本文整理汇总了C++中pcap_setfilter函数的典型用法代码示例。如果您正苦于以下问题:C++ pcap_setfilter函数的具体用法?C++ pcap_setfilter怎么用?C++ pcap_setfilter使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pcap_setfilter函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: main
int main()
{
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i = 0;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
u_int netmask;
char packet_filter[] = "arp";
struct bpf_program fcode;
/* Retrieve the device list */
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
/* Print the list */
for (d = alldevs; d; d = d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (No description available)\n");
}
if (i == 0)
{
printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
return -1;
}
printf("Enter the interface number (1-%d):", i);
scanf_s("%d", &inum);
if (inum < 1 || inum > i)
{
printf("\nInterface number out of range.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Jump to the selected adapter */
for (d = alldevs, i = 0; i< inum - 1;d = d->next, i++);
/* Open the adapter */
if ((adhandle = pcap_open(d->name, // name of the device
65536, // portion of the packet to capture.
// 65536 grants that the whole packet will be captured on all the MACs.
PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
1000, // read timeout
NULL, // remote authentication
errbuf // error buffer
)) == NULL)
{
fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
/* Check the link layer. We support only Ethernet for simplicity. */
if (pcap_datalink(adhandle) != DLT_EN10MB)
{
fprintf(stderr, "\nThis program works only on Ethernet networks.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
if (d->addresses != NULL)
/* Retrieve the mask of the first address of the interface */
netmask = ((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
else
/* If the interface is without addresses we suppose to be in a C class network */
netmask = 0xffffff;
//compile the filter
if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) <0)
{
fprintf(stderr, "\nUnable to compile the packet filter. Check the syntax.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
//set the filter
if (pcap_setfilter(adhandle, &fcode)<0)
{
fprintf(stderr, "\nError setting the filter.\n");
/* Free the device list */
pcap_freealldevs(alldevs);
return -1;
}
//.........这里部分代码省略.........
开发者ID:MightyNerdEric,项目名称:dash_project,代码行数:101,代码来源:dash_project.cpp
示例2: main
int main(int argc, char *argv[])
{
char errbuf[PCAP_ERRBUF_SIZE];
int opt = -1;
while ((opt = getopt(argc, argv, "Ce")) != -1) {
switch (opt) {
case 'C':
g_option_display_header = false;
break;
case 'e':
g_option_color = true;
break;
default:
print_usage(argv[0]);
exit(1);
}
}
if (optind >= argc) {
print_usage(argv[0]);
exit(1);
}
// open pcap file
const char *pcap_file_name = argv[optind];
pcap_t *pd = pcap_open_offline(pcap_file_name, errbuf);
if (NULL == pd) {
die("%s", errbuf);
}
// get datalink heaer length
int dlt = pcap_datalink(pd);
if (DLT_NULL == dlt) {
g_datalink_header_length = 4;
} else if (DLT_RAW == dlt) {
g_datalink_header_length = 0;
} else if (DLT_EN10MB == dlt || DLT_IEEE802 == dlt) {
g_datalink_header_length = 14;
} else if (DLT_PPP == dlt) {
g_datalink_header_length = 4;
} else if (DLT_LINUX_SLL == dlt) {
g_datalink_header_length = 16;
} else {
fprintf(stderr, "unknown datalink type\n");
return -1;
}
// compile and install the filter
struct bpf_program filter;
if (pcap_compile(pd, &filter, "tcp", 1, 0) != 0) {
die("%s", pcap_geterr(pd));
}
if (pcap_setfilter(pd, &filter) != 0) {
die("%s", pcap_geterr(pd));
}
// start loop
if (pcap_loop(pd, -1, packet_handler, NULL) != 0) {
die("%s", pcap_geterr(pd));
}
return 0;
}
开发者ID:kaienkira,项目名称:htcpflow,代码行数:64,代码来源:main.c
示例3: main
//.........这里部分代码省略.........
goto end;
}
else if(get_iface())
{
/* Get the MAC address of the specified interface */
read_iface_mac();
}
if(get_iface() && source == PCAP_FILE)
{
cprintf(CRITICAL, "[X] ERROR: -i and -f options cannot be used together.\n");
usage(argv[0]);
goto end;
}
/* If we're reading from a file, be sure we don't try to transmit probe requests */
if(source == PCAP_FILE)
{
passive = 1;
}
/* Open the output file, if any. If none, write to stdout. */
if(out_file)
{
fp = fopen(out_file, "wb");
if(!fp)
{
cprintf(CRITICAL, "[X] ERROR: Failed to open '%s' for writing\n", out_file);
goto end;
}
set_log_file(fp);
}
/*
* Loop through all of the specified capture sources. If an interface was specified, this will only loop once and the
* call to monitor() will block indefinitely. If capture files were specified, this will loop through each file specified
* on the command line and monitor() will return after each file has been processed.
