscuous mode*/,
1000 /*read timeout*/,
NULL /*authentication on the remote machine*/,
errbuf // error buffer
)) == NULL)
{
fprintf(stderr,"/nUnable to open the adapter. %s is not supported by WinPcap/n",d->name);
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
//初始化ARP Package
printf("1.) ARP Requset 2.)ARP Reply Attack : ");
scanf("%d" ,&choice);
switch(choice)
{
case 1:
//+8以去掉"rpcap://"
mac = GetSelfMac(d->name+8);
printf("\nMy Mac : ");
PrintHexDecimal(mac);
Src_IP = inet_addr("203.64.84.139");
Dst_IP = inet_addr("203.64.84.174");
//Dst_IP = inet_addr("203.64.84.144");
InitARPRequestPackage(mac,Src_IP,Dst_IP);
break;
case 2:
mac = GetSelfMac(d->name+8);
Src_IP = inet_addr("203.64.84.1");
//Dst_IP = inet_addr("203.64.84.152");
Dst_IP = inet_addr("203.64.84.136");
Victim_MAC = (PMAC) malloc(sizeof(MAC));
Victim_MAC->byte[0] = 0x08;
Victim_MAC->byte[1] = 0x60;
Victim_MAC->byte[2] = 0x6E;
Victim_MAC->byte[3] = 0x48;
Victim_MAC->byte[4] = 0x18;
Victim_MAC->byte[5] = 0x3E;
/* Victim_MAC->byte[0] = 0x08;
Victim_MAC->byte[1] = 0x60;
Victim_MAC->byte[2] = 0x6E;
Victim_MAC->byte[3] = 0x48;
Victim_MAC->byte[4] = 0x1D;
Victim_MAC->byte[5] = 0x30;*/
InitARPReplyPackage(mac,Victim_MAC,Src_IP,Dst_IP);
free(Victim_MAC);
arpPacketage =(UCHAR *) malloc(sizeof(arpPacket));
memcpy(arpPacketage, &arpPacket, sizeof(arpPacket));
/* Send down the packet */
while (1)
{
if(pcap_sendpacket(fp, arpPacketage, sizeof(arpPacket)) != 0){
printf("\nError sending the packet: \n", pcap_geterr(fp));
break;
}
++count;
printf("\nArp Reply count : %d",count);
}
break;
}
arpPacketage =(UCHAR *) malloc(sizeof(arpPacket));
memcpy(arpPacketage, &arpPacket, sizeof(arpPacket));
/* Send down the packet */
if (pcap_sendpacket(fp, arpPacketage, sizeof(arpPacket) /* size */) != 0)
{
printf("\nError sending the packet: \n", pcap_geterr(fp));
return;
}
free(arpPacketage);
/* Retrieve the packets */
while((res = pcap_next_ex( fp, &header, &pkt_data)) >= 0)
{
if(res == 0)
// Timeout elapsed
continue;
/* convert the timestamp to readable format */
seconds = header->ts.tv_sec;
localtime_s( &tbreak , &seconds);
strftime (timestr , 80 , "%d-%b-%Y %I:%M:%S %p" , &tbreak );
//printf("%s,%.6d len:%d\n", timestr, header->ts.tv_usec, header->len);
//Ethernet header
ethhdr = (ETHHDR *)pkt_data;
if(ntohs(ethhdr->type) == EPT_ARP){
ARPReply = (ETH_ARPHDR *) (pkt_data+sizeof(ETHHDR));
if(ARPReply->arp_spa==Dst_IP){
printf("My_Need_MAC: ");
PrintHexDecimal(ARPReply->arp_sha);
}
}
}
if(res == -1){
printf("Error reading the packets: %s\n", pcap_geterr(fp));
return -1;
}
/* At this point, we don't need any more the device list. Free it */
pcap_freealldevs(alldevs);
/* start the capture */
return 1;
}
void SnoopInterfaces::initialize()
{
LOG_DEBUG("stt"); // gilgil temp 2012.08.11
//
// Initialize allDevs using pcap API.
