Get tcp source port?

This is a discussion on Get tcp source port? within the C Programming forums, part of the General Programming Boards category; Hi, I am a newbie C programmer and i'd like to know more about C. For purpose of the study, ...

  1. #1
    Registered User
    Join Date
    Jul 2005
    Posts
    12

    Get tcp source port?

    Hi,

    I am a newbie C programmer and i'd like to know more about C. For purpose of the study, i am creating a packet sniffer and i am not to get the tcp source and destination ports.

    I am using a Linux Debian PPC with gcc compiler.

    Someone can help me?

    Thanks by help.

    My code is:

    Code:
    #include <stdio.h>
    #include <stdlib.h>
    #include <pcap.h>
    #include <netinet/ip.h>
    #include <netinet/in.h>
    #include <netinet/tcp.h>
    #include <net/ethernet.h>
    #include <arpa/inet.h>
    
    
    
    
    u_int16_t handle_ethernet( const struct pcap_pkthdr* pkthdr, const u_char* packet)
    {
          struct ether_header *eptr;
          eptr = (struct ether_header *) packet;
          struct ip* my_ip;
          my_ip = (struct ip*) (packet + sizeof(struct ether_header));
          struct tcphdr *tcp;
          tcp = (struct tcphdr*) (packet + sizeof(struct my_ip *));
          
                
          /*fprintf(stdout,"ethernet header source: %s \n", ether_ntoa(eptr->ether_shost));*/
          
          fprintf(stdout,"IP source address: %s:", inet_ntoa(my_ip->ip_src));
          
          fprintf(stdout,"Source Port: %d ->", ntohs(tcp->source));
        
          
          
          fprintf(stdout,"IP destination address: %s:", inet_ntoa(my_ip->ip_dst));
          fprintf(stdout,"Dest Port: %i \n", ntohs(tcp->dest));
          
          
         
    }
    
    
    void callback(u_char *useless,const struct pcap_pkthdr *pkthdr,const u_char *packet) {
    
        u_int16_t type = handle_ethernet(pkthdr,packet); 
        
           
        if (type == ETHERTYPE_IP){
        }
        else if (type == ETHERTYPE_ARP){
        }
        else if (type == ETHERTYPE_REVARP){}  
        
    }
    
        
    
    main(int argc, char **argv) {
      
      pcap_t *open_dev;
      char *dev;
      char errbuf[PCAP_ERRBUF_SIZE]; 
      struct pcap_pkthdr hdr;
      const u_char *packet;
      u_char* args = NULL;
      
        
      dev = pcap_lookupdev(errbuf);
      printf("Dev:%s\n", dev);
      
      open_dev = pcap_open_live(dev,65535,0,-1,errbuf);
      
      
      pcap_loop(open_dev,atoi(argv[1]),callback,args);
          
    
    }

  2. #2
    Registered User
    Join Date
    Apr 2005
    Posts
    134
    Following line

    Code:
    tcp = (struct tcphdr*) (packet + sizeof(struct my_ip *));
    is where problem is. You are giving size of pointer to a structure and not the actual structure. Size of any pointer on any 32-bit system will be 4 bytes always , which is not what you want.

    Also, you can get tcp header by casting the packet above ethernet and IP header. So the correct statement would be


    Code:
    tcp = (struct tcphdr*) (packet + sizeof(ether_header)+sizeof(struct ip));
    HTH,

  3. #3
    Frequently Quite Prolix dwks's Avatar
    Join Date
    Apr 2005
    Location
    Canada
    Posts
    8,047
    main() should return something . . . .

    Code:
          struct ip* my_ip;
          my_ip = (struct ip*) (packet + sizeof(struct ether_header));
          struct tcphdr *tcp;
          tcp = (struct tcphdr*) (packet + sizeof(struct my_ip *));
    You're declaring variables after assignment statements. Maybe this:
    Code:
          struct ip* my_ip = (struct ip*) (packet + sizeof(struct ether_header));
          struct tcphdr *tcp = (struct tcphdr*) (packet + sizeof(struct my_ip *));
    dwk

    Seek and ye shall find. quaere et invenies.

    "Simplicity does not precede complexity, but follows it." -- Alan Perlis
    "Testing can only prove the presence of bugs, not their absence." -- Edsger Dijkstra
    "The only real mistake is the one from which we learn nothing." -- John Powell


    Other boards: DaniWeb, TPS
    Unofficial Wiki FAQ: cpwiki.sf.net

    My website: http://dwks.theprogrammingsite.com/
    Projects: codeform, xuni, atlantis, nort, etc.

  4. #4
    Registered User
    Join Date
    Jul 2005
    Posts
    12

    Thumbs up

    Hi all,

    Thanks by help. I resolved the problem using the nkhambal's code.

    Code:
    tcp = (struct tcphdr*) (packet + sizeof(struct ether_header)+sizeof(struct ip));
    My question now is, where can I to get documentation about libraries in include/net or include/netinet folders? Or others networks libraries in subfolders of the include folders?

    Thanks again by yours answers...

    Hacinn

  5. #5
    and the hat of wrongness Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    32,663
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.
    I support http://www.ukip.org/ as the first necessary step to a free Europe.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Reading and writing to a serial port
    By SwarfEye in forum C Programming
    Replies: 2
    Last Post: 08-18-2006, 12:28 AM
  2. Obtaining source & destination IP,details of ICMP Header & each of field of it ???
    By cromologic in forum Networking/Device Communication
    Replies: 1
    Last Post: 04-29-2006, 02:49 PM
  3. Tutorial review
    By Prelude in forum A Brief History of Cprogramming.com
    Replies: 11
    Last Post: 03-22-2004, 08:40 PM
  4. Request for comments
    By Prelude in forum A Brief History of Cprogramming.com
    Replies: 15
    Last Post: 01-02-2004, 09:33 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21