資源簡介
本次設計的目標是捕獲網絡中的IP數據包,解析數據包的內容,將結果顯示在標準輸出上,并同時寫入日志文件。
實驗要求:
1)以命令行形式運行:ipparse logfile , 其中ipparse是程序名,而logfile則代表記錄結果的日志文件。
2)在標準輸出和日志文件寫入捕獲的IP包的版本、頭長度、服務類型、數據包總長度、數據包標識、分段標志、分段偏移值、生存時間、上層協議類型、頭校驗和、源IP地址和目的IP地址等內容。
代碼片段和文件信息
//?AnalysisIP.cpp?:?定義控制臺應用程序的入口點。
//
#include?“stdafx.h“
#include?“winsock2.h“
#include?“ws2tcpip.h“
#include?“iostream“
#include?“stdio.h“
#pragma???comment(lib“ws2_32.lib“)
using?namespace?std;
/*定義IP頭部數據結構*/
typedef?struct?_IP_HEADER
{
union
{
BYTE?Version;????//版本(前四位)??
BYTE?HdrLen;??????//報頭標長(后四位),IP頭長度
};
BYTE?ServiceType;????//服務類型
WORD?TotalLen;??????//總長度
WORD?ID;????????????//標志?
union
{
WORD?Flags;
WORD?FragOff;
};
BYTE?TimeToLive;????//生存時間
BYTE?Protocol;?????//協議?
WORD?HdrChksum;???????//首部檢驗和
DWORD?SrcAddr;??????//源地址
DWORD?DstAddr;??????//目的地址
BYTE?Options;
}IP_HEADER;
/*逐位解析IP頭中的信息,獲取版本號*/
void?getVersion(BYTE?b?BYTE?&?version)
{
version?=?b?>>?4;
}
void?getIHL(BYTE?b?BYTE?&?result)
{
result?=?(b?&?0x0f)?*?4;
}
/*解析服務類型*/
char?*?parseServiceType_getProcedence(BYTE?b)
{
switch?(b?>>?5)
{
case?7:
return?“Network?Control“;
break;
case?6:
return?“Internet?work?Control“;
break;
case?5:
return?“CRITIC/ECP“;
break;
case?4:
return?“Flash?Override“;
break;
case?3:
return?“Flsah“;
break;
case?2:
return?“Immediate“;
break;
case?1:
return?“Priority“;
break;
case?0:
return?“Routine“;
break;
default:
return?“Unknow“;
break;
}
}
char?*?parseServiceType_getTOS(BYTE?b)
{
b?=?(b?>>?1)?&?0x0f;
switch?(b)
{
case?0:
return?“Normal?service“;
break;
case?1:
return?“Minimize?monetary?cost“;
break;
case?2:
return?“Maximize?reliability“;
break;
case?4:
return?“Maximize?throughput“;
break;
case?8:
return?“Minimize?delay“;
break;
case?15:
return?“Maximize?security“;
break;
default:
return?“Unknow“;
}
}
/*?獲取禁止分片標志和分片標志?*/
void?getFlags(WORD?w?BYTE?&?DF?BYTE?&?MF)
{
DF?=?(w?>>?14)?&?0x01;
MF?=?(w?>>?13)?&?0x01;
}
/*?獲取分片偏移量?*/
void?getFragOff(WORD?w?WORD?&?fragOff)
{
fragOff?=?w?&?0x1fff;
}
/*獲取協議*/
char?*?getProtocol(BYTE?Protocol)
{
switch?(Protocol)
{
case?1:
return?“ICMP“;
case?2:
return?“IGMP“;
case?4:
return?“IP?in?IP“;
case?6:
return?“TCP“;
case?8:
return?“EGP“;
case?17:
return?“UDP“;
case?41:
return?“IPv6“;
case?46:
return?“RSVP“;
case?89:
return?“OSPF“;
default:
return?“UNKNOW“;
}
}
/*?解析IP數據包?*/
void?ipparse(FILE*?file?char*?buffer)
{
IP_HEADER?ip?=?*(IP_HEADER*)buffer;
fseek(file?0?SEEK_END);
BYTE?version;
getVersion(ip.Version?version);
fprintf(file?“IP包版本=%d\r\n“?version);
BYTE?headerLen;
getIHL(ip.HdrLen?headerLen);
fprintf(file?“頭長度=%d(BYTE)\r\n“?headerLen);
fprintf(file?“服務類型=%s%s\r\n“
parseServiceType_getProcedence(ip.ServiceType)
parseServiceType_getTOS(ip.ServiceType));
