Very Computer

by **Michael C. Cambri** » Thu, 17 Apr 1997 04:00:00

Hi,

I need to prototype sone networking software. Since I can pick how
and where this is done, I'm choosing FreeBSD 2.2.1

First, I need to be able to send and receive my own "layer 3" packets
but continue to use the FreeBSD IP. Put simply, I want to replace
TCP and UDP with my own. What is the proper way to do this? Is it
even possible?

Second, I need to put my own 802.2 packets (ie. no IP layer) for my
own "layer 2" on the LAN. What is the proper way to do this?

In both cases, I need the OS transparently pass thru what I'm sending
and receiving (if possible.) I've looked thru Stevens "Unix Network
Programming", the sockets FAQ and briefly at the sources. I've a
feeling the sources will be the only way, so I'm looking for help
on where to look first.

For my own "layer 3":
I've looked at: socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) a bit, since
"ping" lets one build their own ICMP header and the OS will prefix
what I send with the IP header. Should this be used? It doesn't
"feel right" as the protocol I'm using is not ICMP.

I've also considered: socket(PF_INET, SOCK_RAW, IPPROTO_RAW)
but I'm _guessing_ that this would be the way to send/rcv directly
on the wire myself (ie. build my own "layer 2").

Thanks for any help, pointers etc.

MikeC

--
Michael C. Cambria Voice: 617 643 6250
Systems & Communications Sciences, Inc. Fax: 617 643 6251

Arlington, Ma. 02174 CompuServe: 71552,2531

by **Brian Some** » Fri, 18 Apr 1997 04:00:00

Quote:> Hi,

> I need to prototype sone networking software. Since I can pick how
> and where this is done, I'm choosing FreeBSD 2.2.1

> First, I need to be able to send and receive my own "layer 3" packets
> but continue to use the FreeBSD IP. Put simply, I want to replace
> TCP and UDP with my own. What is the proper way to do this? Is it
> even possible?

man 4 divert

I've just put Ari Suutaris natd program in the ports collection at
ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/ports/net/natd.
It uses divert sockets. The man page is about to be added. If
you want it now, give me a shout, but it's not very technical.

Quote:> Second, I need to put my own 802.2 packets (ie. no IP layer) for my
> own "layer 2" on the LAN. What is the proper way to do this?

I'm not sure. You may want to have a look at ipxrouted. If it's
possible, the best pointer will be there.

Quote:> In both cases, I need the OS transparently pass thru what I'm sending
> and receiving (if possible.) I've looked thru Stevens "Unix Network
> Programming", the sockets FAQ and briefly at the sources. I've a
> feeling the sources will be the only way, so I'm looking for help
> on where to look first.

> For my own "layer 3":
> I've looked at: socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) a bit, since
> "ping" lets one build their own ICMP header and the OS will prefix
> what I send with the IP header. Should this be used? It doesn't
> "feel right" as the protocol I'm using is not ICMP.

> I've also considered: socket(PF_INET, SOCK_RAW, IPPROTO_RAW)
> but I'm _guessing_ that this would be the way to send/rcv directly
> on the wire myself (ie. build my own "layer 2").

This is where you read & write ip traffic :( As I said above,
check out ipxrouted for better info. (I bet it uses bpf - not
really what you want to do, 'cos that's not connection orientated).

Quote:
> Thanks for any help, pointers etc.

> MikeC

--

<http://www.awfulhak.org>
Don't _EVER_ lose your sense of humour !

by **Torbjorn Tornkvis** » Sat, 19 Apr 1997 04:00:00

Quote:> Second, I need to put my own 802.2 packets (ie. no IP layer) for my
> own "layer 2" on the LAN. What is the proper way to do this?

Use BPF. You can find an example of how to do it at:

http://www.serc.rmit.edu.au/~tobbe/bpf_drv.c

/Tobbe
+---------------------------------------------------+
| Torbj?rn T?rnkvist , tel: +61 3 9282 2410 |

| WWW: http://www.serc.rmit.edu.au/~tobbe |
+---------------------------------------------------+

by **Bill Pa** » Sat, 19 Apr 1997 04:00:00

Daring to challenge the will of the almighty Leviam00se, Michael C. Cambria

: Hi,

: I need to prototype sone networking software. Since I can pick how
: and where this is done, I'm choosing FreeBSD 2.2.1

: First, I need to be able to send and receive my own "layer 3" packets
: but continue to use the FreeBSD IP. Put simply, I want to replace
: TCP and UDP with my own. What is the proper way to do this? Is it
: even possible?

: Second, I need to put my own 802.2 packets (ie. no IP layer) for my
: own "layer 2" on the LAN. What is the proper way to do this?

I think the answer to both these questions is: the Berkeley Packet Filter
(BPF). If you have a) an ethernet card that supports it, and b) have it
configured into your kernel, BPF will let you read raw frames right off
the ethernet card and transmit them as well. I would also look at libpcap,
which uses BPF internally (libpcap is used by tcpdump). One example program
that uses BPF for receiving and tranmitting is rarpd; it needs to receive
and send ETHERTYPE_REVARP frames directly.

