用Linux编程编写抓包协议,分析icmp报文的时候都是0
else if(p_iphdr->protocol==1){
struct icmphdr*p_icmphdr=(struct icmphdr*)(p_iphdr+p_iphdr->ihl*4);
if((p_icmphdr->icmp_type)==3||5||11||12){
printf("----这个是ICMP差错报告报文----\n");
}else{
printf("----这个是ICMP询问报文----\n");
}
printf("type = %d\n ", p_icmphdr->icmp_type);
printf("code = %d\n ", p_icmphdr->icmp_code);
printf("id = %d\n ", p_icmphdr->icmp_id);
printf("icmp_seq = %s\n ", ntohs(p_icmphdr->icmp_seq)); //输出序列号
这个是icmp结构体
struct icmphdr
{
u_int8_t icmp_type;
u_int8_t icmp_code;
u_int16_t icmp_checksum;
union
{
struct ih_idseq
{
u_int16_t icd_id;
u_int16_t icd_seq;
}ih_idseq;
}icmp_hun;
#define icmp_id icmp_hun.ih_idseq.icd_id
#define icmp_seq icmp_hun.ih_idseq.icd_seq
//u32 icmp_timestamp[2];//时间戳
//ICMP数据占位符
u_int8_t data[0];
};
结果是这样
这个icmp报文是我用ping网站获取的
求大佬告知小白一个,感谢
