我用的wireshark抓包软件,检验和Checksum: 0x2ff3 [validation disabled],是怎么回事啊。(udp协议下的) 用wireshark抓包,为什么校验和错误还是能建立TCP三...
\u7528wireshark\u6293\u5305\uff0c\u4e3a\u4ec0\u4e48\u6821\u9a8c\u548c\u9519\u8bef\u8fd8\u662f\u80fd\u5efa\u7acbTCP\u4e09\u6b21\u8fde\u63a5\u5728\u4f7f\u7528WireShark\u7b49\u622a\u53d6\u6570\u636e\u5305\u65f6\uff0c\u5f80\u5f80\u4f1a\u51fa\u73b0\u9519\u8bef\u7684CheckSum\uff0c\u8fd9\u4e3b\u8981\u662f\u56e0\u4e3a\u7f51\u5361\u5f00\u542f\u4e86CheckSum Offload(\u786c\u4ef6\u6821\u9a8c\u548c) \u529f\u80fd\uff0c\u7cfb\u7edf\u5c06CheckSum\u7684\u8ba1\u7b97\u5de5\u4f5c\u4ea4\u7531\u7f51\u5361\u53bb\u8ba1\u7b97\uff0c\u5728\u9ad8\u901f\u7f51\u7edc\u4ea4\u6362\u7684\u60c5\u51b5\u4e0b\u53ef\u4ee5\u5927\u5927\u51cf\u8f7bCPU\u7684\u5de5\u4f5c\u8d1f\u8377\u3002
\u5728windows\u7cfb\u7edf\u4e2d\u7684Checksum Offload\u8fc7\u7a0b\u5982\u4e0b\uff1a\u5982\u679c\u7f51\u5361\u652f\u6301\uff0c\u5728\u9ad8\u7ea7\u9009\u9879\u91cc\u53ef\u4ee5\u8bbe\u7f6e
Checksum Offload\u662f\u5426\u5bf9Rx\uff08\u63a5\u6536\u7aef\uff09\u6216Tx\uff08\u53d1\u9001\u7aef\uff09\u6709\u6548\uff0c\u4e5f\u53ef\u4ee5\u8bbe\u7f6e\u4e3a\u5bf9\u4e24\u8005\u90fd\u6709\u6548\u3002
\u5bf9\u4e8eTx\uff0c\u8bbe\u7f6eChecksum Offload\u6709\u6548\u4e4b\u540e\uff0cWindows\u7684\u4f20\u8f93\u5c42\u5c06\u968f\u673a\u586b\u5145TCP\u6821\u9a8c\u548c\uff0c\u56e0\u6b64\u5728\u672c\u673a\u4e0a\u6293\u53d6\u7684\u6570\u636e\u5305\u662fBad CheckSum\u3002\u7136\u540e\uff0c\u7f51\u5361\u4f1a\u81ea\u52a8\u8ba1\u7b97\u6b63\u786e\u7684\u6821\u9a8c\u7801\u7136\u540e\u53d1\u9001\uff0c\u56e0\u6b64\u5bf9\u65b9\u6536\u5230\u7684\u4ecd\u7136\u662f\u6b63\u786e\u7684TCP\u5305\u3002
\u5bf9Rx\uff0c\u8bbe\u7f6eChecksum Offload\u6709\u6548\u4e4b\u540e\uff0c\u7f51\u5361\u5728\u63a5\u6536\u6570\u636e\u65f6\uff0c\u4f1a\u586b\u5145\u4e00\u4e2aNDIS_TCP_IP_CHECKSUM_PACKET_INFO \u7ed3\u6784\u5e76\u8bbe\u7f6e\u6807\u5fd7\u4f4d\uff0c\u7531\u7f51\u5361\u5b8c\u6210\u6570\u636e\u6821\u9a8c\uff1b\u5982\u679c\u7531\u4e8e\u67d0\u79cd\u539f\u56e0\u5931\u8d25\uff0c\u5219\u4e0d\u8bbe\u7f6e\u6807\u5fd7\u4f4d\uff0c\u7531Windows\u91cc\u7684TCP/IP\u534f\u8bae\u6808\u6765\u5b8c\u6210\u6570\u636e\u6821\u9a8c\u3002
\u5176\u5b9e\u5c31\u662f\u8bf4\uff0c\u7531\u4e8e\u5f00\u542f\u4e86\u786c\u4ef6\u6821\u9a8c\u548c\u529f\u80fd\uff0c\u4f20\u8f93\u5c42\u5e76\u6ca1\u6709\u8ba1\u7b97\u6821\u9a8c\u548c\uff0c\u800c\u662f\u968f\u673a\u586b\u4e86\u4e2a\u6570\uff0c\u6240\u4ee5\u4f60\u6293\u5230\u7684\u5305\u6821\u9a8c\u548c\u662f\u9519\u7684\uff0c\u800c\u8fd9\u4e2a\u9519\u8bef\u7684\u6821\u9a8c\u548c\u5728\u7f51\u5361\u53d1\u9001\u51fa\u53bb\u524d\u4f1a\u88ab\u7f51\u5361\u6539\u6b63\u8fc7\u6765\uff0c\u6240\u4ee5\u63a5\u6536\u7aef\u6536\u5230\u7684\u5305\u662f\u6821\u9a8c\u548c\u6b63\u786e\u7684\u5305\uff0c\u4f1a\u53d1\u56de\u53cd\u9988
\u5728\u4f7f\u7528WireShark\u7b49\u622a\u53d6\u6570\u636e\u5305\u65f6\uff0c\u5f80\u5f80\u4f1a\u51fa\u73b0\u9519\u8bef\u7684CheckSum\uff0c\u8fd9\u4e3b\u8981\u662f\u56e0\u4e3a\u7f51\u5361\u5f00\u542f\u4e86CheckSum Offload(\u786c\u4ef6\u6821\u9a8c\u548c) \u529f\u80fd\uff0c\u7cfb\u7edf\u5c06CheckSum\u7684\u8ba1\u7b97\u5de5\u4f5c\u4ea4\u7531\u7f51\u5361\u53bb\u8ba1\u7b97\uff0c\u5728\u9ad8\u901f\u7f51\u7edc\u4ea4\u6362\u7684\u60c5\u51b5\u4e0b\u53ef\u4ee5\u5927\u5927\u51cf\u8f7bCPU\u7684\u5de5\u4f5c\u8d1f\u8377\u3002
\u5728windows\u7cfb\u7edf\u4e2d\u7684Checksum Offload\u8fc7\u7a0b\u5982\u4e0b\uff1a\u5982\u679c\u7f51\u5361\u652f\u6301\uff0c\u5728\u9ad8\u7ea7\u9009\u9879\u91cc\u53ef\u4ee5\u8bbe\u7f6e
Checksum Offload\u662f\u5426\u5bf9Rx\uff08\u63a5\u6536\u7aef\uff09\u6216Tx\uff08\u53d1\u9001\u7aef\uff09\u6709\u6548\uff0c\u4e5f\u53ef\u4ee5\u8bbe\u7f6e\u4e3a\u5bf9\u4e24\u8005\u90fd\u6709\u6548\u3002
\u5bf9\u4e8eTx\uff0c\u8bbe\u7f6eChecksum Offload\u6709\u6548\u4e4b\u540e\uff0cWindows\u7684\u4f20\u8f93\u5c42\u5c06\u968f\u673a\u586b\u5145TCP\u6821\u9a8c\u548c\uff0c\u56e0\u6b64\u5728\u672c\u673a\u4e0a\u6293\u53d6\u7684\u6570\u636e\u5305\u662fBad CheckSum\u3002\u7136\u540e\uff0c\u7f51\u5361\u4f1a\u81ea\u52a8\u8ba1\u7b97\u6b63\u786e\u7684\u6821\u9a8c\u7801\u7136\u540e\u53d1\u9001\uff0c\u56e0\u6b64\u5bf9\u65b9\u6536\u5230\u7684\u4ecd\u7136\u662f\u6b63\u786e\u7684TCP\u5305\u3002
