LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-16-2010, 10:02 PM   #1
knonaka
LQ Newbie
 
Registered: Apr 2010
Posts: 4

Rep: Reputation: 0
Need help with intercepting and forwarding UDP packets


Hi everybody,

I have a legacy application that communicates status to a remote server over UDP. The server app replies back to the client with UDP as well, using the IP address it obtains from the sockaddr parameter of the recvfrom() method.

Code:
[----------------]                       [----------------]  
[ client <->(udp)]<----- Ethernet -----> [(udp)<-> server ]
[----------------]                       [----------------]
I'm trying to replace the underlying use of ethernet, with a RS232 based radio/modem device - WITHOUT making any src changes to the legacy apps. Ie. apps would still create and transmit UDP packets addressed to a remote IP address and listening port, and the receiver wouldn't know any difference.

I'm relatively new to this level of network programming, but my first attempt has been to write an app that sniffs out outbound raw UDP packets (using pcap), transmit that data over the radio, and re-injects the UDP unchanged on the remote end.

Code:
[----------------]                       [----------------]  
[ client <->(udp)]                       [(udp)<-> server ]
[             |  ]                       [  ^             ]
[             v  ]                       [  |             ]        
[       /capture/]<---- Radio XMIT ----> [/reinject/      ]
[----------------]                       [----------------]
My 'capture' app intercepts the UDP packets just fine when the machine is 'plugged' in, but as soon as I disconnect my network cable to test wireless, outbound packets addressed to a remote IP (ie. the server) are no longer captured (tho local UDP packets are picked up ok).

Wireshark also does not report the original outbound packet, but it does show an ICMP packet reporting 'Host Unreachable'. I understand the host isn't reachable, but I'm confused as to why the packet isn't at least making it to the interface/network card.

Is there anyway to get the force the kernel to 'transmit' the UDP packet anyway so that my capture app can intercept it? or is there a better/easier solution (again, w/o making source changes to the client/server)?

thanks in advance!!!

Last edited by knonaka; 04-16-2010 at 10:26 PM.
 
Old 04-18-2010, 04:11 AM   #2
TimothyEBaldwin
Member
 
Registered: Mar 2009
Posts: 249

Rep: Reputation: 27
You should be using the tun interface, not pcap. However if the radio link is transparent to RS232 you could PPP or SLIP without having to do any programming.

As for why the packet doesn't reach the network interface, that would be pointless and the Ethernet address is unknown as the remote system isn't responding to ARP.
 
Old 04-18-2010, 09:24 AM   #3
knonaka
LQ Newbie
 
Registered: Apr 2010
Posts: 4

Original Poster
Rep: Reputation: 0
Hi Timothy! thank you so much for responding!

Quote:
Originally Posted by TimothyEBaldwin View Post
You should be using the tun interface, not pcap. However if the radio link is transparent to RS232 you could PPP or SLIP without having to do any programming.
the radio that i'm using does have a transparent serial mode, but i'm using it in MESH mode which requires framed data.

BUT... i just did some quick research on tun/tap interfaces and it does sound like a great fit for what i'm trying to do!

Q1 : does a TUN interface only work point-to-point (ie. pure tunnel)... and does that mean i'll need to use a TAP interface to get point-2-multipoint with IP addressing capability?

Q2 : if i need to use TAP, do i have to create my own ARP packets to provide the ethernet header info to the sender or does all that work like 'magic' once all the virtual interfaces are setup?

Q3 : if i can get by with TUN, do i need to wrap the IP packet with a bogus ethernet header before writing it to the virtual TUN interface on the receiver side? or will with kernel just bypass the ethernet layer if the ethernet headers aren't present and deliver the UDP packet normally?

THANKS again for your help! very much appreciated!!!

Last edited by knonaka; 04-18-2010 at 10:11 AM.
 
Old 04-22-2010, 09:38 AM   #4
TimothyEBaldwin
Member
 
Registered: Mar 2009
Posts: 249

Rep: Reputation: 27
A1: If you use TUN for multipoint you must handle the IP address, which can be complicate, especially if there are multiple routers connected to the radio network.

A2: If you use TAP and don't transport ARP, which requires broadcast, you must create ARP packets (or otherwise add entries to the ARP table), but unlike TUN you get the next-hop IP address so that you need not worry about implementing a route table lookup.

A3: For TUN you must not add an Ethernet header.

TAP is probably simpler.
 
Old 04-26-2010, 03:06 PM   #5
knonaka
LQ Newbie
 
Registered: Apr 2010
Posts: 4

Original Poster
Rep: Reputation: 0
thanks Timothy. I've got the capture (and rf transport) part working good now, however, my reinjected packets are NOT being received on the destination machine by the UDP server. I am using a tap interface so that I can pass both ARP and UDP (and eventually everything else) over the modem. Am i correct in thinking that if i simply 'write()' the original ethernet frame data to the tap interface on the server machine, that the kernel should deliver it to a server listening on the correct port?

here's a thread that i created in the Programming forum that has the details of where i'm stuck now : http://www.linuxquestions.org/questi...errerid=522411

thanks for any insight you can offer, i'm really struggling with why this isn't working.

keith
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Intercepting packets, buffering, and resending geek1234 Linux - Networking 2 12-26-2007 11:09 PM
intercepting packets, buffering and resending them geek1234 Programming 1 12-26-2007 01:44 PM
Suse 10.1 Gateway intercepting udp port 500 louiscastoria Linux - Networking 0 11-17-2006 08:50 AM
Forwarding UDP Packets tzahi Linux - Networking 1 03-12-2006 02:02 PM
UDP: Short Packets: and UDP bad checksum: entries in dmesg minutes2memories Linux - Networking 2 02-26-2006 07:28 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration