tcp options for inserting data to ip packets

kikilinux · 05-07-2014, 10:08 AM

Hi
I need to insert some data to IP packet.
We have TCP option field in TCP header which some option kind is reserved.
Can i use option kind of 31 (it is reserved) for my purpose?

this is a link to TCP parameters
http://www.iana.org/assignments/tcp-...parameters.xml

If i want to insert 32 bytes data to option field what problem does appear ?

for example
TCP option kind : 31
TCP option Length : 32 bytes

I know that maximum TCP header size is 60 bytes, it means 40 bytes option is allowed which i want to employ 32 bytes of this 40 bytes for my purpose.

Is it possible to do this ?

sundialsvcs · 05-07-2014, 11:37 AM

I know that I probably wouldn't attempt to monk-around with stuff at this low level. I detect an "XY Problem" here. What are you trying to accomplish?

kikilinux · 05-07-2014, 03:03 PM

Dear sundialsvcs
It is simple, i have a linux box.
The problem is how can I write into tcp option my custom data or how can write into IP option field my custom data ?

Nothing more

NevemTeve · 05-08-2014, 07:39 AM

Okay, but why would you do that?

kikilinux · 05-08-2014, 07:55 AM

Ok
My linux box acts as a router and I need to insert some data into Option field of the IP packet.
And for this purposes I need to perform it in kernel for performance considerations.
Assume i want to insert origin source IP address of the packets in option field.

is it needed to describe more ?
best

NevemTeve · 05-08-2014, 09:14 AM

Not really, because the source IP is already part of the IP header, and a router isn't supposed to change it.

kikilinux · 05-08-2014, 09:41 AM

Dear NevemTeve
Think the IP address is spoofed and i want to insert closest router IP address into the option field.
I know the routers just have to forward packets but i want to insert the IP address of the closest router to the source of packets into the option field for experimental purposes.
can I do that ?

kikilinux · 05-08-2014, 09:45 AM

Think i am testing a project in my labratory and i connect 5 PC together.
3 of them are linux router.

NevemTeve · 05-08-2014, 09:56 AM

This might have something to do with 'iptables -t mangle'...

kikilinux · 05-08-2014, 10:24 AM

No it can't
We can change the TTL and QoS by iptables (i think).
It can't help for my purpose.
just can u tell me what IP option number 10 do ?
the link :

http://www.iana.org/assignments/ip-p...rameters.xhtml

the line bellow :

0 0 10 10 ZSU - Experimental Measurement [ZSu]

NevemTeve · 05-08-2014, 11:23 AM

I've never said there is a complete solution to this problem, only that it has something to do with mangling; most likely you have to hack the kernel and/or (most likely and) create new iptables module(s).

sundialsvcs · 05-08-2014, 12:43 PM

Here's a URL to a (legitimate) web-page which basically describes the sort of thing that you are doing:

http://blogs.citrix.com/2012/08/31/u...-ip-insertion/

Incidentally, routers very often strip unrecognized information from headers. Use of an IP option-number (31) which is not in the published spec would almost certainly cause that element to be removed.

kikilinux · 05-08-2014, 01:25 PM

Dear NevemTeve
Thanks to answer.
I've studied the solution you mentioned.

Dear sundialsvcs
At the first post i have mentioned TCP option-number (31) which is exist and it is reserved.
Then i mentioned to IP header option-number (10) which is for experimental measurement.