Академический Документы
Профессиональный Документы
Культура Документы
We are only to receive only data because all the Headers i.e. Ethernet, IP, TCP etc are stripped by
the network stack.
We can't modify or create a header for a packet when we send the packet.
With raw sockets we can get all the headers i.e. Ethernet, TCP, IP etc from the network and we can
also inject packets with custom headers and data into the network directly
Promiscuous Mode
We tells the network driver to accept all packets irrespective of whom the packets are addressed to
i.e. “See All, Hear All” Wizard mode
In this case A raw socket receives or sends the raw datagram not including link level headers.
(or)
The socket function can also create a raw socket when the first argument is
AF_PACKET/PF_PACKET, the second argument is SOCK_RAW. The third argument is the protocol.
protocol is ETH_P_IP for IP networks. It is mostly used as a filter. To receive all types of packets
ETH_P_IP is used.
In this case A raw socket receives or sends packet at layer 2 of the OSI i.e. Device driver
struct ethhdr
{
unsigned char h_dest[ETH_ALEN]; /* destination eth addr */
unsigned char h_source[ETH_ALEN]; /* source ether addr */
unsigned short h_proto; /* packet type ID field */
}
The IP Header
Defined in linux/ip.h
Pictorial View
struct iphdr {
#if defined(__LITTLE_ENDIAN_BITFIELD)
__u8 ihl:4,
version:4;
#elif defined (__BIG_ENDIAN_BITFIELD)
__u8 version:4,
ihl:4;
#else
#error "Please fix <asm/byteorder.h>"
#endif
__u8 tos;
__u16 tot_len;
__u16 id;
__u16 frag_off;
__u8 ttl;
__u8 protocol;
__u16 check;
__u32 saddr;
__u32 daddr;