raw-sockets

问题 I am trying to write a sample Raw socket program to clear my understanding of raw sockets. I create a Raw UDP socket and then call sendto. My sendto succeeds but I never see the packet received by the other side. I don't have any receive side running so I am relying on Wireshark running on both the sender and receiver. I am pasting the code snippet here. Please point out any errors. #include<stdio.h> #include<stdlib.h> #include<sys/types.h> #include<netinet/in.h> #include<string.h> #include

问题 How do I send data on a SOCK_PACKET socket without specifying which host it's bound for? I've constructed the IP header to show where it should go, but write() won't work. 回答1: Don't. use write(), use sendto(). If you use PF_PACKET,SOCK_DGRAM, then it builds the link-layer headers for you, which is normally what you want. You still need to build whatever higher protocol you are using on top though. You specify a sockaddr_ll in the destination parameter. You can specify a link-layer unicast

问题 I have created a raw socket which takes all IPv4 packets from data link layer (with data link layer header removed). And for reading the packets I use recvfrom . My doubt is: Suppose due to some scheduling done by OS, my process was asleep for 1 sec. When it woke up,it did recvfrom (with number of bytes to be received say 1000) on this raw socket (with the intention of receiving only one IPv4 packet and say the size of this packet is 380 bytes). And suppose many network applications were also

问题 I am trying to read a response from a website via code by listening to a raw socket, though so far I've only been able to read the outgoing requests sent by my computer rather than the incoming responses that I'm actually interested in. How might I go about reading the incoming responses? EDIT: Using Wireshark I've come to find that the data I'm looking for is being sent via TCP, I believe. Socket listener = new Socket(AddressFamily.InterNetwork, SocketType.Raw, ProtocolType.Unspecified);

问题 I was getting a bit confused on using of raw sockets and libcap. Can, anyone in simple point out advantages of using both. I read few links, but, its making me confused. 回答1: "libpcap" and "raw sockets" are different topics. Libpcap is a packet capture library for linux which is used to capture the traffic/packets that pass through a network interface like eth0. On windows the Winpcap library does the same thing. Raw sockets are a feature of the socket api provided by the OS that can be used

问题 I am trying to build an Ethernet network with raw sockets. I cannot use TCP/IP, UDP, or any other protocol. This is because it will be communicating with very simple hardware that won't have the resources to handle all the different protocol layers. My network will consist of 1 host computer communicating with several pieces of hardware through an Ethernet switch. At this point I basically just want to send simple packets to each piece of hardware and to establish a simple server I can expand

问题 I am studying raw sockets. I used the IP_HDRINCL option to build my own IP headers. After the IP header, I am building a UDP header. Then I am sending the packet to my system's loopback address. I have another program running which will catch the UDP packets as they come. To check whether the packets are being correctly formed and received, I have another process running which is reading raw IP datagrams. My problem is that although the second process(reading raw datagrams) is working well

问题 I'm trying to get accurate timestamps for outgoing packets (sent using raw sockets). According to Linux/Documentation/networking/timestamping.txt, "For send time stamps the outgoing packet is looped back to the socket's error queue with the send time stamp(s) attached. It can be received with recvmsg(flags=MSG_ERRQUEUE).". Unfortunately, recvmsg is always returning -1 when called on a raw socket (created with socket(PF_INET, SOCK_RAW, IPPROTO_RAW) and with SO_TIMESTAMP set to 1 with

问题 Please any one could help on this issue. Please In the below sample code,we had bind raw sock with eth0. but while running the program the recvfrom of raw sock is receiving packets from eth0 & eth1 on same machine(xx_86). It is not clear to me why,could help one on this issue. I hope the setsockopt is not working properly OS: Fedora core 6(2.6.18-1.2798.fc6) Sampe code: #include <stdio.h> #include <stdlib.h> #include <errno.h> #include <unistd.h> #include <sys/socket.h> #include <netinet/in.h

问题 I'm writing a program that reads all packets passing through the computer running it. I wish to grab a packet (either by dst ip or src ip), then change the dstIP and TCP dstPort and put it back on the wire. I have no problems with changing the dstIP, but how do I serialize it properly so the packet isn't malformed and gets to the destination in which I want it to go? package main import ( "code.google.com/p/gopacket" "code.google.com/p/gopacket/layers" "code.google.com/p/gopacket/pcap" "fmt"