LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page capture tcp packets as non root
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-14-2006, 01:13 PM   #1
bobwall
Member
 
Registered: Jul 2004
Location: Milpitas, California
Distribution: 1/2 Debian 1/2 my own
Posts: 189

Rep: Reputation: 30
Question capture tcp packets as non root

Hi. I'm trying to build a port forwarding program that lets two computers that are behind NATs (mutually invisible to each other) communicate via a computer they both can connect to (bridge). To do this, I need to be able to capture TCP packets directly and send them. Is there a way to capture TCP packets (either without or with headers) without being superuser on UNIX like systems or Administrator on Windows?

I tried the following program, but the socket cannot be bound. I suppose that this is because there is no mechanism for receiving TCP packets in the network stack - only stream communication?


int main(int argc, char **argv)
{
int socket = socket(PF_INET, SOCK_DGRAM, IPPROTO_TCP);

sockaddr_in addrLocal;
addrLocal.sin_family = PF_INET;
addrLocal.sin_addr.s_addr = INADDR_ANY;
addrLocal.sin_port = htons(3389);
if (bind(socket, (sockaddr *)&addrLocal, sizeof(sockaddr)) < 0)
printf("error bind s1");

while (true)
{
sockaddr_in remote_addr;
byte buffer[2048];
int address_size = sizeof(sockaddr_in);
int size = recvfrom(socket, (char *)&buffer, 2048, 0, (sockaddr *)&remote_addr, (socklen_t *)&address_size);
printf("received %d\n", size);
}
return 0;
}

I tried various combinations from { PF_SOCKET, PF_INET } x {SOCK_DGRAM, SOCK_RAW } x { IPPROTO_TCP, IPPROTO_IP }, but haven't succeeded in getting the socket to bind. Any ideas about how to do what I want or alternatives? Thanks for any help.
Last edited by bobwall; 06-14-2006 at 01:14 PM.
 
Old 06-16-2006, 10:03 AM   #2
nukkel
Member
 
Registered: Mar 2003
Location: Belgium
Distribution: Hardened gentoo
Posts: 323

Rep: Reputation: 30
Hi, some thoughts...

* Using PF_INET + SOCK_DGRAM automatically gets you a UDP socket. So it doesn't make sense to use IPPROTO_TCP on it (usually it is wisest to just use zero (0) as the last argument of socket().)
* To make a TCP socket, just use "socket(PF_INET, SOCK_STREAM, 0)". But then, of course, you can no longer see the individual packets, they are then presented as a stream of bytes (just like a file). So you would have to transfer the data like this (first creating input and output sockets, etc. etc.):
Code:
byte buffer[2048];
for(;;)
  {
    int bytes_read = read(sock_in, buffer, 2048);
    if (!bytes_read) break;
    write(sock_out, buffer, bytes_read);
  }
* SOCK_RAW can give you access to all IP packets but requires root access.
* To get more information on the error when binding the socket, you can use:
Code:
if (bind(...) < 0)
  perror("error bind s1");
* A similar thing to what this program does, can also be done in linux with a IPTABLES redirection (but this also requires root access).

Hope this helps,
nukkel
Last edited by nukkel; 06-16-2006 at 10:06 AM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Using Tcpdump and Tethereal to capture packets shanu_technical Linux - Networking 3 06-14-2006 08:54 AM
Info on TCP Packets CICA Linux - Networking 15 10-13-2005 02:58 PM
encapsulating TCP packets in UDP packets... yoshi95 Programming 3 06-03-2004 02:53 PM
tcp packets wedgeworth Linux - Software 7 05-10-2004 04:40 PM
tcp/ip packets lackluster Programming 4 07-07-2002 05:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:17 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration