[关闭]
@xunuo 2017-10-23T17:25:50.000000Z 字数 2888 阅读 1451

TCP窗口问题分析

网络数据包分析


  1. /*!
  2. syn包option中窗口放大倍数的计算;
  3. */
  4. int option_winscale(u_char *pkt_data,pcap_pkthdr *header)
  5. {
  6. //printf("%02x\n", pkt_data[optionslen]);
  7. for (int i = 54; i < header->len; i++)
  8. {
  9. int num = pkt_data[i];
  10. int mss;
  11. if (num == 0 || num == 1)
  12. continue;
  13. else if (num == 2)
  14. {
  15. mss = (int)pkt_data[i += 2] * 256;
  16. mss += (int)pkt_data[++i];
  17. printf("MSS:%d\n", mss);
  18. if (mss < 500)
  19. printf("TCP协商MSS过小\n");
  20. }
  21. else if (num == 3)
  22. {
  23. Windows_Scale = pkt_data[i += 2];
  24. break;
  25. }
  26. else if (num == 4)
  27. i += 1;
  28. else if (num == 5)//SACK
  29. i+=pkt_data[++i]-1;
  30. else if (num == 8)
  31. i += 9;
  32. else if (num == 19)
  33. i += 17;
  34. else if (num == 28)
  35. i += 3;
  36. }
  37. printf("winscale:%d %d\n",(int) Windows_Scale,quick(2, Windows_Scale));
  38. return quick(2,Windows_Scale);
  39. }
  40. /*计算2^windows_scale*/
  41. int quick(int x, int y)
  42. {
  43. int ans = 1;
  44. int temp = x;
  45. while (y>0)
  46. {
  47. if (y & 1)
  48. ans = ans*temp;
  49. temp = temp*temp;
  50. y = y >> 1;
  51. }
  52. return ans;
  53. }
  54. /*!
  55. Tcp零窗口(2),窗口偏低(1)
  56. */
  57. int Tcp_Windows_low(TCP_HEADER *tcpHeader) {
  58. if (0 < ntohs(tcpHeader->Windows) && ntohs(tcpHeader->Windows) < 20)//偏低
  59. return 1;
  60. if (ntohs(tcpHeader->Windows) == 0)//零窗口
  61. return 2;
  62. }
  63. /*!
  64. 上行窗口阻塞
  65. */
  66. int up_windows_stuck(TCP_HEADER *tcpHeader,int up_num)
  67. {
  68. down_num = 0;
  69. int i = Tcp_Windows_low(tcpHeader);
  70. if (i == 1)
  71. printf("窗口偏低\n");
  72. else if (i == 2)
  73. printf("零窗口\n");
  74. if (i == 1 || i == 2)
  75. up_num++;
  76. if (up_num >= 5)
  77. printf("窗口阻塞\n");
  78. return up_num;
  79. }
  80. /*!
  81. 下行窗口阻塞
  82. */
  83. int down_windows_stuck(TCP_HEADER *tcpHeader, int down_num)
  84. {
  85. up_num = 0;
  86. int i = Tcp_Windows_low(tcpHeader);
  87. if (i == 1)
  88. printf("窗口偏低\n");
  89. else if (i == 2)
  90. printf("零窗口\n");
  91. if (i == 1 || i == 2)
  92. down_num++;
  93. if (down_num >= 5)
  94. printf("窗口阻塞\n");
  95. return down_num;
  96. }
  97. /*
  98. 上行tcp窗口溢出
  99. */
  100. u_int tcp_up_windows(Upstream *up, TCPSESSION *tcpSessionHead, TCP_HEADER *tcpHeader) {
  101. TCPSESSION *tcpSession = tcpSessionHead;
  102. u_int ack_winsize;
  103. ack_winsize = up->ack + up->Windows * up->Windows_scale;
  104. printf("down_ack_winsize:%u\n", ack_winsize);
  105. printf("seq+len:%u\n", up->seq + up->len);
  106. if (up->ack_winsize < up->seq + up->len) {
  107. printf("Windows Overflow\n");
  108. }
  109. return ack_winsize;
  110. }
  111. /*
  112. 下行tcp窗口溢出
  113. */
  114. u_int tcp_down_windows(Downstream *down, TCPSESSION *tcpSessionHead, TCP_HEADER *tcpHeader) {
  115. TCPSESSION *tcpSession = tcpSessionHead;
  116. u_int ack_winsize;
  117. if (tcpHeader->SYN == 1)
  118. ack_winsize = down->ack +down->Windows;
  119. else
  120. ack_winsize = down->ack + down->Windows * down->Windows_scale;
  121. printf("up_ack_winsize:%u\n", ack_winsize);
  122. printf("seq+len:%u\n", (down->seq + down->len));
  123. if (tcpHeader->SYN != 1 && down->ack_winsize < (down->seq + down->len)) {
  124. printf("Windows Overflow\n");
  125. }
  126. return ack_winsize;
  127. }
添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注