code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
/* 
 
 this program is called "IFPC"
 "IFPC" is an abbreviation for "interfaces packet capture"
 This tool shows the user the network intefaces on the user's computer,
 and when the user selects one of the interfaces,
 shows the packets coming through the interface to the use
 
 This tool is still in the version 1
 so it will continue to develop in the future.
 */

#include <stdio.h>
#include <string.h>
#include "pcap.h"

#ifndef __linux__
	#include <winsock2.h>
#else
	#include <unistd.h>
	#include <sys/socket.h>
	#include <sys/types.h>
	#include <arpa/inet.h>
	#include <netinet/in.h>
	#include <netinet/ether.h>
	#include <linux/if_packet.h>
#endif

#define BUFSIZE 2048

int main(void)
{
	pcap_if_t *alldevs, *d;
	
	struct pcap_addr *a;
	struct sockaddr_ll sll;
	
	char errbuf[PCAP_ERRBUF_SIZE];
	char buffer[BUFSIZE];
	char *pkttype, *protocol;
	char input_agree;
	
	int i = 0;
	int sock, num, addr_len, len;

	if(pcap_findalldevs(&alldevs, errbuf) < 0)
	{
		perror("pcap_findalldevs() error");
		return 1;
	}

	for(d = alldevs; d; d=d->next)
	{
		printf("%d : %s\n", ++i, d->name);
	}

	printf("Which interface would you use : ");
	scanf("%d", &num);

	if(num < 0 || num >= i)
	{
		perror("Select from the number of interfaces presented");
		return 1;
	}

	for(d = alldevs, i=0; d; d = d->next)
	{
		if(num == ++i) break;
	}
	
	printf("name : %s\n", d->name);

	if(d -> description)
		printf("description : %s\n", d->description);

	for(a = d->addresses; a; a = a->next)
	{
		struct sockaddr_in *in_addr = (struct sockaddr_in*)a->addr;

		switch(a->addr->sa_family)
		{
			case AF_INET:
				printf("address : %s\n", inet_ntoa(in_addr->sin_addr));
				break;

			case AF_INET6:
				printf("address : %s\n", inet_ntoa(in_addr->sin_addr));
				break;

			case AF_LOCAL:
				printf("address : %s\n", inet_ntoa(in_addr->sin_addr));
				break;
		}
	}

	printf("Would you capture the packet using %s (y/n) : ", d->name);
	scanf("%c", &input_agree);

	if(input_agree == 'n' || input_agree == 'N')
	{
		printf("Okay goodbyeeeeee :)");
		return 0;
	}

	else
	{
		if((sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL))) < 0)
		{
			perror("socket()");
			return 1;
		}

		addr_len = sizeof(sll);

		while((len = recvfrom(sock, buffer, BUFSIZE, 0, (struct sockaddr*)&sll, &addr_len)) >= 0)
		{
			switch(sll.sll_pkttype)
			{
				case PACKET_HOST:
					pkttype = "PACKET_HOST";
					break;
				case PACKET_BROADCAST:
					pkttype = "PACKET_BROADCAST";
					break;
				case PACKET_MULTICAST:
					pkttype = "PACKET_MULTICAST";
					break;
				case PACKET_OTHERHOST:
					pkttype = "PACKET_OTHERHOST";
					break;
				default:
					pkttype = "Unknown";
			}

			switch(ntohs(sll.sll_protocol))
			{
				case ETH_P_IP:
					protocol = "IP";
					break;

				case ETH_P_ARP:
					protocol = "ARP";
					break; 

				default:
					protocol = "Unknown";
			}
			
			printf("[%d][%s][%s][len : %d]\n", sll.sll_ifindex, pkttype, protocol, len);
		}
	}

	pcap_freealldevs(alldevs);
	close(sock);

	return 0;
}