TCP Header problem (error)

**nasim751** · 04-25-2008

hello,
Previously I got this short of problem and solved also but this time not getting the result. Some one has given idea but that didn't work. so if you people give me the right reply that should be nice for me.

These are the errors.........

tcpg.c: In function ‘tcpg_hping’:
tcpg.c:97: error: ‘struct tcphdr’ has no member named ‘th_dport’
tcpg.c:98: error: ‘struct tcphdr’ has no member named ‘th_flags’
tcpg.c: In function ‘tcpg_oob’:
tcpg.c:109: error: ‘struct tcphdr’ has no member named ‘th_flags’
tcpg.c: In function ‘tcpg_portd’:
tcpg.c:118: error: ‘struct tcphdr’ has no member named ‘th_dport’
tcpg.c: In function ‘tcpg_queso’:
tcpg.c:125: error: ‘struct tcphdr’ has no member named ‘th_win’
tcpg.c: In function ‘tcpg_synflood’:
tcpg.c:134: error: ‘struct tcphdr’ has no member named ‘th_flags’
tcpg.c:134: error: ‘struct tcphdr’ has no member named ‘th_flags’
tcpg.c:135: error: ‘struct tcphdr’ has no member named ‘th_seq’
tcpg.c:135: error: ‘struct tcphdr’ has no member named ‘th_seq’
tcpg.c: In function ‘tcpg_syn’:
tcpg.c:147: error: ‘struct tcphdr’ has no member named ‘th_flags’
tcpg.c:147: error: ‘struct tcphdr’ has no member named ‘th_flags’
tcpg.c:148: error: ‘struct tcphdr’ has no member named ‘th_sport’
tcpg.c:148: error: ‘struct tcphdr’ has no member named ‘th_dport’
tcpg.c: In function ‘tcpg_land’:
tcpg.c:154: error: ‘struct tcphdr’ has no member named ‘th_sport’
tcpg.c:154: error: ‘struct tcphdr’ has no member named ‘th_dport’
tcpg.c: In function ‘tcpg_kill’:
tcpg.c:165: error: ‘struct tcphdr’ has no member named ‘th_dport’
tcpg.c:167: error: ‘struct tcphdr’ has no member named ‘th_sport’
tcpg.c:168: error: ‘struct tcphdr’ has no member named ‘th_dport’
tcpg.c:171: error: ‘struct tcphdr’ has no member named ‘th_seq’
tcpg.c:172: error: ‘TCP_H’ undeclared (first use in this function)
tcpg.c:172: error: (Each undeclared identifier is reported only once
tcpg.c:172: error: for each function it appears in.)
tcpg.c:172: error: ‘IP_H’ undeclared (first use in this function)

This is my program.....................and problem in red line

Code:

/* If you want TCPguard to announce all connection attemps... */
#define TCPG_SYN

/* Log QUESO probes. */
#define TCPG_QUESO

/* SYN flooding detection. */
#define TCPG_SYNFLOOD

/* WinNuke detection. */
#define TCPG_OOB

/* Log LAND attacks. */
#define TCPG_LAND

/* Log HPing probes and port 0 connection packets. */
#define TCPG_HPING

/* Shell daemon default port probe detection. */
#define TCPG_PORTD

/* Kill connections to TCP port TCPG_KILL. */
#define TCPG_KILL	110 

/* DON'T CHANGE ANYTHING BELOW THIS LINE !!!!!!!!!!!!!! */
/* DON'T CHANGE ANYTHING BELOW THIS LINE !!!!!!!!!!!!!! */
/* DON'T CHANGE ANYTHING BELOW THIS LINE !!!!!!!!!!!!!! */

/* Biggest list of includes you've ever seen, eh?! =;-) */
#include <libnet.h>
#include <syslog.h>

/******************* Why not make all variables global ?!************************/ 
struct ippkt {
 struct iphdr ip;
 struct tcphdr tcp;
 char buffer[5000];
} pkt;

int s, lns;
struct in_addr src_addr;
u_char *buff;
u_int sport, dport;

void tcpg_syn();
void tcpg_hping();
void tcpg_synflood();
void tcpg_portd();
void tcpg_queso();
void tcpg_land();
void tcpg_oob();
void tcpg_die();
void tcpg_init();
void tcpg_kill(u_short);

/******************** Main functions of the TCPguard ***************************/

u_long prev_seq=0;

void tcpg_die()
 {
 syslog(LOG_INFO, "TCPguard has now found a horrid death.");
  _exit(0);
} 

void tcpg_init()
 {
 openlog("tcpguard", 0, LOG_DAEMON);

#ifndef NO_EUID_CHECK
 if(geteuid()!=0)
 {
  syslog(LOG_INFO, "launched by normal user (uid %d).\n", geteuid());
  printf("This program uses raw sockets. On most systems, that requires root.\n");
  printf("If you know that your systems allows usage of raw sockets by normal\n");
  printf("users, re-compile the program with -DNO_EUID_CHECK.\n");
  _exit(1);
 }
#endif

 if((s=socket(AF_INET, SOCK_RAW, IPPROTO_TCP))==-1)
 {
  perror("socket()");
 _exit(2);
  }
}

/* HPing detection. (also makes noise if it finds packets sent to port 0)
 */
void tcpg_hping()
 {
 if(pkt.tcp.th_dport==0)
 if(pkt.tcp.th_flags&TH_FIN)
  syslog(LOG_INFO, "WARNING: HPing packet detected from %s !", inet_ntoa(src_addr));
 else 
 syslog(LOG_INFO, "WARNING: Packet to TCP port 0 from %s !", inet_ntoa(src_addr));
}

