这里写目录标题

  • 需要用到的命令
  • 代码
    • server代码
    • client代码(ip自己确定一下是同一个机器还是两台机器)
  • server启动
    • 启动server
    • 查看网络
  • 启动抓包窗口
  • client启动
  • 开始查看抓包内容
    • 启动内容
      • 这时候再次查看网络
    • Client发起数据
      • 这时候查看抓包
      • 再次查看网络
    • Server 接收数据
      • 取消Server的阻塞
        • 再次lsof查看
    • 四次挥手
    • 总结
  • 额外
    • 拥塞机制
    • 抓包查看

需要用到的命令

lsof -p
netstat -natp
tcpdump
jps     // java-1.8.0-openjdk-devel

代码

server代码

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketException;public class SocketBioDemo {// 参数private static final int RECEIVE_BUFFER = 10;private static final int SO_TIMEOUT = 0;private static final boolean REUSE_ADDR = false;// 服务启动之后 太多的链接  资源不够  等待的数量 超过拒绝private static final int BACK_LOG = 2;// 通讯中的参数// 长链接private static final boolean _KEEPALIVE = false;// 是否优先发一个字符做嗅探private static final boolean _OOB = false;// netstat -natp 查看receive q 相关private static final int _REC_BUF = 20;// 是否重定向地址private static final boolean _REUSE_ADDR = false;// send bufferprivate static final int _SEND_BUF = 20;// 断开连接的速度private static final boolean _LINGER = true;//???private static final int _LINGER_N = 0;// 读取的时候 超时时间 等client多久private static final int _TIMEOUT = 0;// tcp优化算法 发送数据比较少可以缓冲private static final boolean _NO_DELAY = false;public static void main(String[] args) {System.out.println("server");ServerSocket serverSocket = null;try {serverSocket = new ServerSocket();serverSocket.bind(new InetSocketAddress(11111), BACK_LOG);serverSocket.setReceiveBufferSize(RECEIVE_BUFFER);serverSocket.setReuseAddress(REUSE_ADDR);serverSocket.setSoTimeout(SO_TIMEOUT);while (true){try {System.in.read();Socket client = serverSocket.accept();System.out.println("client:" + client.getPort());client.setKeepAlive(_KEEPALIVE);client.setOOBInline(_OOB);client.setReceiveBufferSize(_REC_BUF);client.setReuseAddress(_REUSE_ADDR);client.setSendBufferSize(_SEND_BUF);client.setSoLinger(_LINGER, _LINGER_N);client.setSoTimeout(_TIMEOUT);client.setTcpNoDelay(_NO_DELAY);new Thread(() -> {while (true) {InputStream in = null;try {in = client.getInputStream();BufferedReader reader = new BufferedReader(new InputStreamReader(in));char[] data = new char[1024];int  num = reader.read(data);if (num > 0) {System.out.println("data:" + num + "," + new String(data, 0, num));}else if(num==0){}else{System.out.println("close");client.close();break;}} catch (IOException e) {System.out.println(e.getMessage());e.printStackTrace();}}}).start();}  catch (IOException e) {System.out.println(e.getMessage());e.printStackTrace();} finally {try {serverSocket.close();} catch (IOException e) {System.out.println(e.getMessage());e.printStackTrace();}}}}catch (IOException e) {System.out.println(e.getMessage());e.printStackTrace();}}
}

client代码(ip自己确定一下是同一个机器还是两台机器)

import java.io.*;
import java.net.Socket;public class SocketBioClient {public static void main(String[] args) {System.out.println("start");try {Socket client = new Socket("<ip>",11111);client.setSendBufferSize(20);client.setTcpNoDelay(false);client.setOOBInline(false);OutputStream out = client.getOutputStream();InputStream in = System.in;BufferedReader reader = new BufferedReader(new InputStreamReader(in));while (true){String line = reader.readLine();System.out.println("read:"+line);if(line!=null){byte[] bb = line.getBytes();for (byte b :bb){out.write(b);}}}}  catch (IOException e) {e.printStackTrace();}}
}

server启动

启动server

java Server

查看网络

netstat -natp

这时候你大概能看到这样的东西

这时候用jps查看下,获取到这个server的文件标识符

jps


lsof -p 21154


这一整个,就是当前server启动的记录了

启动抓包窗口

// 由于client启动的时候会发出消息,这里要先启动抓包,ifconfig 查一下自己的网卡,然后替换掉<NETWORK>
tcpdump -nn -i <NETWORK> port 11111
// 例如
tcpdump -nn -i ens3 port 11111
// 如果是同一台机器,client的ip是127.0.0.1,那就要监听lo了 例如
tcpdump -nn -i lo port 11111

