大千世界 » Tech

vlc太恶心了

admin — Tue, 25 May 2010 13:43:56 +0000

情况是这样的，使用helix做rtp relay服务器，后来发现在server2003下helix工作ok，在linux下，无法工作。

我抓狂啊！

好吧！我来查，会不会是操作系统的问题？ok，我装了rad hat 4，我装了centos，还是依旧。好吧，会不会是虚拟机的问题？我上服务器上测。still，我想跳楼了。。。。。

然后我怀疑sdp的问题，我直接把server2003下可以正常工作的文件拷过了，还是不行。。。

然后折腾了两天，终于发现vlc生成的sdp中，源使用windows机器名，放linux当然跑不起来。。。。。。

疯了。。。。。。。。。。。。

Random Posts

NAT Order of Operation

admin — Thu, 08 Oct 2009 10:16:28 +0000

Introduction

This document illustrates that the order in which transactions are processed using Network Address Translation (NAT) is based on whether a packet is going from the inside network to the outside network, or from the outside network to the inside network.

Prerequisites

Requirements

Readers of this document should have knowledge of the following topic:

Network Address Translation (NAT). For more information on NAT, see How NAT Works.

Components Used

This document is not restricted to specific software and hardware versions.

Note: The information in this document is based on the Software Version, Cisco IOS® Software Release 12.2(27)

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

NAT Overview

In the table below, when NAT performs the global to local, or local to global, translation is different in each flow.

Inside-to-Outside	Outside-to-Inside
If IPSec then check input access list decryption – for CET (Cisco Encryption Technology) or IPSec check input access list check input rate limits input accounting policy routing routing redirect to web cache NAT inside to outside (local to global translation) crypto (check map and mark for encryption) check output access list inspect (Context-based Access Control (CBAC)) TCP intercept encryption Queueing	If IPSec then check input access list decryption – for CET or IPSec check input access list check input rate limits input accounting NAT outside to inside (global to local translation) policy routing routing redirect to web cache crypto (check map and mark for encryption) check output access list inspect CBAC TCP intercept encryption Queueing

Inside-to-Outside

Outside-to-Inside

If IPSec then check input access list
decryption – for CET (Cisco Encryption Technology) or IPSec
check input access list
check input rate limits
input accounting
policy routing
routing
redirect to web cache
NAT inside to outside (local to global translation)
crypto (check map and mark for encryption)
check output access list
inspect (Context-based Access Control (CBAC))
TCP intercept
encryption
Queueing

If IPSec then check input access list
decryption – for CET or IPSec
check input access list
check input rate limits
input accounting
NAT outside to inside (global to local translation)
policy routing
routing
redirect to web cache
crypto (check map and mark for encryption)
check output access list
inspect CBAC
TCP intercept
encryption
Queueing

NAT Configuration and Output

The following example demonstrates how the order of operations can effect NAT. In this case, only NAT and routing are shown.

In the above example, Router-A is configured to translate the inside local address 171.68.200.48 to 172.16.47.150, as shown in the configuration below.

!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname Router-A
!
enable password ww
!
ip nat inside source static 171.68.200.48 172.16.47.150

              !--- This command creates a static NAT translation !--- between 171.68.200.48 and 172.16.47.150 
            
ip domain-name cisco.com
ip name-server 171.69.2.132
!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 ip address 172.16.47.161 255.255.255.240
 ip nat inside

              !--- Configures Serial0 as the NAT inside interface
            
 no ip mroute-cache
 no ip route-cache
 no fair-queue
!
interface Serial1
 ip address 172.16.47.146 255.255.255.240
 ip nat outside

              !--- Configures Serial1 as the NAT outside interface
            
 no ip mroute-cache
 no ip route-cache
!
no ip classless
ip route 0.0.0.0 0.0.0.0 172.16.47.145

              !--- Configures a default route to 172.16.47.145
            

ip route 171.68.200.0 255.255.255.0 172.16.47.162
!
!
line con 0
 exec-timeout 0 0
line aux 0
line vty 0 4
 password ww
 login
!
end

The translation table indicates that the intended translation exists.

Router-A#show ip nat translation
Pro Inside global      Inside local       Outside local      Outside global
--- 172.16.47.150      171.68.200.48      ---                ---

The following output is taken from Router-A with debug ip packet detail and debug ip nat enabled, and a ping issued from device 171.68.200.48 destined for 172.16.47.142.

Note: Debug commands generate a significant amount of output. Use them only when traffic on the IP network is low, so other activity on the system is not adversely affected. Before issuing debug commands, please see Important Information on Debug Commands.

IP: s=171.68.200.48 (Serial0), d=172.16.47.142, len 100, unroutable
    ICMP type=8, code=0
IP: s=172.16.47.161 (local), d=171.68.200.48 (Serial0), len 56, sending
    ICMP type=3, code=1
IP: s=171.68.200.48 (Serial0), d=172.16.47.142, len 100, unroutable
    ICMP type=8, code=0
IP: s=171.68.200.48 (Serial0), d=172.16.47.142, len 100, unroutable
    ICMP type=8, code=0
IP: s=172.16.47.161 (local), d=171.68.200.48 (Serial0), len 56, sending
    ICMP type=3, code=1
IP: s=171.68.200.48 (Serial0), d=172.16.47.142, len 100, unroutable
    ICMP type=8, code=0
IP: s=171.68.200.48 (Serial0), d=172.16.47.142, len 100, unroutable
    ICMP type=8, code=0
IP: s=172.16.47.161 (local), d=171.68.200.48 (Serial0), len 56, sending
    ICMP type=3, code=1

Since there are no NAT debug messages in the output above, you know that the existing static translation is not being used and that the router does not have a route for the destination address (172.16.47.142) in its routing table. The result of the non-routable packet is an ICMP Unreachable message, which is sent to the inside device.

However, Router-A has a default route of 172.16.47.145, so why is the route considered non-routable?

Router-A has no ip classless configured, which means if a packet destined for a “major” network address (in this case, 172.16.0.0) for which subnets exist in the routing table, the router does not rely on the default route. In other words, issuing the no ip classless command turns off the router’s ability to look for the route with the longest bit match. To change this behavior, you have to configure ip classless on Router-A. The ip classless command is enabled by default on Cisco routers with IOS Version 11.3 and above.

