arrowheart
8th June 2007, 11:38 PM
Hi guys,
I want to transmit raw IP packets using raw socket. I create the IP packet and create the socket manually using the following statements:
if ((sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0){
perror ("socket():");
exit(1);
}
/* Allows to include self-defined IP header along with the rest of the packet*/
if(setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,(char *)&on,sizeof(on)) < 0) {
perror("setsockopt():");
exit(1);
}
and send the packet whose payload is a UDP packets using sendto():
if((send = sendto(sockfd,buffer,session_len,0,(struct sockaddr*)&peer_addr,sizeof(peer_addr)))!= session_len){
perror("sendto():");
exit(1);
}
where buffer is the pointer to the packet, session_len is the size of the packet.
I use Wireshark to monitor IP packet transmitted between testing hosts.
However, I find the OS constructs the IP packet by itself and append the whole IP packet I construct as the payload. If I remove:
/* Allows to include self-defined IP header along with the rest of the packet*/
if(setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,(char *)&on,sizeof(on)) < 0) {
perror("setsockopt():");
exit(1);
}
OS takes the IP packet I construct as the transmitted one but still change some fields of the packet, such as Identification field. How can I prevent OS from changing the packet I construct?
Further, I also want to capture the IP packet on the peer host. I create the listening socket and try to capture the IP packet using:
if ((sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0){
perror ("socker():\n");
exit(1);
}
...
length = recvfrom(sockfd, buffer, BUF_SIZE, 0, NULL, NULL);
I still use Wireshark to monitor the outgoing and incoming packets.
If I disable the destination's firewall or set the destination port as an allowed port on destination, the sender will receive an ICMP message saying Type: 3 (Destination unreachable) and Code: 3 (Port unreachable) . If I set the destination port as an disallowed port on destination, the sender will receive an ICMP message saying Type: 3 (Destination unreachable) and Code: 10 (Host administratively prohibited).
According to http://www.whitefang.com/rin/rawfaq.htm, BSD socket API will forward the packet to the matching socket in following scenarios:
- UDP packet whose destination port is disallowed
- some particluarICMP except some particular types
- all other protocols that the kernel doesn't deal with (OSPF, etc.)
Is it also true for Fedora?
Thanks
I want to transmit raw IP packets using raw socket. I create the IP packet and create the socket manually using the following statements:
if ((sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0){
perror ("socket():");
exit(1);
}
/* Allows to include self-defined IP header along with the rest of the packet*/
if(setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,(char *)&on,sizeof(on)) < 0) {
perror("setsockopt():");
exit(1);
}
and send the packet whose payload is a UDP packets using sendto():
if((send = sendto(sockfd,buffer,session_len,0,(struct sockaddr*)&peer_addr,sizeof(peer_addr)))!= session_len){
perror("sendto():");
exit(1);
}
where buffer is the pointer to the packet, session_len is the size of the packet.
I use Wireshark to monitor IP packet transmitted between testing hosts.
However, I find the OS constructs the IP packet by itself and append the whole IP packet I construct as the payload. If I remove:
/* Allows to include self-defined IP header along with the rest of the packet*/
if(setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,(char *)&on,sizeof(on)) < 0) {
perror("setsockopt():");
exit(1);
}
OS takes the IP packet I construct as the transmitted one but still change some fields of the packet, such as Identification field. How can I prevent OS from changing the packet I construct?
Further, I also want to capture the IP packet on the peer host. I create the listening socket and try to capture the IP packet using:
if ((sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0){
perror ("socker():\n");
exit(1);
}
...
length = recvfrom(sockfd, buffer, BUF_SIZE, 0, NULL, NULL);
I still use Wireshark to monitor the outgoing and incoming packets.
If I disable the destination's firewall or set the destination port as an allowed port on destination, the sender will receive an ICMP message saying Type: 3 (Destination unreachable) and Code: 3 (Port unreachable) . If I set the destination port as an disallowed port on destination, the sender will receive an ICMP message saying Type: 3 (Destination unreachable) and Code: 10 (Host administratively prohibited).
According to http://www.whitefang.com/rin/rawfaq.htm, BSD socket API will forward the packet to the matching socket in following scenarios:
- UDP packet whose destination port is disallowed
- some particluarICMP except some particular types
- all other protocols that the kernel doesn't deal with (OSPF, etc.)
Is it also true for Fedora?
Thanks
