I 've been reading IP, TCP checksum for half a day online. The following is the simplest command, no data 45 0 0 34 4D C5 40 0 72 6 20 E1 D3 93 4 CC C0 A8 1 16 4E 23 6 8F 36 CA 45 A3 EC 73 cb fb 80 10 1E E8 D0 2A 0 0 1 1 8 A 15 f ac fe 0 A1 EF the first line is the IP header, (2-3) byte 0 34 indicates the total package length hex (34) = 52. When calculating and verifying, set the (10-11) 16-bit IP header checksum to 0 first (if not set to 0, the calculated checksum is 0, which is equivalent to checking whether the original checksum is correct. You can use the checksum function circulating on the Internet to calculate it. (20 E1) is the same as that in the command. 4500 + 0034 + 4DC5 + 4000 + 7206 + 0 (set to 0 for 20E1) + D393 + 4CC + c0A8 + 116 = 2DF1C2 + DF1C = DF1E ~ DF1E = 20E1 the second line is the TCP Header, (12) 80 indicates the TCP Header Length hex (80/4) = 32, the next 12 bytes are the option of the TCP packet header (poor, I always thought it was a TCP pseudo packet header. In fact, the TCP pseudo packet header is not sent and does not exist at all ). When calculating TCP verification, there are three parts: TCP pseudo packet header + TCP packet header + data. If there is no data in this command, only two parts are used. The pseudo-Baotou is written by yourself, and the destination IP address of the source IP address is left blank (0) the total length of a TCP packet of the protocol type D3 93 4 CC C0 A8 1 16 0 6 0 20 source IP address, destination IP address, protocol type in the IP header, directly moved over, the total length of a TCP packet is 0x14 (fixed length 20) = 0x20. Then, the TCP pseudo packet header + TCP packet header + data are combined (the TCP packet header (16-17) checksum is set to 0), and The checksum function is used to calculate the checksum and D0 2A. __________________________________________________ unsigned short checksum (unsigned short * buf, int nword) {unsigned long sum; for (sum = 0; nword> 0; nword --) sum + = * buf ++; sum = (sum> 16) + (sum & 0 xffff); sum + = (sum> 16); return ~ Sum;} Type IPHeader lenver As Byte '(0) 4-bit Header Length + 4-bit IP version number tos As Byte' (1) 8-bit service type TOS len As Integer '(2-3) 16-bit total length (bytes) * includes data ident As Integer' (4-5) 16-Bit Flag ** flags As Integer '(6-7) 3-bit ttl As Byte' (8) 8-bit TTL proto As Byte '(9) 8-bit protocol (TCP, UDP or other) CheckSum As Integer '(10-11) 16-bit IP header CheckSum ** sourceIP As Long' (12-15) 32-bit source IP address * destIP As Long '(16-19) 32-bit destination IP address * End TypeType TcpHeader srcPort As Integer' (0-1) source Port dstPort As Integer '(2-3) Destination Port seqNum As Long' (4-7) sequential number ** ackNum As Long '(8-11) expected to get the TCP packet number of the other party ** h_len As Byte '(12) the length of the TCP Header in 32 bits. h_len/4 gets the actual length, including the length of ipheader and TCP pseudo header flags As Byte '(13) flag (URG, ACK, etc.) indow As Integer' (14-15) window Size ** chksum As Integer '(16-17) checksum ** urgptr As Integer' (18-19) Emergency pointer End Type 'tcp pseudo header used for TCP checksum calculation, validity of TCP verification: Type TcpPsdHeader sourceIP As Long '(0-3) source IP address destIP As Long' (4-7) Destination IP address mbz As Byte ''(8) leave null (0) ptcl As Byte '(9) protocol Type (IPPROTO_TCP) tcpl As Integer' (10-11) the total length of the TCP packet (unit: Byte) * End Type