Libnet/libnids library functions about __ functions

In the development of network security Tools on UNIX system platform, the most popular C API library is libnet,
Libpcap, Libnids and libicmp. They provide different function functions from different levels and angles respectively. Make
Network developers can ignore the implementation of the details of the network, so as to focus on the specific functions of the program itself design and development
。 which

* The interface functions provided by libnet mainly implement and encapsulate the construction and sending process of the packet.

* Libpcap provides interface functions that primarily implement and encapsulate the process associated with packet interception.

* The interface function provided by Libnids mainly realizes some necessary structure framework for developing network intrusion monitoring system.

* LIBICMP is relatively simple, it encapsulates the ICMP packet's main processing process (construction, send, receive, etc.
)。

Using the interface of these C function libraries, network security tool developers can easily write the structure of strong,
Strong, portable high characteristics of the procedures, such as scanner, sniffer, firewall, IDs and so on.


---[[libnet]]------------------------------------------

The latest version of the Libnet Library is 1.0.0, which is about 7600 lines of C source code, 33 source program files, 12 C header files
, more than 50 custom functions, provided the interface function contains 15 kinds of packet generator and two packet transmitter (IP layer
and data link layer). Only IPV4 is currently supported and IPV6 is not supported. The tested system platforms include:

* OpenBSD 2.6snap, 2.5, 2.4, 2.3, 2.2 (i386)
* FreeBSD 4.0-stable, 3.3-stable, 3.2-release, 3.1-current, 3.0, 2.2 (i386)
* NetBSD 1.3.2 (i386)
* Bsd/os 3.x (i386)
* BSDI 3.0 (i386)
* Linux 2.2.x, 2.0.3x, 2.1.124 (i386, Alpha) (libc:2.4.x, glibc:2.0.x)
* Solaris 7 (SPARC, GCC 2.7.2[13], 2.8.2), 2.6 (SPARC, gcc 2.8.2),
2.5.x (SPARC, gcc 2.7.2[13])
* IRIX 6.2
* MacOS 5.3rhapsody (PowerPC)

The interface functions provided by Libnet can be divided into four categories according to their function:

* Memory Management (allocation and release) functions
* Address resolution function
* Packet Constructors
* Packet Send function

These interface functions and their functions are listed below (their parameter meanings are straightforward and no longer explained):


★ Memory Management functions

Single Packet Memory initialization:
int Libnet_init_packet (U_short packet_size, U_char **buf);

Single Packet Memory release:
void Libnet_destroy_packet (U_char **buf);

Most of the packet memory initialization:
int Libnet_init_packet_arena (struct Libnet_arena **arena,
U_short packet_num, U_short packet_size);

To access the next packet in multiple-packet memory:
U_char *libnet_next_packet_from_arena (struct Libnet_arena **arena,
U_short packet_size);

Most packets are freed from memory:
void Libnet_destroy_packet_arena (struct Libnet_arena **arena);


★ Address Resolution function

Resolve Host Name:
U_char *libnet_host_lookup (u_long IP, u_short use_name);

Resolve Host name (Reentrant function):
void Libnet_host_lookup_r (u_long IP, u_short use_name, U_char *buf);

Domain Name resolution:
U_long libnet_name_resolve (U_char *ip, u_short use_name);

To obtain an interface device IP address:
U_long libnet_get_ipaddr (struct libnet_link_int *l,
Const U_char *device, const U_char *EBUF);

Get interface Device hardware address:
struct ether_addr *libnet_get_hwaddr (struct libnet_link_int *l,
Const U_char *device,
Const U_char *EBUF);


★ Packet Constructors

ARP protocol packet:
int Libnet_build_arp (u_short hrdw, u_short prot, U_short H_len,
U_short P_len, U_short op, U_char *s_ha,
U_char *s_pa, U_char *t_ha, U_char *t_pa,
Const U_CHAR *payload, int payload_len,
U_char *packet_buf);

DNS Protocol packet:
int Libnet_build_dns (u_short ID, u_short flags, U_short num_q,
U_short NUM_ANSW_RR, U_short num_auth_rr,
U_short NUM_ADD_RR, const U_CHAR * payload,
int Payload_len, U_char *packet_buf);

Ethernet Protocol Packet:
int libnet_build_ethernet (U_char *daddr, U_char *saddr, u_short ID,
Const U_CHAR *payload, int payload_len,
U_char *packet_buf);

ICMP Protocol Packet (icmp_echo/icmp_echoreply):
int Libnet_build_icmp_echo (u_char type, U_char code, u_short ID,
U_short seq, const U_char *payload,
int Payload_len, U_char *packet_buf);

ICMP Protocol Packet (icmp_maskreq/icmp_maskreply):
int Libnet_build_icmp_mask (u_char type, U_char code, u_short ID,
U_short seq, U_long Mask,
Const U_CHAR *payload, int payload_len,
U_char *packet_buf);

ICMP Protocol Packet (Icmp_unreach):
int Libnet_build_icmp_unreach (u_char type, U_char code,
U_short Orig_len, U_char Orig_tos,
U_short orig_id, U_short Orig_frag,
U_char Orig_ttl, U_char Orig_prot,
U_long orig_saddr, U_long orig_daddr,
Const U_CHAR *payload, int payload_len,
U_char *packet_buf);

ICMP Protocol Packet (Icmp_timexceed):
int Libnet_build_icmp_timeexceed (u_char type, U_char code,
U_short Orig_len, U_char Orig_tos,
U_short orig_id, U_short Orig_frag,
U_char Orig_ttl, U_char Orig_prot,
U_long orig_saddr, U_long orig_daddr,
Const U_CHAR *payload, int payload_len,
U_char *packet_buf);

ICMP Protocol Packet (Icmp_redirect):
int Libnet_build_icmp_redirect (u_char type, U_char code, U_long Gateway,
U_short Orig_len, U_char Orig_tos,
U_short orig_id, U_short Orig_frag,
U_char Orig_ttl, U_char Orig_prot,
U_long orig_saddr, U_long orig_daddr,
Const U_CHAR *payload, int payload_len,
U_char *packet_buf);

ICMP Protocol Packet (icmp_tstamp/icmp_tstampreply):
int Libnet_build_icmp_timestamp (u_char type, U_char code, u_short ID,
U_short seq, n_time otime, N_time rtime,