client启动

java Client

开始查看抓包内容

启动内容

20:10:48.740386 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [S], seq 3826206646, win 43690, options [mss 65495,sackOK,TS val 976498522 ecr 0,nop,wscale 7], length 0
20:10:48.740410 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [S.], seq 2352561994, ack 3826206647, win 1152, options [mss 65495,sackOK,TS val 976498522 ecr 976498522,nop,wscale 0], length 0
20:10:48.740430 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [.], ack 1, win 342, options [nop,nop,TS val 976498522 ecr 976498522], length 0

这就是http三次握手的具体内容,具体自行查阅seq ack等

这时候再次查看网络

netstat -natp

之前就看到的listen

这里的第二个是代表内核态已经有了这个,但是目前没有分配给任何程序处理,前面的recv-q 和send-q 都是0,没有任何数据堆积

一个是client链接server

Client发起数据

// 例如
hello

这时候查看抓包

20:10:48.740386 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [S], seq 3826206646, win 43690, options [mss 65495,sackOK,TS val 976498522 ecr 0,nop,wscale 7], length 0
20:10:48.740410 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [S.], seq 2352561994, ack 3826206647, win 1152, options [mss 65495,sackOK,TS val 976498522 ecr 976498522,nop,wscale 0], length 0
20:10:48.740430 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [.], ack 1, win 342, options [nop,nop,TS val 976498522 ecr 976498522], length 0
20:24:14.408096 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [P.], seq 1:2, ack 1, win 342, options [nop,nop,TS val 977304190 ecr 976498522], length 1
20:24:14.408152 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [.], ack 2, win 1151, options [nop,nop,TS val 977304190 ecr 977304190], length 0
20:24:14.408221 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [P.], seq 2:3, ack 1, win 342, options [nop,nop,TS val 977304190 ecr 977304190], length 1
20:24:14.448105 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [.], ack 3, win 1150, options [nop,nop,TS val 977304230 ecr 977304190], length 0
20:24:14.448187 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [P.], seq 3:6, ack 1, win 342, options [nop,nop,TS val 977304230 ecr 977304230], length 3
20:24:14.488099 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [.], ack 6, win 1147, options [nop,nop,TS val 977304270 ecr 977304230], length 0

因为Server的参数设置,所以hello 分三次 h e llo 看到后面的length可以看的出来

再次查看网络

netstat -natp

这里棉的recv-q,已经变成了5 已经有数据了,但是仍旧没有程序处理

Server 接收数据

取消Server的阻塞

敲一下回车,这时候就不阻塞了,我们看到client发来的消息

####查看网络

netstat -natp

已经没有阻塞的数据了,后面也有标识,java开始处理

再次lsof查看

// jps获取文件标识符
jps
// lsof 查看状态
lsof -p 18148

四次挥手

20:10:48.740386 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [S], seq 3826206646, win 43690, options [mss 65495,sackOK,TS val 976498522 ecr 0,nop,wscale 7], length 0
20:10:48.740410 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [S.], seq 2352561994, ack 3826206647, win 1152, options [mss 65495,sackOK,TS val 976498522 ecr 976498522,nop,wscale 0], length 0
20:10:48.740430 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [.], ack 1, win 342, options [nop,nop,TS val 976498522 ecr 976498522], length 0
20:24:14.408096 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [P.], seq 1:2, ack 1, win 342, options [nop,nop,TS val 977304190 ecr 976498522], length 1
20:24:14.408152 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [.], ack 2, win 1151, options [nop,nop,TS val 977304190 ecr 977304190], length 0
20:24:14.408221 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [P.], seq 2:3, ack 1, win 342, options [nop,nop,TS val 977304190 ecr 977304190], length 1
20:24:14.448105 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [.], ack 3, win 1150, options [nop,nop,TS val 977304230 ecr 977304190], length 0
20:24:14.448187 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [P.], seq 3:6, ack 1, win 342, options [nop,nop,TS val 977304230 ecr 977304230], length 3
20:24:14.488099 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [.], ack 6, win 1147, options [nop,nop,TS val 977304270 ecr 977304230], length 0
20:48:19.676947 IP 192.168.31.151.54188 > 192.168.31.151.11111: Flags [F.], seq 6, ack 1, win 342, options [nop,nop,TS val 978749458 ecr 977304270], length 0
20:48:19.678164 IP 192.168.31.151.11111 > 192.168.31.151.54188: Flags [R.], seq 1, ack 7, win 1147, options [nop,nop,TS val 978749460 ecr 978749458], length 0

