原始套接字混杂模式嗅探不是我写的东西 [英] Raw Socket promiscuous mode not sniffing what I write
问题描述
我写了原始套接字处于混杂模式的程序,我需要原始套接字不闻我发送数据包。我需要通过以太网线RX(不是TX线),以只读的数据。这是更多钞票?
I am writing a program with a Raw Socket in promiscuous mode and I need the raw socket not sniff the packet I send. I need to read only the data over the ethernet rx wire (not the tx wire). It's posible?
非常感谢。
推荐答案
解决的办法是看在读取数据包,如果它是一个PACKET_OUTGOING。使用此选项,您可以性差异你把以太网TX线你从RX线读取数据包和包。
The solution is to look in the read packet if it is a PACKET_OUTGOING. Using this option you can diference the packet you put in the ethernet tx wire and the packet you read from the rx wire.
打开混杂模式插座:
char* i = "eth0";
int fd;
struct ifreq ifr;
struct sockaddr_ll interfaceAddr;
struct packet_mreq mreq;
if ((fd = socket(PF_PACKET,SOCK_RAW,htons(ETH_P_ALL))) < 0)
return -1;
memset(&interfaceAddr,0,sizeof(interfaceAddr));
memset(&ifr,0,sizeof(ifr));
memset(&mreq,0,sizeof(mreq));
memcpy(&ifr.ifr_name,i,IFNAMSIZ);
ioctl(fd,SIOCGIFINDEX,&ifr);
interfaceAddr.sll_ifindex = ifr.ifr_ifindex;
interfaceAddr.sll_family = AF_PACKET;
if (bind(fd, (struct sockaddr *)&interfaceAddr,sizeof(interfaceAddr)) < 0)
return -2;
mreq.mr_ifindex = ifr.ifr_ifindex;
mreq.mr_type = PACKET_MR_PROMISC;
mreq.mr_alen = 6;
if (setsockopt(fd,SOL_PACKET,PACKET_ADD_MEMBERSHIP,
(void*)&mreq,(socklen_t)sizeof(mreq)) < 0)
return -3;
//...
和读取。现在,我们可以Rx和Tx以太网线区分:
And read. Now, We can differentiate between the Rx and Tx ethernet wire:
unsigned char buf[1500];
struct sockaddr_ll addr;
socklen_t addr_len = sizeof(addr);
n = recvfrom(fd, buf, 2000, 0, (struct sockaddr*)&addr, &addr_len);
if (n <= 0)
{
//Error reading
}
else if (addr.sll_pkttype == PACKET_OUTGOING)
{
//The read data are not writing by me.
//Use only this data to copy in the other network.
}
和它的所有。使用它,我不看我写的数据。我尽量避免回路,当我复制网络1帧到网络2和网络2帧到网络1。
And it's all. Using it I don't read the data I write. I avoid the loop when I copy the network 1 frames to network 2 and the network 2 frames to network 1.
这篇关于原始套接字混杂模式嗅探不是我写的东西的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
