version 5, including all changes.
.
Rev |
Author |
# |
Line |
1 |
perry |
1 |
IP |
|
|
2 |
!!!IP |
|
|
3 |
NAME |
|
|
4 |
SYNOPSIS |
|
|
5 |
DESCRIPTION |
|
|
6 |
ADDRESS FORMAT |
|
|
7 |
SOCKET OPTIONS |
|
|
8 |
SYSCTLS |
|
|
9 |
IOCTLS |
|
|
10 |
NOTES |
|
|
11 |
ERRORS |
|
|
12 |
VERSIONS |
|
|
13 |
COMPATIBILITY |
|
|
14 |
BUGS |
|
|
15 |
AUTHORS |
|
|
16 |
SEE ALSO |
|
|
17 |
---- |
|
|
18 |
!!NAME |
|
|
19 |
|
|
|
20 |
|
|
|
21 |
ip - Linux IPv4 protocol implementation |
|
|
22 |
!!SYNOPSIS |
|
|
23 |
|
|
|
24 |
|
|
|
25 |
__#include __ |
|
|
26 |
#include __ |
|
|
27 |
|
|
|
28 |
|
|
|
29 |
''tcp_socket'' __= socket(PF_INET, SOCK_STREAM, |
|
|
30 |
0);__'' |
|
|
31 |
raw_socket'' __= socket(PF_INET, SOCK_RAW,__ |
|
|
32 |
''protocol''__);__'' |
|
|
33 |
udp_socket'' __= socket(PF_INET, SOCK_DGRAM,__ |
|
|
34 |
''protocol''__);__ |
|
|
35 |
!!DESCRIPTION |
|
|
36 |
|
|
|
37 |
|
|
|
38 |
Linux implements the Internet Protocol, version 4, described |
|
|
39 |
in RFC791 and RFC1122. __ip__ contains a level 2 |
|
|
40 |
multicasting implementation conforming to RFC1112. It also |
|
|
41 |
contains an IP router including a packet |
|
|
42 |
filter. |
|
|
43 |
|
|
|
44 |
|
|
|
45 |
The programmer's interface is BSD sockets compatible. For |
|
|
46 |
more information on sockets, see |
|
|
47 |
socket(7). |
|
|
48 |
|
|
|
49 |
|
|
|
50 |
An IP socket is created by calling the socket(2) |
|
|
51 |
function as __socket(PF_INET, socket_type, protocol)__. |
|
|
52 |
Valid socket types are __SOCK_STREAM__ to open a |
|
|
53 |
tcp(7) socket, __SOCK_DGRAM__ to open a |
|
|
54 |
udp(7) socket, or __SOCK_RAW__ to open a |
|
|
55 |
raw(7) socket to access the IP protocol directly. |
|
|
56 |
''protocol'' is the IP protocol in the IP header to be |
|
|
57 |
received or sent. The only valid values for ''protocol'' |
|
|
58 |
are __0__ and __IPPROTO_TCP__ for TCP sockets and |
|
|
59 |
__0__ and __IPPROTO_UDP__ for UDP sockets. For |
|
|
60 |
__SOCK_RAW__ you may specify a valid IANA IP protocol |
|
|
61 |
defined in RFC1700 assigned numbers. |
|
|
62 |
|
|
|
63 |
|
|
|
64 |
When a process wants to receive new incoming packets or |
|
|
65 |
connections, it should bind a socket to a local interface |
|
|
66 |
address using bind(2). Only one IP socket may be |
|
|
67 |
bound to any given local (address, port) pair. When |
|
|
68 |
__INADDR_ANY__ is specified in the bind call the socket |
|
|
69 |
will be bound to ''all'' local interfaces. When |
|
|
70 |
listen(2) or connect(2) are called on a |
|
|
71 |
unbound socket the socket is automatically bound to a random |
|
|
72 |
free port with the local address set to |
|
|
73 |
__INADDR_ANY__. |
|
|
74 |
|
|
|
75 |
|
|
|
76 |
A TCP local socket address that has been bound is |
|
|
77 |
unavailable for some time after closing, unless the |
|
|
78 |
__SO_REUSEADDR__ flag has been set. Care should be taken |
|
|
79 |
when using this flag as it makes TCP less |
|
|
80 |
reliable. |
|
|
81 |
!!ADDRESS FORMAT |
|
|
82 |
|
|
|
83 |
|
|
|
84 |
An IP socket address is defined as a combination of an IP |
|
|
85 |
interface address and a port number. The basic IP protocol |
|
|
86 |
does not supply port numbers, they are implemented by higher |
|
|
87 |
level protocols like udp(7) and tcp(7). On raw |
|
|
88 |
sockets __sin_port__ is set to the IP |
|
|
89 |
protocol. |
|
|
90 |
|
|
|
91 |
|
5 |
ScottLamb |
92 |
struct sockaddr_in { |
|
|
93 |
sa_family_t sin_family; /* address family: AF_INET */ |
|
|
94 |
u_int16_t sin_port; /* port in network byte order */ |
|
|
95 |
struct in_addr sin_addr; /* internet address */ |
|
|
96 |
}; |
|
|
97 |
/* Internet address. */ |
|
|
98 |
struct in_addr { |
|
|
99 |
u_int32_t s_addr; /* address in network byte order */ |
|
|
100 |
}; |
1 |
perry |
101 |
|
|
|
102 |
|
|
|
103 |
''sin_family'' is always set to __AF_INET__. This is |
|
|
104 |
required; in Linux 2.2 most networking functions return |
|
|
105 |
__EINVAL__ when this setting is missing. ''sin_port'' |
|
|
106 |
contains the port in network byte order. The port numbers |
|
