24 bytes

  • HOME
    • Algorithms
    blue
  • Bubble Sort
  • Bucket Sort
  • Insertion Sort
  • Selection Sort
  • Merge Sort
  • Quick Sort
  • Heap Sort
  • Counting Sort
  • Stack
  • Queue
  • Double Linked List
  • Binary Search Tree
  • Towers OF Hanoi

    • Java Programs
    green bullet
  • Download RMI Calculator
  • Download file
  • Clock applet
  • File Upload
  • JDOM Parser
  • Client server
  • Udp Client server
  • Sudoku Solver

    • System Programming
  • Newtwork Sniffer
    • Good Links
    green bullet
  • Free Source Code
  • Top Coder
  • Code Project
  • Learn Today
  • Concept
    • Intresting Programs
    green bullet
  • Prime Number
  • GCD Euclids
  • Permutations


    • Google
     
    Web 24bytes.com



    Download Network Sniffer in c 
    #include <pcap.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/tcp.h>
#include <netinet/udp.h>
#include <arpa/inet.h>
#include <netinet/if_ether.h> 
#include <net/ethernet.h>
#include <netinet/ether.h> 

	char *dev;  //device name 
//sizes 
	int size_ethernet = sizeof(struct ether_header); 
	int size_ip = sizeof(struct ip);
	int size_tcp = sizeof(struct tcphdr);
	int size_icmp=sizeof(struct icmphdr);
	int size_udp=sizeof(struct udphdr);	

/* function to print payload data */
 
void call_payload(const u_char *payload, int len)
{
	int paylen = len;
	int linew = 16;		/* number of bytes per line */
	int linel,i,n;
	int offset = 0;
	const u_char *ch;	
	//printf("len=%d",len);	
	
	if (len <= 0)
		return;

	if (len <= linew) 
	{
		ch = payload;
		for(i = 0; i < len; i++) 
		{
			printf("%c ", *ch);
			ch++;
			if (i == 7)
				printf(" ");
		}
		if (len < 8)
			printf(" ");
	
		if (len < 16) 
		{
			n = 16 - len;
			for (i = 0; i<n; i++) 
			{
				printf("   ");
			}
		}
		printf("   ");
	
		for(i = 0; i<len; i++) 
		{
			if (isprint(*ch))
				printf("%c", *ch);
			else
				printf(".");
			ch++;
		}
		printf("\n");
		return;
	}

	for ( ; ; ) 
	{
		linel = linew % paylen;
		ch = payload;
		for(i = 0; i<len; i++) 
		{
			printf("%02x ", *ch);
			ch++;
			if (i == 7)
				printf(" ");
		}
		if (len<8)
			printf(" ");
		if (len<16) 
		{
			n = 16 - len;
			for (i = 0; i<n; i++) 
			{
				printf("   ");
			}
		}
		printf("   ");
		/*for(i = 0; i < len; i++) 
		{
			if (isprint(*ch))
				printf("%c", *ch);
			else
				printf(".");
			ch++;
		}*/
		printf("\n");
		return;
	}
	paylen = paylen - linel;
	ch = ch + linel;
	offset = offset + linew;
	
	if (paylen<=linew) 
	{
		ch = payload;
		for(i = 0; i<len; i++) 
		{
			printf("%02x ", *ch);
			ch++;
			if (i == 7)
				printf(" ");
		}
		if (len < 8)
			printf(" ");
		if (len < 16) 
		{
			n = 16 - len;
			for (i = 0; i<n; i++) 
			{
				printf("   ");
			}
		}
		printf("   ");
	
		for(i = 0; i < len; i++) 
		{
			if (isprint(*ch))
				printf("%c", *ch);
			else
				printf(".");
			ch++;
		}
		printf("\n");
		return;
	}
	return;
}
	
void 	handle_Tcp(const u_char * packet)
{
struct tcphdr * tcp;
const char *payload; 
tcp=(struct tcphdr*)(packet+size_ethernet); 
printf("\n\t***************************************************************************\n");
printf("\n\tProtocol: TCP\n");
/*printf("\n\tSrc Port TCP %d:",ntohs(tcp->source));
printf("\n\tDst Port TCP %d",ntohs(tcp->dest));*/
payload=(char *)tcp+size_tcp;
call_payload(payload,98-(size_ip+size_tcp));
}
void 	handle_Udp(const u_char * packet)
{/*
struct udphdr * udphdr;
const char *payload; 
udphdr=(struct udphdr*)(packet+size_ethernet); 
printf("\n\t***************************************************************************\n");
printf("\n\tProtocol: UDP\n");
payload=(char *)udphdr+size_udp;
call_payload(payload,98-(size_ip+size_udp)););*/
}
void 	handle_Icmp(const u_char * packet)
{/*
struct icmphdr * icmphdr;
const char *payload; 
icmphdr=(struct icmphdr*)(packet+size_ethernet); 
printf("\n\t***************************************************************************\n");
printf("\n\tProtocol: ICMP\n");
payload=(char *)icmphdr+size_icmp;
call_payload(payload,30);*/
}