/* OOB check... this usually means WinNuke...
 * There still are many kiddies out there who try to winnuke ppl...
 */
void tcpg_oob()
 {
 if(pkt.tcp.th_flags&TH_URG)
  syslog(LOG_INFO, "ATTACK: WinNuke attempt from %s !", inet_ntoa(src_addr));
}

/* A common shell daemon uses 31337 as the default TCP port...
 * Sscan tries to connect to this port...
 */
void tcpg_portd()
 {
 if(pkt.tcp.th_dport==htons(31337))
  syslog(LOG_INFO, "WARNING: Backdoor on 31337 probed from %s !", inet_ntoa(src_addr));
}

/* Queso sends all its packets with a constant window size ... */
void tcpg_queso()
 {
 if(pkt.tcp.th_win==htons(4660))
  syslog(LOG_INFO, "ATTACK: A packet probably sent by QUESO was received !");
}

/* A rather basic detector for a couple of TCP/IP-based attacks.
 * (especially SYN-flooding)
 */
void tcpg_synflood() 
{
 if((pkt.tcp.th_flags&TH_SYN)&&(!(pkt.tcp.th_flags&TH_ACK))) 
 if(pkt.tcp.th_seq!=prev_seq) prev_seq=pkt.tcp.th_seq; 
else 
{
  syslog(LOG_INFO, "ATTACK: YOU ARE BEING SYN-FLOODED !");
  syslog(LOG_INFO, "ATTACK: YOU ARE BEING SYN-FLOODED !!");
  syslog(LOG_INFO, "ATTACK: YOU ARE BEING SYN-FLOODED !!!");
  tcpg_die();
 }
}

void tcpg_syn()
 {
 if((pkt.tcp.th_flags&TH_SYN)&&(!(pkt.tcp.th_flags&TH_ACK)))
  syslog(LOG_INFO, "WARNING: TCP connection attempted from %s:%d to port %d.", inet_ntoa(src_addr), ntohs(pkt.tcp.th_sport), ntohs(pkt.tcp.th_dport));
}

/***************** Land attack check ***************************/
void tcpg_land() 
{
 if((pkt.ip.saddr==pkt.ip.daddr)&&(pkt.tcp.th_sport==pkt.tcp.th_dport))
  syslog(LOG_INFO, "ATTACK: LAND attack detected !!!");
}

/* Sends a RST to the client...KILLAH !.. =;-) */
void tcpg_kill(u_short kport) 
{
 u_long src_ip=0, dst_ip=0, ack;

 /* The following kills all TCP connections to port kport ! */
 /* WARNING: This part does not make any checks !!! */
 if(ntohs(pkt.tcp.th_dport)==kport)
 {
  sport=ntohs(pkt.tcp.th_sport);
  dport=ntohs(pkt.tcp.th_dport);
  src_ip=pkt.ip.daddr;
  dst_ip=pkt.ip.saddr;
  ack=ntohl(pkt.tcp.th_seq)+1;
  buff=malloc(TCP_H+IP_H);
  bzero(buff, TCP_H+IP_H);
  build_ip(TCP_H, IPTOS_LOWDELAY | IPTOS_THROUGHPUT, 242, 0, 64, IPPROTO_TCP, src_ip, dst_ip, NULL, 0, buff);
  build_tcp(sport, dport, ack, ack, TH_RST, 4096, 0, NULL, 0, buff+IP_H);
  do_checksum(buff, IPPROTO_TCP, TCP_H);
  lns=open_raw_sock(IPPROTO_RAW);
  syslog(LOG_INFO, "WARNING: Killing connection from %s to port %d.", inet_ntoa(src_addr), kport);
  write_ip(lns, buff, IP_H+TCP_H);
  close(lns);
 }
}
/***************************************************************************************/
int main()
 {
 tcpg_init();
 
 if(fork()!=0) _exit(0);
 setsid();

 syslog(LOG_INFO, "TCPGUARD");
 syslog(LOG_INFO, "launched with pid %d.\n", getpid());
 
 while(1) 
{
  read(s, (struct ippkt *)&pkt, 5000);

  src_addr.s_addr=0;
  src_addr.s_addr=pkt.ip.saddr;
 
#ifdef TCPG_SYN 
  tcpg_syn();
#endif
#ifdef TCPG_HPING
  tcpg_hping();
#endif
#ifdef TCPG_QUESO
  tcpg_queso();
#endif
#ifdef TCPG_SYNFLOOD
  tcpg_synflood();
#endif
#ifdef TCPG_KILL
  tcpg_kill(TCPG_KILL);
#endif
#ifdef TCPG_LAND
  tcpg_land();
#endif
#ifdef TCPG_OOB
  tcpg_oob();
#endif
#ifdef TCPG_PORTD
  tcpg_portd();
#endif
 }
}
/********************************END********************************************************/

**rags_to_riches** · 04-25-2008

Wikipedia on tcphdr

Thread: TCP Header problem (error)

Thread Tools

Search Thread

Display

TCP Header problem (error)

Similar Threads

Getting an error with OpenGL: collect2: ld returned 1 exit status

Compiling sample DarkGDK Program

Using VC Toolkit 2003

Learning OpenGL

Couple C questions :)