This is a discussion on Packet sniffer with some spice - Networking ; Hi there, Im having some problems with this packet sniffer i wrote. It will capture all packets fine but i also need it to send these captured packets forwarded on to a client machine. this part of the program is ...
Hi there, Im having some problems with this packet sniffer i wrote. It
will capture all packets fine but i also need it to send these
captured packets forwarded on to a client machine. this part of the
program is not working so well. Any help appreciated as i am at my
wits end. Also forgive the poor coding style
Here is the code:
#include
#include
#include
#include
#include
#include
#include
#include < string.h>
int go = -1;
int x; /*global var for passing no of bytes recieved by sniffer*/
struct ipheader { /*Ip header structure*/
unsigned char headl:4, version:4;
unsigned char tos;
unsigned short int len;
unsigned short int id_seq;
unsigned short int offset;
unsigned char ttl;
unsigned char proto;
unsigned short int chksum;
unsigned int source;
unsigned int dest;
};
struct tcpheader {
unsigned short int srcport;
unsigned short int destport;
unsigned int seqnum;
unsigned int acknum;
unsigned char x2:4, offset:4;
unsigned char flags;
unsigned short int windowsize;
unsigned short int chksum;
unsigned short int urgentptr;
};
struct udpheader {
unsigned short int srcport;
unsigned short int destport;
unsigned short int len;
unsigned short int chksum;
};
int udpForward(char *buffer)
{
int t;
char data2[(x+1064)];
struct ipheader *ip=(void*)buffer;
int store = ip->id_seq;
printf("\n%i\n", store);
if (store!= go){ /*this guy checks to see if this packet was
forwarded already*/
go = store;
strcpy(data2, buffer); /*copies whole packet into data2*/
printf("copy successful \n");
/*Client initiated*/
int ipsoc = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
/*Now for the standard stuff*/
struct sockaddr_in raddrin;
raddrin.sin_family = AF_INET;
raddrin.sin_port = htons(3333);
raddrin.sin_addr.s_addr = inet_addr(" 192.168.1.66");/*Ip address
of data analysis client*/
/* ssize_t sendto(int socket, const void *message, size_t length,
int flags, const struct sockaddr *dest_addr, socklen_t
dest_len);*/
t = sendto(ipsoc, data2, sizeof(data2), 0, (struct sockaddr
*)&raddrin, x);
printf("t= %i\n", t);
if (t > -1)
printf("great success\n"); /*new packet sent*/
}
else{
perror( "t" );
printf("already sent\n");
go = -1;}
}
void sniffnetwork()
{
int n, bytes_read,i;
char data[1024];
n = socket(AF_INET, SOCK_PACKET, htons(ETH_P_IP));
if ( n < 0 )
printf("Snooper socket error");
do{
bytes_read = recvfrom(n, data, sizeof(data), 0, 0, 0);
if ( bytes_read > 0 ){
x = bytes_read;
printf("captured data:\n");
/*for (i=0; i<=bytes_read; i++){
printf("%X", data[i]);
}*/
printf("\n");
udpForward(data);
}
}
while ( bytes_read > 0 );
}
int main()
{
sniffnetwork();
return 0;
}
I think UDP is appropriate for forwarding on the packets as every
single one is not essential nor is the order.
