pcap - How to analyse packet infromation from a traffic dump file in C++? -


i write c console program due dump network traffic "pcap" library. want packet information (e.g. protocol-type, sender-ip, etc) binary file.

my code :

#include "stdafx.h" #include <pcap.h> #include <stdio.h> #include <stdlib.h> #include <errno.h> #ifndef win32 #include <sys/socket.h> #include <netinet/in.h> #else #include <winsock.h> #endif   #define line_len 16 void dispatcher_handler(u_char *, const struct pcap_pkthdr *, const u_char *);  int main(int argc, char **argv) {     pcap_t *fp;     char errbuf[pcap_errbuf_size];     char source[pcap_buf_size];      if(argc != 2){          printf("usage: %s filename", argv[0]);         return -1;     }      /* create source string according new winpcap syntax */     if(pcap_createsrcstr(source,         // variable keep source string         pcap_src_file,  // want open file         null,           // remote host         null,           // port on remote host         argv[1],        // name of file want open         errbuf          // error buffer         ) != 0)     {         fprintf(stderr, "\nerror creating source string\n");         return -1;     }      /* open capture file */     if((fp = pcap_open(source,         // name of device         65536,          // portion of packet capture         // 65536 guarantees whole packet captured on link layers         pcap_openflag_promiscuous,     // promiscuous mode         1000,              // read timeout         null,              // authentication on remote machine         errbuf         // error buffer         )) == null)     {         fprintf(stderr, "\nunable open file %s.\n", source);         return -1;     }      // read , dispatch packets until eof reached     pcap_loop(fp, 0, dispatcher_handler, null);      return 0; }  void dispatcher_handler(u_char *temp1,     const struct pcap_pkthdr *header, const u_char *pkt_data) {     u_int = 0;     /* print pkt timestamp , pkt len */     printf("%ld:%ld (%ld)\n", header->ts.tv_sec, header->ts.tv_usec, header->len);      /* print packet */     for(i = 1; (i < header->caplen + 1); i++)     {         printf("%.2x ", pkt_data[i - 1]);         if((i % line_len) == 0) printf("\n");     }      printf("\n\n"); }

how can read traffic information (not hex codes) traffic file?

for inspecting traffic file, first need save in hexadecimal file structure :

 printf("%.2x ", pkt_data[i - 1]);

after can analysis hexadecimal strings. work 100 percentage!


Comments

Post a Comment

Popular posts from this blog

jquery - How do you format the date used in the popover widget title of FullCalendar? -

Image
in fullcalendar, how format date used in popover widget title when clicking '+n more'? code: <div class="fc-popover fc-more-popover"> <div class="fc-header fc-widget-header"> <span class="fc-close fc-icon fc-icon-x"></span> <span class="fc-title">tuesday, april 7</span> ... </div> ... </div> you use daypopoverformat that. determines date format of title of popover created eventlimitclick option. must date formatting string. default value "dddd, mmmm d" english , "ll" other languages.
Read more

Bubble Sort Manually a Linked List in Java -

Image
this first question here. trying manually sort linked list of integers in java , can not figure out wrong code. suggestions? don't error, still have output unordered. tried few different ways, nothing worked. appreciate if can me that. public class node { int data; node nextnode; public node(int data) { this.data = data; this.nextnode = null; } public int getdata() { return this.data; } } // node class public class datalinkedlist implements datainterface { private node head; private int size; public datalinkedlist(){ this.head = null; this.size = 0; } public void add(int data) { node node = new node(data); if (head == null) { head = node; } else { node currentnode = head; while(currentnode.nextnode != null) { currentnode = currentnode.nextnode; } currentnode.nextnode = node; ...
Read more

asp.net mvc - SSO between MVCForum and Umbraco7 -

i need integrate sso between mvcforum (forum of company) , umbraco7 (manages cms company). however struggling shared authentication work. tried several ways suggested on other threads still not running expected. here did: 1. in mvcforum (forum.mywebsite.com) 1.1. machine key in web.xml: <machinekey validationkey="the same key umbraco7" decryptionkey="the same key umbraco7" validation="sha1" decryption="aes" /> 1.2. authenticate forms in web.xml <forms name="my-sso-auth" protection="all" path="/" timeout="43200" domain="forum.mywebsite.com" loginurl="/members/logon" enablecrossappredirects="true" /> 2. in umbraco7 (news.mywebsite.com) 2.1. machine key in web.xml: <machinekey validationkey="the same key mvcforum" decryptionkey="the same key mvcforum" validation="sha1" decryption="aes" /> 2.2. a...
Read more