data_flow

瞧瞧在移动网络下Android程序的网络连接行为

网络逐渐像水电一样属于一项基本服务,特别是移动网络的普及与高速化,使得时间和空间对人们获取信息的限制进一步消除。在享受其带来的便利时,加深对其底层机制的了解不无益处,这样在遇到一些奇怪的情况时,至少你知道发生了什么,需要怎么解决。最近博主比较关心移动网络下应用的连网行为和数据传输过程与方式,前者与移动数据的使用量相关,后者与数据的有效传输和计费相关,二者加起来可以做到一些比较和谐的事情。哦吼吼,不能再多说了,哦吼吼,哦吼吼。

由于移动网络的特殊性,在其环境下,程序的连网行为与方式需要做出一些调整以与之适应。比如在早期,移动GPRS的cmwap接口必须通过10.0.0.172代理网关才能访问公网,而且限制多多,需要应用进行调整适配[1][2]。

废话到此为止,说说具体怎么操作吧。以下实验在Android和联通3G下进行。(敏感信息已用xxxx和谐)

1. 抓包:由于目前爪机上只有tcpdump可以正常使用,所以只能抓TCP包看看了。

Command:
tcpdump -p -vv -s 0 -c 1000 -w /sdcard/tcpdump.pcap

1.1 在3gnet接入点下,主要使用Chrome浏览网页同时抓TCP包

典型包:

>>>
GET /his?callback=jsonp1&net=3&hisdata=%5B%7B%22kw%22%3Axxxxx HTTP/1.1
Host: m.baidu.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; Nexus 5 Build/KTU84) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.102 Mobile Safari/537.36
Referer: http://www.baidu.com/from=844b/s?word=3gnet+%E7%BD%91%E5%85%B3&ts=9643014&t_kt=367&sa=ib&ms=1&ss=111
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4,zh-TW;q=0.2,ja;q=0.2
Cookie: MSA_WH=360_511; BDUSS=xxxxxxxxxxx; BAIDUID=xxxxxxxxxxxxxxxxx; BAIDUCUID=xxxxxxxxxxxxxxxxx; lsv=xxxxxxxxxxxx; sapp_ls=xxxxxxxxxxx

<<<
HTTP/1.1 200 OK
Date: Fri, 24 Oct 2014 22:59:33 GMT
Content-Type: baiduApp/json; v6.27.2.14; charset=gbk
Content-Length: 141
Connection: Keep-Alive
Cache-Control: private
Expires: Fri, 24 Oct 2014 23:59:33 GMT
Content-Encoding: gzip
Server: apache
traceid: xxxxxxxxxxxxxxxxxxxxxxxxx

1.2 在3gwap接入点下,保留APN中的10.0.0.172网关,主要使用Chrome浏览网页同时抓TCP包

典型包:

>>>
GET http://m.baidu.com/from=844b/bd_page_type=1/ssid=0xxxxxxxxxx HTTP/1.1
Host: m.baidu.com
Proxy-Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; Nexus 5 Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.114 Mobile Safari/537.36
Referer: http://www.baidu.com/from=844b/s?word=tcp&sa=ib&ts=3381417&ms=1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
Cookie: BAIDUID=xxxxxxxx; BAIDUCUID=xxxxxxx lsv=xxxxxxxxxxx; BAIDULOC=xxxxxx; PLUS=1

<<<
HTTP/1.1 200 OK
Date: Thu, 30 Oct 2014 07:16:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 48905
Connection: Close
Server: apache
Cache-Control: no-cache
traceid: xxxxxxxxxxxxxxxxxxxx

可见,在意识到代理存在的情况下,Chrome使用了绝对URL,即完整的包括http://xxxx的URL,而且使用了Proxy-Connection字段来替代Connection字段。

1.3 在3gwap接入点下,删除APN中的10.0.0.172网关,主要使用Chrome浏览网页同时抓TCP包

>>>
GET /su?p=3&ie=utf-8&from=wise_web&sugsid=3201&net=xxxxxxxx HTTP/1.1
Host: m.baidu.com
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Linux; Android 4.4.4; Nexus 5 Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.114 Mobile Safari/537.36
Referer: http://www.baidu.com/from=844b/s?word=%E7%AA%83%E5%90%AC%E5%8F%96%E5%BE%97%E7%9A%84%E8%AF%81%E6%8D%AE&sa=tb&ts=6301879&t_kt=42&ms=1&ss=100
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4
Cookie: BAIDUID=xxxxxxxx; PLUS=1; BAIDUCUID=xxxxxxx; BAIDULOC=xxxxxxxxx

<<<
HTTP/1.1 200 OK
Date: Wed, 29 Oct 2014 11:41:46 GMT
Content-Type: baiduApp/json; v6.27.2.14; charset=UTF-8
Content-Length: 53
Connection: Keep-Alive
Access-Control-Allow-Origin: *
Cache-Control: private
Expires: Wed, 29 Oct 2014 12:41:46 GMT
Server: apache
traceid: xxxxxxxxxxxxxxxxxx

