|
Post by lspnet on Jun 5, 2006 6:04:35 GMT -5
For you networking/coding gurus out there:
I'm looking to construct my own packets to use for a game chat network.
So far I've been able to sniff, interpret, and use incoming packets, but I'm a little stumped on how to construct my own.
I know Vbpcap has a vpSendPacket function that allows you to send raw packets as a byte array. I want to be able to generate and send dynamic packets to the chat server, so the user can type text and chat externally using my program.
Now, I know how to fill the byte array with most of the important TCP/IP header information, but there are a few things I'm not entirely sure about - how would I determine and calculate the TCP and IP header checksums? And what do I fill in as the Sequence and Ack numbers? Does it even matter or could I just be random?
Thanks for your help!
|
|
|
Post by Lorenzo VBPCAP Founder on Jun 7, 2006 3:56:10 GMT -5
Calculating IP Checksums:
According to the RFC on IP (RFC 791), the "official" explanation for how to calculate the IP checksum is as follows:
"The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header."
Unfortunately, this explanation is too simple and is not difficult enough to understand for normal humans. Thus, the following more complex explanation is offered as an aid. (It is worth noting, in passing, that the Internet checksum is such a big deal that an entire RFC is devoted to the topic: RFC 1071, "Computing the Internet Checksum".)
First of all, keep in mind that the checksum is only done on the IP packet's header; It is NOT applied to the actual data in the IP packet. Also note that the checksum field is actually part of the header, but while calculating the checksum, it is considered to be zero. (Otherwise it would create a bizarre situation in which the correct value for the checksum would become dependant on itself. Sort of trying to paint a painting of the painting you're making; You don't know what it's going to look like until you're finished.) Be aware that calculating IP checksums is probably easiest to do in hexadecimal notation.
Basically, to calculate an IP header's checksum:
1. Split the header into a series of 16-bit pieces. Add up all of these 16-bit pieces together. (For this example, let's imagine your result of this operation is 24327 hex.)
2. The result will probably exceed FFFF hex, so remove everything to the left of the last 4 digits, and add it to them. For example, if the result were 24327, you would strip off the 2 (because it's to the left of the last 4 digits), and then you would add it to them. Lo, the result of this is 4329.
3. Subtract the result from FFFF hex (or 1111111111111111 binary, or 65,535 decimal, or 177777 octal; whichever is easiest for you, they're all the same number). For example, in the previous example, you ended up with 4329; FFFF minus 4329 is BCD6.
You now have your IP header checksum. In this case, the checksum field should be set to BCD6.
This works because the checksum is actually "checked" by simply seeing if all the 16-bit words of the header add up to FFFF hex. If they do, the packet is considered "good". If not, the packet is "bad" and gets discarded immediately. So the whole point is to adjust the checksum value so that it makes the packet's sum (or more specifically, the sum of the 16-bit words) equal exactly FFFF.
|
|
|
Post by Lorenzo VBPCAP Founder on Jun 7, 2006 3:56:28 GMT -5
Calculating TCP Checksums:
Unfortunately, although calculating IP checksums is a little bit tricky, TCP checksums are even more involved. TCP happens to be a rather complicated protocol, but it is quite reliable, and to be that reliable, it needs good checksum functions. As with IP, the checksum field in the TCP header is set to zero while the checksum is actually being calculated. Here are the steps to computing the TCP checksum:
1. As with IP, you must split the datagram into 16-bit parts and add them up. However, unlike with IP checksums, TCP checksums are calculated over the entire segment, both the header and the data. Thus, you must divide the ENTIRE segment into 16-bit pieces and add up all of them.
2. TCP (like UDP) uses a 12-byte "pseudo-header" in the checksum as well. This header contains 4 items: The source IP address, the destination IP address, the protocol number, and the 16-bit length of the entire TCP segment (in bytes). Again, all of these are treated as 16-bit words, which are added on top of the addition done in the first step. So when you're done adding all of the TCP segment, add on the source IP address and the destination IP address (both of which will be broken into 2 pieces because they are 32 bits), the protocol number (which will ALWAYS be 6 for TCP, because TCP is protocol number 6; For our 16-bit additions, the protocol number is 0006 hex), and the entire length of the TCP segment, in bytes. That's a lot of addition.
3. If you've made it this far, congratulations, you're almost done. From here on, do the same as with IP: Strip off anything to the left of the last 4 digits (this still assumes you're calculating all this in hexadecimal), and add it to those last 4 digits.
4. Subtract the result from FFFF hex, and the result is your TCP checksum.
|
|
|
Post by Lorenzo VBPCAP Founder on Jun 7, 2006 3:56:59 GMT -5
|
|
|
Post by Lorenzo VBPCAP Founder on Jun 7, 2006 4:02:51 GMT -5
|
|
|
Post by Lorenzo VBPCAP Founder on Jun 7, 2006 4:07:15 GMT -5
Chekcsum www.netfor2.com/tcpsum.htmwww.netfor2.com/ipsum.htmor a general function from experts exchange
public int CheckSumField(byte[] identify) { int sum = 0; message = identify; for(int i = 0; i< message.length; i+=2) { sum += (message[i] * 256); // may be < 0 sum += (int)message[i+1] & 0xFF; if(sum >= 65535) sum -= 0x10000; //65535 -> -1 if(sum < 0x00000) sum += 0x10000; } return sum; }
|
|
|
Post by imperceptus on Mar 18, 2007 18:15:45 GMT -5
Not to res a post. But so most know. Most Chat programs run on TCP/IP already. So you could use winsock with vb6 to cover most of the stuff. Then make a packet class to handle the building of a buffer. from and then send that buffer with the socket. I have done this with battle.net and gamespy chat interfaces. some psuedo
packet buffer append byte packet buffer append dword packet buffer append word packet buffer append byte winsock senddata packet buffer packet buffer clear
i have a class for this somewhere if anyone wants it. i can post it.
|
|