程序博客网 > 淘宝有哪些漫画书店铺

流量分析篇(粗糙)

来源:互联网 发布:淘宝有哪些漫画书店铺 编辑:程序博客网 时间:2024/05/23 01:22
#include <stdlib.h>#include <string.h>#include <stdio.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#include <netdb.h>#include <linux/if_ether.h>#include <netinet/ip.h>#include <netinet/tcp.h>#include <netinet/udp.h>#include <net/if.h>#include <sys/ioctl.h>#include <fcntl.h>#include <unistd.h>#include <sys/types.h>#include <net/if_arp.h>#include <linux/icmp.h>#include <time.h>#include <signal.h>#define oops(msg){perror(msg);exit(0);}#define LEN 2048struct data_type     /*统计每个类型的数量*/{    int c_arp; //   float arp_percent;    int c_ip;  //  float ip_percent;    int c_icmp;   // float icmp_percent;    int c_udp;   // float udp_percent;    int c_tcp;   // float tcp_percent;}; struct packet_length /*统计每个类型的length*/{    int arp_length;    int ip_length;    int icmp_length;    int tcp_length;    int udp_length;};struct packet_length_per/*统计每个包的length,然后分区*/{    int len_0_19;    int len_20_39;    int len_40_79;    int len_80_159;    int len_160_319;    int len_320_639;    int len_640_1279;    int len_1280_2559;    int len_2560_5119;};struct eth_conversation{    char eth_addr_a[ETH_HLEN];    char eth_addr_b[ETH_HLEN];    int packets,bytes;    int packts_to,packets_from;    int bytes_to,bytes_from;    int duration;//秒为单位    float bps_to,bps_from;    struct eth_conversation*next;};struct ip_conversation{    struct in_addr addr_a;    struct in_addr addr_b;    int packets,bytes;    int packets_to,packets_from;    int bytes_to,bytes_from;    struct timeval val_s,val_e;    float start_time;    float  duration;//秒为单位    float bps_to,bps_from;    struct ip_conversation*next;};struct tcp_conversation{    struct in_addr addr_a;    struct in_addr addr_b;    int port_a,port_b;    int packets,bytes;    int packets_to,packets_from;    int bytes_to,bytes_from;    struct timeval val_s,val_e;    float start_time;    float duration;//秒为单位    float bps_to,bps_from;    struct tcp_conversation*next;};struct udp_conversation{    struct in_addr addr_a;    struct in_addr addr_b;    int port_a,port_b;    int packets,bytes;    int packets_to,packets_from;    int bytes_to,bytes_from;    struct timeval val_s,val_e;    float start_time;    float duration;//秒为单位    float bps_to,bps_from;    struct udp_conversation*next;};int packet=1;long int sum_bytes=0;FILE *f_summary=NULL,*f_eth_conversations=NULL;FILE *f_ip_conversations=NULL,*f_tcp_conversations=NULL;FILE *f_udp_conversations=NULL;int first_hour=0,first_min=0,first_sec=0;struct timeval tv_main;struct data_type dt;struct packet_length pl;struct packet_length_per plp;struct eth_conversation*eth_con_head=NULL;struct ip_conversation*ip_con_head=NULL;struct tcp_conversation*tcp_con_head=NULL;struct udp_conversation*udp_con_head=NULL;int