计算机科学与技术学院课程设计成绩单
优秀:90分~100分良好:80 分~89分中等:70~79分及格:60~69分不及格0分~59分
武汉科技大学计算机科学与技术学院制表
计算机科学与技术学院
课程设计报告
课程名称:网络编程与协议分析
专
班
学姓业:级:号:名:
指导老师:
《网络编程与协议分析》课程设计报告
一、课设题目:
网络数据包抓取与分析软件
二、课设要求:
1)能抓取本地主机所在局域网子网内的所有数据包
2)分析并显示所抓取数据包的IP 头部各字段的信息
3)分析并显示所抓取数据包的封装在IP 数据包内的协议头部字段信息(TCP、UDP、ICMP 等)
4)生成日志信息,以文本文档形式保存
5)分析并显示所抓取数据包应用层协议头部字段信息
(HTTP、FTP、DNS、Telnet、SMTP、POP等各种应用层协议中至少取三种)三、用到的基本概念及原理
(3)Winpcap的组成和结构
(4)Winpcap基本原理
(5)NPF 在windows 系统中的位置
(6)系统构架
四、部分代码
1)初始化套接字
BOOL CTestDlg::SockInit()
{
WSADATA wsa;
if(WSAStartup(MAKEWORD(2,2),&wsa)!=0)
{
AfxMessageBox("WSAStartup fail!");
}
m_sock=socket(AF_INET,SOCK_RAW,0);
if(m_sock==INVALID_SOCKET)
{
AfxMessageBox("socket fail!");
}
SOCKADDR_IN addr;
addr.sin_family=AF_INET;
addr.sin_port=htons(5000);
struct hostent FAR *pHostent;
char FAR name[25];
gethostname(name,25);
pHostent = gethostbyname(name);
memcpy(&addr.sin_addr.S_un.S_addr,pHostent->h_addr_list[0],pHostent->h_len);
if(bind(m_sock,(SOCKADDR*)&addr,sizeof(addr))!=0)
{
AfxMessageBox("bind fail!");
}
DWORD dwBytesRet;
unsigned int optval = 1;
int pCount=0;
if(INVALID_SOCKET==(WSAIoctl(m_sock,SIO_RCVALL,&optval,sizeof(optval),
NULL,0,&dwBytesRet,NULL, NULL)))
{
AfxMessageBox("WSAIoctl Fail!");
return false;
}
return true;
}
2)初始化表格
BOOL CTestDlg::ListInit()
{
DWORD dwStyle= GetWindowLong(m_List.m_hWnd, GWL_STYLE);
SetWindowLong(m_List.m_hWnd,GWL_STYLE,dwStyle|LVS_REPO);
DWORD dwStyles= m_List.GetExStyle();
dwStyles&=~LVS_EX_CHECKBOXES;
m_List.SetExtendedStyle(dwStyles|LVS_EX_FULLROWSELECT|LVXGRIDLINES);
m_List.InsertColumn(1,"版本",LVCFMT_CENTER,40,0);
m_List.InsertColumn(2,"头部长度",LVCFMT_CENTER,60,1);
m_List.InsertColumn(3,"服务类型",LVCFMT_CENTER,60,2);
m_List.InsertColumn(4,"总长度",LVCFMT_CENTER,50,3);
m_List.InsertColumn(5,"标识符",LVCFMT_CENTER,50,4);
m_List.InsertColumn(6,"标志位",LVCFMT_CENTER,50,5);
m_List.InsertColumn(7,"片偏移",LVCFMT_CENTER,50,6);
m_List.InsertColumn(8,"生存周期",LVCFMT_CENTER,60,7);
m_List.InsertColumn(9,"协议",LVCFMT_CENTER,40,8);
m_List.InsertColumn(10,"首部校验和",LVCFMT_CENTER,80,9);
m_List.InsertColumn(11,"源地址",LVCFMT_CENTER,100,10);
m_List.InsertColumn(12,"目的IP地址",LVCFMT_CENTER,100,11);
return true;
}
3)ip,tcp,udp,icmp头部定义
struct iphead
{
unsigned char ip_EdiAndLen;//版本&首部长度
unsigned char ip_Serve; //服务类型
unsigned short int ip_Len; //总长度
unsigned short int ip_Sign; //标识
unsigned short int ip_MarkAndMove;//标识&片偏移
unsigned char ip_Ttl; //生存时间
unsigned char ip_Protocol; //上层协议
unsigned short int ip_Sum;//首部校验和
unsigned int ip_SoIp; //源ip
unsigned int ip_DeIp; //目的ip
};
struct tcphead
{
unsigned short tcp_SoPort; //16 位的源端口
unsigned short tcp_DePort; //16 位的目的端口
unsigned int tcp_Seq; //32 位的序列号
unsigned int tcp_Ack; //32 位的确认号
