#include<stdio.h>
#include<nids.h>
#include<string.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include<stdlib.h>
#include<netinet/ip.h>
#include<arpa/inet.h>
#include<netinet/tcp.h>
#include<netinet/udp.h>
char ascii_string[10000];
char * char_to_ascii(char c)
{
char * string;
ascii_string[0]=0;
string=ascii_string;
if(isgraph(c))
{
*(string++)=c;
}
else if(c==' ')
{
*(string++)=c;
}
else if(c=='
'||c=='r')
{
*(string++)=c;
}
else
{
*(string++)='.';
}
*string=0;
return ascii_string;
}
void udp_callback2(struct ip*iph)
{
struct udphdr * udp_protocol;
u_short length;
u_short udp_sport;
u_short udp_dport;
udp_protocol=(struct udphdr *)(iph+20);
udp_sport=ntohs(udp_protocol->uh_sport);
udp_dport=ntohs(udp_protocol->uh_dport);
length=ntohs(udp_protocol->uh_ulen);
printf("<----------UDP协议首部相关信息---------->
");
printf("UDP首部长度为:%d
",length);
printf("UDP的源端口为:%d
",udp_sport);
printf("UDP的目的端口为:%d
",udp_dport);
switch(udp_dport)
{
case 138: printf("UDP上层协议为NETBIOS数据报服务
");break;
case 137: printf("UDP上层协议为NETBIOS名字服务
");break;
case 139: printf("UDP上层协议为NETBIO会话服务
");break;
case 53 : printf("UDP上层协议为域名服务
");break;
default :break;
}
}
void ip_callback(struct ip*iph )
{
u_char packet_content;
struct iphdr * ip_protocol;
u_int header_length;
struct in_addr ip_saddress;
struct in_addr ip_daddress;
ip_saddress.s_addr=ip_protocol->saddr;
ip_daddress.s_addr=ip_protocol->daddr;
ip_protocol=(struct iphdr *)(iph);
header_length=ip_protocol->ihl*4;
printf("<----------IP首部相关信息---------->
");
printf("IP 版本号为:%d
",ip_protocol->version);
printf("IP 首部长度为:%d
",header_length);
printf("IP 总长度为:%d
",ntohs(ip_protocol->tot_len));
printf("IP 上层协议类型为:%d
",ip_protocol->protocol);
switch(ip_protocol->protocol)
{
case 6: printf("IP上层协议为:TCP
");break;
case 17: printf("IP上层协议为:UDP
");break;
case 1: printf("IP上层协议为:ICMP
");break;
default: break;
}
printf("源IP地址为:%s
",inet_ntoa(ip_saddress));
printf("目的IP地址为:%s
",inet_ntoa(ip_daddress));
switch(ip_protocol->protocol)
{
case 17: udp_callback2(iph);break;
default: break;
}
}
void udp_callback(struct tuple4*addr,char *buf,int len,struct ip*iph)
{
int i;
char address_string[1024];
char content[65535];
char content_urgent[65535];
strcpy(address_string,inet_ntoa(*((struct in_addr *)&(addr->saddr))));
sprintf(address_string+strlen(address_string)," : %d",addr->source);
strcat(address_string,"<---->");
strcat(address_string,inet_ntoa(*((struct in_addr *)&(addr->daddr))));
sprintf(address_string+strlen(address_string)," : %d",addr->dest);
strcat(address_string,"
");
printf("**********************************开始**********************************
");
printf("%s",address_string);
ip_callback(iph);
printf("------------------UDP数据包负载内容---------------
");
for(i=0;i<len;i++)
{
if(i%50==0)
{
printf("
");
}
printf("%s",char_to_ascii(buf[i]));
}
printf("
");
printf("***********************************结束*********************************
");
printf("
");
return;
}
void main()
{
struct nids_chksum_ctl temp;
temp.netaddr = 0;
temp.mask = 0;
temp.action = 1;
nids_register_chksum_ctl(&temp,1);
nids_params.device="wlan0";
nids_init();
nids_register_udp(udp_callback);
nids_run();
}