/
filter_on.cpp
134 lines (102 loc) · 3.19 KB
/
filter_on.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
#include <pcap/pcap.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include "pcap_errors.h"
typedef struct{
char *device;
char *port_str;
int list_devices;
} Options;
typedef struct{
u_char ethernet_hdr[14];
u_char ip_hdr[20]; //offset
uint16_t src_port;
uint16_t dest_port;
uint32_t seq_number;
uint32_t ack_number;
uint16_t flags;
uint16_t window_size;
} TCP_header_part16;
int parse_args(int argc,char **argv, Options *options) {
if(argc <3)
{
printf("usage: filter_on INTERFACE PORT\n");
exit(0);
}
options->device = argv[1];
options->port_str = argv[2];
}
void show_devices() {
char errbuf[PCAP_ERRBUF_SIZE];
pcap_if_t *alldevsp;
int result = pcap_findalldevs(&alldevsp, errbuf);
if(result) {
exit_error(errbuf, result);
}
pcap_if_t *cur = alldevsp;
while(cur)
{
printf("Device: %s - %s\n" , cur->name, cur->description ? cur->description : "");
cur = cur->next;
}
}
void filter_on_port(pcap_t *handle, char *filter, char *port){
char program_string[80];
memset(program_string, 0, 80);
struct bpf_program fp;
int result;
// Copy filter string
strcpy(program_string, filter);
strcat(program_string, port);
// Compile and set
printf("Compiling: %s\n",program_string);
result = pcap_compile(handle, &fp, program_string, 1, PCAP_NETMASK_UNKNOWN);
handle_pcap_errors(handle, result, "pcap_compile");
result = pcap_setfilter(handle, &fp);
handle_pcap_errors(handle, result, "pcap_setfilter");
}
#define ALL_PORTS (256*256)
int main(int argc, char **argv) {
char errbuf[PCAP_ERRBUF_SIZE];
struct pcap_pkthdr *pkthdr;
const u_char *pkt_data;
Options options;
parse_args(argc, argv, &options);
if(options.list_devices) {
show_devices();
exit(0);
}
// Create Handles for in and out
pcap_t *in_handle = pcap_create(argv[1], errbuf);
pcap_t *out_handle = pcap_create(argv[1], errbuf);
if(!in_handle | !out_handle )
exit_error(errbuf, -1);
int result = 0;
// Set timeout
result = pcap_set_timeout(in_handle, 1); // Header size up to window size
result = pcap_set_timeout(out_handle, 1); // Header size up to window size
handle_pcap_errors(in_handle, result, "set_timeout");
handle_pcap_errors(out_handle, result, "set_timeout");
// Activate!
result = pcap_activate(out_handle);
result = pcap_activate(in_handle);
handle_pcap_errors(out_handle, result, "pcap_activate");
handle_pcap_errors(in_handle, result, "pcap_activate");
// Set Filter
filter_on_port(out_handle, "src port ", options.port_str);
filter_on_port(in_handle, "dst port ", options.port_str);
// Count packet lenghts on port
int out_byte_count = 0;
int in_byte_count = 0;
for(int i = 0; i < 100; i++) {
pcap_next_ex(out_handle, &pkthdr, &pkt_data);
out_byte_count += pkthdr->len;
pcap_next_ex(in_handle, &pkthdr, &pkt_data);
in_byte_count += pkthdr->len;
}
printf("In Bytes: %d\n", in_byte_count);
printf("Out Bytes: %d\n", out_byte_count);
return 0;
}