Linux cookedmode:理解内核传输协议与网络数据传输方式 (linux cooked-mode)
Linux CookedMode:理解内核传输协议与网络数据传输方式
Linux CookedMode是linux内核网络协议栈中一种比较常用的协议,在网络数据传输中发挥着重要的作用。在本篇文章中,我们将会详细介绍Linux CookedMode的相关概念以及作用,并且深入探究内核传输协议和网络数据传输方式之间的关系。
一、Linux CookedMode的概念
Linux CookedMode是一种Linux内核传输协议,在linux网络协议栈中主要与raw socket配合使用,实现在以太网层面的数据抓取。同时,它也能够实现在内核中进行自定义协议开发与实现。
二、CookedMode在网络数据传输中的作用
1. 数据的抓取与分析
CookedMode最主要的作用就是实现对于数据的抓取和分析。在网络数据传输中,CookedMode可以监听数据包的传输,实时的把数据包以原始数据的形式进行展现或者放入到用户定义的协议栈之中,将其用于分析或者作为网络抓包工具的支持。
2. 内核传输协议的定义与实现
CookedMode也可以被用来定义和实现自定义的内核传输协议,这些协议存在于内核和用户空间之间,同时也能够直接和内核中的其他协议进行通信。在这种情况下,CookedMode主要是作为一个桥梁的作用,连接用户空间和内核层之间的通信。
三、内核传输协议与网络数据传输方式
1. 内核传输协议的定义
内核传输协议是一种面向消息的协议,它不同于传统的socket层面的TCP和UDP协议,而是通过内核来实现消息的传递。内核传输协议可以用于在内核中定义和实现自己的协议,同时作为与其他协议进行通信的接口。
2. 网络数据传输方式的分类
网络数据传输方式一般分为三种:面向连接的传输方式、无连接的传输方式和面向消息的传输方式。其中面向连接的传输方式和无连接的传输方式是最常见的,而面向消息的传输方式则可以通过内核传输协议进行实现。
3. 内核传输协议与网络数据传输方式的关系
内核传输协议可以用于在内核中定义和实现自己的协议,在这个过程中可以按照消息的传输方式实现数据的传递。同时,CookedMode也可以被用来实现内核传输协议,将消息传递的方式直接扩展到内核层面。因此,在一定程度上可以说内核传输协议和网络数据传输方式有着密切的关系。
四、
本篇文章主要介绍了Linux CookedMode及其作用,并且深入探究了内核传输协议和网络数据传输方式之间的关系。CookedMode作为一种常用的内核传输协议,可以用于在内核中定义和实现自己的协议,在数据的抓取和分析中也有着重要的作用。同时,内核传输协议与网络数据传输方式之间也存在着密切的联系,相互之间能够进行互相增强和完善。
相关问题拓展阅读:
a la是什么意思。a la carte点菜 a la mode加冰淇淋 都有a la
a la…是法语,基本相当于英语的 at/to the…
离开后面的词,无法确定含义,a la carte直译是“哗桥对着单子”,意译为点菜;a la mode直译为“符合时尚的”,加
冰闭孝淇淋
是从冷饮用语引申乱态猛出来的。
就是按…方式的意思。
以下来自字典:
a la
preposition
(of a dish) cooked or prepared in a specified style or manner
(菜)按…方式,按…风味
fish cooked à la meunière.
蘸上面粉用黄油煎炸的鱼。
■(informal)in the style or manner of
(非闭培正式)以…方旁亩式,以…风格
afternoon talk shows à la Oprah.
linux下的pcap-int.h在哪个目录?
给你查了下,说新版的中稿没这个头文件了
下面的是逗拍从
这个卖指孝网址找到的,你直接拿来用试试
pcap-int.h
/*
* Copyright (c) 1994, 1995, 1996
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Computer Systems
* Engineering Group at Lawrence Berkeley Laboratory.
