IP协议分析
2014-04-08 10:36
176 查看
IP协议分析
0 1 2 30 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Ver | len |Tos | Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ident |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live | Protocol | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Example Internet Datagram Header
1.
Ver 版本号,4位;
2.
Len
首部长度,4位,最大值F(字节数),首部包含IP选项后最大长度为F*4=60个字节;如果没有IP选项,取值为5,即为20个字节;
3.
TOS 服务类型,8个字节;
Bits 0---2: Precedence.
Bit 3: 0 = Normal Delay, 1 = Low Delay.
Bits 4: 0 = Normal Throughput, 1 = High Throughput.
Bits 5: 0 = Normal Relibility, 1 = High Relibility.
Bit 6-7: Reserved for Future Use.
0 1 2 3 4 5 6 7
+-----+-----+-----+-----+-----+-----+-----+-----+
| | | | | | |
| PRECEDENCE | D | T | R | 0 | 0 |
| | | | | | |
+-----+-----+-----+-----+-----+-----+-----+-----+
Precedence
111 - Network Control
110 - Internetwork Control
101 - CRITIC/ECP
100 - Flash Override
011 - Flash
010 - Immediate
001 - Priority
000 – Routine
4. Identification: 16 bits
An identifying value assigned by the sender to aid in assembling the
fragments of a datagram.
5. Flags: 3 bits
Various Control Flags.
Bit 0: reserved, must be zero
Bit 1: (DF) 0 = May Fragment, 1 = Don't Fragment.
Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments.
0 1 2
+---+----+----+
| | DF| MF|
| | |
This field indicates where in the datagram this fragment belongs.
7. Time to Live: 8 bits
This field indicates the maximum time the datagram is allowed to
remain in the internet system.
8. Protocol: 8 bits,指明传输层协议类型,TCP为6,UDP为17.
9. Header Checksum: 16 bits
A checksum on the header only.
10. Source Address: 32 bits
The source address.
11. Destination Address: 32 bits
The destination address.
12.
IP选项的字段分析
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7+-----+-----+-----+-----+-----+-----+-----+-----+ -----+-----+-----+-----+-----+-----+-----+-----+
| | | | |
| | | |
该IP选项的选项总长度 |
| | | | |
+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
12.1
1 bit copied flag,0 = not copied
//在分片时该选项是否复制到分片中
1 = copied
2 bits option class,
0 = control
1 = reserved for future use // 考虑IP选项中使用该选项进行处理。
2 = debugging and measurement
3 = reserved for future use
5 bits option number.
The following internet options are defined:
CLASS NUMBER LENGTH DESCRIPTION
----- ------ ------ -----------
0 0 - End of Option list. This option occupies only
1 octet; it has no length octet.
0 1 - No Operation. This option occupies only 1
octet; it has no length octet.
0 2 11 Security. Used to carry Security,
Compartmentation, User Group (TCC), and
Handling Restriction Codes compatible with DOD
requirements.
0 3 var. Loose Source Routing. Used to route the
internet datagram based on information
supplied by the source.
0 9 var. Strict Source Routing. Used to route the
internet datagram based on information
supplied by the source.
0 7 var. Record Route. Used to trace the route an
internet datagram takes.
0 8 4 Stream ID. Used to carry the stream
identifier.
2 4 var. Internet Timestamp.
End of Option List,该字段用于选项的末尾
+--------+
|00000000|
+--------+
Type=0
No Operation,该字段用于选项的中间,如果选项需要字节的对齐的话
+--------+
|00000001|
+--------+
Type=1
Loose Source and Record Route(源路由选项)
+--------+--------+--------+---------//--------+
|10000011| length | pointer| route data |
+--------+--------+--------+---------//--------+
Type=131
Strict Source and Record Route(严格路由选项)
+--------+--------+--------+---------//--------+
|10001001| length | pointer| route data |
+--------+--------+--------+---------//--------+
Type=137
Record Route (记录路由选项)
+--------+--------+--------+---------//--------+
|00000111| length | pointer| route data |
+--------+--------+--------+---------//--------+
Type=7
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Ver= 4 |IHL= 8 |Type of Service| Total Length = 576 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification = 111 |Flg=0| Fragment Offset = 0 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time = 123 | Protocol = 6 | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| source address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| destination address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Opt. Code = x | Opt. Len.= 3 | option value | Opt. Code = x |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Opt. Len. = 4 | option value | Opt. Code = 1 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Opt. Code = y | Opt. Len. = 3 | option value | Opt. Code = 0 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| data |
\ \
\ \
| data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Example Internet Datagram
分析1:在IP选项上数据可以自己定义一下;
现有的IP选项用到了
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-----+-----+-----+-----+-----+-----+-----+-----+ -----+-----+-----+-----+-----+-----+-----+-----+
|
| | | |
|
| | | 该IP选项的选项总长度 |
|
| | | |
+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
2 bits option class,
0 = control
1 = reserved for future use // 考虑IP选项中使用该选项进行处理。
2 = debugging and measurement
3 = reserved for future use
参考下面的数据其中option class只用到了0-control
和 2-debugging and measurement, 我们可以尝试使用其他的位来定义,如使用保留的位1- reserved future use,形成新的IP选项,在数据段中保存我们需要的数据。
0 0结束选项
0
1空选项
0
2 安全
0
3 源路由选项
0
9 严格路由选项
0
7 记录路由选项
0
8 stream id
2 4 时间戳
分析2:利用基于记录路由选项中的数据,先以此为例
指针 |
长度 |
代码(7) |
第一跳IP地址(换成自己的信息,“12345678”) |
第二条IP地址(换成自己的信息,“25698774”) |
在发包前先填充信息,长度为整个该IP选项的总长度,设置使指针>长度,则在经过路由器时给他造成假象,信息已经填满,这样就不会改变内部信息,要求携带的信息就被保留下来了。
相关文章推荐
- Linux内核--网络栈实现分析(十)--网络层之IP协议(下)
- IP协议首部详细分析
- Linux内核--网络栈实现分析(十)--网络层之IP协议(下)
- tcp协议,ip协议,http协议三者的关系,从发起一个http url例子来分析
- Linux内核--网络栈实现分析(十)--网络层之IP协议(下)
- Wireshark数据包分析之IP协议包解读
- Linux内核分析 - 网络[八补]:IP协议补充
- Linux内核--网络栈实现分析(十)--网络层之IP协议(下)
- Linux内核--网络栈实现分析(四)--网络层之IP协议(上)
- tcp、udp、ip协议分析_动力节点Java学院整理
- Linux内核分析 - 网络[八补]:IP协议补充
- Hart/Hart-IP协议 介绍、分析和应用
- Wireshark实战分析之IP协议(四)
- TCP\UDP\IP协议分析
- wireshark分析IP协议
- Wireshark实战分析之IP协议(一)
- 2.2 IP协议分析
- TCP UDP IP协议分析
- WireShark 3IP协议分析
- Wireshark实战分析之IP协议