Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”.

1. Wireshark packet capture tool

1.1 Software Introduction

Wireshark captures all packets that pass through your host network card and automatically analyzes the packets

Network administrators use Wireshark to detect network problems.

Network security engineers use Wireshark to check for information security-related problems,

Developers use Wireshark to debug new communication protocols,

Common users use the Wireshark to learn about network protocols.

To install the Wireshark, go to the next step.

There is a page to select the plug-in USBPCap that needs to be checked and installed

Step 1: Open the software with administrator privileges

Step 2: Choose the right network card

Or select Capture from the menu bar and click Options to select the appropriate network card

Step 3: View packet information

Windows serves as the TCP server and Ubuntu serves as the TCP client

Run the client server to capture and analyze data packets

Ethernet header:

Destination ADDRESS: indicates the destination MAC address, a Windows MAC address

Source ADDRESS: Source MAC address, Ubuntu MAC address

Type: Determines the protocol that follows

0 x0800 IP header

0 x0806 ARP

0 x8035 RARP head

The IP header

Version: 4: IPV4

Header length: 5, IP header length is 20 bytes, the value of this position is in 4 bytes, so 5

Total LENGTH: 168. Total IP length =IP header +TCP header +data=20+20+128=168

TTL: indicates the maximum number of times the current packet is transmitted over the network. The value is usually set to 16, 32, 64, or 128

Protocol type: indicates the protocol following the IP header. 1: ICMP 2: IGMP 6: TCP 17: UDP

Source IP address: Ubuntu IP address

Destination IP address: Windows IP address

The TCP header

Source port: The port number of Ubuntu

Destination port number: Windows port number

Header length: 20 bytes in 4 bytes, so 5 is passed

Application layer data