资料出处:http://blog.sohu.com/people/langsethotd/210849359.html
资料出处:http://bbs.chinaunix.net/thread-985862-1-1.html
libnids 库调用出错libnids库调用出错在网上找了baidu,google都搜了,都没有找到相应的解决办法!
环境如下:
系统:fedora core 6
第三方库已经安装成功,libnids, libpcap, libnet
代码:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "nids.h"
typedef struct in_addr in_addr; //用于存储TCP 源/目的端口
typedef struct half_stream tcp_half_content; //用于存储 TCP一端的数据信息
char ascii_string;
/*
转换字符为asc码
*/
char *char_to_ascii(char ch)
{
char *string;
ascii_string = 0;
string = ascii_string;
if(isgraph(ch))
{
*string++ = ch;
}
else if(ch == ' ')
{
*string++ = ch;
}
else if(ch == '\n' || ch == '\r')
{
*string++ = ch;
}
else
{
*string++ = '.';
}
*string = 0;
return ascii_string;
}
/*
* TCP 回调函数,来分析TCP 的连接状态
*/
void tcp_protocol_callback(struct tcp_stream *tcp_conn, void **arg)
{
char address_buf;
char content;
int i = 0;
/*
* 获取TCP连接的目的地址于原地址
*/
struct tuple4 tuple = tcp_conn->addr;
strcpy(address_buf, (char *)inet_ntoa(tuple.saddr));
sprintf(address_buf + strlen(address_buf), ":%i", tuple.source);
strcat(address_buf, "------>");
strcat(address_buf, (char *)inet_ntoa(tuple.daddr));
sprintf(address_buf + strlen(address_buf), ":%i", tuple.daddr);
strcat(address_buf, "\n");
/*
* 判断TCP 的连接状态
*/
switch(tcp_conn->nids_state)
{
case NIDS_JUST_EST:// 表示客户端与TCP服务器建立连接状态
tcp_conn->client.collect++;
tcp_conn->server.collect++;
tcp_conn->client.collect_urg++;
tcp_conn->server.collect_urg++;
printf("%s 建立连接\n", address_buf);
break;
case NIDS_CLOSE: // 表示TCP连接关闭
printf("-------------------------------\n");
printf("%s 连接关闭\n", address_buf);
break;
case NIDS_RESET: //表示TCP 连接被RST 关闭
printf("-------------------------------\n");
printf("%s 连接被RST关闭\n", address_buf);
break;
case NIDS_DATA: // 表示有信http://www.easymjm.com的数据到达
{
tcp_half_content *tcp_half_con;
/*
* 表示客户端有新的紧急数据到达
*/
if(tcp_conn->client.count_new_urg)
{
printf("-------------------------------\n");
printf("----------client urgent------------\n");
address_buf = 0;
address_buf = tcp_conn->client.urgdata;
printf("%s \n", address_buf);
break;
}
/*
* 表示服务端有新的紧急数据到达
*/
if(tcp_conn->server.count_new_urg)
{
printf("-------------------------------\n");
printf("----------server urgent------------\n");
address_buf = 0;
address_buf = tcp_conn->server.urgdata;
printf("%s \n", address_buf);
break;
}
/*
* 表示客户端有新的数据到达
*/
if(tcp_conn->client.count_new)
{
tcp_half_con = &tcp_conn->client;
printf("-------------------------------\n");
printf("----------client---------------\n");
printf("%s \n"http://www.sboom.net/, address_buf);
memcpy(content,tcp_half_con->data, tcp_half_con->count_new);
content = '\0';
/*
* 打印客户端接收的数据
*/
for(i = 0; i < tcp_half_con->count_new; i++)
{
printf("%s", char_to_ascii(content));
}
printf("\n");
break;
}
/*
* 表示服务端有新的数据到达
*/
if(tcp_conn->server.count_new)
{
tcp_half_con = &tcp_conn->server;
printf("-------------------------------\n");
