Linux Network Programming--Original Socket instance: Analysis of MAC head message

Last Update:2015-04-01 Source: Internet

Author: User

Tags sprintf htons

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Through the Linux network programming-the original socket programming, we know that we can get the link layer packets through the raw sockets and recvfrom (), what is the link layer Packet we receive ?

Link Layer envelope format

MAC head (wired LAN)

Note: CRC, PAD can be ignored when group package

One of the scenarios of a link-layer packet:

1UnsignedCharmsg[1024x768] = {2     //--------------Group mac--------------3     0xb8,0x88,0xe3,0xe1,0x10,0xe6,//Dst_mac:b8:88:e3:e1:10:e64     0xc8,0x9c,0xdc,0xb7,0x0f,0x19,//src_mac:c8:9c:dc:b7:0f:195     0x08,0x00,//type: 0x0800 IP protocol6     //... ....7     //... ....8};

Receive the link-layer packets and perform a simple analysis of them:

1#include <stdio.h>2#include <string.h>3#include <stdlib.h>4#include <sys/socket.h>5#include <netinet/inch.h>6#include <arpa/inet.h>7#include <netinet/ether.h>8 9 intMainintargcChar*argv[])Ten { One     inti =0; AUnsignedCharbuf[1024x768] =""; -     intSOCK_RAW_FD =sockets (Pf_packet, Sock_raw, htons (Eth_p_all)); -      while(1) the     { -UnsignedCharsrc_mac[ -] =""; -UnsignedChardst_mac[ -] =""; -         //get the data frame of the link layer +Recvfrom (SOCK_RAW_FD, buf,sizeof(BUF),0, null,null); -         //Extract destination Mac, source Mac from Buf +sprintf (Dst_mac,"%02x:%02x:%02x:%02x:%02x:%02x", buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); Asprintf (Src_mac,"%02x:%02x:%02x:%02x:%02x:%02x", buf[6], buf[7], buf[8], buf[9], buf[Ten], buf[ One]); at         //determine if an IP packet -         if(buf[ A]==0x08&& buf[ -]==0x00) -         {     -printf"______________ip Data Report _______________\n"); -printf"mac:%s >>%s\n", Src_mac,dst_mac); -}//determine if the ARP packet in         Else if(buf[ A]==0x08&& buf[ -]==0x06) -         { toprintf"______________arp Data Report _______________\n"); +printf"mac:%s >>%s\n", Src_mac,dst_mac); -}//determine if the packet is Rarp the         Else if(buf[ A]==0x80&& buf[ -]==0x35) *         { $printf"______________rarp Data Report _______________\n");Panax Notoginsengprintf"mac:%s>>%s\n", Src_mac,dst_mac); -         } the     } +     return 0; A}

Remember to run the program with Administrator privileges:

Each packet header has a corresponding structure, which can be easily carried out by grouping or unpacking packets.

The files describing the network protocol structure in Ubuntu 12.04 are as follows:

Ethernet header (Required header file: #include <net/ethernet.h>):

The above example is instead implemented with a struct, as follows:

1#include <stdio.h>2#include <string.h>3#include <stdlib.h>4#include <sys/socket.h>5#include <netinet/inch.h>6#include <arpa/inet.h>7#include <netinet/ether.h>8#include <net/ethernet.h>//Ethernet Header File9#include <netinet/ip.h>//IP Header FileTen //#include <net/if_arp.h>//ARP header file One  A intMainintargcChar*argv[]) - { -     inti =0; theUnsignedCharbuf[1024x768] =""; -     intSOCK_RAW_FD =sockets (Pf_packet, Sock_raw, htons (Eth_p_all)); -      while(1) -     { +UnsignedCharsrc_mac[ -] =""; -UnsignedChardst_mac[ -] =""; +         //get the data frame of the link layer ARecvfrom (SOCK_RAW_FD, buf,sizeof(BUF),0, null,null); at          -         //extracting Mac header information from data (14 bytes) -         structEther_header *ETHDR =NULL; -ETHDR = (structEther_header *) buf; -          -         //Extract destination Mac, source Mac from Buf insprintf (Dst_mac,"%02x:%02x:%02x:%02x:%02x:%02x", ethdr->ether_dhost[0], ethdr->ether_dhost[1],ethdr->ether_dhost[2],ethdr->ether_dhost[3],ethdr->ether_dhost[4],ethdr->ether_dhost[5]); -sprintf (Src_mac,"%02x:%02x:%02x:%02x:%02x:%02x", ethdr->ether_shost[0], ethdr->ether_shost[1],ethdr->ether_shost[2],ethdr->ether_shost[3],ethdr->ether_shost[4],ethdr->ether_shost[5]); to          +         //determine if an IP packet -         if(0x0800= = Ntohs (ethdr->ether_type)) the         {     *printf"______________ip Data Report _______________\n"); $printf"mac:%s >>%s\n", Src_mac,dst_mac);Panax Notoginseng              -}//0x0806 for ARP packets, 0x8035 for RARP packets the         Else if(0x0806= = Ntohs (ethdr->ether_type) | |0x8035= = Ntohs (ethdr->ether_type)) +         { Aprintf"______________arp Data Report _______________\n"); theprintf"mac:%s >>%s\n", Src_mac,dst_mac); +         } -          $     } $     return 0; -}

Transferred from: http://blog.csdn.net/tennysonsky/article/details/44751997

Linux Network Programming--Original Socket instance: Analysis of MAC head message

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More