Linux Networking Stack 指導老師 李正帆

Slides:



Advertisements
Similar presentations
COMS W6998 Spring 2010 Erich Nahum
Advertisements

The Journey of a Packet Through the Linux Network Stack
LINUX NETWORK IMPLEMENTATION Jianyong Zhang. Introduction The layer structure of network: 1) BSD socket layer: general data structure for different protocols.
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
Implementation of TCP/IP in Linux (kernel 2.2) Rishi Sinha.
WOW NETWORK SIMULATOR Duke Lee, Mustafa Ergen, Jeff Ko WOW WOW UC Berkeley UC Berkeley.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 TCP/IP Stack Introduction: Looking Under the Hood! Shiv Kalyanaraman Rensselaer Polytechnic Institute.
3Com Switch 4500 切VLAN教學.
Lab2 Tutorial CS340100, Lab2 Brief Introduction 學習重點 – 如何實作 FilterInputStream, FilterOutputStream – 使用 Java IO (ex: 存取檔案 ) 工作項目 – 實作 EndianTranslationInputStream.
Mobile IP Lab TA: 洪敏書
在 Ad-hoc 網路中實現點對 點發送訊息與廣播訊息. 檔案下載  範例程式可在下列網址取得  DEMO 程式可在下列網址取得
軟體保護技術及其弱點 序列號保護與弱點. 組員名單 資訊三乙 D 吳俊緯 資訊三乙 D 吳俊緯 資訊三乙 D 陳品端 資訊三乙 D 陳品端.
第 5 章 深入 Response 物件 製作. 網頁的轉向與強制輸出 - 讓網頁轉彎的 Redirect 敘述 運用 Response 物件的 Redirect 方法,將瀏覽器顯 示的網頁,導向至其他網頁,語法如下: Response.Redirect 網頁路徑與名稱 此網頁路徑與名稱  若是導向到同一台.
簡簡單單 講師 : 資工 96A ID : : PPT 位置 :
© The McGraw-Hill Companies, Inc., 2006© The McGraw-Hill Companies, Inc., 2007 Chapter 7 位址解析通訊協定及 反向位址解析通訊協定.
1 網路實驗 - 安裝無線區域網路網卡以及架設 AP 授課教師 : 侯廷昭 教授. 2 Outline 實驗目的與設備 實驗所需相關知識  WLAN 技術  WEP 技術  NAT 技術 iptables  DHCP 技術  Bridge.
Packet Filtering CS-480b Dick Steflik. Stateless Packet Filters A border router configured to pass or reject packets based on information in the header.
: Robot Motion ★★☆☆☆ 題組: Problem Set Archive with Online Judge 題號: : Robot Motion 解題者:鄭昀旻 解題日期: 2009 年 5 月 20 日 題意:有一機器人會從網格的上(N)方進入, 依網格上之E、W、S、N之指令來行走,題目.
從此處輸入帳號密碼登入到管理頁面. 點選進到檔案管理 點選「上傳檔案」上傳資料 點選瀏覽選擇電腦裡的檔案 可選擇公開或不公開 為平台上的資料夾 此處為檔案分類,可顯示在展示頁面上,若要參加 MY EG 競賽,做品一律上傳到 “ 98 MY EG Contest ” 點選此處確定上傳檔案.
1 LAB 5. Audio Transmission over WLAN/GPRS. 2 Goal 嘗試使用 WLAN/GPRS 傳送 Audio 瞭解 WLAN/GPRS 網路特性 瞭解 WLAN/GPRS 對於 Audio 傳輸之影響 增進對於網路特性及多媒體傳輸的基本認識.
CCUCOMM 網路前瞻實驗室 Yi-Chi Cheng 鄭伊騏
Chapter 7 Queue Management and Packet Scheduling 曾敬任.
演算法 8-1 最大數及最小數找法 8-2 排序 8-3 二元搜尋法.
845: Gas Station Numbers ★★★ 題組: Problem Set Archive with Online Judge 題號: 845: Gas Station Numbers. 解題者:張維珊 解題日期: 2006 年 2 月 題意: 將輸入的數字,經過重新排列組合或旋轉數字,得到比原先的數字大,
Network Analyzer For Ethereal. 基本設備 Hardware pc network card can connect INTERNET Software OS Winpcap Ethereal.
A Search Procedure for Hamilton Paths and Circuits Frank Rubin JACM, Vol. 21, No. 4, pp , Oct
: Function Overloading ★★★☆☆ 題組: Problem Set Archive with Online Judge 題號: 11032:Function Overloading 解題者:許智祺 解題日期: 2007 年 5 月 8 日 題意:判對輸入之數字是否為.
網路介紹及其運用 講師陳炯勳. 5-2 IP 協定 ( 一 ) IP 協定運作 (1) – 網路成員:主機 (Host) 與路由器 (Router) – 路由表 – 電報傳輸運作.
概念性產品企劃書 呂學儒 李政翰.
UPnP Architecture Reporter: shi-han wang DCN LAB.
RTP Real-Time Transport Protocol Speaker: Hsiao-Ting Wang Advisor: Quincy Wu Date: July 2 nd 2009.
-Artificial Neural Network- Matlab操作介紹 -以類神經網路BPN Model為例
1 Netfilter in Linux Bing Qi Department of Computer Science and Engineering Auburn university.
LİNUX-ROUTER-1 Gw1: GW2: ISP1 eth eth /30 LİNUX-ROUTER-2 Gw1: Gw2: eth1.
Cisco Lab - Switch 大綱  Multi-LAN  VLAN  TRUNK  VTP  ACL  Port Channel  Routing  InterVLAN Routing  Static Routing  Homework.
System Administration Network Tools. ping Test connectivity / latency (RTT) ICMP echo request/reply Variants ◦ARP ping  Send ARP instead  May also ping.
1-1 Internetwork Troubleshooting 1 © 2000, Cisco Systems, Inc. Catalyst 6000 Update Asia PAC - March 2000.
Lab-4 ICMP Ping Programming Speaker : Yi-Fong Lin Date:
NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.
LOGO “ Add your company slogan ” Damaga ( 다막아 ) 핵심 0703 프로젝트.
MPLS ( Multi-Protocol Label Switching ) 屬於第三代網路架構,是新一代的 IP 高速骨幹 網路交換標準,由 IETF ( Internet Engineering Task Force ,網際網路工程專案小 組 ) 所提出,由 Cisco 、 3Com 等網路設備大.
LWIP TCP/IP Stack 김백규.
Iptables and apache 魏凡琮 (Jerry Wei). Agenda iptables apache.
LWIP TCP/IP Stack 김백규.
Firewalling With Netfilter/Iptables. What Is Netfilter/Iptables? Improved successor to ipchains available in linux kernel 2.4/2.6. Netfilter is a set.
Speaker: Wei-Lin Chen Advisor: Quincy Wu Date: 2010/01/07 oRTP - A RTP Library.
Asus WL-500GP OS/Platform/Environment Introduction.
Firewall Tutorial Hyukjae Jang Nc lab, CS dept, Kaist.
An initial study on Multi Path Routing Over Multiple Devices in Linux 2.4.x kernel Towards CS522 term project By Syama Sundar Kosuri.
CSC 660: Advanced Operating SystemsSlide #1 CSC 660: Advanced OS Netfilter.
NCTUns Emulation 指導教授:潘仁義 報告者:李詩涵、蕭惠陽. Kernel Re-entering Simulation Methodology  Tunnel 網路介面是實現 Kernel Re-entering Simulation Methodology 的關鍵技術  Tunnel.
Socket Buffer 발표자 유 종 욱 발표일 2003년 10월.
Emblinux DC-MOTOR. 利用 tftp 把 host 和 target 連接 Run kernel Run rootfs.
1 IPTABLES and NAT on Fedora Core 6 Speaker : Rex Wu Date :
專題進度報告 Table PC-2 組員: 楊勝傑 范喻翔 陳琮凱 高國華. 分工 Socket 部分 -- 陳琮凱 范喻翔 TPC SDK -- 楊勝傑 高國華.
Introduction to Linux Firewall
節能轉接插座 認知科學研究所陳啟彰. 設計緣起 不使用的電器如未將插頭拔除, 仍會有少量的電力損耗,這類的 電力損耗稱之為待機損耗 (stand- by loss) 。 不使用的電器如未將插頭拔除, 仍會有少量的電力損耗,這類的 電力損耗稱之為待機損耗 (stand- by loss) 。 家庭用電中,待機損耗約佔總耗.
COMM CCU Final Project Roaming in Wireless Driver 林益宏 黃立維 Jun,
LINUX® Netfilter The Linux Firewall Engine. Overview LINUX® Netfilter is a firewall engine built into the Linux kernel Sometimes called “iptables” for.
Lab 1 Introduction MMLAB. Environment Install Linux OS in a computer( VirtualBox or Vmware or Native) It’s all up to you for selecting Ubuntu Server or.
Linux Firewall Iptables.
Lecture 3: Stateless Packet Filtering. 2 Agenda 1 1 Linux file system - networking sk_buff 2 2 Stateless packet filtering 3 3 About next assignment 4.
Firewalls. A Firewall is: a) Device that interconnects two networks b) Network device that regulates the access to an internal network c) Program that.
CH5 數位微波通信 基本概念 1 數位微波中繼通信系統的組成 2 微波信號的視距傳輸特性 3. 一、基本概念 微波 (Microwave) 一般是指波長為 1m 到 1mm (相當於頻 率從 300MHz ~ 300GHz )範圍的電磁波。 微波通信 (Microwave Communication)
Real-time Transport Control Protocol
Zero-copy Receive Path in Virtio
Packet Filtering Dick Steflik.
FSU CIS 5930 Internet Protocols
Setting Up Firewall using Netfilter and Iptables
Presentation transcript:

