ZBLOG

注册 原创投稿

netlink monitor kernel arp in C

作者:DPDK开发栏目:公开2023-05-13 03:02252

As an AI language model, I can provide you with the general steps to monitor kernel ARP using Netlink in C programming language.

  1. Include the necessary headers:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <sys/socket.h>
#include <linux/netlink.h>
#include <linux/if_arp.h>
#include <arpa/inet.h>
  1. Create a netlink socket:
int fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
if(fd == -1){
    perror("socket");
    return -1;
}
  1. Bind the socket to the kernel:
struct sockaddr_nl sa;
memset(&sa, 0, sizeof(sa));
sa.nl_family = AF_NETLINK;
sa.nl_pid = getpid();
sa.nl_groups = RTMGRP_LINK | RTMGRP_IPV4_IFADDR;

if(bind(fd, (struct sockaddr *)&sa, sizeof(sa)) == -1){
    perror("bind");
    return -1;
}
  1. Define the buffer and receive messages:
#define BUFSIZE 8192

char buf[BUFSIZE];

while(1){
    int len = recv(fd, buf, BUFSIZE, 0);
    if(len == -1){
        perror("recv");
        break;
    }

    struct nlmsghdr *nh = (struct nlmsghdr *)buf;
    while(NLMSG_OK(nh, len)){
        if(nh->nlmsg_type == NLMSG_DONE){
            break;
        }

        if(nh->nlmsg_type == NLMSG_ERROR){
            fprintf(stderr, "Netlink error: %s\n", strerror(errno));
            break;
        }

        if(nh->nlmsg_type == RTM_NEWLINK){
            struct ifinfomsg *ifi = (struct ifinfomsg *)NLMSG_DATA(nh);

            if(ifi->ifi_family == AF_LINK){
                struct rtattr *rta = IFLA_RTA(ifi);
                int rtl = IFLA_PAYLOAD(nh);

                for(; RTA_OK(rta, rtl); rta = RTA_NEXT(rta, rtl)){
                    if(rta->rta_type == IFLA_IFNAME){
                        printf("Interface %d : %s\n", ifi->ifi_index, (char *)RTA_DATA(rta));
                        break;
                    }
                }
            }
        }

        if(nh->nlmsg_type == RTM_NEWADDR){
            struct ifaddrmsg *ifa = (struct ifaddrmsg *)NLMSG_DATA(nh);

            if(ifa->ifa_family == AF_INET){
                struct rtattr *rta = IFA_RTA(ifa);
                int rtl = IFA_PAYLOAD(nh);

                for(; RTA_OK(rta, rtl); rta = RTA_NEXT(rta, rtl)){
                    if(rta->rta_type == IFA_LOCAL){
                        char addr[INET_ADDRSTRLEN];
                        inet_ntop(AF_INET, RTA_DATA(rta), addr, INET_ADDRSTRLEN);
                        printf("ARP received on interface %d from %s\n", ifa->ifa_index, addr);
                        break;
                    }
                }
            }
        }

        nh = NLMSG_NEXT(nh, len);
    }
}

This code will print out the interface and IP addresses of received ARP messages. Note that it assumes IPv4 and Ethernet interfaces. You can modify it to support other protocols and interfaces.

Please note that this is just a skeleton code. You need to add error handling and other necessary features to make it work flawlessly.

本站部分文章来源于网络,版权归原作者所有,如有侵权请联系站长删除。
转载请注明出处:https://sdn.0voice.com/?id=439

DPDK开发 DPDK开发 管理员
分享:
扫描分享到社交APP
上一篇
下一篇

相关推荐

发表列表
游客 游客
此处应有掌声~
评论列表

还没有评论,快来说点什么吧~

DPDK开发

DPDK开发

  • 4149文章
  • 0评论
  • 0粉丝
  • 0被赞
最近发布
热门排行
热评文章
猜您喜欢
热门标签
Copyright ©2022    湖南零声信息科技有限公司    版权所有     湘ICP备18009867号-1          证照中心 

联系我们

在线咨询: 点击这里给我发消息

微信号:3007537140

上班时间: 10:30-22:30

关注我们
x

注册

已经有帐号?
简单注册快人一步