The only problem with BPF is that programming it can be tricky; you can
set up instructions to have BPF capture only certain packets with features
that you're interested in. This will cut down on the amount of processing
your program has to do: you can receive all packets that arrive at the
interface if you want, but then your own program will have to analyze them
and decide whether or not they're important.

-Bill

--
=============================================================================
-Bill Paul (212) 854-6020 | System Manager, Master of Unix-Fu

=============================================================================
"Now, that's "Open" as used in the sentence "Open your wallet", right?"
=============================================================================

by **W. Richard Steve** » Sun, 20 Apr 1997 04:00:00

Quote:> The only problem with BPF is that programming it can be tricky;

That's *exactly* why you should be using libpcap--it lets you program
BPF (or whatever) using the same high-level commands as you can give
to tcpdump on the command line. Then call pcap_compile() and it
compiles it into BPF's internal language.

Rich Stevens

by **Terje Eggesta** » Tue, 22 Apr 1997 04:00:00

> Hi,

> First, I need to be able to send and receive my own "layer 3" packets
> but continue to use the FreeBSD IP. Put simply, I want to replace
> TCP and UDP with my own. What is the proper way to do this? Is it
> even possible?

Well if you want to do this from scratch..
In the IP header there is a flied that say protocol number. If I not
mistaken TCP is 6 UDP is 17, OSPF is 89. What you seems to want to do is
to use your own number here. You need to open a socket, and in teh
listen og connect call use SOCK_RAW as type. I have never attemptet this
myself, but seen this is the code. I do belive you must directly set all
the header fields (IP) directly. :-)

Quote:> Second, I need to put my own 802.2 packets (ie. no IP layer) for my
> own "layer 2" on the LAN. What is the proper way to do this?

As in the IP header, there are a field in the 802 frames that says
protocal type. IP, IPX, netbeui, DECnet, etc. In theory SNA and X25.
I do not recall the numbers here, not do I know exactly how you do the
interface in the code. I have a hunch that that is very dialect
specific.

Quote:
> For my own "layer 3":
> I've looked at: socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) a bit, since
> "ping" lets one build their own ICMP header and the OS will prefix
> what I send with the IP header. Should this be used? It doesn't
> "feel right" as the protocol I'm using is not ICMP.

NO, ICMP is IP protocol 1. You will be respassing if you do that.

Quote:> I've also considered: socket(PF_INET, SOCK_RAW, IPPROTO_RAW)
> but I'm _guessing_ that this would be the way to send/rcv directly
> on the wire myself (ie. build my own "layer 2").

this should be that way to do directly layer 3. Since you will use a
protocol number not used before there will not be a IPPROTO_XXX defined
for you. on my HP IPPROTO_XX <netinet/in.h> are defined directly to the
protocol numbers. You may use your protocol number directly.
The reason you are still on layer 3 even with IPPROTO_RAW is that in
the 802 frame there will still be a number saying that this is IP.

> Thanks for any help, pointers etc.

> MikeC

> --
> Michael C. Cambria Voice: 617 643 6250
> Systems & Communications Sciences, Inc. Fax: 617 643 6251

> Arlington, Ma. 02174 CompuServe: 71552,2531

by **Shado** » Thu, 24 Apr 1997 04:00:00

>> Hi,

>> First, I need to be able to send and receive my own "layer 3" packets
>> but continue to use the FreeBSD IP. Put simply, I want to replace
>> TCP and UDP with my own. What is the proper way to do this? Is it
>> even possible?

>Well if you want to do this from scratch..
>In the IP header there is a flied that say protocol number. If I not
>mistaken TCP is 6 UDP is 17, OSPF is 89. What you seems to want to do is
>to use your own number here. You need to open a socket, and in teh
>listen og connect call use SOCK_RAW as type. I have never attemptet this
>myself, but seen this is the code. I do belive you must directly set all
>the header fields (IP) directly. :-)

Most systems have IP_HDRINCL will allow you to include your own ip header
if you wish.

Simply open a socket as such:

sockd = socket(AF_INET,SOCK_RAW,IPPROTO_TCP);

you then should only be writing the tcp header + data.

Mind you this doesnt work on all systems, if IP_HDRINCL is not present it
could mean that its always included, or never included. Your better off
using a modern interface to the lower level network layer like
DLPI, BPF, NIT etc etc.

-shadows

Very Computer

Q: Raw sockets to buypass tcp/udp?

Q: Raw sockets to buypass tcp/udp?

Q: Raw sockets to buypass tcp/udp?

Q: Raw sockets to buypass tcp/udp?

Q: Raw sockets to buypass tcp/udp?

Q: Raw sockets to buypass tcp/udp?

Q: Raw sockets to buypass tcp/udp?

Q: Raw sockets to buypass tcp/udp?