Linux Networking Stack 指導老師 李正帆 8/13 專題報告 許基傑

OSI Model L3 L2 Wire Wireless

L2 http://www. unixresources Layer 3 ↑ Layer 1 (interrupt) ↑ net_bh() //處理queue mark_bh(NET_BH) // mark_bh(NET_BH)就是激活軟中net_bh() ↑backlog (queue) ↑sk_buff netif_rx(skb) net_rx(struct device *dev)

L3 http://www.lslnet.com/linux/f/docs1/i28/big5226398.htm #include/net/protocol.h ARP #include/net/ipv4/arp.c Struct arp_packet_type arp_rcv //receive IP Struct ip_packet_type ip_rcv //receive inet_add_protocol () #include/net/ipv4/protocol.c struct inet_protocol  { int (*handler)(struct sk_buff *skb, unsigned short len); void (*err_handler)(struct sk_buff *skb, unsigned char *dp, int len); struct inet_protocol *next; Layer 2

sk_buff http://www. ibm Filter Wireless Packet. Data movement for sockets takes place using a core structure called the socket buffer (sk_buff). An sk_buff contains packet data and also state data that cover multiple layers of the protocol stack. Each packet sent or received is represented with an sk_buff. The sk_buff structure is defined in linux/include/linux/skbuff.h

sk_buff As shown, multiple sk_buff may be chained together for a given connection. Each sk_buff identifies the device structure (net_device) to which the packet is being sent or from which the packet was received. As each packet is represented with an sk_buff, the packet headers are conveniently located through a set of pointers (th, iph, and mac for the Media Access Control, or MAC, header). Because the sk_buff are central to the socket data management, a number of support functions have been created to manage them. Functions exist for sk_buffcreation and destruction, cloning, and queue management. Socket buffers are designed to be linked together for a given socket and include a multitude of information, including the links to the protocol headers, a timestamp (when the packet was sent or received), and the device associated with the packet.

The Path of Incoming IP Packets in L3 http://fantasymew. pixnet ip_rcv()   會被呼叫來去處理 封包 ip_forward() 封包是要轉送 ip_local_deliver() 處理要送給本機端的封包  ip_output() 封包要往外傳輸 Layer 4 TCP tcp_v4_rcv

Netfilter iptables

Packet filtering History Linux kernel 1.1 filtering function from ipfw(BSD) Linux kernel 2.0 ipfwadm [userspace] Linux kernel 2.2 ipchains Linux kernel 2.4 iptables

iptables Userspace Kernel netfilter What difference iptables Userspace Rule Kernel netfilter

Rule http://www. netfilter One rule – One operation Accept Drop Queue (make a copy to userspace) Return Maintain Append (-A) Delete (-D) Insert (-I) Replace (-R) chains

iptables – 5 chains http://ms.ntcb.edu.tw/~steven/article/iptables.htm ip_rcv()   ip_forward() ip_local_deliver()   ip_output()

iptables – 5 chains PREROUTING 封包進入網路卡介面的時候 POSTROUTING 封包即將離開網路介面的時候 FORWARD 封包在轉送的時候,如(從 A 到 B 網段) INPUT 到達本機的封包 OUTPUT 離開本機的封包

filter table

nat table

mangle table

Objective Detect P2P Media pattern Re-routing P2P packet via NAT Differentiate wire/wireless packet Differentiate WLAN client

Ref iptables http://www.netfilter.org/projects/iptables/index.html

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.