#define HAVE_REMOTE

#include "pcap.h"
#include <windows.h>

#define ETHER_ADDR_LEN 6
struct ethernet_header {
	u_char  ether_dhost[ETHER_ADDR_LEN];	// destination host address
	u_char  ether_shost[ETHER_ADDR_LEN];	// source host address
	u_short ether_type;						// IP? ARP? RARP? etc
};

// 6 byte MAC Address 
typedef struct mac_address { 
	u_char byte1; 
	u_char byte2; 
	u_char byte3; 
	u_char byte4; 
	u_char byte5; 
	u_char byte6; 
}mac_address; 

// 4 bytes IP address 
typedef struct ip_address{ 
	u_char byte1; 
	u_char byte2; 
	u_char byte3; 
	u_char byte4; 
}ip_address; 


// 20 bytes IP Header 
typedef struct ip_header{ 
	u_char ver_ihl;							// Version (4 bits) + Internet header length (4 bits) 
	u_char tos;								// Type of service 
	u_short tlen;							// Total length 
	u_short identification;					// Identification 
	u_short flags_fo;						// Flags (3 bits) + Fragment offset (13 bits) 
	u_char ttl;								// Time to live 
	u_char proto;							// Protocol 
	u_short crc;							// Header checksum 
	ip_address saddr;						// Source address 
	ip_address daddr;						// Destination address 
	//u_int op_pad;							// Option + Padding -- NOT NEEDED! 
}ip_header; 

//"Simple" struct for TCP
typedef struct tcp_header { 
 u_short sport;								// Source port 
 u_short dport;								// Destination port 
 u_int seqnum;								// Sequence Number 
 u_int acknum;								// Acknowledgement number 
 u_char th_off;								// Header length 
 u_char flags;								// packet flags 
 u_short win;								// Window size 
 u_short crc;								// Header Checksum 
 u_short urgptr;							// Urgent pointer...still don't know what this is...

}tcp_header;

/* prototype of the packet handler */
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data);

int main()
{
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i=0;
pcap_t *adhandle;
char errbuf[PCAP_ERRBUF_SIZE];
char packet_filter[] = "tcp port 6112";
u_int netmask;
struct bpf_program fcode;

	
	/* Retrieve the device list on the local machine */
	if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
	{
		fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);
		exit(1);
	}
	
	/* Print the list */
	for(d=alldevs; d; d=d->next)
	{
		printf("%d. %s", ++i, d->name);
		if (d->description)
			printf(" (%s)\n", d->description);
		else
			printf(" (No description available)\n");
	}
	
	if(i==0)
	{
		printf("\nNo interfaces found! Make sure WinPcap is installed.\n");
		return -1;
	}
	
	printf("Enter the interface number (1-%d):",i);
	scanf("%d", &inum);
	
	if(inum < 1 || inum > i)
	{
		printf("\nInterface number out of range.\n");
		/* Free the device list */
		pcap_freealldevs(alldevs);
		return -1;
	}
	
	/* Jump to the selected adapter */
	for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);
	
	/* Open the device */
	if ( (adhandle= pcap_open(d->name,		  // name of the device
							  65536,			// portion of the packet to capture
												// 65536 guarantees that the whole packet will be captured on all the link layers
							  PCAP_OPENFLAG_PROMISCUOUS,	// promiscuous mode
							  1000,			 // read timeout
							  NULL,			 // authentication on the remote machine
							  errbuf			// error buffer
							  ) ) == NULL)
	{
		fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", d->name);
		/* Free the device list */
		pcap_freealldevs(alldevs);
		return -1;
	}
	
if(d->addresses != NULL)
		/* Retrieve the mask of the first address of the interface */
		netmask=((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
	else
		/* If the interface is without addresses we suppose to be in a C class network */
		netmask=0xffffff; 


	//compile the filter
	if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) <0 )
	{
		fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n");
		/* Free the device list */
		pcap_freealldevs(alldevs);
		return -1;
	}
	
	//set the filter
	if (pcap_setfilter(adhandle, &fcode)<0)
	{
		fprintf(stderr,"\nError setting the filter.\n");
		/* Free the device list */
		pcap_freealldevs(alldevs);
		return -1;
	}

	printf("\nlistening on %s...\n", d->description);
	
	/* At this point, we don't need any more the device list. Free it */
	pcap_freealldevs(alldevs);
	
	/* start the capture */
	pcap_loop(adhandle, 0, packet_handler, NULL);
	
	return 0;
}

/* Callback function invoked by libpcap for every incoming packet */
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
	 const struct ethernet_header *ethernet;
	 const struct ip_header *ip;
	 const struct tcp_header *tcp;
	 const struct udp_header *udp;
	 //u_char *payload = NULL;
	 u_int payload_size = header->len -(sizeof(struct ethernet_header) + sizeof(struct ip_header) + sizeof(struct tcp_header));
	 BYTE *payload = new BYTE[payload_size];

	  // Define data position
	 ethernet = (struct ethernet_header *)(pkt_data);
	 ip = (struct ip_header*)(pkt_data + sizeof(struct ethernet_header));		 
	 tcp = (struct tcp_header*)(pkt_data + sizeof(struct ethernet_header) + sizeof(struct ip_header));
	 payload = (u_char *)(pkt_data + sizeof(struct ethernet_header) + sizeof(struct ip_header) + sizeof(struct tcp_header));
	 
	 printf("TCP:%d > %d = %x\n", ntohs(tcp->sport), ntohs(tcp->dport), payload);
}