Her IP Stack'inde ICMP protokolü bulunur. Açıklaması şöyle
ICMP, uses the basic support of IP as if it were a higher level protocol, however, ICMP is actually an integral part of IP, and must be implemented by every IP module.
ICMPv4 Header
ICMPv4 mesajının yapısı şöyle.
/* ICMP Header */
struct icmpheader {
unsigned char icmp_type; //ICMP message type
unsigned char icmp_code; //Error code
unsigned short int icmp_chksum; //Checksum for ICMP Header and data
unsigned short int icmp_id; //Used in echo request/reply to identify request
unsigned short int icmp_seq;//Identifies the sequence of echo messages,
//if more than one is sent.
};icmp_type alanınn alabileceği değerler ve açıklaması şöyle.
char * messages[ ] = {
"Echo reply", //0
"Type 1", //1
"Type 2", //2
"Destination unreachable",//3
"Source quench", //4
"Redirect", //5
"Type 6", //6
"Type 7", //7
"Echo request", //8
"Router advertisement", //9
"Router discovery", //10
"Time exceeded", //11
"Parameter problem", //12
"Timestamp request", //13
"Timestamp reply", //14
"Information request (obsol.)", //15
"Information reply (obsol.)", //16
"Address mask request", //17
"Address mask reply"
};
Eğer ICMP hata ile ilgiliyse gönderilen paketin ilk 64 byte'ını da içerir. Açıklaması şöyle.
An ICMP error message will contain the IP header and first 64 bits (eight octets) of the original data
Bu 64 byte kullanılarak orijinal paket bulunabilir. Açıklaması şöyle.
Internet Header + 64 bits of Data DatagramThe internet header plus the first 64 bits of the original datagram's data. This data is used by the host to match the message to the appropriate process. If a higher level protocol uses port numbers, they are assumed to be in the first 64 data bits of the original datagram's data.
Örneğin icmp_type Alanı = 11 (Time exceeded) icmp_code = 0 (net unreachable) ise bu 64 byte'ı cevapta geri alırız.
icmp_code Alanı
Alabileceği değerler şöyle
ICMP Echo -> ICMP Reply mesajları yanında ICMP mesajı "ICMP Router Advestisement" için de gönderilebilir.
0 = net unreachable;
1 = host unreachable;
2 = protocol unreachable;
3 = port unreachable;
4 = fragmentation needed and DF set;
5 = source route failed.Codes 0, 1, 4, and 5 may be received from a gateway. Codes 2 and 3 may be received from a host.ICMP Router Advestisement
ICMP Echo -> ICMP Reply mesajları yanında ICMP mesajı "ICMP Router Advestisement" için de gönderilebilir.
ethertype IPv4 (0x0800), ..., proto ICMP (1), length 36)
192.168.161.101 > 224.0.0.1: ICMP router advertisement...Linux'ta şu satırı dahil ederiz.
#include <netinet/icmp6.h>struct icmpv6header {
unsigned char type;
unsigned char code;
unsigned short int chk_sum;
unsigned int body;
};ICMP Engelleme
ICMP engellenebilir veya işlenme hızı azaltılabilir. IPV6 için açıklaması şöyle
ICMP RedirectFor example RFC4890 says the following types should be allowed for optimal functionality:Type 1, 2, 3, 4, 128, 129 and for mobility assistance also 144, 145, 146 and 147.
Açıklaması şöyle.
ICMP re-directs are most often seen when you have a host or router A in the same subnet with two other routers B & C and connectivity to both.
...
A will have a route (most likely a default) pointing to B, and B will have a more specific route pointing to C.
Without ICMP redirects, all traffic from A to C will be routed A->B->C
With ICMP re-direct enabled, B will inform A that C is a better next-hop and subsequent traffic will be routed A->C.
Hiç yorum yok:
Yorum Gönder