-1

Why UDP packet it's having additional data in header?

enter image description here

I know that Java is setting UDP headers automatically, I can't modify it, but it should be 8 bytes long, not 40 ! 0x69 0x82 0xDB 0xAE 0x00 0x2D 0xFE 0x40 normally it should be the header. What is with those 32 bytes of extra data?

The packet was captured with wireshark on loopback (on my localhost). This would be the problem?

This is how I'm sending the packet:

byte[] responseHeader = { (byte)0xFF, (byte)0xFF, (byte)0xFF, (byte)0xFF, (byte)0xFF, 0x66, (byte)0x0A };

LinkedList<byte[]> server_array = new LinkedList<byte[]>();
int server_array_length = 0;

byte[] temp_ip = getByteIp("89.40.233.17:27015"); // 0x59 0x28 0xE9 0x11 0x69 0x87
server_array.add(temp_ip);
server_array_length += temp_ip.length;

temp_ip = getByteIp("89.40.233.38:27015"); // 0x59 0x28 0xE9 0x26 0x69 0x87
server_array.add(temp_ip);
server_array_length += temp_ip.length;

temp_ip = getByteIp("89.40.233.5:27015"); // 0x59 0x28 0xE9 0x05 0x69 0x87
server_array.add(temp_ip);
server_array_length += temp_ip.length;

temp_ip = getByteIp("89.40.233.10:27015"); // 0x59 0x28 0xE9 0x0A 0x69 0x87
server_array.add(temp_ip);
server_array_length += temp_ip.length;

byte[] array_servers = new byte[server_array_length];

int lastIndex = 0;
for(byte[] b : server_array){
System.arraycopy(b, 0, array_servers, lastIndex, b.length);
   lastIndex += b.length;
}

byte[] response = new byte[responseHeader.length + array_servers.length + 6];
System.arraycopy(responseHeader, 0, response, 0, responseHeader.length);
System.arraycopy(array_servers, 0, response, responseHeader.length, array_servers.length);

byte[] footer = new byte[6];
footer = getByteIp("0.0.0.0:0"); // 0x00 0x00 0x00 0x00 0x00 0x00
System.arraycopy(footer, 0, response, response.length - 6, footer.length);

socket.send(response);

System.out.println("SENT: " + response.length + " bytes of data"); // SENT: 37 bytes of data

private byte[] getByteIp(String fullData){
    String[] data = fullData.split(":");
    byte[] returnArray = new byte[6];

    byte[] ip = new byte[4];
    try {
        ip = InetAddress.getByName(data[0]).getAddress();
    } catch (UnknownHostException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
    byte[] port = new byte[2];
    port = ByteBuffer.allocate(2).putShort((short)Integer.parseInt(data[1])).array();

    System.arraycopy(ip, 0, returnArray, 0, ip.length);
    System.arraycopy(port, 0, returnArray, ip.length, port.length);

    return returnArray;
}
Zbarcea Christian
  • 9,367
  • 22
  • 84
  • 137

1 Answers1

0

If you look at the header data, it says that the length is 0x2d, i.e. 45 bytes (including header). Then count the data bytes following the header, there are 37 bytes. 37 + 8 is 45. Ergo a complete UDP package.

Or you mean the bytes before the UDP header? That's the ethernet and IP headers.

Some programmer dude
  • 400,186
  • 35
  • 402
  • 621
  • Yes, I marked it with the red line. Is it normal to be there? – Zbarcea Christian Apr 30 '13 at 12:30
  • @ZbarceaChristian Well, if you're using IP over Ethernet, then yes of course. – Some programmer dude Apr 30 '13 at 12:33
  • I don't get it... I'm trying to replicate a UDP response. At the moment I'm watching the original response (made by the game -written in C-) and mine (generated with my Java app) packets captured with wireshark. The original response it's containing only the 8 byte header and mine containing the IP and Ethernet headers (extra data). Why? – Zbarcea Christian Apr 30 '13 at 12:50