socket抓包程序实验报告.docx
《socket抓包程序实验报告.docx》由会员分享,可在线阅读,更多相关《socket抓包程序实验报告.docx(15页珍藏版)》请在冰豆网上搜索。
![socket抓包程序实验报告.docx](https://file1.bdocx.com/fileroot1/2022-10/13/126eab53-acbd-4c5e-bd7e-fa61e5f70e15/126eab53-acbd-4c5e-bd7e-fa61e5f70e151.gif)
socket抓包程序实验报告
socket抓包程序实验报告
《网络编程与协议分析》课程设计报告
一、课设题目:
局域网数据包抓取与分析软件
二、课设要求:
1)抓取本地主机所在局域网子网内的所有数据包
2)分析并显示所抓取数据包的IP头部各字段的信息
3)分析并显示所抓取数据包的封装在IP数据包内的协议头部字段信息(TCP、UDP、
ICMP等)
4)生成日志信息,以文本文档形式保存
三、部分代码
1)初始化套接字
BOOLCTestDlg:
:
SockInit()
{
WSADATAwsa;
if(WSAStartup(MAKEWORD(2,2),&wsa)!
=0)
{
AfxMessageBox("WSAStartupfail!
");
}
m_sock=socket(AF_INET,SOCK_RAW,0);
if(m_sock==INVALID_SOCKET)
{
AfxMessageBox("socketfail!
");
}
SOCKADDR_INaddr;
addr.sin_family=AF_INET;
addr.sin_port=htons(5000);
structhostentFAR*pHostent;
charFARname[25];
gethostname(name,25);
pHostent=gethostbyname(name);
memcpy(&addr.sin_addr.S_un.S_addr,pHostent->h_addr_list[0],pHostent->h_len);
if(bind(m_sock,(SOCKADDR*)&addr,sizeof(addr))!
=0)
{
AfxMessageBox("bindfail!
");
}
DWORDdwBytesRet;
unsignedintoptval=1;
intpCount=0;
if(INVALID_SOCKET==(WSAIoctl(m_sock,SIO_RCVALL,&optval,sizeof(optval),
NULL,0,&dwBytesRet,NULL,NULL)))
{
AfxMessageBox("WSAIoctlFail!
");
returnfalse;
}
returntrue;
}
2)初始化表格
BOOLCTestDlg:
:
ListInit()
{
DWORDdwStyle=GetWindowLong(m_List.m_hWnd,GWL_STYLE);
SetWindowLong(m_List.m_hWnd,GWL_STYLE,dwStyle|LVS_REPO);
DWORDdwStyles=m_List.GetExStyle();
dwStyles&=~LVS_EX_CHECKBOXES;
m_List.SetExtendedStyle(dwStyles|LVS_EX_FULLROWSELECT|LVXGRIDLINES);
m_List.InsertColumn(1,"版本",LVCFMT_CENTER,40,0);
m_List.InsertColumn(2,"头部长度",LVCFMT_CENTER,60,1);
m_List.InsertColumn(3,"服务类型",LVCFMT_CENTER,60,2);
m_List.InsertColumn(4,"总长度",LVCFMT_CENTER,50,3);
m_List.InsertColumn(5,"标识符",LVCFMT_CENTER,50,4);
m_List.InsertColumn(6,"标志位",LVCFMT_CENTER,50,5);
m_List.InsertColumn(7,"片偏移",LVCFMT_CENTER,50,6);
m_List.InsertColumn(8,"生存周期",LVCFMT_CENTER,60,7);
m_List.InsertColumn(9,"协议",LVCFMT_CENTER,40,8);
m_List.InsertColumn(10,"首部校验和",LVCFMT_CENTER,80,9);
m_List.InsertColumn(11,"源地址",LVCFMT_CENTER,100,10);
m_List.InsertColumn(12,"目的IP地址",LVCFMT_CENTER,100,11);
returntrue;
}
3)ip,tcp,udp,icmp头部定义
structiphead
{
unsignedcharip_EdiAndLen;//版本&首部长度
unsignedcharip_Serve;//服务类型
unsignedshortintip_Len;//总长度
unsignedshortintip_Sign;//标识
unsignedshortintip_MarkAndMove;//标识&片偏移
unsignedcharip_Ttl;//生存时间
unsignedcharip_Protocol;//上层协议