get_raw_socket();int set_promisc(char*name,int sockfd);void print_mac(char*ptemp);void print_ip(char*ptemp);void packet_length_per_handler(int n_chars);void ip_module(char*,int n_chars);void icmp_module(char*,int ihl,int n_chars);void tcp_module(char*ptemp,int ihl,int n_chars);void udp_module(char*ptemp,int ihl,int n_chars);void arp_module(char*ptemp,int n_chars); void first_packet_time();void result_static();void result_summary();void result_eth_conversations();void result_ip_conversations();void result_tcp_conversations();void result_udp_conversations();void eth_conversation_handler(char *ptemp,int n_chars);void ip_conversation_handler(char*ptemp,int n_chars);void tcp_conversation_handler(char*ptemp,int ihl,int n_chars);void udp_conversation_handler(char*ptemp,int ihl,int n_chars);int main(int ac,char**av){    gettimeofday(&tv_main,NULL);    char buff[LEN];    bzero(buff,LEN);    int n_chars=0;    char *ptemp;    struct ethhdr*peth;    int data_len;    if(ac!=2)oops("usage:eth name");    int sockfd=get_raw_socket();    if(sockfd<0)oops("get_raw_socket");    if((set_promisc(av[1],sockfd))<0)oops("set promisc");    bzero(&dt,sizeof(dt));    bzero(&pl,sizeof(pl));    bzero(&plp,sizeof(plp));    signal(SIGINT,result_static);    f_summary=fopen("summary","w");    f_eth_conversations=fopen("eth_conversations","w");    f_ip_conversations=fopen("ip_conversations","w");    f_tcp_conversations=fopen("tcp_conversations","w");    f_udp_conversations=fopen("udp_conversations","w");    for(;;){if((n_chars=recvfrom(sockfd,buff,LEN,0,NULL,NULL))<0)    oops("recvfrom error");printf("packet:%d,packet_len:%d\n",packet++,n_chars);packet_length_per_handler(n_chars);sum_bytes+=n_chars;if(packet-1==1)    first_packet_time();    buff[n_chars]=0;ptemp=buff;eth_conversation_handler(ptemp,n_chars);peth=(struct ethhdr*)ptemp;print_mac(ptemp);u_short eth_type=ntohs(peth->h_proto);if(eth_type!=0x0800){    printf("2lay Type: arp\n");    arp_module(ptemp,n_chars);}else{    printf("2lay Type: ip\n");    ip_module(ptemp,n_chars); }printf("\n\n");    }}void ip_module(char*ptemp,int n_chars){        struct iphdr*pip=(struct iphdr*)(ptemp+14);    int  ihl=pip->ihl*4;    print_ip(ptemp);     dt.c_ip++;    pl.ip_length+=n_chars;    ip_conversation_handler(ptemp,n_chars);    switch(pip->protocol){case IPPROTO_ICMP:    icmp_module(ptemp,ihl,n_chars);    break;case IPPROTO_TCP:    tcp_module(ptemp,ihl,n_chars);    break;case IPPROTO_UDP:    udp_module(ptemp,ihl,n_chars);    break;default:    break;    }}void icmp_module(char*ptemp,int ihl,int n_chars){    printf("\t3lay type:icmp\n");    int len=ihl;    struct icmphdr*picmp=(struct icmphdr*)(ptemp+14+len);    char icmp_type=picmp->type;    dt.c_icmp++;    pl.icmp_length+=n_chars;    