IPC onvif全网通的实现原理
来源:互联网 发布:java 文件服务器 编辑:程序博客网 时间:2024/06/11 17:53
一、理解onvif全网通之前需要先理解一个概念,那就“IP网段”。先看看百度百科对IP网段的解释:
(以下是百度百科的解释)
网段(network segment)一般指一个计算机网络中使用同一物理层设备(传输介质,中继器,集线器等)能够直接通讯的那一部分。例如,从192.168.0.1到192.168.255.255这之间就是一个网段。 在中文的网络知识入门中,这个词更经常地被误用来指代“子网”,也就是网络层中由网关或路由器等设备隔开的不同部分。例如IP为 192.168.0.1 ~ 192.168.0.254 的设备就位于掩码 255.255.255.0 的同一子网中,这句话经常被说成“位于192.168.0.x ‘网段’中”,如果不涉及网络层之下的结构,这么说不会引起混淆,但是在深入探讨互联网底层结构的时候,应该避免使用“网段”来指代“子网”。
什么?你没看懂?是的,看到这里我也没看懂。那么让咱们先理解“子网掩码”。
(以下是百度百科的解释)
在同一网段,要求网络标识相同。网络标识就是用IP的二进制与子网掩码的二进制数据作'与'运算(可用WINDOWS计算器算二进制),所得结果,而不是IP地址前几段相同就表示在同一网段。若网络标识相同,就表示在同一网段。例:192.168.0.1 255.255.255.0的网络标识为:192.168.0.0192.168.0.1: 11000000.10101000.00000000.00000001255.255.255.0:11111111.11111111.11111111.00000000做 “与”运算11000000.10101000.00000000.00000000结果:192.168.0.0
还没看懂吗?反正我是看懂了。下面是我的理解,可能比较粗糙。
1、IP网段的理解:
与“子网掩码”进行“与”运算后结果相同的这些IP就在同一个“IP网段”之中。
2、子网掩码的理解:
中文网络知识中,大家经常把“子网”理解为“网段”,“子网掩码”就是用来划分“网段”的。与“子网掩码”进行“与”运算后结果相同的这些IP就在同一个“IP网段”之中。
是的,这2个概念的理解就是鸡生蛋蛋生鸡,不能单独理解。
二、什么是onvif全网通
什么是onvif协议,我在本文就不详细解释了,以后有机会再做个专题解释。先简单理解为基于HTTP协议的一个国际通用的网络通信规范,在安防监控领域之中被广泛应用于“IPC”与“NVR”之间的通信,NVR通过onvif协议可以添加IPC,并获取/设置IPC的相关配置,以及控制IPC的相关功能。
很多NVR常常不能跨网段添加和配置IPC,但是可以通过UDP广播方法跨网段搜索到同一个路由器里的IPC。onvif全网通的意思就是让NVR添加IPC突破不同网段的限制,不管NVR和IPC的IP是否在同一个网段、是否存在IP冲突,即插即用,只要都接到路由器中用NVR搜索,搜出来的IPC就可以直接添加使用。
三、IPC如何实现onvif全网通
IPC实现onvif全网通的方法可能有很多种,本文使用的方法是:IPC收到NVR的udp广播包时,识别出NVR的IP地址,然后根据IPC当前的子网掩码和NVR的IP地址算出IP网段,知道IP网段就可以把IPC的IP改为与NVR同一个网段的IP了。
这里还有一个很重要的问题需要解决,那就是IP冲突:
一方面,同一批IPC出厂设置时的默认IP都是一样的,一上电之后IP都是冲突的。
另一方面,因为一开始时NVR的网段和IPC的网段不是同一个网段,而传统的通过ping某个IP判断IP是否正在使用的方法显然不可取,因为ping是不能跨网段的。那么IPC修改自身IP之前要如何跨网段知道NVR所在网段有哪些IP是正在使用,哪些IP是未被使用的呢?这就需要使用ARP协议了。下面解释一下ARP协议。
四、使用ARP协议跨网段判断某个IP是否正在使用
1、ARP协议
ARP协议是TCP/IP协议网际层的一种协议,是地址解析协议,可以根据IP地址获取物理地址(MAC地址)。
也就是说通过ARP协议可以获取某个IP地址的MAC地址,如果得到的MAC地址不存在或者与本机的MAC地址一致就说明这个IP地址没有被别的设备使用,如果得到的MAC地址存在且不是本机的MAC地址,就说明这个IP正在被别的设备使用。
2、怎么实现呢
在linux系统中的shell命令中有ping和arping,arping就是ARP级别的ping。具体实现可以参考linux源码中的arping实现源代码。以下是源码arping.c
/** arping.c** This program is free software; you can redistribute it and/or* modify it under the terms of the GNU General Public License* as published by the Free Software Foundation; either version* 2 of the License, or (at your option) any later version.**/#include <stdlib.h>;#include <sys/param.h>;#include <sys/socket.h>;#include <linux/sockios.h>;#include <sys/file.h>;#include <sys/time.h>;#include <sys/signal.h>;#include <sys/ioctl.h>;#include <linux/if.h>;#include <linux/if_arp.h>;#include <sys/uio.h>;#include <netdb.h>;#include <unistd.h>;#include <stdio.h>;#include <ctype.h>;#include <errno.h>;#include <string.h>;#include <netinet/in.h>;#include <arpa/inet.h>;//#include "SNAPSHOT.h"static void usage(void) __attribute__((noreturn));int quit_on_reply=0;char *device="eth0";int ifindex;char *source;struct in_addr src, dst;char *target;int dad, unsolicited, advert;int quiet;int count=-1;int timeout;int unicasting;int s;int broadcast_only;struct sockaddr_ll me;struct sockaddr_ll he;struct