libnids 未捕获 XMPP 数据包

libnids didn't capture xmpp packet

本文关键字:XMPP 数据包 libnids      更新时间:2023-10-16

此程序可以检测HTTP流等等。但是它忽略了XMPP流。我不知道为什么?(我想这是一个端口问题,但我不知道我应该在哪里修复它)

以下是Main.cpp的相关部分:

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <arpa/inet.h>
#include <string.h>
#include <stdio.h>
#include "nids.h"
#include <cstdlib>
#include <unistd.h>
#define int_ntoa(x) inet_ntoa(*((struct in_addr *)&x))
// struct tuple4 contains addresses and port numbers of the TCP connections
// the following auxiliary function produces a string looking like
// 10.0.0.1,1024,10.0.0.2,23
char *
adres (struct tuple4 addr)
{
  static char buf[256];
  strcpy (buf, int_ntoa (addr.saddr));
  sprintf (buf + strlen (buf), ",%i,", addr.source);
  strcat (buf, int_ntoa (addr.daddr));
  sprintf (buf + strlen (buf), ",%i", addr.dest);
  return buf;
}
void
tcp_callback (struct tcp_stream *a_tcp, void ** this_time_not_needed)
{
    printf("packet captured !n");
}
int 
main ()
{
  // here we can alter libnids params, for instance:
  // nids_params.n_hosts=256;
        struct nids_chksum_ctl nochksumchk;
        nochksumchk.netaddr = 0;
    nochksumchk.mask = 0;
    nochksumchk.action = NIDS_DONT_CHKSUM;
    //char fileName[] = "/home/test.pcap";
        //nids_params.filename =fileName;     
    nids_register_chksum_ctl(&nochksumchk, 1);
        char myDevice [] = "eth0";
        nids_params.device =myDevice;
    if (!nids_init ())
  {
    fprintf(stderr,"%sn",nids_errbuf);
    exit(1);
  }
  nids_register_tcp ( (void*)tcp_callback);
  nids_run ();
  return 0;
}

我的PCAP文件在TCP连接中同步存在一些问题。

so上方的libnids代码是正确的!

相关文章: