From 885be66d5eea121a49f95b281d50f600c9bd600c Mon Sep 17 00:00:00 2001 From: Ako Date: Sat, 23 Aug 2025 00:22:48 +0200 Subject: [PATCH] feat: added basic tcp, udp and icmp handling --- .vscode/settings.json | 13 +++++++++++++ npcap | Bin 0 -> 16992 bytes npcap.c | 16 ++++++++++++---- npcap_handle.c | 38 ++++++++++++++++++++++++++++++++++++++ npcap_handle.h | 7 +++++++ 5 files changed, 70 insertions(+), 4 deletions(-) create mode 100644 .vscode/settings.json create mode 100755 npcap diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..197ac6a --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,13 @@ +{ + "files.associations": { + "ip_icmp.h": "c", + "tcp.h": "c", + "features-time64.h": "c", + "packet.h": "c", + "types.h": "c", + "socket.h": "c", + "stdint.h": "c", + "cstdint": "c", + "stdio.h": "c" + } +} \ No newline at end of file diff --git a/npcap b/npcap new file mode 100755 index 0000000000000000000000000000000000000000..5352cf7bdcd66db96d8ae2bf102956e88155dcce GIT binary patch literal 16992 zcmeHOe~?sFcD_9@z#uRKf+Fhj))fVTW`L0bBHF`DV^0D&VFouQCQZ}*hUw7L-FCm$ zVM_!ZwU~@!#w~QItd&BOtXgX}xN!&AO=J)Sb~o8VV>WEXq^4Zl%mgL)Gvh|>eCOVK z-n;$m*4nMD{E_0q^ttDp@0@dgzWeTb@9qk(Usn|f2u|a~je@u>Gn6Ex75i7~3`j_< z6jSj#SA0oK06$*Jls=>gv?`shDy5UOd>km*&8AEldW8}Trd&dzWLGI!la+?4s8c-I zRZ~{;e)?#w!ZBsN8_!aD;iIop10XRq?MSt9u~dtdYf34%%b0E-wj-A8BHAvZ?UW@{j{EpkeK@II<=jjHY+p1lwwe7d(%n$I`LYy-I=SEA3segv0%#a zeiwGSsWsyB33u}*E@y>)IH}v8scv4eB$eE{qG3rYu{f1X7rGaBuUxTsMME&32`-a? zsazKRXiVL_akGG%A(H846ji$w&;Cd^Q|k%;y>l87TJ>%pPaD#eqyjiSwM*n*svy6y zg8cRh^4B4^@aIod-g0rLR*!|3WYT$&&&0Re zj>y^ZJ3DfjF1W+wij&Wr6YYv6(<1LA5J@D{wiAWhEFkgjShORVj-`@cvqe0XN@e0A zp33BHkqNxtCoQyk10G+BZZI z(B78JJ9e&pLsKe~w%cP{Q#Jx`>&m2c*`f+s7KrAmlK;kGE>_{%t2p{4p8t7y)xH7D z=;x5->(k6+5>sHj_<@!^|Hxw)BICr%nlH>r)=;EV%G_N?xSv87D@91J6D${6J}IR1 zENA}oO-fGVk*+(Oh7Gw~FSTOCkkg#ybl#BbkWw{f$m!a|iN_iFrt1}_R*jzs0bMIN z{hlGOVj<`jL(bP+Qg<41svD=QA*UFex(zwE5$Sdta&&;3_84+~t08p*hWsKIEyO-U zKE;slH{{a{`O}76-;zk}0YlDXhZKhl`EkNAL4^TChiR z9#0GP=vI%X1$uOo$J4?