#include <pcap.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
#include <net/ethernet.h>
#include <linux/if_ether.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <stdint.h>
#include <sys/socket.h>
#include <arpa/inet.h>
/*
void proc_eth()
{}
void proc_ip()
{}
void proc_udp()
{}
void proc_tcp()
{}
void proc_http()
{}*/
int sumcnt;
int ipcnt;
int tcpcnt;
void proc_packet(uint8_t *para, const struct pcap_pkthdr *pkthdr,
const uint8_t *data)
{
struct ether_header *eth = NULL;
struct iphdr *ip = NULL;
struct tcphdr *tcp = NULL;
sumcnt++;
eth = (struct ether_header *)(data + 0);
if(eth->ether_type != htons(ETHERTYPE_IP) )
{
return;
}
ipcnt++;
ip = (struct iphdr *)(data + ETH_HLEN);
if (ip->protocol != IPPROTO_TCP)
{
return;
}
tcpcnt++;
tcp = (struct tcphdr *)(data + ETH_HLEN + ip->ihl * 4);
if (tcp->source == htons(80) || tcp->dest == htons(80) )
{return;
struct in_addr srcip, destip;
memcpy(&srcip, &(ip->saddr), sizeof(struct in_addr) );
memcpy(&destip, &(ip->daddr), sizeof(struct in_addr) );
fprintf(stderr, "src: %-15s:%-4u dest: %-15s:%-4u
",
inet_ntoa(srcip), ntohs(tcp->source),
inet_ntoa(destip), ntohs(tcp->dest) );
}
/*
proc_res(ip, tcp, (char *)(data + ETH_HLEN + ip->ihl * 4 + tcp->doff * 4),
ntohs(ip->tot_len) - ip->ihl * 4 - tcp->doff * 4);*/
};
void* showcnt(void *para)
{
while (1)
{
fprintf(stderr, "Sum: %10d IP: %10d TCP: %10d
", sumcnt, ipcnt, tcpcnt);
sleep(1);
}
}
int main(int argc, char **argv)
{
char errbuf[PCAP_ERRBUF_SIZE];
pcap_t * pcap;
pthread_t tid;
/*
device = pcap_lookupdev(errbuf);
if (device == NULL)
{
printf("pcap lookup device err: %s
", errbuf);
exit(1);
}*/
pthread_create(&tid, NULL, showcnt, NULL);
pcap = pcap_open_live(argv[1], 1500, 1, -1, errbuf);
if (pcap == NULL)
{
printf("pcap open err: %s
", errbuf);
exit(1);
}
if (pcap_loop(pcap, -1, proc_packet, NULL) == -1)
{
printf("pcap set callback function error.
");
exit(1);
}
while(1)
{
sleep(10);
}
//pcap_close(pcap);
exit(0);
}