使用libpcap抓取所有的http包

最新推荐文章于 2024-04-21 18:51:05 发布

stSahana

最新推荐文章于 2024-04-21 18:51:05 发布

阅读量2.7k

点赞数 1

分类专栏：计算机网络

本文链接：https://blog.csdn.net/stSahana/article/details/79487144

版权

本文介绍了如何利用libpcap库修改程序，设置TCP过滤器来专门捕获HTTP数据包，并将这些包保存到pcap格式的文件中，以便进一步分析。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

/* Simple Raw Sniffer                                                    */ 
/* Author: Luis Martin Garcia. luis.martingarcia [.at.] gmail [d0t] com  */
/* To compile: gcc httpsniffer.c -o httpsniffer -lpcap               */ 
/* Run as root!                                                          */ 
/*                                                                       */
/* This code is distributed under the GPL License. For more info check:  */
/* http://www.gnu.org/copyleft/gpl.html                                  */

#include <pcap.h> 
#include <string.h> 
#include <stdlib.h> 
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <net/ethernet.h>

#define MAXBYTES2CAPTURE 2048 


/* processPacket(): Callback function called by pcap_loop() everytime a packet */
/* arrives to the network card. This function prints the captured raw data in  */
/* hexadecimal.                                                                */
void processPacket(u_char *arg, const struct pcap_pkthdr* pkthdr, const u_char * packet){ 
struct ether_header *ethernet;
struct iphdr *ip;
struct tcphdr *tcp;
u_char *payload;
 int i=0, *counter = (int *)arg; 
/*
printf("size_ethernet:%d\n",ETHER_HDR_LEN);
printf("size_ip:%d\n",sizeof(struct iphdr));
printf("size_tcp:%d\n",sizeof(struct tcphdr));
 printf("Packet Count: %d\n", ++(*counter)); 
 printf("Received Packet Size: %d\n", pkthdr->len); 
*/
ethernet = (struct ether_header*)(packet);
ip = (struct iphdr*)(packet + ETHER_HDR_LE

最低0.47元/天解锁文章