howardshamsham
asked on
Packet sniffer gone wrong
Im having some problems with this packet sniffer i wrote. It
will capture all packets fine but i also need it to send these
captured packets forwarded on to a client machine. this part of the
program is not working so well. Any help appreciated as i am at my
wits end.
Here is the code:
#include <stdio.h>
#include <sys/socket.h>
#include <resolv.h>
#include <arpa/inet.h>
#include <errno.h>
#include <sys/types.h>
#include <linux/if_ether.h>
#include < string.h>
int go = -1;
int x; /*global var for passing no of bytes recieved by sniffer*/
struct ipheader { /*Ip header structure*/
unsigned char headl:4, version:4;
unsigned char tos;
unsigned short int len;
unsigned short int id_seq;
unsigned short int offset;
unsigned char ttl;
unsigned char proto;
unsigned short int chksum;
unsigned int source;
unsigned int dest;
};
struct tcpheader {
unsigned short int srcport;
unsigned short int destport;
unsigned int seqnum;
unsigned int acknum;
unsigned char x2:4, offset:4;
unsigned char flags;
unsigned short int windowsize;
unsigned short int chksum;
unsigned short int urgentptr;
};
struct udpheader {
unsigned short int srcport;
unsigned short int destport;
unsigned short int len;
unsigned short int chksum;
};
int udpForward(char *buffer)
{
int t;
char data2[(x+1064)];
struct ipheader *ip=(void*)buffer;
int store = ip->id_seq;
printf("\n%i\n", store);
if (store!= go){ /*this guy checks to see if this packet was
forwarded already*/
go = store;
strcpy(data2, buffer); /*copies whole packet into data2*/
printf("copy successful \n");
/*Client initiated*/
int ipsoc = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
/*Now for the standard stuff*/
struct sockaddr_in raddrin;
raddrin.sin_family = AF_INET;
raddrin.sin_port = htons(3333);
raddrin.sin_addr.s_addr = inet_addr(" 192.168.1.66");/*Ip address
of data analysis client*/
/* ssize_t sendto(int socket, const void *message, size_t length,
int flags, const struct sockaddr *dest_addr, socklen_t
dest_len);*/
t = sendto(ipsoc, data2, sizeof(data2), 0, (struct sockaddr
*)&raddrin, x);
printf("t= %i\n", t);
if (t > -1)
printf("great success\n"); /*new packet sent*/
}
else{
perror( "t" );
printf("already sent\n");
go = -1;}
}
void sniffnetwork()
{
int n, bytes_read,i;
char data[1024];
n = socket(AF_INET, SOCK_PACKET, htons(ETH_P_IP));
if ( n < 0 )
printf("Snooper socket error");
do{
bytes_read = recvfrom(n, data, sizeof(data), 0, 0, 0);
if ( bytes_read > 0 ){
x = bytes_read;
printf("captured data:\n");
/*for (i=0; i<=bytes_read; i++){
printf("%X", data[i]);
}*/
printf("\n");
udpForward(data);
}
}
while ( bytes_read > 0 );
}
int main()
{
sniffnetwork();
return 0;
}
I think UDP is appropriate for forwarding on the packets as every
single one is not essential nor is the order.
will capture all packets fine but i also need it to send these
captured packets forwarded on to a client machine. this part of the
program is not working so well. Any help appreciated as i am at my
wits end.
Here is the code:
#include <stdio.h>
#include <sys/socket.h>
#include <resolv.h>
#include <arpa/inet.h>
#include <errno.h>
#include <sys/types.h>
#include <linux/if_ether.h>
#include < string.h>
int go = -1;
int x; /*global var for passing no of bytes recieved by sniffer*/
struct ipheader { /*Ip header structure*/
unsigned char headl:4, version:4;
unsigned char tos;
unsigned short int len;
unsigned short int id_seq;
unsigned short int offset;
unsigned char ttl;
unsigned char proto;
unsigned short int chksum;
unsigned int source;
unsigned int dest;
};
struct tcpheader {
unsigned short int srcport;
unsigned short int destport;
unsigned int seqnum;
unsigned int acknum;
unsigned char x2:4, offset:4;
unsigned char flags;
unsigned short int windowsize;
unsigned short int chksum;
unsigned short int urgentptr;
};
struct udpheader {
unsigned short int srcport;
unsigned short int destport;
unsigned short int len;
unsigned short int chksum;
};
int udpForward(char *buffer)
{
int t;
char data2[(x+1064)];
struct ipheader *ip=(void*)buffer;
int store = ip->id_seq;
printf("\n%i\n", store);
if (store!= go){ /*this guy checks to see if this packet was
forwarded already*/
go = store;
strcpy(data2, buffer); /*copies whole packet into data2*/
printf("copy successful \n");
/*Client initiated*/
int ipsoc = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
/*Now for the standard stuff*/
struct sockaddr_in raddrin;
raddrin.sin_family = AF_INET;
raddrin.sin_port = htons(3333);
raddrin.sin_addr.s_addr = inet_addr(" 192.168.1.66");/*Ip address
of data analysis client*/
/* ssize_t sendto(int socket, const void *message, size_t length,
int flags, const struct sockaddr *dest_addr, socklen_t
dest_len);*/
t = sendto(ipsoc, data2, sizeof(data2), 0, (struct sockaddr
*)&raddrin, x);
printf("t= %i\n", t);
if (t > -1)
printf("great success\n"); /*new packet sent*/
}
else{
perror( "t" );
printf("already sent\n");
go = -1;}
}
void sniffnetwork()
{
int n, bytes_read,i;
char data[1024];
n = socket(AF_INET, SOCK_PACKET, htons(ETH_P_IP));
if ( n < 0 )
printf("Snooper socket error");
do{
bytes_read = recvfrom(n, data, sizeof(data), 0, 0, 0);
if ( bytes_read > 0 ){
x = bytes_read;
printf("captured data:\n");
/*for (i=0; i<=bytes_read; i++){
printf("%X", data[i]);
}*/
printf("\n");
udpForward(data);
}
}
while ( bytes_read > 0 );
}
int main()
{
sniffnetwork();
return 0;
}
I think UDP is appropriate for forwarding on the packets as every
single one is not essential nor is the order.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.