Menu
When I gone through socket programming I could not clearly understand RAW_SOCKET.
My understanding is
If I open a socket with this option AF_INET , RAW_SOCKET mean's I can create my own header
before AF_INET headers but finally the data is send in the format of AF_INET protocol.
Is my understanding is correct . If wrong can some explain me.
ThankYou
217
Raw sockets are used to generate/receive packets of a type that the kernel doesn't explicitly support. An easy example that you're probably familiar with is PING. Ping works by sending out an ICMP (internet control message protocol - another IP protocol distinct from TCP or UDP) echo packet.
int s = socket (AF_INET, SOCK_RAW, IPPROTO_TCP); The above function call creates a raw socket of protocol TCP. This means that we have to provide the TCP header along with the data. The kernel or the network stack of Linux shall provide the IP header.
RAW-sockets are an additional type of Internet socket available in addition to the well known DATAGRAM- and STREAM-sockets. They do allow the user to see and manipulate the information used for transmitting the data instead of hiding these details, like it is the case with the usually used STREAM- or DATAGRAM sockets.
In order to create a raw socket, a process must have the CAP_NET_RAW capability in the user namespace that governs its network namespace. All packets or errors matching the protocol number specified for the raw socket are passed to this socket.
In every layer, a packet has two disjoint sections: Header and Payload.
non-Raw socket means you can just determine Transport Layer Payload. i.e it is the OS' task to create the Transport, Network, and Data Link layer headers.
Raw socket means you can determine every section of a packet, be it header or payload. Please note that raw socket is a general word. I categorize raw socket into: Network Socket and Data-Link Socket (or alternativly L3 Socket and L2 Socket).
In L3 Socket you can set the header and payload of a packet in the network layer. For example: if a network layer protocol is IPv4, you can determine the IPv4 header and payload. Thus you can set the transport layer header/payload, ICMP header/payload, Routing Protocols header/payload, ... .
In L2 Socket you can set the header and payload of a packet in the data link layer, i.e everything in the packet. Thus you do everything done with L3 Socket + determine ARP header/payload, PPP header/payload, PPPOE header/payload, ... .
Now in programming:
The third parameter specify the payload protocol.
134
RAW_SOCKET allow user to implement it's own transport layer protocol above internet (IP) level . You are responsible for creating and parsing transport level headers and logic behind it. A packet would look like:
-------------------------------------------------------------------
| Ethernet (typically) header | IP header | Your header | payload |
-------------------------------------------------------------------
EDIT: there's good description of raw sockets on Linux man page, or here if you are using Windows.
27
You can also use SOCK_RAW with "Packet Sockets" that will allow you to have full control over the L2 (Ethernet) and L3 (IP) layers.. meaning you can completely custom-render you packet as it comes out of a NIC..
Details here:
http://www.kernel.org/doc/man-pages/online/pages/man7/packet.7.html
http://austinmarton.wordpress.com/2011/09/14/sending-raw-ethernet-packets-from-a-specific-interface-in-c-on-linux/
6
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