|
107 |
below 1024 are called ''reserved ports''. Only processes |
|
|
108 |
with effective user id 0 or the __CAP_NET_BIND_SERVICE__ |
|
|
109 |
capability may bind(2) to these sockets. Note that |
|
|
110 |
the raw IPv4 protocol as such has no concept of a port, they |
|
|
111 |
are only implemented by higher protocols like tcp(7) |
|
|
112 |
and udp(7). |
|
|
113 |
|
|
|
114 |
|
|
|
115 |
''sin_addr'' is the IP host address. The ''addr'' |
|
|
116 |
member of __struct in_addr__ contains the host interface |
|
|
117 |
address in network order. __in_addr__ should be only |
4 |
perry |
118 |
accessed using the inet_aton(3), __inet_addr__(3), |
|
|
119 |
inet_makeaddr(3) library functions or directly with |
1 |
perry |
120 |
the name resolver (see gethostbyname(3)). IPv4 |
|
|
121 |
addresses are divided into unicast, broadcast and multicast |
|
|
122 |
addresses. Unicast addresses specify a single interface of a |
|
|
123 |
host, broadcast addresses specify all hosts on a network and |
|
|
124 |
multicast addresses address all hosts in a multicast group. |
|
|
125 |
Datagrams to broadcast addresses can be only sent or |
|
|
126 |
received when the __SO_BROADCAST__ socket flag is set. In |
|
|
127 |
the current implementation connection oriented sockets are |
|
|
128 |
only allowed to use unicast addresses. |
|
|
129 |
|
|
|
130 |
|
|
|
131 |
Note that the address and the port are always stored in |
|
|
132 |
network order. In particular, this means that you need to |
|
|
133 |
call htons(3) on the number that is assigned to a |
|
|
134 |
port. All address/port manipulation functions in the |
|
|
135 |
standard library work in network order. |
|
|
136 |
|
|
|
137 |
|
|
|
138 |
There are several special addresses: __INADDR_LOOPBACK__ |
|
|
139 |
(127.0.0.1) always refers to the local host via the loopback |
|
|
140 |
device; __INADDR_ANY__ (0.0.0.0) means any address for |
|
|
141 |
binding; __INADDR_BROADCAST__ (255.255.255.255) means any |
|
|
142 |
host and has the same effect on bind as __INADDR_ANY__ |
|
|
143 |
for historical reasons. |
|
|
144 |
!!SOCKET OPTIONS |
|
|
145 |
|
|
|
146 |
|
|
|
147 |
IP supports some protocol specific socket options that can |
|
|
148 |
be set with setsockopt(2) and read with |
|
|
149 |
getsockopt(2). The socket option level for IP is |
|
|
150 |
__SOL_IP__. A boolean integer flag is zero when it is |
|
|
151 |
false, otherwise true. |
|
|
152 |
|
|
|
153 |
|
|
|
154 |
__IP_OPTIONS__ |
|
|
155 |
|
|
|
156 |
|
|
|
157 |
Sets or get the IP options to be sent with every packet from |
|
|
158 |
this socket. The arguments are a pointer to a memory buffer |
|
|
159 |
containing the options and the option length. The |
|
|
160 |
setsockopt(2) call sets the IP options associated |
|
|
161 |
with a socket. The maximum option size for IPv4 is 40 bytes. |
|
|
162 |
See RFC791 for the allowed options. When the initial |
|
|
163 |
connection request packet for a __SOCK_STREAM__ socket |
|
|
164 |
contains IP options, the IP options will be set |
|
|
165 |
automatically to the options from the initial packet with |
|
|
166 |
routing headers reversed. Incoming packets are not allowed |
|
|
167 |
to change options after the connection is established. The |
|
|
168 |
processing of all incoming source routing options is |
|
|
169 |
disabled by default and can be enabled by using the |
|
|
170 |
__accept_source_route__ sysctl. Other options like |
|
|
171 |
timestamps are still handled. For datagram sockets, IP |
|
|
172 |
options can be only set by the local user. Calling |
|
|
173 |
getsockopt(2) with ''IP_OPTIONS'' puts the current |
|
|
174 |
IP options used for sending into the supplied |
|
|
175 |
buffer. |
|
|
176 |
|
|
|
177 |
|
|
|
178 |
__IP_PKTINFO__ |
|
|
179 |
|
|
|
180 |
|
|
|
181 |
Pass an ''IP_PKTINFO'' ancillary message that contains a |
|
|
182 |
__pktinfo__ structure that supplies some information |
|
|
183 |
about the incoming packet. This only works for datagram |
|
|
184 |
oriented sockets. The argument is a flag that tells the |
|
|
185 |
