Notice
Recent Posts
Recent Comments
LuvSea
리눅스 패킷 캡쳐(Packet Capture) , [PCAP] 본문
336x280(권장), 300x250(권장), 250x250, 200x200 크기의 광고 코드만 넣을 수 있습니다.
사용 라이브러리 :
pcap - packet capture library ([root@wowlinux pcap]# man 3 pcap)
source code
pcap - packet capture library ([root@wowlinux pcap]# man 3 pcap)
source code
struct pcap_pkthdr1#include·#include·····using·namespace·std;····int·main()····{········char·errbuf[PCAP_ERRBUF_SIZE];········char·*·pDevice;········pDevice·=·pcap_lookupdev(errbuf);········cout·<<·pDevice·<<·endl;········pcap_t·*·pPcap;············pPcap·=·pcap_open_live(pDevice,1500,·1,·0,·errbuf);········if(NULL·==·pPcap)········{············cout·<<·errbuf·<<·endl;············return·0;········}········const·u_char·*·pData;········struct·pcap_pkthdr·h;········pData·=·pcap_next(pPcap,·&h);········for(int·i·=·0;·i·<30;·++i)········{············printf("[%02x]",·*(pData+i));············if(9·==·i·%·10)················cout·<<·endl;········}········cout·<<·endl;························pcap_close(pPcap);········return·0;····}¶
1struct·pcap_pkthdr{struct·timeval·ts;·//·time·stampu_int32_t·caplen;·//·length·of·portion·presentu_int32_t·len;·//·length·this·packet·(off·wire)}¶
compile
g++ pcap.cc -o pcap -lpcap
실행 결과
패킷 구조
() = byte
패킷 구조
Preamble(8) | DA(6) | SA(6) | Type(2) | Info(46~1500) | FCS(4) |
DA(Destination Address) : Receiver MAC Address [00][0c] ... [a3][ac]
SA(Source Address) : Sender MAC Address [00][16] ... [4d][17]
Protocal Type : [08][00]
Info(User Information) : [45][00] ... [00][10]
SA(Source Address) : Sender MAC Address [00][16] ... [4d][17]
Protocal Type : [08][00]
Info(User Information) : [45][00] ... [00][10]
IP packet Header 구조 ( [45][00] ... )
망할 WowLinux...왜 해더파일 추가해도 에러가 나는지 ㅡ,.ㅡ...
'sTudy' 카테고리의 다른 글
[MFC] Register Hotkey 사용 (0) | 2009.09.24 |
---|---|
리눅스 Fedora core 6 Fixsys 폰트로 기본폰트 바꾸기 (0) | 2009.09.08 |
pcap 을 이용한 패킷 분석( IP 해더 분석 ) (0) | 2009.08.24 |
winpcap 라이브러리를 이용한 패키 분석(이더넷 부분 분석) (0) | 2009.08.24 |
push와 pop의 구분동작 (0) | 2009.08.10 |
Comments