//
if (allDevs != NULL) return;
char errBuf[PCAP_ERRBUF_SIZE];
#ifdef WIN32
int i = pcap_findalldevs_ex("rpcap://", NULL, &allDevs, errBuf);
#endif // WIN32
#ifdef linux
int i = pcap_findalldevs(&allDevs, errBuf);
#endif // linux
if (i != 0) // if error occured
{
LOG_ERROR("error in pcap_findalldevs_ex (%s)", errBuf);
return;
}
//
// Add null interface(for best adapter)
//
SnoopInterface nullInterface;
push_back(nullInterface);
//
// Add interfaces
//
pcap_if_t* dev = allDevs;
i = 1;
while (dev != NULL)
{
SnoopInterface _interface;
_interface.index = i;
_interface.name = dev->name;
_interface.description = dev->description;
_interface.dev = dev;
push_back(_interface);
dev = dev->next;
i++;
}
#ifdef WIN32
//
// Initialize allAdapterInfos using IPHelper API.
//
ULONG outBufLen = 0;
DWORD res = GetAdaptersInfo(allAdaptersInfo, &outBufLen);
if (res == ERROR_BUFFER_OVERFLOW)
{
allAdaptersInfo = (PIP_ADAPTER_INFO)malloc(outBufLen);
res = GetAdaptersInfo(allAdaptersInfo, &outBufLen);
}
if (res != ERROR_SUCCESS)
{
LOG_ERROR("GetAdaptersInfo return %d(0x%x)", res, res);
return;
}
//
// Set adapterInfo (for Windows)
//
int _count = this->count();
for (int i = 1; i < _count; i++)
{
SnoopInterface& _interface = (SnoopInterface&)at(i);
QString adapterName = _interface.name;
PIP_ADAPTER_INFO p = allAdaptersInfo;
while (p != NULL)
{
if (strstr(qPrintable(adapterName), p->AdapterName) != NULL)
break;
p = p->Next;
}
if (p == NULL)
{
LOG_DEBUG("can not find adapter(%d) %s", i, qPrintable(adapterName));
}
_interface.adapterInfo = p;
}
#endif // WIN32
//
// Change null interface into best interface
//
{
int bestAdapterIndex = getBestAdapterIndex();
if (bestAdapterIndex != snoop::INVALID_ADAPTER_INDEX)
{
SnoopInterface& nullInterface = (SnoopInterface&)at(0);
SnoopInterface& bestInterface = (SnoopInterface&)at(bestAdapterIndex);
nullInterface = bestInterface;
}
}
LOG_DEBUG("end"); // gilgil temp 2012.08.11
}
int main()
{
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i = 0;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
u_int netmask;
char packet_filter[] = "arp";
struct bpf_program fcode;
/* Retrieve the device list */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for (d = alldevs; d; d = d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):", i);
scanf_s("%d", &inum);
if (inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for (d = alldevs, i = 0; i< inum - 1;d = d->next, i++);
/* Open the adapter */
if ((adhandle = pcap_open(d->name, // name of the device
65536, // portion of the packet to capture.
// 65536 grants that the whole packet will be captured on all the MACs.
PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
1000, // read timeout
NULL, // remote authentication
errbuf // error buffer
)) == NULL)
{
fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Check the link layer. We support only Ethernet for simplicity. */
if (pcap_datalink(adhandle) != DLT_EN10MB)
{
fprintf(stderr, "\nThis program works only on Ethernet networks.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
if (d->addresses != NULL)
/* Retrieve the mask of the first address of the interface */
netmask = ((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
else
/* If the interface is without addresses we suppose to be in a C class network */
netmask = 0xffffff;
//compile the filter
if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) <0)
{
fprintf(stderr, "\nUnable to compile the packet filter. Check the syntax.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
//set the filter
if (pcap_setfilter(adhandle, &fcode)<0)
{
fprintf(stderr, "\nError setting the filter.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
printf("\nlistening on %s...\n", d->description);
/* At this point, we don't need any more the device list. Free it */
pcap_freealldevs(alldevs);
/* start the capture */
pcap_loop(adhandle, 0, packet_handler, NULL);
return 0;
}
int main()
{
pcap_if_t *alldevs, *d;
pcap_t *fp;
u_int inum, i=0;
char errbuf[PCAP_ERRBUF_SIZE];
int res;
struct pcap_pkthdr *header;
const u_char *pkt_data;
struct pcap_pkthdr old;
printf("SMP_1\n");
printf("\nThis program tests the WinPcap kernel driver on SMP machines.\n");
printf("The program tests that timestamps on the captured packets are consistent,\n");
printf("and that the caplen is equal to the packet length.\n");
printf("If there is an error, it will print out a message saying \"Inconsistent XXX\"\n");
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for(d=alldevs; d; d=d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):",i);
scanf_s("%d", &inum);
if(inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);
/* Open the device */
if ( (fp= pcap_open(d->name, 65536, PCAP_OPENFLAG_PROMISCUOUS, 1000, NULL, errbuf) ) == NULL)
{
fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", d->name);
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
old.ts.tv_sec=0;
old.ts.tv_usec=0;
/* Read the packets */
while((res = pcap_next_ex( fp, &header, &pkt_data)) >= 0){
if(res == 0)
continue;
//check that caplen is equal to packet length
if (header->caplen!=header->len)
printf("Inconsistent header: CapLen %d\t Len %d\n",header->caplen,header->len);
//check that timestamps always grow
if ( old.ts.tv_sec > header->ts.tv_sec || (old.ts.tv_sec == header->ts.tv_sec && old.ts.tv_usec > header->ts.tv_usec))
printf("Inconsistent Timestamps! Old was %d.%.06d - New is %d.%.06d\n",old.ts.tv_sec,old.ts.tv_usec, header->ts.tv_sec,header->ts.tv_usec);
old=*header;
}
if(res == -1){
printf("Error reading the packets: %s\n", pcap_geterr(fp));
return -1;
}
_getch();
return 0;
}
int main()
{
u_int i, res, inum;
u_char errbuf[PCAP_ERRBUF_SIZE], buffer[100];
u_char *pkt_data;
time_t seconds;
struct tm tbreak;
pcap_if_t *alldevs, *d;
pcap_t *fp;
struct pcap_pkthdr *header;
fopen_s(&logfile, "log.txt", "w");
if (logfile == NULL)
{
printf("Unable to create file.");
}