Router-A#configure terminal
Enter configuration commands, one per line.  End with CTRL/Z.
Router-A(config)#ip classless
Router-A(config)#end

Router-A#show ip nat translation
%SYS-5-CONFIG_I: Configured from console by console nat tr
Pro Inside global      Inside local       Outside local      Outside global
--- 172.16.47.150      171.68.200.48      ---                ---

Repeating the same ping test as before, we see that the packet gets translated and the ping is successful.

Ping Response on device 171.68.200.48

D:\>ping 172.16.47.142
Pinging 172.16.47.142 with 32 bytes of data:

Reply from 172.16.47.142: bytes=32 time=10ms TTL=255
Reply from 172.16.47.142: bytes=32 time<10ms TTL=255
Reply from 172.16.47.142: bytes=32 time<10ms TTL=255
Reply from 172.16.47.142: bytes=32 time<10ms TTL=255

Ping statistics for 172.16.47.142:
    Packets: Sent = 4, Received = 4, Lost = 0 (0%)
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  10ms, Average =  2ms

Debug messages on Router A indicating that the packets generated by device
171.68.200.48 are getting translated by NAT. 

Router-A#
*Mar 28 03:34:28: IP: tableid=0, s=171.68.200.48 (Serial0), d=172.16.47.142 (Serial1), routed via RIB
*Mar 28 03:34:28: NAT: s=171.68.200.48->172.16.47.150, d=172.16.47.142 [160]
*Mar 28 03:34:28: IP: s=172.16.47.150 (Serial0), d=172.16.47.142 (Serial1), g=172.16.47.145, len 100, forward
*Mar 28 03:34:28: ICMP type=8, code=0
*Mar 28 03:34:28: NAT*: s=172.16.47.142, d=172.16.47.150->171.68.200.48 [160]
*Mar 28 03:34:28: IP: tableid=0, s=172.16.47.142 (Serial1), d=171.68.200.48 (Serial0), routed via RIB
*Mar 28 03:34:28: IP: s=172.16.47.142 (Serial1), d=171.68.200.48 (Serial0), g=172.16.47.162, len 100, forward
*Mar 28 03:34:28: ICMP type=0, code=0
*Mar 28 03:34:28: NAT*: s=171.68.200.48->172.16.47.150, d=172.16.47.142 [161]
*Mar 28 03:34:28: NAT*: s=172.16.47.142, d=172.16.47.150->171.68.200.48 [161]
*Mar 28 03:34:28: IP: tableid=0, s=172.16.47.142 (Serial1), d=171.68.200.48
(Serial0), routed via RIB
*Mar 28 03:34:28: IP: s=172.16.47.142 (Serial1), d=171.68.200.48 (Serial0),
g=172.16.47.162, len 100, forward
*Mar 28 03:34:28: ICMP type=0, code=0
*Mar 28 03:34:28: NAT*: s=171.68.200.48->172.16.47.150, d=172.16.47.142 [162]
*Mar 28 03:34:28: NAT*: s=172.16.47.142, d=172.16.47.150->171.68.200.48 [162]
*Mar 28 03:34:28: IP: tableid=0, s=172.16.47.142 (Serial1), d=171.68.200.48
(Serial0), routed via RIB
*Mar 28 03:34:28: IP: s=172.16.47.142 (Serial1), d=171.68.200.48 (Serial0),
g=172.16.47.162, len 100, forward
*Mar 28 03:34:28: ICMP type=0, code=0
*Mar 28 03:34:28: NAT*: s=171.68.200.48->172.16.47.150, d=172.16.47.142 [163]
*Mar 28 03:34:28: NAT*: s=172.16.47.142, d=172.16.47.150->171.68.200.48 [163]
*Mar 28 03:34:28: IP: tableid=0, s=172.16.47.142 (Serial1), d=171.68.200.48
(Serial0), routed via RIB
*Mar 28 03:34:28: IP: s=172.16.47.142 (Serial1), d=171.68.200.48 (Serial0),
g=172.16.47.162, len 100, forward
*Mar 28 03:34:28: ICMP type=0, code=0
*Mar 28 03:34:28: NAT*: s=171.68.200.48->172.16.47.150, d=172.16.47.142 [164]
*Mar 28 03:34:28: NAT*: s=172.16.47.142, d=172.16.47.150->171.68.200.48 [164]
*Mar 28 03:34:28: IP: tableid=0, s=172.16.47.142 (Serial1), d=171.68.200.48
(Serial0), routed via RIB
*Mar 28 03:34:28: IP: s=172.16.47.142 (Serial1), d=171.68.200.48 (Serial0),
g=172.16.47.162, len 100, forward
*Mar 28 03:34:28: ICMP type=0, code=0

Router-A#undebug all
All possible debugging has been turned off

The above example shows that when a packet is traversing inside to outside, a NAT router checks its routing table for a route to the outside address before it continues to translate the packet. Therefore, it is important that the NAT router has a valid route for the outside network. The route to the destination network must be known through an interface that is defined as NAT outside in the router configuration.

It is important to note that the return packets are translated before they are routed. Therefore, the NAT router must also have a valid route for the Inside local address in its routing table.

你还想看

NAT/PAT中对于FTP的处理，以及PAT后的非标准21 FTP端口设置

admin — Sat, 19 Sep 2009 14:40:06 +0000

这里先要对FTP的两种模式说一下：

引用一张Cisco上面的图：

http://www.cisco.com/image/gif/paws/82018/pix-asa-enable-ftp-2.gif

FTP分为两种模式：主动Active 被动 Passive

主动模式下是使用21作为控制， 20作为数据口。

首先是客户端通过大于1023的端口发起到服务器21端口的控制连接，信息交换完成后。服务器从20端口发起连接到客户端提供的接收端口。

这是传统意义上的FTP行为。

被动模式是使用21作为控制，然后服务器自动选择一个大于1023的端口作为数据。

首先是客户端通过大于1023的端口发起到服务器21端口的控制连接，信息交换完成后。服务器告诉客户端一个大于1023的端口作为数据口，

然后客户端再以另外一个大于1023的端口发起连接到服务器提供的数据端口进行数据传输。

目前大多数服务器都支持这种模式，而且大部分客户端都默认采用被动模式和服务器进行传输。

好了，当我们在内网有两台服务器FTP SEVER1和FTP SERVER2都需要被外网访问的时侯，我们会分别为这两个服务器做映射出去。

假定FTP SERVE1(10.0.0.100)占用公网IP(x.x.x.x)的21端口，FTP SERVER2(10.0.0.200)占用公网IP(x.x.x.x)的2211端口。那么我们就会这么写：

ip nat inside source static tcp 10.0.0.100 21 x.x.x.x 21 extendable

ip nat inside source static tcp 10.0.0.200 21 x.x.x.x 2211 extendable

这样做了以后，我们会发现FTP SERVER1是正常的，而FTP SERVER2却不正常，表现为登录以后无法列出目录:

