Upload
antonio-holmes
View
213
Download
0
Embed Size (px)
Citation preview
COP5570 - Advanced Unix Programming Florida State University
Raw SocketsDatalink Access
Chapters 25, 26
COP5570 - Advanced Unix Programming Florida State University
What are Raw Sockets?
• Allows you to bypass the TCP/UDP layers.
• Send/receive your own packets, with your own headers.
• You need to do all protocol processing at user-level.
COP5570 - Advanced Unix Programming Florida State University
Typical Uses• ICMP messages
– ping generates ICMP echo requests and received ICMP echo replies.
• Routing protocols– gated implements OSPF routing protocol.– Uses IP packets with protocol ID 89 – not
supported by kernel.
• Writing your own protocols over IP
COP5570 - Advanced Unix Programming Florida State University
Raw socket creation
• Only root can open a raw socket.
sockfd = socket(AF_INET, SOCK_RAW, proto)
where proto is IPPROTO_RAW, IPPROTO_ICMP etc.
COP5570 - Advanced Unix Programming Florida State University
Raw socket output
• As usual – sendto(), sendmsg() etc.
• IP_HDRINCL option – Specifies whether the process or the kernel builds the
IP header.
/* allow process to build IP header */
int on=1;
setsockopt( sockfd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on));
COP5570 - Advanced Unix Programming Florida State University
Raw socket input• Normally using recvfrom()
• Conditions for a packet to match raw socket
– If protocol parameter was specified, only packets with that protocol value are delivered.
– If bind() was called on raw socket, only packets destined to bound IP address are delivered.
– If connect() was called, only packets from connected address are delivered.
COP5570 - Advanced Unix Programming Florida State University
Which Protocol Types are Delivered?
• TCP and UDP never reach raw sockets– Kernel IP stack handles these– Linux implementation is an exception.
• All ICMP except– ICMP echo request– Timestamp request– Mask request
• All IGMP
• All other protocols that kernel doesn't understand– Such as OSPF
COP5570 - Advanced Unix Programming Florida State University
Datalink Access
• Provides powerful access to packets at network device level.– Raw sockets only provide IP-level access
• Examples:– Tcpdump: Datalink acess + promiscuous mode
settings– RARP implementation
COP5570 - Advanced Unix Programming Florida State University
Methods for datalink access
• SOCK_PACKET interface - Linux– fd=socket(AF_INET, SOCK_PACKET,
htons(ETH_P_ALL) );– No kernel buffering/filtering.– High overhead, inefficient.