if(icmp_type==ICMP_ECHOREPLY)printf("\ticmp reply\n");    if(icmp_type==ICMP_ECHO)printf("\ticmp echo\n");}void tcp_module(char*ptemp,int ihl,int n_chars){    printf("\t3lay type:tcp\n");    int len=ihl;    struct tcphdr*ptcp=(struct tcphdr*)(ptemp+14+len);    dt.c_tcp++;    pl.tcp_length+=n_chars;    tcp_conversation_handler(ptemp,ihl,n_chars);}void udp_module(char*ptemp,int ihl,int n_chars){    printf("\t3lay type:udp\n");    int len=ihl;    struct udphdr*pudp=(struct udphdr*)(ptemp+14+len);    dt.c_udp++;    pl.udp_length+=n_chars;    udp_conversation_handler(ptemp,ihl,n_chars);}void arp_module(char*ptemp,int n_chars){    struct arphdr*parp=(struct arphdr*)(ptemp+14);    u_short  type=htons(parp->ar_op);    dt.c_arp++;    pl.arp_length+=n_chars;    if(type==0x0001)printf("arp request\n");    else if(type==0x0002)printf("arp reply\n");}void print_mac(char*ptemp){    if(!ptemp)oops("no mac addr");    int n=0xff;    printf("MAC:%02X:%02X:%02X:%02X:%02X:%02X====>"   "%02X:%02X:%02X:%02X:%02X:%02X\n",   ptemp[6]&n,ptemp[7]&n,ptemp[8]&n,ptemp[9]&n,ptemp[10]&n,           ptemp[11]&n,   ptemp[0]&n,ptemp[1]&n,ptemp[2]&n,ptemp[3]&n,ptemp[4]&n,   ptemp[5]&n);}void print_ip(char*ptemp){    if(!ptemp)oops("no ip addr");    struct iphdr*pip=(struct iphdr*)(ptemp+14);    struct sockaddr_in src,dst;    char src_[20],dst_[20];    src.sin_addr.s_addr=pip->saddr;    dst.sin_addr.s_addr=pip->daddr;    char *a1=inet_ntoa(src.sin_addr);    strcpy(src_,a1);    a1=inet_ntoa(dst.sin_addr);    strcpy(dst_,a1);    printf("IP %s======>%s\n",src_,dst_);}int get_raw_socket(){    int sockfd=socket(AF_PACKET,SOCK_RAW,htons(ETH_P_ALL));    if(sockfd<0)return -1;    return sockfd;}int set_promisc(char*nif,int sockfd){    struct ifreq ifr;    strncpy(ifr.ifr_name,nif,strlen(nif)+1);    if(ioctl(sockfd,SIOCGIFFLAGS,&ifr)==-1)return -1;    ifr.ifr_flags|=IFF_PROMISC;    if(ioctl(sockfd,SIOCSIFFLAGS,&ifr)==-1)return -1;    return 1;}void first_packet_time(){    time_t timep;    time(&timep);    struct tm*first_p=gmtime(&timep);    first_hour=first_p->tm_hour;    first_min=first_p->tm_min;    first_sec=first_p->tm_sec;}void result_summary(){    char last_packet[100]={0};    char first_packet[100]={0};    time_t timep;    struct tm*last_p;    time(&timep);    last_p=gmtime(&timep);    sprintf(first_packet,"fist packet:%d-%d-%d %d:%d:%d\n",1900+last_p->tm_year,    last_p->tm_mon,last_p->tm_mday,first_hour,first_min,first_sec);    sprintf(last_packet,"last packet:%d-%d-%d %d:%d:%d\n",1900+last_p->tm_year,    last_p->tm_mon,last_p->tm_mday,last_p->tm_hour,last_p->tm_min,last_p->tm_sec);    int str_len=strlen(last_packet);    last_packet[str_len]=0;    str_len=strlen(first_packet);    first_packet[str_len]=0;        fwrite(first_packet,strlen(first_packet),1,f_summary);    