69,371
社区成员
发帖
与我相关
我的任务
分享关于原始套接字SOCK_RAW问题
这是一个关于嗅探的例子,使用原始套结字,并且将网卡置于混杂模式,在redhat linux 9下编译通过,可是执行的时候只能抓取发给本机ip的数据包,同时有许多源Ip和目的IP都是127.0.0.1的包,
小弟百思不得其解,望高人指教,不胜感激
#include <stdio.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <net/if.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <linux/if_ether.h>
struct IP
{
unsigned int ip_length:4;
unsigned int ip_version:4; /*IP版本,Ipv4 */
unsigned char ip_tos; /*服务类型*/
unsigned short ip_total_length; /*IP数据包的总长度*/
unsigned short ip_id; /*鉴定城*/
unsigned short ip_flags; /*IP 标志 */
unsigned char ip_ttl; /*IP 包的存活期*/
unsigned char ip_protocol; /*IP 上层的协议*/
unsigned short ip_cksum; /*IP头校验和*/
unsigned int ip_source; /*源IP地址*/
unsigned int ip_dest; /*目的IP地址*/
};
struct tcp{
unsigned short tcp_source_port;/*定义TCP源端口*/
unsigned short tcp_dest_port;/*TCP目的端口*/
unsigned short tcp_seqno;/*TC P序列号*/
unsigned int tcp_ackno;/*发送者期望的下一个序列号*/
unsigned int tcp_res1:4,/*下面几个是TCP标志*/
tcp_hlen:4,
tcp_fin:1,
tcp_syn:1,
tcp_rst:1,
tcp_psh:1,
tcp_ack:1,
tcp_urg:1,
tcp_res2:2;
unsigned short tcp_winsize;/*能接收的最大字节数*/
unsigned short tcp_cksum;/* TCP校验和*/
unsigned short tcp_urgent;/* 紧急事件标志*/
};
#define INTERFACE "eth0"
int Open_Raw_Socket(void);
int Set_Promisc(char *interface, int sock);
int main()
{
struct in_addr addr;
int sock, bytes_recieved, fromlen;
char buffer[65535];
struct sockaddr_in from;
struct IP*ip;
struct tcp *tcp;
sock = Open_Raw_Socket();
Set_Promisc(INTERFACE, sock);
while(1)
{
fromlen = sizeof from;
bytes_recieved = recvfrom(sock, buffer, sizeof buffer, 0, (struct sockaddr
*)&from, &fromlen);
ip = (struct IP *)buffer;
tcp = (struct tcp *)(buffer + (4*ip->ip_length));
/*See if this is a TCP packet*/
if(ip->ip_protocol == 6&&ip->ip_dest!=ip->ip_source) { //如果是TcP包
printf("\nBytes received ::: %5d\n",bytes_recieved);
printf("Source address ::: %s\n",inet_ntoa(from.sin_addr));
printf("IP header length ::: %d\n",ip->ip_length);
printf("Protocol ::: %d\n",ip->ip_protocol);
printf("IP TTL ::: %d\n",ip->ip_ttl);
printf("IP Server Type :::: %s\n",ip->ip_tos);
addr.s_addr = ip->ip_dest;
fprintf(stderr, "To : %15s\n", inet_ntoa(addr));//显示源地址
addr.s_addr = ip->ip_source;
fprintf(stderr, "From: %15s\n", inet_ntoa(addr));//显示目标地址
printf("Source port ::: %d\n",ntohs(tcp->tcp_source_port));
printf("Dest port ::: %d\n",ntohs(tcp->tcp_dest_port));
}
}
}
int Open_Raw_Socket() {
int sock;
if((sock = socket(PF_INET, SOCK_RAW, IPPROTO_TCP)) < 0) {
/*Then the socket was not created properly and must die*/
perror("The raw socket was not created");
exit(0);
};
return(sock);
}
int Set_Promisc(char *interface, int sock ) { //////////////
struct ifreq ifr;
strncpy(ifr.ifr_name, interface,strnlen(interface)+1);
if((ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)) {
/*Could not retrieve flags for the interface*/
perror("Could not retrive flags for the interface");
exit(0);
}
printf("The interface is ::: %s\n", interface);
perror("Retrieved flags from interface successfully");
/*now that the flags have been retrieved*/
/* set the flags to PROMISC */
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl (sock, SIOCSIFFLAGS, &ifr) == -1 ) {
/*Could not set the flags on the interface */
perror("Could not set the PROMISC flag:");
exit(0);
}