timeval start, last;int sent, brd_sent;int received, brd_recv, req_recv;#define MS_TDIFF(tv1,tv2) ( ((tv1).tv_sec-(tv2).tv_sec)*1000 + ((tv1).tv_usec-(tv2).tv_usec)/1000 )void usage(void){ fprintf(stderr, "Usage: arping [-fqbDUAV] [-c count] [-w timeout] [-I device] [-s source] destination\n" " -f : quit on first reply\n" " -q : be quiet\n" " -b : keep broadcasting, don't go unicast\n" " -D : duplicate address detection mode\n" " -U : Unsolicited ARP mode, update your neighbours\n" " -A : ARP answer mode, update your neighbours\n" " -V : print version and exit\n" " -c count : how many packets to send\n" " -w timeout : how long to wait for a reply\n" " -I device : which ethernet device to use (eth0)\n" " -s source : source ip address\n" " destination : ask for what ip address\n" ); exit(2);}void set_signal(int signo, void (*handler)(void)){ struct sigaction sa; memset(&sa, 0, sizeof(sa)); sa.sa_handler = (void (*)(int))handler; sa.sa_flags = SA_RESTART; sigaction(signo, &sa, NULL);}int send_pack(int s, struct in_addr src, struct in_addr dst, struct sockaddr_ll *ME, struct sockaddr_ll *HE){ int err; struct timeval now; unsigned char buf[256]; struct arphdr *ah = (struct arphdr*)buf; unsigned char *p = (unsigned char *)(ah+1); ah->ar_hrd = htons(ME->sll_hatype); /* 硬件地址类型*/ if (ah->ar_hrd == htons(ARPHRD_FDDI)) ah->ar_hrd = htons(ARPHRD_ETHER); ah->ar_pro = htons(ETH_P_IP); /* 协议地址类型 */ ah->ar_hln = ME->sll_halen; /* 硬件地址长度 */ ah->ar_pln = 4; /* 协议地址长度 */ ah->ar_op = advert ? htons(ARPOP_REPLY) : htons(ARPOP_REQUEST);/* 操作类型*/ memcpy(p, &ME->sll_addr, ah->ar_hln); /* 发送者硬件地址*/ p+=ME->sll_halen; /*以太网为6*/ memcpy(p, &src, 4); /* 发送者IP */ p+=4; /* 目的硬件地址*/ if (advert) memcpy(p, &ME->sll_addr, ah->ar_hln); else memcpy(p, &HE->sll_addr, ah->ar_hln); p+=ah->ar_hln; memcpy(p, &dst, 4); /* 目的IP地址*/ p+=4; gettimeofday(&now, NULL); err = sendto(s, buf, p-buf, 0, (struct sockaddr*)HE, sizeof(*HE)); if (err == p-buf) { last = now; sent++; if (!unicasting) brd_sent++; } return err;}void finish(void){ if (!quiet) { printf("Sent %d probes (%d broadcast(s))\n", sent, brd_sent); printf("Received %d response(s)", received); if (brd_recv || req_recv) { printf(" ("); if (req_recv) printf("%d request(s)", req_recv); if (brd_recv) printf("%s%d broadcast(s)", req_recv ? ", " : "", brd_recv); printf(")"); } printf("\n"); fflush(stdout); } if (dad) exit(!!received); if (unsolicited) exit(0); exit(!received);} /*调用send_pack发送一次arp请求*/void catcher(void){ struct timeval tv; gettimeofday(&tv, NULL); if (start.tv_sec==0) start = tv; if (count-- == 0 || (timeout && MS_TDIFF(tv,start) > timeout*1000 + 500)) finish(); if (last.tv_sec==0 || MS_TDIFF(tv,last) > 500) { send_pack(s, src, dst, &me, &he); if (count == 0 && unsolicited) finish(); } alarm(1); /*每秒放松一个包*/}void print_hex(unsigned char *p, int len){ int i; /*打印MAC地址*/ for (i=0; i<len; i++) { printf("%02X", p[i]); if (i != len-1) printf(":"); }}/*数据包分析主程序.