关于winpcap抓包的问题？

vtao213344 2009-06-07 02:08:09

我做的是基于winpcap和nmap对目标主机进行操作系统探测。构造好的13个特定数据包已经能准备发送（为了简单期间，采用的是固定的ip和mac），下面需要做的是对目标主机的应答包进行解析，获取相关信息，现在的问题是，
“捕获到一个数据包进行解析时，我不知道怎么来判断，这个包是目标主机针对那13个数据包中哪个包的回应。”
程序的框架如下，哪位高手能帮我解决一下，看看我程序的框架存在哪些问题，需要做怎样的修改。高分酬谢！！
我正在做毕设，快要答辩了，很急，谢谢，或者哪位大侠有“基于winpcap和nmap对目标主机进行操作系统探测”的相关资料，不访也告诉我，定会高分答谢的！！

看着有点长，其实框架很简单，一眼就看明白了

#include"winsock2.h"
#include"pcap.h"
#include "remote-ext.h"
#include <string>;
#include "windows.h"
#include <iostream>
using namespace std;
struct eh
{
unsigned char eh_dst[6]; // Destination address
unsigned char eh_src[6]; // Source address
unsigned short eh_type; // Ethernet type
};

struct iph
{
unsigned char verlen; /*IP version & length */
unsigned char tos; /*IP type of service*/
unsigned short totallength;/*Total length*/
unsigned short ide; /*Unique identifier */
unsigned short offset; /*Fragment offset field*/
unsigned char ttl; /*Time to live*/
unsigned char protocol; /*Protocol(TCP, UDP, etc.)*/
unsigned short checksum; /*IP checksum*/
unsigned int srcaddr; /*Source address*/
unsigned int dstaddr; /*Destination address*/

};

struct tcph
{
unsigned short srcport;
unsigned short dstport;
unsigned int seqno;
unsigned int ackno;
unsigned char offset;
unsigned char flags;
unsigned short window;
unsigned short checksum;
unsigned short urgptr;

unsigned short MSS; //最大报文长度,长度为4字节
unsigned short Window_Scale; //窗口扩大因子,只出现在含有SYN标志的报文里,长度为3字节
unsigned short Timestamp; //时间戳值,长度为10字节
unsigned short SACK_Permit; /*发送方建立连接时在SYN包里发送一个SACK-Permit，
表示在今后的传输中希望收到SACK选项,长度为2字节*/
unsigned short EOL;

};

struct udpheader //udp头部
{
unsigned short srcport; //源端口号
unsigned short dstport; //目的端口号
unsigned short totallength; //总长度
unsigned short checksum; //校验和
};

struct pseudo //伪头部
{
unsigned int srcaddr; //源ip地址
unsigned int dstaddr; //目的ip地址
unsigned char padzero; //0
unsigned char protocol; //协议号
unsigned short tcplength; //长度
};

int cal_chksum(const void *bufv, int length) //校验和计算
{}

///////////////////////////////////TCP序列号测试分析/////////////////////////////////////////////////
//第一个序列号测试
void pk1_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{
//struct pcap_pkthdr protocol_header; //数据包头部信息
struct tcph *tcp_protocol; //TCP协议变量
struct iph *ip_protocol; //IP协议变量
u_int pk1_sequence; //tcp序列号
int ip_len; //IP头部长度
int id_df;
u_int tcp_headerlen; //tcp头部长度
u_short wind; // 窗口大小
u_int acknowledgement; //确认号
u_int flag;
u_char flagsbiaoshi[7]; //标记
u_char ops[7]; //回复的选项标识
char DF; //分片标识 “Y”或者“N”
string ACK; //应答序列号类型
char Resp;

ip_protocol=(struct iph*)(packet_content+14); //获得IP协议内容
ip_len=(ip_protocol->verlen& 0x0f)*4; //获得IP头部长度
tcp_protocol=(struct tcph*)(packet_content+14+ip_len); //获得TCP协议内容
cout<<"====********====" <<endl;
}
//第二个序列号测试
void pk2_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
//第三个序列号测试
void pk3_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
//第四个序列号测试
void pk4_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
//第五个序列号测试
void pk5_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
void pk6_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}

