Mac Capture.c

#define WPCAP
#define HAVE_REMOTE
#include "pcap.h"
#include < stdio.h >
#include < stdlib.h > 
typedef struct arphdr {
    u_char DMac[6]; // target hardware address
    u_char SMac[6]; // sender hardware address
    u_int16_t type; // operation code
    u_char ver_ihl; // Version (4 bits) + Internet header length (4 bits)
    u_char tos; // Type of service
    u_short tlen; // Total length
    u_short identification; // Identification
    u_short flags_fo; // Flags (3 bits) + Fragment offset (13 bits)
    u_char ttl; // Time to live
    u_char proto; // Protocol
    u_short crc; // Header checksum
    u_char saddr[4]; // Source address
    u_char daddr[4]; // Destination address
    u_int op_pad; // Option + Padding
}
arphdr_t;
/* prototype of the packet handler */
void packet_handler(u_char * param, const struct pcap_pkthdr * header, const u_char * pkt_data);
    int main() {
        pcap_if_t * alldevs;
        pcap_if_t * d;
        int inum;
        int i = 0;
        pcap_t * adhandle;
        char errbuf[PCAP_ERRBUF_SIZE];
        u_int netmask;
        char packet_filter[] = "";
        struct bpf_program fcode;
        /* Retrieve the device list */
        if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, & alldevs, errbuf) == -1) {
            fprintf(stderr, "Error in pcap_findalldevs: %s\n", errbuf);
            exit(1);
        }
        /* Print the list */
        for (d = alldevs; d; d = d -> next) {
            printf("%d. %s", ++ i, d -> name);
            if (d -> description) 
                printf(" (%s)\n", d -> description);
             else 
                printf(" (No description available)\n");
            
        }
        if (i == 0) {
            printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
            return -1;
        }
        printf("Enter the interface number (1-%d):", i);
        scanf_s("%d", & inum);
        if (inum < 1 || inum > i) {
            printf("\nInterface number out of range.\n");
            /* Free the device list */
            pcap_freealldevs(alldevs);
            return -1;
        }
        /* Jump to the selected adapter */
        for (d = alldevs, i = 0; i < inum - 1; d = d -> next, i ++) 
        
        /* Open the adapter */
        if ((adhandle = pcap_open(d -> name, // name of the device
                65536,
        // portion of the packet to capture.
        // 65536 grants that the whole packet will be captured on all the MACs.
            PCAP_OPENFLAG_PROMISCUOUS, // promiscuous mode
                1000, // read timeout
            NULL, // remote authentication
            errbuf // error buffer
        )) == NULL) {
            fprintf(stderr, "\nUnable to open the adapter. %s is not supported by WinPcap\n");
            /* Free the device list */
            pcap_freealldevs(alldevs);
            return -1;
        }
        /* Check the link layer. We support only Ethernet for simplicity. */
        if (pcap_datalink(adhandle) != DLT_EN10MB) {
            fprintf(stderr, "\nThis program works only on Ethernet networks.\n");
            /* Free the device list */
            pcap_freealldevs(alldevs);
            return -1;
        }
        if (d -> addresses != NULL) 
            /* Retrieve the mask of the first address of the interface */
            netmask = ((struct sockaddr_in *)(d -> addresses -> netmask)) -> sin_addr.S_un.S_addr;
         else 
            /* If the interface is without addresses we suppose to be in a C class network */
            netmask = 0xffffff;
        
        // compile the filter
        if (pcap_compile(adhandle, & fcode, packet_filter, 1, netmask) < 0) {
            fprintf(stderr, "\nUnable to compile the packet filter. Check the syntax.\n");
            /* Free the device list */
            pcap_freealldevs(alldevs);
            return -1;
        }
        // set the filter
        if (pcap_setfilter(adhandle, & fcode) < 0) {
            fprintf(stderr, "\nError setting the filter.\n");
            /* Free the device list */
            pcap_freealldevs(alldevs);
            return -1;
        }
        printf("\nlistening on %s...\n", d -> description);
        /* At this point, we don't need any more the device list. Free it */
        pcap_freealldevs(alldevs);
        /* start the capture */
        pcap_loop(adhandle, 0, packet_handler, NULL);
        return 0;
    }
    /* Callback function invoked by libpcap for every incoming packet */
    void packet_handler(u_char * param, const struct pcap_pkthdr * header, const u_char * pkt_data) {
            struct tm ltime;
            char timestr[16];
            u_int ip_len;
            u_short sport,
            dport;
            time_t local_tv_sec;
            arphdr * arpheader = NULL;
            int i = 0;
            /*

 * Unused variable

 */
            (VOID)(param);
            /* retireve the position of the ip header */
            arpheader = (struct arphdr *)(pkt_data); // length of ethernet header
            printf("Source MAC: ");
            for (i = 0; i < 6; i ++) {
                printf("%02X", arpheader -> SMac[i]);
                if (i < 5) 
                    printf(":");
                
            }
            printf("\nSource IP: ");
            for (i = 0; i < 4; i ++) {
                printf("%d", arpheader -> saddr[i]);
                if (i < 3) 
                    printf(".");
                
            }
            printf("\nDestination MAC: ");
            for (i = 0; i < 6; i ++) {
                printf("%02X", arpheader -> DMac[i]);
                if (i < 5) 
                    printf(":");
                
            }
            printf("\nDestination IP: ");
            for (i = 0; i < 4; i ++) {
                printf("%d", arpheader -> daddr[i]);
                if (i < 3) 
                    printf(".");
                
            }
            printf("\n\n");
        }