Raw socket and bind question, how to implement correctly.
Can someone please help me through the socket jungle?
I am writing a rogue DHCP server detector. I need to read UDP packets coming in on the DHCP server port (68), but I also wish to obtain the MAC address of the incoming packet.
As I understand it, since I want to get the MAC address, I need to use a raw socket instead of a udp socket (I would like to get the MAC address from the incoming packet directly, and not via a subsequent action).
But I am having difficulties in how to set up the calls to socket and bind. That is, what options, etc. Right now, I cannot seem to get bind to work. After I get bind working, the next question will be how to receive the package, I assume I can use recvfrom here.
I have basically been trying everying so far, so it is hard for me to show here what I have tried. My latest attempt uses this:
sockfd = socket(PF_PACKET, SOCK_PACKET,htons(ETH_P_IP);
but I cannot find out how to call bind successfully to bind this to the IP address of the interface on the local machine that I wish to restrict this socket to. Using the above, I am getting a huge amount of data.
Can someone point me in the right direction?
1) Do I need to use a raw socket to do what I wish to do?
2) Is my call to socket correct here? Or should I be using some other values for the three arguments in order to capture DHCP server sent packets AND be able to read the sender's hardware address?
3) How then can I call bind to limit this socket to an interface IP address (or if that is not possible, to the interface hardware address)?
Thanks for any help!
|