///////////////////////////////////T2-T7探测分析/////////////////////////////////////////////////
void T2_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
void T3_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
void T4_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
void T5_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
void T6_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
void T7_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}
///////////////////////////////////UDP探测分析/////////////////////////////////////////////////
void udp_packet_callback(u_char *argument,const struct pcap_pkthdr *packet_header,
const u_char* packet_content)
{}

...全文

257 8 打赏收藏转发到动态举报

写回复

用AI写文章

8 条回复

切换为时间正序

请发表友善的回复…

发表回复

vtao213344 2009-06-18

打赏
举报

恩，问题已经解决，谢谢大家的回答。

一笑拔剑 2009-06-16

打赏
举报

大学学士论文？

Wenxy1 2009-06-16

打赏
举报

Linux版本的nmap已经能够判断OS类型了。
C:\Wenxy\Pastime\Backup\OtherTools\Nmap\nmap-4.22SOC6>nmap -v -A sina.com.cn

Starting Nmap 4.22SOC6 ( http://insecure.org ) at 2009-06-16 12:13 China Standar
d Time
Initiating Ping Scan at 12:13
Scanning 218.30.66.101 [2 ports]
Completed Ping Scan at 12:13, 0.17s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 12:13
Completed Parallel DNS resolution of 1 host. at 12:13, 0.05s elapsed
Initiating SYN Stealth Scan at 12:13
Scanning 218.30.66.101 [1705 ports]
Discovered open port 80/tcp on 218.30.66.101
Completed SYN Stealth Scan at 12:13, 6.39s elapsed (1705 total ports)
Initiating Service scan at 12:13
Scanning 1 service on 218.30.66.101
Completed Service scan at 12:13, 6.11s elapsed (1 service on 1 host)
Initiating OS detection (try #1) against 218.30.66.101
Retrying OS detection (try #2) against 218.30.66.101
Initiating gen1 OS Detection against 218.30.66.101 at 17.187s
For OSScan assuming port 80 is open, tcp/1 and udp/44459 are closed, and neither
are firewalled
For OSScan assuming port 80 is open, tcp/1 and udp/44731 are closed, and neither
are firewalled
For OSScan assuming port 80 is open, tcp/1 and udp/39809 are closed, and neither
are firewalled
Initiating Traceroute at 12:13
218.30.66.101: guessing hop distance at 11
Completed Traceroute at 12:14, 30.13s elapsed
Initiating Parallel DNS resolution of 13 hosts. at 12:14
Completed Parallel DNS resolution of 13 hosts. at 12:14, 11.86s elapsed
SCRIPT ENGINE: Initiating script scanning.
Initiating SCRIPT ENGINE at 12:14
Completed SCRIPT ENGINE at 12:14, 0.17s elapsed
Host 218.30.66.101 appears to be up ... good.
Interesting ports on 218.30.66.101:
Not shown: 1683 closed ports
PORT STATE SERVICE VERSION
20/tcp filtered ftp-data
21/tcp filtered ftp
22/tcp filtered ssh
23/tcp filtered telnet
53/tcp filtered domain
80/tcp open http-proxy Squid webproxy 2.6.STABLE21
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
161/tcp filtered snmp
162/tcp filtered snmptrap
389/tcp filtered ldap
445/tcp filtered microsoft-ds
593/tcp filtered http-rpc-epmap
873/tcp filtered rsync
1433/tcp filtered ms-sql-s
1723/tcp filtered pptp
3306/tcp filtered mysql
3389/tcp filtered ms-term-serv
5631/tcp filtered pcanywheredata
5632/tcp filtered pcanywherestat
5800/tcp filtered vnc-http
5900/tcp filtered vnc
Device type: general purpose
Running (JUST GUESSING) : FreeBSD 4.X|5.X (88%), Microsoft Windows NT/2K/XP (88%
), OpenBSD 3.X (88%)
Aggressive OS guesses: DragonFly 1.1-Stable (FreeBSD-4 fork) (88%), Microsoft Wi
ndows XP Pro SP2 (88%), OpenBSD 3.3 x86 with pf "scrub in all" (88%), OpenBSD 3.
5 or 3.6 (88%), OpenBSD 3.6 (88%), OpenBSD 3.7 (88%), FreeBSD 5.2 - 5.4 (87%), F
reeBSD 5.3 (86%), OpenBSD 3.6 x86 with pf "scrub in all" (86%)
No exact OS matches for host (test conditions non-ideal).
TCP Sequence Prediction: Difficulty=9999999 (Good luck!)
IPID Sequence Generation: Randomized

TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1 0.00 192.168.102.1
2 0.00 218.17.55.222
3 0.00 58.60.24.85
4 16.00 119.145.220.74
5 0.00 121.15.141.201
6 0.00 202.97.25.5
7 0.00 202.97.25.198
8 47.00 202.97.45.254
9 ...
10 46.00 192.168.14.6
11 46.00 172.16.141.2
12 32.00 192.168.66.14
13 32.00 218.30.66.101

Read data files from: C:\Wenxy\Pastime\Backup\OtherTools\Nmap\nmap-4.22SOC6
OS and Service detection performed. Please report any incorrect results at http:
//insecure.org/nmap/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 68.953 seconds
Raw packets sent: 1890 (89.672KB) | Rcvd: 1858 (95.058KB)

C:\Wenxy\Pastime\Backup\OtherTools\Nmap\nmap-4.22SOC6>

我辣椒哥 2009-06-16

打赏
举报

不太懂 UP

weidong0210 2009-06-16

打赏
举报

友情up

vtao213344 2009-06-07

打赏
举报

求求大家帮帮忙了，快要答辩了~~

vtao213344 2009-06-07

打赏
举报

unsigned char buf_pk1[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x42,0x40,0x00,0x80,0x06,0x22,0x60,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb0,0x00,0x00,0x00,0x00,0xa0,0x02,
0x00,0x01,0x3f,0x83,0x00,0x00,0x03,0x03,0x0a,0x01,0x02,0x04,0x05,0xb4,0x08,0x0a,
0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x04,0x02};

unsigned char buf_pk2[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x43,0x40,0x00,0x80,0x06,0x22,0x5f,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb1,0x00,0x00,0x00,0x00,0xa0,0x02,
0x00,0x3f,0x49,0x81,0x00,0x00,0x02,0x04,0x05,0x78,0x03,0x03,0x00,0x04,0x02,0x08,
0x0a,0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x00};

unsigned char buf_pk3[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x44,0x40,0x00,0x80,0x06,0x22,0x5e,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb2,0x00,0x00,0x00,0x00,0xa0,0x02,
0x00,0x04,0x4a,0xb3,0x00,0x00,0x08,0x0a,0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,
0x01,0x01,0x03,0x03,0x05,0x01,0x02,0x04,0x02,0x80};

unsigned char buf_pk4[70] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x38,0x54,0x45,0x40,0x00,0x80,0x06,0x22,0x61,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb3,0x00,0x00,0x00,0x00,0x90,0x02,
0x00,0x04,0x57,0x3a,0x00,0x00,0x04,0x02,0x08,0x0a,0xff,0xff,0xff,0xff,0x00,0x00,
0x00,0x00,0x03,0x03,0x0a,0x00};

unsigned char buf_pk5[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x46,0x40,0x00,0x80,0x06,0x22,0x5c,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb4,0x00,0x00,0x00,0x00,0xa0,0x02,
0x00,0x10,0x43,0x0d,0x00,0x00,0x02,0x04,0x02,0x18,0x04,0x02,0x08,0x0a,0xff,0xff,
0xff,0xff,0x00,0x00,0x00,0x00,0x03,0x03,0x0a,0x00};