socket whether the IP_PKTINFO message should be passed or |
|
|
186 |
not. The message itself can only be sent/retrieved as |
|
|
187 |
control message with a packet using recvmsg(2) or |
|
|
188 |
sendmsg(2). |
|
|
189 |
|
|
|
190 |
|
5 |
ScottLamb |
191 |
struct in_pktinfo { |
|
|
192 |
unsigned int ipi_ifindex; /* Interface index */ |
|
|
193 |
struct in_addr ipi_spec_dst; /* Local address */ |
|
|
194 |
struct in_addr ipi_addr; /* Header Destination address */ |
|
|
195 |
}; |
1 |
perry |
196 |
|
|
|
197 |
|
|
|
198 |
__ipi_ifindex__ is the unique index of the interface the |
|
|
199 |
packet was received on. __ipi_spec_dst__ is the local |
|
|
200 |
address of the packet and __ipi_addr__ is the destination |
|
|
201 |
address in the packet header. If ''IP_PKTINFO'' is passed |
|
|
202 |
to sendmsg(2) then the outgoing packet will be sent |
|
|
203 |
over the interface specified in __ipi_ifindex__ with the |
|
|
204 |
destination address set to __ipi_spec_dst__ |
|
|
205 |
|
|
|
206 |
|
|
|
207 |
__IP_RECVTOS__ |
|
|
208 |
|
|
|
209 |
|
|
|
210 |
If enabled the ''IP_TOS'' ancillary message is passed |
|
|
211 |
with incoming packets. It contains a byte which specifies |
|
|
212 |
the Type of Service/Precedence field of the packet header. |
|
|
213 |
Expects a boolean integer flag. |
|
|
214 |
|
|
|
215 |
|
|
|
216 |
__IP_RECVTTL__ |
|
|
217 |
|
|
|
218 |
|
|
|
219 |
When this flag is set pass a ''IP_RECVTTL'' control |
|
|
220 |
message with the time to live field of the received packet |
|
|
221 |
as a byte. Not supported for __SOCK_STREAM__ |
|
|
222 |
sockets. |
|
|
223 |
|
|
|
224 |
|
|
|
225 |
__IP_RECVOPTS__ |
|
|
226 |
|
|
|
227 |
|
|
|
228 |
Pass all incoming IP options to the user in a |
|
|
229 |
''IP_OPTIONS'' control message. The routing header and |
|
|
230 |
other options are already filled in for the local host. Not |
|
|
231 |
supported for ''SOCK_STREAM'' sockets. |
|
|
232 |
|
|
|
233 |
|
|
|
234 |
__IP_RETOPTS__ |
|
|
235 |
|
|
|
236 |
|
|
|
237 |
Identical to ''IP_RECVOPTS'' but returns raw unprocessed |
|
|
238 |
options with timestamp and route record options not filled |
|
|
239 |
in for this hop. |
|
|
240 |
|
|
|
241 |
|
|
|
242 |
__IP_TOS__ |
|
|
243 |
|
|
|
244 |
|
|
|
245 |
Set or receive the Type-Of-Service (TOS) field that is sent |
|
|
246 |
with every IP packet originating from this socket. It is |
|
|
247 |
used to prioritize packets on the network. TOS is a byte. |
|
|
248 |
There are some standard TOS flags defined: |
|
|
249 |
__IPTOS_LOWDELAY__ to minimize delays for interactive |
|
|
250 |
traffic, __IPTOS_THROUGHPUT__ to optimize throughput, |
|
|
251 |
__IPTOS_RELIABILITY__ to optimize for reliability, |
|
|
252 |
__IPTOS_MINCOST__ should be used for |
|
|
253 |
__IPTOS_LOWDELAY__ datagrams first by default, but the |
|
|
254 |
exact behaviour depends on the configured queueing |
|
|
255 |
discipline. Some high priority levels may require an |
|
|
256 |
effective user id of 0 or the __CAP_NET_ADMIN__ |
|
|
257 |
capability. The priority can also be set in a protocol |
|
|
258 |
independent way by the ( __SOL_SOCKET, SO_PRIORITY__ ) |
|
|
259 |
socket option (see socket(7) ). |
|
|
260 |
|
|
|
261 |
|
|
|
262 |
__IP_TTL__ |
|
|
263 |
|
|
|
264 |
|
|
|
265 |
Set or retrieve the current time to live field that is send |
|
|
266 |
in every packet send from this socket. |
|
|
267 |
|
|
|
268 |
|
|
|
269 |
__IP_HDRINCL__ |
|
|
270 |
|
|
|
271 |
|
|
|
272 |
If enabled the user supplies an ip header in front of the |
|
|
273 |
user data. Only valid for __SOCK_RAW__ sockets. See |
|
|
274 |
raw(7) for more information. When this flag is |
|
|
275 |
enabled the values set by ''IP_OPTIONS'', ''IP_TTL'' |
|
|
276 |
and ''IP_TOS'' are ignored. |
|
|
277 |
|
|
|
278 |
|
|
|
279 |
__IP_RECVERR__ (defined in |
|
|
280 |
__ |
|
|
281 |
|
|
|
282 |
|
|
|
283 |
Enable extended reliable error message passing. When enabled |
|
|
284 |
on a datagram socket all generated errors will be queued in |
|
|
285 |
a per-socket error queue. When the user receives an error |
|
|
286 |