*/
for(i=argc-1; i>0; i--)
{
/* If the source is a pcap file, get the file name from the command line */
if(source == PCAP_FILE)
{
cprintf(VERBOSE, "[V]: using PCAP file\n");
/* If we've gotten to the arguments, we're done */
if((argv[i][0] == '-') ||
(last_optarg && (memcmp(argv[i], last_optarg, strlen(last_optarg)) == 0))
)
{
break;
}
else
{
target = argv[i];
}
}
/* Else, use the specified interface name */
else
{
cprintf(VERBOSE, "[V]: using physical iface\n");
target = get_iface();
}
set_handle(capture_init(target));
if(!get_handle())
{
cprintf(CRITICAL, "[X] ERROR: Failed to open '%s' for capturing\n", get_iface());
goto end;
}
if(pcap_compile(get_handle(), &bpf, PACKET_FILTER, 0, 0) != 0)
{
cprintf(CRITICAL, "[X] ERROR: Failed to compile packet filter\n");
goto end;
}
if(pcap_setfilter(get_handle(), &bpf) != 0)
{
cprintf(CRITICAL, "[X] ERROR: Failed to set packet filter\n");
goto end;
}
/* Do it. */
cprintf(VERBOSE, "[V]: beginning monitor...\n");
monitor(bssid, passive, source, channel, mode);
cprintf(VERBOSE, "[V]: monitor exited\n");
printf("\n");
}
ret_val = EXIT_SUCCESS;
end:
globule_deinit();
sql_cleanup();
if(bssid) free(bssid);
if(out_file) free(out_file);
if(wpsmon.fp) fclose(wpsmon.fp);
return ret_val;
}
开发者ID:jmesmon,项目名称:reaver-wps,代码行数:101,代码来源:wpsmon.c
示例4: pcap_compile
/*int pcap_compile(pcap_t * p, struct bpf_program * fp, char * str, int optimize, bpf_u_int32 netmask)
fp:这是一个传出参数,存放编译后的bpf
str:过滤表达式
optimize:是否需要优化过滤表达式
metmask:简单设置为0即可
*/
void Capture::setfilter(string s){
pcap_compile(device, &filter, s.c_str(), 1, 0);
pcap_setfilter(device, &filter);
}
开发者ID:Dreamapple,项目名称:hello-world,代码行数:10,代码来源:pcap_helper.cpp
示例5: strcpy
void ICMPSniffer::run()
{
char dev[DEV_MAX] ; /* set device name */
strcpy(dev,global_dev);
char errbuf[PCAP_ERRBUF_SIZE]; /* error buffer */
/* find a capture device if not specified by dev */
//dev = pcap_lookupdev(errbuf);
if (dev == NULL)
return;
/* get network number and mask associated with capture device */
bpf_u_int32 mask; /* subnet mask */
bpf_u_int32 net; /* ip */
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1)
return;
/* open capture device */
pcap_t *handle; /* packet capture handle */
handle = pcap_open_live(dev, SNAP_LEN, 0, 1000, errbuf); // needn't to be promiscuous
if (handle == NULL)
return;
/* make sure we're capturing on an Ethernet device [2] */
if (pcap_datalink(handle) != DLT_EN10MB)
return;
/* compile the filter expression */
struct bpf_program fp; /* compiled filter program (expression) */
char filter_exp[] = "icmp";
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1)
return;
/* apply the compiled filter */
if (pcap_setfilter(handle, &fp) == -1)
return;
/* now we can start capturing packets */
struct pcap_pkthdr header; /* The header that pcap gives us */
//const struct libnet_ethernet_hdr *ethernet; /* The ethernet header */
const struct libnet_ipv4_hdr *ip; /* The IP header */
const struct libnet_icmpv4_hdr *icmp; /* The ICMP header */
const u_char *packet; // the actual packet we picked
u_int size_ip;
while(!m_stop){
packet = pcap_next(handle,&header);
if( NULL==packet )
continue;
//ethernet = (struct libnet_ethernet_hdr*)(packet);
ip = (struct libnet_ipv4_hdr*)(packet + LIBNET_ETH_H);
size_ip = IP_SIZE(ip);
icmp = (struct libnet_icmpv4_hdr*)(packet + LIBNET_ETH_H + size_ip);
unsigned int ipSource = ip->ip_src.s_addr;
//unsigned short ipID = ntohs(ip->ip_id);
unsigned short icmpID = ntohs(icmp->hun.echo.id);
// check whether the packet is corresponding to our sender
QList<IPID_Info>::iterator start=m_info.begin(), last=m_info.end();
while(start!=last){
// check if the response is corresponding to my ping
if((*start).ip==ipSource && //(*start).IPid==ipID && //!!!!!!!!!!!!! sina don't reply the same!
