linux ARP recvfrom信息

时间:2013-01-10 08:32:52

标签: c linux arp

如果我发送ARP包,我可以从recv中找到发件人的IP地址吗?我问这个是因为我发送了多个包到子进程的不同主机,我收到了对所有子进程的响应所以我问是否有办法知道孩子送了什么包裹。谢谢。

struct ether_arp req;
struct sockaddr_ll addr={0};
struct ifreq inter;
int sock;//I check usinginter if the interface is correct
sock=socket(AF_PACKET,SOCK_DGRAM,htons(ETH_P_ARP));
 if (sock==-1) {
 printf("%s",strerror(errno));
}
if (ioctl(sock,SIOCGIFINDEX,&inter)==-1) {
printf("%s",strerror(errno));
return ;//for the interface index
addr.sll_family=AF_PACKET;
addr.sll_ifindex=index;
addr.sll_halen=ETHER_ADDR_LEN;
addr.sll_protocol=htons(ETH_P_ARP);
memcpy(addr.sll_addr,ether_broadcast_addr,ETHER_ADDR_LEN);
req.arp_hrd=htons(ARPHRD_ETHER);
req.arp_pro=htons(ETH_P_IP);
req.arp_hln=ETHER_ADDR_LEN;
req.arp_pln=sizeof(in_addr_t);
req.arp_op=htons(ARPOP_REQUEST);
......................  
 memcpy(&req.arp_spa,&target_ip_addr.s_addr,sizeof(req.arp_spa));//this way I save the   source IP
.......
if (sendto(sock,&req,sizeof(req),0,(struct sockaddr*)&addr,sizeof(addr))==-1) {
printf("%s",strerror(errno));
}THis is how I send it

还有一些代码,但我认为它不相关

1 个答案:

答案 0 :(得分:4)

您无法使用recvfrom来发现发件人的IP地址,因为ARP数据包没有网络层。

如果您想知道哪个主机及其相对的mac地址和IP地址,请回复您的请求,您必须解析这样的数据包:

enter image description here

在此处查看有关单个字段的更多信息:ARP Message Format

您要查找的32位是Sender Protocol Address

这是一个hypotetic代码段,显示主机的IP号码arp-回复你的ARP请求。

免责声明:我没有测试它,但它应该给你一个想法。

/* buf is buffer containing the ethernet frame */
char buf[65535];

/* arp frame points to the arp data inside the ethernet frame */
struct ether_arp *arp_frame;

/* skipping the 14 bytes of ethernet frame header */
arp_frame = (struct ether_arp *) (buf + 14);

/* read until we got an arp packet or socket got a problem */
while (recv(sock, buf, sizeof(buf), 0))
{
    /* skip to the next frame if it's not an ARP packet */
    if ((((buf[12]) << 8) + buf[13]) != ETH_P_ARP) 
        continue;

    /* skip to the next frame if it's not an ARP REPLY */
    if (ntohs (arp_frame->arp_op) != ARPOP_REPLY)
        continue;

    /* got an arp reply! this is where i'm printing what you need             */
    /* ... and YES... spa of arp_spa field stands for Sender Protocol Address */
    printf("I got an arp reply from host with ip: %u.%u.%u.%u\n", arp_frame->arp_spa[0],
                                                                  arp_frame->arp_spa[1],
                                                                  arp_frame->arp_spa[2], 
                                                                  arp_frame->arp_spa[3]);

    /* break? */
    break;    
}

这是一个关于ARP-REPLIES的迷你程序的完整工作示例。

arp-reply-catcher.c source

相关问题
最新问题