from a socket operation the errors can be received by |
|
|
287 |
calling recvmsg(2) with the __MSG_ERRQUEUE__ flag |
|
|
288 |
set. The __sock_extended_err__ structure describing the |
|
|
289 |
error will be passed in a ancillary message with the type |
|
|
290 |
''IP_RECVERR'' and the level __SOL_IP__. This is |
|
|
291 |
useful for reliable error handling on unconnected sockets. |
|
|
292 |
The received data portion of the error queue contains the |
|
|
293 |
error packet. |
|
|
294 |
|
|
|
295 |
|
|
|
296 |
The ''IP_RECVERR'' control message contains a |
|
|
297 |
__sock_extended_err__ structure: |
|
|
298 |
|
|
|
299 |
|
|
|
300 |
#define SO_EE_ORIGIN_NONE 0 |
|
|
301 |
#define SO_EE_ORIGIN_LOCAL 1 |
|
|
302 |
#define SO_EE_ORIGIN_ICMP 2 |
|
|
303 |
#define SO_EE_ORIGIN_ICMP6 3 |
|
|
304 |
struct sock_extended_err { |
|
|
305 |
u_int32_t ee_errno; /* error number */ |
|
|
306 |
u_int8_t ee_origin; /* where the error originated */ |
|
|
307 |
u_int8_t ee_type; /* type */ |
|
|
308 |
u_int8_t ee_code; /* code */ |
|
|
309 |
u_int8_t ee_pad; |
|
|
310 |
u_int32_t ee_info; /* additional information */ |
|
|
311 |
u_int32_t ee_data; /* other data */ |
|
|
312 |
/* More data may follow */ |
|
|
313 |
}; |
|
|
314 |
struct sockaddr *SO_EE_OFFENDER(struct sock_extended_err *); |
|
|
315 |
|
|
|
316 |
|
|
|
317 |
__ee_errno__ contains the errno number of the queued |
|
|
318 |
error. __ee_origin__ is the origin code of where the |
|
|
319 |
error originated. The other fields are protocol specific. |
|
|
320 |
The macro __SO_EE_OFFENDER__ returns a pointer to the |
|
|
321 |
address of the network object where the error originated |
|
|
322 |
from given a pointer to the ancillary message. If this |
|
|
323 |
address is not known, the ''sa_family'' member of the |
|
|
324 |
__sockaddr__ contains __AF_UNSPEC__ and the other |
|
|
325 |
fields of the __sockaddr__ are undefined. |
|
|
326 |
|
|
|
327 |
|
|
|
328 |
IP uses the __sock_extended_err__ structure as follows: |
|
|
329 |
''ee_origin'' is set to __SO_EE_ORIGIN_ICMP__ for |
|
|
330 |
errors received as an ICMP packet, or |
|
|
331 |
__SO_EE_ORIGIN_LOCAL__ for locally generated errors. |
|
|
332 |
Unknown values should be ignored. ''ee_type'' and |
|
|
333 |
''ee_code'' are set from the type and code fields of the |
|
|
334 |
ICMP header. ''ee_info'' contains the discovered MTU for |
|
|
335 |
__EMSGSIZE__ errors. The message also contains the |
|
|
336 |
''sockaddr_in of the node'' caused the error, which can |
|
|
337 |
be accessed with the __SO_EE_OFFENDER__ macro. The |
|
|
338 |
''sin_family'' field of the SO_EE_OFFENDER address is |
|
|
339 |
''AF_UNSPEC'' when the source was unknown. When the error |
|
|
340 |
originated from the network, all IP options |
|
|
341 |
(''IP_OPTIONS'', ''IP_TTL'', etc.) enabled on the |
|
|
342 |
socket and contained in the error packet are passed as |
|
|
343 |
control messages. The payload of the packet causing the |
|
|
344 |
error is returned as normal payload. Note that TCP has no |
|
|
345 |
error queue; __MSG_ERRQUEUE__ is illegal on |
|
|
346 |
__SOCK_STREAM__ sockets. Thus all errors are returned by |
|
|
347 |
socket function return or __SO_ERROR__ only. |
|
|
348 |
|
|
|
349 |
|
|
|
350 |
For raw sockets, ''IP_RECVERR'' enables passing of all |
|
|
351 |
received ICMP errors to the application, otherwise errors |
|
|
352 |
are only reported on connected sockets |
|
|
353 |
|
|
|
354 |
|
|
|
355 |
It sets or retrieves an integer boolean flag. |
|
|
356 |
''IP_RECVERR'' defaults to off. |
|
|
357 |
|
|
|
358 |
|
|
|
359 |
__IP_PMTU_DISCOVER__ |
|
|
360 |
|
|
|
361 |
|
|
|
362 |
Sets or receives the Path MTU Discovery setting for a |
|
|
363 |
socket. When enabled, Linux will perform Path MTU Discovery |
|
|
364 |
as defined in RFC1191 on this socket. The don't fragment |
|
|
365 |
flag is set on all outgoing datagrams. The system-wide |
|
|
366 |
default is controlled by the __ip_no_pmtu_disc__ sysctl |
|
|
367 |
for __SOCK_STREAM__ sockets, and disabled on all others. |
|
|
368 |
