求libpcap抓包c语言程序,能把数据包内容显示出来的
若以下回答无法解决问题,邀请你更新回答
2个回答
展开全部
/*
* printPkt()函数是打印经过指定网卡的和指定类型的数据包;
* 参数device:指定要监听的网卡数据名称;
* 参数pname:指定打印时的content名称;
* 参数flag:是否为混杂模式,1为混杂模式,0为非混杂模式;
* 参数flt:是否打开过滤,1为打开过滤,0为关闭过滤;
* 参数filterStr:过滤字符串.
* 返回结果:0为正常,-1为失败.
*/
#include "headFile.h"
void PcallBack(unsigned char *argument,
const struct pcap_pkthdr* pcap_header,
const unsigned char *packet_content);
int printPkt(char *device,unsigned char *pname,int flag,int flt,char *filterStr){
char *ebuf;
pcap_t *t;
bpf_u_int32 net; // 所在IP地址
bpf_u_int32 mask; // 所在网络的掩码
pcap_lookupnet(device, &net, &mask, ebuf); //获取指定设备的信息
long int to_ms = 0;
t = pcap_open_live(device,snaplen,flag,to_ms,ebuf);
if(NULL == t){
printf ("pcap_open_live is error:%s\n",ebuf);
return -1;
}
if(1==flt){ /*打开过滤开关*/
struct bpf_program filter;
if (-1==pcap_compile(t, &filter, filterStr, 0, net)){
printf ("pcap_compile is error\n");
return -1;
}
if (-1==pcap_setfilter(t, &filter)){
printf ("pcap_setfilter is error\n");
return -1;
}
}
if (-1==pcap_loop(t,-1,PcallBack,pname)){
ebuf = pcap_geterr(t);
printf ("pcap_loop is error:%s\n",ebuf);
return -1;
}
pcap_close(t);
return 0;
}
void PcallBack(unsigned char *argument,
const struct pcap_pkthdr* pcap_header,
const unsigned char *packet_content) {
int i=0;
printf ("packet_len=%d",pcap_header->len);
for (i=0;i<pcap_header->len;i++){
if (i%10==0)
printf("\n%s: ",argument);
if((int)packet_content[i]<16)
printf ("0%x ",packet_content[i]);
else
printf ("%x ",packet_content[i]);
}
printf ("\n\n");
}
* printPkt()函数是打印经过指定网卡的和指定类型的数据包;
* 参数device:指定要监听的网卡数据名称;
* 参数pname:指定打印时的content名称;
* 参数flag:是否为混杂模式,1为混杂模式,0为非混杂模式;
* 参数flt:是否打开过滤,1为打开过滤,0为关闭过滤;
* 参数filterStr:过滤字符串.
* 返回结果:0为正常,-1为失败.
*/
#include "headFile.h"
void PcallBack(unsigned char *argument,
const struct pcap_pkthdr* pcap_header,
const unsigned char *packet_content);
int printPkt(char *device,unsigned char *pname,int flag,int flt,char *filterStr){
char *ebuf;
pcap_t *t;
bpf_u_int32 net; // 所在IP地址
bpf_u_int32 mask; // 所在网络的掩码
pcap_lookupnet(device, &net, &mask, ebuf); //获取指定设备的信息
long int to_ms = 0;
t = pcap_open_live(device,snaplen,flag,to_ms,ebuf);
if(NULL == t){
printf ("pcap_open_live is error:%s\n",ebuf);
return -1;
}
if(1==flt){ /*打开过滤开关*/
struct bpf_program filter;
if (-1==pcap_compile(t, &filter, filterStr, 0, net)){
printf ("pcap_compile is error\n");
return -1;
}
if (-1==pcap_setfilter(t, &filter)){
printf ("pcap_setfilter is error\n");
return -1;
}
}
if (-1==pcap_loop(t,-1,PcallBack,pname)){
ebuf = pcap_geterr(t);
printf ("pcap_loop is error:%s\n",ebuf);
return -1;
}
pcap_close(t);
return 0;
}
void PcallBack(unsigned char *argument,
const struct pcap_pkthdr* pcap_header,
const unsigned char *packet_content) {
int i=0;
printf ("packet_len=%d",pcap_header->len);
for (i=0;i<pcap_header->len;i++){
if (i%10==0)
printf("\n%s: ",argument);
if((int)packet_content[i]<16)
printf ("0%x ",packet_content[i]);
else
printf ("%x ",packet_content[i]);
}
printf ("\n\n");
}
本回答被提问者采纳
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
有linux 用QT开发的 要不
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
