我正在上计算机和网络安全课程。我们正在写一个数据包欺骗器。我可以从互联网上下载一个,然后使用它,但是我更喜欢自己写东西。以下是我用来表示我为basing off of the wikipedia article的ip标头的结构。我正在尝试发送icmp ping数据包。我已经成功完成了,但是仅在将IP标头长度的值分配给version字段之后,反之亦然。我不知何故将我的结构设置为错误,或者我为值分配了错误,而且我不确定自己做错了什么。
struct ip_header
{
uint8_t version : 4 // version
, ihl : 4; // ip header length
uint8_t dscp : 6 // differentiated services code point
, ecn : 2; // explicit congestion notification
uint16_t total_length; // entire packet size in bytes
uint16_t identification; // a unique identifier
uint16_t flags : 3 // control and identify fragments
, frag_offset : 13; // offset of fragment relative to the original
uint8_t ttl; // how many hops the packet is allowd to travel
uint8_t protocol; // what protocol is in use
uint16_t checksum; // value used to determine bad packets
uint32_t src_ip; // where the packet is form
uint32_t dest_ip; // where the packet is going
};
如果我按如下所示分配version和ihl,wireshark将报告标题为“伪IPV4版本(0,必须为4)”的错误。
char buffer[1024];
struct ip_header* ip = (struct ip_header*) buffer;
ip->version = 4;
ip->ihl = 5;
但是,更改为以下列表后,ICMP请求就可以正常通过了。
char buffer[1024];
struct ip_header* ip = (struct ip_header*) buffer;
ip->version = 5;
ip->ihl = 4;
我尝试将htons放在数字周围,但这似乎无济于事。我在这里想念什么?
答案 0 :(得分:3)
您只需要更正结构的字节序即可。查看<netinet/ip.h>文件中定义的IP标头结构:
struct iphdr
{
#if __BYTE_ORDER == __LITTLE_ENDIAN
unsigned int ihl:4;
unsigned int version:4;
#elif __BYTE_ORDER == __BIG_ENDIAN
unsigned int version:4;
unsigned int ihl:4;
#else
# error "Please fix <bits/endian.h>"
#endif
uint8_t tos;
uint16_t tot_len;
uint16_t id;
uint16_t frag_off;
uint8_t ttl;
uint8_t protocol;
uint16_t check;
uint32_t saddr;
uint32_t daddr;
/*The options start here. */
};