-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpkt.h
150 lines (123 loc) · 3.51 KB
/
pkt.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
/**
* @Author: S. Sharma <m4rtyr>
* @Date: 2020-01-24T20:25:03-06:00
* @Email: [email protected]
* @Last modified by: m4rtyr
* @Last modified time: 2020-02-02T22:22:52-06:00
*/
#ifndef PKT_H
#define PKT_H
#include "dbg.h"
#include <stdlib.h>
#include <sys/time.h>
#include <arpa/inet.h>
#include <pcap.h>
#define BPF_DEVICES_COUNT 99
#define BPF_DEVICE_NAME_LEN 10
#define FAILURE 0
#define SUCCESS 1
#define ETH_ADDR_LEN 6
#define IP_ADDR_LEN 15
#define TIMEOUT 1
#define MILLION 1000000.0L
/* Taken from net/ethernet.h */
#define ETHERTYPE_PUP 0x0200 /* PUP protocol */
#define ETHERTYPE_IP 0x0800 /* IP protocol */
#define ETHERTYPE_ARP 0x0806 /* Addr. resolution protocol */
#define ETHERTYPE_REVARP 0x8035 /* reverse Addr. resolution protocol */
#define ETHERTYPE_VLAN 0x8100 /* IEEE 802.1Q VLAN tagging */
#define ETHERTYPE_IPV6 0x86dd /* IPv6 */
#define ETHERTYPE_PAE 0x888e /* EAPOL PAE/802.1x */
#define ETHERTYPE_RSN_PREAUTH 0x88c7 /* 802.11i / RSN Pre-Authentication */
#define ETHERTYPE_PTP 0x88f7 /* IEEE 1588 Precision Time Protocol */
#define ETHERTYPE_LOOPBACK 0x9000 /* used to test interfaces */
#define ICMP_ECHO_REPLY 0x0
#define ICMP_DEST_UNRCHBLE 0x3
#define ICMP_SRC_QUENCH 0x4
#define ICMP_ECHO 0x8
#define ICMP_TIME_EXCEEDED 0xB
#define ICMP_PARAM_PROBLEM 0xC
#define ICMP_TIMESTAMP 0xD
#define ICMP_TIMESTAMP_REPLY 0xE
#define ICMP_INFO_REQ 0xF
#define ICMP_INFO_REPLY 0x11
#define SECONDS 1000000.0L // Number of microseconds in one second.
#define print_cases() \
create_case(ICMP_ECHO_REPLY) \
create_case(ICMP_DEST_UNRCHBLE) \
create_case(ICMP_SRC_QUENCH) \
create_case(ICMP_ECHO) \
create_case(ICMP_TIME_EXCEEDED) \
create_case(ICMP_PARAM_PROBLEM) \
create_case(ICMP_TIMESTAMP) \
create_case(ICMP_TIMESTAMP_REPLY) \
create_case(ICMP_INFO_REQ) \
create_case(ICMP_INFO_REPLY) \
#define create_case(icmp_case) \
case (icmp_case): \
type_str = #icmp_case; \
break; \
pcap_t *s;
extern time_t start;
/* NOTE: Some fields are combined together to prevent issues
with bit endianness. */
typedef struct ether_header
{
uint8_t ether_dhost[ETH_ADDR_LEN];
uint8_t ether_shost[ETH_ADDR_LEN];
uint16_t ether_type;
} ETH;
typedef struct ip
{
uint8_t version_ihl;
uint8_t dscp_ecn;
uint16_t tot_len;
uint16_t id;
uint16_t frag_off_flags;
uint8_t ttl;
uint8_t proto;
uint16_t chksum;
uint32_t src;
uint32_t dst;
} IP;
typedef struct tcp
{
uint16_t src;
uint16_t dst;
uint32_t seq;
uint32_t ack;
uint8_t data_off : 4;
uint8_t reserved : 6;
uint8_t ctrl_bits : 6;
uint16_t window;
uint16_t chksum;
uint16_t urg_ptr;
} TCP;
typedef struct udp
{
uint16_t src;
uint16_t dst;
uint16_t length;
uint16_t chksum;
} UDP;
typedef struct icmp
{
uint8_t type;
uint8_t code;
uint16_t chksum;
uint32_t header;
} ICMP;
pcap_t *open_dev(const char *dev);
const char *get_device_name(void);
void event_loop(const char *device_name);
void process_pkt(u_char *user, const struct pcap_pkthdr *h, const u_char *bytes);
/* Processing packet layers */
void process_ether(const u_char *data);
void process_ip(const u_char *data);
void process_layers(uint8_t proto, const u_char *data);
void process_tcp(const u_char *data);
void process_udp(const u_char *data);
void process_icmp(const u_char *data);
/* Internal Processing of Packet Data */
void print_ip_addr(uint32_t addr, const char *end);
#endif