fprintf(file?“數據包總長度=%d(BYTE)\r\n“?ip.TotalLen);
fprintf(file?“數據包標識=%d\r\n“?ip.ID);
BYTE?DF?MF;
getFlags(ip.Flags?DF?MF);
fprintf(file?“分段標志?DF=%dMF=%d\r\n“?DF?MF);
WORD?fragOff;
getFragOff(ip.FragOff?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----
?????目錄???????????0??2016-04-12?20:38??AnalysisIP\
?????目錄???????????0??2016-04-12?20:38??AnalysisIP\.vs\
?????目錄???????????0??2016-04-12?20:38??AnalysisIP\.vs\AnalysisIP\
?????目錄???????????0??2016-04-12?20:38??AnalysisIP\.vs\AnalysisIP\v14\
?????文件???????25088??2016-04-12?20:38??AnalysisIP\.vs\AnalysisIP\v14\.suo
?????目錄???????????0??2016-04-12?20:38??AnalysisIP\AnalysisIP\
?????文件????????1312??2016-04-12?19:18??AnalysisIP\AnalysisIP.sln
?????文件????32571392??2016-04-12?20:38??AnalysisIP\AnalysisIP.VC.db
?????文件????????5145??2016-04-12?19:32??AnalysisIP\AnalysisIP\AnalysisIP.cpp
?????文件????????8109??2016-04-12?19:20??AnalysisIP\AnalysisIP\AnalysisIP.vcxproj
?????文件????????1317??2016-04-12?19:18??AnalysisIP\AnalysisIP\AnalysisIP.vcxproj.filters
?????目錄???????????0??2016-04-12?20:38??AnalysisIP\AnalysisIP\Debug\
?????文件??????????84??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.log
?????文件???????74676??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.obj
?????文件?????3407872??2016-04-12?19:20??AnalysisIP\AnalysisIP\Debug\AnalysisIP.pch
?????目錄???????????0??2016-04-12?20:38??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\
?????文件?????????183??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\AnalysisIP.lastbuildstate
?????文件????????1686??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\CL.command.1.tlog
?????文件???????34662??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\CL.read.1.tlog
?????文件?????????826??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\CL.write.1.tlog
?????文件????????1164??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\li
?????文件????????3150??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\li
?????文件?????????428??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\AnalysisIP.tlog\li
?????文件???????11859??2016-04-12?19:20??AnalysisIP\AnalysisIP\Debug\stdafx.obj
?????文件??????814080??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\vc140.idb
?????文件??????495616??2016-04-12?19:33??AnalysisIP\AnalysisIP\Debug\vc140.pdb
?????文件???????89047??2016-04-12?20:24??AnalysisIP\AnalysisIP\logfile.txt
?????文件????????1531??2016-04-12?19:18??AnalysisIP\AnalysisIP\ReadMe.txt
?????文件?????????214??2016-04-12?19:18??AnalysisIP\AnalysisIP\stdafx.cpp
?????文件?????????234??2016-04-12?19:18??AnalysisIP\AnalysisIP\stdafx.h
?????文件?????????240??2016-04-12?19:18??AnalysisIP\AnalysisIP\targetver.h
............此處省略8個文件信息
評論
共有 條評論
川公網安備 51152502000135號