摘  要
隨著計算機網(wǎng)絡(luò)技術(shù)的飛速發(fā)展，網(wǎng)絡(luò)安全問題顯得尤其突出。通過采集網(wǎng)絡(luò)數(shù)據(jù)并對其進行相應(yīng)的分析，可以清楚地了解到網(wǎng)絡(luò)上使用的各種協(xié)議。分析采集到的數(shù)據(jù)包，可以確定網(wǎng)絡(luò)是否被類似端口掃描這樣的攻擊入侵；其次，使用網(wǎng)絡(luò)應(yīng)用程序時，有時會因為某些原因造成應(yīng)用程序不能正常運行，這種情況下也可以使用采集到的數(shù)據(jù)包來分析，從而推斷出發(fā)生問題的原因；此外，利用數(shù)據(jù)包，還可以清楚的了解整個網(wǎng)絡(luò)在各個時段內(nèi)的網(wǎng)絡(luò)負載情況，并能調(diào)查處是哪一臺計算機造成了網(wǎng)絡(luò)的負載過重，從而判斷網(wǎng)絡(luò)使用得是否合理。除了以上談到的幾個方面以外，數(shù)據(jù)包分析還有其他很多用途。
TCP/IP數(shù)據(jù)包的分析比較復(fù)雜，首先這種分析是基于對TCP/IP協(xié)議族的理解之上的，其次對數(shù)據(jù)包的結(jié)構(gòu)也要有很深的認識。本文從以太網(wǎng)的結(jié)構(gòu)內(nèi)容開始，介紹了以太網(wǎng)的構(gòu)成，在分析TCP/IP協(xié)議的基礎(chǔ)上，研究了基于Linux平臺的數(shù)據(jù)包分析軟件。重點介紹了數(shù)據(jù)包分析器的設(shè)計原理，方案以及實現(xiàn)方法。最后對軟件的具體操作說明也做了簡單的解釋，從而，設(shè)計了一套完整的數(shù)據(jù)包分析方案。

關(guān)鍵詞    以太網(wǎng)      TCP/IP協(xié)議      包捕獲機制       包過濾機制       
ABSTRACT
With the development at full speed of computer network technology, The network safety problem appears especially outstanding. Carrying out corresponding analysis by collecting the network data and to the person, Can know to arrive at the various agreement being put into use on the network clearly. Analysising collects the data bag arriving at, the attack being able to ascertain if network such is scanned by similar end invades; Secondly, the use of network applications, sometimes because of certain causes application from running, Under such circumstances it can use the data collected to analyze packets, thus infer a problem and the reasons for it; And besides, make use of data bag, can be clear knowing network loads entire network condition within each time intervals, being able to inquire into a place is that which one platform computer has brought about loads network overweight, have judged that the network is put into use such that being rational or not thereby. Outside several aspect talking about except all above, data bag analysis is still had other many use.
The analysising of TCP/IP data bag is comparatively difficult and inconvenient, First of all this analysis is based on a national agreement TCP/IP understanding of the above, Second, the structure of data packets must be well versed in. This paper introduced the composition of Ethernet from the structure and content, on the basis of agreement of TCP/IP analysis, did the research about data analysis software packages on Linux-based. Focus on the data packet analyzer design, programming and implementation. Finally, the software specific instructions have also done a simple explanation. At this point, provide a complete set of data packet analysis program.

KEY  WORDS              Aether net       TCP/IP agreement       
Capture mechanism of package   Fliteration mechanism of package    
 
目 錄

摘  要 I
ABSTRACT II
第一章 緒 論 1
1.1課題研究背景 1
1.2 課題研究意義 1
1.3 國內(nèi)外研究主要技術(shù)及狀況對比 2
1.3.1 國內(nèi)外研究主要技術(shù) 2
1.3.2 國內(nèi)外研究狀況對比 4
1.4 論文組織結(jié)構(gòu) 5
第二章 以太網(wǎng)和TCP/IP 6
2.1 以太網(wǎng)的結(jié)構(gòu) 6
2.1.1基于網(wǎng)絡(luò)架構(gòu)的以太網(wǎng)的定義 6
2.1.2 RFC894定義的以太幀 6
2.1.3 以太網(wǎng)上的數(shù)據(jù)交換 8
2.2 TCP/IP體系結(jié)構(gòu) 9
2.2.1 TCP/IP協(xié)議族 9
2.2.2 TCP/IP協(xié)議族的優(yōu)點 9
2.2.3 TCP/IP協(xié)議族的分層 9
2.2.4 TCP/IP協(xié)議組件 11
2.2.5 各層的協(xié)議分析 11
2.3 本章小節(jié) 12
第三章 TCP/IP數(shù)據(jù)包分析器設(shè)計原理和方案 13
3.1 TCP/IP數(shù)據(jù)包分析器設(shè)計原理 13
3.2 TCP/IP數(shù)據(jù)包分析器設(shè)計方案 18
3.2.1數(shù)據(jù)包分析器的系統(tǒng)架構(gòu) 18
3.2.2 實現(xiàn)機制 20
3.3本章小節(jié) 21
第四章 TCP/IP數(shù)據(jù)包分析器設(shè)計過程 22
4.1包的捕獲過程 22
4.2包的分析過程 22
4.3本章小節(jié) 25
第五章 TCP/IP數(shù)據(jù)包分析器實現(xiàn) 26
5.1 數(shù)據(jù)包捕獲的實現(xiàn) 26
5.1.1創(chuàng)建套接字 26
5.1.2把網(wǎng)卡設(shè)置為混雜模式 26
5.1.3捕獲數(shù)據(jù)包 27
5.1.4分析數(shù)據(jù)包 28
5.2數(shù)據(jù)包分析的實現(xiàn) 28
5.2.1 對以太幀的分析 28
5.2.2 對IP數(shù)據(jù)報的分析 29
5.2.3 對TCP/UDP數(shù)據(jù)報的分析 30
5.3 利用圖示表示數(shù)據(jù)報流量隨時間變化 32
5.4 對特定端口的觀察 32
5.5 本章小節(jié) 33
第六章 網(wǎng)絡(luò)數(shù)據(jù)采集的研究與應(yīng)用 35
6.1 廣播式以太網(wǎng)與交換式以太網(wǎng) 35
6.2 基于鏈表結(jié)構(gòu)的網(wǎng)絡(luò)數(shù)據(jù)動態(tài)采集 36
6.2.1 鏈表結(jié)構(gòu)的設(shè)計 36
6.2.2 鏈表結(jié)構(gòu)的測試 37
6.3本章小節(jié) 38
第七章 總結(jié)與展望 39
7.1總結(jié) 39
7.2展望 39
結(jié)束語 40
參考文獻 41
附  錄1 42