Need Help with Socket Programming

[Rishi.]

Hi I am new to socket Programming and C. I have done a part of my project which includes passive analysis of packets, extracting the 5 tuple values needed to compare for getting the flows and and errors in a .pcap bundled file I have been provided below is a part of my code.

Code:

#include<libtrace.h>
#include<stdio.h>
#include<inttypes.h>
#include<arpa/inet.h>
#include<netinet/tcp.h>

uint64_t count = 0;


typedef struct {
int	srport, dsport, seq;
char 	 src[16], dest[16];
}flows;

flows new_flow[1051], flow;
	

void per_packet(libtrace_packet_t *packet)
{
  struct sockaddr addr;
  struct sockaddr *sa;
  struct sockaddr *sd;
  struct sockaddr daddr;
  char buffer[5000];
  int sport, dport, count_flow=0;	
	count +=1;
	sa = trace_get_source_address(packet, &addr);
	printf("packet is type %d af_inet=%d\n", sa->sa_family, AF_INET);
	if (sa->sa_family == AF_INET) {
	  /* ipv4 packet */
	  struct sockaddr_in *sa_i = (struct sockaddr_in *) sa;
	  printf("Source Address:%s\n", inet_ntoa(sa_i->sin_addr));
	  buffer[5000];
	inet_ntop(AF_INET, &(sa_i->sin_addr), new_flow->src, INET_ADDRSTRLEN);
	
	} else if (sa->sa_family == AF_INET6) {
	//inet_ntop(AF_INET, &(sa_i->sin_addr), flow->src, INET6_ADDRSTRLEN);
	  /* ipv6 packet */
	} else {
	  /* unknown packet */
	}


	sport=trace_get_source_port(packet);
	printf("Source Port is: %d\n", htons(sport));
	flow->srport = htons(sport);

	sd=trace_get_destination_address(packet, &daddr);
	struct sockaddr_in *sd_in = (struct sockaddr_in *) sd;
	printf("Destination Adress:%s\n", inet_ntoa(sd_in->sin_addr));
	inet_ntop(AF_INET, &(sd_in->sin_addr), new_flow->dest, INET_ADDRSTRLEN);
	 
	dport=trace_get_destination_port(packet);
	printf("Destination port is: %d\n", htons(dport));	
	
	libtrace_tcp_t *t=trace_get_tcp(packet);
	printf("Sequence No. for this packet is: %u\n", ntohl(t->seq));

I am using libtrace library for extracting information from the packets. Now what I have to do is to store all these values in an array where I can later compare the values to get the no. of flows and errors. I was using

Code:

inet_ntop(AF_INET, &(sd_in->sin_addr), new_flow->dest, INET_ADDRSTRLEN);

This function I was using to store the destination address and

Code:

inet_ntop(AF_INET, &(sa_i->sin_addr), new_flow->src, INET_ADDRSTRLEN);

to store the source address but when I try to print specific values in the new_flow array for instance flow[1000].dest It gives me garbled data not the data I was expecting. Please help me with this, I would be really grateful to you

Thanks.

[bithub]

Your array has 1051 indexes, yet I only see you writing to the first one.

Instead of seeing things like new_flow->src, shouldn't I be seeing things like new_flow[index].src?

[Rishi.]

Hello thanks for replying.

I have already tried this in the following way:
[code]inet_ntop(AF_INET, &(sa_i->sin_addr), new_flow[++i].src, INET_ADDRSTRLEN);

but it gives this error.

Code:

readpacket.c:34: error: subscripted value is neither array nor pointer

Please help me!

[bithub]

Uh, are you sure you didn't do

Code:

inet_ntop(AF_INET, &(sa_i->sin_addr), flow[++i].src, INET_ADDRSTRLEN);

instead of what you said you did?

[Rishi.]

Code:

#include<libtrace.h>
#include<stdio.h>
#include<inttypes.h>
#include<arpa/inet.h>
#include<netinet/tcp.h>

uint64_t count = 0;


typedef struct {
int	srport, dsport, seq;
char 	 src[16], dest[16];
}flows;

flows new_flow, flow[1000];


void per_packet(libtrace_packet_t *packet)
{
  struct sockaddr addr;
  struct sockaddr *sa;
  struct sockaddr *sd;
  struct sockaddr daddr;
  char buffer[5000], srcr[16];
  int sport, dport, count_flow=0, i=0, j=0, num_flow=0, v=0;	
	count +=1;
	sa = trace_get_source_address(packet, &addr);
	printf("packet is type %d af_inet=%d\n", sa->sa_family, AF_INET);
	if (sa->sa_family == AF_INET) {
	  /* ipv4 packet */
	  struct sockaddr_in *sa_i = (struct sockaddr_in *) sa;
	  printf("Source Address:%s\n", inet_ntoa(sa_i->sin_addr));
	  buffer[5000];
	inet_ntop(AF_INET, &(sa_i->sin_addr),new_flow.src, INET_ADDRSTRLEN);
	} else if (sa->sa_family == AF_INET6) {
	//inet_ntop(AF_INET, &(sa_i->sin_addr), flow->src, INET6_ADDRSTRLEN);
	  /* ipv6 packet */
	} else {
	  /* unknown packet */
	}


	sport=trace_get_source_port(packet);
	printf("Source Port is: %d\n", htons(sport));
	flow[i].srport = htons(sport);

	sd=trace_get_destination_address(packet, &daddr);
	struct sockaddr_in *sd_in = (struct sockaddr_in *) sd;
	printf("Destination Adress:%s\n", inet_ntoa(sd_in->sin_addr));
	inet_ntop(AF_INET, &(sd_in->sin_addr), new_flow.dest, INET_ADDRSTRLEN);
	 
	dport=trace_get_destination_port(packet);
	printf("Destination port is: %d\n", htons(dport));	
	
	libtrace_tcp_t *t=trace_get_tcp(packet);
	printf("Sequence No. for this packet is: %u\n", ntohl(t->seq));

	while(i<=sizeof(flow))
	{
		if(struct new_flow == struct flow[i])
		{
			new_flow = flow[j];
			
