linux原始套接字(1)-arp請求與接收

一.概述                                                  

乙太網的arp數據包結構：

arp結構op操作參數：1為請求，2為應答。

常用的數據結構如下：

1.物理地址結構位於netpacket/packet.h

 1 struct sockaddr_ll
 2 {
 3     unsigned short int sll_family;
 4     unsigned short int sll_protocol;
 5     int sll_ifindex;
 6     unsigned short int sll_hatype;
 7     unsigned char sll_pkttype;
 8     unsigned char sll_halen;
 9     unsigned char sll_addr[8];
10 };

sll_ifindex是網路(網卡)介面索引，代表從這個介面收發數據包

2.網路(網卡)介面數據結構位於net/if.h

 1 struct ifreq
 2 {
 3 # define IFHWADDRLEN    6
 4 # define IFNAMSIZ    IF_NAMESIZE
 5     union
 6       {
 7     char ifrn_name[IFNAMSIZ];    /* Interface name, e.g. "en0".  */
 8       } ifr_ifrn;
 9 
10     union
11       {
12     struct sockaddr ifru_addr;
13     struct sockaddr ifru_dstaddr;
14     struct sockaddr ifru_broadaddr;
15     struct sockaddr ifru_netmask;
16     struct sockaddr ifru_hwaddr;
17     short int ifru_flags;
18     int ifru_ivalue;
19     int ifru_mtu;
20     struct ifmap ifru_map;
21     char ifru_slave[IFNAMSIZ];    /* Just fits the size */
22     char ifru_newname[IFNAMSIZ];
23     __caddr_t ifru_data;
24       } ifr_ifru;
25 };

該結構裡面包含2個union，第一個是介面名，如：eth0，wlan0等。可以通過ioctl()函數來獲取對應的介面信息，ip地址，mac地址，介面索引等。

3.乙太網首部結構位於net/ethernet.h

1 struct ether_header
2 {
3   u_int8_t  ether_dhost[ETH_ALEN];    /* destination eth addr    */
4   u_int8_t  ether_shost[ETH_ALEN];    /* source ether addr    */
5   u_int16_t ether_type;                /* packet type ID field    */
6 } __attribute__ ((__packed__));

ether_type幀類型：常見的有IP，ARP，RARP，都有對應的巨集定義。

4.arp包結構位於netinet/if_ether.h

 1 struct    ether_arp {
 2     struct    arphdr ea_hdr;        /* fixed-size header */
 3     u_int8_t arp_sha[ETH_ALEN];    /* sender hardware address */
 4     u_int8_t arp_spa[4];        /* sender protocol address */
 5     u_int8_t arp_tha[ETH_ALEN];    /* target hardware address */
 6     u_int8_t arp_tpa[4];        /* target protocol address */
 7 };
 8 #define    arp_hrd    ea_hdr.ar_hrd
 9 #define    arp_pro    ea_hdr.ar_pro
10 #define    arp_hln    ea_hdr.ar_hln
11 #define    arp_pln    ea_hdr.ar_pln
12 #define    arp_op    ea_hdr.ar_op

上面的ether_arp結構還包含一個arp首部，位於net/if_arp.h

1 struct arphdr
2 {
3     unsigned short int ar_hrd;        /* Format of hardware address.  */
4     unsigned short int ar_pro;        /* Format of protocol address.  */
5     unsigned char ar_hln;        /* Length of hardware address.  */
6     unsigned char ar_pln;        /* Length of protocol address.  */
7     unsigned short int ar_op;        /* ARP opcode (command).  */
8 }

