用winpcap发送数据包 [英] Send packet with winpcap

问题描述

我用Winsock用VB6制作程序Client-Server.
我想不通过winpcap进行连接就将数据包发送到服务器，并且客户端-服务器已连接. 我从winpcap构建了来自客户端vb6的相同数据包，但是服务器vb6无法从winpcap接收数据包

I make program Client-Server by VB6 with winsock.
I want send packet to server without connect by winpcap and Client-Server is connected.
I build packet from winpcap same packet from Client vb6 but server vb6 cannot receive packet from winpcap

推荐答案

服务器如何设置?我怀疑它与TCP连接有关.

典型的客户端/服务器系统将使用传输控制协议(TCP).这要求客户端发送连接请求(称为SYN)，服务器以已接受的连接进行回复(称为ACK)，并且客户端确认已接受的连接(称为SYN ACK).只有这样，您的程序才能看到数据.还应该彻底关闭它(这不是协议绝对要求的，但是应该进行编码). TCP连接允许在丢失数据包时进行错误处理，这是一个不错的选择.

替代方法是用户数据报协议(UDP)，这是一个无状态连接.您将数据发送到服务器IP和端口，并且服务器程序会接收到该数据. UDP没有任何连接状态，因此不能保证成功传送数据，这取决于您自己.这通常用于诸如Skype之类的事情，在这种情况下，您不必等待重新发送数据包，因为这会增加聊天的延迟，而视频只是跳过了一点.

当pcap(或Windows的winpcap)发送原始数据包时，它仅发送单个数据包，而不发送连接设置.这正是UDP程序会执行的操作.

您可以先设置一个连接，然后从pcap发送数据(必须使用相同的源ip和端口以及相同的目标ip和端口才能正常工作).如果是真实的客户端/服务器情况，我强烈建议您不要使用UDP，如果确实需要，则可以使用pcap伪造SYN和SYN ACK数据包.

如果您不熟悉网络，则可以获取Wireshark的副本并嗅探一些数据.它不能在环回地址上工作，只能看到发送到其他计算机的数据.

How is the server set up? I suspect it is with a TCP connection.

A typical client/server system would use Transmission Control Protocol (TCP). This requires the client to send a connection request (known as SYN), the server to reply with a connection accepted (known as ACK) and the client to acknowledge the accepted connection (known as a SYN ACK). Only then will your program see data. It should also be shutdown cleanly (this is not absolutly required by the protocol, but should be coded). TCP connections allow for error handling when packets are lost, which makes it a good choice.

The alternative is User Datagram Protocol (UDP) this is a stateless connection. You send data to the server IP and port and your server program receives this data. UDP does not have any connection state and hence does not guarantee a successful delivery of data, this is left up to you if you care. This is typically used for things like skype, where you dont want to have to wait for a packet to be resent because that would add a delay into your chat, the video just skips a bit instead.

When pcap (or winpcap for windows) sends a raw packet, it only sends the single data packet, not a connection setup. This is exactly what a UDP program would do.

You could set up a connection first, and then send data from pcap (have to use the same source ip and port as well as the same destination ip and port for this to work). If it is a real client/server situation I would strongly advise against using UDP, if you really need this, it is possible to fake the SYN, and SYN ACK packets with pcap.

If you are unfamiliar with networking perhaps get a copy of Wireshark and sniff some data. It wont work on the loopback address tho, it will only see data sent to other computers.

TCP在发送数据之前需要连接吗?
可以发送不连接吗?

TCP need connection before send data ?
It possible to send not connect ?

#define HAVE_REMOTE
#include <pcap.h>
int main()
{
    pcap_if_t      * allAdapters;
    pcap_if_t       * adapter;
    pcap_t       * adapterHandle;
    u_char         packet[ 58 ];
    char             errorBuffer[ PCAP_ERRBUF_SIZE ];

    // retrieve the adapters from the computer
    if( pcap_findalldevs_ex( PCAP_SRC_IF_STRING, NULL, 
                &allAdapters, errorBuffer ) == -1 )
    {
        fprintf( stderr, "Error in pcap_findalldevs_ex function: %s\n", 
                 errorBuffer );
        return -1;
    }

    // if there are no adapters, print an error
    if( allAdapters == NULL )
    {
    printf( "\nNo adapters found! Make sure WinPcap is installed.\n" );
        return 0;
    }

