Design And Implementation Of Network Package Capture And Analysis Based On Linux

As information-based level being higher and higher, the internet is permeating humans daily life with the unprecedented speed, of course,more and more complex. Inevitablly, the internet is full of a large amount of internet data, which was produced by numberous of internet applications. Due to large variety of applications, the data must be very complex. Large amount information was contained in the internet data, it include the information send by users themselves as well as the information transfered by the internet devices to coordinate their works,usually, some of these data may threate the internet security. Analyse the data captured in the internet is helpful to supervise and optimize the internet, also can find the potential security problem, to make the prepare work for them. A lot of tools related to internet security are based on internet data capture and analysis, such as IDS,IPS and so on.In nowdays, most of the internet devices were based on Linux system,so capture and analyse on the internet data based on the Linux system make more reality sense. So, all the work of the subject were based on the Linux system. Firstly, the paper elaborate the theory of internet data capture and analysis as well as the technology used in the project, it involves TCP/IP internet architecture, data encapsulation, protocol analysis technology and so on. Libpcap function library and data filter are the key points. Then based the technology mentioned above, analyse functions of the project, design and complete the internet data capture and analysis modules. The importanat part include statistic analyse?protocol analyse and show the result in real-time.Because the current technology can't output the result in time, the issue based this breakthrough point,analyse the packages the time capture its, realize show the result in time.At last, test all the system's functions and make a simple explain for the outcome. The main innovation of the issue lie in the way of capture and display the packages. Users can assign characters the packages should meet conveniently, in addition, users can decide whether or not analyse packages on application layer based on the need.In conclusion, the article describes following parts:1. Elaborate on the general methods of internet data capture and analysis and some exiting achievement, and made an analysis and comparison on them. To make a reference for afterwards works.2. Excavate the functions supplied by Libpcap function library, make a summary of the main functions and processes used to capture and analyse internet data.3. Code on the Linux system to capture internet data with the use of Libpcap function library, then abstract information, this include the protocol used, source port, destination port, HTTP package and so on.4. Show users the result of the analyse of the packages in a visual way in real-time.5. Test all the functions of the system.