home *** CD-ROM | disk | FTP | other *** search
/ OS/2 Shareware BBS: 35 Internet / 35-Internet.zip / nukespy.zip / nukespy.c < prev    next >
Text File  |  1995-10-22  |  5KB  |  149 lines
  1. /*
  2.  * NUKESPY      Small program meant to run in a background window, monitors  
  3.  *              incoming ICMP packets and reports on them.  Displays the 
  4.  *              date/time, source and type of any packets received.
  5.  *
  6.  * Version:    nukespy.c v1.0 10/22/95
  7.  *
  8.  * Authors:    Mike McLagan, <mmclagan@invlogic.com>
  9.  *
  10.  *        This program is free software; you can redistribute it and/or
  11.  *        modify it under the terms of the GNU General Public License
  12.  *        as published by the Free Software Foundation; either version
  13.  *        2 of the License, or (at your option) any later version.
  14.  */
  15.  
  16. #define INCL_DOS
  17. #include <os2.h>
  18.  
  19. #include <stdio.h>
  20. #include <stdlib.h>
  21. #include <string.h>
  22. #include <types.h>
  23. #include <ctype.h>
  24. #include <time.h>
  25.  
  26. #include <nerrno.h>
  27. #include <netdb.h>
  28. #include <sys/ioctl.h>
  29. #include <sys/socket.h>
  30. #include <sys/select.h>
  31. #include <netinet/in_systm.h>
  32. #include <netinet/in.h>
  33. #include <netinet/ip.h>
  34. #include <netinet/ip_icmp.h>
  35. #include <utils.h>
  36.  
  37. int sock_nuke;
  38.  
  39. unsigned long nuke_check(void)
  40. {
  41.    struct sockaddr_in addr;
  42.    int                len, hlen, bytes;
  43.    char               buf[BUFSIZ + 1], *type, line[20], *ts;
  44.    struct ip          *hdr, *data;
  45.    struct icmp        *icmp;
  46.    struct in_addr     in_addr;
  47.    int                x;
  48.    struct hostent     *he;
  49.    time_t             now;
  50.    struct tm         *breakdown;
  51.  
  52.    while (1)
  53.    {
  54.       memset(&addr, 0, sizeof(addr));
  55.       addr.sin_family = AF_INET;
  56.       bytes = recvfrom(sock_nuke, buf, sizeof(buf), 0, (struct sockaddr *) (void *) &addr, &len);
  57.  
  58.       if (bytes > 0)
  59.       {
  60.           hdr = (struct ip *) buf;
  61.           hlen = hdr->ip_hl << 2;
  62.  
  63.           if (bytes >= hlen + ICMP_MINLEN)
  64.           {
  65.              in_addr.s_addr = hdr->ip_src.s_addr;
  66.              bytes -= hlen + 4;
  67.              icmp = (struct icmp *)(buf + hlen + 4);
  68.              if (icmp->icmp_type == ICMP_UNREACH)
  69.              {
  70.                 switch(icmp->icmp_code)
  71.                 {
  72.                    case ICMP_UNREACH_NET:
  73.                       type = "Network unreachable";
  74.                       break;
  75.                    case ICMP_UNREACH_HOST:
  76.                       type = "Host unreachable";
  77.                       break;
  78.                    case ICMP_UNREACH_PROTOCOL:
  79.                       type = "Invalid protocol";
  80.                       break;
  81.                    case ICMP_UNREACH_PORT:
  82.                       type = "Invalid port";
  83.                       break;
  84.                    case ICMP_UNREACH_NEEDFRAG:
  85.                       type = "Need fragmenting";
  86.                       break;
  87.                    case ICMP_UNREACH_SRCFAIL:
  88.                       type = "Source route failure";
  89.                       break;
  90.                    default: 
  91.                       sprintf(line, "Unknown #%i", icmp->icmp_code);
  92.                       type = line;
  93.                       break;
  94.                 }
  95.  
  96.                 time(&now);
  97.                 breakdown = localtime(&now);
  98.  
  99.                 x = 0;
  100.                 while(((he=gethostbyaddr((char *)&hdr->ip_src, sizeof(hdr->ip_src), AF_INET)) == NULL) && 
  101.                       (h_errno == TRY_AGAIN) && 
  102.                       (x++ < 4))
  103.                    DosSleep(1);
  104.  
  105.                 if (he)
  106.                    printf("%02i/%02i %02i:%02i - UNREACH packet from %s(%s): %s\n", 
  107.                           breakdown->tm_mon + 1, breakdown->tm_mday, breakdown->tm_hour, breakdown->tm_min,
  108.                           he->h_name, inet_ntoa(in_addr), type);
  109.                 else
  110.                    printf("%02i/%02i %02i:%02i - UNREACH packet from %s: %s\n", 
  111.                           breakdown->tm_mon + 1, breakdown->tm_mday, breakdown->tm_hour, breakdown->tm_min,
  112.                           inet_ntoa(in_addr), type);
  113.              }
  114.           }
  115.       }
  116.    }
  117. }
  118.  
  119. void nukewatch(void)
  120. {
  121.    struct protoent    *proto;
  122.    struct sockaddr_in addr;
  123.    int                sock, p_proto;
  124.    int                dontblock;
  125.  
  126.    sock_nuke = 0;
  127.  
  128.    proto = getprotobyname("icmp");
  129.    if (!proto)
  130.       p_proto = 1;
  131.    else
  132.       p_proto = proto->p_proto;
  133.  
  134.    sock = socket(AF_INET, SOCK_RAW, p_proto);
  135.  
  136.    addr.sin_family = AF_INET;
  137.    addr.sin_port = INADDR_ANY;
  138.    addr.sin_addr.s_addr = INADDR_ANY;
  139.  
  140.    sock_nuke = sock;
  141. }
  142.  
  143. void main (void)
  144. {
  145.    printf("Nuke Spy v1.0, Copyright @1995, Innovative Logic Corp\n");
  146.    nukewatch();
  147.    nuke_check();
  148. }
  149.