Sniffer资料

libpcap中如何从区分Ethernet的承载包类型(IP、ARP、RARP)以及MAC地址
http://blog.sina.com.cn/s/blog_43a0370b010005p0.html

IP包格式
http://www.cnblogs.com/tuyile006/archive/2006/12/25/603185.html
http://www.freesoft.org/CIE/Course/Section3/7.htm

TCP包格式
http://blog.csdn.net/lpnueg4/archive/2009/11/20/4842287.aspx

UDP格式
http://blog.sina.com.cn/s/blog_4fb4cb370100h7nn.html

ARP/RARP格式
http://www.doc88.com/p-77339394365.html
http://blog.csdn.net/jiang1013nan/archive/2009/10/12/4657602.aspx
http://en.wikipedia.org/wiki/Address_Resolution_Protocol

ICMP 格式

http://gyht0808.javaeye.com/blog/520410
http://blog.csdn.net/jacklam200/archive/2008/09/16/2935587.aspx
http://wenku.baidu.com/view/71f1f9da50e2524de5187eea.html

Leave a Reply

Your email address will not be published.