希望是mfc的,要能设置我需要侦听的端口。
有edit控件能显示 这个端口发来的数据。。有此软件独送一百分,
提供源码三百分。
有edit控件能显示 这个端口发来的数据。。有此软件独送一百分,
提供源码三百分。
解决方案 »
- 简单问题:数据拼接分解。 DWORD与char* 。
- 在VC++中如何捕获异常???
- SO_SNDBUF和SO_RCVBUF都是8192,接收方不接收,为什么发送方会是在发送33K字节后阻塞?这个33K是怎么回事?
- 虚函数的调用
- 请问什么是钩子?
- 求DirectX水波模拟程序源代码
- 如何在一个位图背景上绘制图形,并且视图窗口大小改变、出现对话框覆盖视图窗口等等情况下,绘制的图形不会消失?(
- 如何将BMP图像数据还原成BMP图像(求程序)
- 请教一个文件问题
- 怎么提取出来Access中"日期/时间"类型字段中的年,月,日?用VC中的Ado
- 如何在MFC CView显示维文? 藏文已经解决了,用同样的方法显示藏文不行,有经验的朋友指导一下
- 线程中ActiveX访问异常,请教高手!!!!!!
我有一个自己写的,基于winpcap3.0的,可设置监听过滤,可简单分析协议,可域名/ip互转,可查询IP地理位置(基于QQWry)。有些部分还没完全实现,但上述功能基本可行。需要的话mail我。[email protected]
[email protected]
* IPv4 packet sniffer using raw sockets
*
* Copyright (C) 2004 Christophe Devine
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/#ifdef WIN32#pragma comment( lib, "ws2_32.lib" )#include <winsock2.h>
#include <windows.h>#define SIO_RCVALL 0x98000001#else#include <netpacket/packet.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <arpa/inet.h>
#include <net/if.h>
#include <unistd.h>#define ETH_P_ALL 0x0003
#define ETH_P_IP 0x0800#endif#include <string.h>
#include <stdio.h>
#include <errno.h>
#include <time.h>struct ip_hdr
{
unsigned char hlv; /* +00 - header len. & version */
unsigned char tos; /* +01 - type of service */
unsigned short tot_len; /* +02 - total packet length */
unsigned short id; /* +04 - identification */
unsigned short frag_off; /* +06 - fragment offset field */
unsigned char ttl; /* +08 - time to live */
unsigned char protocol; /* +09 - ip protocol */
unsigned short check; /* +10 - ip checksum */
unsigned long saddr; /* +12 - source address */
unsigned long daddr; /* +16 - destination address */
};struct icmp_hdr
{
unsigned char type; /* +00 - message type */
unsigned char code; /* +01 - type sub-code */
unsigned short checksum; /* +02 - icmp checksum */
unsigned short id; /* +04 - identification */
unsigned short sequence; /* +06 - sequence number */
};struct tcp_hdr
{
unsigned short source; /* +00 - source port */
unsigned short dest; /* +02 - destination port */
unsigned long seq; /* +04 - sequence number */
unsigned long ack_seq; /* +08 - ack seq. number */
unsigned char unused; /* +12 - unused field */
unsigned char flags; /* +13 - tcp flags */
unsigned short window; /* +14 - tcp window */
unsigned short check; /* +16 - tcp checksum */
unsigned short urp_ptr; /* +18 - urgent pointer */
};struct udp_hdr
{
unsigned short source; /* +00 - source port */
unsigned short dest; /* +02 - destination port */
unsigned short len; /* +04 - message length */
unsigned short check; /* +06 - udp checksum */
};int main( int argc, char *argv[] )
{
unsigned short sport, dport;
unsigned char buffer[4096];
int raw_sock, n;#ifdef WIN32 WSADATA wsaData;
SOCKET_ADDRESS_LIST *slist;
struct sockaddr_in iface;
int optval;#else struct sockaddr_ll sll;
struct sockaddr_ll from;
struct packet_mreq mr;
struct ifreq ifr;
int fromlen;#endif struct icmp_hdr *icmp;
struct udp_hdr *udp;
struct tcp_hdr *tcp;
struct ip_hdr *ip;
struct in_addr src;
struct in_addr dst;
struct tm *lt;
time_t tt; /* check the arguments */ if( argc != 2 )
{
printf( "\n" );
printf( " usage: ipdump2 <interface>\n" );
printf( "\n" );
printf( " on Linux, interface can be eth0, ppp0, etc.\n" );
printf( " on Win32, interface is a number, usually 0.\n" );
printf( "\n" );#ifdef WIN32
printf( " press Ctrl-C to continue" );
scanf( "\n" );
#endif return( 1 );
}#ifdef WIN32 if( WSAStartup( MAKEWORD(2,2), &wsaData ) != 0 )
{
printf( "WSAStartup() failed\n" );
return( 1 );
} /* create the raw socket */ raw_sock = WSASocket( AF_INET, SOCK_RAW, IPPROTO_IP,
NULL, 0, WSA_FLAG_OVERLAPPED ); if( raw_sock == INVALID_SOCKET )
{
printf( "socket() failed\n" );