unsignedshortintip_Sum;//首部校验和
unsignedintip_SoIp;//源ip
unsignedintip_DeIp;//目的ip};
structtcphead
{
unsignedshorttcp_SoPort;//16位的源端口
unsignedshorttcp_DePort;//16位的目的端口
unsignedinttcp_Seq;//32位的序列号
unsignedinttcp_Ack;//32位的确认号
首部长度和4位的保留字unsignedchartcp_LenAndRes;//4位的
unsignedchartcp_Flag;//2位的保留字和6位的标志位
unsignedshorttcp_Win;//16位的窗口大小
unsignedshorttcp_Wum;//16位校验和
unsignedshorttcp_Mov;//16位的紧急数据偏移量
};
structudphead
{
unsignedshortudp_SoPort;//源端口
unsignedshortudp_DePort;//目的端口
unsignedshortudp_Len;//总长度
unsignedshortudp_Sum;//校验和
};
structicmphead
{
unsignedcharicmp_Type;//类型
unsignedcharicmp_Code;//代码
unsignedshorticmp_Sum;//16位检验和};
4)“开始”按钮事件
voidCTestDlg:
:
OnStart()
{
//TODO:
Addyourcontrolnotificationhandlercodehere
DWORDcode;
if(!
GetExitCodeThread(m_thr,&code)||(code!
=STILL_ACTIVE))
{
alldata*recvdata=newalldata;
recvdata->lis=&m_List;
recvdata->sock=m_sock;
m_thr=CreateThread(NULL,0,RecvProc,(LPVOID)recvdata,0,NULL);
CloseHandle(m_thr);
}
else
{
m_List.DeleteAllItems();
ResumeThread(m_thr);
}
GetDlgItem(IDC_STOP)->EnableWindow(TRUE);
GetDlgItem(IDC_START)->EnableWindow(FALSE);
GetDlgItem(IDC_STOP)->SetFocus();
}
5)数据包抓取与初步处理
DWORDWINAPICTestDlg:
:
RecvProc(LPVOIDlpParameter){
SOCKETsock=((alldata*)lpParameter)->sock;
CListCtrl*lis=(CListCtrl*)(((alldata*)lpParameter)->lis);
structiphead*ih;
SOCKADDR_INtem;
charRecvBuf[65535]={0};
charsoip[16];
chardeip[16];
charbuf[100];
inti=0;
while
(1)
{
if(inta=recv(sock,ddat[++count].buff,sizeof(ddat[count].buff),0)<=0)
continue;
ih=(structiphead*)(ddat[count].buff);
tem.sin_addr.s_addr=ih->ip_SoIp;
strncpy(soip,inet_ntoa(tem.sin_addr),16);
tem.sin_addr.s_addr=ih->ip_DeIp;
strncpy(deip,inet_ntoa(tem.sin_addr),16);
lis->InsertItem(i,"fdgfg");
sprintf(buf,"%d",ih->ip_EdiAndLen>>4);
lis->SetItemText(i,0,buf);
sprintf(buf,"%d",ih->ip_EdiAndLen&0xf);
lis->SetItemText(i,1,buf);
sprintf(buf,"%d",ih->ip_Serve);
lis->SetItemText(i,2,buf);
sprintf(buf,"%d",ih->ip_Len);
lis->SetItemText(i,3,buf);
sprintf(buf,"%d",ih->ip_Sign);
lis->SetItemText(i,4,buf);
sprintf(buf,"%d",ih->ip_MarkAndMove>>13);
lis->SetItemText(i,5,buf);
sprintf(buf,"%d",ih->ip_MarkAndMove&0x1fff);
lis->SetItemText(i,6,buf);
sprintf(buf,"%d",ih->ip_Ttl);
lis->SetItemText(i,7,buf);
switch((int)ih->ip_Protocol)
{
case1:
sprintf(buf,"%s","ICMP");break;
case2:
sprintf(buf,"%s","IGMP");break;
case6:
sprintf(buf,"%s","TCP");break;
case8:
sprin