fwrite(last_packet,strlen(last_packet),1,f_summary);    int elapsed_hour=last_p->tm_hour-first_hour;    int elapsed_min=last_p->tm_min-first_min;    int elapsed_sec=last_p->tm_sec-first_sec;    if(elapsed_sec<0){elapsed_min--;elapsed_sec+=60;    }    float elapsed=elapsed_hour*3600+elapsed_min*60+elapsed_sec;    char str_info[1024]={0};    sprintf(str_info,"elapsed:\t%d:%d:%d\npacket:\t%d\nlength:\t%dbytes\navg.packet/sec:\t%.4f\navg.packet size:\t%.4f\navg.bytes/sec:\t%.4f\navg.MBit/sec:\t%.4f\n",  elapsed_hour,elapsed_min,elapsed_sec,  --packet,sum_bytes,  ((float)packet)/elapsed,((float)sum_bytes)/packet,  ((float)sum_bytes)/elapsed,(sum_bytes/1024)/elapsed);    int info_len=strlen(str_info);    str_info[info_len]=0;    fwrite(str_info,info_len,1,f_summary);    bzero(str_info,sizeof(str_info));    memcpy(str_info,"--------------------------\n",30);    info_len=strlen(str_info);    fwrite(str_info,info_len,1,f_summary);    bzero(str_info,sizeof(str_info));     sprintf(str_info,"arp:\t%d\t%.2f%\t\t%d\t%.2f%\n"             "ip:\t%d\t%.2f%\t%d\t%.2f%\n"     "icmp:\t%d\t%.2f%\t\t%d\t%.2f%\n"     "tcp:\t%d\t%.2f%\t%d\t%.2f%\n"     "udp:\t%d\t%.2f%\t\t%d\t%.2f%\n"     "unkonw:\t%d\t%d\n",    dt.c_arp,((float)dt.c_arp)/packet*100,    pl.arp_length,((float)pl.arp_length)/sum_bytes*100,    dt.c_ip, ((float)dt.c_ip)/packet*100,    pl.ip_length,((float)pl.ip_length)/sum_bytes*100,    dt.c_icmp,((float)dt.c_icmp)/packet*100,    pl.icmp_length,((float)pl.icmp_length)/sum_bytes*100,    dt.c_tcp,((float)dt.c_tcp)/packet*100,    pl.tcp_length,((float)pl.tcp_length)/sum_bytes*100,    dt.c_udp,((float)dt.c_udp)/packet*100,    pl.udp_length,((float)pl.udp_length)/sum_bytes*100,    dt.c_ip-dt.c_icmp-dt.c_tcp-dt.c_udp,    pl.ip_length-pl.icmp_length-pl.tcp_length-pl.udp_length);    info_len=strlen(str_info);    str_info[info_len]=0;    fwrite(str_info,info_len,1,f_summary);    bzero(str_info,sizeof(str_info));    memcpy(str_info,"--------------------------\n",30);    info_len=strlen(str_info);    fwrite(str_info,info_len,1,f_summary);    sprintf(str_info,"all\t\t%d\n"             "0-19\t\t%d\t%.2f%\n"     "20-39\t\t%d\t%.2f%\n"     "40-79\t\t%d\t%.2f%\n"     "80-159\t\t%d\t%.2f%\n"     "160-319\t\t%d\t%.2f%\n"     "320-639\t\t%d\t%.2f%\n"     "640-1279\t%d\t%.2f%\n"     "1280-2559\t%d\t%.2f%\n"     "2559-5119\t%d\t%.2f%\n",    packet,    plp.len_0_19,((float)plp.len_0_19)/packet*100,    plp.len_20_39,((float)plp.len_20_39)/packet*100,    plp.len_40_79,((float)plp.len_40_79)/packet*100,    plp.len_80_159,((float)plp.len_80_159)/packet*100,    plp.len_160_319,((float)plp.len_160_319)/packet*100,    plp.len_320_639,((float)plp.len_320_639)/packet*100,    plp.len_640_1279,((float)plp.len_640_1279)/packet*100,    plp.len_1280_2559,((float)plp.len_1280_2559)/packet*100,    