我正在使用PcapPlusPlus在Linux应用程序上工作,该应用程序会将SIP数据包发送到本地主机上的端口。基本上,它正在发送UDP消息:
Source: 127.0.0.1 port 5061
Dest: 127.0.0.1 port 5060
我的问题是为什么端口5060无法看到数据。
这里是C ++代码部分:
string localhost = "127.0.0.1";
PcapLiveDevice *dev = pcpp::PcapLiveDeviceList::getInstance().getPcapLiveDeviceByIp(localhost.c_str());
if (!dev->open())
printf("open device failed\n");
int res = dev->sendPacket(&packet);
printf("%d return code\n", res);
sendPacket()返回1,因此发送看起来不错。该应用程序以root身份运行,因此原始套接字应该不会有权限问题。
Wireshark显示正在发送的数据,但在端口5060上运行的服务器从未看到它。我还验证了netcat看不到它,因此它似乎不是服务器的问题。
这里是Wireshark跟踪:
Frame 415: 556 bytes on wire (4448 bits), 556 bytes captured (4448 bits) on interface 0
Interface id: 0 (any)
Interface name: any
Encapsulation type: Linux cooked-mode capture (25)
Arrival Time: Jan 2, 2020 15:15:44.960061179 CST
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1577999744.960061179 seconds
[Time delta from previous captured frame: 24.812597478 seconds]
[Time delta from previous displayed frame: 24.812597478 seconds]
[Time since reference or first frame: 1328.602949365 seconds]
Frame Number: 415
Frame Length: 556 bytes (4448 bits)
Capture Length: 556 bytes (4448 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: sll:ethertype:ip:udp:sip:sdp]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Linux cooked capture
Packet type: Unicast to us (0)
Link-layer address type: 772
Link-layer address length: 6
Source: 00:00:00_00:00:00 (00:00:00:00:00:00)
Unused: 0006
Protocol: IPv4 (0x0800)
Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
0000 00.. = Differentiated Services Codepoint: Default (0)
.... ..00 = Explicit Congestion Notification: Not ECN-Capable Transport (0)
Total Length: 540
Identification: 0x014d (333)
Flags: 0x4000, Don't fragment
0... .... .... .... = Reserved bit: Not set
.1.. .... .... .... = Don't fragment: Set
..0. .... .... .... = More fragments: Not set
...0 0000 0000 0000 = Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x3982 [validation disabled]
[Header checksum status: Unverified]
Source: 127.0.0.1
Destination: 127.0.0.1
User Datagram Protocol, Src Port: 5061, Dst Port: 5060
Source Port: 5061
Destination Port: 5060
Length: 520
Checksum: 0xeedb [unverified]
[Checksum Status: Unverified]
[Stream index: 0]
Session Initiation Protocol (INVITE)
我能够使用netcat成功将数据发送到端口5060(发送侧的nc 127.0.0.1 5060,接收端的nc -lv 127.0.0.1 5060),因此似乎没有任何防火墙问题。我尝试使用开放源代码的Sipp客户端,服务器收到了来自它的消息。我比较了来自Sipp客户端和我的应用程序的Wireshark数据,它们是相同的(除了序列号和校验和)。为什么我的应用会有不同的结果?谢谢!
编辑-尝试连接到远程计算机上的服务器时,会发生相同的问题。
我发现了问题。未在传出数据包中正确设置src和dest MAC。