introduction to rawsockets
play

Introduction to rawsockets Mathias Habltzel 29 May 2013 Mathias - PowerPoint PPT Presentation

Aug 16, 2023 •15 likes •285 views

Introduction to rawsockets Mathias Habltzel 29 May 2013 Mathias Habltzel Rawsockets 29 May 2013 1 / 34 What is rawsocket Raw sockets allow new IPv4 protocols to be implemented in user space. A raw socket receives or sends the raw

  1. Introduction to rawsockets Mathias Hablützel 29 May 2013 Mathias Hablützel Rawsockets 29 May 2013 1 / 34

  2. What is rawsocket Raw sockets allow new IPv4 protocols to be implemented in user space. A raw socket receives or sends the raw datagram not including link level headers. — raw(7) � If we want something other than UDP/TCP, like ICMPv4/6 or IGMPv4. Packet sockets are used to receive or send raw packets at the device driver (OSI Layer 2) level. They allow the user to implement protocol modules in user space on top of the physical layer. — packet(7) � If we want full controll about everything higher than the phy-layer. Mathias Hablützel Rawsockets 29 May 2013 2 / 34

  3. Not covering other operating systems or even POSIX/BSD/whatever Linux only! >2.6.* Disclaimer Not all base covered! Much is left out! Mathias Hablützel Rawsockets 29 May 2013 3 / 34

  4. When to use rawsockets ◮ IP datagrams unknown to the kernel ◮ icmpv4/6, igmpv4 ◮ full controll from layer 2 upward Mathias Hablützel Rawsockets 29 May 2013 4 / 34

  5. Let’s get started 1. create socket 2. set socket options (if needed) 3. bind name to socket, gives source "IP" basically wireing the socket to the interface 4. connect to remote IP; though rarely used but allows to use write/send instead of sendto Mathias Hablützel Rawsockets 29 May 2013 6 / 34

  6. Let’s get started rawsocket on layer 2 i n t sock_eth = 0 ; sock_eth = s o c k e t (AF_PACKET, SOCK_RAW, htons (ETH_P_ALL ) ) ; rawsocket for IPv4 protocols i n t sock_ip = 0 ; sock_ip = s o c k e t (AF_INET , SOCK_RAW, <p r o t o c o l − id >); <protocol-id> as defined in RFC 1700 under ’PROTOCOL NUMBERS’ Mathias Hablützel Rawsockets 29 May 2013 8 / 34

  7. Let’s get started — Explained socket(2) #include <sys/socket.h> sockfd = socket(int socket_family, int socket_type, int protocol); As defined in <sys/sockets.h> : Name Purpose Man page AF_UNIX, AF_LOCAL Local communication unix(7) AF_INET IPv4 & Internet protocols ip(7) AF_INET6 IPv6 Internet protocols ipv6(7) AF_IPX IPX - Novell protocols AF_NETLINK Kernel user interface device netlink(7) AF_X25 ITU-T X.25 / ISO-8208 protocol x25(7) AF_AX25 Amateur radio AX.25 protocol AF_ATMPVC Access to raw ATM PVCs AF_APPLETALK Appletalk ddp(7) AF_PACKET Low level packet interface packet(7) Mathias Hablützel Rawsockets 29 May 2013 9 / 34

  8. Let’s get started — Explained (AF_INET) ip(7) #include <sys/socket.h> sockfd = socket(AF_INET, int socket_type, int protocol); As defined in <bits/sockets.h > : Name Protocol Purpose SOCK_STREAM TCP Sequenced, reliable, connection-based SOCK_DGRAM UDP Connectionless, unreliable datagrams SOCK_RAW Raw Raw protocol interface Mathias Hablützel Rawsockets 29 May 2013 11 / 34

  9. Let’s get started — Explained (AF_INET) tcp(7) resp. udp(7) #include <sys/socket.h> #include <netinet/in.h> #include <netinet/tcp.h> /* only for SOCK_STREAM */ sockfd = socket(AF_INET, SOCK_STREAM, 0); sockfd = socket(AF_INET, SOCK_DGRAM, 0 A few notes (won’t cover this in detail): Direction Required calls outbound connect(2) inbound bind(2) , listen(2) and finally accept(2) Mathias Hablützel Rawsockets 29 May 2013 12 / 34

  10. Let’s get started — Explained (AF_PACKET) packet(7) #include <sys/socket.h> #include <netpacket/packet.h> #include <net/ethernet.h> /* for L2 */ sockfd = socket(AF_PACKET, int socket_type, int protocol); As defined in <bits/sockets.h > : Name Purpose SOCK_DGRAM cooked packets with the link level header removed SOCK_RAW raw packets including the link level header Mathias Hablützel Rawsockets 29 May 2013 14 / 34

  11. Let’s get started — Explained (AF_PACKET) packet(7) #include <sys/socket.h> #include <netpacket/packet.h> #include <net/ethernet.h> /* for L2 */ sockfd = socket(AF_PACKET, SOCK_RAW, int protocol); As defined in <linux/if_ether.h > (excerpt): Name Purpose ETH_P_IP Internet Protocol packet ETH_P_8021Q 802.1Q VLAN Extended Header ETH_P_FCOE Fibre Channel over Ethernet ETH_P_802_3 Dummy type for 802.3 frames ETH_P_ALL Every packet (be careful!!!) Pitfall! Always bear in mind that network-byte-order and host-byte-order may not necessarily be the same. Use htons(3) for this purpose: sockfd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); Mathias Hablützel Rawsockets 29 May 2013 15 / 34

  12. Socket options The only interesting option to set: rawsock = socket(AF_INET, SOCK_RAW, IPPROTO_TCP); int one = 1; setsockopt (rawsock, IPPROTO_IP, IP_HDRINCL, &one, sizeof (one)); Pitfall! IP_HDRINCL only exists with AF_INET ! Mathias Hablützel Rawsockets 29 May 2013 17 / 34

  13. Socket options — IP_HDRINCL ◮ not set: kernel will build the IP header and prepend it ◮ set: the packet must contain the IP header ◮ IPPROTO_RAW implies enabled IP_HDRINCL ! ◮ IP Identification == 0 → kernel sets this ◮ IP options may or may not be included ◮ IP checksum ( RFC 1701 ) always calculate by kernel But YOU are responsible for checksums in higher layers! AF_PACKET requires you to calculate every checksum. Mathias Hablützel Rawsockets 29 May 2013 18 / 34

  14. Binding the socket Basically wiring the socket to an interface: get interface index c h a r ∗ i f a c e = " eth0 " ; s t r u c t i f r e q ∗ i f i n f o = m a l l o c ( s i z e o f ( s t r u c t i f r e q ) ) ; memset ( i f i n f o , 0 , s i z e o f ( s t r u c t i f r e q ) ) ; s t r n c p y ( i f i n f o − >ifr_name , i f a c e , IFNAMSIZ ) ; i o c t l ( sock_eth , SIOCGIFINDEX , i f i n f o ) ; / ∗ < − ∗ / − − − bind socket to specific interface s t r u c t s o c k a d d r _ l l s i n f o ; memset(& s i n f o , 0 , s i z e o f ( s i n f o ) ) ; s i n f o . s l l _ f a m i l y = PF_PACKET; s i n f o . s l l _ p r o t o c o l = htons (ETH_P_ALL) ; s i n f o . s l l _ i f i n d e x = i f i n f o − >i f r _ i f i n d e x ; bind ( sock , ( s t r u c t sockaddr ∗ ) &s i n f o , s i z e o f ( s t r u c t s o c k a d d r _ l l ) ) ; / ∗ < − ∗ / − Mathias Hablützel Rawsockets 29 May 2013 20 / 34

  15. Connect the socket Connect the socket to remote end (only with AF_INET → SOCK_STREAM,SOCK_DGRAM ) connect(2) #include <sys/types.h> #include <sys/socket.h> int connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen); Mathias Hablützel Rawsockets 29 May 2013 22 / 34

  16. Sending /wo connect /w connect send(2 sendto(2) sendto(2) sendmsg(2) sendmsg(2) write(2) writev(2) Mathias Hablützel Rawsockets 29 May 2013 23 / 34

  17. Receiving ◮ TCP/UDP packets are never passed to a raw socket Process must listen to data link layer to list to TCP/UDP ◮ most icmp messages and all igmp messages are passed to the raw socket ◮ all IP datagrams unknown to the kernel are passed to the raw socket, only verification of IP version, IP header checksum, header length and destination address occurs ◮ fragments are first reassembled and then passed on to the raw socket Mathias Hablützel Rawsockets 29 May 2013 24 / 34

