TCP handshake with SOCK_RAW socket

Question

Ok, I realize this situation is somewhat unusual, but I need to establish a TCP connection (the 3-way handshake) using only raw sockets (in C, in linux) -- i.e. I need to co

Answer 1

I can't help you out on any tutorials.

But I can give you some advice on the tools that you could use to assist in debugging.

First off, as bmdhacks has suggested, get yourself a copy of wireshark (or tcpdump - but wireshark is easier to use). Capture a good handshake. Make sure that you save this.

Capture one of your handshakes that fails. Wireshark has quite good packet parsing and error checking, so if there's a straightforward error it will probably tell you.

Next, get yourself a copy of tcpreplay. This should also include a tool called "tcprewrite". tcprewrite will allow you to split your previously saved capture files into two - one for each side of the handshake. You can then use tcpreplay to play back one side of the handshake so you have a consistent set of packets to play with.

Then you use wireshark (again) to check your responses.