-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpcap.c
More file actions
executable file
·121 lines (104 loc) · 3.2 KB
/
pcap.c
File metadata and controls
executable file
·121 lines (104 loc) · 3.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#include <pcap.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netinet/if_ether.h>
#include <netinet/tcp.h>
#include <netinet/ip.h>
#include <string.h>
void callback(u_char *useless,const struct pcap_pkthdr* pkthdr,const u_char*
packet)
{
static int count = 1;
printf("\nPacket number [%d], length of this packet is: %d\n", count++, pkthdr->len);
}
int main(int argc,char **argv)
{
char *dev;
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t* descr;
struct bpf_program fp; /* to hold compiled program */
bpf_u_int32 pMask; /* subnet mask */
bpf_u_int32 pNet; /* ip address*/
pcap_if_t *alldevs, *d;
char dev_buff[64] = {0};
int i =0;
// Check if sufficient arguments were supplied
if(argc != 3)
{
printf("\nUsage: %s [protocol][number-of-packets]\n",argv[0]);
return 0;
}
// Prepare a list of all the devices
if (pcap_findalldevs(&alldevs, errbuf) == -1)
{
fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
exit(1);
}
// Print the list to user
// so that a choice can be
// made
printf("\nHere is a list of available devices on your system:\n\n");
for(d=alldevs; d; d=d->next)
{
printf("%d. %s", ++i, d->name);
if (d->description)
printf(" (%s)\n", d->description);
else
printf(" (Sorry, No description available for this device)\n");
}
// Ask user to provide the interface name
printf("\nEnter the interface name on which you want to run the packet sniffer : ");
fgets(dev_buff, sizeof(dev_buff)-1, stdin);
// Clear off the trailing newline that
// fgets sets
dev_buff[strlen(dev_buff)-1] = '\0';
// Check if something was provided
// by user
if(strlen(dev_buff))
{
dev = dev_buff;
printf("\n ---You opted for device [%s] to capture [%d] packets---\n\n Starting capture...",dev, (atoi)(argv[2]));
}
// If something was not provided
// return error.
if(dev == NULL)
{
printf("\n[%s]\n", errbuf);
return -1;
}
// fetch the network address and network mask
pcap_lookupnet(dev, &pNet, &pMask, errbuf);
// Now, open device for sniffing
descr = pcap_open_live(dev, BUFSIZ, 0,-1, errbuf);
if (pcap_datalink(descr) != DLT_EN10MB) {
fprintf(stderr, "Device %s doesn't provide Ethernet headers - not supported\n", dev);
return(2);
}
if(descr == NULL)
{
printf("pcap_open_live() failed due to [%s]\n", errbuf);
return -1;
}
// Compile the filter expression
if(pcap_compile(descr, &fp, argv[1], 0, pNet) == -1)
{
printf("\npcap_compile() failed\n");
return -1;
}
// Set the filter compiled above
if(pcap_setfilter(descr, &fp) == -1)
{
printf("\npcap_setfilter() failed\n");
exit(1);
}
// For every packet received, call the callback function
// For now, maximum limit on number of packets is specified
// by user.
pcap_loop(descr,atoi(argv[2]), callback, NULL);
printf("\nDone with packet sniffing!\n");
return 0;
}