在
网络协议通讯中,被附加到用于
控制信息的运载和传输的
数据包前面的定义位长度的特殊保留字段。当
数据包到达其目标时,因为该数据包是以每个协议层的对应相反顺序处理和解包的,所以该字段将被分离并丢弃。
应用
typedef struct ethdr
{unsigned char destination_mac[6]; //目的MAC 6字节
unsigned char source_mac[6]; //源MAC 6字节
unsigned short type; //后面的协议类型2字节ARP-0806;IP-0800}ET_HEADER,*PETHDR;
//
地址解析协议(Address Resolution Protocol)
//arp报头28字节
typedef struct arphdr
{unsigned short hard_tpye; //硬件类型2字节通常为0x0001(
以太网)
unsigned short protocol; //协议类型2字节通常为0x0800 (IP)
unsigned char hard_length; //硬件地址长度1字节通常为6
unsigned char protocol_length; //
协议地址长度1字节通常为4 (IP协议)
unsigned short operation_type; //操作类型1为ARP请求,2为ARP应答,3为RARP请求,4为RARP应答
unsigned char source_mac[6]; //源MAC
unsigned char source_ip[4]; //源IP地址
unsigned char destination_mac[6]; //目的MAC
unsigned char destination_ip[4]; //目的IP地址}ARP_HEADER,*PARPHDR;
//
互联网协议(Internet Protocol)
//IP数据报头
typedef struct iphdr
{unsigned char VIHL; // Version and IHL 版本4bit = 4 和首部长度4bit = 5
unsigned char TOS; // Type Of Service 服务类型1字节
unsigned short TotLen; // Total Length 总长度2字节,包括数据和报头
unsigned short ID; // Identification
标识符2字节
unsigned short FlagOff; // Flags and Fragment Offset 标志3bit 和分段
偏移量13bit
unsigned char TTL; // Time To Live 生存期1字节,为经过路由器的总次数
unsigned char Protocol; // Protocol 协议类型1字节 ICMP-1,TCP-6,UDP-17
unsigned short Checksum; // Checksum 首部(只是IP首部。!)
校验和2字节
unsigned char source_ip[4]; // Source IP 源IP地址
unsigned char destination_ip[4]; // Destination IP 目的IP地址}IP_HEADER, *PIP_HEADER;
//
传输控制协议(Transmission Control Protocol)
//TCP数据报头
typedef struct tcphdr
{unsigned short source_port; //
源端口unsigned short destination_port; //目的端口
unsigned long sequence; //32位序号
unsigned long ack_sequence; //32位确认序号
unsigned char header_length; //首部长度,只用高4位通常为5
unsigned char flags; //标志位 X | X | URG | ACK | PSH | RST | SYN | FIN
unsigned short window_size; //窗口大小
unsigned short checksum; //校验和
unsigned short exigency_pointer; //紧急指针
}TCP_HEADER;
//
用户数据报协议(User Datagram Protocol)
//UDP数据报头
typedef struct udphdr
{unsigned short source_port; //源端口
unsigned short destination_port; //目的端口
unsigned short length; //数据长度
unsigned short checksum; //
校验和包括数据!} UDP_HEADER;
//
以太网消息控制协议(Internet Control Messages Protocol)
//ICMP数据报头
typedef struct icmphdr
{u_char Type; // 类型 0-请求,8-应答,11-超时
u_char Code; // 代码0
u_short Checksum; // 校验和
u_short ID; // 标识符
u_short Seq; //
序列号}ICMP_HEADER, *PICMP_HEADER;
//
域名服务器(Domain Name Server)
//DNS数据报
typedef struct dns
{unsigned short id; //标识,通过它
客户端可以将DNS的请求与应答相匹配;
unsigned short flags; //标志:[QR | opcode | AA| TC| RD| RA | zero | rcode ]
unsigned short quests; //问题数目;
unsigned short answers; //
资源记录数目;
unsigned short author; //授权
资源记录数目;
unsigned short addition; //额外
资源记录数目;}DNS,*PDNS;
//在16位的标志中:QR位判断是查询/响应
报文,opcode区别查询类型,AA判断是否为授权回答,TC判断
//是否可截断,RD判断是否期望
递归查询,RA判断是否为可用递归,zero必须为0,rcode为返回码字段。
typedef struct psd //伪报头,用于计算UDP
校验和{unsigned int source_ip; //源IP
unsigned int destination_ip; //目的IP
char mbz; // 0
char protocol; //协议UDP = 17
unsigned short udp_length; //UDP 长度
}PSD,*PPSD;
//DNS查询数据报:
typedef struct query
{unsigned short type; //查询类型,大约有20个不同的类型
unsigned short classes; //查询类,通常是A类既查询IP地址。}QUERY,*PQUERY;
//DNS响应数据报:
typedef struct response
{unsigned short name; //查询的域名
unsigned short type; //查询类型
unsigned short classes; //类型码
unsigned int ttl; //生存时间
unsigned short length; //资源数据长度
unsigned int addr; //资源数据}RESPONSE,*PRESPONSE;