unsigned char tcp_LenAndRes;//4位的首部长度和4位的保留字unsigned char tcp_Flag; //2位的保留字和6 位的标志位unsigned short tcp_Win; //16 位的窗口大小
unsigned short tcp_Wum;//16 位校验和
unsigned short tcp_Mov; //16 位的紧急数据偏移量
};
struct udphead
{
unsigned short udp_SoPort; //源端口
unsigned short udp_DePort; //目的端口
unsigned short udp_Len; //总长度
unsigned short udp_Sum; //校验和
};
struct icmphead
{
unsigned char icmp_Type;//类型
unsigned char icmp_Code;//代码
unsigned short icmp_Sum;//16 位检验和
};
4)“开始”按钮事件
void CTestDlg::OnStart()
{
//TODO:Add your control notification handler code here
DWORD code;
if(!GetExitCodeThread(m_thr,&code)|| (code!= STILL_ACTIVE))
{
alldata*recvdata=new alldata;
recvdata->lis=&m_List;
recvdata->sock=m_sock;
m_thr=CreateThread(NULL,0,RecvProc,(LPVOID)recvdata,0,NULL);
CloseHandle(m_thr);
}
else
{
m_List.DeleteAllItems();
ResumeThread(m_thr);
}
GetDlgItem(IDC_STOP)->EnableWindow(TRUE);
GetDlgItem(IDC_START)->EnableWindow(FALSE);
GetDlgItem(IDC_STOP)->SetFocus();
}
5)数据包抓取与初步处理
DWORD WINAPI CTestDlg::RecvProc(LPVOID lpParameter)
{
SOCKET sock=((alldata*)lpParameter)->sock;
CListCtrl*lis=(CListCtrl*)(((alldata*)lpParameter)->lis);
struct iphead*ih;
SOCKADDR_IN tem;
char RecvBuf[65535]={0};
char soip[16];
char deip[16];
char buf[100];
int i=0;
while(1)
{
if(int a=recv(sock,ddat[++count].buff,sizeof(ddat[count].buff),0)<=0) continue;
ih=(struct iphead*)(ddat[count].buff);
tem.sin_addr.s_addr=ih->ip_SoIp;
strncpy(soip,inet_ntoa(tem.sin_addr),16);
tem.sin_addr.s_addr=ih->ip_DeIp;
strncpy(deip,inet_ntoa(tem.sin_addr),16);
lis->InsertItem(i, "fdgfg");
sprintf(buf,"%d",ih->ip_EdiAndLen>>4);
lis->SetItemText(i,0,buf);
sprintf(buf,"%d",ih->ip_EdiAndLen&0xf);
lis->SetItemText(i,1,buf);
sprintf(buf,"%d",ih->ip_Serve);
lis->SetItemText(i,2,buf);
sprintf(buf,"%d",ih->ip_Len);
lis->SetItemText(i,3,buf);
sprintf(buf,"%d",ih->ip_Sign);
lis->SetItemText(i,4,buf);
sprintf(buf,"%d",ih->ip_MarkAndMove>>13);
lis->SetItemText(i,5,buf);
sprintf(buf,"%d",ih->ip_MarkAndMove&0x1fff);
lis->SetItemText(i,6,buf);
sprintf(buf,"%d",ih->ip_Ttl);
lis->SetItemText(i,7,buf);
switch((int)ih->ip_Protocol)
{
case1:sprintf(buf,"%s","ICMP");break;
case2:sprintf(buf,"%s","IGMP");break;
case6:sprintf(buf,"%s","TCP");break;
case8:sprintf(buf,"%s","EGP");break;
case9:sprintf(buf,"%s","IGP");break;
case17:sprintf(buf,"%s","UDP");break;
case41:sprintf(buf,"%s","IPv6");break;
case89:sprintf(buf,"%s","OSPF");break;
default:sprintf(buf,"%s","Error");
}
lis->SetItemText(i,8,buf);
sprintf(buf,"%d",ih->ip_Sum);
lis->SetItemText(i,9,buf);
sprintf(buf,"%s",soip);
lis->SetItemText(i,10,buf);
sprintf(buf,"%s",deip);
lis->SetItemText(i,11,buf);
i++;
Sleep(100);
}
return true;
}
6)表格单击事件
void CTestDlg::OnClickList1(NMHDR* pNMHDR,LRESULT*pResult) {
