version 1, including all changes.
.
Rev |
Author |
# |
Line |
1 |
perry |
1 |
RAW |
|
|
2 |
!!!RAW |
|
|
3 |
NAME |
|
|
4 |
SYNOPSIS |
|
|
5 |
DESCRIPTION |
|
|
6 |
ADDRESS FORMAT |
|
|
7 |
SOCKET OPTIONS |
|
|
8 |
NOTES |
|
|
9 |
ERROR HANDLING |
|
|
10 |
ERRORS |
|
|
11 |
VERSIONS |
|
|
12 |
BUGS |
|
|
13 |
AUTHORS |
|
|
14 |
SEE ALSO |
|
|
15 |
---- |
|
|
16 |
!!NAME |
|
|
17 |
|
|
|
18 |
|
|
|
19 |
raw, SOCK_RAW - Linux IPv4 raw sockets |
|
|
20 |
!!SYNOPSIS |
|
|
21 |
|
|
|
22 |
|
|
|
23 |
__#include __ |
|
|
24 |
#include __ |
|
|
25 |
raw_socket = socket(PF_INET, SOCK_RAW, int__ |
|
|
26 |
''protocol''__);__ |
|
|
27 |
!!DESCRIPTION |
|
|
28 |
|
|
|
29 |
|
|
|
30 |
Raw sockets allow new IPv4 protocols to be implemented in |
|
|
31 |
user space. A raw socket receives or sends the raw datagram |
|
|
32 |
not including link level headers. |
|
|
33 |
|
|
|
34 |
|
|
|
35 |
The IPv4 layer generates an IP header when sending a packet |
|
|
36 |
unless the __IP_HDRINCL__ socket option is enabled on the |
|
|
37 |
socket. When it is enabled, the packet must contain an IP |
|
|
38 |
header. For receiving the IP header is always included in |
|
|
39 |
the packet. |
|
|
40 |
|
|
|
41 |
|
|
|
42 |
Only processes with an effective user id of 0 or the |
|
|
43 |
__CAP_NET_RAW__ capability are allowed to open raw |
|
|
44 |
sockets. |
|
|
45 |
|
|
|
46 |
|
|
|
47 |
All packets or errors matching the ''protocol'' number |
|
|
48 |
specified for the raw socket are passed to this socket. For |
|
|
49 |
a list of the allowed protocols see RFC1700 assigned numbers |
|
|
50 |
and getprotobyname(3). |
|
|
51 |
|
|
|
52 |
|
|
|
53 |
A protocol of __IPPROTO_RAW__ implies enabled |
|
|
54 |
__IP_HDRINCL__ and receives all IP protocols. Sending is |
|
|
55 |
not allowed. |
|
|
56 |
|
|
|
57 |
|
|
|
58 |
If __IP_HDRINCL__ is specified and the IP header has a non-zero destination address then the destination address of the socket is used to route the packet. When __MSG_DONTROUTE__ is specified the destination address should refer to a local interface, otherwise a routing table lookup is done anyways but gatewayed routes are ignored. |
|
|
59 |
|
|
|
60 |
|
|
|
61 |
If __IP_HDRINCL__ isn't set then IP header options can be |
|
|
62 |
set on raw sockets with setsockopt(2); see |
|
|
63 |
ip(7) for more information. |
|
|
64 |
|
|
|
65 |
|
|
|
66 |
In Linux 2.2 all IP header fields and options can be set |
|
|
67 |
using IP socket options. This means raw sockets are usually |
|
|
68 |
only needed for new protocols or protocols with no user |
|
|
69 |
interface (like ICMP). |
|
|
70 |
|
|
|
71 |
|
|
|
72 |
When a packet is received, it is passed to any raw sockets |
|
|
73 |
which have been bound to its protocol before it is passed to |
|
|
74 |
other protocol handlers (e.g. kernel protocol |
|
|
75 |
modules). |
|
|
76 |
!!ADDRESS FORMAT |
|
|
77 |
|
|
|
78 |
|
|
|
79 |
Raw sockets use the standard __sockaddr_in__ address |
|
|
80 |
structure defined in ip(7). The The __sin_port__ |
|
|
81 |
field could be used to specify the IP protocol number, but |
|
|
82 |
it is ignored for sending in Linux 2.2 and should be always |
|
|
83 |
set to 0 (see BUGS) For incoming packets __sin_port__ is |
|
|
84 |
set to the protocol of the packet. See the |
|
|
85 |
____ include file for valid IP |
|
|
86 |
protocols. |
|
|
87 |
!!SOCKET OPTIONS |
|
|
88 |
|
|
|
89 |
|
|
|
90 |
Raw socket options can be set with setsockopt(2) and |
|
|
91 |
read with getsockopt(2) by passing the ''SOL_RAW'' |
|
|
92 |
family flag. |
|
|
93 |
|
|
|
94 |
|
|
|
95 |
__ICMP_FILTER__ |
|
|
96 |
|
|
|
97 |
|
|
|
98 |
Enable a special filter for raw sockets bound to the |
|
|
99 |
__IPPROTO_ICMP__ protocol. The value has a bit set for |
|
|
100 |
each ICMP message type which should be filtered out. The |
|
|
101 |
default is to filter no ICMP messages. |
|
|
102 |
|
|
|
103 |
|
|
|
104 |
In addition all ip(7) __SOL_IP__ socket options |
|
|
105 |
valid for datagram sockets are supported. |
|
|
106 |
!!NOTES |
|
|
107 |
|
|
|
108 |
|
|
|
109 |
Raw sockets fragment a packet when its total length exceeds |
|
|
110 |
the interface MTU (but see BUGS). A more network friendly |
|
|
111 |
and faster alternative is to implement path MTU discovery as |
|
|
112 |
described in the __IP_PMTU_DISCOVER__ section of |
|
|
113 |
ip(7). |
|
|
114 |
|
|
|
115 |
|
|
|
116 |
A raw socket can be bound to a specific local address using |
|
|
117 |
the bind(2) call. If it isn't bound all packets with |
|
|
118 |
the specified IP protocol are received. In addition a RAW |
|
|
119 |
socket can be bound to a specific network device using |
|
|
120 |
__SO_BINDTODEVICE;__ see socket(7). |
|
|
121 |
|
|
|
122 |
|
|
|
123 |
An __IPPROTO_RAW__ socket is send only. If you really |
|
|
124 |
want to receive all IP packets use a packet(7) socket |
|
|
125 |
with the __ETH_P_IP__ protocol. Note that packet sockets |
|
|
126 |
don't reassemble IP fragments, unlike raw |
|
|
127 |
sockets. |
|
|
128 |
|
|
|
129 |
|
|
|
130 |
If you want to receive all ICMP packets for a datagram |
|
|
131 |
socket it is often better to use __IP_RECVERR__ on that |
|
|
132 |
particular socket; see ip(7). |
|
|
133 |
|
|
|
134 |
|
|
|
135 |
Raw sockets may tap all IP protocols in Linux, even |
|
|
136 |
protocols like ICMP or TCP which have a protocol module in |
|
|
137 |
the kernel. In this case the packets are passed to both the |
|
|
138 |
kernel module and the raw socket(s). This should not be |
|
|
139 |
relied upon in portable programs, many other BSD socket |
|
|
140 |
implementation have limitations here. |
|
|
141 |
|
|
|
142 |
|
|
|
143 |
Linux never changes headers passed from the user (except for |
|
|
144 |
filling in some zeroed fields as described for |
|
|
145 |
__IP_HDRINCL__). This differs from many other |
|
|
146 |
implementations of raw sockets. |
|
|
147 |
|
|
|
148 |
|
|
|
149 |
RAW sockets are generally rather unportable and should be |
|
|
150 |
avoided in programs intended to be portable. |
|
|
151 |
|
|
|
152 |
|
|
|
153 |
Sending on raw sockets should take the IP protocol from |
|
|
154 |
__sin_port;__ this ability was lost in Linux 2.2. Work |
|
|
155 |
around is to use __IP_HDRINCL.__ |