(*start).ICMPid==icmpID){
emit pingFounded(ipSource,0,PROTOCOL_ICMP);
m_info.erase(start); // to avoid the duplicate table row same icmp response
break;
}
++start;
}
}
/* cleanup */
pcap_freecode(&fp);
pcap_close(handle);
return;
}
开发者ID:feng-zhe,项目名称:SCanner,代码行数:74,代码来源:icmpsniffer.cpp
示例6: daemon_unpackapplyfilter
int daemon_unpackapplyfilter(pcap_t *fp, unsigned int *nread, int *plen, char *errbuf)
{
struct rpcap_filter filter;
struct rpcap_filterbpf_insn insn;
struct bpf_insn *bf_insn;
struct bpf_program bf_prog;
unsigned int i;
if ( ( *nread+= sock_recv(fp->rmt_sockctrl, (char *) &filter, sizeof(struct rpcap_filter), SOCK_RECEIVEALL_YES, errbuf, PCAP_ERRBUF_SIZE)) == -1)
{
// to avoid blocking on the sock_discard()
*plen= *nread;
return -1;
}
bf_prog.bf_len= ntohl(filter.nitems);
if (ntohs(filter.filtertype) != RPCAP_UPDATEFILTER_BPF)
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, "Only BPF/NPF filters are currently supported");
return -1;
}
bf_insn= (struct bpf_insn *) malloc ( sizeof(struct bpf_insn) * bf_prog.bf_len);
if (bf_insn == NULL)
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, "malloc() failed: %s", pcap_strerror(errno));
return -1;
}
bf_prog.bf_insns= bf_insn;
for (i= 0; i < bf_prog.bf_len; i++)
{
if ( ( *nread+= sock_recv(fp->rmt_sockctrl, (char *) &insn,
sizeof(struct rpcap_filterbpf_insn), SOCK_RECEIVEALL_YES, errbuf, PCAP_ERRBUF_SIZE)) == -1)
return -1;
bf_insn->code= ntohs(insn.code);
bf_insn->jf= insn.jf;
bf_insn->jt= insn.jt;
bf_insn->k= ntohl(insn.k);
bf_insn++;
}
if (bpf_validate(bf_prog.bf_insns, bf_prog.bf_len) == 0)
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, "The filter contains bogus instructions");
return -1;
}
if (pcap_setfilter(fp, &bf_prog) )
{
snprintf(errbuf, PCAP_ERRBUF_SIZE, "RPCAP error: %s", fp->errbuf);
return -1;
}
return 0;
}
开发者ID:OPEXGroup,项目名称:winpcap,代码行数:61,代码来源:daemon.c
示例7: main
//.........这里部分代码省略.........
error("Timeout value %ld is negative", longarg);
/* NOTREACHED */
}
if (longarg > INT_MAX) {
error("Timeout value %ld is too large (> %d)",
longarg, INT_MAX);
/* NOTREACHED */
}
timeout = (int)longarg;
break;
default:
usage();
/* NOTREACHED */
}
}
if (device == NULL) {
device = pcap_lookupdev(ebuf);
if (device == NULL)
error("%s", ebuf);
}
*ebuf = '\0';
pd = pcap_create(device, ebuf);
if (pd == NULL)
error("%s", ebuf);
status = pcap_set_snaplen(pd, 65535);
if (status != 0)
error("%s: pcap_set_snaplen failed: %s",
device, pcap_statustostr(status));
if (immediate) {
status = pcap_set_immediate_mode(pd, 1);
if (status != 0)
error("%s: pcap_set_immediate_mode failed: %s",
device, pcap_statustostr(status));
}
status = pcap_set_timeout(pd, timeout);
if (status != 0)
error("%s: pcap_set_timeout failed: %s",
device, pcap_statustostr(status));
status = pcap_activate(pd);
if (status < 0) {
/*
* pcap_activate() failed.
*/
error("%s: %s\n(%s)", device,
pcap_statustostr(status), pcap_geterr(pd));
} else if (status > 0) {
/*
* pcap_activate() succeeded, but it's warning us
* of a problem it had.
*/
warning("%s: %s\n(%s)", device,
pcap_statustostr(status), pcap_geterr(pd));
}
if (pcap_lookupnet(device, &localnet, &netmask, ebuf) < 0) {
localnet = 0;
netmask = 0;
warning("%s", ebuf);
}
cmdbuf = copy_argv(&argv[optind]);
if (pcap_compile(pd, &fcode, cmdbuf, 1, netmask) < 0)
error("%s", pcap_geterr(pd));
if (pcap_setfilter(pd, &fcode) < 0)
error("%s", pcap_geterr(pd));
if (pcap_setnonblock(pd, nonblock, ebuf) == -1)
error("pcap_setnonblock failed: %s", ebuf);
printf("Listening on %s\n", device);
for (;;) {
packet_count = 0;
status = pcap_dispatch(pd, -1, countme,
(u_char *)&packet_count);
if (status < 0)
break;
if (status != 0) {
printf("%d packets seen, %d packets counted after pcap_dispatch returns\n",
status, packet_count);
}
}
if (status == -2) {
/*
* We got interrupted, so perhaps we didn't
* manage to finish a line we were printing.
* Print an extra newline, just in case.
*/
putchar('\n');
}
(void)fflush(stdout);
if (status == -1) {
/*
* Error. Report it.
*/
(void)fprintf(stderr, "%s: pcap_loop: %s\n",
program_name, pcap_geterr(pd));
}
pcap_close(pd);
exit(status == -1 ? 1 : 0);
}
开发者ID:Stichting-MINIX-Research-Foundation,项目名称:minix,代码行数:101,代码来源:capturetest.c
示例8: main
//.........这里部分代码省略.........
