From owner-freebsd-hackers@FreeBSD.ORG  Thu Jul 10 17:32:56 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2379037B401
	for <freebsd-hackers@freebsd.org>;
	Thu, 10 Jul 2003 17:32:56 -0700 (PDT)
Received: from mail.rdstm.ro (mail.rdstm.ro [193.231.233.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 12DC543FE0
	for <freebsd-hackers@freebsd.org>;
	Thu, 10 Jul 2003 17:32:55 -0700 (PDT)
	(envelope-from aanton@reversedhell.net)
Received: from reversedhell.net (casa_auto [81.196.32.25])
	by mail.rdstm.ro (8.12.9/8.12.1) with ESMTP id h6B0Wrjd003456;
	Fri, 11 Jul 2003 03:32:54 +0300
Message-ID: <3F0C0C73.5080908@reversedhell.net>
Date: Wed, 09 Jul 2003 15:37:07 +0300
From: Alin-Adrian Anton <aanton@reversedhell.net>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3.1) Gecko/20030606
X-Accept-Language: en-us, en, ro
MIME-Version: 1.0
To: Toni Andjelkovic <toni@soth.at>
References:
	<Pine.GSO.4.10.10307101416000.12648-100000@cranford-fe.eng.netapp.com>
	<3F0BE42A.50407@reversedhell.net> <20030710224839.GB1574@webboy.soth.at>
In-Reply-To: <20030710224839.GB1574@webboy.soth.at>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: freebsd-hackers@freebsd.org
Subject: Re: tcp raw socket programming recvfrom()
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Jul 2003 00:32:56 -0000

Toni Andjelkovic wrote:

>On Wed, Jul 09 2003 (12:45:14 +0300), Alin-Adrian Anton wrote:
>  
>
>>Usually? What does usually mean? I know I can use bpf. But is there 
>>another way to look at incoming TCP packet ? What I did is I sent a TCP 
>>SYN packet and the server answers with a TCP SYN_ACK packet. How can I 
>>look at the SYN_ACK packet using raw sockets?
>>    
>>
>
>Try libpcap or tcpdump.
>
>Cheers,
>Toni
>
>
>  
>
Libcap uses /dev/bpf for *BSD, and RAW recvfrom for linux and others. My 
goal is to experience with the freebsd system, not only to receive that 
packet. I just want to understand why *BSD socket model, which is the 
original socket model, chose not to allow recvfrom with raw sockets, on 
TCP and UDP protocols. It allows it with ICMP and all others. I just 
want to understand why this choice.

Linux didn't respect that, and in linux it is possible to recvfrom with 
raw socket, on TCP and UDP protocols too.

In the end, I will just use the /dev/bpf to get the work done. I want to 
play with the system, and understand it, not with a portable lib :P .
The goal is not to get things done, for that there is libcap. The goal 
is to explore src/sys details and IP stack.

PS: ethereal is a great sniffer :-)

Thanks :-).

Alin.