I'm fairly new to working with sockets, and so far have only been able to send a char [] over a socket.
Now though, I'm trying to send a struct over a socket and am unsure of how to do this. I have the following struct
struct student_rec {
char name[25];
float gpa;
int pid;
};
In which I've initialized with the following
struct student_rec stu
strcpy(stu.name, "Mike McDonald");
stu.gpa = 2.5;
stu.pid = 0x12345678;
I can send stu.name without any issue, but am unsure of what parameters to use for the method sendto() when sending a struct.
Client
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdio.h>
#include <string.h>
/* This program sends a message in datagram to the receiver and waits
for reply. */
#define MSG "CIS 454/554 is a great course!!!"
#define BUFMAX 2048
struct student_rec {
char name[25];
float gpa;
int pid;
};
main(argc,argv)
int argc;
char *argv[];
{
int sk;
char buf[BUFMAX];
struct student_rec stu;
struct sockaddr_in remote;
struct hostent *hp;
strcpy(stu.name, "Mike McDonald");
stu.gpa = 2.5;
stu.pid = 0x12345678;
/* Create an Internet domain datagram socket */
sk = socket(AF_INET,SOCK_DGRAM,0);
remote.sin_family = AF_INET;
/* Get the remote machine address from its symbolic name
given in the command line argument */
hp = gethostbyname(argv[1]);
if (hp == NULL) {
printf("Can't find host name. %s\n", argv[1]);
exit (1);
}
bcopy(hp->h_addr,&remote.sin_addr.s_addr,hp->h_length);
/* get the remote port number from the command line */
remote.sin_port = ntohs(atoi(argv[2]));
sendto(sk,stu.name,strlen(stu.name)+1,0,&remote,sizeof(remote));/* Send the message */
read(sk,buf,BUFMAX); /* Get the reply */
printf("%s\n",buf);
close(sk);
}
Server
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
/* This program creates an Internet domain datagram socket, binds a
name to it, reads from it, and then replies to the sender. */
#define MSG "Are you sure ? I doubt!!!"
#define BUFMAX 2048
struct student_rec {
char name[25];
float gpa;
int pid;
};
main()
{
struct sockaddr_in local, remote;
int sk,rlen=sizeof(remote),len=sizeof(local);
char buf[BUFMAX];
/* Create an Internet domain datagram socket from which to read */
sk = socket(AF_INET,SOCK_DGRAM,0);
struct student_rec stu;
strcpy(stu.name, "Mike McDonald");
stu.gpa = 2.5;
stu.pid = 0x12345678;
local.sin_family = AF_INET; /* Define the socket domain */
local.sin_addr.s_addr = INADDR_ANY; /* Wildcard mach. addr */
local.sin_port = 0; /* Let the system assign a port */
bind(sk,&local,sizeof(local));
getsockname(sk,&local,&len); /* Get the port number assigned */
printf("socket has port %d\n",htons(local.sin_port)); /* Publish the number */
/* Read from the socket */
recvfrom(sk,buf,BUFMAX,0,&remote,&rlen);
printf("%s\n",buf);
sendto(sk,stu.name,strlen(stu.name)+1,0,&remote,sizeof(remote));
close(sk);
}
I think I'm getting confused as to what to replace strlen(stu.name) with as I'm now sending the entire struct.
Could I use a for loop to read each element of my struct, or is there some parameters I can pass to sendto() to do this?