unsigned char buf_pk6[70] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x38,0x54,0x47,0x40,0x00,0x80,0x06,0x22,0x5f,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb5,0x00,0x00,0x00,0x00,0x90,0x02,
0x02,0x00,0x5f,0x32,0x00,0x00,0x02,0x04,0x01,0x09,0x04,0x02,0x08,0x0a,0xff,0xff,
0xff,0xff,0x00,0x00,0x00,0x00};
///////////////////////////////TCP (T2–T7)的构造//////////////////////////////////////////////////
unsigned char buf_T2[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x52,0x40,0x00,0x80,0x06,0x22,0x50,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb6,0x00,0x00,0x00,0x00,0xa0,0x00,
0x00,0x80,0x43,0xab,0x00,0x00,0x03,0x03,0x0A,0x01,0x02,0x04,0x01,0x09,0x08,0x0a,
0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x04,0x02};

unsigned char buf_T3[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x53,0x00,0x00,0x80,0x06,0x62,0x4f,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb7,0x00,0x00,0x00,0x00,0xa0,0x2b,
0x01,0x00,0x42,0xff,0x00,0x00,0x03,0x03,0x0A,0x01,0x02,0x04,0x01,0x09,0x08,0x0a,
0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x04,0x02};

unsigned char buf_T4[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x54,0x40,0x00,0x80,0x06,0x22,0x4e,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x00,0x50,0x35,0xbe,0x40,0xb8,0x00,0x00,0x00,0x00,0xa0,0x10,
0x04,0x00,0x40,0x19,0x00,0x00,0x03,0x03,0x0A,0x01,0x02,0x04,0x01,0x09,0x08,0x0a,
0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x04,0x02};

unsigned char buf_T5[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x55,0x00,0x00,0x80,0x06,0x62,0x4d,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x9d,0xb4,0x35,0xbe,0x40,0xb9,0x00,0x00,0x00,0x00,0xa0,0x02,
0x7a,0x69,0x2c,0x58,0x00,0x00,0x03,0x03,0x0A,0x01,0x02,0x04,0x01,0x09,0x08,0x0a,
0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x04,0x02};

unsigned char buf_T6[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x56,0x40,0x00,0x80,0x06,0x22,0x4c,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x9d,0xb4,0x35,0xbe,0x40,0xba,0x00,0x00,0x00,0x00,0xa0,0x10,
0x80,0x00,0x26,0xb2,0x00,0x00,0x03,0x03,0x0A,0x01,0x02,0x04,0x01,0x09,0x08,0x0a,
0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x04,0x02};

unsigned char buf_T7[74] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x00,0x3c,0x54,0x57,0x00,0x00,0x80,0x06,0x62,0x4b,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x04,0xaa,0x9d,0xb4,0x35,0xbe,0x40,0xbc,0x00,0x00,0x00,0x00,0xa0,0x29,
0xff,0xff,0xa1,0x97,0x00,0x00,0x03,0x03,0x0F,0x01,0x02,0x04,0x01,0x09,0x08,0x0a,
0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,0x04,0x02};
/////////////////////////////// 构造一个UDP数据包////////////////////////////////////////
unsigned char buf_udp[342] = {0x00,0x14,0x0b,0x0f,0xd1,0xaa,0x00,0xee,0xee,0x03,0xb2,0xee,0x08,0x00,0x45,0x00,
0x01,0x48,0x10,0x42,0x40,0x00,0x80,0x11,0x65,0x49,0xc0,0xa8,0x01,0x65,0xc0,0xa8,
0x01,0x64,0x33,0x31,0x9d,0xb4,0x01,0x34,0x3f,0x1d,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,0x43,
0x43,0x43,0x43,0x43,0x43,0x43};

vtao213344 2009-06-07

打赏
举报

int main()
{
pcap_if_t *alldevs;//设备链表
pcap_if_t *d;//设备指针
int inum;//需打开的设备列表序号
int i=0,m=1;
pcap_t *adhandle;//设备句柄

struct bpf_program bpf_filter;
char errbuf[PCAP_ERRBUF_SIZE];//错误信息
u_int netmask=0xffffff; //子网掩码

/////////获取本地网络适配器设备列表 /////////////////////////////////////////////////
if(pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
cout<<stderr<<"Error in pcap_findalldevs: "<<errbuf<<endl;
return -1;
}

