반응형
Packet Filter
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 | #include<pcap.h> #pragma comment(lib,"ws2_32.lib") #pragma comment(lib,"wpcap.lib") #pragma warning(disable:4996) void packet_view(u_char *, const struct pcap_pkthdr *, const u_char *); void print_hex(const u_char *, int); int main(void) { char *dev; // device name; pcap_t *pd; // packet descripter bpf_u_int32 net, subnet; // network, subnetmask char errbuf[PCAP_ERRBUF_SIZE]; // error buffer struct bpf_program fcode; // filtering rule if (!(dev = pcap_lookupdev(errbuf))){ // find device printf("[!] pcap_lookupdev\n"); return -1; } if (pcap_lookupnet(dev, &net, &subnet, errbuf) < 0){ // get network, subnetmask printf("[!] pcap_lookupnet\n"); return -1; } /* pcap_open_live device maximum capture length promiscuous mode timeout(ms) error buffer */ if (!(pd = pcap_open_live(dev, 65535, 1, 3000, errbuf))) { printf("[!] pcap_open_live\n"); return -1; } /* pcap_complie packet descriptor filtering rule define filtering rule optimizing subnetmask */ if (pcap_compile(pd, &fcode, "tcp port 9623", 0, subnet) < 0) { printf("[!] pcap_complie\n"); return -1; } /* pcap_setfilter: apply rule packet descriptor filtering rule */ if (pcap_setfilter(pd, &fcode) < 0) { printf("[!] pcap_setfilter\n"); return -1; } printf("[-] Listening"); /* pcap_loop packet descriptor receive packet num(0:Endlessloop) received packet processing fuction user parameter */ if (pcap_loop(pd, 0, packet_view, NULL) < 0) { printf("[!] pcap_loop\n"); return -1; } return 0; } // received packet processer /* packet_view user parameter header packet data */ void packet_view(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data) { int len = 0; printf("[*] Received Packet\n"); print_hex(pkt_data, header->len); } void print_hex(const u_char *data, int len) { int i, j; printf("Addr "); for (i = 0; i < 16; i++) printf("%02X ", i); for (i = 0; i < 16; i++) printf("%X", i); printf("\n"); for (i = 0; i * 16 < len; i++) { printf("0x%04X ", i * 16); for (j = 0; j < 16; j++) printf("%02X ", (data + 16 * i)[j]); for (j = 0; j < 16; j++) { if (((data + 16 * i)[j]>0x1f) && ((data + 16 * i)[j] < 0x7F)) printf("%c", (data + 16 * i)[j]); else printf("."); } printf("\n"); } printf("\n"); } | cs |