You should serialize struct to xml, json, text or similar format and read it back on the other end as:
/* Tx */
struct student_rec s = {...};
char txt[100];
const int len = sprintf(txt, "%d,%f,%s", s.pid, s.gpa, s.name);
send_txt(txt);
/* Rx */
char txt[100];
recv_txt(txt);
struct student_rec s
sscanf(txt, "%d,%f,%s", &s.pid, &s.gpa, s.name);
Related
i wanted to send an icmp packet by writing my own IP header so i used the IP_HDRINCL option the code compiled and runs without any errors but there is no packet being sent when i run the program and capture packets using wireshark no error message from the program as well
here is the code:
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/ip_icmp.h>
#include <netinet/ip.h>
#include <netdb.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#define BUFFSIZE 2048
char sendbuf[BUFFSIZE];
int seqno=0;
unsigned short chksum(void *data,int bytes){
unsigned int sum=0;
unsigned short *octate=data,result;
while(bytes>1){
sum+=*octate++;
bytes-=2;
}
if(bytes==1){
sum+=*(unsigned char *)octate;
}
while(sum>>16){
sum=(sum>>16)+(sum&0xffff);
}
result=~sum;
return result;
}
struct addrinfo * getaddr(char *name){ //convert user input host to address structure
int e;
struct addrinfo hints,*res;
memset(&hints,0,sizeof(hints));
hints.ai_flags=AI_CANONNAME;
hints.ai_family=AF_INET;
if(e=getaddrinfo(name,0,&hints,&res)!=0){
printf("getaddrinfo error: %s\n",gai_strerror(e));
}
return res;
}
void create_packet(struct sockaddr *d){
/* Creating IP Packet */
struct ip *ip;
ip=(struct ip*)sendbuf;
ip->ip_v=4;
ip->ip_hl=5;
ip->ip_tos=0;
ip->ip_len=20+8;
ip->ip_id=8848;
ip->ip_off=IP_DF;
ip->ip_ttl=7;
ip->ip_p=IPPROTO_ICMP;
char srcip[]="192.168.1.69";
struct addrinfo *source = getaddr(srcip);
struct sockaddr_in *dest=(struct sockaddr_in *)d;
struct sockaddr_in *src=(struct sockaddr_in *)source->ai_addr;
ip->ip_src=src->sin_addr;
ip->ip_dst=dest->sin_addr;
ip->ip_sum=0;
ip->ip_sum=chksum(ip,sizeof(*ip));
/* Creating ICMP Packet */
struct icmp *icmp;
icmp=(struct icmp *)(sendbuf+20);
icmp->icmp_type=ICMP_ECHO;
icmp->icmp_code=0;
icmp->icmp_id=getpid();
icmp->icmp_seq=++seqno;
icmp->icmp_cksum=0;
icmp->icmp_cksum=chksum(icmp,8);
}
void main(int argc,char **argv){
int sock;
int on=1;
struct addrinfo *addr=getaddr(argv[1]);
if((sock=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))==-1){
perror("socket error: ");
return;
}
if(setsockopt(sock,IPPROTO_IP,IP_HDRINCL,&on,sizeof(on))==-1){
perror("setsockopt error");
return;
}
create_packet(addr->ai_addr);
if(sendto(sock,sendbuf,28,0,addr->ai_addr,addr->ai_addrlen)==-1){
perror("sendto error");
return;
}
}
While I can't be certain based on your code alone, I suspect that you're running this program on a little-endian processor (x86-based), and IP expects its numbers in big-endian order. This means that any multi-byte fields (ip_len, ip_off) are written in the wrong order. I suspect that if you change the following 2 lines:
ip->ip_len=20+8;
ip->ip_off=IP_DF;
to this:
ip->ip_len=htons(20+8);
ip->ip_off=htons(IP_DF);
that the packets will be properly sent.
Incidentally the ip->ip_id field is also in big-endian order, but unless you're sending multiple fragments it doesn't much matter.
I'm new to c++ and need help.
I use an UDP server to receive structure however i have problem to read it , the client send a structure I call : ChannAccessReq so the structure is send and the server receive it with RECVFROM and I use a general structure by reading the header (H1) of the struct only and then i do a read when a condition is fullfill with a more precise structure (temp2) for the buffer. However the client need to send the message twice , the first time it goes until recvfrom and the second it reach read() (i think) I tried all the day and wonder if its the size of the buffer ?
I think the most sensitive part is in the server with the recvfrom() who have a struct different from the read() just after..
I hope it's clear!
here is the server :
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <strings.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/socket.h>
#include "struct.h"
#include <iostream>
void DieWithError(char *err) {
perror(err);
exit(1);
}
typedef struct IntMsgHeaderType {
uint8_t code ; // Code message7
uint8_t bourrage ; // Octet de bourrage
uint16_t ParamLength; // Longueur eventuel données complémentaires
} HeaderInt;
typedef struct TextMessage //TESTTESTTEST
{
HeaderInt H; // Code message7
};
int main(int argc, char *argv[])
{
int sock; /* Socket */
struct sockaddr_in echoServAddr; /* Local address */
struct sockaddr_in echoClntAddr; /* Client address */
unsigned int cliAddrLen; /* Length of incoming message */
unsigned short echoServPort; /* Server port */
int recvMsgSize; /* Size of received message */
struct TextMessage * temp = (TextMessage *)malloc(sizeof(struct TextMessage));
HeaderInt *H1 =(HeaderInt *)malloc(104+sizeof(HeaderInt));
ChanAccesReq *temp2=(ChanAccesReq *)malloc(sizeof(ChanAccesReq));
if (!argv[1]) {
fprintf(stderr,"no port number provided");
exit(1);
}
echoServPort = atoi(argv[1]); /* First arg: local port */
/* Create socket for sending/receiving datagrams */
if ((sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
DieWithError("socket() failed");
/* Construct local address structure */
memset(&echoServAddr, 0, sizeof(echoServAddr)); /* Zero out structure */
echoServAddr.sin_family = AF_INET; /* Internet address family */
echoServAddr.sin_addr.s_addr = htonl(INADDR_ANY); /* Any incoming interface */
echoServAddr.sin_port = htons(echoServPort); /* Local port */
/* Bind to the local address */
if (bind(sock, (struct sockaddr *) &echoServAddr, sizeof(echoServAddr)) < 0)
DieWithError("bind() failed");
for (;;) /* Run forever */
{
cliAddrLen = sizeof(echoClntAddr);
int nbrOctet;
if (recvfrom(sock, H1, sizeof(*H1), 0,(struct sockaddr *) &echoClntAddr, &cliAddrLen)>0 && H1->code==1){
//read(sock,H1,sizeof(*H1));
std::cout<<"taille nbrOctet : "<<nbrOctet<<'\n';
memset(&echoServAddr, 0, sizeof(echoServAddr)); /* Zero out structure */
read(sock, temp2, sizeof(*temp2));
//read(sock,temp2,sizeof(*temp2))>0;
std::cout<<unsigned(temp2->P.linkAddr)<<'\n';
};
}
close(sock);
return 0;
}
and here the client
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <strings.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/socket.h>
#include "struct.h"
void DieWithError(char *err) {
perror(err);
exit(1);
}
typedef struct {
char transMode ;
uint8_t linkAddr;
} ChanAccessReqParam;
typedef struct {
HeaderInt H;
ChanAccessReqParam P;
} ChanAccesReq ;
int main(int argc, char *argv[])
{
int sock; /* Socket descriptor */
struct sockaddr_in echoServAddr; /* Echo server address */
struct sockaddr_in fromAddr; /* Source address of echo */
unsigned short echoServPort; /* Echo server port */
unsigned int fromSize; /* In-out of address size for recvfrom() */
char *servIP; /* IP address of server */
int structLen; /* Length of string to echo */
int respStringLen; /* Length of received response */
if (!argv[1]) {
fprintf(stderr,"No server IP sepcified at arg 1\n");
exit(1);
}
else if (!argv[2]) {
fprintf(stderr,"No port Number Sepcified at arg 2\n");
exit(2);
}
ChanAccesReq test { 1 ,1,0,'c',15};
servIP = argv[1]; /* First arg: server IP address (dotted quad) */
echoServPort = atoi(argv[2]); /* Use given port, if any */
/* Create a datagram/UDP socket */
if ((sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
