// capture.cpp : 定義控制台應用程式的入口點。
//
#include "stdafx.h"
#include "iostream"
#include "winsock2.h"
#include "mstcpip.h"
#pragma comment(lib,"WS2_32")
using namespace std;
void DecodeIPPacket(char * pData);
void DecodeTCPPacket(char * pData);
void DecodeUDPPacket(char * pData);
void DecodeICMPPacket(char * pData);
typedef struct _IPHeader
{
unsigned char iphVerLen;
unsigned char ipTOS;
unsigned short ipLength;
unsigned short ipID;
unsigned short ipFlags;
unsigned char ipTTL;
unsigned char ipProtocol;
unsigned short ipChecksum;
unsigned long ipSource;
unsigned long ipDestination;
}IPHeader, * PIPHeader;
typedef struct icmphdr
{
char i_type;
char i_code;
unsigned short i_cksum;
unsigned short i_id;
unsigned short i_seq;
unsigned long timestamp;
}ICMPHeader;
typedef struct _UDPHeader
{
unsigned short sourcePort;
unsigned short destinationPort;
unsigned short len;
unsigned short checksum;
}UDPHeader;
typedef struct _TCPHeader
{
unsigned short sourcePort;
unsigned short destinationPort;
unsigned long sequenceNumber;
unsigned long acknowledgeNumber;
char dataoffset;
char flags;
unsigned short window;
unsigned short checksum;
unsigned short urgentPointer;
}TCPHeader;
int _tmain(int argc, _TCHAR* argv[])
{
WSADATA wsaData;
int ret;
if((ret=WSAStartup(MAKEWORD(2,2),&wsaData))!=0)
{
cout<
return -1;
}
SOCKET sRaw = socket(AF_INET,SOCK_RAW,IPPROTO_IP);
char sHostName[256];
SOCKADDR_IN addr_in;
struct hostent * hptr;
gethostname(sHostName,sizeof(sHostName));
if((hptr = gethostbyname(sHostName)) == NULL)
{
cout<
WSACleanup();
return -1;
}
char **pptr = hptr->h_addr_list;
cout<
while(*pptr!=NULL)
{
cout<
pptr++;
}
cout<
char snfIP[20];
cin.getline(snfIP,sizeof(snfIP));
addr_in.sin_family = AF_INET;
addr_in.sin_port = htons(0);
addr_in.sin_addr.S_un.S_addr = inet_addr(snfIP);
if(bind(sRaw,(PSOCKADDR)&addr_in,sizeof(addr_in)) == SOCKET_ERROR)
{
cout<
closesocket(sRaw);
WSACleanup();
return -1;
}
//調用ioctlsocket将網卡設為混雜模式前,套接字必須綁定該網卡的IP位址
DWORD dwValue = 1;
if(ioctlsocket(sRaw,SIO_RCVALL,&dwValue)!=0)
{
cout<
closesocket(sRaw);
WSACleanup();
return -1;
}
//開始抓取IP分組
char buff[50][4096];
int packetNumber;
cout<
cin>>packetNumber;
cout<
int i,nRet;
for(i=0;i
{
if(i>=50)break;
nRet=recv(sRaw,buff[i],4096,0);
cout<
if(nRet<=0)
{
cout<
break;
}
}
//解析IP包
int j=0;
for(j=0;j
{
cout<
DecodeIPPacket(buff[j]);
}
closesocket(sRaw);
WSACleanup();
return 0;
}
void DecodeIPPacket(char *pData)
{
IPHeader * pIPHdr =(IPHeader *) pData;
in_addr source,dest;
char szSourceIp[32],szDestIp[32];
source.S_un.S_addr = pIPHdr ->ipSource;
dest.S_un.S_addr = pIPHdr ->ipDestination;
strcpy_s(szSourceIp,inet_ntoa(source));
strcpy_s(szDestIp,inet_ntoa(dest));
cout<
cout<
int nHeaderLen = (pIPHdr-> iphVerLen &0xf) * sizeof(ULONG);
switch (pIPHdr -> ipProtocol)
{
case IPPROTO_TCP:
DecodeTCPPacket(pData + nHeaderLen);
break;
case IPPROTO_UDP:
DecodeUDPPacket(pData + nHeaderLen);
break;
case IPPROTO_ICMP:
DecodeUDPPacket(pData + nHeaderLen);
break;
defualt:
cout<ipProtocol;
}
}
void DecodeTCPPacket(char * pData)
{
TCPHeader * pTCPHdr =(TCPHeader *) pData;
cout<sourcePort);
cout<destinationPort)<
}
void DecodeUDPPacket(char * pData)
{
UDPHeader * pUDPHdr =(UDPHeader *) pData;
cout<sourcePort);
cout<destinationPort)<
}
void DecodeICMPPacket(char * pData)
{
ICMPHeader * pICMPHdr =(ICMPHeader *) pData;
cout<i_type<i_code<
switch(pICMPHdr -> i_type)
{
case 0:
cout<
case 8:
cout<
case 3:
cout<
case 11:
cout<
}
}