tags:

views:

29

answers:

2
Q: 

Finding the type of data in IPv4 packet

Excluding options field in IPv4 header, after 20 bytes of header, data follows. That data may be TCP packet, or UDP etc.

Now given a IPv4 packet (with header and data), How to find out which type of transport layer packet (TCP/UDP/etc.) is present in data? Actually I am parsing a IPv4 packet so I need to understand this.

A: 

Deep packet inspection? Ipoque release some open source code for this task: opendpi.

The MYYN  2009-11-25 09:44:43
Actually I just found out, that in the header of IPv4, there is a field called protocol. In that, the protocol is specified. Anyways, I got to know a new library.
avd  2009-11-25 10:17:33
+3  A: 

The protocol field of the IPv4 header (see RFC791) will tell you:

    0                   1                   2                   3   
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |Version|  IHL  |Type of Service|          Total Length         |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |         Identification        |Flags|      Fragment Offset    |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  Time to Live |    Protocol   |         Header Checksum       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                       Source Address                          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                    Destination Address                        |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                    Options                    |    Padding    |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The protocol numbers are assigned by IANA and are listed here:

http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml

Some example protocol numbers are:

1  ICMP
6  TCP
17 UDP
Cayle Spandon  2009-12-10 15:15:54

related questions

How do I set the socket timeout in Ruby?
java.net.URLEncoder.encode(String) is deprecated, what should I use instead?
How do I read strings in J2ME?
Why do SocketChannel writes always complete for the full amount even on non-blocking sockets?
Why is it impossible, without attempting I/O, to detect that TCP socket was gracefully closed by peer?
Patterns for Multithreaded Network Server in C#
How would you test an SSL connection?
How do I send an ARP packet from a C program?
Lower than low level common bsd sockets
TCP handshake with SOCK_RAW socket
Does anyone know of any problems with using WCF to expose a SOAP interface for non .NET clients?
What do you use when you need reliable UDP?
TCP send queue depth
What is a good tutorial/howto on .net / c# socket programming.
Artificially create a connection timeout error
Search for host with MAC-address using Python
Good Python Network Programming Resource
How Many Network Connections Can a Computer Support?
How Does Listening to a Multicast Hurt Me?
NetworkStream.Write returns immediately - how can I tell when it has finished sending data?
Testing network interrupts in software
Delphi Network programming
How Do Sockets Work in C?
C# Game Network Library
C: Network Programming