DieWithError("socket() failed");
/* Construct the server address structure */
memset(&echoServAddr, 0, sizeof(echoServAddr)); /* Zero out structure */
echoServAddr.sin_family = AF_INET; /* Internet addr family */
echoServAddr.sin_addr.s_addr = inet_addr(servIP); /* Server IP address */
echoServAddr.sin_port = htons(echoServPort); /* Server port */
int tempint = 0;
tempint = sendto(sock, (ChanAccesInd*)&test, 10+(sizeof(test)), 0, (struct sockaddr *)
&echoServAddr, sizeof(echoServAddr));
if (tempint == -1 ) {
printf("Sent struct size: %d\n", tempint);
DieWithError("sendto() sent a different number of bytes than expected\n");
}
close(sock);
exit(0);
}
Thank you for your help
you can use a flag on recvfrom like "PEEK" see the modified code here :
recvfrom(sock, HeaderStruct, sizeof(*HeaderStruct), MSG_PEEK,(struct sockaddr *) &echoClntAddr, &cliAddrLen);
and the full code here
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <strings.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/socket.h>
#include "struct.h"
#include <iostream>
void GesCanSrvRecvMsg(){
int sock; // Socket
struct sockaddr_in echoServAddr; // Adresse local
struct sockaddr_in echoClntAddr; // Adresse Client
unsigned int cliAddrLen; // Longeur des messages entrant
unsigned short echoServPort; // Port Serveur
unsigned recvMsgSize; // Taille message reçu
//Creation allocation memoire necessaire pour recevoir les structures
HeaderInt *HeaderStruct=(HeaderInt *)malloc(sizeof(HeaderInt));
ChanAccesReq *ChanReqStruct=(ChanAccesReq *)malloc(sizeof(ChanReqStruct));
TransTimeReq *TransTReqStruct=(TransTimeReq *)malloc(sizeof(TransTReqStruct));
TransCancelReq *TransCReqStruct=(TransCancelReq *)malloc(sizeof(TransCReqStruct));
//Port definie a 13000
echoServPort = atoi("13000"); //Premier argument port local
//Creation socket
if ((sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) < 0)
Error("socket() failed");
//Construct local address structure
memset(&echoServAddr, 0, sizeof(echoServAddr));
echoServAddr.sin_family = AF_INET;
echoServAddr.sin_addr.s_addr = htonl(INADDR_ANY);
echoServAddr.sin_port = htons(echoServPort);
//Bind a ladresse
if (bind(sock, (struct sockaddr *) &echoServAddr, sizeof(echoServAddr)) < 0)
Error("bind() failed");
while(1) //Boucle infinie
{
cliAddrLen = sizeof(echoClntAddr);
HeaderStruct->code=0;
/*Attente des messages en ne regarde que l'entete Header
Flag -> MSG_PEEK pour eviter un double envoie du client*/
recvfrom(sock, HeaderStruct, sizeof(*HeaderStruct), MSG_PEEK,(struct sockaddr *) &echoClntAddr, &cliAddrLen);
std::cout<<"coucou"<<'\n';
char* subscIPAddr=inet_ntoa(echoClntAddr.sin_addr); // adresse iP Client
if (unsigned(HeaderStruct->code)==ChanAccessReqc){ //Si code == ChanAccessReqC (1)
recv(sock,ChanReqStruct,sizeof(*ChanReqStruct),0);
CSMAChnAccessLstReq.push_back(*ChanReqStruct); //Placement dans liste partagée avec GesCanSlot
}
else if (unsigned(HeaderStruct->code==TransTimeReqc)){ //Si code == TransTimeReqc (3)
recv(sock,TransTReqStruct,sizeof(*TransTReqStruct),0);
CSMATimeTransmLstReq.push_back(*TransTReqStruct);
}
else if (unsigned(HeaderStruct->code==TransCancelReqc)){ //Si code == TransCancelReqc (3)
recv(sock,TransCReqStruct,sizeof(*TransCReqStruct),0);
TransacCancelLst.push_back(*TransCReqStruct);
}
else {
Error("Error");
}
}
close(sock);
};
int main(int argc, char *argv[])
{
GesCanSrvRecvMsg();
return 0;
}
I have the following code for client and server
#include <sys/types.h>
#include <netinet/in.h>
#include <inttypes.h>