以下为FTP 客户端的LOG：

[xx:xx:03] PASV
[xx:xx:03] 227 Entering Passive Mode (10,0,0,200,6,32)
[xx:xx:24] Data Socket Error: Connection timed out
[xx:xx:24] List Complete: 0 bytes in 21.44 (1.00 KBps)

这是为什么呢？

答案就是在被动模式下，FTP SEVER告诉客户端的数据端口，无法被访问。为什么 FTP SERVER1又可以呢？

因为FTP SERVER1在对外映射的时侯采用了21端口，IOS会自动识别这个端口是FTP控制口，

从而去检查里面FTP数据控制数据发现服务器告诉客户端的这个用于传送数据的端口，然后自动的添加一条映射。

phanx# sh ip nat tr | in 10.0.0.100:
tcp x.x.x.x:21 10.0.0.100:21 y.y.y.y:1585 y.y.y.y:1585
tcp x.x.x.x:21 10.0.0.100:21 – -
tcp x.x.x.x:1812 10.0.0.20:1812 y.y.y.y:1594 y.y.y.y:1594

而FTP SERVER2映射的端口2211无法自动被识别成FTP端口，所以IOS不会自动的为它建立数据端口的映射。

解决的办法就是用 ip nat service 来指定这个端口。

access-list 10 permit 10.0.0.200

ip nat service 10 ftp tcp port 21

注意，这里的tcp port 21是指的 10.0.0.200的FTP端口21而不是 x.x.x.x的2211。如果FTP SERVER2用的FTP端口是其他的，那么就写对应的端口号。

这样做了以后，我们的FTP SERVER2就可以以 x.x.x.x:2211 的方式被公网访问了。

说道这里，问题已经解决了。但是，有人可能会提出来，既然FTP SERVER1用被动很正常，x.x.x.x:20端口并没有使用，

那为什么不用把FTP SERVER2主动模式来映射呢？比如这样做:

ip nat inside source static tcp 10.0.0.200 20 x.x.x.x 20 extendable

ip nat inside source static tcp 10.0.0.200 21 x.x.x.x 2211 extendable

OK. 这样做其实对于一部分情况是没有问题的。例如客户机的地址是公网地址，或者说能被FTP SERVER2所访问的地址。

但是如果客户机也是通过NAT/PAT上网的呢？假设客户端地址是192.168.1.111我们将看到这样的情况：

[00:14:10] PORT 192,168,1,111 ,6,179
[00:14:10] 200 PORT Command successful.
[00:14:10] REST 2028256
[00:14:10] 350 Restarting at 2028256. Send STORE or RETRIEVE.
[00:14:10] RETR fool.exe
[00:14:10] 150 Opening BINARY mode data connection for fool.exe (924668 Bytes).
[00:14:11] 425 Cannot open data connection.
[00:14:11] Transfer Failed!

因为是主动模式，是服务器主动送数据给客户机。那客户机通过控制信息就需要告诉服务器往哪里送，

但是FTP客户端并不知道自己的公网地址和端口，并且客户机也没有能力去自己的NAT/PAT网关上去开放一个端口让服务器来送数据。

所以它是以自己的实际地址去告诉服务器的。对于服务器而言，这个地址是无法被访问到的，所以这个办法也有行不通的地方。

当然，如果FTP客户端支持uPNP能识别到翻译后的公网地址，NAT/PAT网关也有uPNP的能力的话，主动模式的这个问题应该就能解决。

BTW：主动模式的FTP又被称为 “firewall UNfriendly”，什么原因？好好理解哦～

PIX/ASA上面的配置方法见：

PIX/ASA 7.x: Enable FTP/TFTP Services Configuration Example

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807ee585.shtml

你还想看

about ip address

admin — Thu, 27 Aug 2009 09:27:58 +0000

http://www.rfc-editor.org/rfc/rfc3330.txt

 Address Block             Present Use                       Reference
   ---------------------------------------------------------------------
   0.0.0.0/8            "This" Network                 [RFC1700, page 4]
   10.0.0.0/8           Private-Use Networks                   [RFC1918]
   14.0.0.0/8           Public-Data Networks         [RFC1700, page 181]
   24.0.0.0/8           Cable Television Networks                    --
   39.0.0.0/8           Reserved but subject
                           to allocation                       [RFC1797]
   127.0.0.0/8          Loopback                       [RFC1700, page 5]
   128.0.0.0/16         Reserved but subject
                           to allocation                             --
   169.254.0.0/16       Link Local                                   --
   172.16.0.0/12        Private-Use Networks                   [RFC1918]
   191.255.0.0/16       Reserved but subject
                           to allocation                             --
   192.0.0.0/24         Reserved but subject
                           to allocation                             --
   192.0.2.0/24         Test-Net
   192.88.99.0/24       6to4 Relay Anycast                     [RFC3068]
   192.168.0.0/16       Private-Use Networks                   [RFC1918]
   198.18.0.0/15        Network Interconnect
                           Device Benchmark Testing            [RFC2544]
   223.255.255.0/24     Reserved but subject
                           to allocation                             --
   224.0.0.0/4          Multicast                              [RFC3171]
   240.0.0.0/4          Reserved for Future Use        [RFC1700, page 4]

Random Posts

Understanding SVI Autostate Exclude

admin — Mon, 24 Aug 2009 15:28:00 +0000

To be “up/up,” a router VLAN interface must fulfill the following general conditions:

•The VLAN exists and is “active” on the VLAN database of the switch.