如果你看懂了以上的内容,那么,为什么握手三次即可,但是挥手却要四次,抓包为什么只看到了新增两行信息而不是四行

总结

额外

拥塞机制

在上文中搜索win,即可看到win的数值,win是互相通知win的大小,如果server的win过小,客户端回自己阻塞

抓包查看

  1. 启动server保持阻塞状态
  2. 启动client不停的输入
  3. 查看抓包
20:55:37.852720 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [S], seq 1721479900, win 43690, options [mss 65495,sackOK,TS val 979187634 ecr 0,nop,wscale 7], length 0
20:55:37.852739 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [S.], seq 3727003628, ack 1721479901, win 1152, options [mss 65495,sackOK,TS val 979187634 ecr 979187634,nop,wscale 0], length 0
20:55:37.852753 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [.], ack 1, win 342, options [nop,nop,TS val 979187634 ecr 979187634], length 0
20:55:43.949972 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 1:2, ack 1, win 342, options [nop,nop,TS val 979193731 ecr 979187634], length 1
20:55:43.949987 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 2, win 1151, options [nop,nop,TS val 979193731 ecr 979193731], length 0
20:55:43.950045 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 2:3, ack 1, win 342, options [nop,nop,TS val 979193732 ecr 979193731], length 1
20:55:43.990076 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 3, win 1150, options [nop,nop,TS val 979193772 ecr 979193732], length 0
20:55:43.990112 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 3:75, ack 1, win 342, options [nop,nop,TS val 979193772 ecr 979193772], length 72
20:55:44.030063 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 75, win 1078, options [nop,nop,TS val 979193812 ecr 979193772], length 0
20:55:48.418981 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 75:76, ack 1, win 342, options [nop,nop,TS val 979198200 ecr 979193812], length 1
20:55:48.419026 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 76, win 1077, options [nop,nop,TS val 979198200 ecr 979198200], length 0
20:55:48.419063 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 76:77, ack 1, win 342, options [nop,nop,TS val 979198201 ecr 979198200], length 1
20:55:48.459076 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 77, win 1076, options [nop,nop,TS val 979198241 ecr 979198201], length 0
20:55:48.459104 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 77:156, ack 1, win 342, options [nop,nop,TS val 979198241 ecr 979198241], length 79
20:55:48.499079 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 156, win 997, options [nop,nop,TS val 979198281 ecr 979198241], length 0
20:55:53.954209 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 156:157, ack 1, win 342, options [nop,nop,TS val 979203736 ecr 979198281], length 1
20:55:53.954222 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 157, win 996, options [nop,nop,TS val 979203736 ecr 979203736], length 0
20:55:53.954237 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 157:158, ack 1, win 342, options [nop,nop,TS val 979203736 ecr 979203736], length 1
20:55:53.994042 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 158, win 995, options [nop,nop,TS val 979203776 ecr 979203736], length 0
20:55:53.994056 IP 192.168.31.151.40218 > 192.168.31.151.11111: Flags [P.], seq 158:238, ack 1, win 342, options [nop,nop,TS val 979203776 ecr 979203776], length 80
20:55:54.034072 IP 192.168.31.151.11111 > 192.168.31.151.40218: Flags [.], ack 238, win 915, options [nop,nop,TS val 979203816 ecr 979203776], length 0

这样就可以看出server测的win是逐渐变小的

通过抓包来看http三次握手的具体细节相关推荐

  1. wireshark抓包图解 TCP三次握手/四次挥手详解

    一. TCP/IP协议族 TCP/IP是一个协议族,通常分不同层次进行开发,每个层次负责不同的通信功能.包含以下四个层次: 1. 链路层,也称作数据链路层或者网络接口层,通常包括操作系统中的设备驱动程 ...

  2. 客户端主动断开连接_Go实现客户端和服务器抓包分析TCP三次握手和断开操作

    本文主要是想通过抓包工具分析一下TCP三次握手和断开过程: 1.TCP三次握手建立连接和断开连接解释,如下图: TCP三次握手建立连接和断开连接 2.通过WireShark抓包查看这个TCP过程,数据 ...

