avd
Reputation: 14441
Finding the type of data in IPv4 packet
Excluding options field in IPv4 header, after 20 bytes of header, data follows. That data may be TCP packet, or UDP etc.
Now given a IPv4 packet (with header and data), How to find out which type of transport layer packet (TCP/UDP/etc.) is present in data? Actually I am parsing a IPv4 packet so I need to understand this.
Upvotes: 1
Views: 427
Answers (2)
Bruno Rijsman
Reputation: 3797
The protocol field of the IPv4 header (see RFC791) will tell you:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live | Protocol | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The protocol numbers are assigned by IANA and are listed here:
http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
Some example protocol numbers are:
1 ICMP
6 TCP
17 UDP
Upvotes: 3
Related Questions
- Parsing custom data packets in an object oriented manner
- How can I check if my IPV4 packet is a GENEVE packet?
- Binary Packet Parsing
- How to determine if the ethernet frame is an IPv4 packet?
- Determining if a packet if type IPv4 or IPv6
- Java: how to describe a network packet?
- class design on network packet parsing
- determine network packet structure
- specification driven packet format parsing?
- Packet data structure?