printf("----------server---------------\n");
printf("%s \n", address_buf);
memcpy(content,tcp_half_con->data, tcp_half_con->count_new);
content = '\0';
/*
* 打印服务器端接收的数据
*/
for(i = 0; i < tcp_half_con->count_new; i++)
{
printf("%s", char_to_ascii(content));
}
printf("\n");
break;
}
break;
}
default:
break;
}
}
int main(void)
{
if(!nids_init())//对libnids初始化
{
printf("初始化错误\n");
exit(1);
}
nids_register_tcp(tcp_protocol_callback);//注册一个TCP连接的回掉函数
nids_run();//运行Libnids,进入循环捕获数据包状态
}
编译后出现如下错误:
# gcc -o protocolor protocolor_parse.c -lnids -lpcap -lnet
/usr/local/lib/libnids.a(libnids.o): In function `nids_dispatch':
/home/xihua/tools/libnids-1.22/src/libnids.c:759: undefined reference to `g_async_queue_push'
/home/xihua/tools/libnids-1.22/src/libnids.c:753: undefined reference to `g_thread_create_full'
/usr/local/lib/libnids.a(libnids.o): In function `cap_queue_process_thread':
/home/xihua/tools/libnids-1.22/src/libnids.c:560: undefined reference to `g_async_queue_pop'
/home/xihua/tools/libnids-1.22/src/libnids.c:566: undefined reference to `g_thread_exit'
/usr/local/lib/libnids.a(libnids.o): In function `nids_exit':
/home/xihua/tools/libnids-1.22/src/libnids.c:701: undefined reference to `g_async_queue_length'
/usr/local/lib/libnids.a(libnids.o): In function `nids_run':
/home/xihua/tools/libnids-1.22/src/libnids.c:682: undefined reference to `g_thread_create_full'
/home/xihua/tools/libnids-1.22/src/libnids.c:685: undefined reference to `g_async_queue_push'
/usr/local/lib/libnids.a(libnids.o): In function `nids_init':
/home/xihua/tools/libnids-1.22/src/libnids.c:665: undefined reference to `g_thread_init'
/home/xihua/tools/libnids-1.22/src/libnids.c:666: undefined reference to `g_async_queue_new'
/usr/local/lib/libnids.a(libnids.o): In function `nids_pcap_handler':
/home/xihua/tools/libnids-1.22/src/libnids.c:335: undefined reference to `g_async_queue_lock'
/home/xihua/tools/libnids-1.22/src/libnids.c:337: undefined reference to `g_async_queue_length_unlocked'
/home/xihua/tools/libnids-1.22/src/libnids.c:343: undefined refere
Kerberos V5介绍与分析--司伟生【信息安全国家重点实验室】
nce to `g_async_queue_push_unlocked'
/usr/local/lib/libnids.a(libnids.o): In function `nids_next':
/home/xihua/tools/libnids-1.22/src/libnids.c:739: undefined reference to `g_thread_create_full'
/home/xihua/tools/libnids-1.22/src/libnids.c:741: undefined reference to `g_async_queue_push'
/usr/local/lib/libnids.a(libnids.o): In function `nids_pcap_handler':
/home/xihua/tools/libnids-1.22/src/libnids.c:345: undefined reference to `g_async_queue_unlock'
collect2: ld 返回 1
我是libnids 初学者!
高手大侠们,指点指点!自己顶一下!
指点指点把!up高手如云!
没人知道吗?恩!
自己解决了!
呵呵!
原来是安装libnids版本太高了!原来安装的是1.22现在改成是1.20就没问题了!
呵呵!libnids 1.22以后使用了,glib2库中的gthread-2.0来实现多线程提高效率,因此在编译除了
-lnids -lpcap -lnet 以外还要加上 -lthread-2.0不好意思,是 -lgthread-2.0
当然因该先安装glib2.x的rpm包和相关的devel和head包
体验新版博客
扫一扫
188
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
