如何通过原始套接字接收来自指定网络设备接口的数据包呢?
现在面临一个问题,我有一块基于linux2.6内核的开发板;开发板在lan侧有eth1 eth2 eth3 eth4 eth0 这样5个网络设备接口
我可以成功的使用原始网络套接字向指定的网络设备发包:
发包程序如下:
int sock;
char intfname[16];
struct sockaddr_ll dest;
struct sockaddr_ll sll;
memset(&dest,0,sizeof(dest));
memset(&sll,0,sizeof(sll));
strcpy(intfname,argv[1]);
dest.sll_family=AF_PACKET;
dest.sll_protocol=htons(ETH_P_ALL);
if ( (sock=socket(PF_PACKET, SOCK_RAW,
htons(ETH_P_ALL)))<0) {
perror("socket"
;
exit(1);
}
sll.sll_family = AF_PACKET;
sll.sll_ifindex = Get_IfaceIndex(sock,intfname);
sll.sll_protocol = htons(ETH_P_ALL);
dest.sll_ifindex =sll.sll_ifindex;
dest.sll_halen = 6;
memcpy((char*)dest.sll_addr,SendBuffer,6);
if(bind(sock,(struct sockaddr *)(&sll),sizeof(sll))==-1)
{
printf("bind error!!\n";
return (void*)(-1);
}
if(set_Iface_promisc(sock,sll.sll_ifindex) == -1)
{
printf("BLUE set promisc failed !\n";
return (void*)(-1);
}
printf("\n\n\n\n----send start------\n";
print_eth(0,SendBuffer,64);
sendto(sock,&SendBuffer,64,0,(struct sockaddr *)(&dest),sizeof(dest));
//printf("send to %x:%x:%x:%x:%x:%x\n",dest.sll_addr[0],dest.sll_addr[1],dest.sll_addr[2],dest.sll_addr[3],dest.sll_addr[4],dest.sll_addr[5]);
printf("---send success----\n";
return (void*)0;
return 0;
}
这个是没有问题的;可以发向指定的网络设备
但是,如下的接收程序就有问题;
int main(int argc, char **argv) {
int sock, n;
char buffer[2048];
unsigned char *iphead, *ethhead;
struct sockaddr_ll sll;
if(argc != 3){
printf("need interface name and protocol as arguments\n";
return -1;
}
if ( (sock=socket(PF_PACKET, SOCK_RAW,
htons(ETH_P_ALL)))<0) {
perror("socket";
exit(1);
}
sll.sll_family = PF_PACKET;
sll.sll_ifindex = Get_IfaceIndex(sock,argv[1]); //通过此处传入网络设备接口
//sll.sll_protocol = htons(atoi(argv[2]));
sll.sll_protocol=htons(ETH_P_ALL);
if(bind(sock,(struct sockaddr *)(&sll),sizeof(sll))==-1)
{
printf("bind error:%s !\n",strerror(errno));
return -1;
}
if(set_Iface_promisc(sock,sll.sll_ifindex) == -1)
{
printf("BLUE set promisc failed !\n";
return -1;
}
while (1) {
printf("-----recive start-----\n";
n = recvfrom(sock,buffer,2048,0,NULL,NULL);
printf("%d bytes read\n",n);
printf("index:%d\n",sll.sll_ifindex );
/* Check to see if the packet contains at least
* complete Ethernet (14), IP (20) and TCP/UDP
* (
headers.
*/
if (n<42) {
perror("recvfrom():";
printf("Incomplete packet (errno is %d)\n",
errno);
close(sock);
exit(0);
}
ethhead = buffer;
printf("Source MAC address: "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
ethhead[0],ethhead[1],ethhead[2],
ethhead[3],ethhead[4],ethhead[5]);
printf("Destination MAC address: "
"%02x:%02x:%02x:%02x:%02x:%02x\n",
ethhead[6],ethhead[7],ethhead[8],
ethhead[9],ethhead[10],ethhead[11]);
printf("protocal:"
"0x%02x%02x\n",ethhead[12],ethhead[13]);
iphead = buffer+14; /* Skip Ethernet header */
if (*iphead==0x45) { /* Double check for IPv4
* and no options present */
printf("Source host %d.%d.%d.%d\n",
iphead[12],iphead[13],
iphead[14],iphead[15]);
printf("Dest host %d.%d.%d.%d\n",
iphead[16],iphead[17],
iphead[18],iphead[19]);
printf("Source,Dest ports %d,%d\n",
(iphead[20]<<+iphead[21],
(iphead[22]<<+iphead[23]);
printf("Layer-4 protocol %d\n",iphead[9]);
}
print_eth(1,buffer,512);
}
}
比如,我原本想指定eth1进行接收,意思是说我只想该接收函数接收来自eth1的数据包;但是,在实际运行中,发现该接收函数会接收来自eth2 eth3 eth4 eth0的数据包
这个地方是为什么呢?
恳请大虾们指点迷津啊 ~~~感谢啊啊
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
本帖最后由 bekars 于 2011-05-17 14:35 编辑
看一下tcpdump的源码
strace tcpdump -ni eth0 会有帮助