【正文】 網(wǎng)絡(luò)數(shù)據(jù)包的協(xié)議分析程序的設(shè)計(jì)開發(fā) 摘 要 本文設(shè)計(jì)與實(shí)現(xiàn)了一個(gè)基于 Linux下 Libpcap庫函數(shù)的網(wǎng)絡(luò)數(shù)據(jù)包協(xié)議分析程序。程序的主要功能包括網(wǎng)絡(luò)數(shù)據(jù)包捕獲和常用網(wǎng)絡(luò)協(xié)議分析。程序由輸入 /輸出模塊、規(guī)則匹配模塊、數(shù)據(jù)捕獲模塊、協(xié)議分析模塊組成。其中數(shù)據(jù)捕獲模塊和協(xié)議分析模塊是本程序最關(guān)鍵、最主要的模塊。 本文的主要內(nèi)容如下： 首先 介紹了網(wǎng)絡(luò)數(shù)據(jù)包協(xié)議分析程序的背景和概念 。其次 進(jìn)行了程序的總體設(shè)計(jì)：確定了程序的功能，給出了程序的結(jié)構(gòu)圖和層次圖，描述了程序的工作流程，對實(shí)現(xiàn)程序的關(guān)鍵技術(shù)做出了分析 。接著， 介紹 完數(shù)據(jù)包捕獲的相關(guān)背景和 Libpcap函數(shù)庫 后 ，闡述了如何利用 Libpcap函數(shù)庫實(shí)現(xiàn)網(wǎng)絡(luò)數(shù)據(jù)包捕獲模塊 。然后 對協(xié)議分析流程進(jìn)行了詳細(xì)的講解，分析了常用網(wǎng)絡(luò)協(xié)議 。最后進(jìn)行了 程序的測試與運(yùn)行：測試了程序能否按照預(yù)期的效果正確執(zhí)行，印證了預(yù)期結(jié)果。 關(guān)鍵詞： Libpcap； Linux； 數(shù)據(jù)包捕獲；應(yīng)用層 ； 協(xié)議識別 The Design and Development of Network Packet Protocol Analyzing Program Abstract The thesis is an attempt to introduce an implementation of work protocol analyzing program which is based on Libpcap, a famous work packet capture library on Linux. It has a rich feature set which includes capturing work packets and analyzing popular work protocols on Inter. The program is made up of an input/output module, a rules matching module, a packet capturing module and a protocol analyzing module. And the last two modules are key modules. The research work was described as followed. firstly, we introduce the background and concepts about work protocol analyzing programs。 and we make an integrated design on the program, define functions of it, figure out its structure and hierarchical graphs, describe the workflow of it, and analyze the key techniques used in it。 Secondly, after elaborating on the background of packet capture and the Libpcap library, we state a approach to implement a packet capture module with Libpcap。 Thirdly, we explain the workflow about protocol analysis, and analyze mon work protocols。 Finally, we test our program to see whether it works as expected, fortunately, it does. Key words: Libpcap。 Linux。 Network packet capturing。 Application layer。 Protocol identification 目 錄 論文總頁數(shù)： 23頁 1 引言 .......................................................................................................................... 1 課題背景 ............................................................................................................ 1 網(wǎng)絡(luò)數(shù)據(jù)包協(xié)議分析程序簡介 ............................................................................ 2 國內(nèi)外研究現(xiàn)狀 ................................................................................................. 2 2 網(wǎng)絡(luò)數(shù)據(jù)包協(xié)議分析程序的總體設(shè)計(jì) ......................................................................... 3 網(wǎng)絡(luò)數(shù)據(jù)包協(xié)議分析程序的功能分析 .................................................................. 3 系統(tǒng)的組成結(jié)構(gòu)和工作流程 ................................................................................ 3 系統(tǒng)的結(jié)構(gòu)框圖 .......................................................................................... 3 系統(tǒng)的結(jié)構(gòu)和功能 ....................................................................................... 4 程序的工作流程 .......................................................................................... 5 系統(tǒng)實(shí)現(xiàn)的關(guān)鍵技術(shù)分析 ................................................................................... 6 3 網(wǎng)絡(luò)數(shù)據(jù)包捕獲模塊的實(shí)現(xiàn) ....................................................................................... 7 網(wǎng)絡(luò)數(shù)據(jù)包捕獲簡介 .......................................................................................... 7 基于 LIBPCAP 的網(wǎng)絡(luò)數(shù)據(jù)包捕獲的實(shí)現(xiàn) ................................................................ 8 Libpcap安裝 .............................................................................................. 8 Libpcap中基本的數(shù)據(jù)結(jié)構(gòu) 和函數(shù) ............................................................... 8 數(shù)據(jù)捕獲模塊的實(shí)現(xiàn) ........................................................................................ 11 4 協(xié)議分析模塊的實(shí)現(xiàn) ............................................................................................... 11 網(wǎng)絡(luò)協(xié)議分析的總體流程 ................................................................................. 12 對 TCP/IP模型中各層協(xié)議的分析 ..................................................................... 14 以太網(wǎng)首部的分析與提取 .......................................................................... 14 IP首部的分析與提取 ................................................................................ 15 TCP/UDP首部的分析與提取 ....................................................................... 16 應(yīng)用層協(xié)議的識別與分析 .......................................................................... 18 5 程序運(yùn)行與測試 ...................................................................................................... 20 測試環(huán)境 .......................................................................................................... 20 硬件環(huán)境 ................................................................................................... 20 程序運(yùn)行環(huán)境 ............................................................................................ 20 測試步驟 .......................................................................................................... 20 測試結(jié)果評價(jià) ..........................................................................................