#include <stdio.h>
#include <string.h>
#include <winsock2.h>
#include "ws2tcpip.h"
#pragma comment(lib,"ws2_32.lib")
#define MAX_PACK_LEN 65535 //接收的最大IP报文
#define MAX_ADDR_LEN 16 //点分十进制地址的最大长度
#define MAX_HOSTNAME_LEN 255 //最大主机名长度
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
typedef struct _iphdr
{
unsigned char h_lenver; //4位首部长度+4位IP版本号
unsigned char tos; //8位服务类型TOS
unsigned short total_len; //16位总长度(字节)
unsigned short ident; //16位标识
unsigned short frag_and_flags; //3位标志位
unsigned char ttl; //8位生存时间 TTL
unsigned char proto; //8位协议 (TCP, UDP 或其他)
unsigned short checksum; //16位IP首部校验和
unsigned int sourceIP; //32位源IP地址
unsigned int destIP; //32位目的IP地址
}IP_HEADER;
typedef struct _tcphdr //定义TCP首部
{
unsigned short th_sport; //16位源端口
unsigned short th_dport; //16位目的端口
unsigned int th_seq; //32位序列号
unsigned int th_ack; //32位确认号
unsigned char th_lenres; //4位首部长度/6位保留字
unsigned char th_flag; //6位标志位
unsigned short th_win; //16位窗口大小
unsigned short th_sum; //16位校验和
unsigned short th_urp; //16位紧急数据偏移量
}TCP_HEADER;
typedef struct _udphdr //定义UDP首部
{
unsigned short uh_sport; //16位源端口
unsigned short uh_dport; //16位目的端口
unsigned short uh_len; //16位长度
unsigned short uh_sum; //16位校验和
}UDP_HEADER;
int main(int argc,char *argv[])
{
WSADATA wsa;
SOCKET sock;
int err;
char buffer[MAX_PACK_LEN],buffer1[MAX_PACK_LEN];
char localname[MAX_HOSTNAME_LEN];
struct hostent *phostent;
struct sockaddr_in sniffer;
DWORD dwBufferLen[10] ;
DWORD dwBufferInLen = 1 ;
DWORD dwBytesReturned = 0 ;
IP_HEADER *pip;
TCP_HEADER *ptcp=buffer+sizeof(IP_HEADER);
UDP_HEADER *pudp=buffer+sizeof(IP_HEADER);
char *protocol;
SOCKADDR_IN addr;
int n;
//printf("Protocol |Source Address |Dest Address |Srcport |Destport/n");
printf("协议 |远端地址| |本地地址| |来源端口| |目的端口|/n");
if(WSAStartup(MAKEWORD(2,2),&wsa)!=0)printf("Init Socket Error.../n"),exit(0);
if((sock = socket(AF_INET,SOCK_RAW,IPPROTO_IP))==INVALID_SOCKET)
printf("Create Raw socket Error.../n"),exit(0);
gethostname(localname,MAX_HOSTNAME_LEN);
phostent = gethostbyname(localname);
sniffer.sin_family=AF_INET;
sniffer.sin_port=htons(60000);
memcpy(&sniffer.sin_addr.S_un.S_addr, phostent->h_addr_list[0], phostent->h_length);
err=bind(sock,(PSOCKADDR)&sniffer,sizeof(sniffer));
if(err==SOCKET_ERROR)printf("Bind Local ADDR Error../n"),exit(0);
WSAIoctl(sock, SIO_RCVALL,&dwBufferInLen, sizeof(dwBufferInLen),&dwBufferLen, sizeof(dwBufferLen),&dwBytesReturned , NULL , NULL );
while(1)
{
memset(buffer , 0 , sizeof(buffer) );
err = recv(sock , buffer , sizeof(buffer) , 0 );
if(err <= 0) continue;
else {
memcpy(buffer1,buffer,MAX_PACK_LEN);
pip=(IP_HEADER *)buffer;
if(pip->proto==6)protocol="TCP";
if(pip->proto==17)protocol="UDP";
if(pip->proto!=6&&pip->proto!=17)protocol="Other";
printf("%s ",protocol);
addr.sin_addr.s_addr = pip->sourceIP;
printf("%s-->",inet_ntoa(addr.sin_addr));
addr.sin_addr.s_addr = pip->destIP;
printf("%s ",inet_ntoa(addr.sin_addr));
if(pip->proto==6)
{
printf("%8d -->%8d",ntohs(ptcp->th_sport),ntohs(ptcp->th_dport));
putchar('/n');
for(n=sizeof(IP_HEADER)+sizeof(TCP_HEADER);n<pip->total_len;n++)
if(buffer[n]==0)continue;
else printf("%c",buffer1[n]);
putchar('/n');
}
if(pip->proto==17)
{
printf("%8d -->%8d",ntohs(pudp->uh_sport),ntohs(pudp->uh_dport));
putchar('/n');
for(n=sizeof(IP_HEADER)+sizeof(UDP_HEADER);n<pip->total_len;n++)
if(buffer[n]==0)continue;
else printf("%c",buffer1[n]);
putchar('/n');
}
if(pip->proto!=6&&pip->proto!=17)putchar('/n');
}
}
}