一、实验目的复习计算机网络课程相关知识,采用合适的程序开发语言完成网络程序开发。二、实验环境二、实验内容要求使用Wincap编制一个简单的网络数据包监听与捕获程序,同时,将捕获的数据包进行分析并将分析结果显示在屏幕上。三、实验步骤、记录和结果代码如下:#include"pcap.h"typedefstruct{intnumber;charname[10];}Protocol;Protocolprotocol[10];/*4字节的IP地址*/typedefstructip_address{u_charbyte1;u_charbyte2;u_charbyte3;u_charbyte4;}ip_address;/*IPv4首部*/typedefstructip_header{u_charver_ihl;//版本(4bits)+首部长度(4bits)u_chartos;//服务类型(Typeofservice)u_shorttlen;//总长(Totallength)u_shortidentification;//标识(Identification)u_shortflags_fo;//标志位(Flags)(3bits)+段偏移量(Fragmentoffset)(13bits)u_charttl;//存活时间(Timetolive)u_charproto;//协议(Protocol)u_shortcrc;//首部校验和(Headerchecksum)ip_addresssaddr;//源地址(Sourceaddress)ip_addressdaddr;//目的地址(Destinationaddress)u_intop_pad;//选项与填充(Option+Padding)}ip_header;/*回调函数原型*/voidpacket_handler(u_char*param,conststructpcap_pkthdr*header,constu_char*pkt_data);微机一台操作系统:WinXP/Linux编程软件:C++intmain(){pcap_if_t*alldevs;pcap_if_t*d;intinum;inti=0;pcap_t*adhandle;charerrbuf[PCAP_ERRBUF_SIZE];u_intnetmask;//charpacket_filter[]="ipandudp";charpacket_filter[]="ip";structbpf_programfcode;protocol[0].number=1;strcpy(protocol[0].name,"ICMP");protocol[1].number=2;strcpy(protocol[1].name,"IGMP");protocol[2].number=4;strcpy(protocol[2].name,"IP");protocol[3].number=6;strcpy(protocol[3].name,"TCP");protocol[4].number=8;strcpy(protocol[4].name,"EGP");protocol[5].number=9;strcpy(protocol[5].name,"IGP");protocol[6].number=17;strcpy(protocol[6].name,"UDP");protocol[7].number=41;strcpy(protocol[7].name,"IPv6");protocol[8].number=50;strcpy(protocol[8].name,"ESP");protocol[9].number=89;strcpy(protocol[9].name,"OSPF");/*获得设备列表*/if(pcap_findalldevs_ex(PCAP_SRC_IF_STRING,NULL,&alldevs,errbuf)==-1){fprintf(stderr,"Errorinpcap_findalldevs:%s\n",errbuf);exit(1);}/*打印列表*/for(d=alldevs;d;d=d->next){printf("%d.%s",++i,d->name);if(d->description)printf("(%s)\n",d->description);elseprintf("(Nodescriptionavailable)\n");}if(i==0){printf("\nNointerfacesfound!MakesureWinPcapisinstalled.\n");return-1;}printf("Entertheinterfacenumber(1-%d):",i);scanf("%d",&inum);if(inum<1||inum>i){printf("\nInterfacenumberoutofrange.\n");/*释放设备列表*/pcap_freealldevs(alldevs);return-1;}/*跳转到已选设备*/for(d=alldevs,i=0;inext,i++);/*打开适配器*/if((adhandle=pcap_open(d->name,//设备名65536,//要捕捉的数据包的部分//65535保证能捕获到不同数据链路层上的每个数据包的全部内容PCAP_OPENFLAG_PROMISCUOUS,//混杂模式1000,//读取超时时间NULL,//远程机器验证errbuf//错误缓冲池))==NULL){fprintf(stderr,"\nUnabletoopentheadapter.%sisnotsupportedbyWinPcap\n");/*释放设备列表*/pcap_freealldevs(alldevs);return-1;}/*检查数据链路层,为了简单,我们只考虑以太网*/if(pcap_datalink(adhandle)!=DLT_EN10MB){fprintf(stderr,"\nThisprogramworksonlyonEthernetnetworks.\n");/*释放设备列表*/pcap_freealldevs(alldevs);return-1;}if(d->addresses!=NULL)/*获得接口第一个地址的掩码*/netmask=((structsockaddr_in*)(d->addresses->netmask))->sin_addr.S_un.S_addr;else/*如果接口没有地址,那么我们假设一个C类的掩码*/netmask=0xffffff;//编译过滤器if(pcap_compile(adhandle,&fcode,packet_filter,1,netmask)<0){fprintf(stderr,"\nUnabletocompilethepacketfilter.Checkthesyntax.\n");/*释放设备列表*/pcap_free...