    // print the list of adapters along with basic information about an adapter
    int crtAdapter = 0;
    for( adapter = allAdapters; adapter != NULL; adapter = adapter->next)
    {
    printf( "\n%d.%s ", ++crtAdapter, adapter->name );
    printf( "-- %s\n", adapter->description );
    }

    printf( "\n" );

    int adapterNumber;

    printf( "Enter the adapter number between 1 and %d:", crtAdapter );
    scanf( "%d", &adapterNumber );
    
    if( adapterNumber < 1 || adapterNumber > crtAdapter )
    {
        printf( "\nAdapter number out of range.\n" );

        // Free the adapter list
        pcap_freealldevs( allAdapters );

        return -1;
    }
    
    // parse the list until we reach the desired adapter
    adapter = allAdapters;
    for( crtAdapter = 0; crtAdapter < adapterNumber - 1; crtAdapter++ )
        adapter = adapter->next;

    // open the adapter
    adapterHandle = pcap_open( adapter->name, // name of the adapter
                               65536,         // portion of the packet to capture
                                              // 65536 guarantees that the whole 
                                              // packet will be captured
                               PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
                               1000,             // read timeout - 1 millisecond
                               NULL,          // authentication on the remote machine
                               errorBuffer    // error buffer
                              );

    if( adapterHandle == NULL )
    {
        fprintf( stderr, "\nUnable to open the adapter\n", adapter->name );

        // Free the adapter list
        pcap_freealldevs( allAdapters );

        return -1;
    }
    
    // free the adapter list
    pcap_freealldevs( allAdapters );


    // this is the most important part of the application
    // here we send the packet

    // first we create the packet

    // set mac destination address to 01 : 01 : 01 : 01 : 01 : 01
    packet[0] = 0x00;
    packet[1] = 0x23;
    packet[2] = 0x5a;
    packet[3] = 0x99;
    packet[4] = 0x4f;
    packet[5] = 0xe2;
    
    // set mac source address to 02 : 02 : 02 : 02 : 02 : 02
    packet[6]  = 0x00;
    packet[7]  = 0x13;
    packet[8]  = 0x8f;
    packet[9]  = 0x83;
    packet[10] = 0xa9;
    packet[11] = 0xb3;
    
    // set the rest of the packet

    packet[12]  = 0x08;
    packet[13]  = 0x00;
    
    packet[14]  = 0x45;
    packet[15]  = 0x00;
    packet[16]  = 0x00;
    packet[17]  = 0x2c;
    
    packet[18]  = 0x00;
    packet[19]  = 0xfb;
    
    packet[20]  = 0x40;
    packet[21]  = 0x00;
    packet[22]  = 0x40;
    packet[23]  = 0x06;
    
    packet[24]  = 0xb6;
    packet[25]  = 0x7d;
    
    packet[26]  = 0xc0;
    packet[27]  = 0xa8;
    packet[28]  = 0x01;
    packet[29]  = 0x01;
    packet[30]  = 0xc0;
    packet[31]  = 0xa8;
    packet[32]  = 0x01;
    packet[33]  = 0x02;
    
    packet[34]  = 0x04;
    packet[35]  = 0x15;
    packet[36]  = 0x00;
    packet[37]  = 0xa6;
    
    packet[38]  = 0x4d;
    packet[39]  = 0x62;
    packet[40]  = 0xfe;
    packet[41]  = 0x09;
    
    packet[42]  = 0x17;
    packet[43]  = 0x46;
    packet[44]  = 0x60;
    packet[45]  = 0x5c;
    
    packet[46]  = 0x50;
    packet[47]  = 0x18;
    packet[48]  = 0xff;
    packet[49]  = 0xff;
    packet[50]  = 0x7d;
    packet[51]  = 0x15;
    packet[52]  = 0x00;
    packet[53]  = 0x00;
    
    packet[54]  = 0x74;
    packet[55]  = 0x65;
    packet[56]  = 0x73;
    packet[57]  = 0x74;
    
    // send the packet
    if( pcap_sendpacket( adapterHandle, // the adapter handle
             packet, // the packet
             58 // the length of the packet
               ) != 0 )
    {
        fprintf( stderr,"\nError sending the packet: \n", pcap_geterr( adapterHandle ) );
        return -1;
    }


    system( "PAUSE" );
    return 0;

}

这篇关于用winpcap发送数据包的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！