  18. Receiving Datagram gets passed to each socket as a copy, if all following conditions are true: 1. non-zero protocol specified: socket(..., ..., proto); and 2. matching protocol ID 3. locally bound IP address to raw socket must match the received datagrams address 4. if remote address was specified by connect(2) then the sender address must match in the datagram Mathias Hablützel Rawsockets 29 May 2013 25 / 34

  19. Receiving ◮ If a socket is created with a protocol := 0 and no bind(2)/connect(2) occurred, this socket will receive a copy of every datagram the kernel passes on. ◮ Every datagram passed to a raw socket will contain the entire datagram + the IPv4 header. ◮ For IPv6 only the payload will be passed on. Mathias Hablützel Rawsockets 29 May 2013 26 / 34

  20. Example: icmp_server.c sock_eth = s o c k e t (AF_PACKET, SOCK_RAW, htons (ETH_P_ALL ) ) ; / ∗ get i n t e r f a c e i n d e x ∗ / i f i n f o = m a l l o c ( s i z e o f ( s t r u c t i f r e q ) ) ; memset ( i f i n f o , 0 , s i z e o f ( s t r u c t i f r e q ) ) ; s t r n c p y ( i f i n f o − >ifr_name , i f a c e , IFNAMSIZ ) ; i o c t l ( sock_eth , SIOCGIFINDEX , i f i n f o ) ; / ∗ bind s o c k e t to s p e c i f i c i n t e r f a c e ∗ / memset(& s o c k i n f o , 0 , s i z e o f ( s o c k i n f o ) ) ; s o c k i n f o . s l l _ f a m i l y = PF_PACKET; s o c k i n f o . s l l _ p r o t o c o l = htons (ETH_P_ALL) ; s o c k i n f o . s l l _ i f i n d e x = i f i n f o − >i f r _ i f i n d e x ; bind ( sock_eth , ( s t r u c t sockaddr ∗ ) &s o c k i n f o , s i z e o f ( s t r u c t s o c k a d d r _ l l ) ) ; Mathias Hablützel Rawsockets 29 May 2013 27 / 34

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION

INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION

TRAINING COURSE ON SOCIAL PROTECTION &amp; FORMALIZATION TRINIDAD AND TOBAGO MARCH 15, 2017 INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION INTRODUCTION Design of the NIS Assistance from the

547 views • 23 slides
INTRODUCTION Introduction 2/42 INTRODUCTION Alternations I am giving bread to the

INTRODUCTION Introduction 2/42 INTRODUCTION Alternations I am giving bread to the

Patterns of variation in the expression of case and agreement Andrs Brny Leiden University Centre for Linguistics 9 November 2019, BaSIS Workshop a.barany@hum.leidenuniv.nl INTRODUCTION Introduction 2/42 INTRODUCTION

1.37k views • 42 slides
Introduction Introduction Introduction Introduction Outline Motivation Failures

Introduction Introduction Introduction Introduction Outline Motivation Failures

Introduction Introduction Introduction Introduction Outline Motivation Failures Definition and concepts Process and product properties Principles SE Approaches Motivation Software and the economy The economies of

1.03k views • 49 slides
Introduction Introduction Introduction Nationwide Cause for Concern 1

Introduction Introduction Introduction Nationwide Cause for Concern 1

Introduction Introduction Introduction Nationwide Cause for Concern 1 https://www.cdc.gov/std/stats17/infographic.htm Introduction Epidemiology in Western Colorado CPHE Surveillance Data Report, May 2018 Chlamydia Epidemiology in Western

977 views • 39 slides
DAQ introduction Purpose of this talk : (1) Introduction for those who have not been in every

DAQ introduction Purpose of this talk : (1) Introduction for those who have not been in every

DAQ introduction Purpose of this talk : (1) Introduction for those who have not been in every meeting (2) Some ideas of diagrams for section 7.1 (Introduction) of TP. Giles Barr 25 Jan 2018, Pembroke College On DUNE, the reality is there is a

