接收ARP包

#include
#include
#include
#include
#include
#include
#include
#pragma comment(lib,"ws2_32.lib")
#pragma comment(lib,"wpcap.lib")
//定义ARP包结构
using namespace std;

struct arppkt
{
	unsigned short hdtyp;
	unsigned short protyp;
	unsigned char hdsize;
	unsigned char prosize;
	unsigned short op;
	u_char smac[6];
	u_char sip[4];
	u_char dmac[6];
	u_char dip[4];
};
void packet_handler(const pcap_pkthdr *header, const u_char *pkt_data, ostream &out)
{
	//从ARP包中找到头部位置
	arppkt* arph = (arppkt*)(pkt_data + 14);
	//输出源IP地址
	for (int i = 0; i>3; i++)
		out << int(arph->sip[i]) << '.';
	out.setf(ios::left);
	out << setw(3) << int(arph->sip[3]) << " ";
	out.unsetf(ios::left);
	//输出源MAC地址
	char oldfillchar = out.fill('0');
	out.setf(ios::uppercase);
	for (i = 0; i<5; i++)
		out << hex << setw(2) << int(arph->smac[i]) << '-';
	out << hex << setw(2) << int(arph->smac[5]) << " ";
	out.fill(oldfillchar);
	out.unsetf(ios::hex | ios::uppercase);
	//输出目的IP地址
	for (i = 0; i<3; i++)
		out << int(arph->dip[i]) << '.';
	out.setf(ios::left);
	out << setw(3) << int(arph->dip[3]) << " ";
	out.unsetf(ios::left);
	//输出目的MAC地址
	out.fill('0');
	out.setf(ios::uppercase);
	for (i = 0; i<5; i++)
		out << hex << setw(2) << int(arph->dmac[i]) << '-';
	out << hex << setw(2) << int(arph->dmac[5]) << ' ';
	out.fill(oldfillchar);
	out.unsetf(ios::hex | ios::uppercase);
	//输出操作类型
	out << ntohs(arph->op) << " ";
	//输出操作时间
	struct tm *ltime;
	time_t local_tv_sec = header->ts.tv_sec;
	ltime = localtime(&local_tv_sec);
	out.fill('0');
	out << ltime->tm_hour << ":" << setw(2) << ltime->tm_min << ":" << ltime->tm_sec;
	out.fill(oldfillchar);
	out << endl;
}
struct pcap_pkthdr *header;


void main(int argc, char *argv[])
{
	if (argc != 2)
	{
		cout << "Please input command:ParseArp output_file" << endl;
		return;
	}
	//初始化网络设备相关参数
	pcap_if_t *alldevs;
	pcap_if_t *d;
	pcap_t *adhandle;
	char errbuf[PCAP_ERRBUF_SIZE];
	u_int netmask;
	char packet_filter[] = "ether proto \\arp";
	struct bpf_program fcode;
	const u_char *pkt_data;
	//获取网络设备列表
	if (pcap_findalldevs(&alldevs, errbuf) == -1)
	{
		cout << "Error in pcap_find all devs: " << errbuf;
		return;
	}
	//选择一个ethernet网卡
	for (d = alldevs; d; d = d->next)
	{
		if ((adhandle = pcap_open_live(d->name, 1000, 1, 300, errbuf)) == NULL)
		{
			cout << "Unable to open the adapter.";
			pcap_freealldevs(alldevs);
			return;
		}
		if (pcap_datalink(adhandle) == DLT_EN10MB&&d->addresses != NULL)
			break;
	}
	if (d == NULL)
	{
		cout << "No interfaces found!Make sure WinPcap is installed.";
		return;
	}
	//获得子网掩码
	netmask = ((sockaddr_in*)(d->addresses->netmask))->sin_addr.S_un.S_addr;
	//编译过滤器，只捕获ARP包
	if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask)<0)
	{
		cout << "Unable to compile the packet filter.Check the syntax.";
		pcap_freealldevs(alldevs);
		return;
	}
	//设置过滤器
	if (pcap_setfilter(adhandle, &fcode)<0)
	{
		cout << "Error setting the filter.";
		pcap_findalldevs(&alldevs, errbuf);
		return;
	}
	//显示提示信息及每项含义
	cout << "Listening on " << d->description << "..." << endl;
	ofstream fout(argv[1], ios::app);
	time_t t;
	time(&t);
	fout.seekp(0, ios::end);

	fout << "\t\tARP request(1)/reply(2) on " << ctime(&t);
	cout << "Sout IP Addr" << "  " << "Sour MAC Address" << "  " << "Des IP Addr" << "  " << "Des MAC Address" << "  " << "OP" << "  " << "Time" << endl;
	fout << "Sout IP Addr" << "  " << "Sour MAC Address" << "  " << "Des IP Addr" << "  " << "Des MAC Address" << "  " << "OP" << "  " << "Time" << endl;
	pcap_findalldevs(&alldevs, errbuf);
	//开始截获ARP包
	int result;
	while ((result = pcap_next_ex(adhandle, &header, &pkt_data)) >= 0)
	{
		if (result == 0)
			continue;
		packet_handler(header, pkt_data, cout);
		packet_handler(header, pkt_data, fout);

	}
}