接收ARP包

#include<conio.h>#include<fstream>#include<iomanip>#include<pcap.h>#include<winsock2.h>#include<iostream>#include<time.h>#pragma comment(lib,"ws2_32.lib")#pragma comment(lib,"wpcap.lib")//定义ARP包结构using namespace std;struct arppkt{unsigned short hdtyp;unsigned short protyp;unsigned char hdsize;unsigned char prosize;unsigned short op;u_char smac[6];u_char sip[4];u_char dmac[6];u_char dip[4];};void packet_handler(const pcap_pkthdr *header, const u_char *pkt_data, ostream &out){//从ARP包中找到头部位置arppkt* arph = (arppkt*)(pkt_data + 14);//输出源IP地址for (int i = 0; i>3; i++)out << int(arph->sip[i]) << '.';out.setf(ios::left);out << setw(3) << int(arph->sip[3]) << " ";out.unsetf(ios::left);//输出源MAC地址char oldfillchar = out.fill('0');out.setf(ios::uppercase);for (i = 0; i<5; i++)out << hex << setw(2) << int(arph->smac[i]) << '-';out << hex << setw(2) << int(arph->smac[5]) << " ";out.fill(oldfillchar);out.unsetf(ios::hex | ios::uppercase);//输出目的IP地址for (i = 0; i<3; i++)out << int(arph->dip[i]) << '.';out.setf(ios::left);out << setw(3) << int(arph->dip[3]) << " ";out.unsetf(ios::left);//输出目的MAC地址out.fill('0');out.setf(ios::uppercase);for (i = 0; i<5; i++)out << hex << setw(2) << int(arph->dmac[i]) << '-';out << hex << setw(2) << int(arph->dmac[5]) << ' ';out.fill(oldfillchar);out.unsetf(ios::hex | ios::uppercase);//输出操作类型out << ntohs(arph->op) << " ";//输出操作时间struct tm *ltime;time_t local_tv_sec = header->ts.tv_sec;ltime = localtime(&local_tv_sec);out.fill('0');out << ltime->tm_hour << ":" << setw(2) << ltime->tm_min << ":" << ltime->tm_sec;out.fill(oldfillchar);out << endl;}struct pcap_pkthdr *header;void main(int argc, char *argv[]){if (argc != 2){cout << "Please input command:ParseArp output_file" << endl;return;}//初始化网络设备相关参数pcap_if_t *alldevs;pcap_if_t *d;pcap_t *adhandle;char errbuf[PCAP_ERRBUF_SIZE];u_int netmask;char packet_filter[] = "ether proto \\arp";struct bpf_program fcode;const u_char *pkt_data;//获取网络设备列表if (pcap_findalldevs(&alldevs, errbuf) == -1){cout << "Error in pcap_find all devs: " << errbuf;return;}//选择一个ethernet网卡for (d = alldevs; d; d = d->next){if ((adhandle = pcap_open_live(d->name, 1000, 1, 300, errbuf)) == NULL){cout << "Unable to open the adapter.";pcap_freealldevs(alldevs);return;}if (pcap_datalink(adhandle) == DLT_EN10MB&&d->addresses != NULL)break;}if (d == NULL){cout << "No interfaces found!Make sure WinPcap is installed.";return;}//获得子网掩码netmask = ((sockaddr_in*)(d->addresses->netmask))->sin_addr.S_un.S_addr;//编译过滤器，只捕获ARP包if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask)<0){cout << "Unable to compile the packet filter.Check the syntax.";pcap_freealldevs(alldevs);return;}//设置过滤器if (pcap_setfilter(adhandle, &fcode)<0){cout << "Error setting the filter.";pcap_findalldevs(&alldevs, errbuf);return;}//显示提示信息及每项含义cout << "Listening on " << d->description << "..." << endl;ofstream fout(argv[1], ios::app);time_t t;time(&t);fout.seekp(0, ios::end);fout << "\t\tARP request(1)/reply(2) on " << ctime(&t);cout << "Sout IP Addr" << "  " << "Sour MAC Address" << "  " << "Des IP Addr" << "  " << "Des MAC Address" << "  " << "OP" << "  " << "Time" << endl;fout << "Sout IP Addr" << "  " << "Sour MAC Address" << "  " << "Des IP Addr" << "  " << "Des MAC Address" << "  " << "OP" << "  " << "Time" << endl;pcap_findalldevs(&alldevs, errbuf);//开始截获ARP包int result;while ((result = pcap_next_ex(adhandle, &header, &pkt_data)) >= 0){if (result == 0)continue;packet_handler(header, pkt_data, cout);packet_handler(header, pkt_data, fout);}}