Hello everybody,
I'm reading and learning a lot about TCP/IP protocols, and i want to know how to calculate the IP header checksum manually. I've searched for it EVERYWHERE! and none of options work.
I've read a function that does it pretty good, but i can't "translate" it into a human form so i can do it manually.
here's the code:
People, i've tried, i understand and know how to calculate using ones complement, hex conversion, binary conversion, AND, OR, XOR, NOT, and everything, but i can't do this .
Easy, well... for me it is... you need to have some basic knowledge on binary operations, let's try to explain it:
In theory, the IP checksum is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header, as you may know, not all the IP fields are exactly 16-bit long, so we have to remove and place to sort them in 16 bit words.
We have the following IP packet:
Fine, now let's analyze it:
The first byte (45) correspond to the two first fields of the IP header, which are IP Version and Internet Header Length (IHL), so, this values tell us that the IP version used is "4", and the IHL is 5 (which actually is 20, because this field is measured in 32-bit multiples).
The second byte (00) correspond to the Type Of Service IP field (ToS), which means that NORMAL PRECEDENCE is set in this packet.
The next two bytes (003C) correspond to the Total length field of the IP header, which tell us that the total length of the packet is 60 (0x16^3 + 0x16^2 + 3x16^1 + Cx16^0 = 60).
The next two bytes (1C46) correspond to the Identification field, which in this packet is 7238 (1x16^3 + Cx16^2 + 4x16^1 + 6x16^0 = 7238).
The next two bytes (4000) correspond to the flags and fragment offset IP header fields, which are divided in 3 bits for the flags and 13 for the fragment offset. Treating the flags field in 3-bit words, it's value is actually 4 (Don't Fragment), and the value for the fragment offset is obviously zero (000).
The next byte (40) correspond to the Time To Live field (TTL), which actually is 64 (4x16^1 + 0x16^0 = 64).
The next byte (06) correspond to the IP protocol field, which is set to 6, so the packet contains a TCP segment on it's payload.
The next two bytes (B1E6) correspond to the IP header checksum of the packet, we'll calculate this "manually" later, so for us, this fields value is actually zero because we're gonna calculate it just as the "sender" did. When receiving, the calculation used is a different method.
Phew... the next four bytes (ac10 0a63) correspond to the Source IP address field, which is "172.16.10.99", and the next four bytes (ac10 0a0c) correspond to the Destination IP address field, which is "172.16.10.12".
Right, we need to sort all of these fields in 16-bit words and convert them into binary, so, it will be like this:
HEX BINARY 4500 0100010100000000
003c 0000000000111100
1c46 0001110001000110
4000 0100000000000000
4006 0100000000000110
0000 0000000000000000 <- The checksum is set to zero.
ac10 1010110000010000
0a63 0000101001100011
ac10 1010110000010000
0a0c 0000101000001100
Okay, let's add all this numbers one by one:
4500 0100010100000000
003c 0000000000111100 453C 0100010100111100 <-- This is the 1st result.
453C 0100010100111100 <-- First result plus next 16-bit word. 1c46 0001110001000110 6182 0110000110000010 <-- This is the 2nd result.
6182 0110000110000010 <-- Second result plus next 16-bit word. 4000 0100000000000000 A182 1010000110000010 <-- This is the 3rd result.
A182 1010000110000010 <-- Third result plus next 16-bit word.
4006 0100000000000110 E188 1110000110001000 <-- This is the 4th result.
..E188 1110000110001000 <--Fourth result plus next 16-bit word. ..AC10 1010110000010000 18D98 11000110110011000 <-- here we see one odd bit (carry), but we have to keep the checksum in "16-bit" words, so we add that odd bit to the result.
18D98 11000110110011000
.8D99 1000110110011001 <--This is the 5th result.
8D99 1000110110011001 <-- Fifth result plus next 16-bit word. 0A63 0000101001100011 97FC 1001011111111100 <--This is the 6th result.
..97FC 1001011111111100 <-- Sixth result plus next 16-bit word. ..AC10 1010110000010000 1440C 10100010000001100 <-- Again, there is a carry, so we add it.
1440C 10100010000001100 .440D 0100010000001101 <-- This is the 7th result.
440D 0100010000001101 <-- Seventh result plus next 16-bit word 0A0C 0000101000001100 4E19 0100111000011001 <-- Last result.
Here we're not done yet, we have to apply now the last binary operation, which is the one's complement, and the result (the checksum itself) will be:
4E19 0100111000011001 B1E6 1011000111100110 <-- The IP header checksum.
I've been struggling with this one for quite a while and cannot seem to find a solution for this find/replace scenario. Perhaps I'm getting rusty.
I have a file that contains a number of metrics (exactly 3 fields per line) from a few appliances that are collected in parallel. To identify the... (3 Replies)
Hello There...
I have a sample input file ..
number:department:amount
125:Market:125.23
126:Hardware store:434.95
127:Video store:7.45
128:Book store:14.32
129:Gasolline:16.10
I will be doing some manipulations on all the records except the header, but the header should always be... (2 Replies)
Hi,
I have an input like this
1 2 3 4
2 3 4 5
4 5 6 7
I would like to count the no. of columns and print a header with a prefix "Col".
I would also like to count the no. of rows and print as first column with each line number with a prefix "Row"
So, my output would be
... (2 Replies)
Hello
I am communicating with two devices using my computer over UDP protocol. The application is running fine. When I monitored the UDP traffic using Wireshark software, I found that there were too many Checksum errors.
Please find attached the png file showing this error. I am about to... (0 Replies)
Friends,
I need help with the following in UNIX.
Merge all csv files in one folder considering only 1 header row and ignoring header of all other files.
FYI - All files are in same format and contains same headers.
Thank you (4 Replies)
Hello,
I'm trying to create a shell script (#!/bin/sh) which should tell me the age of a file in minutes...
I have a process, which delivers me all 15 minutes a new file and I want to have a monitoring script, which sends me an email, if the present file is older than 20 minutes.
To do... (10 Replies)
say i have these many file in a directory named exam.
1)/exam/newfolder/link.txt.
2)/exam/newfolder1/
and i create a tar say exam.tar
well the problem is,
when i read the tar file i dont find any metadata about the directories,as you cannot create a tar containig empty directories.
on the... (2 Replies)
Does anyone know the answer to this?
When I run "sum -r" on a file that I've down loaded from the sco website, the 1st set of numbers differs from the checksum on the download page but the
2nd set matches.
If I try to install the patch, I get errors.
Anyone has an answer? (3 Replies)