For non __SOCK_STREAM__ sockets it is the user's |
|
|
369 |
responsibility to packetize the data in MTU sized chunks and |
|
|
370 |
to do the retransmits if necessary. The kernel will reject |
|
|
371 |
packets that are bigger than the known path MTU if this flag |
|
|
372 |
is set (with __EMSGSIZE__ ). |
|
|
373 |
|
|
|
374 |
|
|
|
375 |
When PMTU discovery is enabled the kernel automatically keeps track of the path MTU per destination host. When it is connected to a specific peer with connect(2) the currently known path MTU can be retrieved conveniently using the __IP_MTU__ socket option (e.g. after a __EMSGSIZE__ error occurred). It may change over time. For connectionless sockets with many destinations the new also MTU for a given destination can also be accessed using the error queue (see __IP_RECVERR__). A new error will be queued for every incoming MTU update. |
|
|
376 |
|
|
|
377 |
|
|
|
378 |
While MTU discovery is in progress initial packets from |
|
|
379 |
datagram sockets may be dropped. Applications using UDP |
|
|
380 |
should be aware of this and not take it into account for |
|
|
381 |
their packet retransmit strategy. |
|
|
382 |
|
|
|
383 |
|
|
|
384 |
To bootstrap the path MTU discovery process on unconnected |
|
|
385 |
sockets it is possible to start with a big datagram size (up |
|
|
386 |
to 64K-headers bytes long) and let it shrink by updates of |
|
|
387 |
the path MTU. |
|
|
388 |
|
|
|
389 |
|
|
|
390 |
To get an initial estimate of the path MTU connect a |
|
|
391 |
datagram socket to the destination address using |
|
|
392 |
connect(2) and retrieve the MTU by calling |
|
|
393 |
getsockopt(2) with the __IP_MTU__ |
|
|
394 |
option. |
|
|
395 |
|
|
|
396 |
|
|
|
397 |
__IP_MTU__ |
|
|
398 |
|
|
|
399 |
|
|
|
400 |
Retrieve the current known path MTU of the current socket. |
|
|
401 |
Only valid when the socket has been connected. Returns an |
|
|
402 |
integer. Only valid as a getsockopt(2). |
|
|
403 |
|
|
|
404 |
|
|
|
405 |
__IP_ROUTER_ALERT__ |
|
|
406 |
|
|
|
407 |
|
|
|
408 |
Pass all to-be forwarded packets with the IP Router Alert |
|
|
409 |
option set to this socket. Only valid for raw sockets. This |
|
|
410 |
is useful, for instance, for user space RSVP daemons. The |
|
|
411 |
tapped packets are not forwarded by the kernel, it is the |
|
|
412 |
users responsibility to send them out again. Socket binding |
|
|
413 |
is ignored, such packets are only filtered by protocol. |
|
|
414 |
Expects an integer flag. |
|
|
415 |
|
|
|
416 |
|
|
|
417 |
__IP_MULTICAST_TTL__ |
|
|
418 |
|
|
|
419 |
|
|
|
420 |
Set or reads the time-to-live value of outgoing multicast |
|
|
421 |
packets for this socket. It is very important for multicast |
|
|
422 |
packets to set the smallest TTL possible. The default is 1 |
|
|
423 |
which means that multicast packets don't leave the local |
|
|
424 |
network unless the user program explicitly requests it. |
|
|
425 |
Argument is an integer. |
|
|
426 |
|
|
|
427 |
|
|
|
428 |
__IP_MULTICAST_LOOP__ |
|
|
429 |
|
|
|
430 |
|
|
|
431 |
Sets or reads a boolean integer argument whether sent |
|
|
432 |
multicast packets should be looped back to the local |
|
|
433 |
sockets. |
|
|
434 |
|
|
|
435 |
|
|
|
436 |
__IP_ADD_MEMBERSHIP__ |
|
|
437 |
|
|
|
438 |
|
|
|
439 |
Join a multicast group. Argument is a __struct ip_mreqn__ |
|
|
440 |
structure. |
|
|
441 |
|
|
|
442 |
|
5 |
ScottLamb |
443 |
struct ip_mreqn { |
|
|
444 |
struct in_addr imr_multiaddr; /* IP multicast group address */ |
|
|
445 |
struct in_addr imr_address; /* IP address of local interface */ |
|
|
446 |
int imr_ifindex; /* interface index */ |
|
|
447 |
}; |
1 |
perry |
448 |
|
|
|
449 |
|
|
|
450 |
''imr_multiaddr'' contains the address of the multicast |
|
|
451 |
group the application wants to join or leave. It must be a |
|
|
452 |
valid multicast address. ''imr_address'' is the address |
|
|
453 |
of the local interface with which the system should join the |
|
|
454 |
multicast group; if it is equal to __INADDR_ANY__ an |
|
|
455 |
appropriate interface is chosen by the system. |
