原理其实很简单,那就是广播一个arp包,然后recv,如果没有数据(这里要设置延时),那么说明这个ip是可用的,否则就检测这个数据是否为回复我们发出的arp的应答包.如果是则证明ip已被使用,否则继续等待.
这里可以看下busybox的dhcp中的检测程序。
networking/udhcp/arpping.c
- /* vi: set sw=4 ts=4: */
- /*
- * arpping.c
- *
- * Mostly stolen from: dhcpcd - DHCP client daemon
- * by Yoichi Hariguchi <yoichi@fore.com>
- */
- #include <netinet/if_ether.h>
- #include <net/if_arp.h>
- #include "common.h"
- #include "dhcpd.h"
- //这里是arp包的格式,其中的数据格式都是宏了,比如uint_8_t为无符char.
- struct arpMsg {
- /* Ethernet header */
- uint8_t h_dest[6]; /* 00 destination ether addr */
- uint8_t h_source[6]; /* 06 source ether addr */
- uint16_t h_proto; /* 0c packet type ID field */
- /* ARP packet */
- uint16_t htype; /* 0e hardware type (must be ARPHRD_ETHER) */
- uint16_t ptype; /* 10 protocol type (must be ETH_P_IP) */
- uint8_t hlen; /* 12 hardware address length (must be 6) */
- uint8_t plen; /* 13 protocol address length (must be 4) */
- uint16_t operation; /* 14 ARP opcode */
- uint8_t sHaddr[6]; /* 16 sender's hardware address */
- uint8_t sInaddr[4]; /* 1c sender's IP address */
- uint8_t tHaddr[6]; /* 20 target's hardware address */
- uint8_t tInaddr[4]; /* 26 target's IP address */
- uint8_t pad[18]; /* 2a pad for min. ethernet payload (60 bytes) */
- } PACKED;
- enum {
- ARP_MSG_SIZE = 0x2a
- };
- /* Returns 1 if no reply received */
- //主程序,如果返回1说明此ip可用
- int arpping(uint32_t test_ip, uint32_t from_ip, uint8_t *from_mac, const char *interface)
- {
- int timeout_ms;
- //这里使用poll来检测句柄。
- struct pollfd pfd[1];
- #define s (pfd[0].fd) /* socket */
- int rv = 1; /* "no reply received" yet */
- struct sockaddr addr; /* for interface name */
- struct arpMsg arp;
- //建立scoket.由于我们是要直接访问访问链路层并自己组arp包.因此我们使用PF_PACKET协议簇.socket类型为SOCK_PACKET.
- s = socket(PF_PACKET, SOCK_PACKET, htons(ETH_P_ARP));
- if (s == -1) {
- bb_perror_msg(bb_msg_can_not_create_raw_socket);
- return -1;
- }
- if (setsockopt_broadcast(s) == -1) {
- bb_perror_msg("cannot enable bcast on raw socket");
- goto ret;
- }
- //进行组包,由于是要广播,因此目的mac地址为全0.
- /* send arp request */
- memset(&arp, 0, sizeof(arp));
- memset(arp.h_dest, 0xff, 6); /* MAC DA */
- memcpy(arp.h_source, from_mac, 6); /* MAC SA */
- arp.h_proto = htons(ETH_P_ARP); /* protocol type (Ethernet) */
- arp.htype = htons(ARPHRD_ETHER); /* hardware type */
- arp.ptype = htons(ETH_P_IP); /* protocol type (ARP message) */
- arp.hlen = 6; /* hardware address length */
- arp.plen = 4; /* protocol address length */
- arp.operation = htons(ARPOP_REQUEST); /* ARP op code */
- memcpy(arp.sHaddr, from_mac, 6); /* source hardware address */
- memcpy(arp.sInaddr, &from_ip, sizeof(from_ip)); /* source IP address */
- /* tHaddr is zero-fiiled */ /* target hardware address */
- memcpy(arp.tInaddr, &test_ip, sizeof(test_ip)); /* target IP address */
- memset(&addr, 0, sizeof(addr));
- safe_strncpy(addr.sa_data, interface, sizeof(addr.sa_data));
- //广播arp包.
- if (sendto(s, &arp, sizeof(arp), 0, &addr, sizeof(addr)) < 0) {
- // TODO: error message? caller didn't expect us to fail,
- // just returning 1 "no reply received" misleads it.
- goto ret;
- }
- /* wait for arp reply, and check it */
- //等待时间,超时则认为此ip地址可用
- timeout_ms = 2000;
- do {
- int r;
- unsigned prevTime = monotonic_us();
- pfd[0].events = POLLIN;
- //这边他是害怕poll被信号打断,因此加了层循环,其实这边我们还可以使用ppoll的,就可以了。
- r = safe_poll(pfd, 1, timeout_ms);
- if (r < 0)
- break;
- if (r) {
- //读取返回数据.