return( 1 );
} /* find the interface index */ if( WSAIoctl( raw_sock, SIO_ADDRESS_LIST_QUERY,
NULL, 0, &buffer, sizeof( buffer ),
&n, NULL, NULL ) == SOCKET_ERROR )
{
printf( "WSAIoctl(SIO_ADDRESS_LIST_QUERY) failed\n" );
return( 1 );
} slist = (SOCKET_ADDRESS_LIST *) buffer; /* bind the raw socket to the interface */ n = atoi( argv[1] ); memset( &iface, 0, sizeof( iface ) ); iface.sin_family = AF_INET;
iface.sin_port = htons( 0 );
iface.sin_addr.s_addr = 0x0100007F; if( n + 1 <= slist->iAddressCount )
{
iface.sin_addr.s_addr = ((struct sockaddr_in *)
slist->Address[n].lpSockaddr)->sin_addr.s_addr;
}
else
{
printf( "interface '%d' not in list\n", n );
return( 1 );
} if( bind( raw_sock, (struct sockaddr *) &iface,
sizeof( iface ) ) != 0 )
{
printf( "bind(raw socket) failed\n" );
return( 1 );
} /* enable promiscuous mode */ optval = 1; if( WSAIoctl( raw_sock, SIO_RCVALL, &optval, sizeof( optval ),
NULL, 0, &n, NULL, NULL ) == SOCKET_ERROR )
{ printf( "WSAIoctl(SIO_RCVALL) failed\n" );
return( 1 );
} while( 1 )
{
/* wait for packets */ n = recv( raw_sock, buffer, sizeof( buffer ), 0 ); if( n == SOCKET_ERROR )
{
printf( "recv() failed\n" );
return( 1 );
}#else
htons( ETH_P_ALL ) ) ) < 0 )
{
perror( "socket" );
return( 1 );
} /* find the interface index */ memset( &ifr, 0, sizeof( ifr ) );
strncpy( ifr.ifr_name, argv[1], sizeof( ifr.ifr_name ) ); if( ioctl( raw_sock, SIOCGIFINDEX, &ifr ) < 0 )
{
perror( "ioctl(SIOCGIFINDEX)" );
return( 1 );
} /* bind the raw socket to the interface */ memset( &sll, 0, sizeof( sll ) );
sll.sll_family = AF_PACKET;
sll.sll_ifindex = ifr.ifr_ifindex;
sll.sll_protocol = htons( ETH_P_ALL ); if( bind( raw_sock, (struct sockaddr *) &sll,
sizeof( sll ) ) < 0 )
{
perror( "bind" );
return( 1 );
} /* enable promiscuous mode */ memset( &mr, 0, sizeof( mr ) );
mr.mr_ifindex = ifr.ifr_ifindex;
mr.mr_type = PACKET_MR_PROMISC; if( setsockopt( raw_sock, SOL_PACKET, PACKET_ADD_MEMBERSHIP,
&mr, sizeof( mr ) ) < 0 )
{
perror( "setsockopt" );
return( 1 );
} while( 1 )
{
/* wait for packets */ fromlen = sizeof( from ); if( ( n = recvfrom( raw_sock, buffer, 4096, 0,
(struct sockaddr *) &from, &fromlen ) ) < 0 )
{
if( errno == ENETDOWN )
{
sleep( 30 );
continue;
}
else
{
perror( "recvfrom" );
return( 1 );
}
} /* skip duplicate packets on the loopback interface */ if( from.sll_pkttype == PACKET_OUTGOING &&
! strcmp( argv[1], "lo" ) )
{
continue;
} /* we're only interested in standard IPv4 packets */ if( ntohs( from.sll_protocol ) != ETH_P_IP )
{
continue;
}#endif /* have a look inside the IP header */ ip = (struct ip_hdr *) buffer; src.s_addr = ip->saddr;
dst.s_addr = ip->daddr; /* print the local time */ tt = time( 0 );
lt = localtime( &tt );
printf( "%02d-%02d %02d:%02d:%02d ", lt->tm_mon, lt->tm_mday,
lt->tm_hour, lt->tm_min, lt->tm_sec ); switch( ip->protocol )
{
case 6: /* SOL_TCP */ printf( " TCP: " ); tcp = (struct tcp_hdr *)
( ip + sizeof( struct ip_hdr ) ); /* grab source and destination port */ sport = htons( tcp->source );
dport = htons( tcp->dest ); common: /* and print the most interesting informations */ printf( "%15s : %-5d", inet_ntoa( src ), sport );
printf( " -> " );
printf( "%15s : %-5d", inet_ntoa( dst ), dport );
printf( " %4d\n", n );
break; case 7: /* SOL_UDP */ udp = (struct udp_hdr *)
( ip + sizeof( struct ip_hdr ) ); printf( " UDP: " ); sport = htons( udp->source );
dport = htons( udp->dest ); goto common; case 1: /* SOL_ICMP */ icmp = (struct icmp_hdr *) \
( ip + sizeof( struct ip_hdr ) ); printf( "ICMP: " ); sport = icmp->type;
dport = icmp->code; goto common; default : printf( " unsupported IP protocol %d\n", ip->protocol );
break;
}
} return( 0 );
}
当然你也可以用winpcap设置过滤器来完成