为什么我的 ICMP Ping TTL 参数在我的 C 代码中不起作用
Why My ICMP Ping TTL parameter doesn't work in my C code
我写了一个C程序来实现Traceroute,因为我需要高效地获取ip路径数据。我希望当我 ping 一个 IP 时,我可以获得 src 和 dst IP 之间的所有 Ips。所以我使用TTL来获取中间IP,我想当我每次增加TTL时,我可以逐渐获得中间IP。代码片段如下:
for(;ttl_val<20;ttl_val++){
setsockopt(ping_sockfd, SOL_IP, IP_TTL,&ttl_val, sizeof(ttl_val)
}
但是当我用recvfrom获取中间Ips时,发现不对,中间Ips总是变化的,和我用linux traceroute命令得到的不一样
代码段如下:
struct sockaddr_in r_addr;
addr_len=sizeof(r_addr);
if ( recvfrom(ping_sockfd, &pckt, sizeof(pckt), 0,(struct sockaddr*)&r_addr, &addr_len) <= 0){
printf("\nPacket receive failed!\n");
}else{
if(!(pckt.hdr.type ==69 && pckt.hdr.code==0)){
printf("Error..Packet \n");
}else{
//THE MIDDLE IPs were not correct!!!!!!
printf("=%s\n", inet_ntoa(r_addr.sin_addr));
}
}
比如我的ip是1.1.1.1,我要ping目的ip 5.5.5.5,中途ip是:2.2.2.2、3.3.3.3、4.4.4.4,即这些是路由'路径中的ips。我希望当我设置 TTL=1 时我能得到 2.2.2.2,当我设置 TTL=2 时我能得到 3.3.3.3,等等。我不知道为什么我的上述不起作用,当我设置 TTL 代码 return 一个随机 IP 而不是真正的中间 IP,因为它们与我通过 linux traceroute 命令获得的 Ips 不同.我的整个代码如下:
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <netinet/ip_icmp.h>
#include <time.h>
#include <fcntl.h>
#include <signal.h>
#include <time.h>
// Define the Packet Constants
// ping packet size
#define PING_PKT_S 64
// Automatic port number
#define PORT_NO 0
// Automatic port number
#define PING_SLEEP_RATE 1000000
// Gives the timeout delay for receiving packets
// in seconds
#define RECV_TIMEOUT 1
// Define the Ping Loop
int pingloop=1;
// ping packet structure
struct ping_pkt{
struct icmphdr hdr;
char msg[PING_PKT_S-sizeof(struct icmphdr)];
};
// Calculating the Check Sum
unsigned short checksum(void *b, int len){
unsigned short *buf = b;
unsigned int sum=0;
unsigned short result;
for ( sum = 0; len > 1; len -= 2 )
sum += *buf++;
if ( len == 1 )
sum += *(unsigned char*)buf;
sum = (sum >> 16) + (sum & 0xFFFF);
sum += (sum >> 16);
result = ~sum;
return result;
}
int atoint(char s[]){
int i,n=0;
for(i=0;s[i]>='0' && s[i]<='9';i++){
n=10*n+(s[i]-'0');
}
return n;
}
// Interrupt handler
void intHandler(int dummy){
pingloop=0;
}
// Performs a DNS lookup
char *dns_lookup(char *addr_host, struct sockaddr_in *addr_con){
printf("\nResolving DNS..\n");
struct hostent *host_entity;
char *ip=(char*)malloc(NI_MAXHOST*sizeof(char));
int i;
if ((host_entity = gethostbyname(addr_host)) == NULL){
// No ip found for hostname
return NULL;
}
//filling up address structure
strcpy(ip, inet_ntoa(*(struct in_addr *)
host_entity->h_addr));
(*addr_con).sin_family = host_entity->h_addrtype;
(*addr_con).sin_port = htons (PORT_NO);
(*addr_con).sin_addr.s_addr = *(long*)host_entity->h_addr;
return ip;
}
// Resolves the reverse lookup of the hostname
char* reverse_dns_lookup(char *ip_addr){
struct sockaddr_in temp_addr;
socklen_t len;
char buf[NI_MAXHOST], *ret_buf;
temp_addr.sin_family = AF_INET;
temp_addr.sin_addr.s_addr = inet_addr(ip_addr);
len = sizeof(struct sockaddr_in);
if (getnameinfo((struct sockaddr *) &temp_addr, len, buf,
sizeof(buf), NULL, 0, NI_NAMEREQD)){
printf("Could not resolve reverse lookup of hostname\n");
return NULL;
}
ret_buf = (char*)malloc((strlen(buf) +1)*sizeof(char) );
strcpy(ret_buf, buf);
return ret_buf;
}
// make a ping request
void send_ping(int ping_sockfd, struct sockaddr_in *ping_addr,
char *ping_dom, char *ping_ip, char *rev_host, int ttl_val){
int msg_count=0, i, addr_len, flag=1,msg_received_count=0;
struct ping_pkt pckt;
struct timespec time_start, time_end, tfs, tfe;
long double rtt_msec=0, total_msec=0;
struct timeval tv_out;
