以下是一段代码,摘录自http://www.blogjava.net/yczz/articles/100172.html
希望懂的可以帮忙注释一下,我实在是看不懂。谢谢了!//GetData()用于解析由PacketReceivePacket()函数收到的报文,关于分析ARP_REPLY报文以便获得局域网主机列表
void getdata(LPPACKET lp,int op)
{
ULONG ulbytesreceived,off,tlen,ulen,ulLines;
ULONG j,k;
ETHDR *eth;
ARPHDR *arp;
PIPHDR ip;
char *buf,*pChar,*pLine,*base;
struct bpf_hdr *hdr;
struct sockaddr_in sin;
ulbytesreceived=lp->ulBytesReceived;
buf=(char *)lp->Buffer; off=0;
while(off<ulbytesreceived)
{
if(kbhit())
{
return ;
}
hdr=(struct bpf_hdr *)(buf+off);
off+=hdr->bh_hdrlen; pChar=(char *)(buf+off);
base=pChar;
off=Packet_WORDALIGN(off+hdr->bh_caplen); eth=(PETHDR)pChar;
arp=(PARPHDR)(pChar+sizeof(ETHDR)); if(eth->eh_type==htons(ETH_IP))
{
ip=(PIPHDR)(pChar+sizeof(ETHDR)); if(fm && sm && (op==3))
{
if((((ip->sourceip!=htonl(myip)) && (ip->destip!=htonl(myip))
&& !strcmp((char *)eth->eh_dst,(char *)mmac))
&& ((ip->sourceip==htonl(firstip)) || (ip->destip==htonl(firstip))
|| (ip->sourceip==htonl(secondip)) || (ip->destip==htonl(secondip))))
|| ((firstip==myip) && (secondip==myip)))
{
memset(msg,0,sizeof(msg)); sin.sin_addr.s_addr=ip->sourceip;
printf("[IP:]%16s ---> [IP:]",inet_ntoa(sin.sin_addr)); strcpy(msg,inet_ntoa(sin.sin_addr));
strcat(msg+15," ---> "); sin.sin_addr.s_addr=ip->destip;
printf("%16s\n",inet_ntoa(sin.sin_addr));
strcat(msg+23,inet_ntoa(sin.sin_addr));
fseek(fp,-2,1);
fwrite("\r\n\r\n\r\n",6,1,fp);
fwrite(msg,38,1,fp);
fwrite("\r\n",2,1,fp); ulLines=(hdr->bh_caplen+15)/16;
for(k=0;k<ulLines;k++)
{
pLine=pChar;
printf("%08lx : ",pChar-base); ulen=tlen;
ulen=(ulen>16) ? 16 : ulen;
tlen-=ulen; for(j=0;j<ulen;j++)
printf("%02x ",*(BYTE *)pChar++); if(ulen<16)
printf("%*s",(16-ulen)*3," "); pChar=pLine; for(j=0;j<ulen;j++,pChar++)
{
printf("%c",isprint(*pChar)? *pChar : '.');
fputc(isprint(*pChar) ? *pChar : '.',fp);
}
printf("\n");
}
printf("\n");
fwrite("\r\n",2,1,fp);
} }
continue;
}
else if((eth->eh_type==htons(ETH_ARP)) && (arp->arp_opt==htons(ARP_REPLY)))
{
sin.sin_addr.s_addr=arp->arp_spa; if(sin.sin_addr.s_addr==htonl(myip))
{
memcpy(mmac,eth->eh_src,6);
if(!mm)
{
printf("\t");
for(k=0;k<5;k++)
printf("%.2x-",eth->eh_src[k]);
printf("%.2x\n",eth->eh_src[5]); switch(op)
{
case 1:
printf("\n[MAC LIST:]");
break;
case 2:
printf("\n[Sniffing Host:]");
break;
default:
break;
}
}
mm=TRUE;
} if((op==1) || (op==2))
{
printf("\n[IP:] %.16s [MAC:] ",inet_ntoa(sin.sin_addr));
for(k=0;k<5;k++)
printf("%.2x-",eth->eh_src[k]);
printf("%.2x",eth->eh_src[5]);
}
else if(((op==3) || (op==4)) && (!fm || !sm))
{
if(arp->arp_spa==htonl(firstip))
{
memcpy(fmac,eth->eh_src,6);
fm=TRUE;
}
if(arp->arp_spa==htonl(secondip))
{
memcpy(smac,eth->eh_src,6);
sm=TRUE;
}
}
}
}
return ;
}
加不了注释,这个函数的功能简单的说是就解析数据包。