把ARP 请求和答复的数据包格式 |---------------28 bytes arp request/reply-----------------------------| |--------ethernet header----|_____________________________________________________________________________________________________|ethernet | ethernet| frame|hardware|protocol|hardware|protocol|op|sender |sender|target |target||dest addr|src addr | type| type |type | length |length | |eth addr| IP |eth addr| IP |----------------------------------------------------------------------------------------------------- 6 types 6 2 2 2 1 1 2 6 4 6 4*/int recv_pack(unsigned char *buf, int len, struct sockaddr_ll *FROM){ struct timeval tv; struct arphdr *ah = (struct arphdr*)buf; unsigned char *p = (unsigned char *)(ah+1); struct in_addr src_ip, dst_ip; gettimeofday(&tv, NULL); /* Filter out wild packets */ if (FROM->sll_pkttype != PACKET_HOST && FROM->sll_pkttype != PACKET_BROADCAST && FROM->sll_pkttype != PACKET_MULTICAST) return 0; /*到这里pkttype为HOST||BROADCAST||MULTICAST*/ /* Only these types are recognised */ /*只要ARP request and reply*/ if (ah->ar_op != htons(ARPOP_REQUEST) && ah->ar_op != htons(ARPOP_REPLY)) return 0; /* ARPHRD check and this darned FDDI hack here :-( */ if (ah->ar_hrd != htons(FROM->sll_hatype) && (FROM->sll_hatype != ARPHRD_FDDI || ah->ar_hrd != htons(ARPHRD_ETHER))) return 0; /* Protocol must be IP. */ if (ah->ar_pro != htons(ETH_P_IP)) return 0; if (ah->ar_pln != 4) return 0; if (ah->ar_hln != me.sll_halen) return 0; if (len < sizeof(*ah) + 2*(4 + ah->ar_hln)) return 0; /*src_ip:对方的IP det_ip:我的IP*/ memcpy(&src_ip, p+ah->ar_hln, 4); memcpy(&dst_ip, p+ah->ar_hln+4+ah->ar_hln, 4); if (!dad) { if (src_ip.s_addr != dst.s_addr) return 0; if (src.s_addr != dst_ip.s_addr) return 0; if (memcmp(p+ah->ar_hln+4, &me.sll_addr, ah->ar_hln)) return 0; } else { /* DAD packet was: src_ip = 0 (or some src) src_hw = ME dst_ip = tested address dst_hw = <unspec>; We fail, if receive request/reply with: src_ip = tested_address src_hw != ME if src_ip in request was not zero, check also that it matches to dst_ip, otherwise dst_ip/dst_hw do not matter. */ /*dst.s_addr是我们发送请求是置的对方的IP,当然要等于对方发来的包的src_ip啦*/ if (src_ip.s_addr != dst.s_addr) return 0; if (memcmp(p, &me.sll_addr, me.sll_halen) == 0) return 0; /*同理,src.s_addr是我们发包是置的自己的IP,要等于对方回复包的目的地址*/ if (src.s_addr && src.s_addr != dst_ip.s_addr) return 0; } if (!quiet) { /*显示一些答复的信息*/ int s_printed = 0; printf("%s ", FROM->sll_pkttype==PACKET_HOST ? "Unicast" : "Broadcast"); printf("%s from ", ah->ar_op == htons(ARPOP_REPLY) ? "reply" : "request"); printf("%s [", inet_ntoa(src_ip)); print_hex(p, ah->ar_hln); printf("] "); if (dst_ip.s_addr != src.s_addr) { printf("for %s ", inet_ntoa(dst_ip)); s_printed = 1; } if (memcmp(p+ah->ar_hln+4, me.sll_addr, ah->ar_hln)) { if (!s_printed) printf("for "); printf("["); print_hex(p+ah->ar_hln+4, ah->ar_hln); printf("]"); } if (last.tv_sec) { long usecs = (tv.tv_sec-last.tv_sec) * 1000000 + tv.tv_usec-last.tv_usec; long msecs = (usecs+500)/1000; usecs -= msecs*1000 - 500; printf(" %ld.%03ldms\n", msecs, usecs); } else { printf(" UNSOLICITED?