|
|
456 |
''imr_ifindex'' is the interface index of the interface |
|
|
457 |
that should join/leave the ''imr_multiaddr'' group, or 0 |
|
|
458 |
to indicate any interface. |
|
|
459 |
|
|
|
460 |
|
|
|
461 |
For compatibility, the old __ip_mreq__ structure is still |
|
|
462 |
supported. It differs from __ip_mreqn__ only by not |
|
|
463 |
including the ''imr_ifindex'' field. Only valid as a |
|
|
464 |
setsockopt(2). |
|
|
465 |
|
|
|
466 |
|
|
|
467 |
__IP_DROP_MEMBERSHIP__ |
|
|
468 |
|
|
|
469 |
|
|
|
470 |
Leave a multicast group. Argument is an __ip_mreqn__ or |
|
|
471 |
__ip_mreq__ structure similar to |
|
|
472 |
''IP_ADD_MEMBERSHIP''. |
|
|
473 |
|
|
|
474 |
|
|
|
475 |
__IP_MULTICAST_IF__ |
|
|
476 |
|
|
|
477 |
|
|
|
478 |
Set the local device for a multicast socket. Argument is an |
|
|
479 |
__ip_mreqn__ or __ip_mreq__ structure similar to |
|
|
480 |
''IP_ADD_MEMBERSHIP''. |
|
|
481 |
|
|
|
482 |
|
|
|
483 |
When an invalid socket option is passed, __ENOPROTOOPT__ |
|
|
484 |
is returned. |
|
|
485 |
!!SYSCTLS |
|
|
486 |
|
|
|
487 |
|
|
|
488 |
The IP protocol supports the sysctl interface to configure |
|
|
489 |
some global options. The sysctls can be accessed by reading |
|
|
490 |
or writing the __/proc/sys/net/ipv4/*__ files or using |
|
|
491 |
the sysctl(2) interface. |
|
|
492 |
|
|
|
493 |
|
|
|
494 |
__ip_default_ttl__ |
|
|
495 |
|
|
|
496 |
|
|
|
497 |
Set the default time-to-live value of outgoing packets. This |
|
|
498 |
can be changed per socket with the ''IP_TTL'' |
|
|
499 |
option. |
|
|
500 |
|
|
|
501 |
|
|
|
502 |
__ip_forward__ |
|
|
503 |
|
|
|
504 |
|
|
|
505 |
Enable IP forwarding with a boolean flag. IP forwarding can |
|
|
506 |
be also set on a per interface basis. |
|
|
507 |
|
|
|
508 |
|
|
|
509 |
__ip_dynaddr__ |
|
|
510 |
|
|
|
511 |
|
|
|
512 |
Enable dynamic socket address and masquerading entry |
|
|
513 |
rewriting on interface address change. This is useful for |
|
|
514 |
dialup interface with changing IP addresses. 0 means no |
|
|
515 |
rewriting, 1 turns it on and 2 enables verbose |
|
|
516 |
mode. |
|
|
517 |
|
|
|
518 |
|
|
|
519 |
__ip_autoconfig__ |
|
|
520 |
|
|
|
521 |
|
|
|
522 |
Not documented. |
|
|
523 |
|
|
|
524 |
|
|
|
525 |
__ip_local_port_range__ |
|
|
526 |
|
|
|
527 |
|
|
|
528 |
Contains two integers that define the default local port |
|
|
529 |
range allocated to sockets. Allocation starts with the first |
|
|
530 |
number and ends with the second number. Note that these |
|
|
531 |
should not conflict with the ports used by masquerading |
|
|
532 |
(although the case is handled). Also arbitary choices may |
|
|
533 |
cause problems with some firewall packet filters that make |
|
|
534 |
assumptions about the local ports in use. First number |
|
|
535 |
should be at least |
|
|
536 |
|
|
|
537 |
|
|
|
538 |
__ip_no_pmtu_disc__ |
|
|
539 |
|
|
|
540 |
|
|
|
541 |
If enabled, don't do Path MTU Discovery for TCP sockets by |
|
|
542 |
default. Path MTU discovery may fail if misconfigured |
|
|
543 |
firewalls (that drop all ICMP packets) or misconfigured |
|
|
544 |
interfaces (e.g., a point-to-point link where the both ends |
|
|
545 |
don't agree on the MTU) are on the path. It is better to fix |
|
|
546 |
the broken routers on the path than to turn off Path MTU |
|
|
547 |
Discovery globally, because not doing it incurs a high cost |
|
|
548 |
to the network. |
|
|
549 |
|
|
|
550 |
|
|
|
551 |
__ipfrag_high_thresh, ipfrag_low_thresh__ |
|
|
552 |
|
|
|
553 |
|
|
|
554 |
If the amount of queued IP fragments reaches |
|
|
555 |
__ipfrag_high_thresh ,__ the queue is pruned down to |
|
|
556 |
__ipfrag_low_thresh .__ Contains an integer with the |
|
|
557 |
number of bytes. |
|
|
558 |
|
|
|
559 |
|
|
|
560 |
__ip_always_defrag__ |
|
|
561 |
|
|
|
562 |
|
|
|
563 |
[[New with Kernel 2.2.13; in earlier kernel version the |
|
|
564 |
feature was controlled at compile time by the |
|
|
565 |
__CONFIG_IP_ALWAYS_DEFRAG__ option] |
|
|
566 |
|
|
|
567 |
|
|
|
568 |
When this boolean frag is enabled (not equal 0) incoming |
