1 / 9

Raw Sockets Datalink Access

Raw Sockets Datalink Access. Chapters 25, 26. What are Raw Sockets?. Allows you to bypass the TCP/UDP layers. Send/receive your own packets, with your own headers. You need to do all protocol processing at user-level. Typical Uses. ICMP messages

mauli
Download Presentation

Raw Sockets Datalink Access

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Raw SocketsDatalink Access Chapters 25, 26 COP5570 - Advanced Unix Programming

  2. What are Raw Sockets? • Allows you to bypass the TCP/UDP layers. • Send/receive your own packets, with your own headers. • You need to do all protocol processing at user-level. COP5570 - Advanced Unix Programming

  3. Typical Uses • ICMP messages • ping generates ICMP echo requests and received ICMP echo replies. • Routing protocols • gated implements OSPF routing protocol. • Uses IP packets with protocol ID 89 – not supported by kernel. • Writing your own protocols over IP COP5570 - Advanced Unix Programming

  4. Raw socket creation • Only root can open a raw socket. sockfd = socket(AF_INET, SOCK_RAW, proto) where proto is IPPROTO_RAW, IPPROTO_ICMP etc. COP5570 - Advanced Unix Programming

  5. Raw socket output • As usual – sendto(), sendmsg() etc. • IP_HDRINCL option • Specifies whether the process or the kernel builds the IP header. /* allow process to build IP header */ int on=1; setsockopt( sockfd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on)); COP5570 - Advanced Unix Programming

  6. Raw socket input • Normally using recvfrom() • Conditions for a packet to match raw socket • If protocol parameter was specified, only packets with that protocol value are delivered. • If bind() was called on raw socket, only packets destined to bound IP address are delivered. • If connect() was called, only packets from connected address are delivered. COP5570 - Advanced Unix Programming

  7. Which Protocol Types are Delivered? • TCP and UDP never reach raw sockets • Kernel IP stack handles these • Linux implementation is an exception. • All ICMP except • ICMP echo request • Timestamp request • Mask request • All IGMP • All other protocols that kernel doesn't understand • Such as OSPF COP5570 - Advanced Unix Programming

  8. Datalink Access • Provides powerful access to packets at network device level. • Raw sockets only provide IP-level access • Examples: • Tcpdump: Datalink acess + promiscuous mode settings • RARP implementation COP5570 - Advanced Unix Programming

  9. Methods for datalink access • SOCK_PACKET interface - Linux • fd=socket(AF_INET, SOCK_PACKET, htons(ETH_P_ALL) ); • No kernel buffering/filtering. • High overhead, inefficient. COP5570 - Advanced Unix Programming

More Related