•The VLAN interface exists on the router and is not administratively down.

•At least one Layer 2 (access port or trunk) port exists, has a link “up” on this VLAN and is in spanning-tree forwarding state on the VLAN.

Random Posts

DNS缓存投毒细节泄露

admin — Thu, 30 Apr 2009 13:36:56 +0000

昨天Mantasano上的一篇文章描述了Dan Kaminsky的DNS域名服务器攻击的细节。该文章发表了几分钟之后即被删掉了。
虽然Dan Kaminsky已经联合厂商发布了补丁，但是仍处于补丁推送阶段，目前仍有相当一部分域名服务器还没有打补丁。如果被恶意利用的话，对整个互联网还是很有威胁的。这也是为什么Dan 希望 “not speculate publicly”。
大概看了一下那篇hypothesis，基本上还是利用了”Cache 投毒”（cache poisoning）的方法，不过使用了一些新的技巧。

DNS查询是如何进行的？对于绝大多数桌面系统来说，DNS的查询并不是由自己的机器完成的，DNS查询会提交给另一台DNS服务器（这台服务器通常是由 ISP或者公司提供），然后这台服务器再去进行真正的查询操作。这样做的好处是DNS的查询结果可以由这台机器给缓存下来，从而提高查询效率并降低由 DNS带来的流量开销。
一台缓存DNS服务器（与权威DNS相对，这类系统提供的）下面的桌面系统可能有几百、几千、几万甚至几十万台桌面系统。
DNS缓存中毒攻击指的是更改了DNS服务器的DNS缓存中某项，这样缓存中与主机名相关的IP地址就不再指向正确的位置。例如，如果 www.example.com映射到IP地址192.168.0.1且DNS服务器的缓存中存在这个映射，则成功向这个服务器的DNS缓存投毒的攻击者就可以将www.example.com映射到10.0.0.1。在这种情况下，试图访问www.example.com的用户就可能与错误的Web服务器联络。
当攻击者试图请求查询某站点的域名时，DNS服务器首先会检查自己的DNS缓存中是否存在该域名，如果存在则将该域名所对应的IP地址返回给请求者，如果不存在则向上一级DNS或者权威DNS查询。这就会给攻击者带来一定的困难，如果是大一点的站点的话，攻击者发起DNS查询时，DNS服务器直接从缓存应答了，根本不会去请求权威域名服务器。怎么才能解决这个问题呢？云舒在他的DNS缓存中毒漏洞的一点推测中也提到过。
比如我们要攻击www.google.com.首先向目的DNS服务器查询根本不存在的二级域名，比如：aaa.google.com. DNS服务器在缓存中查找aaa.google.com,没有找到，则会向上级DNS或者权威DNS查询。这时我们可以生成伪造的DNS Response数据包并发送这些的伪造DNS Response数据包给目的服务器。让目的DNS在上级DNS或者权威DNS服务器响应到达之前，接受到恶意的应答。
从表面上看这样只是截持了一个不存在的二级域名，只能用来钓钓鱼罢了。
其实DNS Response数据包可以不仅仅包含aaa.google.com的IP地址，还可以在DNS 数据包的Additional resource record中包含www.google.com的IP地址（当然该IP地址可以是伪造的）。当目的DNS收到该数据报时会将伪造的IP地址与 www.google.com关联起来并刷新到缓存上。这样就完成了主域名的截持。

Random Posts

通过emule做DDOS是否可行？

admin — Thu, 30 Apr 2009 13:25:38 +0000

by 云舒

今天抽空看了下emule协议几个可能会出问题的地方，初步感觉是可能真的有问题。下了代码回来看了，不过代码太大，目前还没找到地方，没法对想法进行印证。我简单的说下，看哪位代码牛人能够在项目中找到对应的代码。

首先是在客户端连接到服务器之后，搜索文件时，服务器返回结果的报文。报文中返回的结果是一个集合，每个集合表示一条记录。但是每条记录中，并不包含拥有该文件的客户端的IP地址，而是返回的拥有该文件的客户端的ClientID和端口。这里我猜测ClientID的计算是可逆的，搜索发起者可以根据这个 ClientID计算出IP地址，然后连接，请求下载文件。具体报文结构如下：

名称	大小（字节）	默认值	注释
协议类型	1	0xE3
大小	4		不包含报文和大小域的报文大小
类型	1	0×16	操作码 OP SEARCHRESULT 的值
结果数	4	N/A	此报文中包含的结果数目
结果列表	可变	N/A	一个结果的列表

搜索结果列表项格式：

名称	大小（字节）	默认值	注释
文件HASH	16	N/A	用于识别文件的 Hash 值
客户端 ID	4	N/A	eMule服务器分配给客户端的ID
客户端端口	2	N/A	客户端的监听的TCP端口
标志数	4	N/A	其后的属性标志个数
标志列表	可变	N/A	标志列表

其次的第二个地方是下载文件的地方，客户端要求下载一个文件时，服务器会返回一个源查找结果报文。该报文也是只包含源的ClientID和端口，客户端应该是按照ClientID计算出IP地址，再去连接下载文件的。具体报文如下：

名称	大小（字节）	默认值	注释
协议类型	1	0xE3
大小	4	N/A	不包含报文头和大小域的报文大小
类型	1	0×42	操作码 OP FOUNDSOURCES 的值
文件HASH	16	N/A	相关文件的 Hash 值
源数量	1	N/A	拥有该文件的机器的数量
源列表	可变	N/A	源列表内容，每一条是一个可用源

每一条源的报文格式如下：

名称	大小（字节）	默认值	注释
客户端 ID	4	N/A	共享该文件的客户端的 ID
客户端端口	2	N/A	共享该文件的客户端端口

可以看到，搜索某个文件时，服务器返回的搜索列表中按照ClientID来区分不同的其它客户端。在开始下载一个文件时，服务器返回的可用源列表中，每个源也是以一个ClientID来表示的。也就是说，没一个ClientID就可以确定一个源，区分开彼此。而emule可以根据这个ClientID找到对应的客户端，去连接指定端口，请求文件。那么，现在的问题是这个ClientID是哪里来的？

原来这个ClientID在正常情况下，是我们连接到emule服务器时，服务器分配给我们的。但是注意到，在连接之后，我们可以像服务器提供我们所拥有的文件列表，报文格式如下：

名称	大小（字节）	默认值	注释
协议类型	1	0xE3
大小	4		不包含报文和大小域的报文大小
类型	1	0×15	操作码 OP SEARCHRESULT 的值
文件数	4	N/A	共享列表中的文件数，这个数不超过 200
文件列表	可变	N/A	可选的文件列表,单个项的描述见下

单个文件条目描述我就不细写了，比较有用的字段是文件Hash码，ClientID，以及端口。这样看来，我们在连接到服务器之后，告诉它baidu的IP地址，TCP80端口，有赤壁下载，或者有XXX片下载，别人下载的时候，emule客户端会不会从服务器返回的可用源列表中，找到这条记录，并且去连接？

关键问题到了ClientID的计算，协议中这样描述的：假设 IP 地址为 X.Y.Z.W,则客户端 ID 按公式 X+28*Y+216*Z+24*W (Big Endian[6])计算。如果想法是正确的，那么我们可以先计算出百度的IP地址的ClientID，端口设置为80，然后通知服务器，这个 ClientID有高树的片子可以看……

你还想看

Windows XP的无线桥接

Getting Started With JGAP

admin — Tue, 21 Apr 2009 12:31:27 +0000

Preface: Please note that this documentation could be correlated to a former JGAP version. Therefor we recommend having a look at the examples provided with JGAP and then read this document in order to get an idea.

To use JGAP in an application, there are five basic things that you must do:

Through the course of this tutorial, we’ll build a simple example program that makes use of JGAP. The goal of our program will be to produce a user-specified amount of change in the fewest possible American coins (quarters, dimes, nickels, and pennies).

Step 1: Plan your Chromosome

At the heart of the genetic algorithm is the Chromosome. The Chromosome represents a potential solution and is divided into multiple genes. Genes in JGAP represent distinct aspects of the solution as a whole, just as human genes represent distinct aspects of individual people, such as their sex or eye color. During the JGAP evolution process, chromosomes are exposed to multiple genetic operators that represent mating, mutation, etc. and then are chosen for the next generation during a natural selection phase based upon their “fitness,” which is a measure of how optimal that solution is relative to other potential solutions. The entire goal of the genetic algorithm is to mimic the natural process of evolution in order to produce superior solutions.

Step 1, therefore, is to decide on the makeup of your chromosomes, which includes how many genes you want and what those genes will represent. In our sample program, we want to create a pile of change that contains the fewest possible American coins that total up to the amount specified by the user. Since a chromosome represents a potential solution, in our sample it will represent a pile of change. We’ll setup our genes to represent the different denominations of coins so that we’ll have a total of four genes per chromosome (one each for quarters, dimes, nickels, and pennies).

We’ll actually write the code to setup our Chromosome objects in step 3.

Step 2: Implementing a Fitness Function

JGAP is designed to do almost all of the evolutionary work for you in a relatively generic fashion. However, it has no knowledge of the specific problem you’re actually trying to solve, and hence has no intrinsic way of deciding if one potential solution is any better than another potential solution for your specific problem. That’s where the fitness function comes in: it’s a single method that you must implement that accepts a potential problem solution and returns an integer value that indicates how good (or “fit”) that solution is relative to other possible solutions. The higher the number, the better the solution. The lower the number (1 being the lowest legal fitness value), the poorer the solution. JGAP will use these fitness measurements to evolve the population of solutions toward a more optimal set of solutions.

Let’s start with a fully-working example of a fitness function, the details of which will be explained below. Since the goal of our small program is to produce an amount of change in American coins equal to a target amount in the fewest possible number of coins, it seems reasonable that the measure of fitness for a particular solution would be a combination of the relative closeness of the amount of change it represented to the target amount of change, and the total number of coins represented by the solution (fewer being better).


            
              package
             examples;


              import
             org.jgap.Chromosome;

              import
             org.jgap.FitnessFunction;


              /**
            

              * This class provides an implementation of the classic "Make change" problem
            

              * using a genetic algorithm. The goal of the problem is to provide a
            

              * specified amount of change (from a cash purchase) in the fewest coins
            

              * possible. This example implementation uses American currency (quarters,
            

              * dimes, nickels, and pennies).
            

              *
            

              * This example may be seen as somewhat significant because it demonstrates
            

              * the use of a genetic algorithm in a less-than-optimal problem space.
            

              * The genetic algorithm does best when there is a smooth slope of fitness
            

              * over the problem space towards the optimum solution. This problem exhibits
            

              * a more choppy space with more local optima. However, as can be seen from
            

              * running this example, the genetic algorithm still will get the correct
            

              * answer virtually everytime.
            

              */
            

              public
             
              class
             MinimizingMakeChangeFitnessFunction 
              extends
             FitnessFunction
{
    
              private
             
              final
             
              int
             m_targetAmount;

    
              /**
            

              * Constructs this MinimizingMakeChangeFitnessFunction with the desired
            

              * amount of change to make.
            

              *
            

              * @param a_targetAmount The desired amount of change, in cents. This
            

              * value must be between 1 and 99 cents.
            

              */
            
    
              public
             MinimizingMakeChangeFitnessFunction( 
              int
             a_targetAmount )
    {
        
              if
            
            ( a_targetAmount < 1 || a_targetAmount > 99 )
        {
            
              throw
             
              new
             IllegalArgumentException(
                
              "Change amount must be between 1 and 99 cents."
             );
        }

        m_targetAmount = a_targetAmount;
    }

    
              /**
            

              * Determine the fitness of the given Chromosome instance. The higher the
            

              * return value, the more fit the instance. This method should always
            

              * return the same fitness value for two equivalent Chromosome instances.
            

              *
            

              * @param a_subject: The Chromosome instance to evaluate.
            

              *
            

              * @return A positive integer reflecting the fitness rating of the given
            

              * Chromosome.
            

