libpcap报文解析: ipv4、ipv6（待优化）

#include <string.h>
#include <stdlib.h>
#include <pcap.h>
#include <netinet/in.h>
#include "packet_header.h"

#define MAXBYTE2CAPTURE 2048

int isprint(char c)
{
    return 0;
}

void print_buf(u_char* pBuf, u_int32 len)
{
    if (!pBuf)
    {
        return;
    }

    for(int i=0; i<len; i++)
    {
        printf("%02x ",  (u_char*)pBuf[i]);

        if ((i%16 == 0 && i!=0) || i == len-1)
        {
            printf("
");
        }
    }
}

void parse_ethII(u_char* pData, u_int32 len)
{
    if (!pData || len <14)
    {
        return;
    }

    printf("eth II frame: 
");
    print_buf(pData, 14);

    /* parse src mac and dst mac */
    EthHeader_t* pEth = (EthHeader_t*)pData;
    printf("destination: %02x:%02x:%02x:%02x:%02x:%02x ",
        pEth->dest_hwaddr[0],
        pEth->dest_hwaddr[1],
        pEth->dest_hwaddr[2],
        pEth->dest_hwaddr[3],
        pEth->dest_hwaddr[4],
        pEth->dest_hwaddr[5]);

    printf("source : %02x:%02x:%02x:%02x:%02x:%02x",
        pEth->source_hwaddr[0],
        pEth->source_hwaddr[1],
        pEth->source_hwaddr[2],
        pEth->source_hwaddr[3],
        pEth->source_hwaddr[4],
        pEth->source_hwaddr[5]);

    /* parse frame type */
    printf("
frame type: 0x%x
", ntohs(pEth->frame_type));
}


void parse_ipheader(u_char* pData, u_int32 len)
{
    if (!pData || len <14)
    {
        return;
    }

    printf("ip header: 
");
    print_buf(pData, 20);

    /* parse ip header */
    IPHeader_t* pIpHeader = (IPHeader_t*)pData;
    printf("	version     : %02x
"
           "	tos         : %02x
"
           "	total length: %d(0x%02x)
"
           "	id          : %d(0x%02x)
"
           "	segment flag: %d(0x%02x)
"
           "	ttl         : %02x
"
           "	protocol    : %02x
"
           "	checksum    : %d(0x%02x)
"
           "	src ip      : %d.%d.%d.%d
"
           "	dst ip      : %d.%d.%d.%d
",
        pIpHeader->Ver_HLen,
        pIpHeader->TOS,
        ntohs(pIpHeader->TotalLen), ntohs(pIpHeader->TotalLen),
        ntohs(pIpHeader->ID), ntohs(pIpHeader->ID),
        ntohs(pIpHeader->Flag_Segment), ntohs(pIpHeader->Flag_Segment),
        pIpHeader->TTL,
        pIpHeader->Protocol,
        ntohs(pIpHeader->Checksum), ntohs(pIpHeader->Checksum),
        pIpHeader->SrcIP[0],pIpHeader->SrcIP[1],pIpHeader->SrcIP[2],pIpHeader->SrcIP[3],
        pIpHeader->DstIP[0],pIpHeader->DstIP[1],pIpHeader->DstIP[2],pIpHeader->DstIP[3]);
}

void parse_ip6header(u_char* pData, u_int32 len)
{
    if (!pData || len <14)
    {
        return;
    }

    printf("ipv6 header: 
");
    print_buf(pData, 40);

    /* parse ipv6 header */
    IPv6Header_t* pIpv6Header = (IPv6Header_t*)pData;
    printf("	version           : %x
"
           "	traffic class     : %x
"
           "	flow label        : %x
"
           "	payload length    : %x
"
           "	next header       : %x
"
           "	hop limit         : %x
"
           "	source            : %x
"
           "	destination       : %x
",
           pIpv6Header->ip6_ctlun.ip6_un2_vfc,
           pIpv6Header->ip6_ctlun.ip6_unl.ip6_unl_flow,
           pIpv6Header->ip6_ctlun.ip6_unl.ip6_unl_flow,
           pIpv6Header->ip6_ctlun.ip6_unl.ip6_unl_plen,
           pIpv6Header->ip6_ctlun.ip6_unl.ip6_unl_nxt,
           pIpv6Header->ip6_ctlun.ip6_unl.ip6_unl_hlim,
           pIpv6Header->ip6_src,
           pIpv6Header->ip6_dst);
}


void parse_packet(const u_char* packet, u_int32 len)
{
    u_short ftype = 0;

    if (!packet)
    {
        return ;
    }

    u_char* pMbuf = (u_char*)packet;
    parse_ethII(pMbuf, len);

    ftype = ntohs(((EthHeader_t*)pMbuf)->frame_type);
    switch(ftype)
    {
        case 0x0800:  /* ipv4 */
            pMbuf = (u_char*)packet + 14;
            parse_ipheader(pMbuf, len-14);
            break;
        case 0x86dd: /* ipv6 */
            pMbuf = (u_char*)packet + 14;
            parse_ip6header(pMbuf, len-14);
            break;
        default:
            printf("frame type : 0x%x
", ftype);
            break;
    }

    printf("
");
}

void processPacket(u_char *arg, const struct pcap_pkthdr *pkthdr, const u_char *packet)
{
    int i = 0, *counter = (int *)arg;

    printf("--------------------------------------------
");
    printf("Packet Count: %d
", ++(*counter));
    printf("Received Packet Size: %d
", pkthdr->len);
    printf("Payload:
");

