從我的網易部落格移動
struct sniff_ethernet {
u_char ether_dhost[ETHER_ADDR_LEN];
u_char ether_shost[ETHER_ADDR_LEN];
u_short ether_type;
};
struct sniff_ip {
#if BYTE_ORDER == LITTLE_ENDIAN
u_int ip_hl:4,
ip_v:4;
#if BYTE_ORDER == BIG_ENDIAN
u_int ip_v:4,
ip_hl:4;
#endif
#endif
u_char ip_tos;
u_short ip_len;
u_short ip_id;
u_short ip_off;
#define IP_RF 0x8000
#define IP_DF 0x4000
#define IP_MF 0x2000
#define IP_OFFMASK 0x1fff
u_char ip_ttl;
u_char ip_p;
u_short ip_sum;
struct in_addr ip_src,ip_dst;
};
struct sniff_tcp {
u_short th_sport;
u_short th_dport;
tcp_seq th_seq;
tcp_seq th_ack;
#if BYTE_ORDER == LITTLE_ENDIAN
u_int th_x2:4,
th_off:4;
#endif
#if BYTE_ORDER == BIG_ENDIAN
u_int th_off:4,
th_x2:4;
#endif
u_char th_flags;
#define TH_FIN 0x01
#define TH_SYN 0x02
#define TH_RST 0x04
#define TH_PUSH 0x08
#define TH_ACK 0x10
#define TH_URG 0x20
#define TH_ECE 0x40
#define TH_CWR 0x80
#define TH_FLAGS (TH_FIN|TH_SYN|TH_RST|TH_ACK|TH_URG|TH_ECE|TH_CWR)
u_short th_win;
u_short th_sum;
u_short th_urp;
};
typedef u_int tcp_seq;
struct sniff_tcp
{
u_short th_sport;
u_short th_dport;
tcp_seq th_seq;
tcp_seq th_ack;
u_char th_offx2;
u_char th_flags;
u_short th_win;
u_short th_sum;
u_short th_urp;
};
struct sniff_udp
{
u_short udp_sport;
u_short udp_dport;
u_short udp_len;
u_short udp_sum;
};
struct sniff_dns
{
u_short dns_id;
u_short dns_flag;
u_short dns_ques;
u_short dns_ans;
u_short dns_auth;
u_short dns_add;
u_int8_t *dsn_data;
};
![處理PCX檔案[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)