void handleIP( const u_char * packet)
{
	struct ip *ip;
	ip = (struct ip*)(packet + size_ethernet);
printf("\n\t***************************************************************************\n");
		printf("\tfrom %s\t",inet_ntoa(ip->ip_src));
		printf("\tTO %s\t",inet_ntoa(ip->ip_dst));						
		printf("\tttl %d \t\n",(ip->ip_ttl));
		printf("\tProtocol %d\t",(ip->ip_p));
		printf("\t\tChecksum %d\t",(ip->ip_sum));
		printf("\tTOS %d \t\n",(ip-> ip_tos));
		printf("\ttotal length %d \t",(ip-> ip_len));
		printf("\tIdentification %d \t",(ip->ip_id));
		printf("Fragment Offset %d \n",(ip->ip_off));	
		printf("\tVersion %d\t\n",(ip->ip_v));		
		/* to find the protocol type */
		if (ip->ip_p == IPPROTO_TCP)
		{	
			handle_Tcp(packet);
		}
		else
		if (ip->ip_p == IPPROTO_UDP)
		{
			handle_Udp(packet);
		}
		else
		if (ip->ip_p == IPPROTO_ICMP)
		{
			handle_Icmp(packet);
		}
		else
		if (ip->ip_p == IPPROTO_IP)
		{
			printf("\n\tProtocol: IP\n");
		}
		else 
		printf("\n\tProtocol: unknown\n");

}

void Process_Packet(u_char * a, const struct pcap_pkthdr *pk_header, const u_char * packet)
	  {
			static int Count=1;
			printf("\n\t----------------------------------------------------------------------------\n");
			printf("\n\tPacket %d:\n\t",Count++ );     
			struct ether_header *ethHeader;
			ethHeader = (struct ether_header *) packet;
			printf("\n\tTo MacAddress\t%s",ether_ntoa((struct ether_addr*)ethHeader->ether_dhost));	/* destination eth addr	*/
			printf("\n\tFrom MacAddress\t%s",ether_ntoa((struct ether_addr*)ethHeader->ether_shost));	/* source ether addr	*/
			printf("\n\tEthernet Type\t");
			if(ntohs (ethHeader->ether_type)==ETHERTYPE_IP)
			{
			printf("IP");	/*IP*/
			handleIP(packet);
			}
			else if(ntohs (ethHeader->ether_type)==ETHERTYPE_ARP)
			{
			printf("ARP");	/*ARP*/
			}
			else if(ntohs (ethHeader->ether_type)==ETHERTYPE_REVARP)
			{
			printf("RARP");	/*RARP*/
			}
			else if(ntohs (ethHeader->ether_type)==ETHERTYPE_REVARP)
			{
			printf("Xero PUP");	/*PUP*/
			}			

	   }
			     
int main(int argc,char **argv)
{ 

	/*
	Declarations 
	*/
	char errbuf[PCAP_ERRBUF_SIZE];  //256 defined in pcap.h
	pcap_t* pd;			
	int snaplen=200;  		//len of packet to capture
	const u_char *packet;	//packet
	bpf_u_int32 maskp; 		//mask 
	bpf_u_int32 netp;  		//net address 
	char localnet[INET_ADDRSTRLEN],umask[INET_ADDRSTRLEN];
	struct pcap_pkthdr hdr;
	u_char* args = NULL;          // dont know why??????
	if(argc != 2)     			// to take number of packets to sniff
	{ 
	printf("\tUsage: %s numpackets \n",argv[0]);
       	return 0;
	}	

	if(dev==NULL)			//ethernet or wlan card   get the device name to dev 
	{
		if((dev=pcap_lookupdev(errbuf))==NULL)          
		{
			perror("Device Lookup :");
		}	
	}
	
	if(dev == NULL)
	{ 
    		printf("%s\n",errbuf); exit(1); 
	}
	else
	{
		printf("\tThe Device Found is :%s\n",dev);            // the device found is 
	}

	if((pd=pcap_open_live(dev,snaplen,0,500,errbuf))==NULL)  //200bytes of capture ,0 promiscous,500 time out pd ??????
		perror("Error Open live ");
	
	if(pcap_lookupnet(dev,&netp,&maskp,errbuf)<0)  //net is network address , maskp is the umask value
		perror("Error lookup:");
		
	printf("\tlocal net %s and umask %s \n",inet_ntop(AF_INET,&netp,localnet,sizeof(localnet)),inet_ntop			(AF_INET,&maskp,umask,sizeof(umask)));
	


	if(packet == NULL)
	{
        	printf("Didn't grab packet\n");
        	exit(1);
	}
	
	printf("\nGrabbed packet of length: %d\n",hdr.len);
	printf("Ethernet address length: %d\n",ETHER_HDR_LEN);
	
	/* loop function*/ 
	pcap_loop(pd,atoi(argv[1]),Process_Packet,args); //calls my_callback()its a pcap_handler  for arv[1] (no of packets captured ) times 
	printf("\n\t----------------------------------------------------------------------------\n");

}
    . original template by Aran Down.