|
|
569 |
fragments (parts of IP packets that arose when some host |
|
|
570 |
between origin and destination decided that the packets were |
|
|
571 |
too large and cut them into pieces) will be reassembled |
|
|
572 |
(defragmented) before being processed, even if they are |
|
|
573 |
about to be forwarded. |
|
|
574 |
|
|
|
575 |
|
|
|
576 |
Only enable if running either a firewall that is the sole |
|
|
577 |
link to your network or a transparent proxy; never ever turn |
|
|
578 |
on here for a normal router or host. Otherwise fragmented |
|
|
579 |
communication may me disturbed when the fragments would |
|
|
580 |
travel over different links. Defragmentation also has a |
|
|
581 |
large memory and CPU time cost. |
|
|
582 |
|
|
|
583 |
|
|
|
584 |
This is automagically turned on when masquerading or |
|
|
585 |
transparent proxying are configured. |
|
|
586 |
|
|
|
587 |
|
|
|
588 |
__neigh/*__ |
|
|
589 |
|
|
|
590 |
|
|
|
591 |
See arp(7). |
|
|
592 |
!!IOCTLS |
|
|
593 |
|
|
|
594 |
|
|
|
595 |
All ioctls described in socket(7) apply to |
|
|
596 |
ip. |
|
|
597 |
|
|
|
598 |
|
|
|
599 |
The ioctls to configure firewalling are documented in |
|
|
600 |
ipfw(7) from the __ipchains__ |
|
|
601 |
package. |
|
|
602 |
|
|
|
603 |
|
|
|
604 |
Ioctls to configure generic device parameters are described |
|
|
605 |
in netdevice(7). |
|
|
606 |
!!NOTES |
|
|
607 |
|
|
|
608 |
|
|
|
609 |
Be very careful with the __SO_BROADCAST__ option - it is |
|
|
610 |
not privileged in Linux. It is easy to overload the network |
|
|
611 |
with careless broadcasts. For new application protocols it |
|
|
612 |
is better to use a multicast group instead of broadcasting. |
|
|
613 |
Broadcasting is discouraged. |
|
|
614 |
|
|
|
615 |
|
|
|
616 |
Some other BSD sockets implementations provide |
|
|
617 |
''IP_RCVDSTADDR'' and ''IP_RECVIF'' socket options to |
|
|
618 |
get the destination address and the interface of received |
|
|
619 |
datagrams. Linux has the more general ''IP_PKTINFO'' for |
|
|
620 |
the same task. |
|
|
621 |
!!ERRORS |
|
|
622 |
|
|
|
623 |
|
|
|
624 |
__ENOTCONN__ |
|
|
625 |
|
|
|
626 |
|
|
|
627 |
The operation is only defined on a connected socket, but the |
|
|
628 |
socket wasn't connected. |
|
|
629 |
|
|
|
630 |
|
|
|
631 |
__EINVAL__ |
|
|
632 |
|
|
|
633 |
|
|
|
634 |
Invalid argument passed. For send operations this can be |
|
|
635 |
caused by sending to a ''blackhole'' route. |
|
|
636 |
|
|
|
637 |
|
|
|
638 |
__EMSGSIZE__ |
|
|
639 |
|
|
|
640 |
|
|
|
641 |
Datagram is bigger than an MTU on the path and it cannot be |
|
|
642 |
fragmented. |
|
|
643 |
|
|
|
644 |
|
|
|
645 |
__EACCES__ |
|
|
646 |
|
|
|
647 |
|
|
|
648 |
The user tried to execute an operation without the necessary |
|
|
649 |
permissions. These include: Sending a packet to a broadcast |
|
|
650 |
address without having the __SO_BROADCAST__ flag set. |
|
|
651 |
Sending a packet via a ''prohibit'' route. Modifying |
|
|
652 |
firewall settings without __CAP_NET_ADMIN__ or effective |
|
|
653 |
user id 0. Binding to a reserved port without the |
|
|
654 |
__CAP_NET_BIND_SERVICE__ capacibility or effective user |
|
|
655 |
id 0. |
|
|
656 |
|
|
|
657 |
|
|
|
658 |
__EADDRINUSE__ |
|
|
659 |
|
|
|
660 |
|
|
|
661 |
Tried to bind to an address already in use. |
|
|
662 |
|
|
|
663 |
|
|
|
664 |
__ENOPROTOOPT__ and __EOPNOTSUPP__ |
|
|
665 |
|
|
|
666 |
|
|
|
667 |
Invalid socket option passed. |
|
|
668 |
|
|
|
669 |
|
|
|
670 |
__EPERM__ |
|
|
671 |
|
|
|
672 |
|
|
|
673 |
User doesn't have permission to set high priority, change |
|
|
674 |
configuration, or send signals to the requested process or |
|
|
675 |
group, |
|
|
676 |
|
|
|
677 |
|
|
|
678 |
__EADDRNOTAVAIL__ |
|
|
679 |
|
|
|
680 |
|
|
|
681 |
A non-existent interface was requested or the requested |
|
|
682 |
source address was not local. |
|
|
683 |
|
|
|
684 |
|
|
|
685 |
__EAGAIN__ |
|
|
686 |
|
|
|
687 |
|
|
|
688 |
Operation on a non-blocking socket would block. |
|
|
689 |
|
|
|
690 |
|
|
|
691 |
__ESOCKTNOSUPPORT__ |
|
