Hi,
I am a newbie C programmer and i'd like to know more about C. For purpose of the study, i am creating a packet sniffer and i am not to get the tcp source and destination ports.
I am using a Linux Debian PPC with gcc compiler.
Someone can help me?
Thanks by help.
My code is:
Code:
#include <stdio.h>
#include <stdlib.h>
#include <pcap.h>
#include <netinet/ip.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <net/ethernet.h>
#include <arpa/inet.h>
u_int16_t handle_ethernet( const struct pcap_pkthdr* pkthdr, const u_char* packet)
{
struct ether_header *eptr;
eptr = (struct ether_header *) packet;
struct ip* my_ip;
my_ip = (struct ip*) (packet + sizeof(struct ether_header));
struct tcphdr *tcp;
tcp = (struct tcphdr*) (packet + sizeof(struct my_ip *));
/*fprintf(stdout,"ethernet header source: %s \n", ether_ntoa(eptr->ether_shost));*/
fprintf(stdout,"IP source address: %s:", inet_ntoa(my_ip->ip_src));
fprintf(stdout,"Source Port: %d ->", ntohs(tcp->source));
fprintf(stdout,"IP destination address: %s:", inet_ntoa(my_ip->ip_dst));
fprintf(stdout,"Dest Port: %i \n", ntohs(tcp->dest));
}
void callback(u_char *useless,const struct pcap_pkthdr *pkthdr,const u_char *packet) {
u_int16_t type = handle_ethernet(pkthdr,packet);
if (type == ETHERTYPE_IP){
}
else if (type == ETHERTYPE_ARP){
}
else if (type == ETHERTYPE_REVARP){}
}
main(int argc, char **argv) {
pcap_t *open_dev;
char *dev;
char errbuf[PCAP_ERRBUF_SIZE];
struct pcap_pkthdr hdr;
const u_char *packet;
u_char* args = NULL;
dev = pcap_lookupdev(errbuf);
printf("Dev:%s\n", dev);
open_dev = pcap_open_live(dev,65535,0,-1,errbuf);
pcap_loop(open_dev,atoi(argv[1]),callback,args);
}