可见,在不使用官方的代理网关的情况下依然可以访问公网,说明现在的3gwap接入点已和3gnet别无二致。但网关的计费机制依然可能不同,这就另当别论了。

2. traceroute

2.1 在WiFi下traceroute baidu.com

root@hammerhead:/ # ping -c 3 baidu.com
ping -c 3 baidu.com
PING baidu.com (220.181.111.85) 56(84) bytes of data.
64 bytes from 220.181.111.85: icmp_seq=1 ttl=52 time=54.7 ms
64 bytes from 220.181.111.85: icmp_seq=2 ttl=52 time=52.8 ms
64 bytes from 220.181.111.85: icmp_seq=3 ttl=52 time=52.8 ms

— baidu.com ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 52.818/53.475/54.761/0.928 ms

root@hammerhead:/ # traceroute 220.181.111.85
traceroute 220.181.111.85
traceroute to 220.181.111.85 (220.181.111.85), 30 hops max, 38 byte packets
1 192.168.233.1 (192.168.233.1) 12.229 ms 1.856 ms 1.700 ms
2 xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) 4.022 ms 2.808 ms 2.834 ms
3 122.194.150.193 (122.194.150.193) 4.594 ms 4.750 ms 4.699 ms
4 112.85.230.69 (112.85.230.69) 38.373 ms 39.560 ms 60.181 ms
5 219.158.96.149 (219.158.96.149) 36.520 ms 41.150 ms 37.416 ms
6 219.158.101.110 (219.158.101.110) 38.187 ms 40.405 ms 41.727 ms
7 * * *
8 202.97.57.105 (202.97.57.105) 51.352 ms 202.97.57.161 (202.97.57.161) 42.922 ms 202.97.57.65 (202.97.57.65) 420 ms
9 * * *
10 * * *
11 220.181.17.94 (220.181.17.94) 53.305 ms * 220.181.17.150 (220.181.17.150) 50.909 ms
12 220.181.37.13 (220.181.37.13) 43.449 ms 44.143 ms 44.118 ms
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * ^C

2.2 3gwap下traceroute baidu.com

root@hammerhead:/ # ping -c 3 baidu.com
ping -c 3 baidu.com
PING baidu.com (220.181.111.85) 56(84) bytes of data.
64 bytes from 220.181.111.85: icmp_seq=1 ttl=47 time=100 ms
64 bytes from 220.181.111.85: icmp_seq=2 ttl=47 time=85.4 ms
64 bytes from 220.181.111.85: icmp_seq=3 ttl=47 time=84.2 ms

— baidu.com ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 84.270/90.050/100.460/7.375 ms

root@hammerhead:/ # traceroute 220.181.111.85
traceroute 220.181.111.85
traceroute to 220.181.111.85 (220.181.111.85), 30 hops max, 38 byte packets
1 * * *
2 * * *
3 172.16.14.2 (172.16.14.2) 69.901 ms 58.405 ms 59.572 ms
4 * * *
5 172.16.102.2 (172.16.102.2) 67.357 ms 61.553 ms 59.619 ms
6 * * *
7 192.168.158.162 (192.168.158.162) 77.991 ms 62.142 ms 62.362 ms
8 112.80.4.217 (112.80.4.217) 62.361 ms 69.391 ms 59.677 ms
9 122.193.15.93 (122.193.15.93) 65.409 ms 62.860 ms 70.625 ms
10 219.158.96.153 (219.158.96.153) 90.027 ms 97.271 ms 85.378 ms
11 219.158.101.110 (219.158.101.110) 95.961 ms 89.984 ms 92.812 ms
12 * * *
13 202.97.57.101 (202.97.57.101) 89.649 ms 202.97.57.97 (202.97.57.97) 91.791 ms 202.97.57.117 (202.97.57.117) 85.
760 ms
14 * * *
15 * * *
16 220.181.17.94 (220.181.17.94) 88.621 ms 220.181.182.34 (220.181.182.34) 88.069 ms 220.181.182.38 (220.181.182.38
) 95.069 ms
17 * 220.181.37.13 (220.181.37.13) 86.741 ms 101.532 ms
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 *^C

以上局域网通信用红色标注。大致显示了3gwap下联通的内部网络结构。

Reference:

[1] GPRS、WAP、WAP网关、HTTP、cmwap、cmnet. URL: http://blog.csdn.net/yangmi0313/article/details/6127620

[2] 关于移动网关的私有代理协议:X-Online-Host. URL: http://www.cnblogs.com/xitang/archive/2011/11/07/2239454.html

Leave a Reply

Your email address will not be published. Required fields are marked *