Thread: Obtaining source & destination IP,details of ICMP Header & each of field of it ???

  1. #1
    Registered User
    Join Date
    Apr 2006
    Posts
    13

    Obtaining source & destination IP,details of ICMP Header & each of field of it ???

    hi...i am new to C programming.how do i get the source & destination IP,ICMP header details and each field of it from the program below.please mail me if u need the header files and also the tcpdump binary file.i am really helpless.please please please help me...thank you.my email is [email protected]
    Code:
    /******************************************************************
     *					main.c - description						  *
     *																  *	
     *					date		  : March, 2003					  *	
     ******************************************************************/
    
    #ifdef HAVE_CONFIG_H
    #include <config.h>
    #endif
    
    #include <stdio.h>
    #include <stdlib.h>
    #include <string.h>
    
    
    #include "ethtype.h"
    #include "eth.h"
    #include "ip.h"
    #include "arp.h"
    #include "tcp.h"
    #include "icmp.h"
    #include "udp.h"
    
    #define NULL1 0
    #define TCPDUMP_MAGIC 0xa1b2c3d4	    /* Tcpdump Magic Number (Preamble)  */
    #define PCAP_VERSION_MAJOR	2	    	/* Tcpdump Version Major (Preamble) */
    #define PCAP_VERSION_MINOR	4	    	/* Tcpdump Version Minor (Preamble) */
    
    #define DLT_NULL	0				    /* Data Link Type Null  */
    #define DLT_EN10MB	1				    /* Data Link Type for Ethernet II 100 MB and above */
    #define DLT_EN3MB	2			       	/* Data Link Type for 3 Mb Experimental Ethernet */
    
    
    FILE *input;
    
    
    typedef struct packet_header
    {
    	unsigned int magic;					/* Tcpdump Magic Number	*/
    	unsigned short version_major;       /* Tcpdump Version Major */
    	unsigned short version_minor;	    /* Tcpdump Version Minor */
    	unsigned int thiszone;			    /* GMT to Local Correction */
    	unsigned int sigfigs;			    /* Accuracy of timestamps */
    	unsigned int snaplen;			    /* Max Length of Portion of Saved Packet */
    	unsigned int linktype;			    /* Data Link Type */
    } hdr;
    
    typedef struct packet_timestamp
    {
    	unsigned int tv_sec;			    /* Timestamp in Seconds */
    	unsigned int tv_usec;			    /* Timestamp in Micro Seconds */
    	/* Total Length of Packet Portion (Ethernet Length until the End of Each Packet) */
    	unsigned int caplen;
    	unsigned int len;				    /* Length of the Packet (Off Wire) */
    } tt;
    
    typedef struct ether_header
    {
    	unsigned char edst[ETHER_ADDR_LEN]; 	/* Ethernet Destination Address */
    	unsigned char esrc[ETHER_ADDR_LEN]; 	/* Ethernet Source Address */
    	unsigned short etype;		            /* Ethernet Protocol Type */
    } eth;
    
    typedef struct ip_header
    {
    	unsigned char ip_vhl;					/* IP Version Number and Header Length */
    	unsigned char ip_tos;					/* IP Type of Service */
    	unsigned char ip_len[IP_TTL_LEN];       /* IP Total Length */
    	unsigned char ip_id[IP_IDENT_LEN];      /* IP Identification */
    	unsigned short ip_off;					/* IP Offset */
    	unsigned char ip_ttl;					/* IP Time To Live */
    	unsigned char ip_proto;					/* IP Protocol Type */
    	unsigned char ip_sum[IP_SUM_LEN];       /* IP Checksum */
    	unsigned char ip_src[IP_ADDR_LEN];    	/* IP Source Address */
    	unsigned char ip_dst[IP_ADDR_LEN]; 	    /* IP Destination Address */
    } ip;
    
    unsigned short ip_len, ip_id, ip_sum; 
    
    typedef struct arp_header
    {
    	unsigned char arp_htype[ARP_TYPE_LEN];		/* ARP Hardware Format */
    	unsigned char arp_ptype[ARP_TYPE_LEN];		/* ARP Protocol Format */
    	unsigned char arp_haddr;					/* ARP Hardware Address Length */
    	unsigned char arp_paddr;					/* ARP Protocol Address Length */
    	unsigned char arp_op[ARP_OPCODE_LEN];		/* ARP Opcode */
    	unsigned char arp_hsrc[ARP_ETHER_ADDR_LEN];	/* ARP Sender Ethernet Address */
    	unsigned char arp_psrc[ARP_PROTO_ADDR_LEN];	/* ARP Sender IP Address */
    	unsigned char arp_hdst[ARP_ETHER_ADDR_LEN];	/* ARP Target Ethernet Address */
    	unsigned char arp_pdst[ARP_PROTO_ADDR_LEN];	/* ARP Target IP Address */
    } arp;
    
