*此篇博客仅作为个人笔记和学习参考

IP协议包首部格式

Wireshark数据包分析之IP协议包解读_第1张图片

IP数据包概况

Wireshark数据包分析之IP协议包解读_第2张图片

Internet Protocol Version 4, Src: 192.168.1.104 (192.168.1.104), Dst: 119.75.217.109 (119.75.217.109)
#IPv4,源IP地址:192.168.1.104,目标IP地址:119.75.217.109#
Version: 4 #IP协议版本:4#
Header Length: 20 bytes #头部长度:20字节#
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT) #服务类型:0x00#
Total Length: 60 #总长度:60字节#
Identification: 0x6ae0 (27360) #标识符:0x6ae0#
Flags: 0x00 #标志:0x00#
Reserved bit: Not set #是否保留[0为是,1为否]#
Don't fragment: Not set #是否分片[0为是,1为否]#
More fragments: Not set #是否最后一个[0为是,1为否]#
Fragment offset: 0 #分段偏移:0#
Time to live: 64 #存活时间:64跳#
Protocol: ICMP (1) #协议类型:ICMP#
Header checksum: 0xfd17 [validation disabled] #首部校验和:0xfd17#
Source: 192.168.1.104 (192.168.1.104) #源IP地址#
Destination: 119.75.217.109 (119.75.217.109) #目标IP地址#
[Source GeoIP: Unknown] #源IP地理位置#
[Destination GeoIP: Beijing Baidu Netcom Science and Technology Co.] #目标IP地理位置#
[Destination GeoIP ISP: Beijing Baidu Netcom Science and Technology Co.] #目标IP运营商地理位置#

分片的最后一个数据包

[7 IPv4 Fragments (10008 bytes): #1(1480), #3(1480), #2(1480), #4(1480), #5(1480), #6(1480), #7(1128)]
[Frame: 1, payload: 0-1479 (1480 bytes)]
[Frame: 3, payload: 1480-2959 (1480 bytes)]
[Frame: 2, payload: 2960-4439 (1480 bytes)]
[Frame: 4, payload: 4440-5919 (1480 bytes)]
[Frame: 5, payload: 5920-7399 (1480 bytes)]
[Frame: 6, payload: 7400-8879 (1480 bytes)]
[Frame: 7, payload: 8880-10007 (1128 bytes)]
[Fragment count: 7]
[Reassembled IPv4 length: 10008]
[Reassembled IPv4 data: 08006d35000100366162636465666768696a6b6c6d6e6f70...]
Ethernet II, Src: Tp-LinkT_80:37:36 (ec:26:ca:80:37:36), Dst: 58:00:e3:47:ad:e1 (58:00:e3:47:ad:e1)