|
|
156 |
!!ERROR HANDLING |
|
|
157 |
|
|
|
158 |
|
|
|
159 |
Errors originating from the network are only passed to the |
|
|
160 |
user when the socket is connected or the __IP_RECVERR__ |
|
|
161 |
flag is enabled. For connected sockets only __EMSGSIZE__ |
|
|
162 |
and __EPROTO__ are passed for compatibility. With |
|
|
163 |
__IP_RECVERR__ all network errors are saved in the error |
|
|
164 |
queue. |
|
|
165 |
!!ERRORS |
|
|
166 |
|
|
|
167 |
|
|
|
168 |
__EMSGSIZE__ |
|
|
169 |
|
|
|
170 |
|
|
|
171 |
Packet too big. Either Path MTU Discovery is enabled (the |
|
|
172 |
__IP_PMTU_DISCOVER__ socket flag) or the packet size |
|
|
173 |
exceeds the maximum allowed IPv4 packet size of |
|
|
174 |
64KB. |
|
|
175 |
|
|
|
176 |
|
|
|
177 |
__EACCES__ |
|
|
178 |
|
|
|
179 |
|
|
|
180 |
User tried to send to a broadcast address without having the |
|
|
181 |
broadcast flag set on the socket. |
|
|
182 |
|
|
|
183 |
|
|
|
184 |
__EPROTO__ |
|
|
185 |
|
|
|
186 |
|
|
|
187 |
An ICMP error has arrived reporting a parameter |
|
|
188 |
problem. |
|
|
189 |
|
|
|
190 |
|
|
|
191 |
__EFAULT__ |
|
|
192 |
|
|
|
193 |
|
|
|
194 |
An invalid memory address was supplied. |
|
|
195 |
|
|
|
196 |
|
|
|
197 |
__EOPNOTSUPP__ |
|
|
198 |
|
|
|
199 |
|
|
|
200 |
Invalid flag has been passed to a socket call (like |
|
|
201 |
__MSG_OOB__). |
|
|
202 |
|
|
|
203 |
|
|
|
204 |
__EINVAL__ |
|
|
205 |
|
|
|
206 |
|
|
|
207 |
Invalid argument. |
|
|
208 |
|
|
|
209 |
|
|
|
210 |
__EPERM__ |
|
|
211 |
|
|
|
212 |
|
|
|
213 |
The user doesn't have permission to open raw sockets. Only |
|
|
214 |
processes with a effective user id of 0 or the |
|
|
215 |
__CAP_NET_RAW__ attribute may do that. |
|
|
216 |
!!VERSIONS |
|
|
217 |
|
|
|
218 |
|
|
|
219 |
__IP_RECVERR__ and __ICMP_FILTER__ are new in Linux |
|
|
220 |
2.2. They are Linux extensions and should not be used in |
|
|
221 |
portable programs. |
|
|
222 |
|
|
|
223 |
|
|
|
224 |
Linux 2.0 enabled some bug-to-bug compatibility with BSD in |
|
|
225 |
the raw socket code when the SO_BSDCOMPAT flag was set - |
|
|
226 |
that has been removed in 2.2. |
|
|
227 |
!!BUGS |
|
|
228 |
|
|
|
229 |
|
|
|
230 |
Transparent proxy extensions are not described. |
|
|
231 |
|
|
|
232 |
|
|
|
233 |
When the __IP_HDRINCL__ option is set datagrams will not |
|
|
234 |
be fragmented and are limited to the interface MTU. This is |
|
|
235 |
a limitation in Linux 2.2. |
|
|
236 |
|
|
|
237 |
|
|
|
238 |
Setting the IP protocol for sending in __sin_port__ got |
|
|
239 |
lost in Linux 2.2. The protocol that socket was bound to or |
|
|
240 |
that was specified in the initial socket(2) call is |
|
|
241 |
always used. |
|
|
242 |
!!AUTHORS |
|
|
243 |
|
|
|
244 |
|
|
|
245 |
This man page was written by Andi Kleen. |
|
|
246 |
!!SEE ALSO |
|
|
247 |
|
|
|
248 |
|
|
|
249 |
ip(7), socket(7), recvmsg(2), |
|
|
250 |
sendmsg(2) |
|
|
251 |
|
|
|
252 |
|
|
|
253 |
__RFC1191__ for path MTU discovery. |
|
|
254 |
|
|
|
255 |
|
|
|
256 |
__RFC791__ and the ____ include file |
|
|
257 |
for the IP protocol. |
|
|
258 |
---- |