diff --git a/data/ch_wireshark/sec_arp.tex b/data/ch_wireshark/sec_arp.tex index 4b31da1..fafc29e 100644 --- a/data/ch_wireshark/sec_arp.tex +++ b/data/ch_wireshark/sec_arp.tex @@ -23,7 +23,7 @@ 了解数据封装成帧的过程,计算帧长度。 \item \textbf{差错检测,FCS计算检验:}计算帧尾校验和, 并用抓包数据文件进行验证。 - \item \textbf{ARP协议分析:}取ARP请求和应答报文,分析其工作过程。 + \item \textbf{ARP协议分析:}抓取ARP请求和应答报文,分析其工作过程。 \end{enumerate} \subsection{实验原理} @@ -63,7 +63,7 @@ Wireshark可以在Windows、Linux和MacOS操作系统中运行, \begin{tabular}{|c|c|c|c|c|c|} \hline \heiti 前导字符 & \heiti 目的MAC地址 & \heiti 源MAC地址 & \heiti 类型 & \heiti IP数据报 & \heiti 帧校验\\ \hline - 8字节 & 6字节 & 6字节 & 2字节 & - & 4字节 \\ \hline + 8字节 & 6字节 & 6字节 & 2字节 & 46-1500字节 & 4字节 \\ \hline \end{tabular} \end{table} @@ -220,7 +220,7 @@ IP地址长度为4字节。每个字段的含义如下: \begin{figure}[!ht] \centering - \includegraphics[width=12cm]{wireshark-statistic} + \includegraphics[width=16cm]{wireshark-statistic} \caption{统计功能} \label{fig:c:wireshark_wireshark-statistic} \end{figure} diff --git a/data/ch_wireshark/sec_ip.tex b/data/ch_wireshark/sec_ip.tex index c9afed8..026d906 100644 --- a/data/ch_wireshark/sec_ip.tex +++ b/data/ch_wireshark/sec_ip.tex @@ -237,7 +237,7 @@ tracert命令(Linux)格式和常用参数如图\ref{fig:tracert-cmd}所示 \subsubsection{ping命令} -本机(示例IP为10.24.90.1)启动Wireshark软件, +本机(示例IP为192.168.1.251)启动Wireshark软件, 选择要监听的网络接口(如eth0、wlan0); 然后在终端发起网络命令:ping IP地址/域名。 @@ -248,7 +248,7 @@ tracert命令(Linux)格式和常用参数如图\ref{fig:tracert-cmd}所示 \begin{figure}[!ht] \centering - \includegraphics[width=12cm]{wireshark-monitor} + \includegraphics[width=16cm]{wireshark-monitor} \caption{Wireshark监视器界面} \label{fig:c:wireshark_wireshark-monitor} \end{figure} @@ -258,7 +258,7 @@ tracert命令(Linux)格式和常用参数如图\ref{fig:tracert-cmd}所示 \begin{figure}[!ht] \centering - \includegraphics[width=12cm]{ip-view} + \includegraphics[width=16cm]{ip-view} \caption{查看IP数据报} \label{fig:c:wireshark_ip-view} \end{figure} @@ -268,7 +268,7 @@ tracert命令(Linux)格式和常用参数如图\ref{fig:tracert-cmd}所示 \begin{figure}[!ht] \centering - \includegraphics[width=12cm]{echo-request} + \includegraphics[width=16cm]{echo-request} \caption{Echo request示例} \label{fig:c:wireshark_echo-request} \end{figure} @@ -280,7 +280,7 @@ tracert命令(Linux)格式和常用参数如图\ref{fig:tracert-cmd}所示 \begin{figure}[!ht] \centering - \includegraphics[width=10cm]{ping-exec} + \includegraphics[width=12cm]{ping-exec} \caption{ping命令执行示例} \label{fig:c:wireshark_ping-exec} \end{figure} @@ -292,7 +292,7 @@ tracert命令(Linux)格式和常用参数如图\ref{fig:tracert-cmd}所示 \subsubsection{traceroute命令} -本机(示例IP为10.24.90.172)启动Wireshark软件, +本机(示例IP为192.168.1.251)启动Wireshark软件, 选择要监听的网络接口(如eth0、wlan0); 然后在终端发起网络命令:traceroute IP地址/域名。 @@ -302,13 +302,13 @@ tracert命令(Linux)格式和常用参数如图\ref{fig:tracert-cmd}所示 \begin{figure}[!ht] \centering - \includegraphics[width=12cm]{wireshark-filter-setup} + \includegraphics[width=16cm]{wireshark-filter-setup} \caption{在Wireshark中设置过滤条件} \label{fig:c:wireshark_wireshark-filter-setup} \end{figure} \item 在终端中使用traceroute命令, - 目的主机是外网的一台设备(如图\ref{fig:c:wireshark_traceroute-exec},示例IP为210.34.0.12)。 + 目的主机是外网的一台设备(如图\ref{fig:c:wireshark_traceroute-exec},示例IP为210.34.0.1)。 \begin{figure}[!ht] \centering diff --git a/data/ch_wireshark/sec_tcp.tex b/data/ch_wireshark/sec_tcp.tex index 60ca5fc..8dfea35 100644 --- a/data/ch_wireshark/sec_tcp.tex +++ b/data/ch_wireshark/sec_tcp.tex @@ -188,9 +188,13 @@ TCP拥塞控制算法一直处在不断的改进之中,围绕对网络环境 直至收到新确认号的ACK则将cwnd更新为ssthresh。 TCP NewReno则进一步改进了快速恢复算法。 -随着网络速度增长,传统拥塞控制算法的cwnd增长速度影响了TCP的性能,CUBIC应运而生。 +随着网络速度增长,传统拥塞控制算法的cwnd增长速度影响了TCP的性能, +CUBIC\footnote{\href{https://www.researchgate.net/publication/220623913}{CUBIC: A New TCP-Friendly High-Speed TCP Variant}} +应运而生。 CUBIC的关键特征是:cwnd窗口的增长依赖两次丢包的时间。 -2016年,谷歌提出了BBR拥塞控制算法,它不再基于丢包感知来调整cwnd, +2016年,谷歌提出了 +BBR\footnote{\href{https://queue.acm.org/detail.cfm?id=3022184}{BBR: Congestion-Based Congestion Control}} +拥塞控制算法,它不再基于丢包感知来调整cwnd, 而是利用估算的带宽和延迟直接推测拥塞程度进而确定发送窗口。 \subsubsection{实验方法和手段} @@ -228,7 +232,7 @@ CUBIC的关键特征是:cwnd窗口的增长依赖两次丢包的时间。 \texttt{nmap} & 网络扫描 & \url{https://nmap.org/man/zh/index.html}\\ \hline \texttt{curl} & 文本浏览器 & \url{https://man.linuxde.net/curl}\\ \hline \texttt{wget} & 下载Web文件 & \texttt{wget /}\\ \hline - \texttt{tc} & 流量控制 & \href{https://man7.org/linux/man-pages/man8/tc.8.html}{TC命令手册} \\ \hline + \texttt{tc} & 流量控制 & \href{https://man7.org/linux/man-pages/man8/tc.8.html}{tc命令手册} \\ \hline \texttt{iptables} & 防火墙配置 & \url{https://man.linuxde.net/iptables}\\ \hline \texttt{netwox} & 网络工具 & \url{https://sourceforge.net/projects/ntwox/}\\ \hline \texttt{ss} & Socket状态 & \texttt{ss –atn}\\ \hline @@ -362,7 +366,7 @@ CUBIC的关键特征是:cwnd窗口的增长依赖两次丢包的时间。 \begin{enumerate} \item 编写一对简单的TCP连接程序, 也可以直接运行指导书提供的Python程序 - (源代码见\ref{subsec:c:wireshark:s:tcp_additionalprg}节中的附件)。 + (源代码见本节最后的\nameref{subsec:c:wireshark:s:tcp_additionalprg})。 在客户端快速发送数据给服务端,而服务端则有意缓慢地接收数据, 观察TCP如何用窗口大小值进行流量控制。虚拟机两端分别运行 \texttt{python3 server.py}和\texttt{python3 client.py}。 diff --git a/figure/chapters/wireshark/echo-request.png b/figure/chapters/wireshark/echo-request.png index 1f0b83a..3b09a2f 100644 Binary files a/figure/chapters/wireshark/echo-request.png and b/figure/chapters/wireshark/echo-request.png differ diff --git a/figure/chapters/wireshark/ip-view.png b/figure/chapters/wireshark/ip-view.png index bf1547f..c334323 100644 Binary files a/figure/chapters/wireshark/ip-view.png and b/figure/chapters/wireshark/ip-view.png differ diff --git a/figure/chapters/wireshark/traceroute-exec.png b/figure/chapters/wireshark/traceroute-exec.png index cb20b0a..2bbf747 100644 Binary files a/figure/chapters/wireshark/traceroute-exec.png and b/figure/chapters/wireshark/traceroute-exec.png differ diff --git a/figure/chapters/wireshark/wireshark-filter-setup.png b/figure/chapters/wireshark/wireshark-filter-setup.png index 33aa6c7..57aca81 100644 Binary files a/figure/chapters/wireshark/wireshark-filter-setup.png and b/figure/chapters/wireshark/wireshark-filter-setup.png differ diff --git a/figure/chapters/wireshark/wireshark-monitor.png b/figure/chapters/wireshark/wireshark-monitor.png index 60c8c96..59eff93 100644 Binary files a/figure/chapters/wireshark/wireshark-monitor.png and b/figure/chapters/wireshark/wireshark-monitor.png differ