    unsigned short arp_htype, arp_ptype, arp_op;
    
    typedef struct icmp_header
    {
    	unsigned char icmp_type;					/* ICMP Type of Message */
    	unsigned char icmp_code; 					/* ICMP Type Sub Code */
    	unsigned char icmp_sum[ICMP_SUM_LEN];	    /* ICMP Checksum */
    } icmp;
    
    unsigned short icmp_sum;
    
    typedef struct tcp_header
    {
    	unsigned char tcp_sport[TCP_PORT_LEN];	    /* TCP Source Port */		
    	unsigned char tcp_dport[TCP_PORT_LEN];		/* TCP Destination Port */
    	unsigned char tcp_seq[TCP_SEQ_LEN];		    /* TCP Sequence Number */
    	unsigned char tcp_ack[TCP_ACK_LEN];	      	/* TCP Acknowledgement Number */
    	unsigned char tcp_len;						/* TCP Data Offset */
    	unsigned char tcp_flags;					/* TCP Flags */
    	unsigned char tcp_win[TCP_WIN_LEN];	     	/* TCP Window */
    	unsigned char tcp_sum[TCP_SUM_LEN];			/* TCP Checksum */
    	unsigned char tcp_ptr[TCP_PTR_LEN];		    /* TCP Urgent Pointer */
    } tcp;
    
    unsigned short tcp_src, tcp_dst, tcp_seq, tcp_ack, tcp_win, tcp_sum, tcp_ptr;
    
    typedef struct udp_header
    {
    	unsigned char udp_sport[UDP_PORT_LEN];		/* UDP Source Port */
    	unsigned char udp_dport[UDP_PORT_LEN];		/* UDP Destination Port */
    	unsigned char udp_len[UDP_HDR_LEN];		    /* UDP Length */
    	unsigned char udp_sum[UDP_SUM_LEN];			/* UDP Checksum */
    } udp;
    
    unsigned short udp_src, udp_dst, udp_len, udp_sum;
    
    int main(int argc, char *argv[])
    {
    	
    	unsigned int remain_len = 0;
    	unsigned char temp=0, hlen, version, tlen;
    	int i, count=0;
    
    	struct packet_header hdr;			/* Initialize Packet Header Structure */
    	struct packet_timestamp tt;			/* Initialize Timestamp Structure */
    	struct ether_header eth;			/* Initialize Ethernet Structure */
    	struct ip_header ip;			    /* Initialize IP Header Structure */
    	struct arp_header arp;			    /* Initialize ARP Header Structure */
    	struct icmp_header icmp;			/* Initialize ICMP Header Structure */
    	struct tcp_header tcp;			    /* Initialize TCP Header Structure */
    	struct udp_header udp;				/* Initialize UDP Header Structure */
             unsigned char buff;
    
    	input = fopen("abc", "rb");		/* Open Input File */
    	if(fopen == NULL1)
    		printf("Cannot open saved windump file.\n");
    	else
    	{
    		fread((char *) &hdr, sizeof(hdr), 1, input);	/* Read & Display Packet Header Information */
    		
    		printf("\n********** ********** PACKET HEADER ********** ***********\n");
    		printf("Preamble\n");
    		printf("Packet Header Length : %u bytes\n", sizeof(hdr));
    		printf("Magic Number  : %u\n", hdr.magic);
    		printf("Version Major : %u\n", hdr.version_major);
    		printf("Version Minor : %u\n", hdr.version_minor);
    		printf("GMT to Local Correction : %u\n", hdr.thiszone);
    		printf("Jacked Packet with Length of : %u\n", hdr.snaplen);
    		printf("Accuracy to Timestamp   : %u\n", hdr.sigfigs);
    		printf("Data Link Type (Ethernet Type II = 1)   : %u\n", hdr.linktype);
    	
    
    		/* Use While Loop to Set the Packet Boundary */
    		while(fread((char *) &tt, sizeof(tt), 1, input))  /* Read & Display Timestamp Information */
    		{
    			++count;
    			printf("\n");
    			printf("\n********** ********** TIMESTAMP & ETHERNET FRAME ********** ***********\n");
    			
    			printf("\nPacket Number: %d", count);  /* Display Packet Number */
    			printf("\nThe Packets  are Captured in : %u Seconds\n", tt.tv_sec);
    			printf("The Packets  are Captured in : %u Micro-seconds\n", tt.tv_usec);
    
