Raw Sockets Datalink Access

Document Sample
Raw Sockets Datalink Access Powered By Docstoc
					                           Raw Sockets
                          Datalink Access
                                Chapters 25, 26




COP5570 - Advanced Unix Programming               Florida State University
               What are Raw Sockets?

        • Allows you to bypass the TCP/UDP layers.

        • Send/receive your own packets, with your own
          headers.

        • You need to do all protocol processing at user-
          level.




COP5570 - Advanced Unix Programming              Florida State University
                               Typical Uses
       • ICMP messages
            – ping generates ICMP echo requests and received ICMP
              echo replies.


       • Routing protocols
            – gated implements OSPF routing protocol.
            – Uses IP packets with protocol ID 89 – not supported
              by kernel.


       • Writing your own protocols over IP




COP5570 - Advanced Unix Programming                      Florida State University
                    Raw socket creation
    • Only root can open a raw socket.

               sockfd = socket(AF_INET, SOCK_RAW, proto)


    where proto is IPPROTO_RAW, IPPROTO_ICMP etc.




COP5570 - Advanced Unix Programming                Florida State University
                       Raw socket output
 • As usual – sendto(), sendmsg() etc.

 • IP_HDRINCL option
      – Specifies whether the process or the kernel builds the IP
        header.

      /* allow process to build IP header */
      int on=1;
      setsockopt( sockfd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on));




COP5570 - Advanced Unix Programming                     Florida State University
                         Raw socket input
        • Normally using recvfrom()

        • Conditions for a packet to match raw socket

            – If protocol parameter was specified, only packets
              with that protocol value are delivered.

            – If bind() was called on raw socket, only packets
              destined to bound IP address are delivered.

            – If connect() was called, only packets from
              connected address are delivered.




COP5570 - Advanced Unix Programming                     Florida State University
               Which Protocol Types are
                     Delivered?
       • TCP and UDP never reach raw sockets
            – Kernel IP stack handles these
            – Linux implementation is an exception.


       • All ICMP except
            – ICMP echo request
            – Timestamp request
            – Mask request


       • All IGMP

       • All other protocols that kernel doesn't understand
            – Such as OSPF


COP5570 - Advanced Unix Programming                     Florida State University
                          Datalink Access
  • Provides powerful access to packets at
    network device level.
       – Raw sockets only provide IP-level access


  • Examples:
       – Tcpdump: Datalink acess + promiscuous mode settings
       – RARP implementation



COP5570 - Advanced Unix Programming            Florida State University
         Methods for datalink access
• SOCK_PACKET interface - Linux
     – fd=socket(AF_INET, SOCK_PACKET,
       htons(ETH_P_ALL) );
     – No kernel buffering/filtering.
     – High overhead, inefficient.




COP5570 - Advanced Unix Programming      Florida State University

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:60
posted:12/13/2011
language:English
pages:9