Talking about socket programming, we may think of QQ and IE, yes. There are many network tools such as Peer-to-peer, NetMeeting and other applications implemented in the application layer, but also with the socket to achieve. The socket is a network programming interface that is implemented at the network application level, and Windows Sockets includes a set of system components that take advantage of Microsoft Windows message-driven features. The socket Specification version 1.1 was released in January 1993 and is widely used in windows9x operating systems that subsequently appear. The socket Specification version 2.2 (which is Winsock2.2 on the Windows platform, also known as Winsock2) was released in May 1996 and Windows NT 5.0 and later Windows systems Support Winsock2, in Winsock2 , it supports the original socket of multiple transfer protocols, overlapping I/O model, service quality control and so on.
This article introduces some of the Windows Sockets programming of the original socket (raw socket) implemented in C #, and the network packet monitoring technology implemented on this basis. Compared with Winsock1, Winsock2 is the most obvious support for the raw socket socket type, the use of raw sockets, the network card can be set to promiscuous mode, in this mode, we can receive IP packets on the network, of course, including the purpose is not the IP packet, Through the original socket, we can also more easily control the various protocols under Windows, but also to the network at the bottom of the transmission mechanism control.
In the example of this article, I am in Nbyte. The Basicclass namespace implements the Rawsocket class, which contains our core technology for implementing packet monitoring. Before implementing this class, you need to write an IP header structure to temporarily store information about the network envelope:
[StructLayout (LAYOUTKIND.EXPLICIT)]
public struct Ipheader
{
[FieldOffset (0)] public byte Ip_verlen; I4 bit Header length + 4-bit IP version number
[FieldOffset (1)] public byte Ip_tos; 8-bit Service type TOS
[FieldOffset (2)] public ushort Ip_totallength; 16-bit Packet total length (bytes)
[FieldOffset (4)] public ushort ip_id; 16-bit identification
[FieldOffset (6)] public ushort Ip_offset; 3-bit Sign
[FieldOffset (8)] public byte Ip_ttl; 8-bit live time TTL
[FieldOffset (9)] public byte Ip_protocol; 8-bit protocol (TCP, UDP, ICMP, ETC.)
[FieldOffset] public ushort ip_checksum; 16-bit IP header checksum
[FieldOffset ()] public uint ip_srcaddr; 32-bit Source IP address
[FieldOffset] public uint ip_destaddr; 32-bit Destination IP address
}
In this way, when each packet arrives, the data in the packet can be converted into a Ipheader object by force type conversion.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.