Sniffer程序抓不到发往本机的包?解决方案
Sniffer程序抓不到发往本机的包?
做练习写了一个小程序抓包,本机发出去的包可以抓,但是抓不到发往本机的TCP ,UDP包,ICMP包倒是可以抓到,不明白是什么原因,各位大侠请帮忙看看,代码如下:
------解决方案--------------------
做练习写了一个小程序抓包,本机发出去的包可以抓,但是抓不到发往本机的TCP ,UDP包,ICMP包倒是可以抓到,不明白是什么原因,各位大侠请帮忙看看,代码如下:
- C/C++ code
SOCKET s = socket(AF_INET, SOCK_RAW, IPPROTO_IP);
if (INVALID_SOCKET == s)
{
printf("create socket fail --- %d\n", WSAGetLastError());
return 0;
}
DWORD flag;
setsockopt(s, IPPROTO_IP, IP_HDRINCL, (char *)&flag, sizeof(flag));
char szName[200];
::gethostname(szName, 199);
hostent *pHost = ::gethostbyname(szName);
if (pHost == NULL)
{
printf("get local host address fail --- %d\n", WSAGetLastError());
return 0;
}
sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_addr = *(struct in_addr *)pHost->h_addr_list[0];
addr.sin_port = htons(57727);
if (SOCKET_ERROR == ::bind(s, (sockaddr *)&addr, sizeof(addr)))
{
printf("bind socket fail --- (%d)\n", WSAGetLastError());
return 0;
}
u_long iMode = 1;
ioctlsocket(s, SIO_RCVALL, &iMode);
char buf[65535];
int iRevLen = 0;
while(1)
{
iRevLen = ::recv(s, buf, 65534, 0);
filter(buf, iRevLen);
}
------解决方案--------------------
- C/C++ code
sockaddr_in addr; addr.sin_family = AF_INET; addr.sin_addr = *(struct in_addr *)pHost->h_addr_list[0]; addr.sin_port = htons(57727); if (SOCKET_ERROR == ::bind(s, (sockaddr *)&addr, sizeof(addr)))
------解决方案--------------------
- C/C++ code
#include "stdio.h"
#include "string.h"
#include "Winsock2.h"
#include <ws2tcpip.h>
#include "mstcpip.h"
#include "time.h"
#pragma comment(lib,"WS2_32.lib")
int main(int argc, char **argv)
{
SOCKET SnifferSocket;
int Result;
char Packet[60000];
char Name[255];
WSADATA wsaData;
DWORD dwBufferLen[10];
DWORD dwBufferInLen = 1;
DWORD dwBytesReturned = 0;
struct hostent *pHostent;
Result = WSAStartup(MAKEWORD(2, 2), &wsaData);
if (Result == SOCKET_ERROR)
{
printf("WSAStartup failed with error %d\n", Result);
return 0;
}
SnifferSocket = socket(AF_INET, SOCK_RAW, IPPROTO_IP);
if (Result == SOCKET_ERROR)
{
printf("socket failed with error %d\n", WSAGetLastError());
closesocket(SnifferSocket);
return 0;
}
Result = gethostname(Name, 255);
if (Result == SOCKET_ERROR)
{
printf("gethostname failed with error %d\n", WSAGetLastError());
closesocket(SnifferSocket);
return 0;
}
pHostent = (struct hostent*)malloc(sizeof(struct hostent));
pHostent = gethostbyname(Name);
SOCKADDR_IN sock;
sock.sin_family = AF_INET;
sock.sin_port = htons(0);
memcpy(&sock.sin_addr.S_un.S_addr, pHostent->h_addr_list[2], pHostent->h_length);//2?
printf("\n ip addr is %s\n",inet_ntoa(sock.sin_addr));
Result = bind(SnifferSocket, (PSOCKADDR) &sock, sizeof(sock));
if (Result == SOCKET_ERROR)
{
printf("bind failed with error %d\n", WSAGetLastError());
closesocket(SnifferSocket);
return 0;
}
// Result = WSAIoctl(SnifferSocket, SIO_RCVALL, &dwBufferInLen, sizeof(dwBufferInLen),
// &dwBufferLen, sizeof(dwBufferLen), &dwBytesReturned, NULL, NULL);
Result =ioctlsocket(SnifferSocket, SIO_RCVALL, &dwBufferInLen);
if (Result == SOCKET_ERROR)
{
printf("WSAIoctl failed with error %d\n", WSAGetLastError());
closesocket(SnifferSocket);
return 0;
}
// HANDLE hCon= GetStdHandle(STD_OUTPUT_HANDLE);
//CONSOLE_SCREEN_BUFFER_INFO bInfo;
//GetConsoleScreenBufferInfo(hCon, &bInfo);
int packetcount = 0;
struct sockaddr_in from;//rendb
int fromlen ;//rendb
time_t temp;
while (true)
{
memset(Packet, 0, sizeof(Packet));
// Result = recv(SnifferSocket, Packet, sizeof(Packet), 0);
fromlen=sizeof(from);
Result = recvfrom(SnifferSocket, Packet, sizeof(Packet), 0,(struct sockaddr*)&from,&fromlen);//WSAEINTR
if (Result == SOCKET_ERROR)
{
printf("recv failed with error %d\n", WSAGetLastError());
closesocket(SnifferSocket);
return 0;
}
packetcount++;
time(&temp);
printf("Packet:%d Length:%d Time:%s from %s\n", packetcount, Result,
ctime(&temp),inet_ntoa(from.sin_addr));
if (packetcount==70) break;
}
// SetConsoleTextAttribute(hCon, bInfo.wAttributes);
if (closesocket(SnifferSocket) == SOCKET_ERROR)
{
printf("closesocket failed with error %d\n", WSAGetLastError());
return 0;
}
if (WSACleanup() == SOCKET_ERROR)
{
printf("WSACleanup failed with error %d\n", WSAGetLastError());
return 0;
}
return 1;
}