Date: Wed, 21 Mar 2018 18:19:21 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Matt Joras <mjoras@freebsd.org> Cc: Michael Tuexen <michael.tuexen@lurchi.franken.de>, "Ronald F. Guilmette" <rfg@tristatelogic.com>, FreeBSD Net <freebsd-net@freebsd.org> Subject: Re: Raw Sockets: Two Questions Message-ID: <5AB23FB9.7050407@grosbein.net> In-Reply-To: <CADdTf%2BjOXsZa_eMnhvgNusbvNtGxt164vMJvWaXbXyfG8apThw@mail.gmail.com> References: <98551.1521576540@segfault.tristatelogic.com> <5AB1A9C5.9050707@grosbein.net> <FE503C2B-11C9-4937-8035-0793DCBFE177@lurchi.franken.de> <5AB1D4D2.8000001@grosbein.net> <CADdTf%2BjOXsZa_eMnhvgNusbvNtGxt164vMJvWaXbXyfG8apThw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 21.03.2018 10:55, Matt Joras wrote: >>>>> I'm going to be doing some stuff with raw sockets pretty soon, and >>>>> while scrounging around, looking for some nice coding examples, I >>>>> found the following very curious comment on one particular message >>>>> board: >>>>> >>>>> https://stackoverflow.com/questions/7048448/raw-sockets-on-bsd-operating-systems >>>>> >>>>> "Using raw sockets isn't hard but it's not entirely portable. For >>>>> instance, both in BSD and in Linux you can send whatever you want, >>>>> but in BSD you can't receive anything that has a handler (like TCP >>>>> and UDP)." >>>>> >>>>> So, first question: Is the above comment actually true & accurate? >>>> >>>> Not for FreeBSD. >>> Are you saying that I can receive on a raw socket SCTP, TCP and UDP packets? >> >> No. I'm saying one can send/receive RAW IP packets no matter are they SCTP, TCP or UDP >> or something else by means of libdnet. It uses raw sockets and BPF internally >> but hides this complexity. nmap uses it just fine. >> > Saying "Not for FreeBSD" is needlessly confusing and not accurate. In > the common parlance "raw sockets" does not refer to libdnet, which is > not a part of the FreeBSD base system. You cannot use traditional raw > sockets on FreeBSD to receive traditional protocol packets. The goal is to send/receive RAW IP packets, not to use raw sockets, isn't it? > The only way to do that in the base system is to use a BPF handle directly. Not exactly. For example: if_ethersubr.c/ether_input_internal() performs some sanity checks then passes incoming frame to BPF and to NETGRAPH (ng_ether) before passing it to upper stack layers. One can do almost anything with the frame by means of NETGRAPH subsystem and pass it to userland too. One have to setup some NETGRAPH nodes before, though - just like ppp(8) does to process control PPPoE frames.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5AB23FB9.7050407>