IP packet capture library use Libpcap LAN

Experimental requirements

Source and destination physical address of the print data packet;
Print source IP and destination IP address;
Printing upper layer protocol type;
If the upper layer protocol is TCP or UDP protocol, the source port information for printing purposes;
If the upper layer protocol is TCP or UDP protocol, the data in hexadecimal and ASCII two simultaneously printed out, instead of unprintable character '.';
00000 47 45 54 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a GET / HTTP/1.1…

lab environment

Red Hat 9

Code

Control single sentence output format
Control packet data output format
MAC address printing function

is the IP address of the print function

of the captured data packet processing
Analyzing network layer protocol
To determine the transport layer protocol
The number of parameters controlling operation of the main function of the input, in addition to input executable file name, card need to enter a run-time parameter
pcap_open_live acquires the packet for capturing network packets capture descriptor parameters were specified opening device name [Network], [the maximum number of bytes of data captured], [if the network interface in promiscuous mode], [designated timeout], [send the wrong message when an error function]
pcap_lookupnet for the specified number of network devices and network mask parameters are specified for the open device name [Network], [] bpf_u_int32 pointer, pointer bpf_u_int32 [], [] stored error message when an error occurs
pcap_compile string compiler string parameter specified program into the filter, the filter condition is specified here as the source IP virtual machine IP: 192.168.xxx.xxx, pcap_setfilter specify a filter program
pcap_loop parameters are winpcap handle [], [the specified number of packets captured if the capture infinite loop -1], [callback], [] used by the user for parameter
After installing libpcap, compile written procedures gcc -o lpcaptest lpcaptest.c -lpcap
Run command input ./lpcaptest eth0, as part of the results, by observing, source fetch the IP packets are 192.168.xxx.xxx, dest IP are 192.168.xxx. x

Intelligent Recommendation

libpcap packet capture analysis project (2)

In project (1), we successfully captured the data packet and extracted the basic information in the data packet. This time we will output the various protocols used by the data packet and output the m...

libpcap packet capture analysis project (1)

First introduce the usage of libpcap library functions: Here I use two functions, pcap_open_live () and pcap_next (), you can jump through the portal to see the specific usage. The comments in the cod...

libpcap packet capture analysis project (4)

In project three, we completed the parsing of a package in the "hospital mirror stream.pcapng" file. The next thing we need to do is to write the parsed data into the file, so that the TS st...

Analysis of libpcap packet capture mechanism (3)

At present, the network packet capture system under the Linux operating system is generally built on the libpcap packet capture platform. The English meaning of libpcap is Library of Packet Capture, t...

Analysis of libpcap packet capture mechanism (4)

1. Process and performance analysis of traditional Linux network protocol stack The Linux network protocol stack is a typical system for processing network packets. It includes the entire process from...