474 views • 10 slides
INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT

ADVANCED COMPUTER SECURITY INTRODUCTION cf. Schneider, Chapter 1 INTRODUCTION THEY ARE OUT TO GET YOU INTRODUCTION WHAT IS SECURITY? A systems security policies describe What the system is supposed to do Store and provide access

479 views • 16 slides
Overview Introduction to SMIL Introduction to W3C and XML Introduction to SMIL

Overview Introduction to SMIL Introduction to W3C and XML Introduction to SMIL

Overview Introduction to SMIL Introduction to W3C and XML Introduction to SMIL Writing a SMIL file Adding Media Objects Martin Halvey Clipping media files January 2008 Timing and Synchronising Layout World Wide

387 views • 14 slides
14 Introduction Introduction Bad guys can put malware into Example: hosts

14 Introduction Introduction Bad guys can put malware into Example: hosts

Introduction Introduction source Encapsulation ISO/OSI reference model message M application segment H t H t M transport network datagram H n H n H t M presentation: allow applications to frame link H l H n H t M interpret

583 views • 4 slides
Previous Lecture Introduction to SMIL 2 Introduction to W3C and XML Introduction to SMIL

Previous Lecture Introduction to SMIL 2 Introduction to W3C and XML Introduction to SMIL

Previous Lecture Introduction to SMIL 2 Introduction to W3C and XML Introduction to SMIL Writing a SMIL file Adding Media Objects Martin Halvey Clipping media files January 2008 Timing and Synchronising Layout

322 views • 8 slides
Lecture 1 Andreas Habegger Introduction Zynq Introduction Zynq Introduction Zynq PS vs. PL

Lecture 1 Andreas Habegger Introduction Zynq Introduction Zynq Introduction Zynq PS vs. PL

Introduction Zynq Lecture 1 Andreas Habegger Introduction Zynq Introduction Zynq Introduction Zynq PS vs. PL Processing System Processor Peripherals Data Buses AXI Bus Conclusion BTE5380 - Embedded Systems Octobre 2014 Andreas Habegger

1.81k views • 30 slides
2018.06 01 SMILE5 Introduction S E 5 02 Alpha Cloud M I L 03 Company Introduction 04

2018.06 01 SMILE5 Introduction S E 5 02 Alpha Cloud M I L 03 Company Introduction 04

2018.06 01 SMILE5 Introduction S E 5 02 Alpha Cloud M I L 03 Company Introduction 04 Project References S E 5 PART.1 SMILE5 Introduction M I L Introduction STORION-SMILE5 Residential Energy Storage System Inverter 5kW Output Input

1.06k views • 25 slides
Introduction to CICS Course introduction Course introduction What is CICS? What is an

Introduction to CICS Course introduction Course introduction What is CICS? What is an

Introduction to CICS Course introduction Course introduction What is CICS? What is an application server? Why use an application server? Course introduction Services provided by CICS How CICS applications are defined Scaling CICS to meet

1.84k views • 146 slides
Network Visualization Introduction Presented by Shahed Introduction Introduction Basic

Network Visualization Introduction Presented by Shahed Introduction Introduction Basic

Network Visualization Introduction Presented by Shahed Introduction Introduction Basic building blocks Node Links (relationship between nodes) Spatial information Network data

584 views • 9 slides
Introduction Introduction (1) Main argument of the paper: universities are not only

Introduction Introduction (1) Main argument of the paper: universities are not only

Le jugement des pairs comme outil de management des universits Peer-review as a management tool Christine Musselin (CSO, Sciences Po et CNRS) Avril 2013, Lirrsistible ascension du capitalisme acadmique Introduction Introduction (1)

590 views • 28 slides
Introduction Introduction to storage and to storage and filesystems filesystems Introduction

Introduction Introduction to storage and to storage and filesystems filesystems Introduction

Moreno Baricevic Gilberto Daz Axel Kohlmeyer Stefano Cozzini ULA ICTP CNR-IOM DEMOCRITOS Merida, VENEZUELA Trieste, ITALY Trieste, ITALY Introduction Introduction to storage and to storage and filesystems filesystems Introduction

1.19k views • 51 slides
JABLOTRON JA-100 introduction November 2011 Introduction Todays goals First introduction of

JABLOTRON JA-100 introduction November 2011 Introduction Todays goals First introduction of

JABLOTRON JA-100 introduction November 2011 Introduction Todays goals First introduction of the brand new JA-100 alarm system Visions Basic architecture System components Setting Help us with final validations You are the FIRST ones