    			/* Use caplen to Find the Remaining Data Segment */
    			printf("The Actual Packet Length: %u Bytes\n", tt.caplen);  
    			printf("Packet Length (Off Wire): %u Bytes\n", tt.len);
    						
    			fread((char *) &eth, sizeof(eth), 1, input); /* Read & display ethernet header information */
    			printf("Ethernet Header Length  : %u bytes\n", sizeof(eth));
    			printf("MAC Destination Address	: [hex] %x :%x :%x :%x :%x :%x \n\t\t\t  [dec] %d :%d :%d :%d :%d :%d\n", 
    				eth.edst[0], eth.edst[1], 
    				eth.edst[2], eth.edst[3], eth.edst[4], eth.edst[5], eth.edst[0], eth.edst[1], 
    				eth.edst[2], eth.edst[3], eth.edst[4], eth.edst[5], eth.edst[6]);
    
    			printf("MAC Source Address	: [hex] %x :%x :%x :%x :%x :%x \n\t\t\t  [dec] %d :%d :%d :%d :%d :%d\n", 
    				eth.esrc[0], eth.esrc[1], eth.esrc[2], 
    				eth.esrc[3], eth.esrc[4], eth.esrc[5], eth.esrc[0], eth.esrc[1], 
    				eth.esrc[2], eth.esrc[3], eth.esrc[4], eth.esrc[5]);
    			
    			for (i=0;i<tt.caplen -14;i++)
     			 { fread((char *) &buff, sizeof(buff), 1 , input);
                                printf(" %x", buff); 
                             }
    
    		} // end while 
    	} // end main else 
    
    	fclose(input); // Close input file 
    	
    	
    	return (0);
    }

  2. #2
    Registered User
    Join Date
    Sep 2004
    Posts
    197
    Quote Originally Posted by cromologic
    hi...i am new to C programming.how do i get the source & destination IP,ICMP header details and each field of it from the program below.please mail me if u need the header files and also the tcpdump binary file.i am really helpless.please please please help me...thank you.my email is [email protected]
    Code:
    typedef struct ip_header
    {
    	unsigned char ip_vhl;					/* IP Version Number and Header Length */
    	unsigned char ip_tos;					/* IP Type of Service */
    	unsigned char ip_len[IP_TTL_LEN];       /* IP Total Length */
    	unsigned char ip_id[IP_IDENT_LEN];      /* IP Identification */
    	unsigned short ip_off;					/* IP Offset */
    	unsigned char ip_ttl;					/* IP Time To Live */
    	unsigned char ip_proto;					/* IP Protocol Type */
    	unsigned char ip_sum[IP_SUM_LEN];       /* IP Checksum */
    	unsigned char ip_src[IP_ADDR_LEN];    	/* IP Source Address */
    	unsigned char ip_dst[IP_ADDR_LEN]; 	    /* IP Destination Address */
    } ip;
    
    typedef struct icmp_header
    {
    	unsigned char icmp_type;					/* ICMP Type of Message */
    	unsigned char icmp_code; 					/* ICMP Type Sub Code */
    	unsigned char icmp_sum[ICMP_SUM_LEN];	    /* ICMP Checksum */
    } icmp;
    I cut out the irrelevant parts of the code(at least from what I can understand of your question). I have a question for you though, what are you working on something like this for if you don't even have a clue what your looking at? This is an honest question.
    If any part of my post is incorrect, please correct me.

    This post is not guarantied to be correct, and is not to be taken as a matter of fact, but of opinion or a guess, unless otherwise noted.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. header and source files
    By gtriarhos in forum C Programming
    Replies: 3
    Last Post: 10-02-2005, 03:16 AM
  2. i am not able to figure ot the starting point of this
    By youngashish in forum C++ Programming
    Replies: 7
    Last Post: 10-07-2004, 02:41 AM
  3. Tutorial review
    By Prelude in forum A Brief History of Cprogramming.com
    Replies: 11
    Last Post: 03-22-2004, 09:40 PM
  4. Request for comments
    By Prelude in forum A Brief History of Cprogramming.com
    Replies: 15
    Last Post: 01-02-2004, 10:33 AM
  5. as a rule it is DESTINATION before SOURCE?
    By Shadow12345 in forum C++ Programming
    Replies: 1
    Last Post: 11-15-2002, 08:51 AM