blob: 4bc5b65cd4e7828181f6cd94aacde5a11551779b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
/* snifflib
*
* by scut
*
*/
#ifndef Z_PACKET_H
#define Z_PACKET_H
#include <sys/types.h>
#include <sys/time.h>
#include <unistd.h>
#include <netinet/in.h>
#include <pcap.h>
#include <semaphore.h>
#include <pthread.h>
/* packet structures
* parts ripped from snorts excellent include files
*/
typedef struct eth_hdr
{
u_char eth_dst[6]; /* ethernet destination address (MAC) */
u_char eth_src[6]; /* ethernet source address (MAC) */
u_short eth_type; /* enclosed packet type */
} eth_hdr;
typedef struct ip_hdr
{
u_char ip_hlen:4, ip_ver:4; /* IP header length, IP version */
u_char ip_tos; /* IP type of service */
u_short ip_len; /* IP data length */
u_short ip_id; /* IP fragmentation identification */
u_short ip_off; /* IP fragment offset */
u_char ip_ttl; /* IP time to live */
u_char ip_proto; /* subprotocol of enclosed packet */
u_short ip_csum; /* IP header checksum */
struct in_addr ip_src; /* IP source address */
struct in_addr ip_dst; /* IP destination address */
} ip_hdr;
#define TH_FIN 0x01
#define TH_SYN 0x02
#define TH_RST 0x04
#define TH_PUSH 0x08
#define TH_ACK 0x10
#define TH_URG 0x20
typedef struct tcp_hdr
{
u_short th_sport;
u_short th_dport;
u_long th_seq;
u_long th_ack;
u_char th_x2:4, th_off:4;
u_char th_flags;
u_short th_win;
u_short th_sum;
u_short th_urp;
} tcp_hdr;
#define ETHHDRSIZE sizeof (eth_hdr);
#define IPHDRSIZE sizeof (ip_hdr);
void pq_grind (void *sinfov, struct pcap_pkthdr *pkthdr, unsigned char *pkt);
void pq_3whs (struct ip_hdr *ip, struct tcp_hdr *tcp);
void pq_syns (char *ip_src_c, char *ip_dst_c, u_short dst_prt);
#endif
|
