重大难题请求救命--关于IP封包的重装回原来的用户数据问题。 (200分)

  • 主题发起人 主题发起人 程云
  • 开始时间 开始时间
to 成云.
我的方法用户是感觉不到的,而且只要是ie浏览器都可以用。大名鼎鼎的flashget
也适用的这种方法。
个人感觉网页表单的保存不必要用到tcp知识。其实您去msdn查查dhtml object就可以了

 
to ajim:
我能把它放在域服务器上,
来得到整个局域网上的提交的表单吗?
 
测试中。。。
 
老程,不好意思,现在没有条件上网,过一段时间就好了!所以没有及时来看你的问题!
看过之后才知道,来了也没有用处,你的问题理论简单,实现我是无能为力,现在已经
荒废了!上学之后发现,一个字,烦!呵呵
你现在怎么样啊?你的问题差不多要解决了,恭喜吧!研究研究,收藏你的帖子![:(]
 
to 徐永进:
真是好久没有看到你了,
你是上学去了吗?
这是好事呀,我想上,却没有条件,
只能凑合着上个在职的研究生了。
这个问题离实现还差着远呢。
真是好难为人的问题
 
程云:你把问题弄复杂了,应该用bho做,代码会简单到只有10行。
 
你的方案理论上可行,但是实现起来很麻烦,不如用bho,虽然是在客户端做手脚,
和你的方案不符,但是能够较快的实现相似的效果
 
嗨,我们科协办公室搬迁,新地方没有网线。现在只有在宿舍上网,我的机器又不在这里

现在好不容易上来了,你又不在:( 就在这里说吧

还有,其实根本不用考虑 序列号 和 确认序号,要知道我们处理的是 TCP 包,而 TCP
包是顺序的,IP 包才是无序的。因此接到包过后,直接顺序组装就可以了。

不知道怎么回事,我测试了好多次每次都是通过的。对了,那东西你用 D6 打开了吗?
要是你那里还是没有办法组装,直接把“原始封包”存为文件发给我,我再看看!

哦,对了,我在组装的时候对数据进行了处理,默认是处理 IE 的文件头,别告诉我你
没有用 IE。

 
信已经收到,晚上过去就研究

我现在只有在宿舍上网,把收到的东西用 Floppy 拷过去测试
而那边我又没有软驱,只有靠双机互联线,线又短:(

星期天 高程 就要考试了,两大本书我一点没有看,看来只有等明年了:(

 
做个代理最简单了,基本上不用编的
 
又给你发了信,去收一下吧.
 
程云, 你的心以收到。 我中文打得不好, 所以以下内容为英文。 请大家多包涵。 AJ

I quickly went though the above notes, still little bit confuse. some terminologies problem ^_^.
so, lets get something strait first.
1. capture data packets
u want 2 reassemble the data packets as what they were, that could be done by using
sniffer. I don't care about where the data from or which apps is generating these
packets. they can always be caughed when you run u NIC under promiscuous mode.

2.reassemble packets
theory:
Sequence number(序列号): tihs field defines the number assigned to the first byte
of data contained in this segment. the sequence number tells the destination which byte in this
sequence comprised the first byte in the segment. during connection establishment
each party create an initial sequence number(ISN). eg: if ISN is 2,367 and
first segment is carrying 1,000 bytes, the sequence number is 2,369(2,367 and
2368 are used for connection estaablishment); 2nd segment, carrying 500 bytes, will
have the sequence number 3,669; and so on. However this is nothing to do with
reassmeble packet. rather than you should look at Identification field(it is in IP
datagrame rather than in TCP segment) to achieve that. say if there is 6000 bytes
datagrame, it should be split into more than 4 small IP datagrame. all these
smaller pieces should have the same identification number.
Sorry, it is quite late for me, i would continue my topic at the following day.

i also enclose my data defination, hope this can help you.

type
PETHERNET_HDR = ^ETHERNET_HDR;
ETHERNET_HDR = packed record
Destination: array[0..5] of UCHAR; //static array
Source: array[0..5] of UCHAR;
Protocol: array[0..1] of UCHAR;
Data: array[0..0] of UCHAR;
end;

PIP_RHDR = ^IP_RHDR; //THE DATA type have to correspond attributes' size
IP_RHDR = packed record //eg: ver+len is 8 bits, so it is uchar. length is 16 bits so it is word
Verlen: UCHAR; //4bit version 4bit length (bytes/8)
Service: UCHAR; // TOS
// Length: WORD;
Length: array[0..1] of BYTE;
Ident: WORD;
Flagoff: array[0..1] of UCHAR; //3bit flag - 13 bit offset
TimeLive: UCHAR;
Protocol: UCHAR;
Checksum: WORD;
SrcIP: array[0..3] of UCHAR;
DestIP: array[0..3] of UCHAR;
Data: array[0..0] of UCHAR;
end;

// Added ( Lars Peter Christiansen 13-04-2001)
PTCP_RHDR = ^TCP_RHDR;
TCP_RHDR = Packed record
SrcPort : WORD;
DestPort : WORD;
SequenceNr : array[0..3] of UCHAR;
AckNumber : array[0..3] of UCHAR;
LenResvFlags: array[0..1] of UCHAR; //length(4bits) rsvd(6bits) flags(6bits)
WindowSize : array[0..1] of UCHAR;
Checksum : array[0..1] of UCHAR;
UrgentPtr : array[0..1] of UCHAR;
Data : array[0..0] of UCHAR;
end;
Sorry, it is quite late for me. i would continue



 
to 程云
如果您只是想保存用户填写过的数据,可以用JAVASCRIPT写COOKIE的方法来实现,只是COOKIE有限制(好象只能保存2K的数据)不知道这
个方法对您有没有用(因为所有数据只是保存在本地,没有通过网络传送,没有安全的问题)。

贴上代码,希望您能用上。

<script language="JavaScript" type="text/javascript">
// Example:
// alert( readCookie("myCookie") );
function readCookie(name)
{
var cookieValue = "";
var search = name + "=";
if(document.cookie.length > 0)
{
offset = document.cookie.indexOf(search);
if (offset != -1)
{
offset += search.length;
end = document.cookie.indexOf(";", offset);
if (end == -1) end = document.cookie.length;
cookieValue = unescape(document.cookie.substring(offset, end))
}
}
return cookieValue;
}


// Example:
// writeCookie("myCookie", "my name", 24);
// Stores the string "my name" in the cookie "myCookie" which expires after 24 hours.
function writeCookie(name, value, hours)
{
var expire = "";
if(hours != null)
{
expire = new Date((new Date()).getTime() + hours * 3600000);
expire = "; expires=" + expire.toGMTString();
}
document.cookie = name + "=" + escape(value) + expire;
}
</script>
 
我刚刚看过你的程序, 你对TCP的定义确实有问题。 我刚刚弄好以下code, 估计应该可以
解决你的问题。 我的程序需要保存每一个packet. so i can analysis them later on.
I declare a generic structure to hold these packets.

//use variant type record depends on different kinds of packet
//no contineous memo being allocated for pre-defined packet struc.
//good for filter purpose. can discard packet without write them into disk
type
Packet_struc = record
// PacketID: WORD;
DestMac: string[17];
SrcMac: string[17];
case Frame_protocol: WORD of
80: //ip packet
(
Verlen: String[2];
Service: String[2]; // TOS
TLength: string[10];
Ident: string[4];
Flagoff: string[2]; //3bit flag - 13 bit offset
TimeLive: WORD;
Checksum: String[4];
SrcIP: string[16];
DestIP: string[16];

case IP_protocol:WORD of
6: //TCP 0x06
(
// SrcPort : String[4];
SrcPort : String[4];
DestPort : string[4];
SequenceNr : String[8];
AckNumber : String[8];
LenResvFlags: String[4]; //length(4bits) rsvd(6bits) flags(6bits)
WindowSize : String[4];
CRC : String[4];
UrgentPtr : String[4];
// Data : array[0..0] of UCHAR;
);
1: //ICMP 0x01
();
17: //UDP 0x11
();
);
86: //arp packet
();
90: //loopback packet
(); //x9000
end;

以下code 拆数据包, 并复制给上面data structure

procedure TCaptureThread.Capturing(Data:pointer;recvbytes:Word);
var
IP : PIP_RHDR;
TCP : PTCP_RHDR;
s:string;
pack : ^packet_struc;
begin
{analysis routine, should handle the receiving data.
Possible solution:
1: analysis data packet in real time
2: dump data to a file send it to central controller
3: ...
}
// case protocolStr(@PETHERNET_HDR(data).protocol) of
GetMem(Pack,SizeOf(packet_struc));
IP := @PETHERNET_HDR(data).data; //retrive
pack^.DestMac:= MACtoStr(@PETHERNET_HDR(data).Destination[0]);
pack^.SrcMac:= MACtoStr(@PETHERNET_HDR(data).Source[0]);
s := format('%d%d',[PETHERNET_HDR(data).protocol[0],PETHERNET_HDR(data).protocol[1]]);
case StrToInt(s) of
80: begin //ip
with pack^ do
begin
Frame_protocol :=80;
verlen :=format('%x',[integer(IP.verlen)]);
Service :=format('%x',[integer(IP.Service)]);
TLength :=format('%d%d',[IP.Length[0],IP.Length[1]]); //if packet len is small, using int represent packet len is ok. if it is too big
Ident :=format('%.2x%.2x',[IP.Ident[0],IP.Ident[1]]); //that must be wrong!!! not sure the threadhold for length
Flagoff :=format('%x%x',[IP.Flagoff[0],IP.Flagoff[1]]);
IP_protocol :=IP.Protocol;
TimeLive :=IP.TimeLive;
Checksum :=format('%.2x%.2x',[IP.Checksum[0],IP.Checksum[1]]);
SrcIP :=IPtoStr(@ip.srcIP[0]);
DestIP :=IPtoStr(@ip.destIP[0]);
end;
end;
86: begin //arp
pack^.Frame_protocol:=86;
end;
90: begin //loopback
pack^.Frame_protocol:=90;
end;
end;
TCP :=@IP.data;

case IP.Protocol of
6: begin //TCP
with pack^ do
begin
SrcPort :=format('%.2x%.2x',[TCP.SrcPort[0],TCP.SrcPort[1]]);
DestPort :=format('%.2x%.2x',[TCP.DestPort[0],TCP.DestPort[1]]);
SequenceNr :=format('%.2x%.2x%.2x%.2x',[TCP.SequenceNr[0],TCP.SequenceNr[1],TCP.SequenceNr[2],TCP.SequenceNr[3]]);//??
AckNumber :=format('%.2x%.2x%.2x%.2x',[TCP.AckNumber[0],TCP.AckNumber[1],TCP.AckNumber[2],TCP.AckNumber[3]]); //??
LenResvFlags :=format('%.2x%.2x',[TCP.LenResvFlags[0],TCP.LenResvFlags[1]]);
WindowSize :=format('%.2x%.2x',[TCP.WindowSize[0],TCP.WindowSize[1]]);
CRC :=format('%.2x%.2x',[TCP.CheckSum[0],TCP.CheckSum[1]]);
UrgentPtr :=format('%.2x%.2x',[TCP.UrgentPtr[0],TCP.UrgentPtr[1]]);
end;
end;
17: begin //UDP

end;
end;

packetlist.add(pack);
freeMem(pack);

end;

function ProtocolStr(protocol: byte): string;
begin
case protocol of
1 : result := 'ICMP';
6 : result := 'TCP';
17: result := 'UDP'; //should be 11;
80: result := 'ISO IP';
else result:= inttostr(protocol);
end;
end;

function IPtoStr;
type
PIP = ^TIP;
TIP = array[0..3] of byte;
begin
result := format('%d.%d.%d.%d',[PIP(IP)[0],
PIP(IP)[1],
PIP(IP)[2],
PIP(IP)[3]]);
end;

你要做到:
“从TCP的包头信息中知道,
这外封包是那一组的,同组的封包的排列顺序。
再就是最后一个包是那一个包”。

通过检查identification field你应该可以分清数据包属于哪一组,
同组的封包的排列顺序可通过查序列号(sequence number)

你“从得到的序列号中无法看出同包的顺序有关。
完全是一个杂乱无章的东西”是因为你定义TCP structure 错误。

行了, 你应该可以交差了。

 
忘了说一点, 同组的封包的排列顺序可通过查, data offset attribute of IP datagrame
. 快给分吧.
 
to leo_aj:
很不好意思,我最近事多,今天才得上来看看,
你的程序我先下去试试,
至于分吗,你不要着急,我可从没有欠人家的分不给的
:-)
 
该给些回应了吧。
 
to leo_aj:
抱歉,抱歉,
最近又在忙别一个项目,时间很紧,未能及时回应,
实在对不起了。
这分数一定是你的,
我挣取在春节前给试好,并结束它。
:-)
 
您必须登录或注册才可回复。

Similar threads

关于SpeedButton中使用下划线快捷键不响应的问题 - 不得闲
回复
0
查看
670
不得闲
S
[原]Delphi2010中DataSnap高级技术(3)—DataSnap服务器如何得到客户端的IP和端口
回复
0
查看
1K
SUNSTONE的Delphi笔记
S
S
[原]Delphi2010中DataSnap高级技术(3)—DataSnap服务器如何得到客户端的IP和端口
回复
0
查看
1K
SUNSTONE的Delphi笔记
S
S
[原]Delphi2010中DataSnap高级技术(7)—TDSServerClass中Lifecycle生命周期三种属性说明
回复
0
查看
899
SUNSTONE的Delphi笔记
S
S
[原]Delphi2010中DataSnap高级技术(7)—TDSServerClass中Lifecycle生命周期三种属性说明
回复
0
查看
921
SUNSTONE的Delphi笔记
S
后退
顶部