#if 1
    for (i = 0; i < pkthdr->len; i++)
    {
        if (isprint(packet[i]))
        {
            printf("%02d ", packet[i]);
        }
        else
        {
            printf("%02x ", packet[i]);
        }

        if ((i % 16 == 0 && i != 0) || i == pkthdr->len-1)
        {
            printf("
");
        }

    }
#endif

    parse_packet(packet, pkthdr->len);

    return;
}

int main()
{

    int i = 0, count = 0;
    pcap_t *descr = NULL;
    char errbuf[PCAP_ERRBUF_SIZE], *device = NULL;
    memset(errbuf, 0, PCAP_ERRBUF_SIZE);

    /* Get the name of the first device suitable for capture */
    device = pcap_lookupdev(errbuf);
    if (!device)
    {
        printf("Open device failed.");
        return -1;
    }

    printf("Opening device %s
", device);

    /* Open device in promiscuous mode */
    descr = pcap_open_live(device, MAXBYTE2CAPTURE, 1, 512, errbuf);

    /* Loop forever & call processPacket() for every received packet */
    pcap_loop(descr, -1, processPacket, (u_char *)&count);

    return 0;
}

#ifndef PACKET_HEADER_H
#define PACKET_HEADER_H

#ifndef u_char
#define u_char unsigned char
#endif

#ifndef u_int8
#define u_int8 unsigned char
#endif

#ifndef u_int16
#define u_int16 unsigned short
#endif

#ifndef u_int32
#define u_int32 unsigned int
#endif

#ifndef u_int64
#define u_int64 unsigned long long
#endif

#ifndef u_short
#define u_short unsigned short
#endif

/* 以太帧头 */
typedef struct tagEthHeader_t
{
    //Pcap捕获的数据帧头
    u_int8 dest_hwaddr[6];   //目的MAC地址
    u_int8 source_hwaddr[6]; //源MAC地址
    u_short frame_type;      //帧类型
}EthHeader_t;

//IP数据报头
typedef struct tagIPHeader_t
{
    //IP数据报头
    u_int8  Ver_HLen; //版本+报头长度
    u_int8  TOS;      //服务类型
    u_int16 TotalLen;//总长度
    u_int16 ID;      //标识
    u_int16 Flag_Segment; //标志+片偏移
    u_int8  TTL;      //生存周期
    u_int8  Protocol; //协议类型
    u_int16 Checksum;//头部校验和
    u_int8 SrcIP[4];   //源IP地址
    u_int8 DstIP[4];   //目的IP地址
} IPHeader_t;

//IPv6基本首部
#if 0
typedef struct tagIPv6Header_t
{
    u_char    version:4;      // 4-bit版本号
    u_char  traffic_class:8;  // 8-bit流量等级
    u_int32 label:20;       // 20-bit流标签
    u_short    payload_len;    // 16-bit 载荷长度
    u_char    next_header;    // 8-bit 下一首部
    u_char    hop_limit;        // 8-bit 跳数限制
    struct
    {
        u_int64 prefix_subnetid;
        u_char interface_id[8];
    } src_ip;                // 128-bit 源地址
    struct
    {
        u_int64 prefix_subnetid;
        u_char interface_id[8];
    } dst_ip;                // 128-bit 目的地址

} IPv6Header_t;

typedef struct in6_addr {
  union {
    u_char  Byte[16];
    u_short Word[8];
  } u;
} IN6_ADDR, *PIN6_ADDR, FAR *LPIN6_ADDR;

#endif


typedef struct tagIPv6Header_t
{
    union
    {
        struct ip6_hdrctl
        {
            u_int32_t ip6_unl_flow;/* 4位的版本，8位的传输与分类，20位的流标识符 */
            u_int16_t ip6_unl_plen;/* 报头长度 */
            u_int8_t ip6_unl_nxt;  /* 下一个报头 */
            u_int8_t ip6_unl_hlim; /* 跨度限制 */
        }ip6_unl ;

        u_int8_t ip6_un2_vfc;/* 4位的版本号，跨度为4位的传输分类 */
    }ip6_ctlun ;

#define ip6_vfc              ip6_ctlun.ip6_un2_vfc
#define ip6_flow             ip6_ctlun.ip6_unl.ip6_unl_flow
#define ip6_plen             ip6_ctlun.ip6_unl.ip6_unl_plen
#define ip6_nxt              ip6_ctlun.ip6_unl.ip6_unl_nxt
#define ip6_hlim             ip6_ctlun.ip6_unl.ip6_unl_hlim
#define ip6_hops             ip6_ctlun.ip6_unl.ip6_unl_hops

    struct in6_addr ip6_src;/* 发送端地址 */
    struct in6_addr ip6_dst;/* 接收端地址 */
}IPv6Header_t;

//TCP数据报头
typedef struct tagTCPHeader_t
{
    //TCP数据报头
    u_int16 SrcPort; //源端口
    u_int16 DstPort; //目的端口
    u_int32 SeqNO;   //序号
    u_int32 AckNO;   //确认号
} TCPHeader_t;

#endif