              */
            
    
              public
             
              double
             evaluate( IChromosome a_subject )
    {
        
              // The fitness value measures both how close the value is to the
            
        
              // target amount supplied by the user and the total number of coins
            
        
              // represented by the solution. We do this in two steps: first,
            
        
              // we consider only the represented amount of change vs. the target
            
        
              // amount of change and calculate higher fitness values for amounts
            
        
              // closer to the target, and lower fitness values for amounts further
            
        
              // away from the target. If the amount equals the target, then we go
            
        
              // to step 2, which adjusts the fitness to a higher value for
            
        
              // solutions representing fewer total coins, and lower fitness
            
        
              // values for solutions representing a larger total number of coins.
            
        
              // ------------------------------------------------------------------
            
        
              int
             changeAmount = amountOfChange( a_subject );
        
              int
             totalCoins = getTotalNumberOfCoins( a_subject );
        
              int
             changeDifference = Math.abs( m_targetAmount - changeAmount );

        
              // Step 1: Determine the distance of the amount represented by the
            
        
              // solution from the target amount. Since we know the maximum amount
            
        
              // of change is 99 cents, we'll subtract from that the difference
            
        
              // between the solution amount and the target amount. That will give
            
        
              // the desired effect of returning higher values for amounts close
            
        
              // to the target amount and lower values for amounts further away
            
        
              // from the target amount.
            
        
              // ------------------------------------------------------------------
            
        
              double
             fitness = ( 99 - changeDifference );

        
              // Step 2: If the solution amount equals the target amount, then
            
        
              // we add additional fitness points for solutions representing fewer
            
        
              // total coins.
            
        
              // -----------------------------------------------------------------
            
        
              if
            
            ( changeAmount == m_targetAmount )
        {
            fitness += 100 - ( 10 * totalCoins );
        }

        
              return
             fitness;
    }

    
              /**
            

              * Calculates the total amount of change (in cents) represented by
            

              * the given chromosome and returns that amount.
            

              *
            

              * @param a_potentialSolution The potential solution to evaluate.
            

              * @return The total amount of change (in cents) represented by the
            

              * given solution.
            

              */
            
    
              public
             
              static
             
              int
             amountOfChange( IChromosome a_potentialSolution )
    {
        
              int
             numQuarters = getNumberOfCoinsAtGene( a_potentialSolution, 0 );
        
              int
             numDimes = getNumberOfCoinsAtGene( a_potentialSolution, 1 );
        
              int
             numNickels = getNumberOfCoinsAtGene( a_potentialSolution, 2 );
        
              int
             numPennies = getNumberOfCoinsAtGene( a_potentialSolution, 3 );

        
              return
             ( numQuarters * 25 ) + ( numDimes * 10 ) + ( numNickels * 5 ) +
               numPennies;
    }

    
              /**
            

              * Retrieves the number of coins represented by the given potential
            

              * solution at the given gene position.
            

              *
            

              * @param a_potentialSolution The potential solution to evaluate.
            

              * @param a_position The gene position to evaluate.
            

              * @return the number of coins represented by the potential solution
            

              * at the given gene position.
            

              */
            
    
              public
             
              static
             
              int
             getNumberOfCoinsAtGene( IChromosome a_potentialSolution,
                                              
              int
             a_position )
    {
        Integer numCoins =
          (Integer) a_potentialSolution.getGene(a_position).getAllele();

        
              return
             numCoins.intValue();
    }

    
              /**
            

              * Returns the total number of coins represented by all of the genes in
            

              * the given chromosome.
            

              *
            

              * @param a_potentialsolution The potential solution to evaluate.
            

              * @return The total number of coins represented by the given Chromosome.
            

              */
            
    
              public
             
              static
             
              int
             getTotalNumberOfCoins( IChromosome a_potentialsolution )
    {
        
              int
             totalCoins = 0
            ;

        
              int
             numberOfGenes = a_potentialsolution.size();
        
              for
            
            ( 
              int
             i = 0
            ; i < numberOfGenes; i++ )
        {
            totalCoins += getNumberOfCoinsAtGene( a_potentialsolution, i );
        }

        
              return
             totalCoins;
    }
}

Let’s tackle our example fitness function bit by bit. To start, we define our own class and extend the org.jgap.FitnessFunction class. All fitness functions must extend the FitnessFunction class. We then define a constructor and an evaluate() method. The evaluate() method is a standard method that all fitness functions must implement. That is the method that will be called by the genetic engine when it needs to know the fitness value of a chromosome.

Our constructor isn’t very exciting: it merely accepts a target change amount that the user desires, verifies that the amount meets our constraint of being between 1 and 99 cents, and then stores the amount in an instance variable for later use.

The interesting part of the whole class is the evaluate() method, which is where the work is done. The evaluate method is always passed in a Chromosome, which represents a potential solution. A Chromosome is made up of genes, each of which represents a respective part of the solution. In our example, the Chromosome represents an amount of change, while the genes represent the specific kinds of coins: quarters for the first gene, dimes for the second gene, nickels for the third gene, and pennies for the fourth gene. The value of a gene is called an allele. In our example, the allele would be the number of a given type of coin (for example, 2 pennies).

The first thing the evaluate() method does is invoke a couple of helper methods which conveniently return the total amount of change that is represented by the potential solution and the total number of coins represented by the solution. We’ll take a closer look at how these work later. It then subtracts the amount of change represented by the solution from the target amount, and takes the absolute value of the difference to measure how close the solution amount is to the target amount. We then set about calculating our fitness value.

As the comments indicate, we’re going to calculate fitness in two stages. The first stage calculates an initial fitness value based on how far away the solution amount is from the target amount. Then, if the solution amount happens to equal the target amount, we go to stage two, which adjusts the fitness value based upon the total number of coins represented by the solution. In the end, we want to return high fitness values for solutions that match the target amount with very few coins, and return lower fitness values for solutions that are far away from the target amount or represent a large number of coins.

Moving beyond the evaluate() method, we encounter those helper methods we mentioned earlier. The amountOfChange() method calculates the total amount of change (in cents) represented by a Chromosome that is passed to it. Internally, it defers to the getNumberOfCoinsAtGene() method to actually extract the number of each type of coin. It then calculates the total amount of change and returns it.

The next convenience method, getNumberOfCoinsAtGene(), is responsible for determining the number of coins represented by a specific gene in the given Chromosome. As mentioned earlier, the value of each gene in the Chromosome is called an allele. This method gets the allele for the gene at the provided position in the Chromosome and then returns it as an int primitive.