\u5bf9Rx\uff0c\u8bbe\u7f6eChecksum Offload\u6709\u6548\u4e4b\u540e\uff0c\u7f51\u5361\u5728\u63a5\u6536\u6570\u636e\u65f6\uff0c\u4f1a\u586b\u5145\u4e00\u4e2aNDIS_TCP_IP_CHECKSUM_PACKET_INFO \u7ed3\u6784\u5e76\u8bbe\u7f6e\u6807\u5fd7\u4f4d\uff0c\u7531\u7f51\u5361\u5b8c\u6210\u6570\u636e\u6821\u9a8c\uff1b\u5982\u679c\u7531\u4e8e\u67d0\u79cd\u539f\u56e0\u5931\u8d25\uff0c\u5219\u4e0d\u8bbe\u7f6e\u6807\u5fd7\u4f4d\uff0c\u7531Windows\u91cc\u7684TCP/IP\u534f\u8bae\u6808\u6765\u5b8c\u6210\u6570\u636e\u6821\u9a8c\u3002
\u5176\u5b9e\u5c31\u662f\u8bf4\uff0c\u7531\u4e8e\u5f00\u542f\u4e86\u786c\u4ef6\u6821\u9a8c\u548c\u529f\u80fd\uff0c\u4f20\u8f93\u5c42\u5e76\u6ca1\u6709\u8ba1\u7b97\u6821\u9a8c\u548c\uff0c\u800c\u662f\u968f\u673a\u586b\u4e86\u4e2a\u6570\uff0c\u6240\u4ee5\u4f60\u6293\u5230\u7684\u5305\u6821\u9a8c\u548c\u662f\u9519\u7684\uff0c\u800c\u8fd9\u4e2a\u9519\u8bef\u7684\u6821\u9a8c\u548c\u5728\u7f51\u5361\u53d1\u9001\u51fa\u53bb\u524d\u4f1a\u88ab\u7f51\u5361\u6539\u6b63\u8fc7\u6765\uff0c\u6240\u4ee5\u63a5\u6536\u7aef\u6536\u5230\u7684\u5305\u662f\u6821\u9a8c\u548c\u6b63\u786e\u7684\u5305\uff0c\u4f1a\u53d1\u56de\u53cd\u9988
原因是因为:有时tcp校验和会由网卡计算,因此wireshark抓到的本机发送的tcp数据包的校验和都是错误的,这样检验校验和根本没意义。
可参见:http://ask.wireshark.org/questions/2253/tcp-checksum-validation-disabled
如果你想检验校验和:edit->preference->protocol中选择相应的tcp协议,相应的地方打勾。
checksum 是检查和,检验和的意思,error是错误的意思;合起来就是检查和错误的意思~
绛旓細Wireshark鏄竴娆鹃潪甯镐笓涓氱殑缃戠粶鎶撳寘宸ュ叿銆傝鐗堟湰鏄彲浠ュ湪Windows XP鎿嶄綔绯荤粺涓浣跨敤鐨锛屽畠鐨勫姛鑳藉崄鍒嗗己澶э紝鏀寔鍑犵櫨绉嶅崗璁拰娴佸獟浣撶被鍨嬶紝浣跨敤WinPCAP浣滀负鎺ュ彛锛岀洿鎺ヤ笌缃戝崱杩涜鏁版嵁鎶ユ枃浜ゆ崲锛屼腑鏂囨樉绀洪〉闈紝鏂逛究鐢ㄦ埛浣跨敤鎿嶄綔銆傘愬姛鑳界壒鐐广1銆佺‘瀹歐ireshark鐨勪綅缃 濡傛灉娌℃湁涓涓纭殑浣嶇疆锛屽惎鍔╓ireshark鍚庝細鑺辫垂...
绛旓細1銆佹墦寮Wireshark杞欢锛岄夋嫨涓涓綉缁滄帴鍙e紑濮鎶撳寘銆2銆佹姄鍖呭畬鎴愬悗锛屾墦寮鈥淪tatistics鈥濊彍鍗曪紝閫夋嫨鈥淪ummary鈥濋夐」銆3銆佸湪鈥淪ummary鈥濋夐」涓紝鍙互鐪嬪埌鍚勭缃戠粶鏁版嵁鎶ユ枃鐨勭粺璁′俊鎭紝鍖呮嫭鎶撳埌鐨勫抚鏁般佸瓧鑺傛暟銆佹瘡绉掔殑骞冲潎娴侀噺绛夌瓑锛屽叾涓紝鈥淔rames鈥濅竴鏍忓氨鏄荤殑甯ф暟锛岃屸淎vg.Frames/s鈥濆垯鏄瘡绉掑钩鍧囧抚鏁般4銆...
绛旓細杞欢娴嬭瘯宸ヤ綔涓紝瀵逛簬鏂版墜锛屽湪鎶撳寘寮濮嬪墠涓轰簡閬垮厤鎶撳埌鏁版嵁杩囧锛岄犳垚娣蜂贡锛屽彲鍏堝叧闂叾浠栨棤鍏崇▼搴忥紝鐐瑰嚮鈥淪tart鈥濆悗锛屽啀鎵撳紑鎯宠杩涜鎶撳寘鐨勭▼搴忋傛垨鑰呯啛缁冨悗鍙互鍦ㄦ姄鍖呭悗浣跨敤杩囨护閫夐」鈥淔ilter鈥濓紝鐩存帴杈撳叆鎴栭夋嫨杩囨护鏉′欢锛屽揩閫熷畾浣嶅埌鎴戜滑闇瑕佹姄鍖呯殑鏁版嵁淇℃伅銆浣跨敤Wireshark杩涜缃戠粶鍗忚鍒嗘瀽鍙互寰堝ソ鐨勭悊瑙d笁娆℃彙鎵...
绛旓細浜屻浣跨敤WireShark 鍥犱负WireShark鏄嫳鏂囪蒋浠讹紝鎵浠ヤ綘闇瑕佷竴浜涘繀瑕佺殑鑻辨枃鍩虹銆傛墦寮杞欢鐣岄潰 1銆佸紑濮鎶撳寘 閫変腑浣犻渶瑕佺殑缃戝崱锛岀偣鍑籹tart鍗冲彲寮濮嬫姄鍖咃紝鍦ㄨ繖涓椂鍊欒纭繚浣犳兂瑕佹姄鐨勫寘浼氶氳繃浣犻夋嫨鐨勭綉鍗°備竴鑸仛娉曟槸鍦ㄧ數鑴戜笂鎻掍竴鍧楁棤绾跨綉鍗★紝鐒跺悗璁╀綘鐨勮澶囪繛鎺ヨ鏃犵嚎缃戝崱 浣犱細鍙戠幇娴佽繃缃戝崱鐨勬暟鎹寘闈炲父澶氥傝繖...
绛旓細 鏈枃鍦ㄦ爲鑾撴淳4b涓婃祴璇wireshark缃戠粶鎶撳寘銆傚畨瑁呭浘褰㈢晫闈ireshark锛宻udo apt-get install wireshark 銆傚畨瑁呭畬鎴愬悗鍚庯紝鍦ㄥ浘褰㈢晫闈㈡病鏈夋樉绀烘帴鍙o紝姣斿绗旇呯殑waln0灏辨病鏈夋樉绀猴紝鍦ㄥ懡浠よ杈撳叆dumpcap -h 鏌ョ湅鍏蜂綋鐨勫懡浠ゆ牸寮忥紝dump -i wlan0瀹炴椂鎹曟崏鏃舵樉绀烘病鏈夋潈闄愶紝杩欎釜闇瑕乻udo chmod +x&#...
绛旓細3銆侀夋嫨鐢佃剳鐜板湪鎵浣跨敤鐨缃戝崱銆傚鐜板湪浣跨敤鏃犵嚎缃戝崱锛屾帴鍙e垪琛ㄤ笂鏈夋暟瀛楀湪璺冲姩鐨勫嵆鍙紱4銆佺偣鍑诲紑濮嬶紝杩涘叆鍒鎶撳寘鐨勭晫闈紝寮濮嬭繘琛屾姄鍖呫傝鐣岄潰鏄剧ず浜嗘姄鍖呯殑鍔ㄦ侊紝璁板綍浜嗘姄鍖呯殑杩囩▼锛5銆佹姄鍖呭畬鎴愬悗锛岀偣鍑诲仠姝㈡姄鍖呯殑鎸夐挳锛岄夋嫨淇濆瓨鎸夐挳锛岄夋嫨淇濆瓨鐨勪綅缃備繚瀛樼殑鏂囦欢浠ュ悗閮藉彲浠ョ敤wireshark鎵撳紑锛屾潵杩涜鍘嗗彶鎬х殑鍒嗘瀽...
