Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Introduction to Raw Sockets 2 IP address Port address MAC address TCP/IP Stack 67 Bootp DHCP 176 2 OSPF 89 53 protocol frame type UDP Port # TCP Port.

Published byMervin Wade Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Introduction to Raw Sockets 2 IP address Port address MAC address TCP/IP Stack 67 Bootp DHCP 176 2 OSPF 89 53 protocol frame type UDP Port # TCP Port."— Presentation transcript:

1

2 1 Introduction to Raw Sockets

3 2 IP address Port address MAC address TCP/IP Stack 67 Bootp DHCP 176 2 OSPF 89 53 protocol frame type UDP Port # TCP Port # 1 EGP 8 1612523 69 21

4 3 What can raw sockets do? r Bypass TCP/UDP layers r Read and write ICMP and IGMP packets m ping, traceroute, multicast daemon r Read and write IP datagrams with an IP protocol field not processed by the kernel m OSPF m user process versus kernel r Send and receive your own IP packets with your own IP header using the IP_HDRINCL socket option m can build and send TCP and UDP packets m testing, hacking m only superuser can create raw socket though r You need to do all protocol processing at user-level

5 4 User TCP ICMP UDP stack TCP stack 6 17 UDP 6 TCP 1 ICMP 2 IGMP 89 OSPF TCP port TCP port 17 UDP port RAW 2 1 89 User UDP ICMP (ping, etc) RAW IGMP echo timestamp

6 5 Creating a Raw Socket r Can we use bind() with raw sockets? m rare, no concept of port r Can we use connect() with raw sockets? m rare, only foreign ip address int sockfd; sockfd = socket(AF_INET, SOCK_RAW, protocol); const int on = 1; setsockopt (sockfd, IPPROTO_IP, IP_HDRINCL, &on, sizeof(on); IPPROTO_ICMP IPPROTO_IGMP

7 6 Raw Socket Output  Sending raw socket packets by sendto or sendmsg  If IP_HDRINCL option not set ( i.e. header is not included ), the starting address of the data in sendto() specifies the first byte following the IP header  If IP_HDRINCL option set, the starting address of data in sendto() specifies the first byte of the IP header. r IP Header fields modified on sending by IP_HDRINCL m IP Checksum Always filled in. m Source Address Filled in when zero. m Packet Id Filled in when zero. m Total Length Always filled in.  Example: see Steven’s code under ping/send_v4.c, ping/send_v6.c

8 7 Raw Socket Input r Received TCP/UDP packets are NEVER passed to raw sockets. If needed, link layer is the place.  Receiving raw packets by recvfrom() or recvmsg() m Most ICMP packets are passed to all matching ICMP raw sockets except a few exceptions ICMP echo request, timestamp request m All IGMP packets are passed to all matching raw sockets m All IP datagrams with a protocol field not processed by the kernel (e.g. OSPF) are passed to all matching raw sockets r The entire datagram, including the IP header, is passed to the raw socket. Fragments are assembled first.  Example: steven’s code in ping/readloop.c and ping/proc_v4.c

9 8 Scatter read and gather write Vectored IO  Send and receive from one or more buffers with a single function call #include readv(int fd, const struct iovec *iov, int iovcnt); writev(int fd, const struct iovec *iov, int iovcnt); struct iovec { void *iov_base; /* addr. Of buffer */ size_t iov_len; /* size of buffer */ }

10 9 sendmsg and recvmsg most general of all the IO functions recvmsg(int sock, struct msghdr *msg, int flags); sendmsg(int sock, struct msghdr *msg, int flags); struct msghdr { void *msg_name; /* address if socket is unconnected */ socklen_t msg_namelen; /* size of above */ struct iovec *msg_iov; int msg_iovlen; void *msg_control; /* ancillary data */ socklen_t msg_controllen; int msg_flags; /* returned status by recvmsg */ } MSG_TRUNC MSG_CTRUNC. MSG_EOR (end of record) MSG_OOB scatter gather read/write buffer MSG_PEEK MSG_WAITALL

11 10 ICMP Format subtype

12 11 Ping Program r Create a raw socket to send/receive ICMP echo request and echo reply packets r Install SIGALRM handler to process output m Sending echo request packets every t seconds m Build ICMP packets (type, code, checksum, id, seq, sending timestamp as optional data) r Enter an infinite loop processing input m Use recvmsg() to read from the network m Parse the message and retrieve the ICMP packet m Print ICMP packet information, e.g., peer IP address, round- trip time r Source code: Steven’s under ping/

13 12 Traceroute program r Create a UDP socket and bind source port m To send probe packets with increasing TTL m For each TTL value, use timer to send a probe every three seconds, and send 3 probes in total r Create a raw socket to receive ICMP packets m If timeout, printing “ *” m If ICMP “port unreachable”, then terminate m If ICMP “TTL expired”, then printing hostname of the router and round trip time to the router r Source code: Steven’s traceroute/

14 Limitations r Loss of Reliability r No ports r Non Standard Communications r No automatic ICMP r No Raw TCP or UDP r Must have root (or administrator) privilege

15 When to use r When you need to control the IP header m applications like Ping and Traceroute m not all fields can be set using the IP APIs m Network Address Translation Firewalls r When your application requires optimum network speed m one level above the Link Layer m if you need reliability, you must build it into your application

16 Windows and Raw Sockets r WinSock 2.0 allows windows programmers to build advanced applications m Firewalls Network Address Translation Packet Filtering SYN Flood protection m Security IPSec support VPN Clients m Network Administration Packet Sniffers/Analyzers Pathway Analyzers (ping and traceroute)

Download ppt "1 Introduction to Raw Sockets 2 IP address Port address MAC address TCP/IP Stack 67 Bootp DHCP 176 2 OSPF 89 53 protocol frame type UDP Port # TCP Port."

Similar presentations

Florida State UniversityCOP5570 - Advanced Unix Programming Raw Sockets Datalink Access Chapters 25, 26.

Florida State UniversityCOP Advanced Unix Programming Raw Sockets Datalink Access Chapters 25, 26.
Taekyung Kim 0x410 ~ 0x430 2014. 11. 20. 2 3 International Standards Organization (ISO) is a multinational body dedicated to worldwide agreement on international.

Taekyung Kim 0x410 ~ 0x International Standards Organization (ISO) is a multinational body dedicated to worldwide agreement on international.
Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.

Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.
TELE 402 Lecture 11: Advanced UDP… 1 by Dr Z. Huang Overview Last Lecture –Nonblocking I/O and ioctl operations –Source: Chapter 16 & 17 of Stevens’ book.

TELE 402 Lecture 11: Advanced UDP… 1 by Dr Z. Huang Overview Last Lecture –Nonblocking I/O and ioctl operations –Source: Chapter 16 & 17 of Stevens’ book.
CSE551: Computer Network Review r Network Layers r TCP/UDP r IP.

CSE551: Computer Network Review r Network Layers r TCP/UDP r IP.
Raw Sockets CS-480b Dick Steflik Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using.

Raw Sockets CS-480b Dick Steflik Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Elementary TCP Sockets Chapter 4 UNIX Network Programming Vol. 1, Second Ed. Stevens.

Elementary TCP Sockets Chapter 4 UNIX Network Programming Vol. 1, Second Ed. Stevens.
The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.

The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.
Socket Programming.

Socket Programming.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.

CSCE 515: Computer Network Programming Chin-Tser Huang University of South Carolina.
Additional API functions and data-structures A look at how some information from lower-layers of the TCP/IP protocol stack could be accessed.

Additional API functions and data-structures A look at how some information from lower-layers of the TCP/IP protocol stack could be accessed.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Internet Control Message Protocol (ICMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Internet Control Message Protocol (ICMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
1 Application Presentation Session Transport Network Datalink Physical OSI model 7 6 5 4 3 2 1 Application IPv4, IPv6 Device Driver Hardware TCPUDP Internet.

1 Application Presentation Session Transport Network Datalink Physical OSI model Application IPv4, IPv6 Device Driver Hardware TCPUDP Internet.
Internet Command Message Protocol (ICMP) CS-431 Dick Steflik.

Internet Command Message Protocol (ICMP) CS-431 Dick Steflik.
1 Internet Control Message Protocol (ICMP) RIZWAN REHMAN CCS, DU.

1 Internet Control Message Protocol (ICMP) RIZWAN REHMAN CCS, DU.
1 CMPT 471 Networking II ICMP © Janice Regan, 2012.

1 CMPT 471 Networking II ICMP © Janice Regan, 2012.
4: Network Layer4a-1 IP datagram format ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier Internet checksum time.

4: Network Layer4a-1 IP datagram format ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier Internet checksum time.
Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.

Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.

Similar presentations

Ads by Google