*y4K@qK^|S^@w5<+Ughz0Lo+(V<7q)2t@3zUh)3W3)U7Wq zz@u-td~x1)fmhem8Zs~pHk0QNqM0(DgZ*31R9a{RsNdKA-(Tc@cZGgVt z5v-kiKUfUF{xv%wiS$?Jh^!iOW?^Wqpge|VO>ww(?ry>z(-im?iNAg=kp-Vdde29W zp1Ub>bZlHCa6IzLr_M|`sMZc96^B(nu|197-D|FdS`-#;j`XZ~V-d2E-Zz~ok-jy* z05ftKI(j65(Qv%_1Mq=AgsmH&>__i{k}{iNhsjjeyYu5nZ{d7j_~YIaBYzC@NMHDT z1o?BH6pI5tJZ50CiAdl0dGlq=@YvF!k%fSxrk9}wIx$Yk>NKnl$vH+(b&k+%8aV@5 z?ZKhm7hfRu2;KUP?1pJ?cwf)XePYLAR62yxMtYBae;$-CkUe}Z(mor2J%nNxN6%ok zO6?K4^B(yz97lS?`y)L&_lv@faP!eZ<>ng0%~b8?Z9?~L-rpDA7wP>e%K8EMm1TVh zeour4=q3|!$7zGRVbB|Xyl3a*qHrDL=P);^j(h!%o^>5H!BM0?JdCPD`Zo_m`U(^d zL#n0s_l>UiH&NKW@R?QN$7}EZC*)D4KhaiO zK9)WAbfot;>7dti z&;Sbndxio%!xJAED$InpvjXeK9vTXa& zRR<920JUK~6(9N9gP|!jHcpHL;RLxg0#{6D{+bCOwGSLX-DT-|hNi*%5b}q}d^*~B z^c6Taltai5k@8UtGs@QvhH6lup0Vl9o%pH!)5l@ZGZt_r_l!+&8b7>ZQC;7R3PjibdBqvxeMjj#6Nj5p$p^Ws!_ zaRP1}8e;x1+s!b?KQh9&qoWSNX`ImLPMPp;04~c{wtaqIw@)KErFtGjJ++&#>86zd zgQ2Nj#ike)L%VVVPWCE>X5|J%vwo�W-#1V@AyeL({!Db)G|vLv}a~4jX&V%Q}x? zI-sLfPy7WrQoVMm=j0Nju(Q0v&h&g=?D?Kirm%l!#<;1pu$Oyr=6DV-^Bm4L3j4RF zqYwYPTnDvc03Y(LC#ce)NPl(;E}*9l(|t>%_r)Wa=wf6Od}wVQU0zGI4O(l=_l216 zyOz^jpGb4P_UyG7H_ftG;ge^t0doU0w0bRP2C=KJ)64+!3uOMpNWcvthDOGts#c}nn=hv6LR)LRSgsr6GHj;05jk1*dH3^7jXFR}o2K>wf>|wxQ zh{mHV!;ekCHV;4-M=XdZCFrmTTFan=p~)QPc@ywu0-&4Ja`UXInxIs}O7)kf>g)%4 zC?IOd_3gV*l%2ob%6#Nr0Mv+gm#7ZY^CPa_YuVdOK$ZbU%dR&8w*XN2I&!@($4Bq$ zavT)YE+q+w@m-k*X_CjBGHV6HVxA8rl~c50AG3CVS))Y%Sc8alpk)0%jRw z-ZL=|amc~Y6l0W*nwU<)^jH6vDQoxaruGb5_YdJVw7>f2CS+*|q)tO#HX+kWAd@uY zDHC$`J?_O20*%*@UK4V%1X86T+fB${l|TX-vcZJh2Z*}&Sjpgnp=qkejzhvdcBN^w z!GqQ*=r;}M6cc)t2c5ybs!c!ufXbukecT+NXGgyMu5UD5X9WBacAjqcKj$KOG!-G? z(1%UvgC0~~B2J9FWSlb*!8nOIY-pNP8EP*HE%rV|Ns6QXhM& zU`dhCqJ(YDOC_vK+_9ZJKa-Ex-HAe1)=JoUYxy!Oo3p!;b}p|`tHr$fW!;vrEUG)D z$zi9{&Y@!ZJBOOKOd%JyEuB_dWU#u@&ty^4Z08-ku5yx@G;F>Y-K;^~A({*sYD)E~Y2T6M@x?Awr>nAgvQ8Ue3SDmb;RG!u zeY9qBPDwYqR#Ia&ysK%m@31x&y0)VDZlnU0wx%(@y@IAW=ESU9Iy&;0f-En(gw` zZL`yk)rwclcxelzDgqhePz$(%X`fpf~9ng<)N46LAe%zrx z5Be(hIqHiE9_9pP;y|exIwK z0(lJWHkXzdSAR(r+b@EC3+}r1K<(C-pOp3_ zx{xlkz=amL&;l1);6e-hrdxo&yW;PxuoTJkoTgJWU0#Sr-(q8f2QSssEcFZ6;Rg z?