* 4. Neither the name of the University nor of the Laboratory may be used
* to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS “AS IS” AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#) $Header: /cvs/root/libpcap/libpcap/pcap-int.h,v 1.1.1.3 2023/02/05 19:22:28 rbraun Exp $ (LBL)
*/
#ifndef pcap_int_h
#define pcap_int_h
#ifdef __cplusplus
extern “C” {
#endif
#include
#ifdef WIN32
#include
#endif /* WIN32 */
/*
* Savefile
*/
typedef enum {
NOT_SWAPPED,
SWAPPED,
MAYBE_SWAPPED
} swapped_type_t;
struct pcap_sf {
FILE *rfile;
int swapped;
int hdrsize;
swapped_type_t lengths_swapped;
int version_major;
int version_minor;
u_char *base;
};
struct pcap_md {
struct pcap_stat stat;
/*XXX*/
int use_bpf; /* using kernel filter */
u_long TotPkts; /* can’t oflow for 79 hrs on ether */
u_long TotAccepted; /* count accepted by filter */
u_long TotDrops; /* count of dropped packets */
long TotMissed; /* missed by i/f during this run */
long OrigMissed; /* missed by i/f before this run */
#ifdef linux
int sock_packet; /* using Linux 2.0 compatible interface */
int timeout; /* timeout specified to pcap_open_live */
int clear_promisc; /* must clear promiscuous mode when we close */
int cooked; /* using SOCK_DGRAM rather than SOCK_RAW */
int lo_ifindex; /* interface index of the loopback device */
char *device; /* device name */
struct pcap *next; /* list of open promiscuous sock_packet pcaps */
#endif
#ifdef HAVE_DAG_API
void *dag_mem_base; /* DAG card memory base address */
u_int dag_mem_bottom; /* DAG card current memory bottom pointer */
u_int dag_mem_top; /* DAG card current memory top pointer */
int dag_fcs_bits; /* Number of checksum bits from link layer */
int dag_offset_flags; /* Flags to pass to dag_offset(). */
#endif
};
struct pcap {
#ifdef WIN32
ADAPTER *adapter;
LPPACKET Packet;
int timeout;
int nonblock;
#else
int fd;
int selectable_fd;
#endif /* WIN32 */
int snapshot;
int linktype;
int tzoff; /* timezone offset */
int offset; /* offset for proper alignment */
int break_loop; /* flag set to force break from packet-reading loop */
struct pcap_sf sf;
struct pcap_md md;
/*
* Read buffer.
*/
int bufsize;
u_char *buffer;
u_char *bp;
int cc;
/*
* Place holder for pcap_next().
*/
u_char *pkt;
/*
* Methods.
*/
int (*read_op)(pcap_t *, int cnt, pcap_handler, u_char *);
int (*setfilter_op)(pcap_t *, struct bpf_program *);
int (*set_datalink_op)(pcap_t *, int);
int (*getnonblock_op)(pcap_t *, char *);
int (*setnonblock_op)(pcap_t *, int, char *);
int (*stats_op)(pcap_t *, struct pcap_stat *);
void (*close_op)(pcap_t *);
/*
* Placeholder for filter code if bpf not in kernel.
*/
struct bpf_program fcode;
char errbuf;
int dlt_count;
int *dlt_list;
struct pcap_pkthdr pcap_header; /* This is needed for the pcap_next_ex() to work */
};
/*
* This is a timeval as stored in disk in a dumpfile.
* It has to use the same types everywhere, independent of the actual
* `struct timeval’
*/
struct pcap_timeval {
bpf_int32 tv_sec; /* seconds */
bpf_int32 tv_usec; /* microseconds */
};
/*
* How a `pcap_pkthdr’ is actually stored in the dumpfile.
*
* Do not change the format of this structure, in any way (this includes
* changes that only affect the length of fields in this structure),
* and do not make the time stamp anything other than seconds and
* microseconds (e.g., seconds and nanoseconds). Instead:
*
* introduce a new structure for the new format;
*
* send mail to “”, requesting a new
* magic number for your new capture file format, and, when
* you get the new magic number, put it in “savefile.c”;
*
* use that magic number for save files with the changed record
* header;
*
* make the code in “savefile.c” capable of reading files with
* the old record header as well as files with the new record header
* (using the magic number to determine the header format).
