89 lines
3.8 KiB
TeX
89 lines
3.8 KiB
TeX
%!TEX root = ../thesis.tex
|
|
% ********************** Thesis Appendix B - Layered Security *************************
|
|
|
|
\chapter{Layered Security Packet Diagrams}
|
|
\label{appendix:layered-security}
|
|
|
|
\begin{figure}
|
|
\begin{leftfullpage}
|
|
\centering
|
|
\begin{bytefield}[bitwidth=0.6em]{32}
|
|
\bitheader{0-31} \\
|
|
\wordbox[tlr]{1}{IPv4 Header} \\
|
|
\wordbox[blr]{1}{$\cdots$} \\
|
|
\begin{rightwordgroup}{UDP\\Header}
|
|
\bitbox{16}{Source port} & \bitbox{16}{Destination port} \\
|
|
\bitbox{16}{Length} & \bitbox{16}{Checksum}
|
|
\end{rightwordgroup} \\
|
|
\begin{rightwordgroup}{CC\\Header}
|
|
\bitbox{32}{Acknowledgement number} \\
|
|
\bitbox{32}{Negative acknowledgement number} \\
|
|
\bitbox{32}{Sequence number}
|
|
\end{rightwordgroup} \\
|
|
\begin{rightwordgroup}{Proxied\\Wireguard\\Packet}
|
|
\wordbox[tlr]{1}{IPv4 Header} \\
|
|
\wordbox[blr]{1}{$\cdots$} \\
|
|
\begin{leftwordgroup}{UDP Header}
|
|
\bitbox{16}{Source port} & \bitbox{16}{Destination port} \\
|
|
\bitbox{16}{Length} & \bitbox{16}{Checksum}
|
|
\end{leftwordgroup} \\
|
|
\begin{leftwordgroup}{Wireguard\\Header}
|
|
\bitbox{8}{type} & \bitbox{24}{reserved} \\
|
|
\wordbox{1}{receiver} \\
|
|
\wordbox{2}{counter}
|
|
\end{leftwordgroup} \\
|
|
\wordbox[tlr]{1}{Proxied IP packet} \\
|
|
\skippedwords\\
|
|
\wordbox[blr]{1}{}
|
|
\end{rightwordgroup} \\
|
|
\begin{rightwordgroup}{Security\\Footer}
|
|
\bitbox{32}{Data sequence number} \\
|
|
\wordbox[tlr]{1}{Message authentication code} \\
|
|
\wordbox[blr]{1}{$\cdots$}
|
|
\end{rightwordgroup}
|
|
\end{bytefield}
|
|
|
|
\caption{Packet structure for a configuration with a Wireguard client behind my multipath proxy.}
|
|
\label{fig:whole-network-vpn-behind}
|
|
\end{leftfullpage}
|
|
\end{figure}
|
|
|
|
\begin{figure}
|
|
\begin{fullpage}
|
|
\centering
|
|
\begin{bytefield}[bitwidth=0.6em]{32}
|
|
\bitheader{0-31} \\
|
|
\wordbox[tlr]{1}{IPv4 Header} \\
|
|
\wordbox[blr]{1}{$\cdots$}\\
|
|
\begin{rightwordgroup}{UDP\\Header}
|
|
\bitbox{16}{Source port} & \bitbox{16}{Destination port} \\
|
|
\bitbox{16}{Length} & \bitbox{16}{Checksum}
|
|
\end{rightwordgroup} \\
|
|
\begin{rightwordgroup}{Wireguard\\Header}
|
|
\bitbox{8}{type} & \bitbox{24}{reserved} \\
|
|
\wordbox{1}{receiver} \\
|
|
\wordbox{2}{counter}
|
|
\end{rightwordgroup} \\
|
|
\begin{rightwordgroup}{Tunnelled\\Proxy\\Packet}
|
|
\wordbox[tlr]{1}{IPv4 Header} \\
|
|
\wordbox[blr]{1}{$\cdots$}\\
|
|
\begin{leftwordgroup}{UDP Header}
|
|
\bitbox{16}{Source port} & \bitbox{16}{Destination port} \\
|
|
\bitbox{16}{Length} & \bitbox{16}{Checksum}
|
|
\end{leftwordgroup} \\
|
|
\begin{leftwordgroup}{CC\\Header}
|
|
\bitbox{32}{Acknowledgement number} \\
|
|
\bitbox{32}{Negative acknowledgement number} \\
|
|
\bitbox{32}{Sequence number}
|
|
\end{leftwordgroup} \\
|
|
\wordbox[tlr]{1}{Proxied IP packet} \\
|
|
\skippedwords\\
|
|
\wordbox[blr]{1}{}
|
|
\end{rightwordgroup}
|
|
\end{bytefield}
|
|
|
|
\caption{Packet structure for a configuration with a Wireguard client in front of my multipath proxy.}
|
|
\label{fig:whole-network-vpn-infront}
|
|
\end{fullpage}
|
|
\end{figure}
|