/* The user didn't provide a packet source: Retrieve the local device list */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr, "Error in pcap_findalldevs_ex: %s\n", errbuf);
return -1;
}
i = 0;
/* Print the list */
for (d = alldevs; d; d = d->next)
{
printf("%d. %s\n ", ++i, d->name);
if (d->description)
{
printf(" (%s)\n", d->description);
}
else
{
printf(" (No description available)\n");
}
}
if (i == 0)
{
fprintf(stderr, "No interfaces found! Exiting.\n");
return -1;
}
printf("Enter the interface number you would like to sniff : ");
scanf_s("%d", &inum);
/* Jump to the selected adapter */
for (d = alldevs, i = 0; i< inum - 1; d = d->next, i++);
/* Open the device */
if ((fp = pcap_open(d->name,
100 /*snaplen*/,
PCAP_OPENFLAG_PROMISCUOUS /*flags*/,
20 /*read timeout*/,
NULL /* remote authentication */,
errbuf)
) == NULL)
{
fprintf(stderr, "\nError opening adapter\n");
return -1;
}
//read packets in a loop :)
while ((res = pcap_next_ex(fp, &header, &pkt_data)) >= 0)
{
if (res == 0)
{
// Timeout elapsed
continue;
}
seconds = header->ts.tv_sec;
localtime_s(&tbreak, &seconds);
strftime(buffer, 80, "%d-%b-%Y %I:%M:%S %p", &tbreak);
//print pkt timestamp and pkt len
//fprintf(logfile , "\nNext Packet : %ld:%ld (Packet Length : %ld bytes) " , header->ts.tv_sec, header->ts.tv_usec, header->len);
fprintf(logfile, "\nNext Packet : %s.%ld (Packet Length : %ld bytes) ", buffer, header->ts.tv_usec, header->len);
ProcessPacket(pkt_data, header->caplen);
}
if (res == -1)
{
fprintf(stderr, "Error reading the packets: %s\n", pcap_geterr(fp));
return -1;
}
return 0;
}
int main(int argc, char **argv)
{
printf("%x\n", DDERR_UNSUPPORTEDFORMAT);
pcap_if_t * allAdapters;//适配器列表
pcap_if_t * adapter;
pcap_t * adapterHandle;//适配器句柄
struct pcap_pkthdr * packetHeader;
const u_char * packetData;
char errorBuffer[ PCAP_ERRBUF_SIZE ];//错误信息缓冲区
if( pcap_findalldevs_ex( PCAP_SRC_IF_STRING, NULL,
&allAdapters, errorBuffer ) == -1 )
{
//检索机器连接的所有网络适配器
fprintf( stderr, "Error in pcap_findalldevs_ex function: %s\n", errorBuffer );
return -1;
}
if( allAdapters == NULL )
{
//不存在任何适配器
printf( "\nNo adapters found! Make sure WinPcap is installed.\n" );
return 0;
}
int crtAdapter = 0;
for( adapter = allAdapters; adapter != NULL; adapter = adapter->next)
{
//遍历输入适配器信息(名称和描述信息)
printf( "\n%d.%s ", ++crtAdapter, adapter->name );
printf( "-- %s\n", adapter->description );
}
printf( "\n" );
//选择要捕获数据包的适配器
int adapterNumber;
printf( "Enter the adapter number between 1 and %d:", crtAdapter );
scanf_s( "%d", &adapterNumber );
if( adapterNumber < 1 || adapterNumber > crtAdapter )
{
printf( "\nAdapter number out of range.\n" );
// 释放适配器列表
pcap_freealldevs( allAdapters );
return -1;
}
adapter = allAdapters;
for( crtAdapter = 0; crtAdapter < adapterNumber - 1; crtAdapter++ )
adapter = adapter->next;
// 打开指定适配器
adapterHandle = pcap_open( adapter->name, // name of the adapter
65536, // portion of the packet to capture
// 65536 guarantees that the whole
// packet will be captured
PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
1000, // read timeout - 1 millisecond
NULL, // authentication on the remote machine
errorBuffer // error buffer
);
if( adapterHandle == NULL )
{
//指定适配器打开失败
fprintf( stderr, "\nUnable to open the adapter\n", adapter->name );
// 释放适配器列表