  3. linux过滤端口抓包_TCP 协议三次握手抓包分析amp;查看状态

    关注爱因诗贤每天进步一点点导读 前面文章介绍了 TCP 报文头部的格式,TCP 协议是一个面向连接的协议,所以在使用 TCP 协议之前需要先建立连接,而建立连接就需要先 握手,在握手的时候就会有 TC ...

  4. 从Wireshark抓包来看IP分片

    文件来自于前几天CyBRICS 2021中的lx100题目,因为做题时候被IP分片坑到了,发现自己对于网络这一块的知识掌握的并不好,所以写一篇文章来理一下.为了省事就直接用比赛的pcap文件做样例了: ...

  5. 【大白话系列】图解TCP三次握手【使用wireshark工具抓包分析TCP三次交互流程】

    文章目录 1.首先准备好抓包工具wireshark 2.准备一段简单的socket程序 3.打开wireshark工具进行抓包 4.举例了解一下TCP报文段中的ACK和Seq的含义 5.流程分析 6. ...

  6. 阿里系App抓包分析(三)

    上一篇文章<阿里系App抓包分析(二)>简单介绍了Mtop的初始化,发现IMtopInitTask是主要用来处理Mtop的初始化的类,经过查看它有三个实现类: InnerMtopInitT ...

  7. Python爬虫何如抓包?这三个案例手把手教会你,非常详细...

    文章目录 哔,老年卡 某牙直播抓包 某博抓包 某手短视频抓包 哔,老年卡 很多小伙伴总是问我,数据来源怎么找啊,怎么抓包,其实很简单,多操作几遍就记住了. 今天咱们通过三个案例来展示一下 某牙直播抓包 ...

  8. wireshark 抓包分析 TCPIP协议的握手

    http://www.cnblogs.com/TankXiao/archive/2012/10/10/2711777.html 转载于:https://www.cnblogs.com/scote/p/ ...

  9. Wireshark配置安装以及抓包教程详解(win10版)(包含TCP IP ICMP 三次握手 半扫描等相关知识 )

    了解过网络安全技术的人都知道一个名词"抓包".那对于局外人,一定会问什么是抓包?考虑到,大家的技术水平不一,我尽可能用非专业的口吻简单的说一下. 抓包就是将网络传输发送与接收的数据 ...

  10. TCP三次握手及tcpdump抓包

    1. TCP报文段的首部格式 说明: ACK : TCP协议规定,只有ACK=1时有效,也规定连接建立后所有发送的报文的ACK必须为1 SYN(SYNchronization) : 在连接建立时用来同 ...

最新文章

  1. 参加拥抱HTML5大会及TOPGEEK社区活动纪实
  2. OpenAI首次推出数学定理推理模型GPT-f,23个推导结果被专业数据库收录
  3. VMware静态地址上网
  4. C - 数据结构实验之查找三:树的种类统计(哈希树)
  5. InSAR 处理软件
  6. android doc例程---Notepad Tutorial学习要点!
  7. vue项目(webpack+mintui),使用hbuilder打包app - 小小人儿大大梦想 - 博客园
  8. 使用OUTPUT从句从SQL Server表删除和归档大量记录
  9. Codeforces Round #449 (Div. 2) B Chtholly's request (预处理)
  10. 2021-04-27
  11. OpenCV项目实战
  12. 北大200页元宇宙报告!六大板块,看20家巨头的元宇宙布局 | 智东西内参
  13. 基于C++的关键字检索系统
  14. gitbook 入门教程之还在搞公众号互推涨粉?gitbook 集成导流工具,轻轻松松躺增粉丝!
  15. Opencv图像处理之平滑(Smoothing)模糊(Blurring)操作
  16. python爬虫爬取公众号_Python selenium爬取微信公众号文章代码详解
  17. openEuler虚拟机配置yum源
  18. Vmware Ubuntu虚拟机磁盘扩容(非常简单)
  19. 线段树模板(建树+更新)
  20. 免费的 PPT 模版资源

热门文章

  1. 关于SQL求同比、环比
  2. gitee推送更新失败问题记录:remote: error: hook declined to update refs/heads/master
  3. 快速达成目标的12种方
  4. 关于绝对路径与相对路径(详细)
  5. 【STM32】时钟相关函数和类型
  6. u盘容量足够,但是提示目标文件过大无法复制的解决办法
  7. 推挽输出与开漏输出结构和原理详解
  8. window的pagefile.sys和hiberfil.sys文件
  9. 江苏开票系统安全接入服务器地址,江苏省增值税发票查询平台网址.doc
  10. 互动拍照 — AR拍照