}F4W5%($Dp6_$;%ta>tmTQkLAj=Qv443<~#^V{TOdOxSKc&Ptyxx%YLpUkII}6EY zwLiSMV!gD(ZHnYqYdvnqB+vDbpx@vRe~;~VS+8%-LYlT}x<%8hrn@yA&~(412Q(eh z^pvKUiBy{7(heGxw?q!2eZHLbShZ{Au+I|Xa$^5F7d{o)k`$u7HR zSwpbCVSyHZzDF7+D_YJ!-J=KaC8d8n{Sn&7t>}f>eXS?&7<)0$sYf7n_iH0gCpI1S? zs)GDh$Sn?L(1p0LSOQnWkRe1iSHVw@l-G%)`T{EV7QpvIUI#yQK0mZan^84g@O77? z{8Z%CkS~Co>g#W} z6_8spQt3~)f}bsrPp`U6@cd`1E|OD;v@<*nmFeyZejb6m4)d!%q=A||Ch>J*P+#C* z(efo)zC~A>hx-#+KCBl+ns1c;TKl&`l68L$YkWa}d@T2}(7qt$F3ioG()bpQU!*m3 z9;aOUpVjzIy#UL-C~Q8gfUm)IjoPy=(GiRb@8kHW(-p;M_h~y1WFiyY zmdb36rJ@NZlgmeAg>DhgbY)Zc20sz3FOQ(F_><9CE*IMo#RHt&4xApqQGqBP&vxyA ziNQsIbV{J&22DXUhvg%}ot0H&mSVW0PN3fkvJ|L*P>pL_7Smjo@XlDiQv?$`(g>lblT(^I)wA>xCJJ57PQ}PT z=dvkB1Z8D{$OgA%z)~h}$3@VwyTQ`r209}LaM145)44MNZ_FtlYF;Y~&LdQ;D+y=H z9K9@pxS(|5I#K4@_v?sg8Nrf^dpVV6<9bMmDetS4RAD(!^egzIEd|@t7kHGI)+^Ti zm75ip6JiDOroI1sB|ZN&6R)!@qx)9Vp6{EPS`5_GZ~s-u@u)h(<>&n()A`zt_ly4W z$DpUZBHN$V^=BH=3MwPDGu!jNE(sZ#us!cjneu)V5Shq_neG5Xdp)-2{T)+oe=a}c znBD_>+B-7O`$wiB9n4>TEf(}W8?`Ch^L~~o?`Ju_zy9CQ_G`66-XAmN{WRHAoB8dZ zfQ;IN{k!YFUjO;I0U$E@`~PuBO?yk*xzyL-TJ45;%4Z+a`%9*bSJA!O5|$tE*|%zY zrsg{f^1*gY5Bu!-ev#?5{9uKQk=Rag_%aq5v;MpfVCplMea*H+U)J{A|H2|Ek|lq| z&wUNf{in1-{39|HpY3@+#x%u1O?~dfzxwQ3=P4l5hse2+{PEv}jy`AC)7IU$^0{FR?>)$Uaa LF~?`%W5xdh98O&p literal 0 HcmV?d00001 diff --git a/npcap.c b/npcap.c index 3710d3f..9d3051a 100644 --- a/npcap.c +++ b/npcap.c @@ -1,11 +1,13 @@ // // Created by ako on 8/22/25. // +#define _GNU_SOURCE #include #include #include #include #include +#include #include #include #include @@ -15,7 +17,10 @@ #include "nethdr.h" #include "npcap_handle.h" #include -#include // if_nametoindex() +#include +#include +#include +#include void cleanup(int socket, unsigned char* buffer) { close(socket); @@ -103,13 +108,16 @@ int main() switch (ip->protocol) { case 0x01: - handle_icmp(); + struct icmphdr *icmp = (struct icmphdr *) (buffer + sizeof(struct ethhdr) + ip->ihl * 4); + handle_icmp(icmp); break; case 0x06: - handle_tcp(); + struct tcphdr *tcp = (struct tcphdr *) (buffer + sizeof(struct ethhdr) + ip->ihl * 4); + handle_tcp(tcp); break; case 0x11: - handle_udp(); + struct udphdr *udp = (struct udphdr *) (buffer + sizeof(struct ethhdr) + ip->ihl * 4); + handle_udp(udp); break; default: break; diff --git a/npcap_handle.c b/npcap_handle.c index a5f0fc2..a6703eb 100644 --- a/npcap_handle.c +++ b/npcap_handle.c @@ -67,3 +67,41 @@ int handle_ip(struct iphdr* ip) { return 0; } + +int handle_icmp(struct icmphdr* icmp) { + printf("\n\t\tICMP:\n"); + printf("\t\t\tType : %d\n", icmp->type); + printf("\t\t\tCode : %d\n", icmp->code); + printf("\t\t\tChecksum : %d\n", icmp->checksum); + return 0; +} + +int handle_tcp(struct tcphdr* tcp) { + printf("\n\t\tTCP:\n"); + printf("\t\t\tPort Source : %d\n", ntohs(tcp->source)); + printf("\t\t\tPort Destination : %d\n", ntohs(tcp->dest)); + printf("\t\t\tSeq Number : %u\n", ntohl(tcp->seq)); + printf("\t\t\tAck Number : %u\n", ntohl(tcp->ack_seq)); + printf("\t\t\tData Offset : %d\n", tcp->doff); + printf("\t\t\tFlags : "); + if (tcp->urg) printf("URG "); + if (tcp->ack) printf("ACK "); + if (tcp->psh) printf("PSH "); + if (tcp->rst) printf("RST "); + if (tcp->syn) printf("SYN "); + if (tcp->fin) printf("FIN "); + printf("\n"); + printf("\t\t\tWindow Size : %d\n", ntohs(tcp->window)); + printf("\t\t\tChecksum : %d\n", ntohs(tcp->check)); + printf("\t\t\tUrgent Pointer : %d\n", tcp->urg_ptr); + return 0; +} + +int handle_udp(struct udphdr* udp) { + printf("\n\t\tUDP:\n"); + printf("\t\t\tPort Source : %d\n", ntohs(udp->source)); + printf("\t\t\tPort Destination : %d\n", ntohs(udp->dest)); + printf("\t\t\tLength : %d\n", ntohs(udp->len)); + printf("\t\t\tChecksum : %d\n", ntohs(udp->check)); + return 0; +} \ No newline at end of file diff --git a/npcap_handle.h b/npcap_handle.h index 5120e2e..e368be4 100644 --- a/npcap_handle.h +++ b/npcap_handle.h @@ -4,10 +4,17 @@ #include "nethdr.h" #include #include +#include #include +#include +#include +#include int handle_eth(struct ethhdr* eth); int handle_arp(struct arphdr_c* arp); int handle_ip(struct iphdr* ip); +int handle_icmp(struct icmphdr* icmp); +int handle_tcp(struct tcphdr* tcp); +int handle_udp(struct udphdr* udp); #endif