Finally, there’s a getTotalNumberOfCoins() method that determines the total number of coins represented by a given Chromosome. It simply tallies up the number of coins represented by each gene–using the getNumberOfCoinsAtGene() method–and then returns the tally.

And that’s the end of the fitness function. If you’re feeling a little bit overwhelmed, don’t worry about it and take some comfort in the fact that it’s all down hill from here! The fitness function is the hardest part of using JGAP and, after writing a few, you’ll get the hang of it.

Step 3: Setup a Configuration Object

JGAP is designed to be very flexible and pluggable. If you want, you can create your own genetic operators, random number generators, natural selectors, and so on. To support all of this, JGAP uses a Configuration object that must be setup with all of the settings you want prior to using the genetic engine. Fortunately, we realize that most people will want to use the stock components, and so we include a DefaultConfiguration class that comes already setup with the most common settings. You just need to provide three extra pieces of information: what fitness function you want to use, how you want your Chromosomes to be setup, and how many Chromosomes you want in your population. Let’s look at some sample code that you might want to include in the same class as the above snippets.


            
              
                public
               
                static
               
          
          
            void main(String[] args) throws Exception {
  
          
            
              
                // Start with a DefaultConfiguration, which comes setup with the
              
  
                // most common settings.
              
  
                // -------------------------------------------------------------
              
  Configuration conf = 
                new
               DefaultConfiguration();

  
                // Set the fitness function we want to use, which is our
              
  
                // MinimizingMakeChangeFitnessFunction that we created earlier.
              
  
                // We construct it with the target amount of change provided
              
  
                // by the user.
              
  
                // ------------------------------------------------------------
              
  int targetAmount = Integer.parseInt(args[0]); FitnessFunction myFunc =
    
                new
               MinimizingMakeChangeFitnessFunction( targetAmount );

  conf.setFitnessFunction( myFunc );

  
                // Now we need to tell the Configuration object how we want our
              
  
                // Chromosomes to be setup. We do that by actually creating a
              
  
                // sample Chromosome and then setting it on the Configuration
              
  
                // object. As mentioned earlier, we want our Chromosomes to
              
  
                // each have four genes, one for each of the coin types. We
              
  
                // want the values of those genes to be integers, which represent
              
  
                // how many coins of that type we have. We therefore use the
              
  
                // IntegerGene class to represent each of the genes. That class
              
  
                // also lets us specify a lower and upper bound, which we set
              
  
                // to sensible values for each coin type.
              
  
                // --------------------------------------------------------------
              
  Gene[] sampleGenes = 
                new
               Gene[ 4 ];

  sampleGenes[
              0
              ] = 
                new
               IntegerGene(conf, 0
              , 3 );  
                // Quarters
              
  sampleGenes[
              1
              ] = 
                new
               IntegerGene(conf, 0
              , 2 );  
                // Dimes
              
  sampleGenes[
              2
              ] = 
                new
               IntegerGene(conf, 0
              , 1 );  
                // Nickels
              
  sampleGenes[
              3
              ] = 
                new
               IntegerGene(conf, 0
              , 4 );  
                // Pennies
              

  Chromosome sampleChromosome = 
                new
               Chromosome(conf, sampleGenes );

  conf.setSampleChromosome( sampleChromosome );

  
                // Finally, we need to tell the Configuration object how many
              
  
                // Chromosomes we want in our population. The more Chromosomes,
              
  
                // the larger the number of potential solutions (which is good
              
  
                // for finding the answer), but the longer it will take to evolve
              
  
                // the population each round. We'll set the population size to
              
  
                // 500 here.
              
  
                // --------------------------------------------------------------
              
  conf.setPopulationSize( 500 ); // TODO: Add the code following below in this example here}

Hopefully most of the above code is pretty self-explanatory, with maybe the exception of setting up the sample Chromosome. Let’s look at that bit in a little more detail.

As mentioned earlier, a Chromosome is made up of genes. JGAP lets you choose what Gene class to use to represent each gene in the Chromosome (for more information on creating custom Gene classes, please see the Creating Custom Genes document). That provides the most flexibility and convenience. If we wanted to, we could have actually written a separate Gene class for each coin type in our example, such as a QuarterGene, DimeGene, NickelGene, and PennyGene. In fact, we look at what a QuarterGene might look like in the Creating Custom Genes document that we just mentioned.

As it happens, we decided that the IntegerGene (which comes with JGAP) would suffice. You’ll notice, however, that we did take advantage of the ability to specify different Gene implementations for each gene in the Chromosome by creating separate IntegerGenes with different lower and upper bounds for each coin type. We set the upper bounds to be the largest number of coins of that respective type that would appear in an optimal solution. Limiting the solution space this way helps JGAP arrive at better solutions with fewer evolutions.

So to get back to the code, we first create an array of Genes with a length of 4, since we want to represent 4 genes (one for each coin type). We then set each Gene in the array to an IntegerGene that is constructed with appropriate lower and upper bounds for that coin type. Finally, we construct a new Chromosome and pass it the array of Genes, and then set that sample Chromosome on the Configuration object.

The final part of this step is setting the population size, which is the number of Chromosomes we want in the population. A larger population size means more potential solutions to choose from and more genetic diversity, but it also means more work to evolve that population. Ultimately, you’ll need to settle on a value that balances your need for a nice selection of potential solutions against how much time you’re willing to spend waiting for your population to evolve. The population size is chosen higher than the number of possible solutions here (as 3*2*1*4 = 24). But as Genetic Algorithms is a stochastic system, the more tries the GA is allowed to make, the higher the chances finding a good solution. Besides, the population size should not be correlated too specifically to a narrowed search space, but be usable in a more generic way. Meaning: if the 24 possible combinations mentioned above was raised, then the population wouldn’t need to be adapted. And if the 24 is kept, the population size of 500 will not have a negative impact, because fewer evolutions are needed finding a good solutions than with smaller population size.

Step 4: Create a Population

Recall that each potential solution is represented by a Chromosome. A population of Chromosomes is called a Genotype, and that is the class we need to construct to create our population. If you want, you can construct each Chromosome individually and then pass them all into a new Genotype (much like we constructed each Gene and passed them into the sample Chromosome in step 3), but JGAP provides a much quicker and easier way of creating a random population. In fact, it only takes one line of code (append all following code lines to the above code in method main):


            Genotype population = Genotype.randomInitialGenotype( conf );

The randomInitialGenotype() method takes in a Configuration object (which we setup in step 3) and returns a Genotype with the correct number of Chromosomes, each of which has its genes set to random values. In other words, it generates a random population. For most applications, this is all that’s necessary to create your initial population of potential solutions.

Step 5: Evolve the Population!

Now that we’ve gotten everything setup and ready to go, it’s time to start evolving the population until it contains some potential solutions that we’re satisfied with. Evolving the population one cycle is another one-liner:


            population.evolve();

Typically, after each evolution cycle, you’ll want to check if the population contains any satisfactory solutions. The easiest way to do this is to invoke the getFittestChromosome() method on the population:


            IChromosome bestSolutionSoFar = population.getFittestChromosome();

If the best solution so far is good enough for you, then you’re done. If not, then you can evolve the population again. Alternatively, you may just choose to evolve the population a set number of times and then see what the best solution is that was produced at the end (or a combination thereof). For our example problem, we’ll take this latter approach.


            IChromosome bestSolutionSoFar;


              for
            
            ( 
              int
             i = 0
            ; i < MAX_ALLOWED_EVOLUTIONS; i++ )
{
    population.evolve();
}

System.out.println( 
              "The best solution contained the following: "
             );

System.out.println(
    MinimizingMakeChangeFitnessFunction.getNumberOfCoinsAtGene(
        bestSolutionSoFar, 0 ) + 
              " quarters."
             );

System.out.println(
    MinimizingMakeChangeFitnessFunction.getNumberOfCoinsAtGene(
        bestSolutionSoFar, 1 ) + 
              " dimes."
             );

System.out.println(
    MinimizingMakeChangeFitnessFunction.getNumberOfCoinsAtGene(
        bestSolutionSoFar, 2 ) + 
              " nickels."
             );

System.out.println(
    MinimizingMakeChangeFitnessFunction.getNumberOfCoinsAtGene(
        bestSolutionSoFar, 3 ) + 
              " pennies."
             );

System.out.println( 
              "For a total of "
             +
    MinimizingMakeChangeFitnessFunction.amountOfChange(
        bestSolutionSoFar ) + 
              " cents in "
             +
    MinimizingMakeChangeFitnessFunction.getTotalNumberOfCoins(
        bestSolutionSoFar ) + 
              " coins."
             );

Now we’ve got ourselves a full-fledged genetic application! To view all of the code for this example, see the MinimizingMakeChange.java and MinimizingMakeChangeFitnessFunction.java files in the examples/src directory of the JGAP distribution.

Further resources

See the examples under package examples. They are located in subdirectory examples/src of the JGAP source distribution.
See the external blog entry from Jamie Craane or download a local copy of the article as PDF.

Random Posts

Windows XP的无线桥接

admin — Mon, 30 Mar 2009 09:40:21 +0000

目前大部分的笔记本都是有两块网卡，一块是普通网卡，一块是无线网卡。一般有网口的地方会用普通网卡，通过网线连接上网，以获得较好的性能，没有网口的地方，会用无线上网。通常情况下，即使在同一个局域网里面，如果手工配置IP地址，必须为这两个不同的链接配置不同的IP地址，因为windows不允许为两个不同的适配器配置相同的IP地址。在特殊情况下，例如，使用电驴并在路由器上做了端口映射，于是需要在两种情况下都使用相同的IP地址，又不想每次都重新手工配置，这个时候可以用Windows自带的桥接模式来解决这个问题。

在网络连接的文件夹中，选中”本地连接”和”无线网络连接”，击右键，选择”桥接”。这个时候将创建一个新的连接，叫”网络桥”（MAC Birdge Miniport)。这时候就可以手工为”网路桥”配置IP地址了。这样配置后，发现当接上网线时，上网是没有任何问题的，但是一旦拔开网线，改用无线上网，就上不去了，但是无线网卡显示的是连接上的状态。百思不得其解。Google了一下，发现了这两个连接：

Windows XP Home Networking: Building Network Bridges
Bridge May Not Work With a Non-Promiscuous Mode Network Adapter

其中，提到了一个东西：”Promiscuous Mode”。原来，网卡工作在普通状态时，只接收属于自己的MAC地址的以太网包。只有当工作在”Promiscuous Mode”时，才不加限制地接收所有的以太网包。大部分的普通网卡都可以工作在”Promiscuous Mode”，可能为了安全起见，大部分的无线网卡都不能工作在”Promiscuous Mode”下。当Windows创建桥接模式时，实际上在系统里面创建了一个虚拟的新的网卡，这个新的网卡有自己的MAC地址，桥里面的所有网卡都以这个新的MAC地址发送以太网包，回送的以太网包自然也是发给这个新的MAC地址，由于普通网卡支持”Promiscuous Mode”，所以可以接收到不属于自己的新的MAC地址以太网包，所以通讯正常，无线网卡会抛弃掉所有不属于自己MAC地址的包，所以在桥接模式下收不到任何发回来的以太网包，自然就不能正常工作了。Windows XP提供了一个解决办法，叫ForceCompatibilityMode（强制兼容模式），在命令行（cmd）下，打入netsh bridge show a，可以看到已经桥接的各个网卡的编号和是否启用强制兼容模式，如果无线网卡显示”已停用”或者”未知”，应记住无线网卡的编号，并在命令行下打入：netsh bridge set a X e，其中X是无线网卡的编号，以启用强制兼容模式。

这个兼容模式的原理是这样的，一旦某个网卡启用了这个模式，当从这个网口向外发送以太网包时，将改写以太网包，把源地址换成网卡自己的MAC地址，并记住这个转换，回复的以太网包的目标地址也是网卡的MAC地址，这样网卡就不会丢弃这个包，当这个收到这个回复包后，再根据原来的记忆，把目标地址换回原来的地址，和IP层的NAT的原理类似。

通过这样设置以后，当拔掉网线，启用无线网络连接后，依然可以上网，并且IP地址不变，整个过程自动完成。

你还想看

通过emule做DDOS是否可行？