		}
		else
		{
		new_flow = flow[++j];
		num_flow++;	
		}
	i++;}	
}

Well Thank you I have resolved that problem I did not really wanted to store it in flow but i created another structure named as new_flow stored all the values in that and then I am trying to compare these two arrays flow and new_flow where we have to store all new flows if discovered and num_flow will tell us the actual no. of flows.

[Rishi.]

and I am getting this error

Code:

readpacket.c:60: error: invalid operands to binary == (have ‘flows’ and ‘flows’)

and its occurring at

Code:

	while(i<=sizeof(flow))
	{
		if(new_flow == flow[i])
		{
			new_flow = flow[j];
			
		}
		else
		{
		new_flow = flow[++j];
		num_flow++;	
		}
	i++;}

I dont know why I am not able to compare two same type of structures i.e

Code:

if(new_flow == flow[i])

[bithub]

You can't compare structures like that. You need to compare the elements of the structures to make sure they are equal, and if they are, then the structures are equal.

[Rishi.]

Heyy Thanks a lot you really helped me many a thanks.

[Rishi.]

Hi now there is another problem Could someone please tell me how to initialize a structure array like

Code:

flows flow[1000] = new_flow;

Cant I initialize it like this? Or if there is some other method do it please tell me. Thank you!

[owen]

Hi now there is another problem Could someone please tell me how to initialize a structure array like

Code:

flows flow[1000] = new_flow;

Cant I initialize it like this? Or if there is some other method do it please tell me. Thank you!

I don't believe you can do that. I think what you need to do, instead, in order to copy a structure
is use bcopy or memcpy (depending on your system).

bcopy(new_flow, flow[1000], sizeof(flows));

Or,

memcpy(flow[1000], new_flow, sizeof(flows));

(memcpy is only safe if the regions do NOT overlap, otherwise, use memmove)

memmove(flow[1000], new_flow, sizeof(flows));

Hope that helps.

Owen

[Rishi.]

Sorry to tell you sir, But I guess you dint read the whole thing, My question was

Code:

how to Initialize a structure can I use 

flows flow[1000] = new_flow;

and m really sorry to bother you by making such a silly mistake but m a newbie.

[roaan]

Sorry to tell you sir, But I guess you dint read the whole thing, My question was

Code:

how to Initialize a structure can I use 

flows flow[1000] = new_flow;

and m really sorry to bother you by making such a silly mistake but m a newbie.

As pointed to you earlier when you try to either compare the structures or assign values to them you have to compare or assign values to each of the elements of the structure. So you will have to do something like this

flow[1000]. srport = new_flow.srport;
flow[1000].drport = new_flow.drport;

[Rishi.]

Thanks roan you helped me a lot I have solved the problem cheers!

well now m encountering another problem and that is with comparing is it so that I cant compare two struct values.

Code:

while(i<=j)
	{
		if(&new_flow.sr == &flow[i].sr)
		{
			if(&new_flow.ds == &flow[i].ds)
			{
				flow[j].sr=new_flow.sr;
				flow[j].ds=new_flow.ds;
				num_flow = 1;
				printf("Address is: %s\n", inet_ntoa(flow[j].sr));
			}
		} 
		else
		{
		j++;
		new_flow.sr = flow[j].sr;
		new_flow.ds = flow[j].ds;
		num_flow++;
		}
	i++;}

and m not getting a desired output, I have used a printf inside the if statement for checking if the flow is even working. please have a look at it. Thanks!

[Rishi.]

well I have solved the initialization problem in the following way.

Code:

	if(v==0)
	{
		flow[0].sr=new_flow.sr;
		flow[0].ds=new_flow.ds;
	v++;
	}
where v is another integer initialized with 0;

[roaan]

Thanks roan you helped me a lot I have solved the problem cheers!

well now m encountering another problem and that is with comparing is it so that I cant compare two struct values.

Code:

while(i<=j)
	{
		if(&new_flow.sr == &flow[i].sr)
		{
			if(&new_flow.ds == &flow[i].ds)
			{
				flow[j].sr=new_flow.sr;
				flow[j].ds=new_flow.ds;
				num_flow = 1;
				printf("Address is: %s\n", inet_ntoa(flow[j].sr));
			}
		} 
		else
		{
		j++;
		new_flow.sr = flow[j].sr;
		new_flow.ds = flow[j].ds;
		num_flow++;
		}
	i++;}

and m not getting a desired output, I have used a printf inside the if statement for checking if the flow is even working. please have a look at it. Thanks!

What are you trying to do with the assignment

if(&new_flow.sr == &flow[i].sr)

these are two different structure variables and will have different sets of addresses which would never be the same.

Again reiterating what has been said in the earlier posts of how to compare two different structures , always compare the elements of the structure for checking their equality

so you should do something like this

if(new_flow.sr == flow[i].sr)