當(dāng)前位置：首頁(yè) > 编程资源 > 编程问答 >内容正文

编程问答

libpcap的简单使用--抓取特定类型和端口的网络数据

發(fā)布時(shí)間：2024/4/24 编程问答 36 豆豆

生活随笔收集整理的這篇文章主要介紹了 libpcap的简单使用--抓取特定类型和端口的网络数据小編覺(jué)得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.

[cpp]?view plaincopy

#include???

using?std::cout;??

using?std::endl;??

using?std::thread;??

using?std::vector;??

using?std::string;??

//解析數(shù)據(jù)包??

void?getPacket(u_char?*?arg,const?struct?pcap_pkthdr?*pkthdr,const?u_char?*?packet){??

????unsigned?char?src_mac[18]?=?"";??

????unsigned?char?dst_mac[18]?=?"";??

????unsigned?char?src_addr[20]?=?"";??????

????unsigned?char?dst_addr[20]?=?"";??

??????

????unsigned?char?head_str[50]?=?"";??

????unsigned?char?body_str[512]?=?"";??

????vector?split_vector;??

????char?*p?=?NULL;??

????const?char?*split?=?"|";??

????int?*id?=?(int?*)arg;??

????cout?<<?"id:?"?<<?++(*id)?<<?endl;??

????cout?<<?"Packet?length:?"?<<?pkthdr->len?<<?endl;??

????cout?<<?"Number?of?bytes:?"?<<?pkthdr->caplen?<<?endl;??

????cout?<<?"Recieved?time:?"?<<?ctime((const?time_t?*)&pkthdr->ts.tv_sec);??

????if?(pkthdr->len?!=?94)??

????{??

????????cout?<<?"wifi?TanZhen?message?length?error."?<<?endl;??

????????exit(1);??

????}??

??????

????memcpy(head_str,?(char?*)packet,?42);??

????memcpy(body_str,?(char?*)packet?+?42,?52);??

????sprintf((char?*)dst_mac,?"%02x:%02x:%02x:%02x:%02x:%02x",?head_str[0],?head_str[1],?head_str[2],?head_str[3],?head_str[4],?head_str[5]);??????

????sprintf((char?*)src_mac,?"%02x:%02x:%02x:%02x:%02x:%02x",?head_str[6],?head_str[7],?head_str[8],?head_str[9],?head_str[10],?head_str[11]);????

????//消息頭??

????if?(head_str[12]?==?0x08?&&?head_str[13]?==?0x00)??

????{??

????????printf("____________________IP?Protocol____________________\n");??

????????printf("MAC:%s?>>?%s\n",?src_mac,?dst_mac);??

????????sprintf((char?*)src_addr,?"%02d.%02d.%02d.%02d",?head_str[26],?head_str[27],?head_str[28],?head_str[29]);?????

????????sprintf((char?*)dst_addr,?"%02d.%02d.%02d.%02d",?head_str[30],?head_str[31],?head_str[32],?head_str[33]);??

????????printf("IP:%s?>>?%s\n",?src_addr,?dst_addr);??

????????if?(head_str[23]?==?0x01)??

????????{??

????????????printf("Type:ICMP\n");??

????????}??

????????else?if?(head_str[23]?==?0x02)??

????????{??

????????????printf("Type:IGMP\n");??

????????}??

????????else?if?(head_str[23]?==?0x06)??

????????{??

????????????printf("Type:TCP\n");??

????????}?????????

????????else?if?(head_str[23]?==?0x11)??

????????{??

????????????printf("Type:UDP\n");??

????????}??

????????printf("Port:?%d?>>?%d\n",?ntohs(*(unsigned?short?*)(head_str?+?34)),?ntohs(*(unsigned?short?*)(head_str?+?36)));??

????}??

????//消息體??

????for?(unsigned?int?i=42;?ilen;?++i)??

????{??

????????printf("%c",?*(packet?+?i));??

????}??

????cout?<<?endl;??

????//拆分消息體??

????p?=?strtok((char?*)body_str,?split);??

????while(p?!=?NULL){??

????????split_vector.push_back(p);??

????????p?=?strtok(NULL,?split);??

????}??

????cout?<<?"split?vector?size:"?<<?split_vector.size()?<<?endl;??

????for?(auto?itr?=?split_vector.cbegin();?itr?!=?split_vector.cend();?itr++){??

????????cout?<<?*itr?<<?endl;??

????}??

??????

????cout?<<?"-------------------------------------------------------"?<<?endl;??

}??

int?main(int?argc,?char?*argv[]){??

????char?errBuf[PCAP_ERRBUF_SIZE]?=?{0};??

????char?*device?=?nullptr;??

????//獲取網(wǎng)絡(luò)接口??

????device?=?pcap_lookupdev(errBuf);??

????if?(device){??

????????cout?<<?"succeed?get?device:?"?<<?device?<<?endl;??

????}??

????else{??

????????cout?<<?"error:?"?<<?errBuf?<<?endl;??

????????exit(1);??

????}??

????//打開(kāi)網(wǎng)絡(luò)接口??

????pcap_t?*live_device?=?pcap_open_live(device,?65535,?1,?0,?errBuf);//任何一個(gè)協(xié)議的一個(gè)數(shù)據(jù)包長(zhǎng)度必然小于65535,1表示混雜模式，0表示一直等待數(shù)據(jù)包到來(lái)??

????if?(!live_device){??

????????cout?<<?"error:?pcap_open_live():?"?<<?errBuf?<<?endl;??

????????exit(1);??

????}??

??????

????//構(gòu)造一個(gè)過(guò)濾器??

????struct?bpf_program?filter;??

????//編譯過(guò)濾器??

????pcap_compile(live_device,?&filter,?"udp?dst?port?9900",?1,?0);//在wifi探針平臺(tái)設(shè)置接收消息的服務(wù)器和端口??

????//設(shè)置過(guò)濾器??

????pcap_setfilter(live_device,?&filter);??

??????

????//循環(huán)獲取數(shù)據(jù)??

????int?id?=?0;??

????pcap_loop(live_device,?-1,?getPacket,?(u_char?*)&id);//-1表示循環(huán)抓包???

????//關(guān)閉網(wǎng)絡(luò)接口??

????pcap_close(live_device);??

??????

????return?0;??

} ?

與50位技術(shù)專(zhuān)家面對(duì)面20年技術(shù)見(jiàn)證，附贈(zèng)技術(shù)全景圖

總結(jié)

以上是生活随笔為你收集整理的libpcap的简单使用--抓取特定类型和端口的网络数据的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。

上一篇： linux下c语言抓包库libpcap
下一篇：解决VS2017运行时控制台一闪即逝问题