|
692 |
|
|
|
693 |
|
|
|
694 |
The socket is not configured or an unknown socket type was |
|
|
695 |
requested. |
|
|
696 |
|
|
|
697 |
|
|
|
698 |
__EISCONN__ |
|
|
699 |
|
|
|
700 |
|
|
|
701 |
connect(2) was called on an already connected |
|
|
702 |
socket. |
|
|
703 |
|
|
|
704 |
|
|
|
705 |
__EALREADY__ |
|
|
706 |
|
|
|
707 |
|
|
|
708 |
An connection operation on a non-blocking socket is already |
|
|
709 |
in progress. |
|
|
710 |
|
|
|
711 |
|
|
|
712 |
__ECONNABORTED__ |
|
|
713 |
|
|
|
714 |
|
|
|
715 |
A connection was closed during an |
|
|
716 |
accept(2). |
|
|
717 |
|
|
|
718 |
|
|
|
719 |
__EPIPE__ |
|
|
720 |
|
|
|
721 |
|
|
|
722 |
The connection was unexpectedly closed or shut down by the |
|
|
723 |
other end. |
|
|
724 |
|
|
|
725 |
|
|
|
726 |
__ENOENT__ |
|
|
727 |
|
|
|
728 |
|
|
|
729 |
__SIOCGSTAMP__ was called on a socket where no packet |
|
|
730 |
arrived. |
|
|
731 |
|
|
|
732 |
|
|
|
733 |
__EHOSTUNREACH__ |
|
|
734 |
|
|
|
735 |
|
|
|
736 |
No valid routing table entry matches the destination |
|
|
737 |
address. This error can be caused by a ICMP message from a |
|
|
738 |
remote router or for the local routing table. |
|
|
739 |
|
|
|
740 |
|
|
|
741 |
__ENODEV__ |
|
|
742 |
|
|
|
743 |
|
|
|
744 |
Network device not available or not capable of sending |
|
|
745 |
IP. |
|
|
746 |
|
|
|
747 |
|
|
|
748 |
__ENOPKG__ |
|
|
749 |
|
|
|
750 |
|
|
|
751 |
A kernel subsystem was not configured. |
|
|
752 |
|
|
|
753 |
|
|
|
754 |
__ENOBUFS, ENOMEM__ |
|
|
755 |
|
|
|
756 |
|
|
|
757 |
Not enough free memory. This often means that the memory |
|
|
758 |
allocation is limited by the socket buffer limits, not by |
|
|
759 |
the system memory, but this is not 100% |
|
|
760 |
consistent. |
|
|
761 |
|
|
|
762 |
|
|
|
763 |
Other errors may be generated by the overlaying protocols; |
|
|
764 |
see tcp(7), raw(7), udp(7) and |
|
|
765 |
socket(7). |
|
|
766 |
!!VERSIONS |
|
|
767 |
|
|
|
768 |
|
|
|
769 |
''IP_PKTINFO'', ''IP_MTU'', ''IP_PMTU_DISCOVER'', |
|
|
770 |
''IP_PKTINFO'', ''IP_RECVERR'' and |
|
|
771 |
''IP_ROUTER_ALERT'' are new options in Linux 2.2. They |
|
|
772 |
are also all Linux specific and should not be used in |
|
|
773 |
programs intended to be portable. |
|
|
774 |
|
|
|
775 |
|
|
|
776 |
__struct ip_mreqn__ is new in Linux 2.2. Linux 2.0 only |
|
|
777 |
supported __ip_mreq__. |
|
|
778 |
|
|
|
779 |
|
|
|
780 |
The sysctls were introduced with Linux 2.2. |
|
|
781 |
!!COMPATIBILITY |
|
|
782 |
|
|
|
783 |
|
|
|
784 |
For compatibility with Linux 2.0, the obsolete |
|
|
785 |
__socket(PF_INET, SOCK_RAW,__ ''protocol''__)__ |
|
|
786 |
syntax is still supported to open a packet(7) socket. |
|
|
787 |
This is deprecated and should be replaced by |
|
|
788 |
__socket(PF_PACKET, SOCK_RAW,__ ''protocol''__)__ |
|
|
789 |
instead. The main difference is the new __sockaddr_ll__ |
|
|
790 |
address structure for generic link layer information instead |
|
|
791 |
of the old __sockaddr_pkt__. |
|
|
792 |
!!BUGS |
|
|
793 |
|
|
|
794 |
|
|
|
795 |
There are too many inconsistent error values. |
|
|
796 |
|
|
|
797 |
|
|
|
798 |
The ioctls to configure IP-specific interface options and |
|
|
799 |
ARP tables are not described. |
|
|
800 |
|
|
|
801 |
|
|
|
802 |
Some versions of glibc forget to declare ''in_pktinfo.'' |
|
|
803 |
Workaround currently is to copy it into your program from |
|
|
804 |
this man page. |
|
|
805 |
|
|
|
806 |
|
|
|
807 |
Receiving the original destination address with |
|
|
808 |
__MSG_ERRQUEUE__ in ''msg_name'' by recvmsg(2) |
|
|
809 |
does not work in some 2.2 kernels. |
|
|
810 |
!!AUTHORS |
|
|
811 |
|
|
|
812 |
|
|
|
813 |
This man page was written by Andi Kleen. |
|
|
814 |
!!SEE ALSO |
|
|
815 |
|
|
|
816 |
|
|
|
817 |
sendmsg(2), recvmsg(2), socket(7), |
|
|
818 |
netlink(7), tcp(7), udp(7), |
|
|
819 |
raw(7), ipfw(7) |
|
|
820 |
|
|
|
821 |
|
|
|
822 |
RFC791 for the original IP specification. |
|
|
823 |
RFC1122 for the IPv4 host requirements. |
|
|
824 |
RFC1812 for the IPv4 router requirements. |
|
|
825 |
---- |