ports//net/ngrep-lib/work/ngrep-lib-1.3/test-lib.c

//
// $Id: test-lib.c,v 1.5 2002/01/02 03:30:48 mavetju Exp $
//
// test-lib.c - Part of ngrep-lib by Edwin Groothuis <edwin@mavetju.org>
//

#include <stdio.h>
#include <pcap.h>

#include <sys/types.h>
#include <sys/socket.h>

#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <netinet/udp.h>
#include <netinet/ip_icmp.h>
#include <net/if_arp.h>

#include <arpa/inet.h>

#include "ngrep-lib.h"

void my_arp(struct arphdr *arphdr);
void my_ip(struct ip *iphdr);
void my_tcp(struct ip *iphdr, struct tcphdr *tcphdr,char *data,int len);
void my_udp(struct ip *iphdr, struct udphdr *udphdr,char *data,int len);
void my_icmp(struct ip *iphdr, struct icmp *icmphdr,char *data,int len);
void my_info(char *interface,char *filter,char *match,char *output);
void my_stats(long received,long dropped);

int main(int argc,char **argv) {
    ngrep_callback_arp(&my_arp);
    ngrep_callback_ip(&my_ip);
    ngrep_callback_udp(&my_udp);
    ngrep_callback_tcp(&my_tcp);
    ngrep_callback_icmp(&my_icmp);
//  ngrep_callback_process(&my_ip,&my_tcp,&my_udp,&my_icmp);
    ngrep_callback_info(&my_info,&my_stats);
//  ngrep_main("port 53 or port 4000 or icmp","''","-d tun0");
    ngrep_setfilter(NULL,NULL,"-d vmnet1");
    ngrep_run();
    return 0;
}

void my_info(char *interface,char *filter,char *match,char *output) {
    printf("interface: %s\nfilter: %s\nmatch: %s\noutput: %s\n",
	interface,filter,match,output);
}

void my_stats(long received, long dropped) {
    printf("received %ld packets, dropped %ld packets\n",
	received,dropped);
}

void my_arp(struct arphdr *arphdr) {
    if (ntohs(arphdr->ar_op)==ARPOP_REQUEST || ntohs(arphdr->ar_op)==ARPOP_REPLY) {
	u_char *ar_data=(u_char *)arphdr+8;

	printf("ARP (%s): from %x:%x:%x:%x:%x:%x (%d.%d.%d.%d) for %x:%x:%x:%x:%x:%x (%d.%d.%d.%d)\n",
	    ntohs(arphdr->ar_op)==ARPOP_REQUEST ? "request" : "reply",
	    ar_data[ 0],ar_data[ 1],ar_data[ 2],ar_data[ 3],ar_data[ 4],ar_data[ 5],
	    ar_data[ 6],ar_data[ 7],ar_data[ 8],ar_data[ 9],
	    ar_data[10],ar_data[11],ar_data[12],ar_data[13],ar_data[14],ar_data[15],
	    ar_data[16],ar_data[17],ar_data[18],ar_data[19]
	    );
	return;
    }
    printf("ARP (not request or reply): format %x, operation: %x\n",
	ntohs(arphdr->ar_hrd),
	ntohs(arphdr->ar_op));
}

void my_ip(struct ip *iphdr) {
    printf("IP: from %s to %s\n",
	inet_ntoa(iphdr->ip_src),
	inet_ntoa(iphdr->ip_dst));
}

void my_tcp(struct ip *iphdr, struct tcphdr *tcp,char *data,int len) {
    printf("TCP: %d bytes from %s:%d to %s:%d\n",
	len,
	inet_ntoa(iphdr->ip_src),
	ntohs(tcp->th_sport),
	inet_ntoa(iphdr->ip_dst),
	ntohs(tcp->th_dport));
}
void my_udp(struct ip *iphdr, struct udphdr *udp,char *data,int len) {
    printf("UDP: %d bytes from %s:%d to %s:%d\n",
	len,
	inet_ntoa(iphdr->ip_src),
	ntohs(udp->uh_sport),
	inet_ntoa(iphdr->ip_dst),
	ntohs(udp->uh_dport));

}
void my_icmp(struct ip *iphdr, struct icmp *ic,char *data,int len) {
    int i;
    printf("ICMP: %d bytes of type %d\n",len,ic->icmp_type);
    for (i=0;i<len;i++)
	printf("%x ",(unsigned char)data[i]);
    printf("\n");
}
syntax highlighted by Code2HTML, v. 0.9.1