一、获得测试包办法
1.1 编译代码、执行、发包
编译:g++ test.cpp 生成a.out
执行:./a.out
#include <iostream>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <string.h>
using namespace std;
int main(int argc, char* argv[])
{
int sock_srv = socket(AF_INET, SOCK_STREAM, 0);
struct sockaddr_in addr_srv;
bzero(&addr_srv, sizeof(struct sockaddr_in));
addr_srv.sin_addr.s_addr = inet_addr("113.31.27.226");
addr_srv.sin_family = AF_INET;
addr_srv.sin_port = htons(80);
int ret = connect(sock_srv, (struct sockaddr*)&addr_srv, sizeof(struct sockaddr));
if(ret < 0)
{
cout<<"fail to connect."<<endl;
close(sock_srv);
return -1;
}
char buf[1500] = {"GET /aa.mp4?asf=sdaf HTTP/1.1\r\n\
Host: 113.31.27.226\r\n\
Connection: keep-alive\r\n\
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\n\
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1636.2 Safari/537.36\r\n\
Accept-Encoding: gzip,deflate,sdch\r\n\
Accept-Language: zh-CN,zh;q=0.8\r\n\
\r\n\
GET /fetch_ldns.png HTTP/1.1\r\n\
Host: ns.pb.cachecn.net\r\n\
Connection: keep-alive\r\n\
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\n\
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1636.2 Safari/537.36\r\n\
Accept-Encoding: gzip,deflate,sdch\r\n\
Accept-Language: zh-CN,zh;q=0.8\r\n\
\r\n\
GET /40x.jpg HTTP/1.1\r\n\
Host: ns.pb.cachecn.net\r\n\
Connection: keep-alive\r\n\
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\n\
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1636.2 Safari/537.36\r\n\
Accept-Encoding: gzip,deflate,sdch\r\n\
Accept-Language: zh-CN,zh;q=0.8\r\n\
\r\n"};
cout<<"buf len: "<<strlen(buf)<<endl;
ret = write(sock_srv, buf, strlen(buf));
if(ret < 0)
{
cout<<"fail to write."<<endl;
close(sock_srv);
return -1;
}
char rcv_buf[1500];
do
{
bzero(rcv_buf, 1500);
ret = read(sock_srv, rcv_buf, 1500);
if(ret < 0)
{
cout<<"fail to read."<<endl;
close(sock_srv);
return -1;
}
if(0 == ret)
{
cout<<"read finished."<<endl;
break;
}
cout<<"recv data: "<<rcv_buf<<endl;
}while(ret > 0);
close(sock_srv);
return 0;
}
1.2 抓取数据包
tcpdump -i eth0 tcp and host 113.31.27.226 and port 80 -w 123.pcap
二、数据包分析
将123.pcap下载到windows下,即可用wireshark分析。
123.pcap下载地址:http://download.csdn.net/detail/kanguolaikanguolaik/6486303
123pcap中第4个包,为请求包,该包里包含了3个请求。
123pcap中第6个包,为响应包,该包里包含了2个响应。