LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 01-06-2005, 07:36 AM   #1
alanwolfen
LQ Newbie
 
Registered: Oct 2004
Distribution: Redhat Linux 9
Posts: 11

Rep: Reputation: 0
Question Raw Ethernet Sockets


With reference to using raw ethernet sockets here

Code:
s = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
struct sockaddr_ll socket_address;
socket_address.sll_family   = AF_PACKET;
socket_address.sll_protocol = htons(ETH_P_ALL);
bind(s, (struct sockaddr *) & socket_address, sizeof(socket_address));

recvfrom(s, buffer, ETH_FRAME_LEN, 0, NULL, NULL);
Host A has a process listening on the above stated raw ethernet socket.
Host B pings host A.

I receives the echo request in host A but the host A network stack seems to be able to see the echo request and reply the ping. The questions that revolves around this is:

1. Is the raw ethernet socket merely peeking at ethernet frames only, ie it makes a copy to pass up the ethernet raw socket and the payload continues up the network stack?
2. Or raw ethernet socket only totally grab datagram of unknown protocol, ie. TCP/UDP/ICMP/etc will still goes up the network stack
3. Or the network stack will always handle ICMP even when a raw ethernet socket is bounded.
 
Old 01-06-2005, 10:07 AM   #2
gr33ndata
Member
 
Registered: Aug 2003
Location: DMZ
Distribution: Ubuntu
Posts: 144

Rep: Reputation: 15
FIXME: I think it is just like a sniffer, it takes a copy of the packet while the original packet continuous its trip to the kernel. So the solution for this is to use kernel hooks, i.e. change the kernel code or add lodable kernel modules to take the packet and don't pass it to the kernel.
 
Old 01-06-2005, 06:51 PM   #3
alanwolfen
LQ Newbie
 
Registered: Oct 2004
Distribution: Redhat Linux 9
Posts: 11

Original Poster
Rep: Reputation: 0
Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Pblm in Raw Sockets fpfernando Linux - Software 1 10-08-2005 01:04 AM
Problem sniffing with raw sockets warned Programming 4 08-28-2004 01:10 PM
raw sockets and C wrongman Programming 3 05-04-2004 02:17 PM
can I use mmap with raw sockets? kanth Programming 2 02-28-2004 12:42 PM
raw sockets BashTin Programming 1 06-07-2003 06:34 AM


All times are GMT -5. The time now is 07:27 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration