简要分析并搞懂9个tcp基础包------三次握手 + 发送数据并收到确认 + 四次挥手
来源:互联网 发布:单台mysql最大tps 编辑:程序博客网 时间:2024/05/29 09:07
之前我们说过tcp三次握手(3个tcp包), 说过send函数(2个tcp包), 说过四次挥手(4个tcp包), 本文中, 我们来看看, 这9个包到底是怎样的!
服务端代码:
#include <unistd.h>#include <sys/types.h>#include <sys/socket.h>#include <netdb.h>#include <stdio.h>#include <stdlib.h>#include <string.h>#include <ctype.h>#include <errno.h>#include <malloc.h>#include <netinet/in.h>#include <arpa/inet.h>#include <sys/ioctl.h>#include <stdarg.h>#include <fcntl.h>int main(){int sockSrv = socket(AF_INET, SOCK_STREAM, 0);struct sockaddr_in addrSrv;addrSrv.sin_family = AF_INET;addrSrv.sin_addr.s_addr = INADDR_ANY; addrSrv.sin_port = htons(8765);bind(sockSrv, (const struct sockaddr *)&addrSrv, sizeof(struct sockaddr_in));listen(sockSrv, 5);struct sockaddr_in addrClient;int len = sizeof(struct sockaddr_in);int sockConn = accept(sockSrv, (struct sockaddr *)&addrClient, (socklen_t*)&len);unsigned int total = 0; char szRecvBuf[128] = {0}; int iRet = recv(sockConn, szRecvBuf, sizeof(szRecvBuf) - 1, 0); printf("iRet is %u\n", iRet);getchar();close(sockConn);close(sockSrv);return 0;}客户端代码:
#include <unistd.h>#include <sys/types.h>#include <sys/socket.h>#include <netdb.h>#include <stdio.h>#include <stdlib.h>#include <string.h>#include <ctype.h>#include <errno.h>#include <malloc.h>#include <netinet/in.h>#include <arpa/inet.h>#include <sys/ioctl.h>#include <stdarg.h>#include <fcntl.h>int main(){ int sockClient = socket(AF_INET, SOCK_STREAM, 0); struct sockaddr_in addrSrv; addrSrv.sin_addr.s_addr = inet_addr("10.100.70.140"); addrSrv.sin_family = AF_INET; addrSrv.sin_port = htons(8765); connect(sockClient, ( const struct sockaddr *)&addrSrv, sizeof(struct sockaddr_in));char szSendBuf[] = "abc";int iRet = send(sockClient, szSendBuf, strlen(szSendBuf) , 0); printf("send size is %d, iRet is %d\n", strlen(szSendBuf), iRet); getchar(); close(sockClient); return 0;}先启动服务端, 再启动客户端, 这样就有了3个握手包,发送数据产生2个包。 然后客户端主动关socket, 服务端随即关socket, 产生4个对应的挥手包。 抓包如下:
xxxxxx$ sudo tcpdump -iany port 8765 -Xnlps0tcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes16:12:04.575911 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [S], seq 3601264859, win 14280, options [mss 1428,sackOK,TS val 1252765388 ecr 0,nop,wscale 8], length 0 0x0000: 4500 003c 5e17 4000 4006 3ac6 0a64 468b E..<^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0db 0000 0000 .dF..?"=........ 0x0020: a002 37c8 a20d 0000 0204 0594 0402 080a ..7............. 0x0030: 4aab aecc 0000 0000 0103 0308 0000 0000 J............... 0x0040: 0000 0000 0000 0000 0000 0000 ............16:12:04.576110 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [S.], seq 2317573919, ack 3601264860, win 14160, options [mss 1428,sackOK,TS val 1252764147 ecr 1252765388,nop,wscale 8], length 0 0x0000: 4500 003c 0000 4000 4006 98dd 0a64 468c E..<..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f1f d6a6 f0dc .dF."=.?.#_..... 0x0020: a012 3750 0e86 0000 0204 0594 0402 080a ..7P............ 0x0030: 4aab a9f3 4aab aecc 0103 0308 0000 0000 J...J........... 0x0040: 0000 0000 0000 0000 0000 0000 ............16:12:04.576132 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [.], ack 1, win 56, options [nop,nop,TS val 1252765388 ecr 1252764147], length 0 0x0000: 4500 0034 5e18 4000 4006 3acd 0a64 468b E..4^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0dc 8a23 5f20 .dF..?"=.....#_. 0x0020: 8010 0038 a205 0000 0101 080a 4aab aecc ...8........J... 0x0030: 4aab a9f3 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....16:12:04.576228 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [P.], seq 1:4, ack 1, win 56, options [nop,nop,TS val 1252765388 ecr 1252764147], length 3 0x0000: 4500 0037 5e19 4000 4006 3ac9 0a64 468b E..7^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0dc 8a23 5f20 .dF..?"=.....#_. 0x0020: 8018 0038 a208 0000 0101 080a 4aab aecc ...8........J... 0x0030: 4aab a9f3 6162 6300 0000 0000 0000 0000 J...abc......... 0x0040: 0000 0000 0000 00 .......16:12:04.576350 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [.], ack 4, win 56, options [nop,nop,TS val 1252764147 ecr 1252765388], length 0 0x0000: 4500 0034 f6d3 4000 4006 a211 0a64 468c E..4..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f20 d6a6 f0df .dF."=.?.#_..... 0x0020: 8010 0038 7448 0000 0101 080a 4aab a9f3 ...8tH......J... 0x0030: 4aab aecc 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....16:12:10.538982 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [F.], seq 4, ack 1, win 56, options [nop,nop,TS val 1252766879 ecr 1252764147], length 0 0x0000: 4500 0034 5e1a 4000 4006 3acb 0a64 468b E..4^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0df 8a23 5f20 .dF..?"=.....#_. 0x0020: 8011 0038 a205 0000 0101 080a 4aab b49f ...8........J... 0x0030: 4aab a9f3 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....16:12:10.578132 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [.], ack 5, win 56, options [nop,nop,TS val 1252765648 ecr 1252766879], length 0 0x0000: 4500 0034 f6d4 4000 4006 a210 0a64 468c E..4..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f20 d6a6 f0e0 .dF."=.?.#_..... 0x0020: 8010 0038 6897 0000 0101 080a 4aab afd0 ...8h.......J... 0x0030: 4aab b49f 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....16:12:12.719660 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [F.], seq 1, ack 5, win 56, options [nop,nop,TS val 1252766183 ecr 1252766879], length 0 0x0000: 4500 0034 f6d5 4000 4006 a20f 0a64 468c E..4..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f20 d6a6 f0e0 .dF."=.?.#_..... 0x0020: 8011 0038 667f 0000 0101 080a 4aab b1e7 ...8f.......J... 0x0030: 4aab b49f 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....16:12:12.719699 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [.], ack 2, win 56, options [nop,nop,TS val 1252767424 ecr 1252766183], length 0 0x0000: 4500 0034 b4c4 4000 4006 e420 0a64 468b E..4..@.@....dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0e0 8a23 5f21 .dF..?"=.....#_! 0x0020: 8010 0038 645e 0000 0101 080a 4aab b6c0 ...8d^......J... 0x0030: 4aab b1e7 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....
先来看看三次握手:
1. syn包为:
16:12:04.575911 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [S], seq 3601264859, win 14280, options [mss 1428,sackOK,TS val 1252765388 ecr 0,nop,wscale 8], length 0 0x0000: 4500 003c 5e17 4000 4006 3ac6 0a64 468b E..<^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0db 0000 0000 .dF..?"=........ 0x0020: a002 37c8 a20d 0000 0204 0594 0402 080a ..7............. 0x0030: 4aab aecc 0000 0000 0103 0308 0000 0000 J............... 0x0040: 0000 0000 0000 0000 0000 0000 ............解析一下:
2. ack/syn包为:
16:12:04.576110 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [S.], seq 2317573919, ack 3601264860, win 14160, options [mss 1428,sackOK,TS val 1252764147 ecr 1252765388,nop,wscale 8], length 0 0x0000: 4500 003c 0000 4000 4006 98dd 0a64 468c E..<..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f1f d6a6 f0dc .dF."=.?.#_..... 0x0020: a012 3750 0e86 0000 0204 0594 0402 080a ..7P............ 0x0030: 4aab a9f3 4aab aecc 0103 0308 0000 0000 J...J........... 0x0040: 0000 0000 0000 0000 0000 0000 ............