\n"); } fflush(stdout); } received++; if (FROM->sll_pkttype != PACKET_HOST) brd_recv++; if (ah->ar_op == htons(ARPOP_REQUEST)) req_recv++; if (quit_on_reply) finish(); if(!broadcast_only) { memcpy(he.sll_addr, p, me.sll_halen); unicasting=1; } return 1;}int main(int argc, char **argv){ int socket_errno; int ch; uid_t uid = getuid(); /*取得一个packet socket. int packet_sock=socket(PF_PACKET,int sock_type,int protocol); 其中sock_type有两种: 1.SOCK_RAW,使用类型的套接字,那么当你向设备写数据时,要提供physical layer header.当从设备读数据时,得到的数据是含有physical layer header的 2.SOCK_DGRAM.这种类型的套接字使用在相对高层.当数据传送给用户之前,physical layer header已经去掉了*/ s = socket(PF_PACKET, SOCK_DGRAM, 0); socket_errno = errno; setuid(uid); while ((ch = getopt(argc, argv, "h?bfDUAqc:w:s:I:V")) != EOF) { switch(ch) { case 'b': broadcast_only=1; break; case 'D': dad++; quit_on_reply=1; break; case 'U': unsolicited++; break; case 'A': advert++; unsolicited++; break; case 'q': quiet++; break; case 'c': count = atoi(optarg); break; case 'w': timeout = atoi(optarg); break; case 'I': device = optarg; break; case 'f': quit_on_reply=1; break; case 's': source = optarg; break; //case 'V': // printf("arping utility, iputils-ss%s\n", SNAPSHOT); // exit(0); case 'h': case '?': default: usage(); } } argc -= optind; argv += optind; if (argc != 1) usage(); target = *argv; if (device == NULL) { fprintf(stderr, "arping: device (option -I) is required\n"); usage(); } if (s < 0) { errno = socket_errno; perror("arping: socket"); exit(2); } if (1) { struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); strncpy(ifr.ifr_name, device, IFNAMSIZ-1); if (ioctl(s, SIOCGIFINDEX, &ifr) < 0) { fprintf(stderr, "arping: unknown iface %s\n", device); exit(2); } ifindex = ifr.ifr_ifindex; if (ioctl(s, SIOCGIFFLAGS, (char*)&ifr)) { perror("ioctl(SIOCGIFFLAGS)"); exit(2); } /*设备当然是要up的想要bring up eth0 可以/etc/sysconfig/network-scripts/ifup eth0*/ if (!(ifr.ifr_flags&IFF_UP)) { if (!quiet) printf("Interface \"%s\" is down\n", device); exit(2); } if (ifr.ifr_flags&(IFF_NOARP|IFF_LOOPBACK)) { if (!quiet) printf("Interface \"%s\" is not ARPable\n", device); exit(dad?0:2); } } if (inet_aton(target, &dst) != 1) { struct hostent *hp; hp = gethostbyname2(target, AF_INET); if (!hp) { fprintf(stderr, "arping: unknown host %s\n", target); exit(2); } memcpy(&dst, hp->h_addr, 4); } if (source && inet_aton(source, &src) != 1) { fprintf(stderr, "arping: invalid source %s\n", source); exit(2); } if (!dad && unsolicited && src.s_addr == 0) src = dst; if (!dad || src.s_addr) { struct sockaddr_in saddr; int probe_fd = socket(AF_INET, SOCK_DGRAM, 0); if (probe_fd < 0) { perror("socket"); exit(2); } if (device) { /*bind这个socket to "device".操作的结果是只有那个设备收到的数据才传送到这个socket*/ if (setsockopt(probe_fd, SOL_SOCKET, SO_BINDTODEVICE, device, strlen(device)+1) == -1) perror("WARNING: interface is ignored"); } memset(&saddr, 0, sizeof(saddr)); saddr.sin_family = AF_INET; if (src.s_addr) { saddr.sin_addr = src; if (bind(probe_fd, (struct sockaddr*)&saddr, sizeof(saddr)) == -1) { perror("bind"); exit(2); } } else if (!dad) { int on = 1; int alen = sizeof(saddr); saddr.sin_port = htons(1025); saddr.sin_addr = dst; /*SO_DONTROUTE的作用:don't send via a gateway,only send to directly connected hosts*/ if (setsockopt(probe_fd, SOL_SOCKET, SO_DONTROUTE, (char*)&on, sizeof(on)) == -1) perror("WARNING: setsockopt(SO_DONTROUTE)"); if (connect(probe_fd, (struct sockaddr*)&saddr, sizeof(saddr)) == -1) { perror("connect"); exit(2); } /*getsockname returns the local IP address and local port number assigned to the connection by the kernel*/ if (getsockname(probe_fd, (struct sockaddr*)&saddr, &alen) == -1) { perror("getsockname"); exit(2); } /*这是最终目的,取得本机IP地址*/ src = saddr.sin_addr; } close(probe_fd); } me.sll_family = AF_PACKET; me.sll_ifindex = ifindex; me.sll_protocol = htons(ETH_P_ARP); /* 只想要由me指定的接口收到的数据包*/ if (bind(s, (struct sockaddr*)&me, sizeof(me)) == -1) { perror("bind"); exit(2); } if (1) { int alen = sizeof(me); /*get link layer information 是下面这些.因为sll_family sll_ifindex sll_protocol已知 unsigned short sll_hatype; Header type unsigned char sll_pkttype; Packet type unsigned char sll_halen; Length of address unsigned char sll_addr[8]; Physical layer address */ if (getsockname(s, (struct sockaddr*)&me, &alen) == -1) { perror("getsockname"); exit(2); } } if (me.sll_halen == 0) { if (!quiet) printf("Interface \"%s\" is not ARPable (no ll address)\n", device); exit(dad?0:2); } he = me; /*把他的地址设为ff:ff:ff:ff:ff:ff 即广播地址,当然假设是以太网*/ memset(he.sll_addr, -1, he.sll_halen); if (!quiet) { printf("ARPING %s ", inet_ntoa(dst)); printf("from %s %s\n", inet_ntoa(src), device ? : ""); } if (!src.s_addr && !dad) { fprintf(stderr, "arping: no source address in not-DAD mode\n"); exit(2); } set_signal(SIGINT, finish); set_signal(SIGALRM, catcher); catcher(); while(1) { sigset_t sset, osset; char packet[4096]; struct sockaddr_ll from; int alen = sizeof(from); int cc; /*注意s的类型是SOCK_DGRAM,所以收到的数据包里没有link layer info,这些信息被记录在from里*/ if ((cc = recvfrom(s, packet, sizeof(packet), 0, (struct sockaddr *)&from, &alen)) < 0) { perror("arping: recvfrom"); continue; } sigemptyset(&sset); sigaddset(&sset, SIGALRM); sigaddset(&sset, SIGINT); sigprocmask(SIG_BLOCK, &sset, &osset); recv_pack(packet, cc, &from); sigprocmask(SIG_SETMASK, &osset, NULL); }}
- IPC onvif全网通的实现原理
- onvif新版本发现不了老版本onvif的ipc问题
- 实现动网cookies全网通用,登陆、退出也是全网通用,登录合并
- onvif_discovery_client搜索多个网段内的onvif设备(IPC)
- Linux设备上的Onvif实现16:实现Onvif鉴权
- linux设备上的Onvif 实现2:ONVIF框架基础知识
- 手趣“全网通址”:中小型企业决战的尖峰时刻
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif轨范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:成功实现ONVIF协议RTSP-Video-Stream与OnvifDeviceManager的视频对接
- onvif规范的实现:onvif开发常用调试方法 和常见的segmentation fault错误
- 操作系统(笔记)
- eclipse使用Ctrl+Shift+O快速导包无效解决方法
- Spring Boot整合模板引擎freemarker以及servlet
- Solr 空间搜索配置
- RectTransform详解
- IPC onvif全网通的实现原理
- 运用python进行数据分析 -- numpy 2
- Linux shell 技巧:对文件名中包含空格的处理方法
- k-近邻算法
- android 布局列表对齐
- solr约定查询名称
- 反射
- JAVA-数组
- 机器学习(一):极大似然估计