二.arp請求代碼                                      

  1 /**
  2  * @file arp_request.c
  3  */
  4 
  5 #include <stdio.h>
  6 #include <stdlib.h>
  7 #include <string.h>
  8 #include <unistd.h>
  9 #include <sys/ioctl.h>
 10 #include <sys/socket.h>
 11 #include <arpa/inet.h>
 12 #include <netinet/in.h>
 13 #include <netinet/if_ether.h>
 14 #include <net/ethernet.h>
 15 #include <net/if_arp.h>
 16 #include <net/if.h>
 17 #include <netpacket/packet.h>
 18 
 19 /* 乙太網幀首部長度 */
 20 #define ETHER_HEADER_LEN sizeof(struct ether_header)
 21 /* 整個arp結構長度 */
 22 #define ETHER_ARP_LEN sizeof(struct ether_arp)
 23 /* 乙太網 + 整個arp結構長度 */
 24 #define ETHER_ARP_PACKET_LEN ETHER_HEADER_LEN + ETHER_ARP_LEN
 25 /* IP地址長度 */
 26 #define IP_ADDR_LEN 4
 27 /* 廣播地址 */
 28 #define BROADCAST_ADDR {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}
 29 
 30 void err_exit(const char *err_msg)
 31 {
 32     perror(err_msg);
 33     exit(1);
 34 }
 35 
 36 /* 填充arp包 */
 37 struct ether_arp *fill_arp_packet(const unsigned char *src_mac_addr, const char *src_ip, const char *dst_ip)
 38 {
 39     struct ether_arp *arp_packet;
 40     struct in_addr src_in_addr, dst_in_addr;
 41     unsigned char dst_mac_addr[ETH_ALEN] = BROADCAST_ADDR;
 42 
 43     /* 轉換成網路位元組序 */
 44     inet_pton(AF_INET, src_ip, &src_in_addr);
 45     inet_pton(AF_INET, dst_ip, &dst_in_addr);
 46 
 47     /* 整個arp包 */
 48     arp_packet = (struct ether_arp *)malloc(ETHER_ARP_LEN);
 49     arp_packet->arp_hrd = htons(ARPHRD_ETHER);
 50     arp_packet->arp_pro = htons(ETHERTYPE_IP);
 51     arp_packet->arp_hln = ETH_ALEN;
 52     arp_packet->arp_pln = IP_ADDR_LEN;
 53     arp_packet->arp_op = htons(ARPOP_REQUEST);
 54     memcpy(arp_packet->arp_sha, src_mac_addr, ETH_ALEN);
 55     memcpy(arp_packet->arp_tha, dst_mac_addr, ETH_ALEN);
 56     memcpy(arp_packet->arp_spa, &src_in_addr, IP_ADDR_LEN);
 57     memcpy(arp_packet->arp_tpa, &dst_in_addr, IP_ADDR_LEN);
 58 
 59     return arp_packet;
 60 }
 61 
 62 /* arp請求 */
 63 void arp_request(const char *if_name, const char *dst_ip)
 64 {
 65     struct sockaddr_ll saddr_ll;
 66     struct ether_header *eth_header;
 67     struct ether_arp *arp_packet;
 68     struct ifreq ifr;
 69     char buf[ETHER_ARP_PACKET_LEN];
 70     unsigned char src_mac_addr[ETH_ALEN];
 71     unsigned char dst_mac_addr[ETH_ALEN] = BROADCAST_ADDR;
 72     char *src_ip;
 73     int sock_raw_fd, ret_len, i;
 74 
 75     if ((sock_raw_fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ARP))) == -1)
 76         err_exit("socket()");
 77 
 78     bzero(&saddr_ll, sizeof(struct sockaddr_ll));
 79     bzero(&ifr, sizeof(struct ifreq));
 80     /* 網卡介面名 */
 81     memcpy(ifr.ifr_name, if_name, strlen(if_name));
 82 
 83     /* 獲取網卡介面索引 */
 84     if (ioctl(sock_raw_fd, SIOCGIFINDEX, &ifr) == -1)
 85         err_exit("ioctl() get ifindex");
 86     saddr_ll.sll_ifindex = ifr.ifr_ifindex;
 87     saddr_ll.sll_family = PF_PACKET;
 88 
 89     /* 獲取網卡介面IP */
 90     if (ioctl(sock_raw_fd, SIOCGIFADDR, &ifr) == -1)
 91         err_exit("ioctl() get ip");
 92     src_ip = inet_ntoa(((struct sockaddr_in *)&(ifr.ifr_addr))->sin_addr);
 93     printf("local ip:%s\n", src_ip);
 94 
 95     /* 獲取網卡介面MAC地址 */
 96     if (ioctl(sock_raw_fd, SIOCGIFHWADDR, &ifr))
 97         err_exit("ioctl() get mac");
 98     memcpy(src_mac_addr, ifr.ifr_hwaddr.sa_data, ETH_ALEN);
 99     printf("local mac");
100     for (i = 0; i < ETH_ALEN; i++)
101         printf(":%02x", src_mac_addr[i]);
102     printf("\n");
103 
104     bzero(buf, ETHER_ARP_PACKET_LEN);
105     /* 填充以太首部 */
106     eth_header = (struct ether_header *)buf;
107     memcpy(eth_header->ether_shost, src_mac_addr, ETH_ALEN);
108     memcpy(eth_header->ether_dhost, dst_mac_addr, ETH_ALEN);
109     eth_header->ether_type = htons(ETHERTYPE_ARP);
110     /* arp包 */
111     arp_packet = fill_arp_packet(src_mac_addr, src_ip, dst_ip);
112     memcpy(buf + ETHER_HEADER_LEN, arp_packet, ETHER_ARP_LEN);
113 
114     /* 發送請求 */
115     ret_len = sendto(sock_raw_fd, buf, ETHER_ARP_PACKET_LEN, 0, (struct sockaddr *)&saddr_ll, sizeof(struct sockaddr_ll));
116     if ( ret_len > 0)
117         printf("sendto() ok!!!\n");
118 
119     close(sock_raw_fd);
120 }
121 
122 int main(int argc, const char *argv[])
123 {
124     if (argc != 3)
125     {
126         printf("usage:%s device_name dst_ip\n", argv[0]);
127         exit(1);
128     }
129 
130     arp_request(argv[1], argv[2]);
131     
132     return 0;
133 }

