I would like to clear some general concepts about Raw Sockets. Is it true that in Raw Sockets :
1)We can read and write ICMPv4,ICMPv6 packets. Does it means that we cannot read(recv) or write(send) TCP or UDP packets.
2)With Raw Sockets we can read or write IP4 datagrams. What is the basic difference between a 'datagram' and a 'packet'? What are default IP packets that the kernel processes itself.
3)Why is bind and connect system call not necessary to called on a Raw Socket ?
4)Should we use recv and send to read or write in a Raw Socket?
5)What is the benefit of Setting IP_HDRINCL option for a Raw Socket?
6)What do we mean by 'CheckSum' ?
7)Can anyone please specify the message format of ICMP and IP protocol?
I am facing some problem regarding how to validate the ICMP packet as received from the destination. Can anyone provide me the various structure member of the ICMP packet and how to degug its value once it is received from the destination.
With what ever I have understood I would like to develop my own PING utility. I have an idea of how to write but I need expert opinion comments on it firstly whether I am correct or not and secondly what could be the best approach. The steps of the code explain as to what I am doing inside the code.
1) Login as root.
2)Call socket( AF_INET, SOCK_RAW, IPPROTO_ICMP )
3)Memset all 0's to sockaddr_in_var
4)Set sockaddr_in_var.sin_family = AF_INET
5)Set sockaddr_in_var.sin_addr.s_addr = inet_addr ( argv[1] )
6)Set icmpheader_var.icmp_type = 8
7)Set icmpheader_var.icmp_code = 0
8)Set icmpheader_var.icmp_cksum = 0
9)Set icmpheader_var.icmp_id = htons(getpid())
10)Set icmpheader_var.icmp_type = htons ( serial_nos )
11)Set icmpheader_var.icmp_cksum = one's complement of the one's complement sum of all the bytes
CodeIdol - Thinking about UNIX Network Programming: The Sockets ::
Introduction Raw sockets provide three features not provided by normal TCP and UDP Raw sockets provide three capabilities: We can read and write ICMPv4,
http://codeidol.com/unix/unix-network-programming/Raw-Sockets/HOME |
Delphi: WinXP Raw sockets, raw sockets, ip sockets::
raw sockets, ip sockets, raw socket: I have not found anything that Delphi cannot do that C++ can. Raw sockets are not compatible with all network adapters ,
http://en.allexperts.com/q/Delphi-1595/2008/6/WinXP-Raw-sockets.htmHOME |
12)Since we have not set IP_HDRINCL on, the system will create and tag on the ip header for us. If we had turned on that option we would have to create and write the ip header ourself.
13)Use sendto () to send the data.
14)Call recvfrom () to receive a packet.
15)Validate the packet received ( sequence , identifier )
I hope that I have not let out any of points respect to the coding requirement. Kindly anyone suggest me whether my direction is correct or not. After this I will further progress to write the code physically. create Raw socket in Android - Stack Overflow::
In part this is because on most O/S access to raw sockets is a privileged operation, only available to processes running as root / administrator.
http://stackoverflow.com/questions/228851/create-raw-socket-in-androidHOME |
Take a look at http://www.developerweb.net/forum/viewtopic.php?t=525 and see if the answers are there... there are a number of external links including one to a site with graphical representations of the various icmp packet types....
Also... if you look at the rcv function in the code I posted the link to in the previous msg... and are just dealing with icmp echo packets, there are checks for pretty much every field...
'Raw sockets, MS05-019 and Windows Firewall -- Summary' - MARC::
Apr 25, 2005 It fully supports all raw socket actions and since it doesn't have the Windows Firewall/ICF we don't have any of those associated issues.
http://marc.info/?l=ntbugtraq&m=111633743508649&w=2HOME |
Michael
Just a quick comment before I go to sleep... take not of the final operations where the (normally) 16 bit short value is converted to 8 bits...
...and yes... on some platforms it can be a problem where shorts etc. are oddball sizes... but not most... if you are worried about it, then what I did in my example code can be done i.e. use the data types with explicitly defined bit lengths...
Michael
Just glancing over it... it appears you have covered all the required steps...
Btw, we covered this same topic a couple of weeks ago... I had posted some sample code at:
http://www.cognitus.net/html/tutorial/rawsock/socketfaq_icmp_0.c
It should compile / run on most systems and should cover most topics for you... but is not meant to be of "commercial" quality, just an example...
Michael
I have some basic doubts :
unsigned short in_cksum(unsigned short *addr,int len)
{
register int sum = 0;
u_short answer = 0;
register u_short *w = addr;
register int nleft = len;
while (nleft > 1) {
sum += *w++;
nleft -= 2;
}
if (nleft == 1) {
*(u_char *)(&answer) = *(u_char *)w ;
sum += answer;
}
sum = (sum >> 16) + (sum & 0xffff);
sum += (sum >> 16);
answer = ~sum;
return(answer);
}
The objective is to find one's complement of the one's complement sum of all the bytes of the header ( or is it header + data ? ). Now the sizeof unsigned short *addr is 8 ( One Byte ) on Compaq Tru64 UNIX V5.1 Unix Box. If the output is same on all the Unix Boxes then why the variable nleft is decremented by 2. Isn't that we first need to find the complement of each byte and then add it and again find the complement as CheckSum
Item by item...
1) You should still be able to send tcp and udp packets... its the recving of them with a "raw" socket that will be the problem... since most network impls automatically process the upper level protocols (udp / tcp )... and will pass on the "lower" ones and those which are unknown...
2) Personally, when I am saying the word packet, I mean the IPv4 header and the contained data... a UDP packet, or datagram, is transported in the IPv4 packet's data section... the truth is that the naming can be confusing... expecially when you start talking about other protocols... is it a packet, a frame, a cell, a datagram, or the loch ness monster... who knows... lol.
3) Binding and connecting require a complete address for the packets... a complete address is the local address and port, the remote address and port, and the upper level protocol... IP proper only has the concept of the addresses, not for the port... which means that not only does binding / connecting not make sense, it is not really (fully) realizable with only IP...
4) Use sendto to transmit since it allows you to specify the target address(necessary) for the packet... and recvfrom for reading so you can (easily) 2x the originator of any incoming packet...
5) If you do not have IP_HDRINCL set, the system will create and include the IP header for you... with the system defaults... in some cases the defaults may not be adequate for your purposes... such as doing route searches where you must adjust the ttl value (so routers kick back packet expiration messages)... or you may want to include custom options in the IP packet header... or any number of things...
6) Um... the checksum is the one's complement of the one's complement sum of all the bytes... one's complement is nothing more than a fancy name for when you invert all the bits of a negative number to represent it... e.g. the decimal 1 is 0000 0001 in binary, so a decimal -1 would be 1111 1110 in one's complement...
7) The IP (v4) header is defined as follows:
/*
A summary of the contents of the internet header follows as per
description in RFC 791:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Version IHL Type of Service Total Length
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Identification Flags Fragment Offset
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Time to Live Protocol Header Checksum
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Source Address
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Destination Address
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Options Padding
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
and information on ICMP (with nicely done diagrams for the various types / codes) can be found at :
http://www.networksorcery.com/enp/protocol/icmp.htm
Don't think I missed too much or horribly mistated anything... if so, apologies... but on my way out the door on a date... so um... I have higher priorities right now than double checking this post!
;-)
Michael
 How much does getting a small tattoo on your hip/stomach hurt?
 Do anyone else have an itchy anus? ?
|
Raw Sockets