Datalink Access

最新推荐文章于 2022-01-28 20:46:13 发布
最新推荐文章于 2022-01-28 20:46:13 发布
阅读量596 收藏
点赞数
分类专栏: SOKCET
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/u014211079/article/details/25034671
版权

This provides the following capabilities:

  1. The ability to watch the packets received by the datalink layer, allowing programs such as tcpdump to be run on normal computer systems (as opposed to dedicated
    hardware devices to watch packets). When combined with the capability of the network interface to go into a promiscuous mode, this allows an application to watch
    all the packets on the local cable, not just the packets destined for the host on which the program is running.
    This ability is less useful in switched networks, which have become quite common. This is because the switch only passes traffic to a port if it is addressed to the
    device or devices attached to that port (unicast, multicast, or broadcast). To monitor traffic carried on other ports of the switch, the switch port must be configured to
    receive other traffic, often called monitor mode or port mirroring. Note that many devices that you might not expect to be switches actually are, for example, a
    dual-speed 10/100Mbps hub is usually a two-port switch: one port for the 100Mbps systems and the other for the 10Mbps systems.
  2. The ability to run certain programs as normal applications instead of as part of the kernel. For example, most Unix versions of an RARP server are normal applications
    that read RARP requests from the datalink (RARP requests are not IP datagrams) and then write the reply back to the datalink.

可以看到本地链路层的所有包。三种方法可以用:

  1. BPF(BSD Packet Filter):Unix
  2. DLPI(Datalink Provider Interface): SVR4
  3. SOCK_PACKET接口:Linux

libpcap提供跨平台的接口。当进入promiscuous mode时,可以看到本地链路层的所有包,而不仅仅是到主机的包。

Linux: SOCK_PACKET and PF_PACKET

Linux下有两种方法访问链路层

  1. 创建一个family为SOCK_PACKET的socket
  2. 创建一个family为PF_PACKET的socket

The newer method, which introduces more filtering and performance features, is to create a socket of family PF_PACKET. When using PF_PACKET sockets, the second argument to socket can be SOCK_DGRAM, for "cooked" packets with the link-layer header removed, or SOCK_RAW, for the complete link-layer packet.

接收所有的包

fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));

fd = socket(AF_INET, SOCK_PACKET, htons(ETH_P_ALL));

只接收IPv4

fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_IP));

fd = socket(AF_INET, SOCK_PACKET, htons(ETH_P_IP));

其它参数如:ETH_P_ARP或ETH_P_IPV6

Specifying a protocol of ETH_P_xxx tells the datalink which frame types to pass to the socket for the frames the datalink receives. If the datalink supports a promiscuous mode
(e.g., an Ethernet), then the device must also be put into a promiscuous mode, if desired. This is done with a PACKET_ADD_MEMBERSHIP socket option, using a packet_mreq structure specifying an interface and an action of PACKET_MR_PROMISC.

PF_PACKET sockets can be linked to a device by calling bind.

