监控TCP连接使用半开放/未完成连接。

huangapple go评论71阅读模式
英文:

Monitor TCP connection using half-open/embryonic connection

问题

我想要使用TCP 半开放胚胎状态 连接来监视一个TCP/IP终端,正如在《RFC793》中定义的那样。此类监视的目的是检测TCP终端是否可用。半开放监视对于减少对TCP终端的监视开销非常重要。
TCP连接状态为 SYN->SYN-ACK<-RST

是否可能在Java中实现这样的监视?可以使用Netty库吗?

英文:

I would like to monitor a TCP/IP endpoint using TCP half-open or embryonic connection as defined in RFC793. The purpose of such monitoring is to detect whether the TCP endpoint is available or not. Hal-open monitoring is important to reduce the footprint of such monitoring for the TCP endpoint.
The TCP cinematic is SYN->SYN-ACK<-RST.

Is it possible to implement such monitoring in Java? Using Netty library?

答案1

得分: 3

这似乎是可以实现的,但需要使用另一个用于Java的低级TCP实现。

这个库可能会有帮助:https://github.com/mlaccetti/rocksaw/blob/master/src/main/java/com/savarese/rocksaw/net/RawSocket.java

一个低级发送SYN命令的示例:

https://github.com/dangan249/RawSocket/blob/master/ccs/neu/edu/andang/RawSocketClient.java#L181-L182

private final byte SYN_FLAG = (byte) 2;
private final byte ACK_FLAG = (byte) 16;

    ...
// 发送SYN数据包
sendMessage(null, this.getCurrentSeqNum(), this.getCurrentACKNum(), SYN_FLAG);
    

这实际上只是将正确的数据包写入套接字:

TCPHeader header = new TCPHeader( this.sourcePort, this.destPort, sequenceNum ,
                ackNum, flags , AD_WINDOW_SIZE ) ;

TCPPacket packet = new TCPPacket( header );

...
this.rSock.write( this.destAddress, packet.toByteArray() ) ;

通过这样做,可以实现所需的一系列操作,包括所期望的SYN->SYNC-ACK<-RST序列。

英文:

It seems to be achievable but one needs to use another low-level implementation of the TCP for java.

This library might help: https://github.com/mlaccetti/rocksaw/blob/master/src/main/java/com/savarese/rocksaw/net/RawSocket.java

An example of low-level sending SYN command:

https://github.com/dangan249/RawSocket/blob/master/ccs/neu/edu/andang/RawSocketClient.java#L181-L182

private final byte SYN_FLAG = (byte) 2;
private final byte ACK_FLAG = (byte) 16;

    ...
// send the SYN packet
sendMessage(null, this.getCurrentSeqNum(), this.getCurrentACKNum(), SYN_FLAG);
    

which boils down to just writing a proper packet into the socket:

TCPHeader header = new TCPHeader( this.sourcePort, this.destPort, sequenceNum ,
                ackNum, flags , AD_WINDOW_SIZE ) ;

TCPPacket packet = new TCPPacket( header );

...
this.rSock.write( this.destAddress, packet.toByteArray() ) ;

By doing that one can implement a needed sequence of operations including the wanted SYN-&gt;SYNC-ACK&lt;-RST

答案2

得分: 0

@Andremoniy的答案被修改,以构建一个执行半开/未完全建立检查的简单C二进制文件。这个C二进制文件需要具备RAW SOCKET Linux权限。它通过在Java代码中使用Runtime.exec()来执行。
与使用rocksaw库相比,优势在于避免为执行此类检查所需的额外权限而运行整个Java进程。

英文:

@Andremoniy answer was refined to build a simple C binary doing half-open/embryonic check. The C binary binary has required RAW SOCKET Linux capability. It is executed from Java code using Runtime.exec().
The advantage comparing to using rocksaw library is to avoid running the whole Java process with additional capabilities required for doing such check.

huangapple
  • 本文由 发表于 2020年10月1日 18:01:54
  • 转载请务必保留本文链接:https://go.coder-hub.com/64153115.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定