- r = read(s, &arp, sizeof(arp));
- if (r < 0)
- break;
- //检测是否为应打包,发送ip是否为我们所请求的ip,这里是为了防止其他的数据包干扰我们检测。
- if (r >= ARP_MSG_SIZE
- && arp.operation == htons(ARPOP_REPLY)
- /* don't check it: Linux doesn't return proper tHaddr (fixed in 2.6.24?) */
- /* && memcmp(arp.tHaddr, from_mac, 6) == 0 */
- && *((uint32_t *) arp.sInaddr) == test_ip
- ) {
- //说明ip地址已被使用
- rv = 0;
- break;
- }
- }
- timeout_ms -= ((unsigned)monotonic_us() - prevTime) / 1000;
- } while (timeout_ms > 0);
- ret:
- close(s);
- DEBUG("%srp reply received for this address", rv ? "No a" : "A");
- return rv;
- }
Ref: http://simohayha.javaeye.com/blog/267955
project:
bool CNetInterface::IPIsCollision(unsigned long ip, const char* name/* = "eth0"*/, unsigned short len/* = 4*/)
{
u_long hostIp = ip; //记录本地IP
u_char hostMac[6] = {0}; //记录本地MAC
int fd_arp = socket(AF_INET, SOCK_PACKET, htons(0x0806));
if( fd_arp < 0 )
{
printf("(%s %d) Failed: open socket failed\n",__FILE__,__LINE__);
return false;
}
struct ifreq ifr;
strcpy(ifr.ifr_name, name);
ifr.ifr_addr.sa_family = AF_INET;
//获取本机IP地址
if(ioctl(fd_arp, SIOCGIFADDR, &ifr)<0)
{
printf("(%s %d) Attention: no ip binded to interface %s\n",__FILE__,__LINE__,name);
}
else
{
struct sockaddr_in *sin_ptr=(struct sockaddr_in*)&ifr.ifr_addr;
hostIp = sin_ptr->sin_addr.s_addr;
}
if (hostIp == ip)
{
hostIp = 0;
}
//获取本机MAC地址
if (ioctl(fd_arp, SIOCGIFHWADDR, &ifr)<0)
{
printf("(%s %d) Error: no mac binded to interface %s\n",__FILE__,__LINE__,name);
close(fd_arp);
return false;
}
else
{
u_char * ptr=(u_char *)&ifr.ifr_ifru.ifru_hwaddr.sa_data[0];
memcpy(hostMac, ptr, 6);
}
//构造ARP请求报文
ARP_PACKET arp_packets;
memset(&arp_packets.target_Mac,0xff,6);
memcpy(&arp_packets.send_Mac,hostMac,6);
arp_packets.ethnet_type = htons(0x0806);
arp_packets.had_Type = htons(0x0001);
arp_packets.pro_Type = htons(0x0800);
arp_packets.had_Size = 0x06;
arp_packets.pro_Size = 0x04;
arp_packets.operate = htons(ARP_REQUEST);
memcpy(&arp_packets.send_Mac1,hostMac,6);
arp_packets.send_Ip = hostIp;
arp_packets.target_ip = ip;
memset(&arp_packets.target_Mac1,0,6);
struct sockaddr to;
memset(&to,0,sizeof(to));
strcpy(to.sa_data, name);
//设置超时时间
timeval timeout;
timeout.tv_sec = 1;
timeout.tv_usec = 0;
fd_set rdfd;
bool isCollision = false;
for (int timer = 0; timer<5 ;timer++)
{
int len = sendto(fd_arp,&arp_packets,sizeof(arp_packets),0,&to,sizeof(to) );
if( len < 0 )
{
//printf("(%s %d) Failed: sendto failed\n",__FILE__,__LINE__);
continue;
}
FD_ZERO(&rdfd);
FD_SET(fd_arp, &rdfd);
len = select(fd_arp+1, &rdfd, NULL, NULL, &timeout);
if( len > 0 )
{
socklen_t fromlen = 0;
ARP_PACKET arp_packet_rev;
memset(&arp_packet_rev,0,sizeof(arp_packet_rev));
len = recvfrom(fd_arp,&arp_packet_rev,sizeof(arp_packet_rev), 0,&to,&fromlen);
if( ( ARP_REPLAY==ntohs(arp_packet_rev.operate) ) && (arp_packet_rev.send_Ip == ip ) )
{
long ipReply = arp_packet_rev.send_Ip;
printf("(%s %d) Send Arp request ip=%lu.%lu.%lu.%lu\n",__FILE__,__LINE__,(ip&0xff),((ip>>8)&0xff),((ip>>16)&0xff),((ip>>24)&0xff));
printf("(%s %d) Receive Arp reply, ip=%lu.%lu.%lu.%lu, ",__FILE__,__LINE__,(ipReply&0xff),((ipReply>>8)&0xff),((ipReply>>16)&0xff),((ipReply>>24)&0xff));
printf(" mac=%02x.%02x.%02x.%02x.%02x.%02x\n",arp_packet_rev.send_Mac1[0],arp_packet_rev.send_Mac1[1],arp_packet_rev.send_Mac1[2],arp_packet_rev.send_Mac1[3],arp_packet_rev.send_Mac1[4],arp_packet_rev.send_Mac1[5]);
printf("(%s %d) This ip has been used: %lu.%lu.%lu.%lu\n",__FILE__,__LINE__,(ip&0xff),((ip>>8)&0xff),((ip>>16)&0xff),((ip>>24)&0xff));
isCollision = true;
break;
}
}
else
{
//printf("(%s %d) Failed: select timeout\n",__FILE__,__LINE__);
}
}
close(fd_arp);
return isCollision;
}