绛旓細鎵撳紑Wireshark杞欢銆1銆佹墦寮Wireshark杞欢锛岀偣鍑烩淓dit鈥濊彍鍗曪紝閫夋嫨鈥淧references鈥濋夐」锛屽湪寮瑰嚭鐨勨淧references鈥濆璇濇涓紝閫夋嫨鈥淐apture Files鈥濋夐」鍗°2銆佸湪鈥淐apture Files鈥濋夐」鍗′腑锛屽彲浠ヨ缃鎶撳寘瀛樺偍鐨勯粯璁よ矾寰勩佹枃浠跺悕鏍煎紡銆佹枃浠跺ぇ灏忕瓑鍙傛暟銆傜偣鍑烩淏rowse鈥濇寜閽紝鍙互閫夋嫨鑷畾涔夋姄鍖呭瓨鍌ㄨ矾寰勶紝璁剧疆瀹屾垚鍚...
绛旓細 wireshark杞欢鍙互鐢ㄦ潵鍙鍖鎶撳寘缃戠粶鏁版嵁鍖咃紝鍑嗙‘鏉ヨ鏄暟鎹摼璺眰鐨勬暟鎹抚銆備絾鏄鏄湪windows骞冲彴涓嬮渶瑕佸仛鎴愪釜鏈嶅姟鏉ュ紑鏈哄氨鍚姩鎶撳寘绋嬪簭锛屽苟瀹氭湡淇濆瓨鎶撳寘鏂囦欢锛岄偅灏遍渶瑕浣跨敤dumpcap鎴杢shark宸ュ叿銆1銆佽繘鍏ireshark鐨勫畨瑁呯洰褰曪紝鏃㈡槸dumpcap.exe鐨勭洰褰曘2銆佸懡浠よ浣跨敤dumpcap鍛戒护琛岋紝dumpcap -h...
绛旓細浣滀负涓鍚嶈蒋浠跺紑鍙戜汉鍛橈紝甯哥敤鐨勭綉缁鎶撳寘杞欢鏈変互涓嬪嚑绉嶏細1.Wireshark锛歐ireshark鏄竴娆惧厤璐圭殑寮婧愮綉缁滃崗璁垎鏋愬伐鍏凤紝鐢ㄤ簬鎹曡幏鍜屽垎鏋愮綉缁滄暟鎹寘銆傚畠鎻愪緵浜嗗己澶х殑鍔熻兘锛岀敤浜庤皟璇曞拰鍒嗘瀽缃戠粶閫氫俊锛屽寘鎷崗璁垎鏋愩佹祦閲忓垎鏋愬拰鏁版嵁鍖呰繃婊ゃ2.Fiddler锛欶iddler鏄竴娆剧敤浜嶹indows鐨勫厤璐圭綉缁滆皟璇曚唬鐞嗗伐鍏凤紝鐢ㄤ簬鎹曡幏HTTP璇锋眰鍜...
绛旓細[TCP Out-of-Order] 涔卞簭 Wireshark鍦ㄨ幏鍙栧寘搴忓彿26鏃跺彂鐜皊eq=18981,鑰屽寘搴忓彿25鐨勬暟鎹寘seq = 20441,鎵浠wireshark璁や负鏁版嵁鍖呴『搴忛敊浜 褰撲贡搴忔垨鑰呬涪鍖呭彂鐢熸椂锛屾帴鏀舵柟浼氭敹鍒颁竴浜汼eq鍙锋瘮鏈熸湜鍊煎ぇ鐨勫寘銆傛鏃跺氨浼欰ck灏辫鎴戞兂鑾峰彇seq=28852鐨勬暟鎹寘鑰屼綘缁欎簡鎴戝叾浠栧寘銆傚綋鍙戦佹柟鏀跺埌3涓垨浠ヤ笂[TCP Dup ...
