Udp 通过Wireshark验证校验和值
我试图通过使用Wireshark检查UDP数据包的校验和值来验证该数据包的有效性。 在我正在查看的这个特定数据包中,UDP头的值如下所示: 源端口:53 0000 0000 0011 0101 目的港:64992 1111 1101 1110 0000 长度:64 0000 0100 0000 现在,如果将这些值相加,则总和为65109 1111 1110 0101 0101 所以我希望校验和的值是426 0001 1010 1010,这是1对和的补码 但在Wireshark中,校验和值是0x63c7,它表示该校验和是正确的 我想知道我哪里弄错了。 我们将非常感谢您向正确方向提供的任何帮助或推动 提前感谢。如果您参考,您将找到正确计算校验和所需的详细信息:Udp 通过Wireshark验证校验和值,udp,wireshark,checksum,Udp,Wireshark,Checksum,我试图通过使用Wireshark检查UDP数据包的校验和值来验证该数据包的有效性。 在我正在查看的这个特定数据包中,UDP头的值如下所示: 源端口:53 0000 0000 0011 0101 目的港:64992 1111 1101 1110 0000 长度:64 0000 0100 0000 现在,如果将这些值相加,则总和为65109 1111 1110 0101 0101 所以我希望校验和的值是426 0001 1010 1010,这是1对和的补码 但在Wireshark中,校验和值是0x6
Checksum is the 16-bit one's complement of the one's complement sum of a
pseudo header of information from the IP header, the UDP header, and the
data, padded with zero octets at the end (if necessary) to make a
multiple of two octets.
The pseudo header conceptually prefixed to the UDP header contains the
source address, the destination address, the protocol, and the UDP
length. This information gives protection against misrouted datagrams.
This checksum procedure is the same as is used in TCP.
0 7 8 15 16 23 24 31
+--------+--------+--------+--------+
| source address |
+--------+--------+--------+--------+
| destination address |
+--------+--------+--------+--------+
| zero |protocol| UDP length |
+--------+--------+--------+--------+
If the computed checksum is zero, it is transmitted as all ones (the
equivalent in one's complement arithmetic). An all zero transmitted
checksum value means that the transmitter generated no checksum (for
debugging or for higher level protocols that don't care).
如果您想了解Wireshark的UDP解析器如何处理它,可以查看的源代码。基本上,在正确设置数据输入之后,它基本上只调用文件中的in_cksum函数来计算它
你可能还想看看,计算互联网校验和