#include "pcap.h"
#include <winsock.h>
/* void main()//取得網(wǎng)絡(luò)設(shè)備列表
{
?pcap_if_t *alldevs;
?pcap_if_t *d;
?int i=0;
?char errbuf[PCAP_ERRBUF_SIZE];
?//取得網(wǎng)絡(luò)設(shè)備列表
?if(pcap_findalldevs(&alldevs,errbuf)==-1)
?{
? fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
? exit(1);
?}
?//顯示網(wǎng)絡(luò)設(shè)備列表
?for(d=alldevs;d;d=d->next)
?{
? printf("%d",++i);
? printf("??? ");
? printf("%s",d->name);
? printf("???? ");
? if(d->description)
?? printf("(%s)\n",d->description);
? else
?? printf("(No description available)\n");
?}
?if(i==0)
?{
? printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
? return;
?}
?pcap_freealldevs(alldevs);
}*/

/*void ifprint(pcap_if_t *d);
char *iptos(u_long in);
int main()//取得網(wǎng)絡(luò)設(shè)備信息
{
?pcap_if_t *alldevs;
?pcap_if_t *d;
?int i=0;
?char errbuf[PCAP_ERRBUF_SIZE];
?//取得網(wǎng)絡(luò)設(shè)備列表
?if(pcap_findalldevs(&alldevs,errbuf)==-1)
?{
? fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
? exit(1);
?}
?//掃描并顯示列表內(nèi)容
?for(d=alldevs;d;d=d->next)
? ifprint(d);
?return 1;
}
void ifprint(pcap_if_t *d)
{
?pcap_addr_t *a;
?//網(wǎng)絡(luò)接口名
?printf("%s\n",d->name);
?//網(wǎng)絡(luò)接口描述
?if(d->description)
? printf("\tDescription: %s\n",d->description);
?//Loopback地址
?printf("\tLoopback:%s\n",(d->flags&PCAP_IF_LOOPBACK)?"yes":"no");
?//IP地址
?for(a=d->addresses;a;a=a->next)
?{
? printf("\tAddress Family:#%d\n",a->addr->sa_family);
? switch(a->addr->sa_family)
? {
? case AF_INET:
?? printf("\tAddress Family Name:AF_INET\n");
?? if(a->addr)
??? printf("\tAddress:%s\n",iptos(((struct sockaddr_in *)a->addr)->sin_addr.s_addr));
?? if(a->netmask)
??? printf("\tNetmask:%s\n",iptos(((struct sockaddr_in *)a->netmask)->sin_addr.s_addr));
?? if(a->broadaddr)
??? printf("\tBroadcast Address:%s\n",iptos(((struct sockaddr_in *)a->broadaddr)->sin_addr.s_addr));
?? if(a->dstaddr)
???? printf("\tDestination Address:%s\n",iptos(((struct sockaddr_in *)a->dstaddr)->sin_addr.s_addr));
?? break;
? default:
?? printf("\tAddress Family Name:Unknown\n");
?? break;
? }
?}
?printf("\n");
}
//數(shù)字IP地址轉(zhuǎn)換成字符串
#define IPTOSBUFFERS 12
char *iptos(u_long in)
{
?static char output[IPTOSBUFFERS][3*4+3+1];
?static short which;
?u_char *p;
?p=(u_char *)&in;
?which=(which+1==IPTOSBUFFERS?0:which+1);
?sprintf(output[which],"%d","%d","%d","%d",p[0],p[1],p[2],p[3]);
?return output[which];
}*/

/*void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data);
int main()//打開(kāi)網(wǎng)絡(luò)適配器和捕獲數(shù)據(jù)包
{
?pcap_if_t *alldevs;
?pcap_if_t *d;
?int i=0;
?int inum;
?pcap_t *adhandle;
?char errbuf[PCAP_ERRBUF_SIZE];
?//取得網(wǎng)絡(luò)設(shè)備列表
?if(pcap_findalldevs(&alldevs,errbuf)==-1)
?{
? fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
? exit(1);
?}
?//顯示網(wǎng)絡(luò)設(shè)備列表
?for(d=alldevs;d;d=d->next)
?{
? printf("%d",++i);
? printf("??? ");
? printf("%s",d->name);
? printf("???? ");
? if(d->description)
?? printf("(%s)\n",d->description);
? else
?? printf("(No description available)\n");
?}
?if(i==0)
?{
? printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
? return 0;
?}
?printf("Enter the interface number(1-%d)",i);
?scanf("%d",&inum);
?if(inum<0||inum>i)
?{
? printf("\nInterface number out of range.\n");
? //釋放設(shè)備列表
? pcap_freealldevs(alldevs);
? return -1;
?}
?for(d=alldevs,i=0;i<inum-1;d=d->next,i++);
? if((adhandle=pcap_open_live(d->name,65536,1,1000,errbuf))==NULL)
? {
?? fprintf(stderr,"\nUnable to open the adapter.%sis not supported by WinPcap\n");
?? pcap_freealldevs(alldevs);
?? return -1;
? }
? printf("\nlistening on %s...\n",d->description);
? pcap_freealldevs(alldevs);
? //開(kāi)始捕獲數(shù)據(jù)包
? pcap_loop(adhandle,0,packet_handle,NULL);
? return 0;
}
void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
?struct tm *ltime;
?char timestr[16];
?//轉(zhuǎn)換時(shí)間格式
?ltime=localtime(&header->ts.tv_sec);
?strftime(timestr,sizeof timestr,"%H:%M:%S",ltime);
?printf("%s,%.6d len:%d\n",timestr,header->ts.tv_usec,header->len);
}
*/