printf("Setting interface ::: %s ::: to promisc", interface);
return(0);
}
小弟百思不得其解,望高人指教,不胜感激
#include <stdio.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <net/if.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <linux/if_ether.h>
struct IP
{
unsigned int ip_length:4;
unsigned int ip_version:4; /*IP版本,Ipv4 */
unsigned char ip_tos; /*服务类型*/
unsigned short ip_total_length; /*IP数据包的总长度*/
unsigned short ip_id; /*鉴定城*/
unsigned short ip_flags; /*IP 标志 */
unsigned char ip_ttl; /*IP 包的存活期*/
unsigned char ip_protocol; /*IP 上层的协议*/
unsigned short ip_cksum; /*IP头校验和*/
unsigned int ip_source; /*源IP地址*/
unsigned int ip_dest; /*目的IP地址*/
};
struct tcp{
unsigned short tcp_source_port;/*定义TCP源端口*/
unsigned short tcp_dest_port;/*TCP目的端口*/
unsigned short tcp_seqno;/*TC P序列号*/
unsigned int tcp_ackno;/*发送者期望的下一个序列号*/
unsigned int tcp_res1:4,/*下面几个是TCP标志*/
tcp_hlen:4,
tcp_fin:1,
tcp_syn:1,
tcp_rst:1,
tcp_psh:1,
tcp_ack:1,
tcp_urg:1,
tcp_res2:2;
unsigned short tcp_winsize;/*能接收的最大字节数*/
unsigned short tcp_cksum;/* TCP校验和*/
unsigned short tcp_urgent;/* 紧急事件标志*/
};
#define INTERFACE "eth0"
int Open_Raw_Socket(void);
int Set_Promisc(char *interface, int sock);
int main()
{
struct in_addr addr;
int sock, bytes_recieved, fromlen;
char buffer[65535];
struct sockaddr_in from;
struct IP*ip;
struct tcp *tcp;
sock = Open_Raw_Socket();
Set_Promisc(INTERFACE, sock);
while(1)
{
fromlen = sizeof from;
bytes_recieved = recvfrom(sock, buffer, sizeof buffer, 0, (struct sockaddr
*)&from, &fromlen);
ip = (struct IP *)buffer;
tcp = (struct tcp *)(buffer + (4*ip->ip_length));
/*See if this is a TCP packet*/
if(ip->ip_protocol == 6&&ip->ip_dest!=ip->ip_source) { //如果是TcP包
printf("\nBytes received ::: %5d\n",bytes_recieved);
printf("Source address ::: %s\n",inet_ntoa(from.sin_addr));
printf("IP header length ::: %d\n",ip->ip_length);
printf("Protocol ::: %d\n",ip->ip_protocol);
printf("IP TTL ::: %d\n",ip->ip_ttl);
printf("IP Server Type :::: %s\n",ip->ip_tos);
addr.s_addr = ip->ip_dest;
fprintf(stderr, "To : %15s\n", inet_ntoa(addr));//显示源地址
addr.s_addr = ip->ip_source;
fprintf(stderr, "From: %15s\n", inet_ntoa(addr));//显示目标地址
printf("Source port ::: %d\n",ntohs(tcp->tcp_source_port));
printf("Dest port ::: %d\n",ntohs(tcp->tcp_dest_port));
}
}
}
int Open_Raw_Socket() {
int sock;
if((sock = socket(PF_INET, SOCK_RAW, IPPROTO_TCP)) < 0) {
/*Then the socket was not created properly and must die*/
perror("The raw socket was not created");
exit(0);
};
return(sock);
}
int Set_Promisc(char *interface, int sock ) { //////////////
struct ifreq ifr;
strncpy(ifr.ifr_name, interface,strnlen(interface)+1);
if((ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)) {
/*Could not retrieve flags for the interface*/
perror("Could not retrive flags for the interface");
exit(0);
}
printf("The interface is ::: %s\n", interface);
perror("Retrieved flags from interface successfully");
/*now that the flags have been retrieved*/
/* set the flags to PROMISC */
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl (sock, SIOCSIFFLAGS, &ifr) == -1 ) {
/*Could not set the flags on the interface */
perror("Could not set the PROMISC flag:");
exit(0);
}
printf("Setting interface ::: %s ::: to promisc", interface);
return(0);
}
...全文
请发表友善的回复…
发表回复
