From owner-freebsd-net@freebsd.org Wed Mar 21 11:19:48 2018 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 31986F5EB8D for ; Wed, 21 Mar 2018 11:19:48 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B9ED069FD3; Wed, 21 Mar 2018 11:19:47 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id w2LBJYJo087491 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Mar 2018 12:19:35 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: mjoras@freebsd.org Received: from eg.sd.rdtc.ru (eugen@localhost [127.0.0.1]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTP id w2LBJLKv055000; Wed, 21 Mar 2018 18:19:21 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Raw Sockets: Two Questions To: Matt Joras References: <98551.1521576540@segfault.tristatelogic.com> <5AB1A9C5.9050707@grosbein.net> <5AB1D4D2.8000001@grosbein.net> Cc: Michael Tuexen , "Ronald F. Guilmette" , FreeBSD Net From: Eugene Grosbein X-Enigmail-Draft-Status: N1110 Message-ID: <5AB23FB9.7050407@grosbein.net> Date: Wed, 21 Mar 2018 18:19:21 +0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE, T_DATE_IN_FUTURE_96_Q autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * 0.0 T_DATE_IN_FUTURE_96_Q Date: is 4 days to 4 months after Received: * date * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-Spam-Level: ** X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Mar 2018 11:19:48 -0000 On 21.03.2018 10:55, Matt Joras wrote: >>>>> I'm going to be doing some stuff with raw sockets pretty soon, and >>>>> while scrounging around, looking for some nice coding examples, I >>>>> found the following very curious comment on one particular message >>>>> board: >>>>> >>>>> https://stackoverflow.com/questions/7048448/raw-sockets-on-bsd-operating-systems >>>>> >>>>> "Using raw sockets isn't hard but it's not entirely portable. For >>>>> instance, both in BSD and in Linux you can send whatever you want, >>>>> but in BSD you can't receive anything that has a handler (like TCP >>>>> and UDP)." >>>>> >>>>> So, first question: Is the above comment actually true & accurate? >>>> >>>> Not for FreeBSD. >>> Are you saying that I can receive on a raw socket SCTP, TCP and UDP packets? >> >> No. I'm saying one can send/receive RAW IP packets no matter are they SCTP, TCP or UDP >> or something else by means of libdnet. It uses raw sockets and BPF internally >> but hides this complexity. nmap uses it just fine. >> > Saying "Not for FreeBSD" is needlessly confusing and not accurate. In > the common parlance "raw sockets" does not refer to libdnet, which is > not a part of the FreeBSD base system. You cannot use traditional raw > sockets on FreeBSD to receive traditional protocol packets. The goal is to send/receive RAW IP packets, not to use raw sockets, isn't it? > The only way to do that in the base system is to use a BPF handle directly. Not exactly. For example: if_ethersubr.c/ether_input_internal() performs some sanity checks then passes incoming frame to BPF and to NETGRAPH (ng_ether) before passing it to upper stack layers. One can do almost anything with the frame by means of NETGRAPH subsystem and pass it to userland too. One have to setup some NETGRAPH nodes before, though - just like ppp(8) does to process control PPPoE frames.