流程：命令行接收網卡介面名和要請求的目標IP地址，傳入arp_request()函數。用PF_PACKET選項創建ARP類型的原始套接字。用ioctl()函數通過網卡介面名來獲取該介面對應的mac地址，ip地址，介面索引。介面索引填充到物理地址sockaddr_ll裡面。然後填充以太首部，源地址對應剛剛的網卡介面mac地址，目標地址填廣播地址(第28行定義的巨集)。以太首部幀類型是ETHERTYPE_ARP，代表arp類型。接著填充arp數據包結構，同樣要填充源/目標的ip地址和mac地址，arp包的操作選項填寫ARPOP_REQUEST，代表請求操作。填充完成後發送到剛剛的物理地址sockaddr_ll。

三.接收arp數據包                                  

 1 /**
 2  * @file arp_recv.c
 3  */
 4 
 5 #include <stdio.h>
 6 #include <stdlib.h>
 7 #include <string.h>
 8 #include <unistd.h>
 9 #include <sys/socket.h>
10 #include <arpa/inet.h>
11 #include <netinet/in.h>
12 #include <netinet/if_ether.h>
13 #include <net/if_arp.h>
14 #include <net/ethernet.h>
15 
16 /* 乙太網幀首部長度 */
17 #define ETHER_HEADER_LEN sizeof(struct ether_header)
18 /* 整個arp結構長度 */
19 #define ETHER_ARP_LEN sizeof(struct ether_arp)
20 /* 乙太網 + 整個arp結構長度 */
21 #define ETHER_ARP_PACKET_LEN ETHER_HEADER_LEN + ETHER_ARP_LEN
22 /* IP地址長度 */
23 #define IP_ADDR_LEN 4
24 
25 void err_exit(const char *err_msg)
26 {
27     perror(err_msg);
28     exit(1);
29 }
30 
31 int main(void)
32 {
33     struct ether_arp *arp_packet;
34     char buf[ETHER_ARP_PACKET_LEN];
35     int sock_raw_fd, ret_len, i;
36 
37     if ((sock_raw_fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ARP))) == -1)
38         err_exit("socket()");
39 
40     while (1)
41     {
42         bzero(buf, ETHER_ARP_PACKET_LEN);
43         ret_len = recv(sock_raw_fd, buf, ETHER_ARP_PACKET_LEN, 0);
44         if (ret_len > 0)
45         {
46             /* 剝去以太頭部 */
47             arp_packet = (struct ether_arp *)(buf + ETHER_HEADER_LEN);
48             /* arp操作碼為2代表arp應答 */
49             if (ntohs(arp_packet->arp_op) == 2)
50             {
51                 printf("==========================arp replay======================\n");
52                 printf("from ip:");
53                 for (i = 0; i < IP_ADDR_LEN; i++)
54                     printf(".%u", arp_packet->arp_spa[i]);
55                 printf("\nfrom mac");
56                 for (i = 0; i < ETH_ALEN; i++)
57                     printf(":%02x", arp_packet->arp_sha[i]);
58                 printf("\n");
59             }
60         }
61     }
62 
63     close(sock_raw_fd);
64     return 0;
65 }

流程：創建ARP類型的原始套接字。直接調用接收函數，會收到網卡接收的arp數據包，判斷收到的arp包操作是arp應答，操作碼是2。然後剝去以太首部，取出源mac地址和ip地址！！！

四.實驗                                                  

為了更直觀，我們打開wireshark一起觀察，我這裡是wlan環境，監聽wlan0。原始套接字要以root身份運行，先運行arp_recv，然後運行arp_request發送arp請求：

wireshark結果：

上面可以看到，第一條數據包詢問誰是192.168.0.1，然後第二條數據包發送了一個回覆，可以看到wireshark裡面Opcode:reply(2)。源ip和mac地址跟我們自己的接收程式一樣。