get_udp_code.rar_libpcap

#include "pcap.h" struct ether_header { u_int8_t ether_dhost[6]; u_int8_t ether_shost[6]; u_int16_t ether_type; }; typedef u_int32_t in_addr_t; struct in_addr { in_addr_t s_addr; }; struct ip_header { #ifdef WORDS_BIGENDIAN u_int8_t ip_version:4; u_int8_t ip_header_length:4; #else u_int8_t ip_header_length:4; u_int8_t ip_version:4; #endif u_int8_t ip_tos; u_int16_t ip_length; u_int16_t ip_id; u_int16_t ip_off; u_int8_t ip_ttl; u_int8_t ip_protocol; u_int16_t ip_checksum; struct in_addr ip_source_address; struct in_addr ip_destination_address; }; struct udp_header { u_int16_t udp_source_port; u_int16_t udp_destination_port; u_int16_t udp_length; u_int16_t udp_checksum; }; void udp_protocol_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,const u_char * packet_content) { struct udp_header *udp_protocol; u_short source_port; u_short destination_port; u_short length; udp_protocol=(struct udp_header *)(packet_content+14+20); source_port=ntohs(udp_protocol->udp_source_port); destination_port=ntohs(udp_protocol->udp_destination_port); length=ntohs(udp_protocol->udp_length); printf("----------------------------------UDP protocol---------------------\n"); printf("Source port :%d\n",source_port); printf("destination port :%d\n",destination_port); switch(destination_port) { case 138: printf("NETBIOS Datagra Service\n"); break; case 137: printf("NETBIOS Name Service \n"); break; case 139 : printf("NETBIOS Session Service\n"); break; case 53: printf("Name Domain Service\n"); break; default: break; } printf("Length :%d\n",length); printf("Checksum :%d\n",ntohs(udp_protocol->udp_checksum)); } void ip_protocol_packet_callback(u_char * argument,const struct pcap_pkthdr * packet_header, const u_char * packet_content) { struct ip_header * ip_protocol; u_int header_length; u_int offset; u_char tos; u_int16_t checksum; ip_protocol=(struct ip_header*)(packet_content+14); checksum=ntohs(ip_protocol->ip_checksum); header_length=ip_protocol->ip_header_length*4; tos=ip_protocol->ip_tos; offset=ntohs(ip_protocol->ip_off); printf("-----------------------------------ip protocol--------------------\n"); printf("ip version :%d\n",ip_protocol->ip_version); printf("header length:%d\n",header_length); printf("tos :%d\n",tos); printf("total length :%d\n",ntohs(ip_protocol->ip_length)); printf("identification :%d\n",ntohs(ip_protocol->ip_id)); printf("offset:%d\n",(offset&0x1fff)*8); printf("ttl:%d\n",ip_protocol->ip_ttl); printf("protocol:%d\n",ip_protocol->ip_protocol); switch(ip_protocol->ip_protocol) { case 6: printf("the transport layer protocol is Tcp\n"); break; case 17: printf("the transport layer protocol is Udp\n"); break; case 1: printf("the transprot layer protocol is Icmp\n"); break; default: break; } printf("header checksum:%d\n",checksum); printf("source address :%s\n",inet_ntoa(ip_protocol->ip_source_address)); printf("destination address :%s\n",inet_ntoa(ip_protocol->ip_destination_address)); switch(ip_protocol->ip_protocol) { case 17: udp_protocol_packet_callback(argument,packet_header,packet_content); break; default: break; } } void ethernet_protocol_packet_callback(u_char *argument,const struct pcap_pkthdr * packet_header, const u_char * packet_content) { u_short ethernet_type; struct ether_header *ethernet_protocol; u_char *mac_string; static int packet_number=1; printf("*************************************************************************\n"); printf(" the %d packet is captured \n",packet_number); printf("------------------------------eternet protocol--------------------------\n"); ethernet_protocol=(struct ether_header *)packet_content; printf("ethernet type is:\n"); ethernet_type=ntohs(ethernet_protocol->ether_type); printf("%04x\n",ethernet_type); switch(ethernet_type) { case 0x0800: printf("the network layer is ip protocol\n"); break; case 0x0806: printf("the network layer is arp protocol\n"); break; case 0x8035: printf("the network layer is rarp protocol\n"); break; default: break; } printf("mac source address is:\n"); mac_string=ethernet_protocol->ether_shost; printf("%02x:%02x:%02x:%02x:%02x:%02x\n",*mac_string,*(mac_string+1),*(mac_string+2), *(mac_string+3),*(mac_string+4),*(mac_string+5)); printf("mac destination address is :\n"); mac_string=ethernet_protocol->ether_dhost; printf("%02x:%02x:%02x:%02x:%02x:%02x\n",*mac_string,*(mac_string+1),*(mac_string+2), *(mac_string+3),*(mac_string+4),*(mac_string+5)); switch(ethernet_type) { case 0x0800: ip_protocol_packet_callback(argument,packet_header,packet_content); break; default: break; } printf("********************************************************************\n"); packet_number++; } int main() { pcap_t *pcap_handle; char error_content[PCAP_ERRBUF_SIZE]; char *net_interface; struct bpf_program bpf_filter; char bpf_filter_string[]="udp"; bpf_u_int32 net_mask; bpf_u_int32 net_ip; net_interface=pcap_lookupdev(error_content); pcap_lookupnet(net_interface,&net_ip,&net_mask,error_content); pcap_handle=pcap_open_live(net_interface,20480,1,0,error_content); pcap_compile(pcap_handle,&bpf_filter,bpf_filter_string,0,net_ip); pcap_setfilter(pcap_handle,&bpf_filter); if(pcap_datalink(pcap_handle)!=DLT_EN10MB) return; pcap_loop(pcap_handle,-1,ethernet_protocol_packet_callback,NULL); pcap_close(pcap_handle); }