1.69k views • 111 slides
A userspace API for netfilter control Netfilter Workshop 2007, Karlsruhe Sebastian Kiesel, Jochen

A userspace API for netfilter control Netfilter Workshop 2007, Karlsruhe Sebastian Kiesel, Jochen

INSTITUT FR INSTITUT FR NACHRICHTENVERMITTLUNG KOMMUNIKATIONSNETZE Universitt Stuttgart Universitt Stuttgart UND DATENVERARBEITUNG UND RECHNERSYSTEME Prof. Dr.-Ing. Dr. h. c. mult. P. J. Khn Prof. Dr.-Ing. Dr. h. c. mult. P. J.

794 views • 26 slides
PostgreSQL Who, What, When, Where, Why, How? 1 QUIS? Who's involved with PostgreSQL? Core

PostgreSQL Who, What, When, Where, Why, How? 1 QUIS? Who's involved with PostgreSQL? Core

PostgreSQL Who, What, When, Where, Why, How? 1 QUIS? Who's involved with PostgreSQL? Core team: https://www.postgresql.org/community/contributors/ Large Users: https://www.postgresql.org/about/users/ Case Studies:

517 views • 7 slides
Introduction to the GNU GMP Library Salimova Diyora Swiss Federal Institute of Technology

Introduction to the GNU GMP Library Salimova Diyora Swiss Federal Institute of Technology

Introduction to the GNU GMP Library Salimova Diyora Swiss Federal Institute of Technology sdiyora@student.ethz.ch October 16, 2014 Salimova Diyora (ETHZ) Introduction to the GNU GMP Library October 16, 2014 1 / 14 Overview Presentation,

371 views • 14 slides
Abstracting and Visualizing Host Behaviour Abstracting and Visualizing Host Behaviour through

Abstracting and Visualizing Host Behaviour Abstracting and Visualizing Host Behaviour through

Abstracting and Visualizing Host Behaviour Abstracting and Visualizing Host Behaviour through Graphs Eduard Glatz Computer Engineering and Networks Laboratory ETH Zurich (Switzerland) eglatz@tik.ee.ethz.ch 20. Dec. 2009 Motivation

466 views • 27 slides
Build Systems: Combining CUDA and Modern CMake GTC, San Jose, CA May, 2017 Robert Maynard

Build Systems: Combining CUDA and Modern CMake GTC, San Jose, CA May, 2017 Robert Maynard

Build Systems: Combining CUDA and Modern CMake GTC, San Jose, CA May, 2017 Robert Maynard Kitware, Inc. Founded in 1998 by five former GE Research employees 136 current employees; 47 with PhDs Privately held, profitable from

298 views • 29 slides
Virtual Labs with User Mode Linux Armin M. Warda, Postbank Systems AG, Germany Postbank Systems

Virtual Labs with User Mode Linux Armin M. Warda, Postbank Systems AG, Germany Postbank Systems

Virtual Labs with User Mode Linux Armin M. Warda, Postbank Systems AG, Germany Postbank Systems AG IBM eServer pSeries AIX &amp; Linux 2004 Technical Conference, Munich/DE, 26-29 Oct Agenda Prsentationstitel Who is Postbank? And who is

1.18k views • 66 slides
Banque Saudi Fransi Investor Presentation | Q3 2019 Results INVESTOR PRESENTATION | DISCLAIMER

Banque Saudi Fransi Investor Presentation | Q3 2019 Results INVESTOR PRESENTATION | DISCLAIMER

Banque Saudi Fransi Investor Presentation | Q3 2019 Results INVESTOR PRESENTATION | DISCLAIMER This presentation is being provided to you for general information purposes. The information contained in the presentation has been obtained from

384 views • 22 slides
Banque Saudi Fransi Investor Presentation | First Half 2019 INVESTOR PRESENTATION | DISCLAIMER

Banque Saudi Fransi Investor Presentation | First Half 2019 INVESTOR PRESENTATION | DISCLAIMER

Banque Saudi Fransi Investor Presentation | First Half 2019 INVESTOR PRESENTATION | DISCLAIMER This presentation is being provided to you for general information purposes. The information contained in the presentation has been obtained from

453 views • 27 slides

More recommend