*
* Then supply the changes to “”, so that future
* versions of libpcap and programs that use it (such as tcpdump) will
* be able to read your new capture file format.
*/
struct pcap_sf_pkthdr {
struct pcap_timeval ts; /* time stamp */
bpf_u_int32 caplen; /* length of portion present */
bpf_u_int32 len; /* length this packet (off wire) */
};
/*
* How a `pcap_pkthdr’ is actually stored in dumpfiles written
* by some patched versions of libpcap (e.g. the ones in Red
* Hat Linux 6.1 and 6.2).
*
* Do not change the format of this structure, in any way (this includes
* changes that only affect the length of fields in this structure).
* Instead, introduce a new structure, as per the above.
*/
struct pcap_sf_patched_pkthdr {
struct pcap_timeval ts; /* time stamp */
bpf_u_int32 caplen; /* length of portion present */
bpf_u_int32 len; /* length this packet (off wire) */
int index;
unsigned short protocol;
unsigned char pkt_type;
};
int yylex(void);
#ifndef min
#define min(a, b) ((a) > (b) ? (b) : (a))
#endif
/* XXX should these be in pcap.h? */
int pcap_offline_read(pcap_t *, int, pcap_handler, u_char *);
int pcap_read(pcap_t *, int cnt, pcap_handler, u_char *);
/*
* Ultrix, DEC OSF/1^H^H^H^H^H^H^H^H^HDigital UNIX^H^H^H^H^H^H^H^H^H^H^H^H
* Tru64 UNIX, and NetBSD pad to make everything line up on a nice boundary.
*/
#if defined(ultrix) || defined(__osf__) || defined(__NetBSD__)
#definePCAP_FDDIPAD 3
#endif
#ifndef HAVE_STRLCPY
#define strlcpy(x, y, z) \
(strncpy((x), (y), (z)), \
((z)
#if !defined(HAVE_SNPRINTF)
#define snprintf pcap_snprintf
extern int snprintf (char *, size_t, const char *, …);
#endif
#if !defined(HAVE_VSNPRINTF)
#define vsnprintf pcap_vsnprintf
extern int vsnprintf (char *, size_t, const char *, va_list ap);
#endif
/*
* Routines that most pcap implementations can use for non-blocking mode.
*/
#ifndef WIN32
int pcap_getnonblock_fd(pcap_t *, char *);
int pcap_setnonblock_fd(pcap_t *p, int, char *);
#endif
/*
* Internal interfaces for “pcap_findalldevs()”.
*
* “pcap_platform_finddevs()” is a platform-dependent routine to
* add devices not found by the “standard” mechanis (SIOCGIFCONF,
* “getifaddrs()”, etc..
*
* “pcap_add_if()” adds an interface to the list of interfaces.
*/
int pcap_platform_finddevs(pcap_if_t **, char *);
int add_addr_to_iflist(pcap_if_t **, char *, u_int, struct sockaddr *,
size_t, struct sockaddr *, size_t, struct sockaddr *, size_t,
struct sockaddr *, size_t, char *);
int pcap_add_if(pcap_if_t **, char *, u_int, const char *, char *);
struct sockaddr *dup_sockaddr(struct sockaddr *, size_t);
int add_or_find_if(pcap_if_t **, pcap_if_t **, const char *, u_int,
const char *, char *);
#ifdef WIN32
char *pcap_win32strerror(void);
#endif
/* XXX */
extern int pcap_fddipad;
int install_bpf_program(pcap_t *, struct bpf_program *);
int pcap_strcasecmp(const char *, const char *);
#ifdef __cplusplus
}
#endif
关于linux cooked-mode的介绍到此就结束了,不知道你从中找到你需要的信息了吗 ?如果你还想了解更多这方面的信息,记得收藏关注本站。
