自己动手学TCP/IP--以太网帧
来源:互联网 发布:php exec 返回值 编辑:程序博客网 时间:2024/05/01 19:40
数据链路层主要的功能
- 把网络层的包封装成帧
- 对帧的校验和确认
- 流量的控制
数据链路层生成以太网帧,以太网帧的主要格式如下。
太网帧的传输大小是由传输媒介决定的,数据帧的大小是64—1518。帧头14个字节,分别是目标MAC地址
(6个字节)+源MAC地址(6个字节)+协议类型(2个字节),帧尾是32位的CRC冗余校验。对于两个字
节协议字段,0×0800主要用于IP协议,还有一些其他的网络协议,比如Novell IPX等。
这里先介绍以太网帧头格式,用libcap抓出来的包最后的CRC冗余校验已经在物理网卡上完成。下面是代码
#include <pcap.h>#include <stdio.h>#include <stdlib.h> #include <string.h>#include <sys/socket.h>#include <arpa/inet.h>#include <net/ethernet.h>#include <netinet/ip_icmp.h>//Provides declarations for icmp header#include <netinet/udp.h>//Provides declarations for udp header#include <netinet/tcp.h>//Provides declarations for tcp header#include <netinet/ip.h>//Provides declarations for ip header#define BUFFER_SIZE 2048#define HIGH4(a) (((a&0xf0))>>4)#define LOW4(a) (a&0x0f)int size ;void process_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *buffer);void print_mac(const u_char *packet_buffer);void mac_to_str(char *szMac, unsigned char mac[6]);int main(int argc,char *argv[]){pcap_if_t *alldevsp , *device;pcap_t *handle; //Handle of the device that shall be sniffedchar errbuf[100] , *devname , devs[100][100];int count = 1 , n;//First get the list of available devicesprintf("Finding available devices ... ");if( pcap_findalldevs( &alldevsp , errbuf) ){printf("Error finding devices : %s" , errbuf);exit(1);}printf("Done");//Print the available devicesprintf("\nAvailable Devices are :\n");for(device = alldevsp ; device != NULL ; device = device->next){printf("%d. %s - %s\n" , count , device->name , device->description);if(device->name != NULL){strcpy(devs[count] , device->name);}count++;}//Ask user which device to sniffprintf("Enter the number of the device you want to sniff : ");scanf("%d" , &n);devname = devs[n];//Open the device for sniffingprintf("Opening device %s for sniffing ... " , devname);handle = pcap_open_live(devname , 65536 , 1 , 0 , errbuf);if (handle == NULL){fprintf(stderr, "Couldn't open device %s : %s\n" , devname , errbuf);exit(1);}printf("Done\n");//Put the device in sniff looppcap_loop(handle , -1 , process_packet , NULL);return 0;}void process_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *buffer){size = header->len;print_mac(buffer);}void print_mac(const u_char *packet_buffer){struct ethhdr *ethernet_header = NULL;//ether headerchar sour_mac[40] = {'\0'};//<linux/if_ether.h>char des_mac[40] = {'\0'};//#define ETH_ALEN 6ethernet_header = (struct ethhdr *)packet_buffer;mac_to_str(sour_mac,ethernet_header->h_source);mac_to_str(des_mac,ethernet_header->h_dest);printf("length of ethernet_head : %d \n",sizeof(struct ethhdr));printf("des_MAC : %s\n",des_mac);printf("sour_MAC : %s\n",sour_mac);printf("Protocal : %x\n",ntohs(ethernet_header->h_proto));}//MAC地址翻译void mac_to_str(char *szMac, unsigned char mac[6]){sprintf(szMac, "%X%X:%X%X:%X%X:%X%X:%X%X:%X%X", HIGH4(mac[0]), LOW4(mac[0]), HIGH4(mac[1]), LOW4(mac[1]), HIGH4(mac[2]), LOW4(mac[2]), HIGH4(mac[3]), LOW4(mac[3]), HIGH4(mac[4]), LOW4(mac[4]), HIGH4(mac[5]), LOW4(mac[5]));}
$ gcc get_mac.c -o get_mac -lpcap
- 自己动手学TCP/IP--以太网帧
- 自己动手学TCP/IP–tftp协议
- 自己动手学TCP/IP--traceroute程序
- 【TCP/IP】以太网帧格式
- 自己动手学TCP/IP--TCP连接三次握手
- 自己动手学TCP/IP–http协议(http报文格式)
- 自己动手学TCP/IP–http协议(http报文头)
- 自己动手学TCP/IP--ICMP(ping报文)
- 自己动手学TCP/IP–http协议(http报文格式)
- 自己动手学TCP/IP–http协议(http报文格式)
- 以太网帧,IP,TCP,UDP首部结构
- 以太网帧,IP,TCP,UDP首部结构
- 以太网帧格式(TCP/IP详解)
- TCP/IP详解 以太网帧格式
- 以太网,IP,TCP, UDP
- 以太网 IP TCP UDP 头部
- TCP/IP详解--数据链路层 & 以太网帧格式
- TCP/IP协议簇学习笔记——以太网帧
- hbase修复.META.表与HDFS文件不一致问题
- CX51 用户手册----MODP2 伪指令
- ios菜鸟之路:textfield隐藏键盘以及点击背景取消键盘
- android View.measure
- 自己写bootloader2 -init.c,基于s3c2440
- 自己动手学TCP/IP--以太网帧
- hbase中region的规划与硬盘配置分析
- 笔记-- vs2008 ,右键转到定义,弹出“未定义符号”
- android屏幕亮度的调整
- 拦截器中多个URL-PATTERN配置
- 切片源图片的工具MapCruncher使用说明
- MySQL 启动slave报错 ERROR 1201 (HY000)
- hbase入库过程中JVM 新生代大小配置试验
- centos 配置ip dns 固定的ip