Click here to Skip to main content
Click here to Skip to main content

Statistic Consol Sniffer – No Driver Installation is Needed

, 22 May 2004 CPOL
Rate this:
Please Sign up or sign in to vote.
Statistic consol sniffer – no driver installation is needed
Sample Image - Statistic_consol_sniffer.jpg

Introduction

Well, this is my first submission to The Code Project.

This small application is a statistic consol sniffer that requires neither installation nor driver to be installed.

It doesn't show you the DUMP data of the packet… but it shows you the total packet count / total size / % from the total of the entire network transfer (TCP / UDP / ICMP) on your LAN.

This application can filter by source / destination IP, source / destination PORT.

Make TXT log file for edit in letter time…

This application is used an AVL TREE for holding all the sessions of the LAN activity.

You can use it with C++ Builder 6 or any other C++ IDE.

Any comment can help to make it a better sniffer, so write one…

Please vote if you can.

The Code

void RecvPacket() // main function call & init the WSAStartup
{
SOCKET sock ;
WSADATA wsd ;
char *RecvBuf = new char[6000] ;
unsigned long dwBytesRet ;
unsigned int optval = 1 ;

if(WSAStartup(MAKEWORD(2,1),&wsd) != 0)
{
printf("\nerror init WSAStartup") ;
return ;
}

sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP) ;

char FAR name[MAX_HOSTNAME_LAN] ;
gethostname(name, MAX_HOSTNAME_LAN) ;

struct hostent FAR * pHostent ;
pHostent = (struct hostent * )new char[(sizeof(struct hostent))] ;
pHostent = gethostbyname(name) ;

SOCKADDR_IN sa ;
sa.sin_family = AF_INET ;
sa.sin_port = htons(6000) ;

memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length) ;

bind(sock, (SOCKADDR *)&sa, sizeof(sa)) ;

WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL) ;

while (!kbhit())
{
recv(sock, RecvBuf, BufferLen, 0) ; // get the packet
filterpacket(RecvBuf) ;
}
// Filter the Packet
int filterpacket(char *buf)
{
IP_HDR *pIpheader = (IP_HDR *) buf ;
TCP_HDR *pTcpheader = (TCP_HDR *)(buf + sizeof(IP_HDR)) ;

// filter src_ip
if((ip_src_filter.S_un.S_addr != 0) &&
(ip_src_filter.S_un.S_addr != pIpheader->ip_srcaddr.S_un.S_addr))
{
return -1 ;
}

// filter dst_ip
if((ip_dst_filter.S_un.S_addr != 0) &&
(ip_dst_filter.S_un.S_addr != pIpheader->ip_destaddr.S_un.S_addr))
{
return -2 ;
}

// filter src_port
if((port_src_filter != 0) && (port_src_filter != htons(pTcpheader->sport)))
{
return -3 ;
}

// filter src_port
if((port_dst_filter != 0) && (port_dst_filter != htons(pTcpheader->dport)))
{
return -4 ;
}

.......

.......
}

The ALV TREE is out of this article... it's just part of the sniffer-statistic.

History

  • 23rd May, 2004: Initial post

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

OneManDo
Web Developer
Israel Israel
No Biography provided

Comments and Discussions

 
QuestionSo where's the article?? PinmemberWREY23-May-04 13:30 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web01 | 2.8.141022.2 | Last Updated 23 May 2004
Article Copyright 2004 by OneManDo
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid