Descarga la aplicación para disfrutar aún más
Lea materiales sin conexión, sin usar Internet. Además de muchas otras características!
analisis_trafico
Materiales Generales
Esta es una vista previa del archivo. Inicie sesión para ver el archivo original
#include "functions.h"
int main(int argc,char *argv[])
{
uint32_t bytes=0;
uint32_t packets=0;
uint64_t duration=0;
uint32_t value[5];
uint16_t port[5];
uint8_t i=0;
uint16_t ethertype=0;
uint8_t proto=0;
char *filter=NULL;
char fname[500]={0};
if(argc!=2)
{
printf("Uso: ./analiza_trafico fichero.pcap\n");
return -1;
}
printf("****************************************\n");
printf("Abre,lee y cierra fichero\n");
printf("****************************************\n");
packets=0;
if(getStats(&bytes,&packets,&duration,NO_FILTER_ETHER,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,NO_FILTER_PROTO,NULL,argv[1])==OK)
{
printf("Paquetes Totales:%u\n",packets);
printf("Bytes Totales:%u\n",bytes);
printf("Duracion: %"PRIu64"\n",duration);
printf("Tam Medio:%f\n",(float)(bytes/packets));
printf("Tasa: %f bps %f pps\n",(float)(bytes/(duration/1000000)),(float)(packets/(duration/1000000)));
}
printf("****************************************\n");
printf("Filtros BPF\n");
printf("****************************************\n");
/***********************************************************************************************************
* Práctica: asignar a la variable filter los filtros necesarios para calcular la utilización de salida
* de la subred 163.0.0.0 con ,máscara 255.0.0.0
************************************************************************************************************/
if(getStats(&bytes,&packets,&duration,NO_FILTER_ETHER,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,NO_FILTER_PROTO,filter,argv[1])==OK)
{
if(duration!=0)
printf("Utilizacion salida subred 163.0.0.0/8: %f bps\n",(float)(bytes/(duration/1000000)));
}
/*************************************************************************************************************
* Práctica: asignar a la variable filter los filtros necesarios para calcular la utilización de entrada
* de la subred 163.0.0.0 con ,máscara 255.0.0.0
**************************************************************************************************************/
if(getStats(&bytes,&packets,&duration,NO_FILTER_ETHER,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,NO_FILTER_PROTO,filter,argv[1])==OK)
{
if(duration!=0)
printf("Utilizacion entrada subred 163.0.0.0/8: %f bps\n",(float)(bytes/(duration/1000000)));
}
/*****************************************************************************************************************
* Práctica: asignar a la variable filter los filtros necesarios para calcular el número de paquetes internos
* de la subred 163.0.0.0 con ,máscara 255.0.0.0
******************************************************************************************************************/
if(getStats(&bytes,&packets,&duration,NO_FILTER_ETHER,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,NO_FILTER_PROTO,filter,argv[1])==OK)
printf("N paquetes internos 163.0.0.0/8: %d\n",packets);
printf("****************************************\n");
printf("Analisis de protocolos a nivel de paquete\n");
printf("****************************************\n");
/**************************************************************************************************
* Práctica: asignar a ethertype el valor necesario para filtrar paquetes IP
***************************************************************************************************/
bytes=0;
packets=0;
ethertype=0x0800;
if(getStats(&bytes,&packets,&duration,ethertype,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,NO_FILTER_PROTO,NULL,argv[1])==OK)
printf("Paquetes IP:%d\n",packets);
/**************************************************************************************************
* Práctica: asignar a ethertype el valor necesario para filtrar paquetes ARP
***************************************************************************************************/
bytes=0;
packets=0;
ethertype=0x0806;
if(getStats(&bytes,&packets,&duration,ethertype,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,NO_FILTER_PROTO,NULL,argv[1])==OK)
printf("Paquetes ARP:%d\n",packets);
/**************************************************************************************************
* Práctica: asignar a ethertype el valor necesario para filtrar paquetes IPv6
***************************************************************************************************/
bytes=0;
packets=0;
ethertype=0x86DD;
if(getStats(&bytes,&packets,&duration,ethertype,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,NO_FILTER_PROTO,NULL,argv[1])==OK)
printf("Paquetes IPV6:%d\n",packets);
/**************************************************************************************************
* Práctica: asignar a proto el valor necesario para filtrar paquetes TCP
***************************************************************************************************/
bytes=0;
packets=0;
proto=0x06;
if(getStats(&bytes,&packets,&duration,ETYPE_IP,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,proto,NULL,argv[1])==OK)
printf("Paquetes TCP:%d\n",packets);
/**************************************************************************************************
* Práctica: asignar a proto el valor necesario para filtrar paquetes UDP
***************************************************************************************************/
bytes=0;
packets=0;
proto=0x11;
if(getStats(&bytes,&packets,&duration,ETYPE_IP,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,proto,NULL,argv[1])==OK)
printf("Paquetes UDP:%d\n",packets);
/**************************************************************************************************
* Práctica: asignar a proto el valor necesario para filtrar paquetes ICMP
***************************************************************************************************/
bytes=0;
packets=0;
proto=0x01;
if(getStats(&bytes,&packets,&duration,ETYPE_IP,NO_FILTER_IP,NO_FILTER_IP,NO_FILTER_PORT,NO_FILTER_PORT,proto,NULL,argv[1])==OK)
printf("Paquetes ICMP:%d\n",packets);
if(getTopNPort(0,0,5,port,value,NULL,argv[1])==OK)
{
printf("Top 5 Puerto origen bytes:\n");
for(i=0;i<5;i++)
{
printf("\t%d %d\n",port[i],value[i]);
}
//Se saca la ECDF del tamaño de paquete filtrando por el puerto origen mas popular en bytes
sprintf(fname,"%u_source_port_bytes_cdf.dat",port[0]);
if(getSizeECDFPort(argv[1],fname,port[0],NO_FILTER_PORT)!=OK)
{
printf("ERROR %s/%d",__FILE__, __LINE__);
return ERROR;
}
}
if(getTopNPort(1,0,5,port,value,NULL,argv[1])==OK)
{
printf("Top 5 Puerto destino bytes:\n");
for(i=0;i<5;i++)
{
printf("\t%d %d\n",port[i],value[i]);
}
//Se saca la ECDF del tamaño de paquete filtrando por el puerto destino mas popular en bytes
sprintf(fname,"%u_destination_port_bytes_cdf.dat",port[0]);
if(getSizeECDFPort(argv[1],fname,NO_FILTER_PORT,port[0])!=OK)
{
printf("ERROR %s/%d",__FILE__, __LINE__);
return ERROR;
}
}
if(getTopNPort(0,1,5,port,value,NULL,argv[1])==OK)
{
printf("Top 5 Puerto origen paquetes:\n");
for(i=0;i<5;i++)
{
printf("\t%d %d\n",port[i],value[i]);
}
//Se saca la ECDF del tamaño de paquete filtrando por el puerto origen mas popular en numero de paquetes
sprintf(fname,"%u_source_port_packets_cdf.dat",port[0]);
if(getSizeECDFPort(argv[1],fname,port[0],NO_FILTER_PORT)!=OK)
{
printf("ERROR %s/%d",__FILE__, __LINE__);
return ERROR;
}
}
if(getTopNPort(1,1,5,port,value,NULL,argv[1])==OK)
{
printf("Top 5 Puerto destino paquetes:\n");
for(i=0;i<5;i++)
{
printf("\t%d %d\n",port[i],value[i]);
}
//Se saca la ECDF del tamaño de paquete filtrando por el puerto destino mas popular en numero de paquetes
sprintf(fname,"%u_destination_port_packets_cdf.dat",port[0]);
if(getSizeECDFPort(argv[1],fname,NO_FILTER_PORT,port[0])!=OK)
{
printf("ERROR %s/%d",__FILE__, __LINE__);
return ERROR;
}
}
return 0;
}Compartir
Materiales relacionados
UAM _ Grado en Ingeniería Informática _ Analisis de Algoritmos _ ANALISIS D
Materiales Generales
13 pag.
Compartir