linux - 如何获取所需广播地址:port combination?的发送者IP

Question

我在 Wireshark 上看到一些广播数据包，我希望能够使用简单的 Linux 命令行实用程序来检查这些数据包。它看起来像这样:

getsenders bcast_IP port timeout

它会简单地打印超时期间遇到的每个新的发件人 IP。

例如:

getsenders 192.168.0.255 12345 0.150

或者(替代)

getsenders 192.168.0.0/8 12345 0.150

将监听发送到 192.168.0.255:12345 的广播数据包，然后打印遇到的每个唯一发送者。将为指定接口(interface)上的任何广播发送者列出替代方法。

不幸的是，我的socket-fu很弱。我所知道的是，该程序必须以 root 权限(suid)运行才能监听广播套接字。

我花了很多时间(几天)尝试通过 Python 执行此操作，但看起来该路由需要使用原始套接字并解析数据包(数据包嗅探器，呃!)。我还考虑过使用 socat/netcat (通过只执行 suid bash 脚本)，但也无济于事。

是否有一些简单的 Linux 代码可以为我做到这一点？我不在乎工具或源语言是什么，只要它可以设置 suid-root 并从命令行运行即可。

顺便说一句，我有一个简单的 Python 解决方案，可以在 MS Windows 下运行，但在 Linux 下就不行了:

myip = <IP address of local interface to listen on>
p = <broadcast port>
timeout = 0.150    # 150 ms
addresses = {}

if "windows" in sys.platform.tolower():
    # Create the broadcast reception socket
    bsock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    bsock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
    bsock.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
    bsock.settimeout(timeout)
    bsock.bind((myip, p))
    while True: # Look for all senders
        try:
            __, address = bsock.recvfrom(1024)   # Don't care about payload
        except BaseException, e:
            break   # Nothing found
        else:   # A desired broadcast packet was detected
            if address[0] not in addresses:
                addresses[address[0]] = 1
            else:
                addresses[address[0]] += 1
                if addresses[address[0]] >= 3:
                    break   # Go until timeout or any sender is seen 3 times
        finally:
            bsock.close()
            bsock = None
            print(', '.join([k for k in addresses]))

Answer 1

下载并测试了许多示例后，我终于让它工作了，然后将代码一分为二并组合起来，直到在两个平台上都可以工作的最小差异为止。

归结为一行:Linux 必须绑定(bind)到特定的广播地址(作为 root)，Windows 可以绑定(bind)到广播数据包预计到达的本地接口(interface)地址(作为普通用户)。

这是修改后的代码片段:

bcast_addr = <IP addr of broadcast: Must end with at least one '.255'>
myip = <IP addr of local interface receiving from bcast_addr>
p = <broadcast port>
timeout = 0.150    # 150 ms
addresses = {}

# Create the broadcast reception socket
bsock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
bsock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
bsock.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1)
bsock.settimeout(timeout)
if "windows" in sys.platform.tolower():
    bsock.bind((myip, p))
elif os.getuid() == 0:  # Must be root for Linux!
    bsock.bind((bcast_addr, p))
while True: # Look for all senders
    try:
        __, address = bsock.recvfrom(1024)   # Don't care about payload
    except BaseException, e:
        break   # Nothing found
    else:   # A desired broadcast packet was detected
        if address[0] not in addresses:
            addresses[address[0]] = 1
        else:
            addresses[address[0]] += 1
            if addresses[address[0]] >= 3:
                break   # Go until timeout or any sender is seen 3 times
    finally:
        bsock.close()
        bsock = None
        print(', '.join([k for k in addresses]))