wiltzius@lll-lcc.aRpA (Dave P. Wiltzius) (05/04/88)
I'm being a bit lazy here: I want to use an IP raw socket to implement a non-Internet transport protocol on IP (please, this is an exercise and not my idea). The particular UNIX system is Sun's 3.2. Can only "super-user" use the IP raw socket? I suspect this is a silly question, but can there only be one process on the system using the IP raw socket? For those of you that did this (as it was intended) to prototype and debug transport code, what was the difference in performance between the raw socket implementation and the kernel implementation. Any comments as an aside would be welcome - perhaps more appropriately as E-mail. Thank you. -------------------------------------------------------------------- Dave Wiltzius (wiltzius@lll-lcc.llnl.gov)
jk0@sun.soe.clarkson.edu (Jason Coughlin) (12/07/90)
I want to write a simple program to capture the IP traffic coming
into my machine and to "dump" the packets to the screen.
There is little documentation on raw sockets. I have already looked
at _Unix Network Programming_ and various man pages. Can someone
familiar with the semantics of raw sockets *please* send me
some email??!
My understanding is that a raw socket receives a copy of all
data at the specified protocol layer. It's not working that
way.
Below is an example program that I've been playing with. It has
seen numerous modifications so it's not a great program.
Thanks for any help!!
--
Jason Coughlin
( nibmjake@ralvmm.iinus1.ibm.com, jk0@sun.soe.clarkson.edu, -or-
jk0@clutx.BITNET )
----[Cut me!]-----------------------------------
/* raw.c -- Capture raw IP traffic.
Written by Jason Coughlin.
NOTES:
* I don't know what I'm doing with this stuff yet.
*/
/* you NEED this define! otherwise the header files won't align the
* byte correctly.
*/
#define OS2
#define MAX_BUFFER 8192
#define MAX_COUNT 20
#define WAIT -1
#include <types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <stdlib.h>
#include <stdio.h>
#include "in_systm.h"
#include "ip.h"
main(argc, argv)
int argc;
char *argv[];
{
int fromlen;
struct sockaddr_in from;
struct protoent *proto;
int n, count;
int sock;
int ready[1];
char *pkt;
if ( (pkt = (char *)malloc(MAX_BUFFER)) == NULL ) {
printf("Can't allocate packet!\n");
exit(1);
}
sock_init();
#ifdef TESTING
/* lookup the protocol to get the protocol entry which contains
* the protocol number.
*/
if ( (proto = getprotobyname("icmp")) == NULL ) {
perror("getprotobyname");
exit(1);
}
#endif
/* allocate raw socket which listens to the IP protocol layer. */
if ( (sock = socket( AF_INET, SOCK_RAW, IPPROTO_RAW )) < 0 ) {
perror("socket");
exit(1);
}
ready[0] = sock;
fromlen = sizeof(from);
count = 1;
printf(" # VER HLEN SRV TLEN ID TTL PROTO CKSUM\n");
while (1) {
#ifdef NOT_WORKING
/* wait for input */
if ( select(ready, 1, 0, 0, WAIT) < 0 ) {
perror("select");
exit(2);
}
#endif
/* recv it */
if ( (n = recvfrom(sock, pkt, MAX_BUFFER, 0, &from, &fromlen)) < 0 )
perror("recv");
else {
struct ip *iph;
iph = (struct ip *)pkt;
/* dump it to screen */
printf("%d: ", count);
printf("%d ", iph->ip_v);
printf("%d ", iph->ip_hl);
printf("%d ", iph->ip_tos);
printf("%d ", iph->ip_len);
printf("%d ", iph->ip_id);
printf("%d ", iph->ip_ttl);
printf("%d ", iph->ip_p);
printf("%d ", iph->ip_sum);
printf("\n");
fflush(stdout);
}
/* increment count. we do count packets then pause to give the
* user a chance to kill this program.
*/
if ( ++count > MAX_COUNT ) {
printf("Press any key ...");
(void)getchar();
count = 1;
printf("\n\n");
printf(" # VER HLEN SRV TLEN ID TTL PROTO CKSUM\n");
}
}
}
--
Jason Coughlin ( jk0@sun.soe.clarkson.edu , jk0@clutx )
"Every jumbled pile of person has a thinking part that wonders what the
part that isn't thinking isn't thinking of." -- They Might Be Giants
"If you read the _TV Guide_, then there's no need for a TV." -- Lost Boys