pcap_freealldevs( allAdapters );
return -1;
}
else
{
bpf_u_int32 netmask;
bpf_program fcode;
if (allAdapters->addresses != NULL)
/* 获取接口第一个地址的掩码 */
netmask=((struct sockaddr_in *)(allAdapters->addresses->netmask))->sin_addr.S_un.S_addr;
else
/* 如果这个接口没有地址,那么我们假设这个接口在C类网络中 */
netmask=0xffffff;
//compile the filter
if (pcap_compile(adapterHandle, &fcode, "tcp port 1935", 1, netmask) < 0)
{
fprintf(stderr, "nUnable to compile the packet filter. Check the syntax.n");
/* 释放设备列表 */
pcap_freealldevs(allAdapters);
return -1;
}
//set the filter
if (pcap_setfilter(adapterHandle, &fcode) < 0)
{
fprintf(stderr,"nError setting the filter.n");
/* 释放设备列表 */
pcap_freealldevs(allAdapters);
return -1;
}
}
printf( "\nCapture session started on adapter %s\n", adapter->name );
pcap_freealldevs( allAdapters );//释放适配器列表
// 开始捕获数据包
int retValue;
while( ( retValue = pcap_next_ex( adapterHandle,
&packetHeader,
&packetData ) ) >= 0 )
{
// timeout elapsed if we reach this point
if( retValue == 0 )
continue;
//打印捕获数据包的信息
//if (packetHeader->len > 60)
{
static FILE * fp = NULL;
if (fp == NULL)
fp = fopen("F://test.amf", "wb+");
fwrite(packetData, 1, packetHeader->len, fp);
fflush(fp);
}
printf( "length of packet: %d\n", packetHeader->len );
}
// if we get here, there was an error reading the packets
if( retValue == -1 )
{
printf( "Error reading the packets: %s\n", pcap_geterr( adapterHandle ) );
return -1;
}
system( "PAUSE" );
return 0;
CXMemPool memPool;
int nTotleSize = 0;
memPool.Create(1024*1024);
//printf("begin %d\n", GetTickCount());
//for (int n=0; n<100000; ++n)
//{
// //void *p = malloc(10);
// //free(p);
// void *p = memPool.Alloc(10);
// memPool.Free(p);
//}
//printf("end %d\n", GetTickCount());
//return 0;
j_void_t *p[1000] = {0};
while (true)
{
for (int i=0; i<1000; ++i)
{
p[i] = NULL;
int size = rand() % 256;
p[i] = memPool.Alloc(size);
printf("%d %d %d\n", p[i], size, i);
}
int n = 1000;
while (true)
{
if (n == 0)
break;
int m = rand() % 1000;
if (p[m] != NULL)
{
memPool.Free(p[m]);
printf("free %d %d\n", p[m], m);
p[m] = NULL;
--n;
}
}
//for (int i=9999; i>0; --i)
//{
// memPool.Free(p[i]);
// printf("free %d %d\n", p[i], i);
//}
}
//while (true)
//{
// int size = rand() % 1024;
// j_void_t *p = memPool.Alloc(size);
// printf("%d %d %d\n", p, size, nTotleSize);
// if (p == NULL)
// break;
// nTotleSize += size;
// //if ((size % 2) == 0)
// {
// memPool.Free(p);
// nTotleSize -= size;
// printf("free %d %d\n", p, size);
// }
//}
memPool.Destroy();
/// 节点管理服务器
//CNodeManager nodeManager;
//nodeManager.Start(8925);
/// 内容管理服务器
//while(bRun)
//{
// j_sleep(10);
//}
//nodeManager.Stop();
return 0;
}
main()
{
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i=0;
pcap_t *adhandle;
int res;
char errbuf[PCAP_ERRBUF_SIZE];
struct tm *ltime;
char timestr[16];
struct pcap_pkthdr *header;
u_char *pkt_data;
/* Retrieve the device list on the local machine */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for(d=alldevs; d; d=d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if(i==0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):",i);
scanf("%d", &inum);
if(inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);
/* Open the device */
if ( (adhandle= pcap_open(d->name, // name of the device
65536, // portion of the packet to capture.
