我的 Ubuntu 虚拟机的 IP 地址是 192.168.1.110。其他一切看起来都很好。我不知道代码有什么问题。也许我使用了错误的包头结构?下面是我的代码和输出。同样,我的主机 IP 应该是 192.168.1.110 并且端口现在肯定是错误的。
sudo ./sniffall 0
84.72.137.105:38055 192.168.1.105:56652
192.168.1.105:56652 174.141.213.124:28073
84.72.137.105:38055 192.168.1.105:56652
192.168.1.105:56652 174.141.213.124:28073
84.72.137.105:38055 192.168.1.105:56652
#include <pcap.h>
#include <stdio.h>
#include <stdlib.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netinet/ip.h>
#include <netinet/if_ether.h>
#include <netinet/ether.h>
#include <sys/socket.h>
#include <netinet/tcp.h>
void getPacket(u_char *args, const struct pcap_pkthdr *pkthdr, const u_char *packet){
struct ip *ip;
struct tcphdr *tcp;
ip = (struct ip*)(packet+sizeof(struct ether_header));
tcp = (struct tcphdr*)(packet+sizeof(struct ether_header)+sizeof(struct ip));
char* src = inet_ntoa(ip->ip_src);
printf("%s:%d ",src,tcp->source);
char* dst = inet_ntoa(ip->ip_dst);
printf(" %s:%d\n", dst, tcp->dest);
}
int main(int argc, char *argv[]){
char errbuf[PCAP_ERRBUF_SIZE], *device;
device = argv[1];
pcap_t *handle;
handle = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf);
if(!handle){
device = pcap_lookupdev(errbuf);
handle = pcap_open_live(device, BUFSIZ, 1, 1000, errbuf);
if(!handle){
printf("Couldn't open device %s: %s\n", device, errbuf);
}
}
pcap_loop(handle, 5, getPacket, NULL);
return 0;
}