detect packet flow on net

Tonight,I downloaded and installed libpcap on Ubuntu8.04 .
I followed those steps:

1. Add a web link to my source.list .
 vim /etc/apt/sources.list
1 vim /etc/apt/sources.list
then add "deb http://fr.archive.ubuntu.com/ubuntu degy main" to sources.list

2. Execute "apt-cache search" command.
 1 root@houcy-desktop:/# apt-cache search libpcap
 2 libnet1 - library for the construction and handling of network packets
 3 libnet1-dev - development files for libnet
 4 libpcap-dev - Development library for libpcap (transitional package)
 5 libpcap0.7 - System interface for user-level packet capture
 6 libpcap0.7-dev - Development library and header files for libpcap 0.7
 7 sing - A fully programmable ping replacement
 8 libpcap0.8 - System interface for user-level packet capture
 9 libpcap0.8-dev - Development library and header files for libpcap 0.8
then, "apt-get install libpcap0.8-dev"

3.Where is the package installed?
1 root@houcy-desktop:/# whereis libpcap
2 libpcap: /usr/lib/libpcap.a /usr/lib/libpcap.so
3 root@houcy-desktop:/# whereis pcap
4 pcap: /usr/include/pcap.h /usr/share/man/man3/pcap.3.gz

4.Write an example program to test and sniffer the packets.
//whenever there is packet appears on net ,then print("find data")
//This is a simple program.

1
 #include <stdio.h>
 2 #include <sys/types.h>
 3 #include <sys/time.h>
 4 #include <sys/socket.h>
 5 #include <netinet/in.h>
 6 #include <netinet/in_systm.h>
 7 #include <netinet/ip.h>
 8 #include <netinet/if_ether.h>
 9 #include <pcap.h>  //this is a new header file
10 
11 #define DEFAULT_SNAPLEN 68
12 
13 void packet_print(u_char *user,const struct pcap_pkthdr * h,const u_char *p)
14 {
15     printf("Finde data\n");
16 }
17 
18 int main(int argc,char * argv[])
19 {
20     char ebuf[PCAP_ERRBUF_SIZE];
21     pcap_t * pd;
22     
23     if(argc<=1)
24     {
25         printf("usage:%s <network interface>\n",argv[0]);
26         exit(0);
27     }    
28 
29     if((pd=pcap_open_live(argv[1],DEFAULT_SNAPLEN,1,1000,ebuf))==NULL)
30     {
31         (void)packet_print(stderr,"%s",ebuf);
32         exit(1);
33     }
34 
35     if(pcap_loop(pd,-1,packet_print,NULL)<0)
36     {
37         (void)fprintf(stderr,"pcap_loop:%s\n",pcap_geterr(pd));
38         exit(1);
39     }
40 
41     pcap_close(pd);
42     exit(0);
43 }
then,compile it:
1 root@houcy-desktop:/# gcc eth_txt.c -L/usr/lib -lpcap -o ext_txt

5.Run and see.
1 root@houcy-desktop:/home/houcy# ./ext_txt eth0
2 Finde data
3 Finde data
4 Finde data
5 Finde data
6 Finde data
7 Finde data
8 

Okay, we have seen all the process, from the beginning of installing to writing a test program.Next day,we`ll add some feature to this simple program and make it more powerful!
Good night!^_^

posted on 2008-05-10 01:13 挑灯看剑 阅读(349) 评论(0)  编辑 收藏 引用 所属分类: Linux内核驱动编程

只有注册用户登录后才能发表评论。
<2012年10月>
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910

导航

公告

【自我介绍】 08年南开大学硕士毕业 最近关注:算法、Linux、c++、高并发 爱好:滑旱冰、打乒乓球、台球、保龄球

常用链接

随笔分类(139)

文章分类

我常去的网站

技术博客(都是大牛)

技术站点

搜索

积分与排名