// 65536 guarantees that the whole packet will be captured on all the link layers
PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
1000, // read timeout
NULL, // authentication on the remote machine
errbuf // error buffer
) ) == NULL)
{
fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", d->name);
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
printf("\nlistening on %s...\n", d->description);
/* At this point, we don't need any more the device list. Free it */
pcap_freealldevs(alldevs);
/* Retrieve the packets */
while((res = pcap_next_ex( adhandle, &header, &pkt_data)) >= 0){
if(res == 0)
/* Timeout elapsed */
continue;
/* convert the timestamp to readable format */
ltime=localtime(&header->ts.tv_sec);
strftime( timestr, sizeof timestr, "%H:%M:%S", ltime);
printf("%s,%.6d len:%d\n", timestr, header->ts.tv_usec, header->len);
}
if(res == -1){
printf("Error reading the packets: %s\n", pcap_geterr(adhandle));
return -1;
}
return 0;
}
int main (int argc, char *argv[])
{
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t *dh;
struct bpf_program filter;
char filter_app[] = "ip and tcp";
bpf_u_int32 mask;
bpf_u_int32 net;
struct pcap_pkthdr header;
const u_char *packet;
if (parse_config (argv[0]))
{
printf ("Failed to parse config file, leaving\n");
return -1;
}
if (process_parms (argc,argv))
{
printf ("Bad parameters, leaving\n");
return -1;
}
if (devname==NULL)
{
#ifdef WIN32
printf ("A device number is required. Run with -list to get a list.\n");
#else
printf ("A device name (such as eth0) is required\n");
#endif
exit (-1);
}
if (daemonize && debuglogdir[0]==0)
{
printf ("In daemon mode at least a debug log directory (-dd) must be used\n");
exit (-1);
}
#ifndef WIN32
if (daemonize)
{
switch (go_daemon())
{
case -1:
daemonize=0;
log_debug (0, "Failed to become a daemon!");
exit (-1);
case 1:
// We are the parent. Exit and let the child on its own
exit (0);
case 0:
log_debug (3, "Successfully became a daemon.");
break;
default:
daemonize=0;
log_debug (0, "This is a bug!");
exit (-1);
}
}
#endif
#ifdef WIN32
pcap_if_t *alldevs;
int inum = atoi (devname);
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
int devnum=0;
pcap_if_t *d;
for(d=alldevs; d; d=d->next)
{
devnum++;
printf("%d. %s", devnum, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if(devnum==0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
if(inum < 1 || inum > devnum)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for(d=alldevs, devnum=0; devnum< inum-1 ;d=d->next, devnum++) {;}
strcpymalloc ( (u_char **) &devname, (u_char *) d->name);
#endif
log_debug (3, "Getting address and mask for device %s...",devname);
if (pcap_lookupnet(devname, &net, &mask, errbuf)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Opening device...");
#ifdef WIN32
/* At this point, we don't need any more the device list. Free it */
dh = pcap_open (devname, 65535, promisc?PCAP_OPENFLAG_PROMISCUOUS:0, 1000, NULL, errbuf);
pcap_freealldevs(alldevs);
#else
// dh = pcap_open_live (devname, 65535, promisc, 1000, errbuf);
dh = pcap_open_offline(input_file, errbuf);
#endif
if (dh==NULL)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
if (data_offset == -1) /* User didn't force an offset, try to find out */
{
char *dln;
log_debug (3, "Checking datalink type...");
if (get_datalink_info (dh, &dln, &data_offset))
{
log_debug (0, "not supported. Please play with the -offset option (see docs)");
exit (-1);
}
log_debug (3, "OK, %s, offset = %d", dln, data_offset);
}
else
{
log_debug (1, "Using an user defined offset [%d], for datalink type [%d], good luck!",
data_offset, get_datalink_type(dh));
}
log_debug (3, "Compiling filter [%s]...",filter_app);
if (pcap_compile(dh, &filter, filter_app, 0, net)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Setting filter...");
if (pcap_setfilter(dh, &filter)==-1)
{
log_debug (0, "error [%s]",errbuf);
exit (-1);
}
log_debug (3, "OK");
log_debug (3, "Entering capture loop...");
if (chatlogdir[0]!=0)
#ifdef WIN32
mkdir (chatlogdir);
#else
mkdir (chatlogdir,0700);
#endif
if (debuglogdir[0]!=0)
#ifdef WIN32
mkdir (debuglogdir);
#else
mkdir (debuglogdir,0700);
#endif
long packet_count = 0;
while (1)
{
packet = pcap_next(dh, &header);
if (packet==NULL)
{
log_debug (5, "No packet received");
continue;
}
process_packet (++packet_count, &header,packet);
}
}