//TODO:Add your control notification handler code here
NM_LISTVIEW*pNMListView = (NM_LISTVIEW*)pNMHDR;
CString buf;
char tem[100];
int i;
if(pNMListView->iItem!= -1)
{
i=pNMListView->iItem;
CString strtemp;
CNewDlg newdlg;
iphead*iph=(iphead *)(ddat[i].buff);
ttttttttt=*((tcphead*)(ddat[i].buff+(iph->ip_EdiAndLen&0xf)*4)); uuuuuuuuu=*((udphead*)(ddat[i].buff+(iph->ip_EdiAndLen&0xf)*4)); icmphead ih=*((icmphead*)(ddat[i].buff+(iph->ip_EdiAndLen&0xf)*4));
switch((int)iph->ip_Protocol)
{
case6:
sprintf(tem,"源端口:%d\r\n",th.tcp_SoPort);
buf+=tem;
sprintf(tem,"目的端口:%d\r\n",th.tcp_DePort);
buf+=tem;
sprintf(tem,"序列号:%d\r\n",th.tcp_Seq);
buf+=tem;
sprintf(tem,"确认号:%d\r\n",th.tcp_Ack);
buf+=tem;
sprintf(tem,"数据偏移:%d\r\n",th.tcp_LenAndRes>>4);
buf+=tem;
sprintf(tem,"保留:%d\r\n",th.tcp_LenAndRes&0xf);
buf+=tem;
sprintf(tem,"标志:%d\r\n",th.tcp_Flag&0x3f);
buf+=tem;
sprintf(tem,"窗口:%d\r\n",th.tcp_Win);
buf+=tem;
sprintf(tem,"校验和:%d\r\n",th.tcp_Wum);
buf+=tem;
sprintf(tem,"紧急指针:%d\r\n",th.tcp_Mov);
buf+=tem;
newdlg.m_data=buf;
break;
case17:
sprintf(tem,"源端口:%d\r\r\n",uh.udp_SoPort);
buf+=tem;
sprintf(tem,"目的端口:%d\r\n",uh.udp_DePort);
buf+=tem;
sprintf(tem,"长度:%d\r\n",uh.udp_Len);
buf+=tem;
sprintf(tem,"校验和:%d\r\n",uh.udp_Sum);
buf+=tem;
newdlg.m_data=buf;
break;
case1:
sprintf(tem,"类型:%d\r\n",ih.icmp_Type);
buf+=tem;
sprintf(tem,"代码:%d\r\n",ih.icmp_Code);
buf+=tem;
sprintf(tem,"校验和:%d\r\n",ih.icmp_Sum);
buf+=tem;
newdlg.m_data=buf;
break;
default:
AfxMessageBox("No Data!");
newdlg.m_data="";
}
newdlg.DoModal();
}
*pResult = 0;
}
7)“停止”按钮事件
void CTestDlg::OnStop()
{
//TODO:Add your control notification handler code here
SuspendThread(m_thr);
DWORD code;
CString strDate;
CString strBuf;
int index=m_List.GetItemCount();
int i,j=0;
GetExitCodeThread(m_thr,&code);
if(code!= STILL_ACTIVE)
{
AfxMessageBox("程序初始化失败!\n 请检查配置后重新运行!"); } else
{
CTime ttime =CTime::GetCurrentTime();
strDate.Format("%d-%d-%d-
",ttime.GetYear(),ttime.GetMonth(),ttime.GeD
ay());
strDate+=ttime.Format("%H-%M-%S");
ofstream outfile("history\\"+strDate + ".log");
outfile< < < < < < < < < < < < < while(j < index) { for (i= 0;i < 12;i++) { strBuf=m_List.GetItemText(j,i); switch(i) { case0: outfile< break; case1: outfile< break; case2: outfile< break; case3: outfile< break; case4: outfile< break; case5: outfile< break; case6: outfile< break; case7: outfile< break; case8: outfile< break; case9: outfile< break; case10: outfile< break; case11: outfile< outfile< j++; break; } } } outfile.close(); AfxMessageBox("数据已写入日志文件!");} GetDlgItem(IDC_STOP)->EnableWindow(FALSE); GetDlgItem(IDC_START)->EnableWindow(TRUE); GetDlgItem(IDC_START)->SetFocus(); } 五、程序截图“开始” “停止” TCP UDP
相关主题