Interpreting TCP Header data

Write a program that takes as input a TCP header representated as a string of hex-valued bytes seperated by spaces, and output the TCP header information that the input represents. You do not need to output the optional data portion of the header.

Sample Execution 1

User input is shown in bold below:

Enter TCP data hex bytes: d2 24 00 50 de 32 1f 25 99 74 b4 0f 80 18 00 e5 70 4d 00 00 01 01 08 0a 57 3a 69 f2 4c 01 9b 73
Source Port : 53796
Dest Port   : 80
Seq. Number : 3727826725
Ack. Number : 2574562319
Header Len. : 32
   NS : 0
   CWR: 0
   ECE: 0
   URG: 0
   ACK: 1
   PSH: 1
   RST: 0
   SYN: 0
   FIN: 0
RCV Window  : 229
Checksum    : 28749
Urgent Ptr  : 0

Sample Execution 2

User input is shown in bold below:

Enter TCP data hex bytes: 95 90 30 39 1f ed df 8c 00 00 00 00 a0 02 aa aa fe 30 00 00 02 04 ff d7 04 02 08 0a 50 a6 9c 45 00 00 00 00 01 03 03 07
Source Port : 38288
Dest Port   : 12345
Seq. Number : 535682956
Ack. Number : 0
Header Len. : 40
   NS : 0
   CWR: 0
   ECE: 0
   URG: 0
   ACK: 0
   PSH: 0
   RST: 0
   SYN: 1
   FIN: 0
RCV Window  : 43690
Checksum    : 65072
Urgent Ptr  : 0

TCP Header Format

You can find the header information in your book, but for a more detailed explanation, see https://www.lifewire.com/tcp-headers-and-udp-headers-explained-817970. Wikipedia also has a detailed information: https://en.wikipedia.org/wiki/Transmission_Control_Protocol.

Using Wireshark for Data and Verification

You can use Wireshark to grab other TCP headers to test. Example 1 comes from the fourth packet in the Wireshark file, httpGet.pcapng, which you can download and open.

Wireshark will show you the values of each field. Some, such as Sequence Number, Acknowledgement Number and Header length are interpreted for you. Wireshark will show you these interpreted values rather than what is actually stored in the byte array.

You can copy the hex values of the TCP packet from Wireshark.

Select the packet from which you want the data.
Right click on the "Transmission Control Protocol" line in the middle pane of the window.
Select Copy->...as Hex Dump

Paste into a text editor. It will look like:

0000   d2 24 00 50 de 32 1f 25 99 74 b4 0f 80 18 00 e5
0010   70 4d 00 00 01 01 08 0a 57 3a 69 f2 4c 01 9b 73

Remove the first group of 4 digits on each line (indices for the first byte on the line) and merge the lines together as one line.
```
d2 24 00 50 de 32 1f 25 99 74 b4 0f 80 18 00 e5 70 4d 00 00 01 01 08 0a 57 3a 69 f2 4c 01 9b 73
```

Suggestions

First convert the String of hex values into an array of bytes.
Use String's split method to return an array of Strings representing the byte values.
Integer.parseInt has an optional second parameter indicating the base of the value to be parsed, use base 16 for hexadecimal.
Remember to promote values if you want to treat them as unsigned values e.g. the hex value FF is -1 as a byte, but 255 as a short.
Create helper methods. For example you could write int getUnsignedShortValue(byte[] bytes, int i) that reads the two bytes starting at index i in the byte array bytes as an int value.

Clif Presser<cpresser@gettysburg.edu>