print_help(stdout);
exit(EXIT_SUCCESS);
break;
case 'i':
ival = optarg;
break;
case 'r':
rval = optarg;
break;
case 's':
sval = optarg;
break;
case '?':
if (optopt == 'c')
fprintf (stderr, "Option -%c requires an argument.\n", optopt);
else if (isprint (optopt))
fprintf (stderr, "Unknown option `-%c'.\n", optopt);
else
fprintf (stderr,
"Unknown option character `\\x%x'.\n",
optopt);
print_help(stderr);
return 1;
default:
abort ();
}
}
printf ("i = %s, r = %s, s = %s\n", ival, rval, sval);
for (index = optind; index < argc; index++) {
bpf = argv[index];
if(index > optind) {
fprintf(stderr, "Please put BPF in quotes\n");
exit(EXIT_FAILURE);
}
//printf ("Non-option argument %s\n", argv[index]);
}
if(rval != NULL) {
pcap_file = fopen(rval, "r");
if(pcap_file == NULL) {
perror(NULL);
exit(EXIT_FAILURE);
}
handle = pcap_fopen_offline(pcap_file, errbuf);
if (handle == NULL) {
fprintf(stderr, "Could not open pcap file: %s\n", errbuf);
return(2);
}
} else {
if(ival == NULL) {
ival = pcap_lookupdev(errbuf);
if(ival == NULL) {
fprintf(stderr, "Couldn't find default device: %s\n", errbuf);
return(2);
} else {
printf("sniffing on: %s\n", ival);
}
}
if (pcap_lookupnet(ival, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n", ival, errbuf);
net = 0;
mask = 0;
}
handle = pcap_open_live(ival, BUFSIZ, 1, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't find default device: %s\n", errbuf);
return(2);
}
}
if(bpf != NULL) {
if (pcap_compile(handle, &fp, bpf, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n", bpf, pcap_geterr(handle));
return(2);
}
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n", bpf, pcap_geterr(handle));
return(2);
}
}
signal(SIGINT, int_handler);
rtn = pcap_loop(handle, -1, got_packet, (u_char*)sval);
if(rtn == -1) {
fprintf(stderr, "%s\n", pcap_geterr(handle));
return EXIT_FAILURE;
}
pcap_close(handle);
return EXIT_SUCCESS;
}
开发者ID:mjsalerno,项目名称:mydump,代码行数:101,代码来源:mydump.c
示例9: netInit
/**
* Init all network transports
*
* @param netPath
* @param rtOpts
* @param ptpClock
*
* @return TRUE if successful
*/
Boolean
netInit(NetPath * netPath, RunTimeOpts * rtOpts, PtpClock * ptpClock)
{
int temp;
struct sockaddr_in addr;
#ifdef PTPD_PCAP
struct bpf_program program;
char errbuf[PCAP_ERRBUF_SIZE];
#endif
DBG("netInit\n");
#ifdef PTPD_PCAP
netPath->pcapEvent = NULL;
netPath->pcapGeneral = NULL;
netPath->pcapEventSock = -1;
netPath->pcapGeneralSock = -1;
#endif
netPath->generalSock = -1;
netPath->eventSock = -1;
#ifdef PTPD_PCAP
if (rtOpts->transport == IEEE_802_3) {
netPath->headerOffset = PACKET_BEGIN_ETHER;
#ifdef HAVE_STRUCT_ETHER_ADDR_OCTET
memcpy(netPath->etherDest.octet, ether_aton(PTP_ETHER_DST), ETHER_ADDR_LEN);
memcpy(netPath->peerEtherDest.octet, ether_aton(PTP_ETHER_PEER), ETHER_ADDR_LEN);
#else
memcpy(netPath->etherDest.ether_addr_octet, ether_aton(PTP_ETHER_DST), ETHER_ADDR_LEN);
memcpy(netPath->peerEtherDest.ether_addr_octet, ether_aton(PTP_ETHER_PEER), ETHER_ADDR_LEN);
#endif /* HAVE_STRUCT_ETHER_ADDR_OCTET */
} else
#endif
netPath->headerOffset = PACKET_BEGIN_UDP;
/* open sockets */
if ((netPath->eventSock = socket(PF_INET, SOCK_DGRAM,
IPPROTO_UDP)) < 0
|| (netPath->generalSock = socket(PF_INET, SOCK_DGRAM,
IPPROTO_UDP)) < 0) {
PERROR("failed to initialize sockets");
return FALSE;
}
if(!testInterface(rtOpts->ifaceName, rtOpts))
return FALSE;
netPath->interfaceInfo.addressFamily = AF_INET;
/* the if is here only to get rid of an unused result warning. */
if( getInterfaceInfo(rtOpts->ifaceName, &netPath->interfaceInfo)!= 1)
return FALSE;
/* No HW address, we'll use the protocol address to form interfaceID -> clockID */
if( !netPath->interfaceInfo.hasHwAddress && netPath->interfaceInfo.hasAfAddress ) {
uint32_t addr = netPath->interfaceInfo.afAddress.s_addr;
memcpy(netPath->interfaceID, &addr, 2);
memcpy(netPath->interfaceID + 4, &addr + 2, 2);
/* Initialise interfaceID with hardware address */
} else {
memcpy(&netPath->interfaceID, &netPath->interfaceInfo.hwAddress,
sizeof(netPath->interfaceID) <= sizeof(netPath->interfaceInfo.hwAddress) ?
sizeof(netPath->interfaceID) : sizeof(netPath->interfaceInfo.hwAddress)
);
}
DBG("Listening on IP: %s\n",inet_ntoa(netPath->interfaceInfo.afAddress));
#ifdef PTPD_PCAP
if (rtOpts->pcap == TRUE) {
int promisc = (rtOpts->transport == IEEE_802_3 ) ? 1 : 0;
if ((netPath->pcapEvent = pcap_open_live(rtOpts->ifaceName,
PACKET_SIZE, promisc,
PCAP_TIMEOUT,
errbuf)) == NULL) {
PERROR("failed to open event pcap");
return FALSE;
}
if (pcap_compile(netPath->pcapEvent, &program,
( rtOpts->transport == IEEE_802_3 ) ?
"ether proto 0x88f7":
( rtOpts->ip_mode != IPMODE_MULTICAST ) ?
"udp port 319" :
"host (224.0.1.129 or 224.0.0.107) and udp port 319" ,
1, 0) < 0) {
PERROR("failed to compile pcap event filter");
pcap_perror(netPath->pcapEvent, "ptpd2");
return FALSE;
}
if (pcap_setfilter(netPath->pcapEvent, &program) < 0) {
//.........这里部分代码省略.........
开发者ID:DomChey,项目名称:ptpd,代码行数:101,代码来源:net.c
示例10: main
int main(int argc, char **argv)
{
pcap_t *fp;
char errbuf[PCAP_ERRBUF_SIZE];
char *source = NULL;
char *ofilename = NULL;
char *filter = NULL;
int i;
pcap_dumper_t *dumpfile;
struct bpf_program fcode;
bpf_u_int32 NetMask;
int res;
struct pcap_pkthdr *header;
const u_char *pkt_data;
#ifdef WIN32
/* Load Npcap and its functions. */
if (!LoadNpcapDlls())
{
fprintf(stderr, "Couldn't load Npcap\n");
exit(1);
}
#endif
if (argc == 1)
{
usage();
return -1;
}
/* Parse parameters */
for(i=1;i < argc; i+= 2)
{
switch (argv[i] [1])
{
case 's':
{
source=argv[i+1];
};
break;
case 'o':
{
ofilename=argv[i+1];
};
break;
case 'f':
{
filter=argv[i+1];
};
break;
}
}
// open a capture from the network
if (source != NULL)
{
if ((fp = pcap_open_live(source, // name of the device
65536, // portion of the packet to capture.
// 65536 grants that the whole packet will be captured on all the MACs.
1, // promiscuous mode (nonzero means promiscuous)
1000, // read timeout
errbuf // error buffer
)) == NULL)
{
fprintf(stderr,"\nUnable to open the adapter.\n");
return -2;
}
}
else usage();
if (filter != NULL)
{
// We should loop through the adapters returned by the pcap_findalldevs_ex()
// in order to locate the correct one.
//
// Let's do things simpler: we suppose to be in a C class network ;-)
NetMask=0xffffff;
//compile the filter
if(pcap_compile(fp, &fcode, filter, 1, NetMask) < 0)
{
fprintf(stderr,"\nError compiling filter: wrong syntax.\n");
pcap_close(fp);
return -3;
}
//set the filter
if(pcap_setfilter(fp, &fcode)<0)
{
fprintf(stderr,"\nError setting the filter\n");
pcap_close(fp);
return -4;
}
}
//.........这里部分代码省略.........
开发者ID:nmap,项目名称:npcap,代码行数:101,代码来源:pcap_filter.c
示例11: probe_host
static void probe_host(const char *host)
{
struct sockaddr_in sin;
char pcap_errbuf[PCAP_ERRBUF_SIZE];
struct pcap_pkthdr pkthdr;
const uint8_t *data;
struct bpf_program fp;
pcap_t *ph;
int fd;
ph = pcap_create(iface, pcap_errbuf);
if (ph == NULL) {
perror("pcap_create");
goto err1;
}
if (pcap_setnonblock(ph, 1, pcap_errbuf) == -1) {
perror("pcap_setnonblock");
goto err2;
}
if (pcap_setfilter(ph, &fp) == -1) {
pcap_perror(ph, "pcap_setfilter");
goto err2;
}
if (pcap_activate(ph) != 0) {
pcap_perror(ph, "pcap_activate");
goto err2;
}
if (pcap_compile(ph, &fp, "src host 127.0.0.1 and tcp and src port 80",
1, PCAP_NETMASK_UNKNOWN) == -1) {
pcap_perror(ph, "pcap_compile");
goto err2;
}
fd = socket(AF_INET, SOCK_STREAM, 0);
if (fd < 0) {
perror("socket");
goto err3;
}
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
sin.sin_addr.s_addr = inet_addr(host);
if (connect(fd, (struct sockaddr *)&sin, sizeof(sin)) < 0) {
perror("connect");
goto err4;
}
for (;;) {
data = pcap_next(ph, &pkthdr);
if (data == NULL)
break;
if (parse_packet(host, data))
break;
}
close(fd);
err4:
close(fd);
err3:
pcap_freecode(&fp);
err2:
pcap_close(ph);
err1:
return;
}
开发者ID:AmVPN,项目名称:iptables,代码行数:72,代码来源:nfsynproxy.c
示例12: process_infile
static void process_infile(const std::string &expression,const char *device,const std::string &infile)
{
char error[PCAP_ERRBUF_SIZE];
pcap_t *pd=0;
int dlt=0;
pcap_handler handler;
#ifdef HAVE_INFLATER
if(inflaters==0) inflaters = build_inflaters();
#endif
if (infile!=""){
std::string file_path = infile;
// decompress input if necessary
#ifdef HAVE_INFLATER
for(inflaters_t::const_iterator it = inflaters->begin(); it != inflaters->end(); it++) {
if((*it)->appropriate(infile)) {
int fd = (*it)->invoke(infile);
file_path = ssprintf("/dev/fd/%d", fd);
if(fd < 0) {
std::cerr << "decompression of '" << infile << "' failed" << std::endl;
exit(1);
}
if(access(file_path.c_str(), R_OK)) {
std::cerr << "decompression of '" << infile << "' is not available on this system" << std::endl;
exit(1);
}
break;
}
}
#endif
if ((pd = pcap_open_offline(file_path.c_str(), error)) == NULL){ /* open the capture file */
die("%s", error);
}
dlt = pcap_datalink(pd); /* get the handler for this kind of packets */
handler = find_handler(dlt, infile.c_str());
} else {
/* if the user didn't specify a device, try to find a reasonable one */
if (device == NULL){
if ((device = pcap_lookupdev(error)) == NULL){
die("%s", error);
}
}
/* make sure we can open the device */
if ((pd = pcap_open_live(device, SNAPLEN, !opt_no_promisc, 1000, error)) == NULL){
die("%s", error);
}
#if defined(HAVE_SETUID) && defined(HAVE_GETUID)
/* drop root privileges - we don't need them any more */
if(setuid(getuid())){
perror("setuid");
}
#endif
/* get the handler for this kind of packets */
dlt = pcap_datalink(pd);
handler = find_handler(dlt, device);
}
DEBUG(20) ("filter expression: '%s'",expression.c_str());
/* install the filter expression in libpcap */
struct bpf_program fcode;
if (pcap_compile(pd, &fcode, expression.c_str(), 1, 0) < 0){
die("%s", pcap_geterr(pd));
}
if (pcap_setfilter(pd, &fcode) < 0){
die("%s", pcap_geterr(pd));
}
/* initialize our flow state structures */
/* set up signal handlers for graceful exit (pcap uses onexit to put
* interface back into non-promiscuous mode
*/
portable_signal(SIGTERM, terminate);
portable_signal(SIGINT, terminate);
#ifdef SIGHUP
portable_signal(SIGHUP, terminate);
#endif
/* start listening or reading from the input file */
if (infile == "") DEBUG(1) ("listening on %s", device);
if (pcap_loop(pd, -1, handler, (u_char *)tcpdemux::getInstance()) < 0){
die("%s: %s", infile.c_str(),pcap_geterr(pd));
}
}
开发者ID:EnjoyHacking,项目名称:tcpflow,代码行数:89,代码来源:tcpflow.cpp
示例13: main
int main(int argc, char *argv[])
{
int n;
char errbuf[LIBNET_ERRBUF_SIZE];
/* pcap variables */
char perrbuf[PCAP_ERRBUF_SIZE];
char *dev ="eth0"; /* default if */
char filter[MAXTEXT];
u_short sport; /* remote port from which syn-ack is coming */
struct bpf_program fp; /* hold compiled program */
bpf_u_int32 maskp; /* subnet mask */
bpf_u_int32 netp; /* ip */
void usage(char *);
/* Initialize the library. Root priviledges are required. */
l = libnet_init(
LIBNET_RAW4, /* injection type */
NULL, /* network interface */
errbuf); /* errbuf */
if (l == NULL)
{
fprintf(stderr, "libnet_init() failed: %s\n", errbuf);
exit(EXIT_FAILURE);
}
libnet_seed_prand(l);
tcp = 0;
ip = 0;
if (argc != 5) {
usage(argv[0]);
exit(EXIT_FAILURE);
}
while ((n = getopt(argc, argv, "p:i:")) != EOF)
{
switch (n)
{
case 'p':
sport = (u_short) atoi(optarg); /* local port */
break;
case 'i':
dev = optarg; /* device */
break;
default:
usage(argv[0]);
exit(EXIT_FAILURE);
}
}
pcap_lookupnet(dev,&netp,&maskp,perrbuf);
/* open device for reading in promiscuous mode */
descr = pcap_open_live(dev,BUFSIZ,1,-1,perrbuf);
if(descr == NULL)
{ printf("pcap_open_live(): %s\n",perrbuf); exit(1); }
/* Lets try and compile the program.. non-optimized */
sprintf(filter, "src port %d and tcp[13] == 18", sport); /* only SYN-ACK */
/* printf("The filter is: %s\n", filter); */
if(pcap_compile(descr,&fp,filter,0,netp) == -1)
{ fprintf(stderr,"Error calling pcap_compile\n"); exit(1); }
/* set the compiled program as the filter */
if(pcap_setfilter(descr,&fp) == -1)
{ fprintf(stderr,"Error setting filter\n"); exit(1); }
pcap_loop(descr,-1,my_callback,NULL);
pcap_close(descr);
libnet_destroy(l);
return (EXIT_SUCCESS);
}
开发者ID:big3k,项目名称:oneway,代码行数:75,代码来源:rst2synack.c
示例14: main
int main(int argc, char *argv[])
{
int ret;
char* file_name = NULL;
char* dev = NULL;
char errbuf[PCAP_ERRBUF_SIZE];
struct bpf_program comp_filter_exp; /* The compiled filter expression */