/*
typedef struct ip_address
{
?u_char byte1;
?u_char byte2;
?u_char byte3;
?u_char byte4;
}ip_address;
typedef struct ip_header
{
?u_char ver_ihl;
?u_char tos;
?u_short tlen;
?u_short identification;
?u_short flags_fo;
?u_char ttl;
?u_char proto;
?u_short crc;
?ip_address saddr;
?ip_address daddr;
?u_int op_pad;
}ip_header;
//UDP頭
typedef struct udp_header
{
?u_short sport;
?u_short dport;
?u_short len;
?u_short crc;
}udp_header;

void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data);
int main()//解釋網(wǎng)絡(luò)數(shù)據(jù)包
{
?pcap_if_t *alldevs;
?pcap_if_t *d;
?int i=0;
?int inum;
?pcap_t *adhandle;
?char errbuf[PCAP_ERRBUF_SIZE];
?u_int netmask;
?char packet_filter[]="ip and udp";
?struct bpf_program fcode;
?//取得網(wǎng)絡(luò)設(shè)備列表
?if(pcap_findalldevs(&alldevs,errbuf)==-1)
?{
? fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
? exit(1);
?}
?//顯示網(wǎng)絡(luò)設(shè)備列表
?for(d=alldevs;d;d=d->next)
?{
? printf("%d",++i);
? printf("??? ");
? printf("%s",d->name);
? printf("???? ");
? if(d->description)
?? printf("(%s)\n",d->description);
? else
?? printf("(No description available)\n");
?}
?if(i==0)
?{
? printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
? return 0;
?}
?printf("Enter the interface number(1-%d)",i);
?scanf("%d",&inum);
?if(inum<0||inum>i)
?{
? printf("\nInterface number out of range.\n");
? //釋放設(shè)備列表
? pcap_freealldevs(alldevs);
? return -1;
?}
?for(d=alldevs,i=0;i<inum-1;d=d->next,i++);
? if((adhandle=pcap_open_live(d->name,65536,1,1000,errbuf))==NULL)
? {
?? fprintf(stderr,"\nUnable to open the adapter.%sis not supported by WinPcap\n");
?? pcap_freealldevs(alldevs);
?? return -1;
? }
? //檢查鏈路層是否是以太網(wǎng)
? if(pcap_datalink(adhandle)!=DLT_EN10MB)
? {
?? fprintf(stderr,"\nThis program works only on Ethernet network.\n");
?? pcap_freealldevs(alldevs);
?? return -1;
? }
? if(d->addresses!=NULL)
?? netmask=((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
? else
?? netmask=0xffffff;
? //編譯過(guò)濾器
? if(pcap_compile(adhandle,&fcode,packet_filter,1,netmask)<0)
? {
?? fprintf(stderr,"\nUnable to compile the packet filter.Check the syntax.\n");
?? pcap_freealldevs(alldevs);
?? return -1;
? }
? //設(shè)置過(guò)濾器
? if(pcap_setfilter(adhandle,&fcode)<0)
? {
?? fprintf(stderr,"\nError setting the filter.\n");
?? pcap_freealldevs(alldevs);
?? return -1;
? }
? printf("listening on %s...\n",d->description);
? pcap_freealldevs(alldevs);
? pcap_loop(adhandle,0,packet_handle,NULL);
? return 0;
}

void packet_handle(u_char *param,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
?struct tm *ltime;
?char timestr[16];
?ip_header *ih;
?udp_header *uh;
?u_int ip_len;
?u_short sport;
?u_short dport;

?//轉(zhuǎn)換時(shí)間格式
?ltime=localtime(&header->ts.tv_sec);
?strftime(timestr,sizeof timestr,"%H:%M:%S",ltime);
?printf("%s,%.6d len:%d\n",timestr,header->ts.tv_usec,header->len);

?ih=(ip_header *)(pkt_data+14);
?ip_len=(ih->ver_ihl&0xf)*4;
?uh=(udp_header *)((u_char *)ih+ip_len);
?sport=ntohs(uh->sport);
?dport=ntohs(uh->dport);