解析一下:
3. ack包为:
16:12:04.576132 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [.], ack 1, win 56, options [nop,nop,TS val 1252765388 ecr 1252764147], length 0 0x0000: 4500 0034 5e18 4000 4006 3acd 0a64 468b E..4^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0dc 8a23 5f20 .dF..?"=.....#_. 0x0020: 8010 0038 a205 0000 0101 080a 4aab aecc ...8........J... 0x0030: 4aab a9f3 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....解析一下:
从上面三个包中可以清楚地看到序列化的关系, 这不就是大家影长看到的x/y, x+1/y, x+1/y+1吗? 其他信息, 也一目了然。
再来看看数据发送的第4个包:
16:12:04.576228 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [P.], seq 1:4, ack 1, win 56, options [nop,nop,TS val 1252765388 ecr 1252764147], length 3 0x0000: 4500 0037 5e19 4000 4006 3ac9 0a64 468b E..7^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0dc 8a23 5f20 .dF..?"=.....#_. 0x0020: 8018 0038 a208 0000 0101 080a 4aab aecc ...8........J... 0x0030: 4aab a9f3 6162 6300 0000 0000 0000 0000 J...abc......... 0x0040: 0000 0000 0000 00 .......解析一下:
再看看第5个回包:
16:12:04.576350 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [.], ack 4, win 56, options [nop,nop,TS val 1252764147 ecr 1252765388], length 0 0x0000: 4500 0034 f6d3 4000 4006 a211 0a64 468c E..4..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f20 d6a6 f0df .dF."=.?.#_..... 0x0020: 8010 0038 7448 0000 0101 080a 4aab a9f3 ...8tH......J... 0x0030: 4aab aecc 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....解析一下:
我们注意到, 这次的确认序列号增加了3, 为什么呢? 因为发送了3个字节, 对端接收到了3个字节。
最后再来看看四次挥手包
第6个包为:
16:12:10.538982 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [F.], seq 4, ack 1, win 56, options [nop,nop,TS val 1252766879 ecr 1252764147], length 0 0x0000: 4500 0034 5e1a 4000 4006 3acb 0a64 468b E..4^.@.@.:..dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0df 8a23 5f20 .dF..?"=.....#_. 0x0020: 8011 0038 a205 0000 0101 080a 4aab b49f ...8........J... 0x0030: 4aab a9f3 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....解析一下:
第7个包为:
16:12:10.578132 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [.], ack 5, win 56, options [nop,nop,TS val 1252765648 ecr 1252766879], length 0 0x0000: 4500 0034 f6d4 4000 4006 a210 0a64 468c E..4..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f20 d6a6 f0e0 .dF."=.?.#_..... 0x0020: 8010 0038 6897 0000 0101 080a 4aab afd0 ...8h.......J... 0x0030: 4aab b49f 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....
解析一下:
第8个包为:
16:12:12.719660 IP 10.100.70.140.ultraseek-http > 10.100.70.139.40767: Flags [F.], seq 1, ack 5, win 56, options [nop,nop,TS val 1252766183 ecr 1252766879], length 0 0x0000: 4500 0034 f6d5 4000 4006 a20f 0a64 468c E..4..@.@....dF. 0x0010: 0a64 468b 223d 9f3f 8a23 5f20 d6a6 f0e0 .dF."=.?.#_..... 0x0020: 8011 0038 667f 0000 0101 080a 4aab b1e7 ...8f.......J... 0x0030: 4aab b49f 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....
解析一下:
第9个包为:
16:12:12.719699 IP 10.100.70.139.40767 > 10.100.70.140.ultraseek-http: Flags [.], ack 2, win 56, options [nop,nop,TS val 1252767424 ecr 1252766183], length 0 0x0000: 4500 0034 b4c4 4000 4006 e420 0a64 468b E..4..@.@....dF. 0x0010: 0a64 468c 9f3f 223d d6a6 f0e0 8a23 5f21 .dF..?"=.....#_! 0x0020: 8010 0038 645e 0000 0101 080a 4aab b6c0 ...8d^......J... 0x0030: 4aab b1e7 0000 0000 0000 0000 0000 0000 J............... 0x0040: 0000 0000 ....
解析一下:
一切一目了然, 通过代码时间和抓包分析, 再对着枯燥的书本看, 是不是清晰很多呢?
先说这么多, 慢慢体会。
阅读全文
2 0
- 简要分析并搞懂9个tcp基础包------三次握手 + 发送数据并收到确认 + 四次挥手
- 网络基础:TCP三次握手/四次挥手
- TCP三次握手四次挥手过程分析
- TCP序列号和确认号详解--三次握手四次挥手
- TCP三次握手/四次挥手
- TCP三次握手/四次挥手
- TCP三次握手/四次挥手
- TCP三次握手&四次挥手
- TCP三次握手/四次挥手
- TCP 三次握手 四次挥手
- TCP三次握手四次挥手
- TCP三次握手/四次挥手
- TCP三次握手/四次挥手
- TCP三次握手/四次挥手
- TCP三次握手/四次挥手
- TCP三次握手/四次挥手
- TCP三次握手/四次挥手
- TCP三次握手+四次挥手
- 机器学习--生成学习算法
- poj2386——油田问题(简单搜索)
- 浮动
- c#设计模式之原型模式
- php 获取两个时间戳相差的月份
- 简要分析并搞懂9个tcp基础包------三次握手 + 发送数据并收到确认 + 四次挥手
- R语言 实例操作
- 首届世界智能大会天津开幕 新一代人工智能发展国家规划即将发布【智库2861】
- PAT乙级 1037. 在霍格沃茨找零钱(20)
- 什么是Http协议
- Qt学习之2D绘图(画刷和画笔)
- Spring 配置文件的属性介绍
- mybatis配置文件
- intellij IDEA创建nodejs项目---环境搭建