/* * Paglo Crawler * Copyright (C) 2006-2008 Paglo Labs Inc. All rights reserved. * www.paglo.com * * This program is free software; you can redistribute it and/or modify * it under the terms of version 2 of the GNU General Public License as * published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ //--------------------------------------------------------------------------- #ifndef PacketH #define PacketH //--------------------------------------------------------------------------- #include #include "PacketUtils.h" /* * EthernetII protocol types * From: http://www.iana.org/assignments/ethernet-numbers */ typedef enum { ETHER_LLC = 0x05DC, ETHER_IPV4 = 0x0800, ETHER_ARP = 0x0806, ETHER_RARP = 0x8035, ETHER_APPLETALK = 0x809B, ETHER_SNA = 0x80D5, ETHER_IPXSPX = 0x8137, ETHER_IPV6 = 0x86DD, ETHER_PPP = 0x880B } TEther2Type; #define SNAP_ORG_CISCO "\x00\x00\x0C" #define SNAP_PID_CDP 0x2000 #ifdef WIN32 /* * ICMP Type codes -- just the ones we're going to care about for now. */ #define ICMP_ECHOREPLY 0 #define ICMP_DEST_UNREACH 3 #define ICMP_ECHO 8 /* * ICMP code values -- just the ones we're going to care about for now. */ #define ICMP_NET_UNREACH 0 #define ICMP_HOST_UNREACH 1 #define ICMP_PROT_UNREACH 2 #define ICMP_PORT_UNREACH 3 #else #include #endif /* * Port numbers. */ #define UDP_PORT_DHCP 67 /* * Packet class to encapsulate data returned from libpcap * no "SetX" methods because we don't really want to modify any of the contents * */ class TPacket { public: TPacket(struct timeval *, int, int, const unsigned char *); TPacket(const struct pcap_pkthdr *, const unsigned char *); ~TPacket(void); /* * Returns data from pcap_pkthdr struct */ struct timeval GetTimestamp(void){ return PcapHeader.ts; } unsigned int GetCaptureLength(void){ return PcapHeader.caplen; }; unsigned int GetLength(void){ return PcapHeader.len; }; /* * Returns the packet's pcap_pkthdr structure. */ struct pcap_pkthdr *GetPcapHeader(void) { return &PcapHeader; } /* * Returns a pointer to the packet payload */ const unsigned char *GetData(void){ return Data; }; /* * Returns the protocol field from the ethernet frame header. */ int GetProto(void){ return Proto; } /* * Returns the protocol field from the IP header if one exists. */ int GetIPProto(void){ return IPProto; } /* * Returns the ICMP type if the packet is an ICMP one. */ int GetICMPType(void){ return ICMPType; } /* * Returns the ICMP code if the packet is an ICMP one. */ int GetICMPCode(void){ return ICMPCode; } /* * Returns the flags field from a TCP packet. */ int GetTCPFlags(void){ return TCPFlags; } /* * Return the source and destination ports for TCP and UDP packets. */ int GetSrcPort(void){ return SrcPort; } int GetDestPort(void){ return DestPort; } /* * Return source and destination IP address objects. Caller should never free them. */ TIPAddress GetSrcIP(void){ return SrcIP; }; TIPAddress GetDstIP(void){ return DstIP; }; /* * Return source and destination MAC address objects. Caller should never free them. */ TMacAddress GetSrcMac(void){ return SrcMac; }; TMacAddress GetDstMac(void){ return DstMac; }; /* * Pointer to the start of the IP payload. This is after any IP options. */ const unsigned char *IPPayload; /* * Pointer to the start of the data payload. This is the portion after the * UDP or TCP header for those protocols. */ const unsigned char *Payload; /* * Pointer to the start of the CDP data. The portion after the SNAP header. */ const unsigned char *CDPPayload; /* * Length of the packet according to the IP header. */ int IPLength; /* * Dump the packet contents as a string of hexadecimal numbers. */ std::string ToHexString(void); /* * Was this packet created from an sFlow sample. */ bool IsSFlow; private: void InitPacket(const unsigned char *Pkt); struct timeval Timestamp; unsigned int CaptureLength; unsigned int Length; struct pcap_pkthdr PcapHeader; const unsigned char *Data; TMacAddress SrcMac; TMacAddress DstMac; int Proto; TIPAddress SrcIP; TIPAddress DstIP; int IPProto; unsigned char ICMPType; unsigned char ICMPCode; unsigned char TCPFlags; int SrcPort, DestPort; }; #endif