Добавил:
korayakov
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз:
Предмет:
Файл:
#ifndef __NSNIFF_H
#define __NSNIFF_H
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netinet/ether.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/tcp.h>
#include <netinet/udp.h>
struct npacket{
/* ethernet */
unsigned char eth_dest[ETH_ALEN];
unsigned char eth_source[ETH_ALEN];
unsigned short eth_proto;
/* ip */
u_int8_t ip_version;
u_int8_t ip_tos;
u_int16_t ip_id;
u_int8_t ip_df; /* do not fragment */
u_int8_t ip_mf; /* more fragment */
u_int8_t ip_ttl;
u_int8_t ip_protocol;
u_int32_t ip_saddr;
u_int32_t ip_daddr;
/* icmp */
u_int8_t icmp_type; /* message type */
u_int8_t icmp_code;
u_int16_t icmp_ident;
u_int16_t icmp_sequence;
/* udp */
u_int16_t udp_source;
u_int16_t udp_dest;
/* tcp */
u_int16_t tcp_source;
u_int16_t tcp_dest;
u_int32_t tcp_seq;
u_int32_t tcp_ack_seq;
unsigned char tcp_fin;
unsigned char tcp_syn;
unsigned char tcp_rst;
unsigned char tcp_psh;
unsigned char tcp_ack;
unsigned char tcp_urg;
u_int16_t tcp_urg_ptr;
char *data;
size_t data_len;
size_t data_size;
};
#include <qthread.h>
#include <qstring.h>
#include <qrect.h>
#include <qmessagebox.h>
#include <qwidget.h>
class NSniff : public QThread
{
public:
NSniff( QWidget * pparent );
~NSniff();
int setParams(QString pdev_name, time_t ptime, size_t pcount);
void run();
void stop();
void packet_callback(u_char *args, const struct pcap_pkthdr *header,
const u_char *packet);
int err_state(){ return err_code; }
QString err_msg() { return err_str; };
size_t getCount() { return qlen; };
int getResults(struct npacket ***r_queue, size_t *r_len);
QString print_packet(size_t index);
protected:
QWidget *parent;
QString dev_name;
struct npacket **queue;
size_t qsize;
size_t qlen;
int stopped;
time_t t_stop; /* time stop */
size_t c_stop; /* count stop */
int err_code;
QString err_str;
};
#endif
#ifdef BLABLABLA
struct ethhdr
{
unsigned char h_dest[ETH_ALEN]; /* destination eth addr */
unsigned char h_source[ETH_ALEN]; /* source ether addr */
unsigned short h_proto; /* packet type ID field */
} __attribute__((packed));
/* some ethernet protocols */
#define ETH_P_LOOP 0x0060 /* Ethernet Loopback packet */
#define ETH_P_IP 0x0800 /* Internet Protocol packet */
#define ETH_P_X25 0x0805 /* CCITT X.25 */
#define ETH_P_ARP 0x0806 /* Address Resolution packet */
#define ETH_P_RARP 0x8035 /* Reverse Addr Res packet */
#define ETH_P_ATALK 0x809B /* Appletalk DDP */
#define ETH_P_AARP 0x80F3 /* Appletalk AARP */
#define ETH_P_8021Q 0x8100 /* 802.1Q VLAN Extended Header */
#define ETH_P_IPX 0x8137 /* IPX over DIX */
#define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */
#define ETH_P_PPP_DISC 0x8863 /* PPPoE discovery messages */
#define ETH_P_PPP_SES 0x8864 /* PPPoE session messages */
#define ETH_P_ATMMPOA 0x884c /* MultiProtocol Over ATM */
#define ETH_P_ATMFATE 0x8884 /* Frame-based ATM Transport */
/*
* ip_tos:
* 4 - IP_V4
* 5 - stream datagram
* 6 - IP_V6
* 7 - TP/IX
* 8 - Internt-protocol P
* 9 - TUBA
* */
struct iphdr
{
#if __BYTE_ORDER == __LITTLE_ENDIAN
unsigned int ihl:4;
unsigned int version:4;
#elif __BYTE_ORDER == __BIG_ENDIAN
unsigned int version:4;
unsigned int ihl:4;
#else
# error "Please fix <bits/endian.h>"
#endif
u_int8_t tos;
u_int16_t tot_len;
u_int16_t id;
u_int16_t frag_off;
u_int8_t ttl;
u_int8_t protocol;
u_int16_t check;
u_int32_t saddr;
u_int32_t daddr;
/*The options start here. */
};
/* some IP protocols */
#define IPPROTO_IP 0 /* Dummy protocol for TCP. */
#define IPPROTO_ICMP 1 /* Internet Control Message Protocol. */
#define IPPROTO_IGMP 2 /* Internet Group Management Protocol. */
#define IPPROTO_IPIP 3 /* ip tunneling */
#define IPPROTO_TCP 6 /* Transmission Control Protocol. */
#define IPPROTO_UDP 17 /* User Datagram Protocol. */
#define IPPROTO_ICMPV6 58 /* ICMPv6. */
#define IPPROTO_RAW 255 /* Raw IP packets */
struct tcphdr
{
u_int16_t source;
u_int16_t dest;
u_int32_t seq;
u_int32_t ack_seq;
# if __BYTE_ORDER == __LITTLE_ENDIAN
u_int16_t res1:4;
u_int16_t doff:4;
u_int16_t fin:1;
u_int16_t syn:1;
u_int16_t rst:1;
u_int16_t psh:1;
u_int16_t ack:1;
u_int16_t urg:1;
u_int16_t res2:2;
# elif __BYTE_ORDER == __BIG_ENDIAN
u_int16_t doff:4;
u_int16_t res1:4;
u_int16_t res2:2;
u_int16_t urg:1;
u_int16_t ack:1;
u_int16_t psh:1;
u_int16_t rst:1;
u_int16_t syn:1;
u_int16_t fin:1;
# else
# error "Adjust your <bits/endian.h> defines"
# endif
u_int16_t window;
u_int16_t check;
u_int16_t urg_ptr;
};
struct udphdr {
u_int16_t source;
u_int16_t dest;
u_int16_t len;
u_int16_t check;
};
struct icmphdr
{
u_int8_t type; /* message type */
u_int8_t code; /* type sub-code */
u_int16_t checksum;
union
{
struct
{
u_int16_t id;
u_int16_t sequence;
} echo; /* echo datagram */
u_int32_t gateway; /* gateway address */
struct
{
u_int16_t __unused;
u_int16_t mtu;
} frag; /* path mtu discovery */
} un;
};
/* some pcap datalink */
/*
DLT_NULL
DLT_EN10MB
DLT_SLIP
DLT_PPP
DLT_LINUX_IRDA
DLT_LOOP
DLT_IEEE802_11
DLT_PPP_ETHER
DLT_PPP_SERIAL
DLT_RAW
DLT_FDDI
*/
/* ARP protocol opcodes. */
#define ARPOP_REQUEST 1 /* ARP request. */
#define ARPOP_REPLY 2 /* ARP reply. */
#define ARPOP_RREQUEST 3 /* RARP request. */
#define ARPOP_RREPLY 4 /* RARP reply. */
#define ARPOP_InREQUEST 8 /* InARP request. */
#define ARPOP_InREPLY 9 /* InARP reply. */
#define ARPOP_NAK 10 /* (ATM)ARP NAK. */
struct arphdr
{
unsigned short int ar_hrd; /* Format of hardware address. */
unsigned short int ar_pro; /* Format of protocol address. */
unsigned char ar_hln; /* Length of hardware address. */
unsigned char ar_pln; /* Length of protocol address. */
unsigned short int ar_op; /* ARP opcode (command). */
#if 0
/* Ethernet looks like this : This bit is variable sized
however... */
unsigned char __ar_sha[ETH_ALEN]; /* Sender hardware address. */
unsigned char __ar_sip[4]; /* Sender IP address. */
unsigned char __ar_tha[ETH_ALEN]; /* Target hardware address. */
unsigned char __ar_tip[4]; /* Target IP address. */
#endif
};
#endif /* ifdef BLABLABLA*/