plp.len_2560_5119);((float)plp.len_2560_5119)/packet*100,    info_len=strlen(str_info);    fwrite(str_info,info_len,1,f_summary);}void eth_conversation_handler(char *ptemp,int n_chars){    struct eth_conversation*peth_con=eth_con_head;    struct ethhdr*peth=(struct ethhdr*)ptemp;        while(peth_con){           if(   (   strcmp(peth_con->eth_addr_a,peth->h_source)==0&&    strcmp(peth_con->eth_addr_b,peth->h_dest)==0    )||    (    strcmp(peth_con->eth_addr_a,peth->h_dest)==0&&    strcmp(peth_con->eth_addr_b,peth->h_source)==0    )      ){peth_con->packets++;peth_con->bytes+=n_chars;goto done;    }    elsepeth_con=peth_con->next;}    if(peth_con==NULL){peth_con=malloc(sizeof(struct eth_conversation));bzero(peth_con,sizeof(struct eth_conversation));memcpy(peth_con->eth_addr_a,peth->h_source,ETH_HLEN);memcpy(peth_con->eth_addr_b,peth->h_dest,ETH_HLEN);peth_con->packets=1;peth_con->bytes=n_chars;peth_con->next=eth_con_head;eth_con_head=peth_con;}done:    return;}void result_eth_conversations(){    struct eth_conversation*peth_con=eth_con_head;    char str_info[1024]={0};    sprintf(str_info,"Address A\t\t Address B\t\tpackets\t\tbytes\n");    int info_len=strlen(str_info);    str_info[info_len]=0;    fwrite(str_info,info_len,1,f_eth_conversations);    int n=0xff;    while(peth_con){   bzero(str_info,sizeof(str_info));           sprintf(str_info,   "%02X:%02X:%02X:%02X:%02X:%02X\t"   "%02X:%02X:%02X:%02X:%02X:%02X\t"   "%d\t%d\n",   peth_con->eth_addr_a[0]&n,   peth_con->eth_addr_a[1]&n,   peth_con->eth_addr_a[2]&n,   peth_con->eth_addr_a[3]&n,   peth_con->eth_addr_a[4]&n,   peth_con->eth_addr_a[5]&n,   peth_con->eth_addr_b[0]&n,   peth_con->eth_addr_b[1]&n,   peth_con->eth_addr_b[2]&n,   peth_con->eth_addr_b[3]&n,   peth_con->eth_addr_b[4]&n,   peth_con->eth_addr_b[5]&n,   peth_con->packets,peth_con->bytes);       info_len=strlen(str_info);           str_info[info_len]=0;           fwrite(str_info,info_len,1,f_eth_conversations);   peth_con=peth_con->next;    }}void ip_conversation_handler(char *ptemp,int n_chars){    struct ip_conversation*pip_con=ip_con_head;    struct iphdr*pip=(struct iphdr*)(ptemp+14);    struct timeval tv;    while(pip_con){if(pip->saddr==pip_con->addr_a.s_addr&&pip->daddr==pip_con->addr_b.s_addr){    gettimeofday(&tv,NULL);    pip_con->val_e.tv_sec=tv.tv_sec-tv_main.tv_sec;    pip_con->val_e.tv_usec=tv.tv_usec-tv_main.tv_usec;    pip_con->packets_to++;    pip_con->bytes_to+=n_chars;    pip_con->packets++;    pip_con->bytes+=n_chars;    goto done;}else if(pip->saddr==pip_con->addr_b.s_addr&&pip->daddr==pip_con->addr_a.s_addr){    gettimeofday(&tv,NULL);    pip_con->val_e.tv_sec=tv.tv_sec-tv_main.tv_sec;    pip_con->val_e.tv_usec=tv.tv_usec-tv_main.tv_usec;    pip_con->packets_from++;    pip_con->bytes_from+=n_chars;    pip_con->packets++;    pip_con->bytes+=n_chars;    goto done;}else    pip_con=pip_con->next;    }    if(pip_con==NULL){gettimeofday(&tv,NULL);pip_con=malloc(sizeof(struct ip_conversation));bzero(pip_con,sizeof(struct ip_conversation));pip_con->val_s.tv_sec=tv.tv_sec-tv_main.tv_sec;pip_con->val_s.tv_usec=tv.tv_usec-tv_main.tv_usec;        pip_con->addr_a.s_addr=(pip->saddr);          pip_con->addr_b.s_addr=(pip->daddr);pip_con->packets=1;pip_con->bytes=n_chars;pip_con->bytes_to=n_chars;pip_con->packets_to=1;pip_con->bytes_from=0;pip_con->packets_from=0;pip_con->next=ip_con_head;ip_con_head=pip_con;    }done:    return;}void result_ip_conversations(){    struct ip_conversation*pip_con=ip_con_head;    char str_info[1024]={0};    sprintf(str_info,"Address A\tAddress B\tpackets\tbytes\tpacket A->B\t"    "bytes A->B\tpacket B->A\tbytes B->A\tstart_time\tduration\n");    int info_len=strlen(str_info);    str_info[info_len]=0;    fwrite(str_info,info_len,1,f_ip_conversations);    char *a1;    char a2[20],a3[20];    while(pip_con){bzero(str_info,sizeof(str_info));a1=inet_ntoa(pip_con->addr_a);strcpy(a2,a1);a1=inet_ntoa(pip_con->addr_b);strcpy(a3,a1);pip_con->start_time=((float)pip_con->val_s.tv_sec+(float)pip_con->val_s.tv_usec/1000000);pip_con->duration=((float)pip_con->val_e.tv_sec+(float)pip_con->val_e.tv_usec/1000000-(float)pip_con->val_s.tv_sec- (float)pip_con->val_s.tv_usec/1000000);sprintf(str_info,"%s\t%s\t%d\t%d\t%d\t\t%d\t\t%d\t\t%d\t\t%.6f\t%.6f\n",a2,a3,pip_con->packets,pip_con->bytes,pip_con->packets_to,pip_con->bytes_to,pip_con->packets_from,pip_con->bytes_from,pip_con->start_time,pip_con->duration);info_len=strlen(str_info);str_info[info_len]=0;fwrite(str_info,info_len,1,f_ip_conversations);pip_con=pip_con->next;    }}void tcp_conversation_handler(char *ptemp,int ihl,int n_chars){    struct tcp_conversation*ptcp_con=tcp_con_head;    struct iphdr*pip=(struct iphdr*)(ptemp+14);    struct tcphdr*ptcp=(struct tcphdr*)(ptemp+ihl+14);    struct timeval tv;    while(ptcp_con){if(ptcp_con->addr_a.s_addr==pip->saddr&&ptcp_con->addr_b.s_addr==pip->daddr&&ptcp_con->port_a==ptcp->source&&ptcp_con->port_b==ptcp->dest){    gettimeofday(&tv,NULL);    ptcp_con->val_e.tv_sec=tv.tv_sec-tv_main.tv_sec;    ptcp_con->val_e.tv_usec=tv.tv_usec-tv_main.tv_usec;    ptcp_con->packets_to++;    ptcp_con->bytes_to+=n_chars;    ptcp_con->packets++;    ptcp_con->bytes+=n_chars;    goto done;}else if(ptcp_con->addr_a.s_addr==pip->daddr&&            ptcp_con->addr_b.s_addr==pip->saddr&&    ptcp_con->port_a==ptcp->dest&&    ptcp_con->port_b==ptcp->source){    gettimeofday(&tv,NULL);    ptcp_con->val_e.tv_sec=tv.tv_sec-tv_main.tv_sec;    ptcp_con->val_e.tv_usec=tv.tv_usec-tv_main.tv_usec;    