Learning notes of information security system design and implementation 11

1, Study notes

1.TCP/IP protocol

       TCP/IP protocol: TCP stands for transmission control protocol. IP stands for internet protocol. At present, there are two versions of IP, namely IPv4 and IPv6. IPv4 uses 32-bit address and IPv6 uses 128 bit address. The TCP/IP layers and protocols used are shown in the figure below:


(1) IP protocol

       IP protocol is used to send / receive data packets between IP hosts, but IP protocol is not a reliable protocol. Reliability is realized on the IP layer.

(2) IP host and IP address

       A host is a computer or device that supports the TCP/IP protocol. Each host is identified by a 32-bit IP address. The 32-bit IP address number is usually represented by dot notation. The IP address is divided into two parts: NetworkID field and HostID field. According to the division, IP addresses are divided into A~E classes. Different classes have different host numbers and network numbers.

(3) IP packet format

       IP packets include IP header, sender's IP address, receiver's IP address, data, total length of packets, whether packets use TCP or UDP, time to live (TTL) count, checksum of error detection, etc. The maximum size of each IP packet is 64KB. The specific format is shown in the figure below

(4) Router

       Router is a special IP host that receives and forwards data packets. If the IP host is far away, it needs to use router to forward data packets. Each IP packet has an 8-bit time to live (TTL) count in the 1P header, with a maximum value of 255. On each router, the TTL is reduced by 1. If the TTL is reduced to 0 and the packet still does not reach its destination, it will be discarded directly.


       UDP: user datagram protocol, which runs on IP and is used to send / receive datagrams. UDP does not guarantee reliability. The protocol we commonly use for the ping command is UDP.



       Transmission control protocol is a connection oriented protocol used to send / receive data streams. TCP can also run on IP, which ensures reliable data transmission.

(2) Port number

       On each host, multiple applications (processes) can use TCP/UDP at the same time. Each application is uniquely identified by three components: application = (host IP, protocol, port number), the protocol is TCP or UDP, and the port number is the only unsigned integer assigned to the application. To use UDP or TCP, an application (process) must first select or obtain a port number. The following figure shows the default port number for common applications

5. Network and host byte order

       Computers can use large endian or small endian. On the Internet, data is always arranged in network order, that is, big end. Some library functions, such as htons(), htonl(), ntohs(), ntohl(), can convert data between host order and network order.

6. Data flow in TCP / IP network

       As the message is transmitted layer by layer, each layer will be preceded by the exclusive header of this layer. On the contrary, as the message is uploaded layer by layer, the header is stripped by each layer to analyze the received data.

7. Socket programming

(1) Socket API

       In network programming, TCP/IP user interface is realized through a series of C language library functions and system calls, which are collectively referred to as socket API. In order to use the socket API, we need a socket address structure that identifies servers and clients. netdb.h and sys/socket.h have the definition of socket address structure. The socket address data structure is shown in the figure below:

The server must create a socket and bind it to the socket address containing the server IP address and port number. The client must create a socket.

(2) Create socket

       socket system call, two methods of creating sockets

  • Int socket (int domain, int type, int protocol)
  • int bind(int sockfd, struct sockaddr *addr, socklen_t addrlen)

(3) UDP socket

       UDP sockets use scndto()/recvfrom() to send / receive datagrams.

(4) TCP socket

       After creating the socket and binding it to the server address, the TCP server uses listen() and acccpt() to receive the connection from the client

  • int Iistcn(int sockfd, int backlog);
  • int accept(int sockfd, struct sockaddr *addr, sockien_t *addrlen);
  • int connect(int sockfd, const struct sockaddr *addr, socklen t addrlen);

       After the connection is established, both TCP hosts can send data using send()/write() and receive data using recv()/read().

8. Host name and IP address

       If the server and client are running on different hosts, and the server port number is assigned by the operating system kernel, you need to know the host name or IP address of the server and its port number. If a computer is running TCP/IP, its host name is usually recorded in the / etc/hosts file. The library function gethostname(char *name, sizeof(name)) returns the host name string of the computer in the name array. Struct host * gethostbyname (void * addr, socklen_t len, int type) can be used to obtain the full name and IP address of the computer.

2, Problems and Solutions

       Run the UDP echo server client program on the book


#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <netinet/ip.h>

#define BUFLEN 256 // max length of buffer
#define PORT 1234 // fixed server port number 

char line[BUFLEN];
struct sockaddr_in me, client;
int sock,rlen,clen=sizeof(client);

int main()
    printf("1.createaUDP socket\n");
    sock =socket(AF_INET,SOCK_DGRAM, IPPROTO_UDP);

    printf("2. fill me with server address and port number\n");
    me.sin_addr.s_addr=htonl(INADDR_ANY);// use localhost

    printf("3. bind socket to server IP and port\n");
    bind(sock,(struct sockaddr*)&me, sizeof(me));

    printf("4.wait for datagram\n");
        printf("UDP server: waiting for datagram\n");

        rlen=recvfrom(sock,line,BUFLEN,0,(struct sockaddr *)&client,&clen);
        printf("received a datagram from [host:port]=[%s:%d]\n",inet_ntoa(client.sin_addr),ntohs(client.sin_port));
        printf("send reply\n");
        sendto(sock,line, rlen,0,(struct sockaddr *)&client,clen);


#include <netinet/ip.h>

#define SERVER_HOST "" // default server IP: localhost
#define SERVER_PORT 1234 // fixed server port number 
#define BUFLEN 256 //max length of buffer 

char line[BUFLEN];
struct sockaddr_in other,server;
int sock, rlen,slen=sizeof(server);

int main()
    printf("1.createaUDP socket\n");
    sock =socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
    printf("2. fill in server address and port number\n");
    memset((char *) &server,0,sizeof(server));

        printf("Entera line:");
        printf("send line to server\n");
        sendto(sock,line,strlen(line),0,(struct sockaddr *)&server,slen);
        printf("try to receive a line from server\n");
        rlen=recvfrom(sock,line,BUFLEN,0,(struct sockaddr*)&server,&slen);

But the running results are different from those in the book

       Run two programs at two terminals, but always run halfway. The server stops when it receives datagrams, and the client is stuck in the middle. The reason has not been found yet. It may also be my operation problem.

3, Learning perception

       Some knowledge of network programming, such as TCP/IP structure, UDP protocol, datagram, etc., were learned in computer network last semester, but this time we need to program it. I think it's still a little difficult. In particular, I learned the discrimination methods of pointer function and function pointer last class. I still feel a little confused, so it is a little difficult to understand some library functions. But I'm also learning with some materials. Hope to deepen the understanding of network programming.

Posted by azukah on Sun, 28 Nov 2021 08:52:28 -0800