Linux Network Programming-original socket programming and linux Network Programming

Linux Network Programming-original socket programming and linux Network Programming

The original socket programming is similar to the previous UDP programming, except that after a socket is created, data is received or sent through the socket. The difference is that,The original socket can assemble data packets by itself (disguised as a local IP address, local MAC), and can receive all data frames (data packets) on the local Nic). In addition,The original socket can be used only under the Administrator permission.

  Create the original socket:

Int socket (int family, int type, int protocol );

Parameters:
Family: the protocol family is PF_PACKET.
Type: Socket class. Enter SOCK_RAW here.
Protocol: protocol type. It specifies the type of data packet that can be received or sent. The value cannot be "0". The value is as follows,Note:You must use htons () to convert parameters in byte order.

ETH_P_IP: IPV4 packet
ETH_P_ARP: ARP packet
ETH_P_ALL: data packets of any protocol type

Return Value:
Success (> 0): Socket. This is the socket at the link layer.
Failed (<0): Error

 

Example:

1 // required header file 2 # include <sys/socket. h> 3 # include <netinet/ether. h> 4 # include <stdio. h> // perror 5 6 int main (int argc, char * argv []) 7 {8 int sock_raw_fd = socket (PF_PACKET, SOCK_RAW, htons (ETH_P_ALL )); 9 10 if (sock_raw_fd <0) {11 perror ("socket"); 12 return-1; 13} 14 15 return 0; 16}

 

Obtain data packets at the link layer:

Ssize_t recvfrom (int sockfd,
Void * buf,
Size_t nbytes,
Int flags,
Struct sockaddr * from,
Socklen_t * addrlen );

Parameters:

Sockfd: original socket
Buf: receiving data buffer
Nbytes: size of the buffer for receiving data

Flags: Socket flag (usually 0)

From: This is useless. Write NULL.

Addrlen: This is useless. Write NULL.

Return Value:
Successful: number of characters received
Failed:-1

 

Example:

1 # include <stdio. h> 2 # include <netinet/in. h> 3 # include <sys/socket. h> 4 # include <netinet/ether. h> 5 6 int main (int argc, char * argv []) 7 {8 unsigned char buf [1024] = {0}; 9 int sock_raw_fd = socket (PF_PACKET, SOCK_RAW, htons (ETH_P_ALL); 10 11 // obtain the link layer data packet 12 int len = recvfrom (sock_raw_fd, buf, sizeof (buf), 0, NULL, NULL ); 13 printf ("len = % d \ n", len); 14 15 return 0; 16}

 

Hybrid mode

By default, data is received only when the destination address is a local address. Sometimes we want to receive all the data streams that pass through the network card, regardless of whether the destination address is itsSet the NIC to the hybrid mode.

The network card's hybrid mode is generally used by the network administrator to analyze network data as a means of Network Fault Diagnosis. At the same time, this mode is also used by network hackers as an entry to network data eavesdropping. Administrator permission is required to set the NIC hybrid mode in Linux. Both the Windows and Linux operating systems use a package capture tool in a hybrid mode, such as Wireshark, a well-known open-source software.

 

Use commands to set the hybrid mode for Linux NICs (administrator privilege required)

Set the Mixed Mode: ifconfig eth0 promisc

Cancel the Mixed Mode: ifconfig eth0-promisc

 

 

Use the code to set the hybrid mode for the Linux Nic

The Code is as follows:

1 struct ifreq ethreq; // network interface address 2 3 strncpy (ethreq. ifr_name, "eth0", IFNAMSIZ); // specify the NIC name 4 if (-1 = ioctl (sock_raw_fd, SIOCGIFINDEX, & ethreq )) // obtain Network Interface 5 {6 perror ("ioctl"); 7 close (sock_raw_fd); 8 exit (-1); 9} 10 11 ethreq. ifr_flags | = IFF_PROMISC; 12 if (-1 = ioctl (sock_raw_fd, SIOCSIFINDEX, & ethreq) // network card sets the mixed mode 13 {14 perror ("ioctl "); 15 close (sock_raw_fd); 16 exit (-1); 17}

 

Send custom data packets:

Ssize_t sendto (int sockfd,
Const void * buf,
Size_t nbytes, int flags,
Const struct sockaddr *,
Socklen_t addrlen );

Parameters:

Sockfd: original socket
Buf: sending data buffer
Nbytes: size of the sending data buffer

Flags: generally 0
To:Network Interface of the local machine, which indicates the network card of the local machine that should send the data, rather than the previous destination address.
Addrlen: length of the content to be pointed

Return Value:
Success: number of characters in the sent data
Failed:-1

 

Definition of Local Network Interface

 

 

The complete code is as follows:

1 struct sockaddr_ll sll; // original socket address structure 2 struct ifreq ethreq; // network interface address 3 4 strncpy (ethreq. ifr_name, "eth0", IFNAMSIZ); // specify the NIC name 5 if (-1 = ioctl (sock_raw_fd, SIOCGIFINDEX, ð req )) // obtain Network Interface 6 {7 perror ("ioctl"); 8 close (sock_raw_fd); 9 exit (-1 ); 10} 11 12/* assign the network interface value to the original socket address structure */13 bzero (& sll, sizeof (sll); 14 sll. sll_ifindex = ethreq. ifr_ifindex; 15 16 // send data 17 // send_msg, msg_len is not defined here. Simulate 18 int len = sendto (sock_raw_fd, send_msg, msg_len, 0, (struct sockaddr *) & sll, sizeof (sll); 19 if (len =-1) 20 {21 perror ("sendto"); 22}

 

The header file is as follows:

1 #include <net/if.h>// struct ifreq2 #include <sys/ioctl.h> // ioctl、SIOCGIFADDR3 #include <sys/socket.h> // socket4 #include <netinet/ether.h> // ETH_P_ALL5 #include <netpacket/packet.h> // struct sockaddr_ll