libpcap: Packet Capture Library

只支持读操作

libnet: Packet Creation and Injection Library

提供raw socket和datalink access


安静呆一会儿
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
数据链路层(data link layer)
jiangxt211的专栏
02-18 1233
1、数据链路链路(link)是一条无源的点到点的物理线路,而中间没有任何其他的交换点。即物理链路。数据链路(data link)在物理链路加上必要的通信协议。即逻辑链路。 数据链路层作用:把网络层交下来的数据构成帧发送到链路上,以及把接受到的帧中的数据取出并上交给网络。 数据链路层的作用: 1)封装成帧; 在报文的首尾添加帧界定符。 2)透明传输; 透明即通过数据链路层不改变报文内容,在报文中填充...
Data Access
topinking的专栏
08-05 63
public void wdDoInit() { //@@ begin wdDoInit() wdContext.currentPersonElement().setFirstName("Lars"); wdContext.currentPersonElement().setLastName("Vogel"); //@@ end } // person is a cont...
linux 数据链路访问,网络编程学习——数据链路访问
weixin_42513054的博客
05-12 248
1 概述目前大多数操作系统都为应用程序提供访问数据链路层的强大功能。这些功能可以提供如下能力。能够监视由数据链路层接收的分组,使得诸如tcpdump之类的程序能够在普通计算机系统上运行,而无需使用专门的硬件设备来监视分组。如果结合使用网络接口进入混杂模式(promiscuous mode)的能力,那么应用程序甚至能够监视本地电缆上流动的所有分组,而不仅仅是以程序运行所在主机为目的地的分组。能够作为...
Unix Network Programming Episode 11
独行者103的专栏
04-30 96
IPv4 Internet Protocol version 4. IPv4, which we often denote as just IP, has been the workhorse protocol of the IP suite since the early 1980s. It uses 32-bit addresses (Section A.4(See 10.4)). IPv4...
windows环境下用c++实现socket编程
热门推荐
小拳头的博客
02-27 13万+
一、什么是Socket socket即套接字,用于描述地址和端口,是一个通信链的句柄。应用程序通过socket向网络发出请求或者回应。 sockets(套接字)编程有三种,流式套接字(SOCK_STREAM),数据报套接字(SOCK_DGRAM),原始套接字(SOCK_RAW);前两种较常用。基于TCP的socket编程是采用的流式套接字。 (1)SOCK_STREAM表示面向连接的
LabVIEW通过Microsoft Data Link file UDL访问Microsoft Access数据库
bjcyck的博客
01-28 2282
LabVIEW通过Microsoft Data Link file UDL访问Microsoft Access数据库 Microsoft Data Link(. UDL)文件是目前最常被使用到的数据库链接文件。 UDL文件一般而言您可以直接在桌面上建立。 UDL文件,步骤如下: 在桌面或是任何欲存放. UDL文件的文件夹中点击右键。 选择"新增">>"数据链接文件(Microsoft Data Link)" 在Windows2000或是某些操作系统中点选右键并不会出现"数据链接文件".
DataLink Layer
siege
08-02 2601
DataLink LayerDataLink Layer - Accessing the MediaData Link Layer - Supporting & Connecting to Upper Layer ServicesThe Data Link layer provides a means for exchanging data over a common local media. T
OSI参考模型——数据链路层Data Link
蓝镜的博客
08-28 555
数据链路层的功能:完成网络之间相邻节点的可靠传输。 物理层Physical传输的是比特流bit 数据链路层Data Link传输的是帧Frame 数据链路层Data Link是用过MAC地址负责主机之间数据的可靠传输 MAC全称:Media AccessControl 数据链路层的主要设备: 网卡NIC:Network Interface Card 网桥:Bridge 它的作用是将两个局域网LAN链接到一起,并且按MAC地址转发数据 交换机:Switch ...
【IP 笔记 3.】北邮 互联网协议 Internet Protocol - Data Link Layer
weixin_56193843的博客
12-25 2133
DataLink Layer 问答: Deliver traffic to “neighbouring” routers Switch(交换机是在家里网络的,通常不在Internet之中) 6.1 introduction, services introduction 作用区间: host与router之间,host和router都称为node 相邻的node之间的连接称为links wired links wireless links LANS layer-2 pkt 叫frame,用来包装d
Data.Access DLL 文件
最新发布
10-03
《深入理解Data.Access DLL文件及其应用》 在IT领域中,DLL(Dynamic Link Library)文件是一种重要的共享库,它包含了可被多个程序同时调用的函数和资源。本文将聚焦于"Data.Access DLL"文件,深入探讨其核心概念...
ISO15764-2004 Road vehicles extended data link security firstedition
03-27
ECUs capable of storing and processing secret data so that unauthorized third parties are denied access to it. Parameters are provided to enable the level of security in the data link to be selected
php的access操作类
10-30
$data = $access->first_array($sql); // 使用$data,然后关闭连接 $access->close(); ``` 请注意,由于Access数据库不支持SQL事务、存储过程等高级特性,这个类可能更适合于简单的数据库操作。在更复杂的项目中,...
MDAC(Microsoft Data Access Components) v2.7
06-02
MDAC,全称为Microsoft Data Access Components,是微软公司推出的一个重要的数据访问技术组件集,用于在Windows操作系统上实现对各种数据库的访问、管理和处理。MDAC v2.7是该组件的一个版本,发布于2000年左右,它...
labview与Access数据库的简单链接
06-25
- 打开LabVIEW软件,选择“工具”菜单下的“创建数据链接”选项(英文版为“Create Data Link”)。 - 在弹出的对话框中,选择要链接的数据库名称及其完整路径。例如,如果数据库文件名为`data.mdb`且位于`C:\Users\...
out-of-band
u014211079的专栏
05-04 1745
在传输层,当连接的一端有很重要的情况发生时,wf
Signal-Driven I/O
u014211079的专栏
05-04 1728
Signal-Driven I/O for Sockets 三个步骤:
Raw Sockets
u014211079的专栏
05-06 966
Raw sockets提供3个特性,这些是TCP和UDP都不提供的:
Unix Domain Protocols
u014211079的专栏
07-01 864
The Unix domain protocols are not an actual protocol suite, but a way of performing client/server communication on a single host using the same API that is used for clients and servers on different ho
Just Spring Data Access 深入解析
"just spring data access" 《Just Spring Data Access》是由Madhusudhan Konda编写的,这本书聚焦于Spring框架的数据访问层面。Spring是Java开发领域的一个关键框架,以其模块化、灵活和全面的特性而闻名,特别是...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值