tv_out.tv_sec = RECV_TIMEOUT;
tv_out.tv_usec = 0;
clock_gettime(CLOCK_MONOTONIC, &tfs);
// set socket options at ip to TTL and value to 64,
// change to what you want by setting ttl_val
if (setsockopt(ping_sockfd, SOL_IP, IP_TTL,&ttl_val, sizeof(ttl_val)) != 0){
printf("\nSetting socket options to TTL failed!\n");
return;
}else{
printf("\nSocket set to TTL..\n");
}
// setting timeout of recv setting
// setsockopt(ping_sockfd, SOL_SOCKET, SO_RCVTIMEO,(const char*)&tv_out, sizeof tv_out);
// send icmp packet in an infinite loop
while(pingloop){
// flag is whether packet was sent or not
flag=1;
//filling packet
bzero(&pckt, sizeof(pckt));
pckt.hdr.type = ICMP_ECHO;
pckt.hdr.un.echo.id = getpid();
for ( i = 0; i < sizeof(pckt.msg)-1; i++ )
pckt.msg[i] = i+'0';
pckt.msg[i] = 0;
pckt.hdr.un.echo.sequence = msg_count++;
pckt.hdr.checksum = checksum(&pckt, sizeof(pckt));
usleep(PING_SLEEP_RATE);
//send packet
clock_gettime(CLOCK_MONOTONIC, &time_start);
if ( sendto(ping_sockfd, &pckt, sizeof(pckt), 0,
(struct sockaddr*) ping_addr,
sizeof(*ping_addr)) <= 0){
printf("\nPacket Sending Failed!\n");
flag=0;
}
struct sockaddr_in r_addr;
//receive packet
addr_len=sizeof(r_addr);
// struct sockaddr_in from;
if ( recvfrom(ping_sockfd, &pckt, sizeof(pckt), 0,(struct sockaddr*)&r_addr, &addr_len) <= 0 && msg_count>1){
printf("\nPacket receive failed!\n");
}else{
clock_gettime(CLOCK_MONOTONIC, &time_end);
double timeElapsed = ((double)(time_end.tv_nsec - time_start.tv_nsec))/1000000.0;
rtt_msec = (time_end.tv_sec-time_start.tv_sec) * 1000.0+ timeElapsed;
// if packet was not sent, don't receive
if(flag){
if(!(pckt.hdr.type ==69 && pckt.hdr.code==0)){
printf("Error..Packet received with ICMP type %d code %d\n", pckt.hdr.type, pckt.hdr.code);
}else{
printf("%d bytes from %s (h: %s) (%s) msg_seq=%d ttl=%d rtt = %Lf ms.\n", PING_PKT_S, ping_dom, rev_host,ping_ip, msg_count,ttl_val, rtt_msec);
printf("saddr = %d, %s: %d\n", r_addr.sin_family, inet_ntoa(r_addr.sin_addr), r_addr.sin_port);
msg_received_count++;
}
}
}
}
clock_gettime(CLOCK_MONOTONIC, &tfe);
double timeElapsed = ((double)(tfe.tv_nsec - tfs.tv_nsec))/1000000.0;
total_msec = (tfe.tv_sec-tfs.tv_sec)*1000.0 + timeElapsed;
printf("\n===%s ping statistics===\n", ping_ip);
printf("\n%d packets sent, %d packets received, %f percent packet loss. Total time: %Lf ms.\n\n", msg_count, msg_received_count, ((msg_count - msg_received_count)/msg_count) * 100.0, total_msec);
}
// Driver Code
int main(int argc, char *argv[]){
int sockfd;
char *ip_addr, *reverse_hostname;
struct sockaddr_in addr_con;
int addrlen = sizeof(addr_con);
char net_buf[NI_MAXHOST];
if(argc!=3){
printf("\nFormat %s <address> ttl \n", argv[0]);
return 0;
}
ip_addr = dns_lookup(argv[1], &addr_con);
if(ip_addr==NULL){
printf("\nDNS lookup failed! Could not resolve hostname!\n");
return 0;
}
reverse_hostname = reverse_dns_lookup(ip_addr);
printf("\nTrying to connect to '%s' IP: %s\n",argv[1], ip_addr);
printf("\nReverse Lookup domain: %s",reverse_hostname);
//socket()
sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
if(sockfd<0){
printf("\nSocket file descriptor not received!!\n");
return 0;
}else{
printf("\nSocket file descriptor %d received\n", sockfd);
}
signal(SIGINT, intHandler);//catching interrupt
int ttl = atoint(argv[2]);
//send pings continuously
send_ping(sockfd, &addr_con, reverse_hostname,ip_addr, argv[1],ttl);
return 0;
}
您的 TTL 运行良好。使用tcpdump -vn icmp
观察
您的代码结果:
$ sudo ./test7 www.baidu.com 3
...
64 bytes from (null) (h: www.baidu.com) (104.193.88.123) msg_seq=25 ttl=3 rtt = 0.196290 ms.
saddr = 2, 162.151.78.85: 0
64 bytes from (null) (h: www.baidu.com) (104.193.88.123) msg_seq=26 ttl=3 rtt = 0.103414 ms.
saddr = 2, 162.151.78.85: 0
^C64 bytes from (null) (h: www.baidu.com) (104.193.88.123) msg_seq=27 ttl=3 rtt = 0.166377 ms.
saddr = 2, 162.151.78.85: 0
traceroute
:
$ traceroute -n www.baidu.com
traceroute to www.baidu.com (104.193.88.123), 30 hops max, 60 byte packets
1 *.*.*.* 15.001 ms 15.138 ms 15.121 ms
2 *.*.*.* 14.828 ms 14.873 ms 15.047 ms
3 162.151.78.85 14.469 ms 14.941 ms 14.590 ms
...
但是,在嘈杂的系统上(有其他 ICMP 数据包四处飞来飞去),您还会收到其他数据包。您缺少的是过滤 接收您自己的 ICMP ID 和所需的 ICMP 类型。
如果不进行过滤,您将收到其他不需要的数据(其他 ICMP),您将需要丢弃(就像您对类型 69 和代码 0 所做的那样)并再次 recvfrom
。 Linux 过滤示例:
struct sock_fprog filter;
// set filter with your ID
setsockopt(ping_sockfd, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof filter);
struct icmp_filter filter;
// set filter.data with ICMP types (bitmask)
setsockopt(ping_sockfd, SOL_RAW, ICMP_FILTER, &filter, sizeof filter);
我写了一个C程序来实现Traceroute,因为我需要高效地获取ip路径数据。我希望当我 ping 一个 IP 时,我可以获得 src 和 dst IP 之间的所有 Ips。所以我使用TTL来获取中间IP,我想当我每次增加TTL时,我可以逐渐获得中间IP。代码片段如下:
for(;ttl_val<20;ttl_val++){
setsockopt(ping_sockfd, SOL_IP, IP_TTL,&ttl_val, sizeof(ttl_val)
}
但是当我用recvfrom获取中间Ips时,发现不对,中间Ips总是变化的,和我用linux traceroute命令得到的不一样
代码段如下:
struct sockaddr_in r_addr;
addr_len=sizeof(r_addr);
if ( recvfrom(ping_sockfd, &pckt, sizeof(pckt), 0,(struct sockaddr*)&r_addr, &addr_len) <= 0){
printf("\nPacket receive failed!\n");
}else{
if(!(pckt.hdr.type ==69 && pckt.hdr.code==0)){
printf("Error..Packet \n");
}else{
//THE MIDDLE IPs were not correct!!!!!!
printf("=%s\n", inet_ntoa(r_addr.sin_addr));
}
}
比如我的ip是1.1.1.1,我要ping目的ip 5.5.5.5,中途ip是:2.2.2.2、3.3.3.3、4.4.4.4,即这些是路由'路径中的ips。我希望当我设置 TTL=1 时我能得到 2.2.2.2,当我设置 TTL=2 时我能得到 3.3.3.3,等等。我不知道为什么我的上述不起作用,当我设置 TTL 代码 return 一个随机 IP 而不是真正的中间 IP,因为它们与我通过 linux traceroute 命令获得的 Ips 不同.我的整个代码如下:
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <netdb.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <netinet/ip_icmp.h>
#include <time.h>
#include <fcntl.h>
#include <signal.h>
#include <time.h>
// Define the Packet Constants
// ping packet size
#define PING_PKT_S 64
// Automatic port number
#define PORT_NO 0
// Automatic port number
#define PING_SLEEP_RATE 1000000
// Gives the timeout delay for receiving packets
// in seconds
#define RECV_TIMEOUT 1
// Define the Ping Loop
int pingloop=1;
// ping packet structure
struct ping_pkt{
struct icmphdr hdr;
char msg[PING_PKT_S-sizeof(struct icmphdr)];
};
// Calculating the Check Sum
unsigned short checksum(void *b, int len){
unsigned short *buf = b;
unsigned int sum=0;
unsigned short result;
for ( sum = 0; len > 1; len -= 2 )
sum += *buf++;
if ( len == 1 )
sum += *(unsigned char*)buf;
sum = (sum >> 16) + (sum & 0xFFFF);
sum += (sum >> 16);
result = ~sum;
return result;
}
int atoint(char s[]){
int i,n=0;
for(i=0;s[i]>='0' && s[i]<='9';i++){
n=10*n+(s[i]-'0');
}
return n;
}
// Interrupt handler
void intHandler(int dummy){
pingloop=0;
}
// Performs a DNS lookup
char *dns_lookup(char *addr_host, struct sockaddr_in *addr_con){
printf("\nResolving DNS..\n");
struct hostent *host_entity;
char *ip=(char*)malloc(NI_MAXHOST*sizeof(char));
int i;
if ((host_entity = gethostbyname(addr_host)) == NULL){
// No ip found for hostname
return NULL;
}
//filling up address structure
strcpy(ip, inet_ntoa(*(struct in_addr *)
host_entity->h_addr));
(*addr_con).sin_family = host_entity->h_addrtype;
(*addr_con).sin_port = htons (PORT_NO);
(*addr_con).sin_addr.s_addr = *(long*)host_entity->h_addr;
return ip;
}
// Resolves the reverse lookup of the hostname
char* reverse_dns_lookup(char *ip_addr){
struct sockaddr_in temp_addr;
socklen_t len;
char buf[NI_MAXHOST], *ret_buf;
temp_addr.sin_family = AF_INET;
temp_addr.sin_addr.s_addr = inet_addr(ip_addr);
len = sizeof(struct sockaddr_in);
if (getnameinfo((struct sockaddr *) &temp_addr, len, buf,
sizeof(buf), NULL, 0, NI_NAMEREQD)){
printf("Could not resolve reverse lookup of hostname\n");
return NULL;
}
ret_buf = (char*)malloc((strlen(buf) +1)*sizeof(char) );
strcpy(ret_buf, buf);
return ret_buf;
}
// make a ping request
void send_ping(int ping_sockfd, struct sockaddr_in *ping_addr,
char *ping_dom, char *ping_ip, char *rev_host, int ttl_val){
int msg_count=0, i, addr_len, flag=1,msg_received_count=0;
struct ping_pkt pckt;
struct timespec time_start, time_end, tfs, tfe;
long double rtt_msec=0, total_msec=0;
struct timeval tv_out;
tv_out.tv_sec = RECV_TIMEOUT;
tv_out.tv_usec = 0;
clock_gettime(CLOCK_MONOTONIC, &tfs);
// set socket options at ip to TTL and value to 64,
// change to what you want by setting ttl_val
if (setsockopt(ping_sockfd, SOL_IP, IP_TTL,&ttl_val, sizeof(ttl_val)) != 0){
printf("\nSetting socket options to TTL failed!\n");
return;
}else{
printf("\nSocket set to TTL..\n");
}
// setting timeout of recv setting
// setsockopt(ping_sockfd, SOL_SOCKET, SO_RCVTIMEO,(const char*)&tv_out, sizeof tv_out);
// send icmp packet in an infinite loop
while(pingloop){
// flag is whether packet was sent or not
flag=1;
//filling packet
bzero(&pckt, sizeof(pckt));
pckt.hdr.type = ICMP_ECHO;
pckt.hdr.un.echo.id = getpid();
for ( i = 0; i < sizeof(pckt.msg)-1; i++ )
pckt.msg[i] = i+'0';
pckt.msg[i] = 0;
pckt.hdr.un.echo.sequence = msg_count++;
pckt.hdr.checksum = checksum(&pckt, sizeof(pckt));
usleep(PING_SLEEP_RATE);
//send packet
clock_gettime(CLOCK_MONOTONIC, &time_start);
if ( sendto(ping_sockfd, &pckt, sizeof(pckt), 0,
(struct sockaddr*) ping_addr,
sizeof(*ping_addr)) <= 0){
printf("\nPacket Sending Failed!\n");
flag=0;
}
struct sockaddr_in r_addr;
//receive packet
addr_len=sizeof(r_addr);
// struct sockaddr_in from;
if ( recvfrom(ping_sockfd, &pckt, sizeof(pckt), 0,(struct sockaddr*)&r_addr, &addr_len) <= 0 && msg_count>1){
printf("\nPacket receive failed!\n");
}else{
clock_gettime(CLOCK_MONOTONIC, &time_end);
double timeElapsed = ((double)(time_end.tv_nsec - time_start.tv_nsec))/1000000.0;
rtt_msec = (time_end.tv_sec-time_start.tv_sec) * 1000.0+ timeElapsed;
// if packet was not sent, don't receive
if(flag){
if(!(pckt.hdr.type ==69 && pckt.hdr.code==0)){
printf("Error..Packet received with ICMP type %d code %d\n", pckt.hdr.type, pckt.hdr.code);
}else{
printf("%d bytes from %s (h: %s) (%s) msg_seq=%d ttl=%d rtt = %Lf ms.\n", PING_PKT_S, ping_dom, rev_host,ping_ip, msg_count,ttl_val, rtt_msec);
printf("saddr = %d, %s: %d\n", r_addr.sin_family, inet_ntoa(r_addr.sin_addr), r_addr.sin_port);
msg_received_count++;
}
}
}
}
clock_gettime(CLOCK_MONOTONIC, &tfe);
double timeElapsed = ((double)(tfe.tv_nsec - tfs.tv_nsec))/1000000.0;
total_msec = (tfe.tv_sec-tfs.tv_sec)*1000.0 + timeElapsed;
printf("\n===%s ping statistics===\n", ping_ip);
printf("\n%d packets sent, %d packets received, %f percent packet loss. Total time: %Lf ms.\n\n", msg_count, msg_received_count, ((msg_count - msg_received_count)/msg_count) * 100.0, total_msec);
}
// Driver Code
int main(int argc, char *argv[]){
int sockfd;
char *ip_addr, *reverse_hostname;
struct sockaddr_in addr_con;
int addrlen = sizeof(addr_con);
char net_buf[NI_MAXHOST];
if(argc!=3){
printf("\nFormat %s <address> ttl \n", argv[0]);
return 0;
}
ip_addr = dns_lookup(argv[1], &addr_con);
if(ip_addr==NULL){
printf("\nDNS lookup failed! Could not resolve hostname!\n");
return 0;
}
reverse_hostname = reverse_dns_lookup(ip_addr);
printf("\nTrying to connect to '%s' IP: %s\n",argv[1], ip_addr);
printf("\nReverse Lookup domain: %s",reverse_hostname);
//socket()
sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
if(sockfd<0){
printf("\nSocket file descriptor not received!!\n");
return 0;
}else{
printf("\nSocket file descriptor %d received\n", sockfd);
}
signal(SIGINT, intHandler);//catching interrupt
int ttl = atoint(argv[2]);
//send pings continuously
send_ping(sockfd, &addr_con, reverse_hostname,ip_addr, argv[1],ttl);
return 0;
}
您的 TTL 运行良好。使用tcpdump -vn icmp
观察
您的代码结果:
$ sudo ./test7 www.baidu.com 3
...
64 bytes from (null) (h: www.baidu.com) (104.193.88.123) msg_seq=25 ttl=3 rtt = 0.196290 ms.
saddr = 2, 162.151.78.85: 0
64 bytes from (null) (h: www.baidu.com) (104.193.88.123) msg_seq=26 ttl=3 rtt = 0.103414 ms.
saddr = 2, 162.151.78.85: 0
^C64 bytes from (null) (h: www.baidu.com) (104.193.88.123) msg_seq=27 ttl=3 rtt = 0.166377 ms.
saddr = 2, 162.151.78.85: 0
traceroute
:
$ traceroute -n www.baidu.com
traceroute to www.baidu.com (104.193.88.123), 30 hops max, 60 byte packets
1 *.*.*.* 15.001 ms 15.138 ms 15.121 ms
2 *.*.*.* 14.828 ms 14.873 ms 15.047 ms
3 162.151.78.85 14.469 ms 14.941 ms 14.590 ms
...
但是,在嘈杂的系统上(有其他 ICMP 数据包四处飞来飞去),您还会收到其他数据包。您缺少的是过滤 接收您自己的 ICMP ID 和所需的 ICMP 类型。
如果不进行过滤,您将收到其他不需要的数据(其他 ICMP),您将需要丢弃(就像您对类型 69 和代码 0 所做的那样)并再次 recvfrom
。 Linux 过滤示例:
struct sock_fprog filter;
// set filter with your ID
setsockopt(ping_sockfd, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof filter);
struct icmp_filter filter;
// set filter.data with ICMP types (bitmask)
setsockopt(ping_sockfd, SOL_RAW, ICMP_FILTER, &filter, sizeof filter);