#include <netdb.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <strings.h>
#include <unistd.h>
int main(int argc, char *argv[])
{
int socket_fd;
struct sockaddr_in dest;
struct hostent *hostptr;
struct { char head; u_long body; char tail; } msgbuf;
socket_fd = socket (AF_INET, SOCK_DGRAM, 0);
bzero((char *) &dest, sizeof(dest)); /* They say you must do this */
hostptr = gethostbyname(argv[1]);
dest.sin_family = (short) AF_INET;
bcopy(hostptr->h_addr, (char *)&dest.sin_addr,hostptr->h_length);
dest.sin_port = htons((u_short)0x3333);
msgbuf.head = '<';
msgbuf.body = htonl(getpid()); /* IMPORTANT! */
msgbuf.tail = '>';
sendto(socket_fd,&msgbuf,sizeof(msgbuf),0,(struct sockaddr *)&dest,
sizeof(dest));
return 0;
}
server:
#include <sys/types.h>
#include <netinet/in.h>
#include <inttypes.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <strings.h>
#include <unistd.h>
#include <stdio.h>
int main(int argc, char *argv[])
{
int socket_fd, cc, fsize;
struct sockaddr_in s_in, from;
struct { char head; u_long body; char tail;} msg;
socket_fd = socket (AF_INET, SOCK_DGRAM, 0);
bzero((char *) &s_in, sizeof(s_in)); /* They say you must do this */
s_in.sin_family = (short)AF_INET;
s_in.sin_addr.s_addr = htonl(INADDR_ANY); /* WILDCARD */
s_in.sin_port = htons((u_short)0x3333);
printsin( &s_in, "RECV_UDP", "Local socket is:");
fflush(stdout);
bind(socket_fd, (struct sockaddr *)&s_in, sizeof(s_in));
for(;;) {
fsize = sizeof(from);
cc = recvfrom(socket_fd,&msg,sizeof(msg),0,(struct sockaddr *)&from,&fsize);
//printsin( &from, "recv_udp: ", "Packet from:");
printf("Got data ::%c%ld%c\n",msg.head,(long) ntohl(msg.body),msg.tail);
fflush(stdout);
}
return 0;
}
I'm looking for a way to change this code so that:
1.The client will send my name to the server and then will receive the server response.
2.On the server side, the server will receive the client name (instead of the current msg structure) and will send back its name.
I'm assuming I should just put my name in the msgbuf.body like this
msgbuf.head = '<';
msgbuf.body = 'liana';
msgbuf.tail = '>';
and delete the
msgbuf.body = htonl(getpid()); line.
or maybe make a new string for my name like this string name="liana";
and put it in the msgbuf.body like this msgbuf.body=name;(???)
is this the right deriction?
for reciving the response of the server I assume it is the same way as it was done for the server
should I add to client something like this?
int socket_fd, cc, fsize; // the socket that we receive to
struct sockaddr_in s_in, from; // decleration of the server and sending
(to the server) struct
fflush(stdout);//to ensure that whatever you just wrote to a file/the console is indeed written out on disk/the console.
bind(socket_fd, (struct sockaddr *)&s_in, sizeof(s_in));// conecting
between
the socket and all the details we entered
for(;;) {//infinite loop
fsize = sizeof(from);//set the size of the socket we resive to
cc = recvfrom(socket_fd,&msg,sizeof(msg),0,(struct sockaddr
*)&from,&fsize);//recive massage using UDP protocol
printf("Got data ::%c%ld%c\n",msg.head,(long) ntohl(msg.body),msg.tail);
//print the whole massage
fflush(stdout);//to ensure that whatever you just wrote to a file/the
console is indeed written out on disk/the console.
}
and just leave it like this without changing anything?
**how can I make the server receive the my name (instead of the current msg
structure)and send it back?
should I send it back using the
sendto(socket_fd,&msgbuf,sizeof(msgbuf),0,(struct sockaddr *)&dest,
sizeof(dest));
line?
**if I cant use the structure anymore how should i change this line?****
any help whould be appreciated,I'm kind of new to C and never worked with the client/server model
I'd like to get a list of available devices (their IP address or hostname should be fine) connected to my local network. I've got some examples in C#, but I couldn't find any sample using C/C++. I'm familiar with the BSD socket API, just to clarify.
I have a "stub" kind of idea: maybe I should determine the range of the IP addresses that the devices on my LAN can potentially belong to, and then determine if they e. g. respond to PING, or something like that. How could I achieve these?
I want my application to run on Linux and iOS. That's why I'd prefer BSD sockets, or at a maximum, Foundation/GNUstep (although they are written in Objective-C).
You can also e.g. send an ICMP echo request packet to 224.0.0.1. This is a special all-nodes multicast address every node should respond to (except if a firewall rule or network policy setting prevents it).
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <netinet/ip_icmp.h>
#include <time.h>
#include <fcntl.h>
#include <signal.h>
#include <time.h>
// Define the Packet Constants
// ping packet size
#define PING_PKT_S 64
// Automatic port number
#define PORT_NO 0
// Automatic port number
#define PING_SLEEP_RATE 1000000
// Gives the timeout delay for receiving packets
// in seconds
#define RECV_TIMEOUT 1
// Performs a DNS lookup
char *dns_lookup(char *addr_host, struct sockaddr_in *addr_con)
{
//printf("\nResolving DNS..\n");
struct hostent *host_entity;
char *ip=(char*)malloc(NI_MAXHOST*sizeof(char));
int i;
if ((host_entity = gethostbyname(addr_host)) == NULL)
{
// No ip found for hostname
return NULL;
}
//filling up address structure
strcpy(ip, inet_ntoa(*(struct in_addr *)
host_entity->h_addr));
(*addr_con).sin_family = host_entity->h_addrtype;
(*addr_con).sin_port = htons (PORT_NO);
(*addr_con).sin_addr.s_addr = *(long*)host_entity->h_addr;
return ip;
}
// Resolves the reverse lookup of the hostname
char* reverse_dns_lookup(char *ip_addr)
{
struct sockaddr_in temp_addr;
socklen_t len;
char buf[NI_MAXHOST], *ret_buf;
temp_addr.sin_family = AF_INET;
temp_addr.sin_addr.s_addr = inet_addr(ip_addr);
len = sizeof(struct sockaddr_in);
if (getnameinfo((struct sockaddr *) &temp_addr, len, buf,
sizeof(buf), NULL, 0, NI_NAMEREQD))
{
//printf("Could not resolve reverse lookup of hostname\n");
return NULL;
}
ret_buf = (char*)malloc((strlen(buf) +1)*sizeof(char) );
strcpy(ret_buf, buf);
return ret_buf;
}
// Driver Code
int main(int argc, char *argv[])
{
int sockfd;
char *ip_addr, *reverse_hostname;
struct sockaddr_in addr_con;
int addrlen = sizeof(addr_con);
char net_buf[NI_MAXHOST];
int i=0;
for(int i=1;i<255;++i)
{
char ip[80];
sprintf(ip, "192.168.2.%d", i);
ip_addr = dns_lookup(ip, &addr_con);
if(ip_addr==NULL)
{
//printf("\nDNS lookup failed! Could not resolve hostname!\n");
continue;
}
reverse_hostname = reverse_dns_lookup(ip_addr);
if(reverse_hostname==NULL)
{
//printf("\nDNS lookup failed! Could not resolve hostname!\n");
continue;
}
//printf("\nTrying to connect to '%s' IP: %s\n",ip, ip_addr);
printf("\nReverse Lookup domain: %s",
reverse_hostname);
printf("\n %s \n", ip);
}
return 0;
}
I have written a packet reader that uses libpcap to read a capture file. It reads the capture file and uploads captured data to a MySQL database. Sometimes it seems to work fine and others it returns invalid data (e.g. the source and destination ip will be the same, the tcp ports are all junk). I'm running this under a virtual RHEL 5. Here is my code (sorry if it's rather long or unnecessarily convoluted, this is my first attempt at this).
#include <arpa/inet.h>
#include <net/ethernet.h>
#include <netinet/ether.h>
#include <netinet/if_ether.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include "npc_tcp.h"
#include "npc_udp.h"
#include <ftw.h>
#include <pcap.h>
#include <stdio.h>
#include <sys/stat.h>
#include <regex.h>
#include <string.h>
#include <time.h>
const int IPTYPE_TCP = 6;
const int IPTYPE_UDP = 17;
struct cap_data {
char ts[64];
u_int16_t ether_type;
u_int16_t proto;
char *srcip;
char *dstip;
char *srcmac;
u_int16_t srcport;
u_int16_t dstport;
u_int8_t flags;
u_int capsize;
};
int main(int argc, char **argv) {
//pcap
struct cap_data data;
struct pcap_pkthdr pkthdr;
const u_char *packet;
pcap_t *handle;
char *fname = argv[1];
printf("%s\n", fname);
char errbuf[PCAP_ERRBUF_SIZE];
handle = pcap_open_offline(fname, errbuf);
char buf[1000];
while (packet = pcap_next(handle, &pkthdr)) {
int ether_flag;
struct ether_header *ether;
u_short ether_type;
ether = (struct ether_header *) packet;
data.ether_type = ntohs(ether->ether_type);
ether_flag = 1;
if (ether_flag) {
if (data.ether_type == ETHERTYPE_IP) {
struct ip *ip_hdr;
u_int length = pkthdr.len;
ip_hdr = (struct ip *)(packet + sizeof(struct ether_header));
data.proto = ip_hdr->ip_p;
data.dstip = inet_ntoa(ip_hdr->ip_dst);
data.srcip = inet_ntoa(ip_hdr->ip_src);
if (data.proto == IPTYPE_TCP) {
struct tcphdr *tcp;
tcp = (struct tcphdr*)(packet + sizeof(struct ether_header) +
sizeof(struct ip));
data.srcport = tcp->th_sport;
data.dstport = tcp->th_dport;
printf("%s %u %s %u\n\n", inet_ntoa(ip_hdr->ip_src), tcp->th_sport, inet_ntoa(ip_hdr->ip_dst), tcp->th_dport);
} else if (data.proto == IPTYPE_UDP) {
struct udphdr *udp;
udp = (struct udphdr *)(packet + sizeof(struct ether_header) +
sizeof(struct ip));
data.srcport = udp->uh_sport;
data.dstport = udp->uh_dport;
printf("%s %u %s %u\n\n", inet_ntoa(ip_hdr->ip_src), udp->uh_sport, inet_ntoa(ip_hdr->ip_dst), udp->uh_dport);
}
}
}
}//while
pcap_close(handle);
return 0;
}
UPDATE:
This outputs..
source ip port dest ip port
66.68.236.207 30151 66.68.236.207 47873
172.22.162.235 60920 172.22.162.235 36175
67.207.28.150 23007 67.207.28.150 22038
172.22.162.235 60920 172.22.162.235 36175
67.207.28.151 22038 67.207.28.151 23007
65.55.87.43 20480 65.55.87.43 21764
67.207.28.150 23007 67.207.28.150 22038
The addresses should not be the same and the port numbers are wrong as well.
I have no idea where to even start looking for errors as my code (at least to me) looks correct. Any help, tips, or advice would be greatly appreciated. Thanks :)
Two problems:
inet_ntoa returns a pointer to a static buffer.
When calling it twice within the same printf, it overwrites the same buffer. So you end up printing the same data.
Use inet_ntop instead, and give each call a separate buffer.
You should use ntohs() to convert the ports to host-order before printing.
What happens if, right after calling pcap_open_offline(), you do
if (pcap_datalink(handle) != DLT_EN10MB) {
fprintf(stderr, "This program handles only Ethernet captures\n");
return 2;
}