嗅探OpenFlow数据包打印出意外数据

时间:2013-05-28 18:22:11

标签: flow packets sniffing

我正在尝试使用套接字来嗅探OpenFlow数据包。我有一些代码试图收集OF数据包并打印标题信息,但它似乎没有打印正确的信息。我已经在mininet中设置了一个环境,并将其指向一个遥控器。在wireshark中,我看到标准的echo请求/回复正在进行,在openflow中是在标题部分中定义的类型2和3。当我查看我在程序中收集的数据包数据时,我似乎打印出奇数类型2数据包而没有其他任何东西让我认为我的代码不正确并且打印的类型2数据包不是类型2数据包。

我一直在玩这个,所以如果它有点凌乱/不完美我很抱歉。我试图让每个人都可以阅读:

#include <stdio.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <assert.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <openflow/openflow.h>
#include "openflow/lib/ofpbuf.h"

int sock_raw;
void DieWithError(char *errorMessage);
void handlePacket(unsigned char *, int);
void printOFHeader(struct ofp_header *);

int main()
{
    int saddr_size , data_size;
    struct sockaddr saddr;
    unsigned char *buffer = (unsigned char *)malloc(65536); //Its Big! -- Malloc allocates a block of size bytes of memory, returning a pointer to the beginning of the block
    printf("Starting...\n");

    //Create a raw socket that shall sniff
    sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_TCP);
    printf("socket: %d\n",sock_raw);
    if(sock_raw < 0)
    {
        printf("Socket Error\n");
        return 1;
    }


    while(1)
    {

        saddr_size = sizeof saddr;
        //Receive a packet

        data_size = recvfrom(sock_raw, buffer, 65536, 0 , &saddr , (socklen_t*)&saddr_size);
        if(data_size <0 )
        {
            printf("Recvfrom error , failed to get packets\n");
            return 1;
        }

        //Now process the packet
        handlePacket(buffer, data_size);
    }
    close(sock_raw);
    printf("Finished");
    return 0;
}

void DieWithError(char *errorMessage)
{
    perror(errorMessage);
    exit(1);
}

void handlePacket(unsigned char *buff, int data_size)
{

    //first get IP header length
    struct iphdr *iph = (struct iphdr *)buff;
    unsigned short iphdrlen = iph->ihl*4;

    //get tcp header length
    struct tcphdr *tcph = (struct tcphdr*)(buff + iphdrlen);
    unsigned int ofph_offset = (iphdrlen+(unsigned int)tcph->doff*4);

    //add total length of ip and tcp headers to the buffer to get the start of the OF Header
     struct ofp_header *oh = (struct ofp_header*)(buff + ofph_offset);

     //Check it is an OF Header -- Not sure this is right
    if(oh->version == OFP_VERSION)
    {
        printOFHeader(oh);
    }
    else
    {
       printf("This is not an openflow packet\n");
    }
}

void printOFHeader(struct ofp_header * oh)
{
    printf("OPENFLOW PACKET HEADER\n");
    printf("    |-OF Version         %d\n", oh->version);
    printf("    |-Type:              %d\n", oh->type);
    printf("    |-Transaction ID:              %d\n", oh->xid);
    printf("    |-Length:              %d\n", oh->length);
    printf("----------------------------------------------------");
    printf("\n");
}

我已经测试了以下数据:

    //first get IP header length
    struct iphdr *iph = (struct iphdr *)buff;
    unsigned short iphdrlen = iph->ihl*4;

    //get tcp header length
    struct tcphdr *tcph = (struct tcphdr*)(buff + iphdrlen);

这些打印正确的数据包端口地址和IP地址,所以我认为我的缺陷在于我如何分配ofp_header结构。这个问题可能更好地放在openflow.org网站上,但我找不到邮件组。

1 个答案:

答案 0 :(得分:0)