ref: 3ae7a83327799e2ba7f3358dde826749c5b728a2
dir: /tcp.c/
#include <stdio.h>
#include <stdint.h>
#include <pcap.h>
#include "common.h"
int
parseTcp(const u_char *pkt, Tcp *tcp)
{
int pos = 0;
tcp->srcport = get2(pkt + pos);
pos += TCP_SRCPORT;
tcp->dstport = get2(pkt + pos);
pos += TCP_DSTPORT;
tcp->seqnum = get4(pkt + pos);
pos += TCP_SEQNUM;
tcp->acknum = get4(pkt + pos);
pos += TCP_ACKNUM;
/* offsets are multiplies of 4 (32-bit) values */
tcp->offset = (pkt[pos] >> 4) * 4;
pos += TCP_OFFSET;
tcp->flags = pkt[pos];
pos += TCP_FLAGS;
tcp->winsize = get2(pkt + pos);
pos += TCP_WINSIZE;
tcp->sum = pkt[pos];
pos += TCP_SUM;
tcp->urgentptr = get2(pkt + pos);
pos += TCP_URGPTR;
return 1;
}
void
printTcp(Tcp tcp)
{
printf("tcp pkt:\n"
"\tsrcport: %d\tdstport: %d\n"
"\tseqnum: %d\tacknum: %d\n"
"\toffset: %d\tflags: %b (%x)\n"
"\twinsize: %d (%x)\tsum: %d\n",
tcp.srcport, tcp.dstport,
tcp.seqnum, tcp.acknum,
tcp.offset, tcp.flags, tcp.flags,
tcp.winsize, tcp.winsize, tcp.sum);
}
Parser tcpParser = {
.parse = parseTcp,
.print = printTcp,
};