?//顯示IP地址和UDP端口號(hào)
?printf("%d.%d.%d.%d.%d-> %d.%d.%d.%d.%d\n",
? ih->saddr.byte1,ih->saddr.byte2,ih->saddr.byte3,ih->saddr.byte4,sport,
? ih->daddr.byte1,ih->daddr.byte2,ih->daddr.byte3,ih->daddr.byte4,dport);
}*/

/*
void packet_handle(u_char *dumpfile,const struct pcap_pkthdr *header,const u_char *pkt_data);
int main(int argc,char **argv)//將數(shù)據(jù)包保存在文件中
{
?pcap_if_t *alldevs;
?pcap_if_t *d;
?int i=0;
?int inum;
?pcap_t *adhandle;
?char errbuf[PCAP_ERRBUF_SIZE];
?pcap_dumper_t *dumpfile;
?//檢查命令行參數(shù)
?if(argc!=2)
?{
? printf("usage:%s filename",argv[0]);
? return -1;
?}
?//取得網(wǎng)絡(luò)設(shè)備列表
?if(pcap_findalldevs(&alldevs,errbuf)==-1)
?{
? fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
? exit(1);
?}
?//顯示網(wǎng)絡(luò)設(shè)備列表
?for(d=alldevs;d;d=d->next)
?{
? printf("%d",++i);
? printf("??? ");
? printf("%s",d->name);
? printf("???? ");
? if(d->description)
?? printf("(%s)\n",d->description);
? else
?? printf("(No description available)\n");
?}
?if(i==0)
?{
? printf("\nNo interfaces found!Make sure WinPcap is installed.\n");
? return 0;
?}
?printf("Enter the interface number(1-%d)",i);
?scanf("%d",&inum);
?if(inum<0||inum>i)
?{
? printf("\nInterface number out of range.\n");
? //釋放設(shè)備列表
? pcap_freealldevs(alldevs);
? return -1;
?}
?for(d=alldevs,i=0;i<inum-1;d=d->next,i++);
? if((adhandle=pcap_open_live(d->name,65536,1,1000,errbuf))==NULL)
? {
?? fprintf(stderr,"\nUnable to open the adapter.%sis not supported by WinPcap\n");
?? pcap_freealldevs(alldevs);
?? return -1;
? }
? //檢查鏈路層是否是以太網(wǎng)
? if(pcap_datalink(adhandle)!=DLT_EN10MB)
? {
?? fprintf(stderr,"\nThis program works only on Ethernet network.\n");
?? pcap_freealldevs(alldevs);
?? return -1;
? }
? //打開(kāi)文件
? dumpfile=pcap_dump_open(adhandle,argv[1]);
? if(dumpfile==NULL)
? {
?? fprintf(stderr,"\nError opening output file\n");
?? return -1;
? }
? printf("\nlistening on %s...\n",d->description);
? pcap_freealldevs(alldevs);
? //捕獲開(kāi)始
? pcap_loop(adhandle,0,packet_handle,(unsigned char *)dumpfile);
? return 0;
}
???
void packet_handle(u_char *dumpfile,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
?pcap_dump(dumpfile,header,pkt_data);
}
*/
#include<stdio.h>
#define LINE_LEN 16
void dispatcher_handler(u_char *,const struct pcap_pkthdr *,const u_char *);
int main(int argc,char **argv)//將數(shù)據(jù)包顯示出來(lái)
{
?pcap_t *fp;
?char errbuf[PCAP_ERRBUF_SIZE];
?if(argc!=2)
?{
? printf("usage:%s filename",argv[0]);
? return -1;
?}
?//打開(kāi)捕獲的文件
?if((fp=pcap_open_offline(argv[1],errbuf))==NULL)
?{
? fprintf(stderr,"\nError opening dump file\n");
? return -1;
?}
?//讀取并顯示文件中的數(shù)據(jù)包
?pcap_loop(fp,0,dispatcher_handler,NULL);

?return 0;
}
void dispatcher_handler(u_char *temp1,const struct pcap_pkthdr *header,const u_char *pkt_data)
{
?u_int i=0;
?//顯示pkt時(shí)間和長(zhǎng)度
?printf("%ld:%ld(%ld)\n",header->ts.tv_sec,header->ts.tv_usec,header->len);
?//顯示數(shù)據(jù)包
?for(i=0;(i<header->caplen+1);i++)
?{
? printf("%.2x",pkt_data[i-1]);
? if((i%LINE_LEN)==0)
?? printf("\n");
?}
?printf("\n\n");
}

本文來(lái)自CSDN博客，轉(zhuǎn)載請(qǐng)標(biāo)明出處：http://blog.csdn.net/zhw888888/archive/2009/03/15/3991529.aspx

轉(zhuǎn)載于:https://www.cnblogs.com/zhihaowang/archive/2009/07/09/10128762.html

總結(jié)

以上是生活随笔為你收集整理的winpcap的程序（转）的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。