问题描述
我有一个 tpacket3_hdr *ppd
指针对象。我知道如何提取 iphdr 和 tcphdr 但如果我需要数据包的正文部分怎么办。我正在尝试这样
struct iphdr *ip = (struct iphdr *) ((uint8_t *) eth + ETH_HLEN);
struct tcphdr *tcp=(struct tcp *)((uint8_t *)ip+sizeof(struct iphdr));
char *payload_body=(char *)(tcp+sizeof(struct tcphdr));
printf("%s\n",payload_body);//Printing wrong Not containing what I am checking by simply downloading html
我不认为这是正确的做法。此处提供了来自 MMAP 的 Rx Ring 的完整代码 https://elixir.bootlin.com/linux/latest/source/tools/testing/selftests/net/psock_tpacket.c
解决方法
[改编自 Cormen 和 Stevens,10.4 TCP 段格式]
# zip file is in output dir
if '-output' in file.key:
# get base path other the zip file name
save_base_path = file.key.split('//')[0]
# starting unzip process
zip_obj = s3_resource.Object(bucket_name=source_bucket,key=file.key)
buffer = BytesIO(zip_obj.get()["Body"].read())
z = zipfile.ZipFile(buffer)
print(f'Unziping....')
for filename in z.namelist():
file_info = z.getinfo(filename)
try:
response = s3_resource.meta.client.upload_fileobj(
z.open(filename),Bucket=target_bucket,Key=f'{save_base_path}/{filename}'
)
except Exception as e:
print(e)
print('unziping process completed')
# deleting zip file after unzip
s3_resource.Object(source_bucket,file.key).delete()
my_bucket.delete_object()
print("iteration completed")
else:
print('Zip file invalid position')
s3_resource.Object(source_bucket,file.key).delete
print(f'{file.key} deleted...')
ip 结构体在其 /* The offset of the payload data (in 32bit words))
** is tucked into the upper 4 bits of an unsigned character.
** Typically (0x5x & 0xf0) >>2 := 0x20
*/
#define TCP_HLEN(p) (((p)->tcp_offset & 0xf0) >> 2)
char *payload_body=(char *)((uint8_t *)tcp + TCP_HLEN(tcp)) ;
字段中具有类似的长度字段。
这是原始段的布局,因为它在网上传播。我假设您的文件按原样存储此格式。
[我不会在任何偏移/大小计算中使用 ip_verlen
,因为内存中的结构可能包含填充和对齐。]