ptcp_con->packets_from++;    ptcp_con->bytes_from+=n_chars;    ptcp_con->packets++;    ptcp_con->bytes+=n_chars;    goto done;}else     ptcp_con=ptcp_con->next;    }    if(ptcp_con==NULL){gettimeofday(&tv,NULL);ptcp_con=malloc(sizeof(struct tcp_conversation));bzero(ptcp_con,sizeof(struct tcp_conversation));ptcp_con->val_s.tv_sec=tv.tv_sec-tv_main.tv_sec;ptcp_con->val_s.tv_usec=tv.tv_usec-tv_main.tv_usec;ptcp_con->addr_a.s_addr=(pip->saddr);ptcp_con->addr_b.s_addr=(pip->daddr);ptcp_con->port_a=(ptcp->source);ptcp_con->port_b=(ptcp->dest);ptcp_con->packets=1;ptcp_con->bytes=n_chars;ptcp_con->bytes_to=n_chars;ptcp_con->packets_to=1;ptcp_con->bytes_from=0;ptcp_con->packets_from=0;ptcp_con->next=tcp_con_head;        tcp_con_head=ptcp_con;    }done:    return;}void result_tcp_conversations(){    struct tcp_conversation*ptcp_con=tcp_con_head;    char str_info[1024]={0};    sprintf(str_info,"Address A\tport A\tAddress B\tport B\tpackets\tbytes\tpacket A->B\t"    "bytes A->B\tpacket B->A\tbytes B->A\tstart_time\tduration\n");    int info_len=strlen(str_info);    str_info[info_len]=0;    fwrite(str_info,info_len,1,f_tcp_conversations);    char *a1;    char a2[20],a3[20];    int porta,portb;    while(ptcp_con){bzero(str_info,sizeof(str_info));a1=inet_ntoa(ptcp_con->addr_a);strcpy(a2,a1);a1=inet_ntoa(ptcp_con->addr_b);strcpy(a3,a1);porta=ntohs(ptcp_con->port_a);portb=ntohs(ptcp_con->port_b);ptcp_con->start_time=((float)ptcp_con->val_s.tv_sec+(float)ptcp_con->val_s.tv_usec/1000000);ptcp_con->duration=((float)ptcp_con->val_e.tv_sec+(float)ptcp_con->val_e.tv_usec/1000000-(float)ptcp_con->val_s.tv_sec-(float)ptcp_con->val_s.tv_usec/1000000);sprintf(str_info,"%s\t%d\t%s\t%d\t%d\t%d\t%d\t\t%d\t\t%d\t\t%d\t\t%.6f\t\t%.6f\n",a2,porta,a3,portb,ptcp_con->packets,ptcp_con->bytes,ptcp_con->packets_to,ptcp_con->bytes_to,ptcp_con->packets_from,ptcp_con->bytes_from,ptcp_con->start_time,ptcp_con->duration);info_len=strlen(str_info);str_info[info_len]=0;fwrite(str_info,info_len,1,f_tcp_conversations);ptcp_con=ptcp_con->next;    }}void udp_conversation_handler(char *ptemp,int ihl,int n_chars){    struct udp_conversation*pudp_con=udp_con_head;    struct iphdr*pip=(struct iphdr*)(ptemp+14);    struct udphdr*pudp=(struct udphdr*)(ptemp+ihl+14);    while(pudp_con){if(pudp_con->addr_a.s_addr==pip->saddr&&pudp_con->addr_b.s_addr==pip->daddr&&pudp_con->port_a==pudp->source&&pudp_con->port_b==pudp->dest){    pudp_con->packets_to++;    pudp_con->bytes_to+=n_chars;    pudp_con->packets++;    pudp_con->bytes+=n_chars;    goto done;}else if(pudp_con->addr_a.s_addr==pip->daddr&&            pudp_con->addr_b.s_addr==pip->saddr&&    pudp_con->port_a==pudp->dest&&    pudp_con->port_b==pudp->source){    pudp_con->packets_from++;    pudp_con->bytes_from+=n_chars;    pudp_con->packets++;    pudp_con->bytes+=n_chars;    goto done;}else     pudp_con=pudp_con->next;    }    if(pudp_con==NULL){pudp_con=malloc(sizeof(struct udp_conversation));bzero(pudp_con,sizeof(struct udp_conversation));pudp_con->addr_a.s_addr=(pip->saddr);pudp_con->addr_b.s_addr=(pip->daddr);pudp_con->port_a=(pudp->source);pudp_con->port_b=(pudp->dest);pudp_con->packets=1;pudp_con->bytes=n_chars;pudp_con->bytes_to=n_chars;pudp_con->packets_to=1;pudp_con->bytes_from=0;pudp_con->packets_from=0;pudp_con->next=udp_con_head;        udp_con_head=pudp_con;    }done:    return;}void result_udp_conversations(){    struct udp_conversation*pudp_con=udp_con_head;    char str_info[1024]={0};    sprintf(str_info,"Address A\tport A\tAddress B\tport B\tpackets\tbytes\tpacket A->B\t"    "bytes A->B\tpacket B->A\tbytes B->A\n");    int info_len=strlen(str_info);    str_info[info_len]=0;    fwrite(str_info,info_len,1,f_udp_conversations);    char *a1;    char a2[20],a3[20];    int porta,portb;    while(pudp_con){bzero(str_info,sizeof(str_info));a1=inet_ntoa(pudp_con->addr_a);strcpy(a2,a1);a1=inet_ntoa(pudp_con->addr_b);strcpy(a3,a1);porta=ntohs(pudp_con->port_a);portb=ntohs(pudp_con->port_b);sprintf(str_info,"%s\t%d\t%s\t%d\t%d\t%d\t%d\t\t%d\t\t%d\t\t%d\n",a2,porta,a3,portb,pudp_con->packets,pudp_con->bytes,pudp_con->packets_to,pudp_con->bytes_to,pudp_con->packets_from,pudp_con->bytes_from);info_len=strlen(str_info);str_info[info_len]=0;fwrite(str_info,info_len,1,f_udp_conversations);pudp_con=pudp_con->next;    }}void packet_length_per_handler(int n_chars){    if(n_chars>0&&n_chars<=19)plp.len_0_19++;    else if(n_chars<=39)plp.len_20_39++;    else if(n_chars<=79)plp.len_40_79++;    else if(n_chars<=159)plp.len_80_159++;    else if(n_chars<=319)plp.len_160_319++;    else if(n_chars<=639)plp.len_320_639++;    else if(n_chars<=1279)plp.len_640_1279++;    else if(n_chars<=2559)plp.len_1280_2559++;    else plp.len_2560_5119++;}void result_static(){    result_summary();    result_eth_conversations();    result_ip_conversations();    result_tcp_conversations();    result_udp_conversations();    exit(0);//非常重要,响应INT信号后,需要结束程序,这样才能把信息写入}


0 0
淘宝有哪些漫画书店铺 淘宝有哪些漫画书店铺
原创粉丝点击
热门IT博客
java maven 项目结构java maven 项目结构
电影知无涯者拉马努金电影知无涯者拉马努金
金建数据见证取样贵阳
浙江省软件协会
娇韵诗瘦脸精华 知乎
linux mysql登录命令
linux zip压缩文件
如何更换手机淘宝号码
知彼而知己是什么意思
淘宝店铺收藏
淘宝客怎么做地推
摩卡软件招聘
js 算法是什么
日本产假多少天 知乎
软件壳
tt风扇软件
淘宝韩国正品女装
绝对计划 知乎
微型无线窃听设备淘宝
挂号系统源码
热门问题 老师的惩罚 人脸识别 我在镇武司摸鱼那些年 重生之率土为王 我在大康的咸鱼生活 盘龙之生命进化 天生仙种 凡人之先天五行 春回大明朝 姑娘不必设防,我是瞎子 高强螺栓检测项目 花篮螺栓价格 热镀锌螺栓生产厂家 化学螺栓规格 膨胀螺栓原理 高强螺栓等级 模板对拉螺栓 地脚螺栓价格表 活动地脚螺栓 螺栓规格型号 马头鱼尾怪兽饰品 什么是高强度螺栓 防松螺母 铆螺母 锁紧螺母 螺母规格表 铜螺母 螺母规格 锚杆螺母 细牙螺母 螺母机 m20螺母 卡式螺母 组合螺母 螺母柱 焊接螺母柱 铝型材螺母 螺母画法 螺母尺寸 螺母是什么 螺母型号 螺母大全 螺母标准 滚花铜螺母 螺母鞋垫 内外牙螺母 螺母加工 铜螺母厂家 铆接螺母 螺母机器 螺母扭矩

程序博客网,程序员的互联网技术博客家园。csdn论坛精品 msdn技术资料都在这里