char filter_exp[] = "ether dst 91:E0:F0:00:0e:80"; /* The filter expression */
struct pcap_pkthdr header; /* header pcap gives us */
const u_char* packet; /* actual packet */
signal(SIGINT, sigint_handler);
int c;
while((c = getopt(argc, argv, "hi:f:")) > 0)
{
switch (c)
{
case 'h':
help();
break;
case 'i':
dev = strdup(optarg);
break;
case 'f':
file_name = strdup(optarg);
break;
default:
fprintf(stderr, "Unrecognized option!\n");
}
}
if ((NULL == dev) || (NULL == file_name))
help();
if (create_socket())
{
fprintf(stderr, "Socket creation failed.\n");
return (errno);
}
report_domain_status();
fprintf(stdout,"Waiting for talker...\n");
await_talker();
#ifdef DEBUG
fprintf(stdout,"Send ready-msg...\n");
#endif
send_ready();
#ifdef LIBSND
SF_INFO* sf_info = (SF_INFO*)malloc(sizeof(SF_INFO));
memset(sf_info, 0, sizeof(SF_INFO));
sf_info->samplerate = SAMPLES_PER_SECOND;
sf_info->channels = CHANNELS;
sf_info->format = SF_FORMAT_WAV | SF_FORMAT_PCM_24;
if (0 == sf_format_check(sf_info))
{
fprintf(stderr, "Wrong format.");
return -1;
}
if (NULL == (snd_file = sf_open(file_name, SFM_WRITE, sf_info)))
{
fprintf(stderr, "Could not create file.");
return -1;
}
fprintf(stdout,"Created file called %s\n", file_name);
#endif
#ifdef PCAP
/** session, get session handler */
/* take promiscuous vs. non-promiscuous sniffing? (0 or 1) */
handle = pcap_open_live(dev, BUFSIZ, 1, -1, errbuf);
if (NULL == handle)
{
fprintf(stderr, "Could not open device %s: %s\n", dev, errbuf);
return -1;
}
#ifdef DEBUG
fprintf(stdout,"Got session handler.\n");
#endif
/* compile and apply filter */
if (-1 == pcap_compile(handle, &comp_filter_exp, filter_exp, 0, PCAP_NETMASK_UNKNOWN))
{
fprintf(stderr, "Could not parse filter %s: %s\n", filter_exp, pcap_geterr(handle));
return -1;
}
if (-1 == pcap_setfilter(handle, &comp_filter_exp))
{
fprintf(stderr, "Could not install filter %s: %s\n", filter_exp, pcap_geterr(handle));
return -1;
}
//.........这里部分代码省略.........
开发者ID:MamataBhat,项目名称:Open_AVB,代码行数:101,代码来源:simple_listener.c
示例15: main
//.........这里部分代码省略.........
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n", dev, errbuf);
net = 0;
mask = 0;
}
struct ether_addr *ha = NULL;
if ((ha = (struct ether_addr *) libnet_get_hwaddr(l)) == NULL) {
fprintf(stderr, "%s", libnet_geterror(l));
exit(EXIT_FAILURE);
}
// LLTP magic packet
char* payload = "\x01\x00\x00\x00\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00";
char* hwdst = "\xff\xff\xff\xff\xff\xff";
memcpy(buf,payload,18);
memcpy(buf+10, ha, 6);
gettimeofday(&start_time, NULL);
memcpy(buf+16, &start_time.tv_sec, 2); // emulate sequence number
eth_ptag = libnet_build_ethernet(
hwdst, /* ethernet destination */
ha->ether_addr_octet,
/* ethernet source */
0x88d9, /* protocol type */
buf, /* payload */
18, /* payload size */
l, /* libnet handle */
0); /* libnet id */
if (eth_ptag == -1) {
fprintf(stderr, "Can't build ethernet header: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/*
* Write it to the wire.
*/
c = libnet_write(l);
if (c == -1) {
fprintf(stderr, "Write error: %s\n", libnet_geterror(l));
libnet_destroy(l);
exit(EXIT_FAILURE);
}
/* Open the session in promiscuous mode */
pcap_handle = pcap_open_live(dev, BUFSIZ, 1, PCAP_PERIOD, errbuf);
if (pcap_handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
libnet_destroy(l);
return (2);
}
/* Compile and apply the filter */
if (pcap_compile(pcap_handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(pcap_handle));
libnet_destroy(l);
return (2);
}
if (pcap_setfilter(pcap_handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n", filter_exp, pcap_geterr(pcap_handle));
libnet_destroy(l);
return (2);
}
signal(SIGALRM, on_alarm);
gettimeofday(&start_time, NULL);
timer_create(CLOCK_MONOTONIC, NULL, &timer_id);
timer_settime(timer_id, 0, &tspec, NULL);
// don't know why, but pcap_dispatch does not return control to main after
// timeout expires. so, we use nonblocking pcap on linux.
