跪求解决嗅探问题
...我自己网上找了个代码,,..用来分析有所经过网卡的IP数据包,,
但不知道怎么的老是收不到包,就是在read那里阻塞住了,,,,,,,,很奇怪,搞了一天了...郁闷死了,,= =我用freebsd的,,,,,,....先谢谢了...
代码如下:
#define INTERFACE "vr0 "
int bytes_recieved = 0;
int Open_Raw_Socket(void);
int Set_Promisc(char *interface, int sock);
static void
sig_alrm(int signo)
{
printf( "alrm.bytes_recieved :%d...\n ", bytes_recieved);
alarm(2);
}
int main()
{
int sock, bytes_recieved;
char buffer[2048];
memset(buffer, 0, 2048);
struct ip *iptemp;
struct tcphdr *tcptemp;
sock = Open_Raw_Socket();
Set_Promisc(INTERFACE, sock);
#if 1
/*alarm time*/
if (signal(SIGALRM, sig_alrm) == SIG_ERR)
{
exit(1);
}
alarm(2);
#endif
while(1)
{
printf( "waiting data:\n ");
bytes_recieved = read(sock, buffer, sizeof(buffer));
//printf( "recived %d\n ", bytes_recieved);
if(bytes_recieved <= 0)
{
continue;
}
iptemp = (struct ip *)buffer;
#if 0
/*See if this is a TCP packet*/
if(iptemp-> ip_p == 6)
{
printf( "IP header length :::%d\n ", iptemp-> ip_hl);
printf( "Protocol :::%d\n ", iptemp-> ip_p);
tcptemp = (struct tcphdr *)(buffer + (4*iptemp-> ip_len));
printf( "Source port :::%d\n ", ntohs(tcptemp-> th_sport));
printf( "Dest port :::%d\n ", ntohs(tcptemp-> th_dport));
}
#endif
}
}
int Open_Raw_Socket(void)
{
int sock;
if((sock = socket(PF_INET, SOCK_RAW, 0)) < 0)
{
/*Then the socket was not created properly and must die*/
perror( "The raw socket was not created ");
exit(0);
};
return(sock);
}
int Set_Promisc(char *interface, int sock )
{
struct ifreq ifr;
memset(&ifr, 0, sizeof(struct ifreq));
strncpy(ifr.ifr_name, interface,strlen(interface)+1);
if((ioctl(sock, SIOCGIFFLAGS, &ifr) == -1))
{
/*Could not retrieve flags for the interface*/
perror( "Could not retrive flags for the interface ");
exit(0);
}
printf( "The interface is ::: %s\n ", interface);
printf( "Retrieved flags from interface successfully\n ");
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl (sock, SIOCSIFFLAGS, &ifr) == -1 )
{
/*Could not set the flags on the interface */
perror( "Could not set the PROMISC flag: ");
exit(0);
}
printf( "Setting interface ::: %s ::: to promisc\n ",interface);
printf( "sniffer is starting ...\n ");
return(0);
}
[解决办法]
我怎么没有出现这个问题:
应该是设置混杂模式的时候出问题了。。。会不会网卡不支持混杂模式。
[解决办法]
比较成熟的有libpcap开发包,可供你参考。
相关的工具软件有sniffer和tcpdump,且代码开放。