///////// 打印本地网络适配器列表//////////////////////////////////////////////////////
for(d=alldevs; d; d=d->next)
{
cout<<++i<<". "<<d->name;
if (d->description)
cout<<" "<<d->description<<endl<<endl;
else
cout<<" (No description available)"<<endl<<endl;
}
if(i==0)
{
cout<<endl<<"No interfaces found! Make sure WinPcap is installed."<<endl;
return -1;
}
cout<<"Enter the interface number (1-"<<i<<"):";
cin>>inum;
if(inum < 1 || inum > i)
{
cout<<endl<<"Interface number out of range."<<endl;
// 释放设备列表
pcap_freealldevs(alldevs);
return -1;
}
// 跳转到选中的适配器
for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);

//////////// 打开适配器/////////////////////////////////////////////////////////////////////
if ( (adhandle = pcap_open(d->name, // 设备名
65536, // 65535保证能捕获到不同数据链路层上的每个数据包的全部内容
PCAP_OPENFLAG_PROMISCUOUS, // 混杂模式
1000, // 读取超时时间
NULL, // 远程机器验证
errbuf // 错误缓冲池
) ) == NULL)
{
cout<<stderr<<endl<<"Unable to open the adapter."<<d->name;
cout<<" is not supported by WinPcap"<<endl;
// 释放设备列表
pcap_freealldevs(alldevs);
return -1;
}
pcap_freealldevs(alldevs);//释放设备列表

////////////构造数据包（固定的ip和mac）////

（--------------构造数据包的程序在楼下--------------------------）
if (pcap_sendpacket(adhandle, (u_char*)buf_udp, 342) != 0)
{
cout<<stderr<<endl<<"Error sending the packet: "<<endl<<pcap_geterr(adhandle);
return -1;
}
/////////////////////////////////捕获数据包并分析//////////////////////////////////////////////////
//编译过滤器只接收源地址是192.168.1.102的tcp数据包
pcap_compile(adhandle, &bpf_filter,"host 192.168.1.100",0,netmask);
//设置过滤规则
pcap_setfilter(adhandle,&bpf_filter);
//发送六个tcp序列号测试数据报
if (pcap_sendpacket(adhandle, (u_char*)buf_pk1, 74/* size */) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk1: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_pk2, 74/* size */) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk2: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_pk3, 74/* size */) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk3: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_pk4, 70/* size */) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk4: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_pk5, 74/* size */) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk5: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_pk6, 70/* size */) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk6: "<<endl<<pcap_geterr(adhandle);
return -1;
}

//发送T2-T7探测数据包
if (pcap_sendpacket(adhandle, (u_char*)buf_T2, 74) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk5: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_T3, 74) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk5: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_T4, 74) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk5: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_T5, 74) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk5: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_T6, 74) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk5: "<<endl<<pcap_geterr(adhandle);
return -1;
}
if (pcap_sendpacket(adhandle, (u_char*)buf_T7, 74) != 0)
{
cout<<stderr<<endl<<"Error sending the packet pk5: "<<endl<<pcap_geterr(adhandle);
return -1;
}

//捕获并分析TCP序列号测试数据包
pcap_dispatch(adhandle,1,pk1_packet_callback,NULL);
pcap_dispatch(adhandle,1,pk2_packet_callback,NULL);
pcap_dispatch(adhandle,1,pk3_packet_callback,NULL);
pcap_dispatch(adhandle,1,pk4_packet_callback,NULL);
pcap_dispatch(adhandle,1,pk5_packet_callback,NULL);
pcap_dispatch(adhandle,1,pk6_packet_callback,NULL);
//捕获并分析T2-T7探测数据包
pcap_dispatch(adhandle,1,T2_packet_callback,NULL);
pcap_dispatch(adhandle,1,T3_packet_callback,NULL);
pcap_dispatch(adhandle,1,T4_packet_callback,NULL);
pcap_dispatch(adhandle,1,T5_packet_callback,NULL);
pcap_dispatch(adhandle,1,T6_packet_callback,NULL);
pcap_dispatch(adhandle,1,T7_packet_callback,NULL);
//捕获并分析UDP探测数据包
pcap_dispatch(adhandle,1,udp_packet_callback,NULL);

return 0;
}