#ifdef __linux__
pcap_setnonblock(pcap_handle, 1, errbuf);
#endif
while( !do_stop ) {
pcap_dispatch(pcap_handle, -1, got_packet, NULL);
#ifdef __linux__
usleep(1000);
#endif
}
pcap_close(pcap_handle);
i = tv_diff2msec(NULL);
printf("found %d hosts in %d.%d seconds", nhosts, i/1000, i%1000);
if( mac_to_find && !mac_found ) {
printf(", but '%s' is not found.\n", mac_to_find);
} else {
puts("");
}
return (0);
}
开发者ID:tianzhishuizhu,项目名称:lltdscan,代码行数:101,代码来源:lltdscan.c
示例16: main
//.........这里部分代码省略.........
victim_ethernet = argv[i+1];
i = i + 1;
}
else if (strcmp(argv[i], "--relayer-ip") == 0)
{
relayer_ip = argv[i+1];
i = i + 1;
}
else if (strcmp(argv[i], "--relayer-ethernet") == 0)
{
relayer_ethernet = argv[i+1];
i = i + 1;
}
else
{
printf("%s\n", argv[i-1]);
printf("Invalid Commandline parameter: %s\n", argv[i]);
return 1;
}
}
if (victim_ethernet == NULL || relayer_ethernet == NULL)
{
fprintf(stderr, "You have to specify both victim and relayer ethernet address\n");
exit(1);
}
if (victim_ip == NULL || relayer_ip == NULL)
{
fprintf(stderr, "No IP specified for either victim or realyer\n");
exit(1);
}
/**************
* INIT STATE *
**************/
printf(" Initilizing Reflector\n");
if (dev == NULL) {
dev = pcap_lookupdev(errbuf);
}
if (dev == NULL) {
fprintf(stderr, "Couldn't find default device: %s\n", errbuf);
return(2);
}
/* Find the properties for the device */
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n", dev, errbuf);
net = 0;
mask = 0;
}
/* Open the session in promiscuous mode */
handle = pcap_open_live(dev, BUFSIZ, 1, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
exit(1);
}
/* Generate filter: dst (VIC or REL) this way we get the
* information to the victim and to the relay so we can
* reflecting part later. */
strcat(filter_exp, "dst (");
strcat(filter_exp, relayer_ip);
strcat(filter_exp, " or ");
strcat(filter_exp, victim_ip);
strcat(filter_exp, ")");
printf(" Filter Added: %s\n", filter_exp);
/* Compile and apply the filter */
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(handle));
exit(1);
}
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n", filter_exp, pcap_geterr(handle));
exit(1);
}
/*******************
* LISTENING STATE *
* Grab packets *
*******************/
printf(" Start Listening for packets\n");
pcap_loop(handle, -1, got_packet, NULL);
pcap_close(handle);
return(0);
}
开发者ID:gronnbeck,项目名称:dojo,代码行数:101,代码来源:reflector.c
示例17: main
int main(int argc, char *argv[])
{
char *mode = argv[0]; /* Name of this binary, cc-mon or bw-mon? */
char *dev = argv[1]; /* The device to sniff on */
char *filter_exp = argv[2]; /* The filter expression */
char errbuf[PCAP_ERRBUF_SIZE]; /* Error string */
struct bpf_program fp; /* The compiled filter */
pcap_t *handle; /* Session handle */
bpf_u_int32 mask; /* Our netmask */
bpf_u_int32 net; /* Our IP */
struct pcap_pkthdr hdr; /* The header that pcap gives us */
const u_char *packet; /* The actual packet */
pthread_t reporter; /* timed reporting of measurements */
if (argc < 3)
usage(mode);
// print given command, so that we can log everything by redirecting to a file
printf("%s ",argv[0]);
printf("%s ",argv[1]);
printf("%s\n\n",argv[2]);
// remove possible prepended paths
mode += (strlen(mode) - strlen("cc-mon"));
/* signal handler will close nfq hooks on exit */
if(signal(SIGINT, sig_handler) == SIG_IGN)
signal(SIGINT, SIG_IGN);
if(signal(SIGHUP, sig_handler) == SIG_IGN)
signal(SIGINT, SIG_IGN);
if(signal(SIGTERM, sig_handler) == SIG_IGN)
signal(SIGINT, SIG_IGN);
/* Find the properties for the device */
if (pcap_lookupnet(dev, &net, &mask, errbuf) == -1) {
fprintf(stderr, "Couldn't get netmask for device %s: %s\n", dev, errbuf);
net = 0;
mask = 0;
}
/* Open the session, no promiscuous mode: they're our packets */
handle = pcap_open_live(dev, BUFSIZ, 1, 1000, errbuf);
if (handle == NULL) {
fprintf(stderr, "Couldn't open device %s: %s\n", dev, errbuf);
return(2);
}
/* Compile and apply the filter */
if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(handle));
return(2);
}
if (pcap_setfilter(handle, &fp) == -1) {
fprintf(stderr, "Couldn't install filter %s: %s\n", filter_exp, pcap_geterr(handle));
return(2);
}
/* init time spec */
gettimeofday(&last_time, NULL);
gettimeofday(&first_time, NULL);
/* loop in chosen mode until sigint */
if (0 == strcmp("bw-mon", mode)) {
pthread_create(&reporter, NULL, reporter_thread, NULL);
pcap_loop(handle, -1, throughput_cb, NULL);
}
else {
pcap_loop(handle, -1, metadata_cb, NULL);
}
pcap_close(handle);
exit(0);
}
|
客服电话
APP下载
官方微信
请发表评论