一、tcpdump
关于tcpdump的安装这里就不介绍了,网上很多。先介绍一下tcpdump的使用方法。
二、tcpdump的使用
服务器代码:
#include<stdio.h>
#include<unistd.h>
#include<stdlib.h>
#include<sys/socket.h>
#include<arpa/inet.h>
#include<netinet/in.h>
#include<string.h>
#include<assert.h>
int main()
{
int sockfd = socket(AF_INET,SOCK_STREAM,0);
assert(sockfd != -1);
struct sockaddr_in saddr;//要链接的对方的端口 ip
saddr.sin_family = AF_INET;
saddr.sin_port = htons(8000);
saddr.sin_addr.s_addr = inet_addr("127.0.0.1");
int res = bind(sockfd,(struct sockaddr*)&saddr,sizeof(saddr));//链接
assert(res != -1);
listen(sockfd,5);
char buff[128] = {0};
int len = sizeof(saddr);
// memset(&saddr,0,sizeof(saddr));
int c = accept(sockfd,(struct sockaddr*)&saddr,&len);
printf("%d\n",c);
while(1)
{
if(c<0)
{
continue;
}
memset(buff,0,128);
int n = recv(c,buff,127,0);
printf("buff = %s\n",buff);
if(n == 0)
{
sleep(3);
close(c);
break;
}
// send(c,"ok",strlen(buff),0);
}
}
客户端代码:
#include<stdio.h>
#include<assert.h>
#include<unistd.h>
#include<stdlib.h>
#include<sys/socket.h>
#include<arpa/inet.h>
#include<netinet/in.h>
#include<string.h>
int main()
{
int sockfd = socket(AF_INET,SOCK_STREAM,0);
assert(sockfd != -1);
struct sockaddr_in saddr;//要链接的对方的端口 ip
saddr.sin_family = AF_INET;
saddr.sin_port = htons(8000);
saddr.sin_addr.s_addr = inet_addr("127.0.0.1");
int res = connect(sockfd,(struct sockaddr*)&saddr,sizeof(saddr));//链接
assert(res != -1);
//connect balance_ser
while(1){
printf("input:");
char buff[128] = {0};
fgets(buff,128,stdin);
if(strncmp(buff,"end",3) == 0)
{
break;
}
send(sockfd,buff,strlen(buff),0);
}
close(sockfd);
}
tcpdump的三次握手抓包:
抓包内容解析:
这里以第一段数据来进行ip及tcp数据报解析:
三次握手示意:
四次挥手示意: