/************
* initSniffer()
***********/
int initSniffer( const char *device )
{
int sd;
sd = socket (PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
if (sd < 0)
{
printf ("socket err: %s");
exit (1);
}
setPromisc( device, sd, ON ); //ponemos el interface de red en modo cachondo :)
return sd;
}
int main(int argc,char **argv)
{
if(argc!=2)
{
perror("please echo like this: ./mypack eth0\n");
exit(1);
}
int sock;
struct sockaddr_ll rcvaddr;
char buf[6666];
struct ifreq ifr;
int len;
sock=rawSocket();
setPromisc(argv[1],&sock);
len=sizeof(struct sockaddr);
memset(buf,0,sizeof(buf));
FILE *fi;
fi=fopen("/tmp/a.cap","ab+");
if(fi == NULL)
{
printf("open /tmp/a.cap failed!!\n");
}
//char head[] = "0xD4C3B2A1020004000000000000000000FFFF000001000000";
//fprintf(fi,"D4C3B2A1020004000000000000000000FFFF000001000000"); //this is ascii,so wrong!!!
/*******pcap header*******/
struct pcap_file_header *fh;
struct pcap_file_header p_f_h;
p_f_h.magic = 0xA1B2C3D4;
p_f_h.version_major = 0x0002;
p_f_h.version_minor = 0x0004;
p_f_h.thiszone = 0x00000000;
p_f_h.sigfigs = 0x00000000;
p_f_h.snaplen = 0x0000FFFF;
p_f_h.linktype = 0X00000001;
fh = &p_f_h;
// memcpy(buf,fh,sizeof(p_f_h));
// fprintf(fi,"%s",buf); //buf is start in ethernet!!! so wrong!!!
fwrite(fh,sizeof(p_f_h),1,fi);
fclose(fi);
while(1)
{
int rval; //the unit is byte!!! so multiple 256
rval=recvfrom(sock,buf,sizeof(buf),0,(struct sockaddr*)&rcvaddr,&len);
if(rval>0)
{
// printf("Get %d bytes\n",rval);
FILE *f;
f=fopen("/tmp/a.cap","ab+");
if(f==NULL)
{
printf("open /tmp/a.cap failed!!!\n");
}
/*************packet header*********/
#if 0 //this is manual write time code
int time[2]={0x500E4204,0x0000D1EF};
int (*tim)[2];
tim=&time;
fwrite(tim,8,1,f);
#endif
#if 1
// struct pcap_pkthdr *pCap;
// int now_sec;
// int time_change = 0;
// int last_sec = 0;
struct timeval tv;
// struct timezone tz; //usually dont need tz
gettimeofday(&tv,NULL);
fwrite(&(tv.tv_sec),4,1,f);
fwrite(&(tv.tv_usec),4,1,f);
// printf("%x\n",tv.tv_usec);
/* //may be wrong in data type,cant assignment
printf("%d\n",tv.tv_sec);
pCap->ts.tv_sec = tv.tv_sec;
pCap->ts.tv_usec = tv.tv_usec;
printf("%d\n",tv.tv_sec);
printf("%d\n",tv.tv_usec);
fwrite(pCap,8,1,f);
*/
#endif
int b,c,d;
int *bp;
b = rval*256; //cause rval is the bytes of recvfrom()
// printf("%x\n",b);
/****switch the position*****/
if(b<0x00010000)
{
#if 0
c = (b>>16)&Mask;
d = (b<<16)&(~Mask);
b = c|d;
#endif
#if 1
c = (b&FTWO)>>8;
d = (b&FONE)<<8;
b = c|d;
#endif
}
else
{
/************
* endSniffer()
***********/
void endSniffer( const char *device, int sd )
{
setPromisc( device, sd, OFF ); //quitamos el interface de red en modo cachondo :)
close( sd );
}
